This document becomes effective for everyone on the date it was last updated.
2.1. COLLECTION OF YOUR PERSONAL DATA. In order to better provide you with products and services offered on our Site, Ness Web Solutions, LLC may collect personally identifiable information, such as your:
- First Name
- Last Name
- Middle Initial
- Mailing Address
- Physical Address
- Your preferred phone number
- Business Office Phone Number
- Job Title
- Employer Address
If you purchase Ness Web Solutions, LLC’s products and services, we collect billing and credit card information. This information is used to complete the purchase transaction.
We do not collect any personal information about you unless you voluntarily provide it to us. However, you may be required to provide certain personal information to us when you elect to use certain products or services available on the Site. These may include: (a) registering for an account on our Site; (b) entering a sweepstakes or contest sponsored by us or one of our partners; (c) signing up for special offers from selected third parties; (d) sending us an email message; (e) submitting your credit card or other payment information when ordering and purchasing products and services on our Site. To wit, we will use your information for, but not limited to, communicating with you in relation to services and/or products you have requested from us. We also may gather additional personal or non-personal information in the future.
If you upload images to the website or share images with us, you should avoid uploading images with embedded location data (EXIF GPS) included.
2.2. TWO-FACTOR & SECURITY QUESTIONS. All Client Portal accounts are required to have two-factor authentication (also known as 2FA, 2-Factor Authentication & 2-Factor, Two-Step Login) enabled. Part of 2-factor authentication will ask a series of questions, of which you must answer 4 of. The information collected through 2-Factor Authentication & Security includes:
- First Job
- 6th grade school
- City of first job
- Maternal grandmothers maiden name
- College graduation year
- Cell Phone Number
- Cell Phone Manufacturer
- Cell Phone Model
- Cell Phone Carrier
3.1. SHARING OF YOUR PERSONAL INFORMATION. Ness Web Solutions, LLC will not sell, rent, or lease customer information.
Ness Web Solutions, LLC may share data with trusted partners to help perform statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to Ness Web Solutions, LLC, and they are required to maintain the confidentiality of your information.
Our 3rd Party Data Processor list can be found at: https://nesswebsolutions.com/policies/
3.2. PUBLIC INFORMATION. Information that is considered public is:
- First name of client
- Last Name of client
- Business name
- Domain name
- Host assigned Client ID number
3.3. PUBLIC INFORMATION FOR DOMAIN NAMES. Domain names have certain information that must be public depending on what domain name is purchased. The following information is required to be public information for domain name registration, renewal, or up keep:
- First Name of client
- Last Name of client
- Business name
- Address including, street, city, zip code, and country
- Phone number
- Email address
- Other technical aspects found based off domain name search
3.4. EXCEPTIONS. Any written waiver by the Client of these confidentiality obligations which allows the Host to disclose the Client’s confidential information to a third party will be limited to a single occurrence tied to the specific information disclosed to the specific third party, and the confidentiality clause will continue to be in effect for all other occurrences. Public information can be released to 3rd parties without notice from the Host.
Ness Web Solutions, LLC may disclose your personal information, without notice, if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on Ness Web Solutions, LLC or the site; (b) protect and defend the rights or property of Ness Web Solutions, LLC; and/or (c) act under exigent circumstances to protect the personal safety of users of Ness Web Solutions, LLC, or the public.
- CONFIDENTIALITY OF HOST. The Host will not at any time or in any manner, either directly or indirectly, use for the personal benefit of the Host, or divulge, disclose, or communicate in any manner any information that is proprietary to the Client (e.g., trade secrets, know-how and confidential information). The Host will protect such information and treat it as strictly confidential. This provision shall continue to be effective after the termination of this Agreement. Upon termination of this Agreement, the Host will return to the Client all records, notes, documentation and other items that were used, created, or controlled by the Host during the term of this Agreement. The Client may seek and obtain injunctive relief against the release or threatened release of such information in addition to any other legal remedies which may be available.
- TRACKING USER BEHAVIOR. Ness Web Solutions, LLC may keep track of the websites and pages our users visit within Ness Web Solutions, LLC, in order to determine what Ness Web Solutions, LLC services are the most popular. This data is used to deliver customized content and advertising within Ness Web Solutions, LLC to customers whose behavior indicates that they are interested in a particular subject area.
We use Hotjar to track where users on the website click, therefor creating a heatmap of the website. By using this heatmap we can improve our website design and flow for better user experience.
- AUTOMATICALLY COLLECTED INFORMATION. Information about your computer hardware and software may be automatically collected by Ness Web Solutions, LLC. This information can include: your IP address, browser type, domain names, access times and referring website addresses. This information is used for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the Ness Web Solutions, LLC website.
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you personalize Ness Web Solutions, LLC pages, or register with Ness Web Solutions, LLC site or services, a cookie helps Ness Web Solutions, LLC to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the same Ness Web Solutions, LLC website, the information you previously provided can be retrieved, so you can easily use the Ness Web Solutions, LLC features that you customized.
- If you click accept on our cookie notice, we will set a cookie to remember your selection. This cookie contains no personal data, and is saved for 30 days.
- If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
- If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
- When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. We have payment cookies from Stripe to allow payment processing and payment method saving.
- If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
- If you visit our support center at help.nesswebsolutions.com you will have multiple session cookies to personalize your site visit, to log you in automatically, and to assist you with creating, replying, and viewing tickets.
You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you will not be able to fully experience the interactive features of the Ness Web Solutions, LLC services or websites you visit.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
- LINKS. This website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.
- SECURITY OF YOUR PERSONAL INFORMATION. Ness Web Solutions, LLC secures your personal information from unauthorized access, use, or disclosure. Ness Web Solutions, LLC uses the following methods for this purpose:
- SSL/TLS Certificate
- net PCI Compliant website hosting & firewall
- ElePass, for Client Password and Credential Management
When personal information (such as a credit card number) is transmitted to other websites, it is protected through the use of encryption, such as the Secure Sockets Layer (SSL) protocol.
We strive to take appropriate security measures to protect against unauthorized access to or alteration of your personal information. Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, you acknowledge that: (a) there are security and privacy limitations inherent to the Internet which are beyond our control; and (b) security, integrity, and privacy of any and all information and data exchanged between you and us through this Site cannot be guaranteed.
- CHILDREN UNDER THIRTEEN. Ness Web Solutions, LLC does not knowingly collect personally identifiable information from children under the age of thirteen. If you are under the age of thirteen, you must ask your parent or guardian for permission to use this website.
- E-MAIL COMMUNICATIONS. From time to time, Ness Web Solutions, LLC may contact you via email for the purpose of providing announcements, promotional offers, alerts, confirmations, surveys, and/or other general communication. In order to improve our Services, we may receive a notification when you open an email from Ness Web Solutions, LLC or click on a link therein.
If you would like to stop receiving marketing or promotional communications via email from Ness Web Solutions, LLC, you may opt out of such communications by clicking on the UNSUBSCRIBE button located at the bottom of the email.
- EXTERNAL DATA STORAGE SITES. We may store your data on servers provided by third party hosting vendors with whom we have contracted.
- HOW LONG WE RETAIN YOUR DATA. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see and edit their personal information at any time. Website administrators can also see and edit that information. We will retain all client data indefinitely for business purposes.
- WHAT RIGHTS YOU HAVE TO YOUR DATA. If you have an account on this site, are a client, have been a client, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
- WHAT DATA BREACH PROCEDURES WE HAVE IN PLACE. In the event of a data breach, we will contact all clients within 72 hours of knowing about the breach. We will work with our security vendors and website hosting provider find the breach, diagnose what information released, and fix the affected cause to ensure it cannot happen again. We will contact appropriate law enforcement and will work in full cooperation with them.
We have previously used MiniOrange for our 2 Factor Authentication system. Data is still securely stored with them until official business relations have ended.
- miniOrange Two Factor Plugin: This refers to Google Authenticator – Two Factor Authentication (2FA) WordPress plugin.
- Customer Support Services: It involves screen sharing sessions, meetings and support by mail.
- miniOrange Servers: This refers to miniOrange service which is stored on secure cloud service AWS. miniOrange Users data is also stored with AWS.
- Third Party: This refers to customer using miniOrange services i.e. plugin to provide Two Factor verification to its users.
- Personal data: This refers to information provided by you such as name, company name, address, phone number, email address, and any other information necessary.
We protect your personal information and will only provide it to third parties: (1) with your consent; (2) where it is necessary to carry out your instructions; (3) as reasonably necessary in order to provide our features and functionality to you; (4) when we reasonably believe it is required by law, subpoena or other legal process; or (5) as necessary to enforce our User Agreement or protect the rights, property, or safety of miniOrange, its Customers and Users, and the public.
16.3. WHAT PERSONAL DATA DO WE COLLECT?. miniOrange collects data provided by you while registering with miniOrange or through any other service while contacting miniOrange. We also collect data needed to provide miniOrange services. This data may contain different information as listed below:
- When you register in the plugin, you provide us with information (including your name(optional), email address, phone number(optional), company name/website and password) that we use to offer you a personalized, relevant experience on miniOrange.
- When User contacts our Customer Support, User’s personal data is shared which is necessary for us to provide support where we can assist you with the plugin configurations, setup or any other issues while using miniorange Two Factor Plugin. The Personal Data you provided is used for purposes like answering questions, improving the content of the website, customizing the content, and communicating with the customers about miniOrange’s Services, including specials and new features.
- While using miniOrange Risk Based Authentication (RBA) services, device information is collected. The information collected for RBA is mentioned below under data used by the plugin.
- We do not collect email address from miniOrange production service for marketing use.
In the miniOrange Two Factor plugin, we collect the following information from users :
Customer Details: First name, last name, username, email, Questions and Answers of Security Questions, Phone Number, Company Name.
Device Information: Location, Browser details, IP Address, Device Type, Time, Language, Useragent details, Device fingerprint
miniOrange only uses your data in order to provide you with the service and keeps this data available only to the user that has provided the information or the third parties that the user has agreed to grant access to.The data is also provided to respective Authenticator Application owner which is required for verification during login.
16.4. HOW WE USE PERSONAL INFORMATION?. miniOrange Two factor Plugin has various authentication methods and different methods require different information. Your Phone number and Email are used to send One Time Passcode. Your email is also used as a primary medium of contact only in case you need any help from us. Risk based Authentication uses information like device type, location, Ip address, time and other to identify the user and grant access based on the risk.
All data provided are stored with miniOrange which can be accessed through our site https://login.xecurify.com where the user’s account is created while using the miniOrange Two Factor Plugin.
16.5. PERSONAL DATA PROCESSING DURATION. Personal data will only be processed until we have a legitimate business. When we have no legitimate business, your data is stored securely until deletion. During this period, if you request for data stored with miniOrange, you would have to give sufficient evidence of identity before we can provide you with this information. You can request this by contacting us at firstname.lastname@example.org. Same would apply if you request for deletion of the personal data.
- User consent: End Users will be asked for consent if they agree to the terms and conditions of your website. If they deny consent, they will not be logged in and no data will be fetched.
- Encryption: All data that is in transit because of miniOrange is encrypted in the miniOrange Two Factor plugin.
16.6. WHAT ARE YOUR RIGHTS.
- Right to be forgotten: Information collected in stored in two places – WordPress Database and miniOrange Servers. Customer can delete end-user’s information if end-user requests.
- Right to object: In certain situations, end user has the right to object to the data being processed in so far as such data have been collected for direct marketing purposes.
- Right to rectification: You have a right for clarification of inaccurate personal data. And change the data by providing complete information.
- Right of access: You have the right to obtain from us information concerning i.e. you have the right to request and get access to that personal data.
- CONTACT INFORMATION. Ness Web Solutions, LLC welcomes your questions or comments regarding this Statement of Privacy. If you believe that Ness Web Solutions, LLC has not adhered to this Statement, please contact Ness Web Solutions, LLC at:
Ness Web Solutions, LLC
N9560 Buchert Lane
Watertown, WI 53094
Ness Web Solutions, LLC
PO Box 1037
Arcata, CA 95518
Email Address: email@example.com
Support Email Address: firstname.lastname@example.org
Telephone number: 715-446-0406