Welcome to Paperless4ink.com website Privacy Statement. This website and service is provided by Paperless 4 Ink, with business office address at 26791 Alicante Dr. Mission Viejo, CA 92691 USA. Please read this privacy statement carefully for it explains our rights to the processing of your data.
Paperless 4 Ink takes your privacy seriously and the use, disclosure and protection of your information is important to us. This policy covers how Paperless 4 Ink, collects, uses, discloses, transfers, stores and protects your personal information. We encourage you take a moment and familiarize yourself with our privacy practices and contact us at [email protected] for any further clarification.
II. Data Protection Principles
III. Summary of Personal Information and Use
IV. Personal Information We Collect About You (PIPEDA)
V. Purposes of Data Collection
VI. Data Collection Methods
VII. Information Collected and Stored Automatically (Web Analytics Data)
VIII. Types of Data Collected
IX. HIPPA and Covid-19 Regulated Personal Information Collect from you
X. Non-Personal Information
XI. How we use this data and Health Related Information
XIII. Google Adwords
XIV. Third Party Disclosures
XV. If You Create Forms8
XVI. Paperless 4 Ink as a Controller
XVIII. Do Not Track
XIX. Browser Information Collected on the Website
XX. External Links
XXI. Children’s Privacy (COPPA)
XXII. Compliance with Laws
XXIII. Retention period
XXIV. Site Security
XXV. Information Security
XXVI. International Transfers
XXVII. If you are located in California (CALOPPA)
XXVIII. GDPR Data Privacy Rights
XXIX. Data Subject Rights
XXX. Your Right To Withdraw Consent
XXXI. Complaint Process and Independent Recourse Mechanism
XXXIII. Terms and Conditions
XXXIV. Contact Us
2. Data Protection Principles
Paperless 4 Ink is dedicated to ensuring the security of your personal data and adhering to compliance with applicable data protection laws. As a summary of how Paperless 4 Ink protects and utilizes your personal data, the organization is committed to ensuring that your personal data is:
- used lawfully, fairly and in a transparent way;
- collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
- relevant to the purposes we have told you about and limited only to those purposes;
- accurate and kept up-to-date;
- allowed for you as the individual to request access to your personal data
- kept only as long as necessary for the purposes we have told you about; and
- kept securely
3. Summary of Personal Information and Use
Paperless 4 Ink may collect or obtain Personal Data about you, and this information may be transferred from a location outside USA to other regions through the following methods:
· directly from you (e.g., where you contact us); in the course of our relationship with you (e.g., if you make a purchase);
· when you make your Personal Information public,
· when you visit our website; when you register to use any part of the Services;
· when you volunteer Personal Data about yourself in public areas of the Services; when you interact with any third party content or advertising;
We may also receive Personal Information about you from third parties.
4. Personal Information We Collect About You (PIPEDA)
According to the personal information protection and electronic documents act, 2000 (PIPEDA), "personal information" means information about an identifiable individual. The information you provide to us is considered personally identifiable information, which may include your name, address, e-mail address, telephone number, and any other information that can identify you. If PII cannot be related to an individual, it is considered anonymous. Whenever possible, Paperless 4 Ink works with anonymous information. This privacy statement does not apply to anonymous information
5. Purposes of Data Collection
For data collection methods as described for Paperless 4 Ink as a Company the following examples of uses of this Personal Information may be used for:
- Provision of Services to you
- Offering and Improving the Service
- Completing your Order
- User Engagement
- Lead Generation
- Legal Compliance
6. Data Collection Methods
The personal data we collect from you, and the way we collect it from you, includes the following methods when you:
- Visit our website
- Receive or provided communication from or to us through:
- Use our products and services as an authorized user
- Register for or attend Paperless 4 Ink events, webinars, or surveys
7. Information Collected and Stored Automatically (Web Analytics Data)
When you visit Paperless 4 Ink, we may store some or all of the following:
- The IP address from which you access Paperless 4 Ink.
- The date and time of access.
- The Internet address of the website from which you linked to Paperless 4 Ink.
- The browser and operating system used, and any other related information.
This information is used for our legitimate purpose of measuring the number of visitors to the various sections of our site and identifying system performance or problem areas. We also use this information to help us develop the site, analyse patterns of usage, and to make the site more useful. This information is not used for associating search terms or patterns of site navigation with individual users. Simply means that if multiple users are using one account from the same IP address Paperless 4 Ink will get their account banned from the site
8. Types of Data Collected
When you subscribe for our monthly services on our website we acquire some Data (PII) from you such as
· Personal Identifiable Information (PII) collected via Registration. You need to register for a Paperless 4 Ink account before you can create forms on Paperless 4 Ink When you register for an account, we collect your username, password and email address.
- Financial Information: we will collect billing information from you when you make a purchase using the Paperless 4 Ink website.
· Form data. We store your form data (questions and responses) for you.
- Sensitive PII: Information about the transactions you make on our Services, such as the names, mobile number, e-mail address, and other information about the directly connected accounts to your account, which are attracted to our service by you.
9. HIPPA and Covid-19 Regulated Personal Information Collect from you
In order to best respond and help coordinate the community response for COVID-19 and be compliance with the HIPPA Policies on health related data. It is necessary to collect details about you including sensitive personal data that you have not already supplied, for example, your age or if you have any underlying health conditions, and health information, illnesses or are vulnerable. This is so we can assist you and prioritise our services. We will collect:
- Contact information (home address, telephone number, email address);
- NHS number;
- Your District (to coordinate with the relevant District Council);
- Health and social care data, including ‘confidential patient information’;
- Information relevant to your needs during the outbreak or your support needs if you are a carer;
- Information about what support you can provide to others.
We may also ask you for information to help us identify and understand about those suffering with, or at risk of suffering with, COVID-19; information about incidents of exposure to COVID-19 and the management of outbreaks of or the risk of COVID-19 including locating, contacting, screening, flagging and monitoring such incidents and collecting information about and providing services in relation to testing, diagnosis, self-isolation, fitness to work, treatment, medical and social interventions and recovery from COVID-19. Additionally, at this time, we may seek to collect and process information from you, which is above and beyond what would ordinarily be collected. This is necessary to ensure your safety and well-being, however we will ensure that this will be limited to what is proportionate and necessary for us, in accordance with Government guidance, to manage and contain the virus and enable us to effectively keep people safe, put contingency plans into place to safeguard those who are vulnerable and to aid business continuity. We aim to:
- understand Covid-19 and the risks to public health, trends in Covid-19 and such risks, and controlling and preventing the spread of Covid-19 and such risks;
- identify and understand information about patients or potential patients with or at risk of Covid-19, information about incidents of patient exposure to Covid-19 and the management of patients with or at risk of Covid-19 including: locating, contacting, screening, flagging and monitoring such patients and collecting information about and providing services in relation to self-isolation, fitness to work, social interventions and recovery from Covid-19;
- understand information about patient access to health services and adult social care services and the need for wider care of patients and vulnerable groups as a direct or indirect result of Covid-19 and the availability and capacity of those services or that care;
- monitor and manage the response to Covid-19 by health and social care bodies and the Government including providing information to the public about Covid-19 and its effectiveness and information about capacity, equipment, supplies, services and the workforce within the health services and adult social care services;
- deliver services to service users, vulnerable individuals, patients, clinicians, the health services and adult social care services workforce and the public about and in connection with Covid-19, including the provision of information and the provision of health care and adult social care services;
- research and plan in relation to Covid-19; and
- help understand the response to an emergency and build lessons learnt.
We will also use your data to better understand the services we provide and to help us build those services for the future. We may also use your data to identify if our services are fulfilling our legal obligations
10. Non-Personal Information
Non-personal information refers to information that, by itself, does not identify you as a specific individual (e.g., demographic information or web site visitations). Paperless 4 Ink may collect non-personal information through any of the methods discussed above, as well as automatically through the use of industry-standard technologies described further below.
11. How we use this data and Health Related Information
This information is used in order to take steps to conclude a contract with you, or to provide our services to you, as well as to enable you to use them. We may also use these personal data for our legitimate purpose of contacting you with newsletters, marketing or promotional materials and other information concerning our activities that may be of interest to you. We may use and disclose your health information without your authorization for treatment, payment, and health care operation purposes. Examples include but are not limited to:
- Using or sharing your health information with other health care providers involved in your treatment or with a pharmacy that is filling your prescription.
- Using or sharing your health information with your health plan to obtain payment for services or using your health information to determine your eligibility for government benefits in a health plan.
- Using or sharing your health information to run our business, to evaluate provider performance, to educate health professionals, or for general administrative activities.
We may share your health information with our business associates who need the information to perform services on our behalf and agree to protect the privacy and security of your health information according to agency standards.
We may use or share your health information without your authorization as authorized by law for our patient directory, to family or friends involved in your care, or to a disaster relief agency for purposes of notifying your family or friends of your location and status in an emergency situation. We may use and disclose your health information without your authorization to contact you for the following activities, as permitted by law and agency policy: providing appointment reminders; describing or recommending treatment alternatives; providing information about health-related benefits and services that may be of interest to you; or fundraising.
You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us. You as an individual retain the right to withhold in part or in full your personal information in order to limit our use and availably of this data. Please note that refusal to provide Personal Information may result in our inability to provide the Services to you, to manage our relationship with you, or to improve the Services provided to you.
13. Google Adwords
14. Third Party Disclosures
As a standard practice Paperless 4 Ink does not disclose personal information to any third party or unauthorized party for any reason. Should Paperless 4 Ink be required to disclose any personal data to third parties it will not do so unless fully authorized by the client agreement or in accordance with support of the agreement, or applicable law.
15. If You Create Forms
- Your form data is owned by you. Additionally, Paperless 4 Ink treats your forms as if they were private, unless you made your forms publicly available via a public link. Paperless 4 Ink does not sell or make available your forms to anyone and does not use the form responses you collect for purposes unrelated to you or our services, except in a limited set of circumstances (e.g. Paperless 4 Ink is compelled by a subpoena, or if you’ve given us permission to do so).
- Paperless 4 Ink safeguards respondents’ email addresses. To make it easier for you to invite people to complete your forms via email, you may upload lists of email addresses, in which case Paperless 4 Ink acts as a mere custodian of that data. Paperless 4 Ink doesn’t sell or make available these email addresses and we use them only as directed by you and in accordance with this policy. The same is true for any email addresses collected through your forms.
- Paperless 4 Ink holds your data securely. Read our Security Statement for more information.
16. Paperless 4 Ink as a Controller
Paperless 4 Ink direct methods of personal data collection include through our website, marketing, sales outreach, and third party provided information. This information is used solely to contact individuals and or organizations about sales, adverting or marketing prospects of Paperless 4 Ink products. Any discloser of personal information to a third party is relegated to only be used on behalf of Paperless 4 Ink and at Paperless 4 Ink’ direction, and not for any other purpose.
18. Do Not Track
Do Not Track ("DNT") is a privacy preference that users can set in specific web browsers and devices. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do not respond to or honour DNT signals or similar mechanisms transmitted by web browsers.
19. Browser Information Collected on the Website
Various elements of data sets may be collected to track the usefulness of certain actions and to ultimately improve the value of Paperless4ink.com. Please note that Paperless 4 Ink does not gather, request, record, require, collect or track any type of Internet users’ personal data (as listed above) through these processes.
20. External Links
Paperless 4 Ink may contain links to websites created and maintained by other public and/or private organizations. Paperless 4 Ink therefore provides these links as a service to our users, and when users click on a link to an external website, they are leaving Paperless 4 Ink and are thus subject to the privacy and security policies/related terms and conditions of these external websites.
21. Children’s Privacy (COPPA)
Paperless 4 Ink complies both with the Children’s Online Privacy Protection Act of 1998 (COPPA) and, with regard to EU data subjects, with GDPR. While children under the age of (18) may use the Site only with the consent of his or her parent or legal guardian, please be advised that this Site is not directed or otherwise promoted for use by children under the age of (18). By using the Service, you represent that you are at least (18) years of age. If you are between (18) and twenty one (21) years of age, you will need to have parental consent to use the Service. If you are below eighteen years of age, you should stop using the Site and Service immediately. Personal data from children under 18 is not knowingly collected, nor are children under 18 knowingly contacted by Paperless 4 Ink. To be clear, Paperless 4 Ink does not intend to solicit information of any kind from children under 18.
22. Compliance with Laws
Except for authorized law enforcement investigations by local, state, and/or federal agencies, no other attempts are made by Paperless 4 Ink to identify individual users and/or their usage habits on Paperless 4 Ink.
- Paperless 4 Ink as required by local, state, country or federal law will disclose your personal information where required to do so by law or subpoena or if we believe that such action is necessary to pursue our legitimate interest of complying with the law and the reasonable requests of law enforcement or of protecting the security or integrity of our services.
23. Retention period
We will keep your personal data only for as long as necessary to fulfil the purposes for which we are processing it, unless the law permits or requires longer. For example, we might need to keep your personal data for quality assurance of the service we have provided, or we might need to keep it to defend future legal claims or to comply with a legal obligation.
24. Site Security
For site security purposes and to ensure that this service remains available to all users, the platform for which Paperless 4 Ink resides on – commonly known as a “production environment”, utilizes a wide-range of software tools and programs to for the ultimate goal of ensuring its confidentiality, integrity, and availability (CIA) – a concept known as the CIA triad of information security. Tools which are currently in use, or are to be deployed if necessary for the security of Paperless 4 Ink are to include, but are not limited to, the following:
- Network Security and Network Monitoring: Tools that assist in securing the network for which Paperless 4 Ink resides on. Such tools include network and perimeter firewalls, web application firewalls, routers, switches, intrusion detection systems, and other related tools.
- Network Performance: Tools that assist in monitoring all aspects of Paperless 4 Ink, such as performance monitoring for website uptime, etc.
- Other: Additionally, a variety of physical, electronic and procedural safeguards are implemented for helping ensure the safety and security of Paperless 4 Ink.
25. Information Security
All information accessed through Paperless 4 Ink website or App is in compliance with the required information security mandates of Article 32 of the GDPR. Specifically, Article 32 mandates the following:
- Implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk:
- Encryption of personal data
- The ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services.
- The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
- A process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.
26. International Transfers
Your Personal Information, may be transferred to, and maintained on, systems located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are located outside USA and choose to provide information to us, please note that we transfer the information, including Personal Information, to the U.S and process it here. If you are in the EU, in transferring your Personal Information to countries outside of the EU, we will take appropriate steps to ensure that such recipients act in accordance with applicable laws. To the extent that we transfer the personal data to recipients who are located outside the European Union or the European Economic Area, we will provide an adequate level of protection of your personal data, including appropriate technical and organizational security measures and through the implementation of appropriate contractual measures to secure such transfer, in compliance with applicable law. See our Privacy Shield disclosure, below, for further information about our self-certification under the EU-U.S. Privacy Shield Framework.
27. If you are located in California (CALOPPA)
Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to request from a business, with whom the California resident has an established business relationship, certain information with respect to the types of personal information the business shares with third parties for direct marketing purposes by such third party and the identities of the third parties with whom the business has shared such information during the immediately preceding calendar year.
28. GDPR Data Privacy Rights
If you are an EU resident and Paperless 4 Ink is processing, and/or transmitting your personal data, then you - as an “EU data subject” – benefit from the following rights and privileges under the General Data Protection Regulation (GDPR):
- Right of Access: you have the right to obtain from us, as controllers, confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the following personal data and information:
- the purposes of the processing;
- the categories of personal data concerned; i.e name, email, phone number etc
- the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations’;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing; (f) the right to lodge a complaint with a supervisory authority (for a list of supervisory authorities, see https://edpb.europa.eu/about-edpb/board/members_en);
- where the personal data are not collected from you, any available information as to their source;
- The existence of automated decision-making, including profiling, along the lines indicated by Article 22(1) and (4) GDPR, and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.
- Right to Rectification: you have the right to obtain from us without undue delay the rectification of inaccurate personal data concerned, provided during registration by him or her. Taking into account the purposes of the processing, the user have the right to have request his incomplete personal data be completed, including by means of providing a supplementary statement.
- Right to Erasure (“Right to be Forgotten): you have the right to obtain from us the erasure of your personal data without undue delay, and we have the obligation to erase personal data without undue delay when: a) your data are no longer necessary for the purposes for which they were collected; b) you had consented to the processing; c) you have objected to the processing, as per below; d) your persona data had been unlawfully collected; e) your personal data need to be erased as a matter of compliance with a legal obligation.
- Right to Restriction of Processing: you have the right to obtain from us the restriction of processing if you: a) contest the accuracy of the personal data, until this is verified; b) the processing is unlawful but you don’t want erasure; c) we no longer need the personal data, but you require them to establish, exercise to defend a legal claim; d) you have objected to processing but there is a need to verify whether our legitimate grounds override your rights to object.
- Right to Data Portability: where your personal data have been provided on the basis of your consent or for the performance of a contract, and their processing occurs in an automated way, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit those data– or have directly transmitted - to another controller.
- Right to Object: you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data based on a legitimate ground point (e) or (f) of Article 6(1), including profiling based on those provisions. In this case, we can no longer process your personal data unless we show that there is a compelling legitimate ground for the processing which override your interests, rights and freedoms or for our establishment, exercise or defense of legal claims.
29. Data Subject Rights
Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals, have the right to obtain our confirmation of whether we maintain personal information relating to you in the U.S. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the Canada under Privacy Shield, should direct their query to [email protected]. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to [email protected]. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Paperless 4 Ink’s accountability for personal data that it receives in the U.S under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Paperless 4 Ink remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Paperless 4 Ink proves that it is not responsible for the event giving rise to the damage.
30. Your Right To Withdraw Consent
You have the right to withdraw your consent without detriment at any time by contacting us. You can also change your marketing preferences. If we do not satisfactorily resolve your request or concern, you may contact our data protection officer; [email protected]
31. Complaint Process and Independent Recourse Mechanism
You as the data subject in the EU or Switzerland have the right to bring a complaint directly to Paperless 4 Ink as the Privacy Shield participant and receive a response within 45 days of receipt of the complaint. This complaint as provisioned by the Privacy Shield framework is of no cost to you.
In compliance with the Privacy Shield Principles, Paperless 4 Ink commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the Canada pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact Paperless 4 Ink at: [email protected]
33. Terms and Conditions
To learn more about our terms and conditions, please visit our Terms and Conditions page establishing the use, disclaimers, and limitations of liability governing the use of our website
34. Contact Us
35. Changes to this Policy