Datamarx Inc. d/b/a Primary and its affiliates (“Primary,” “we,” “our,” and/or “us”) value the privacy of individuals who use our applications, website, getprimary.com, or any services that link to this Privacy Policy (collectively, the “Services”).  This privacy policy (“Privacy Policy”) explains how we collect, use, and share Personal Information from or about Primary users or their devices.  As used in this Privacy Policy, “Personal Information” means any information relating to an identified or identifiable individual.  By using the Services, you agree to the collection, use, disclosure, sharing, and procedures this Privacy Policy describes.  When you use the Services on behalf of one of our customers, we may process the information you provide to us in connection with such use in accordance with separate contractual terms between us and the applicable customer.

INFORMATION WE COLLECT

We may collect a variety of Personal Information from or about you or your devices from various sources, as described below.  Where applicable, we indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so.  If you do not provide Personal Information when requested, you may not be able to benefit from the Services if that information is necessary to provide you with them or if we are legally required to collect it.

A. Information You Provide to Us and Information We Collect When You Use the Services

Registration and Profile Information.  When you create an account to use the Services, we ask you for your first and last name, email address, job title, organization, and time zone.  If you log in using a third-party account, such as Okta or Entra ID we will also receive information from those third-party services such as your first and last name, email address, localization preferences, time zone, and user group membership.  We may receive additional customer data through your identity configuration to help authenticate your account.

Communications.  If you contact us directly, we may receive other Personal Information about you.  For example, when you contact us to learn more about Primary or for customer support, we may receive your first and last name, email address, phone number, job title, time zone, request category, request description, priority, and the contents of your message and attachments that you may send to us, as well as any other information you choose to provide to us.  When we send you emails, we may track whether you open them to learn how to deliver a better customer experience and to improve the Services.

Careers.  If you decide to apply for a job with us, you may submit your contact information and your resume online.  We will collect the information you choose to provide on your resume or application, such as your education and employment experience.  You may also apply through a third-party service such as LinkedIn.  If you do so, we will collect any information you make available to us via such third-party platform.

B. Information We Collect When You Use the Services

Location Information.  When you use the Services, we may receive your location information (for example, your IP address may indicate your general geographic region).  Depending on the policies set up by your administrator, additional location-based data, such as geolocaiton coordinates may be collected.

Device Information.  We may receive information about the device and software you use to access the Services, such as internet protocol (IP) address, operating system and version, internet service provider, application installations, connected devices, serial number, device model, location data availability, screen lock status, device encryption status, device name,  and device identifiers.

Browser Information.  We may receive information about the browser you use to access the Services, such as IP address, screenshots, uniform resource locators (URL), access times, clipboard actions, browser version, and downloads, clicks and other peripheral inputs.  Depending on the policies set up by your administrator, additional browser data may be collected.

Network Information.  We may receive network information for reporting and browsing policy enforcement purposes, such as time, date, location of origination of calls, call destination information.

Usage Information.  To help us understand how you use the Services and to help us improve it, we automatically receive information about your interactions with the Services, like the pages or other content you view and the dates and times of your visits.  Depending on the policies set up by your administrator, screenshots regarding your use of the Services may be captured.

Information from Cookies and Similar Technologies.  We and our third-party partners may collect Personal Information using cookies, which are small files of letters and numbers that we store on your browser or the hard drive of your computer.  They contain information that is transferred to your computer’s hard drive.  We and our third-party partners may also use pixel tags and web beacons on the Services.  These are tiny graphic images placed on web pages or in our emails that allow us to determine whether you have performed a specific action.  We use cookies, beacons, invisible tags, and similar technologies (collectively “Cookies”) to collect information about your browsing activities and to distinguish you from other users of the Services.  This aids your experience when you use the Services and allows us to improve the functionality of the Services.  Cookies can be used for performance management (i.e., collecting information on how the Services are being used for analytics purposes).  They can also be used for functionality management, enabling us to make your visit more efficient by, for example, remembering language preferences, passwords, and log-in details.  Below is an overview of the types of Cookies we and third parties may use to collect Personal Information.

• Strictly Necessary Cookies.  Some Cookies are strictly necessary to make the Services available to you.  We cannot provide you with the Services without this type of Cookies.  We use the following necessary Cookies:

Please review your web browser’s “Help” file to learn the proper way to modify your cookie settings.  Please note that if you delete or choose not to accept cookies from the Services, you may not be able to utilize the features of the Services to their fullest potential.  You can find more information about your rights and choices, and how to block the use of certain Cookies in the section Your Rights and Choices below.

C. Information We Receive from Third Parties

Information From Third-Party Services.  If you choose to link the Services to a third-party account, such as an identity provider, may receive information about you, includingyour first and last name, email address, localization preferences, time zone, and user group membership , and your use of the third-party account.

Other Third Parties.  We may receive additional Personal Information about you from third parties such as marketing partners or providers or social media platforms.  We may combine information that we collect from you through the Services with information that we obtain from such other parties and information derived from other products or Services we provide.

If you wish to limit the Personal Information available to us from third-party services, you should visit the privacy settings of your third-party accounts to learn about your options.

HOW WE USE THE INFORMATION WE COLLECT

We use the information, including Personal Information, we collect:

• To provide, maintain, improve, and enhance the Services;
• To personalize your experience on the Services such as by providing tailored content and recommendations;
• To understand and analyze how you use the Services and develop new products, services, features, and functionality;
• To communicate with you, provide you with updates and other information relating to the Services, provide information that you request, respond to comments and questions, and otherwise provide customer support;
• To facilitate the connection of third-party services or applications, such as identity providers;
• To generate anonymized or aggregate data, which we may use for any lawful purposes;
• To find and prevent fraud and abuse, and respond to trust and safety issues that may arise;
• For compliance purposes, including enforcing our terms or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency; and
• For other purposes for which we provide specific notice at the time the information is collected.

LEGAL BASES FOR PROCESSING EUROPEAN INFORMATION

If you are located in the European Economic Area (“EEA”) or the United Kingdom (“UK”), we only process your Personal Information when we have a valid “legal basis,” including as set forth below.

• Consent.  We may process your Personal Information where you have consented to certain processing of your Personal Information.  For example, we may process your Personal Information to send you marketing communications or to use Cookies where you have consented to such use.
• Contractual Necessity.  We may process your Personal Information where required to provide you with the Services.  For example, we may need to process your Personal Information to respond to your inquiries or requests.
• Compliance with a Legal Obligation.  We may process your Personal Information where we have a legal obligation to do so.  For example, we may process your Personal Information to comply with tax, labor, and accounting obligations.
• Legitimate Interests.  We may process your Personal Information where we or a third party have a legitimate interest in processing your Personal Information.  Specifically, we have a legitimate interest in using your Personal Information for product development and internal analytics purposes, and otherwise to improve the safety, security, and performance of the Services.  We only rely on our or a third party’s legitimate interests to process your Personal Information when these interests are not overridden by your rights and interests.

HOW WE SHARE THE INFORMATION WE COLLECT

Affiliates or Subsidiaries.  We may share any information we receive with our affiliates or subsidiaries for any of the purposes described in this Privacy Policy.

Vendors and Service Providers.  We may share any information we receive with vendors and service providers retained in connection with the provision of the Services.

Third-Party App Integrations.  If you connect a third-party application to the Services, we may disclose information to that third party.

Analytics Partners.  We use analytics services, such as Sentry and Grafana, to collect and process certain analytics data.  These services may also collect information about your use of other websites, apps, and online resources.

As Required by Law and Similar Disclosures.  We may access, preserve, and disclose your Personal Information if we believe doing so is required or appropriate to: (a) comply with law enforcement requests and legal process, such as a court order or subpoena; (b) respond to your requests; or (c) protect your, our, or others’ rights, property, or safety.  For the avoidance of doubt, the disclosure of your Personal Information may occur if you post any objectionable content on or through the Services.

Merger, Sale, or Other Asset Transfers.  We may disclose and transfer your Personal Information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company, or we sell, liquidate, or transfer all or a portion of our business or assets.

Consent. We may also disclose Personal Information from or about you or your devices with your permission.

YOUR RIGHTS AND CHOICES

Marketing Communications.  You can unsubscribe from our promotional emails via the link provided in the emails.  Even if you opt out of receiving promotional messages from us, you will continue to receive administrative messages from us.

Do Not Track. There is no accepted standard on how to respond to Do Not Track signals, and we do not respond to such signals.

Your European Privacy Rights.  If you are located in the EEA or the UK, you have additional rights described below.

• You may request access to the Personal Information we maintain about you, update, and correct inaccuracies in your Personal Information, restrict or object to the processing of your Personal Information, have your Personal Information anonymized or deleted, as appropriate, or exercise your right to data portability to easily transfer your Personal Information to another company.  In addition, you also have the right to lodge a complaint with a supervisory authority, including in your country of residence, place of work or where an incident took place.
• You may withdraw any consent you previously provided to us regarding the processing of your Personal Information at any time and free of charge.  We will apply your preferences going forward and this will not affect the lawfulness of the processing before you withdrew your consent.

You may exercise these rights by contacting us using the contact details at the end of this Privacy Policy.  Before fulfilling your request, we may ask you to provide reasonable information to verify your identity.  Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain Personal Information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

How to Block Cookies.  You can block Cookies by setting your internet browser to block some or all Cookies.  However, if you use your browser settings to block all Cookies (including essential Cookies) you may not be able to access all or parts of the Services.  By using the Services, you consent to our use of Cookies and our processing of Personal Information collected through such Cookies, in accordance with this Privacy Policy.  You can withdraw your consent at any time by deleting placed Cookies and disabling Cookies in your browser, or as explained below.  You can change your browser settings to block or notify you when you receive a Cookie, delete Cookies or browse the Services using your browser’s anonymous usage setting.  Please refer to your browser instructions or help screen to learn more about how to adjust or modify your browser settings.  If you do not agree to our use of Cookies or similar technologies which store information on your device, you should change your browser settings accordingly.  You should understand that some features of the Services may not function properly if you do not accept Cookies or these technologies.  Where required by applicable law, you will be asked to consent to certain Cookies and similar technologies before we use or install them on your computer or other device.

If you choose not to provide us with information we collect, some features of the Services may not work as intended.

THIRD PARTIES

The Services may contain links to other websites, products, or services that we do not own or operate (“Third-Party Services”).  We are not responsible for the privacy practices of these Third-Party Services.  Please be aware that this Privacy Policy does not apply to your activities on these Third-Party Services or any information you disclose to these Third-Party Services.  We encourage you to read the privacy policies of these Third-Party Services.

RETENTION

When you request that we do so, we take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period.  When we process Personal Information for our own purposes, we determine the retention period taking into account various criteria, such as the type of services provided to you, the nature and length of our relationship with you, possible re-enrollment with the Services, the impact on the Services we provide to you if we delete some information from or about you, and mandatory retention periods provided by law and the statute of limitations.

SECURITY

We make reasonable efforts to protect your Personal Information by using physical and electronic safeguards designed to improve the security of the Personal Information we maintain.  However, as the Services are hosted electronically, we can make no guarantees as to the security or privacy of your Personal Information.

INTERNATIONAL USERS AND VISITORS

Our Services are hosted in the United States (“U.S.”) and intended for visitors located within the U.S.  If you choose to use the Services from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your Personal Information outside of those regions to the U.S. for storage and processing.  We may transfer Personal Information from the EEA or the UK to the U.S. and other third countries based on European Commission-approved or UK Government-approved Standard Contractual Clauses, or otherwise in accordance with applicable data protection laws.  We may also transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Services.  By providing any information, including Personal Information, on or to the Services, you consent to such transfer, storage, and processing.

CHILDREN’S PRIVACY

We do not knowingly collect, maintain, or use Personal Information from children under 16 years of age (“Minors”), and no parts of the Services are directed to Minors.  If you learn that a Minor has provided us with Personal Information in violation of this Privacy Policy, then you may alert us at privacy@getprimary.com.

CHANGES TO THIS PRIVACY POLICY

We will post any adjustments to the Privacy Policy on this page, and the revised version will be effective when it is posted.  If we materially change the ways in which we use or share Personal Information previously collected from you through the Services, we will attempt to notify you through the Services, by email, or other means.

PRIMARY iOS BROWSER

1. Age Rating Information:

The privacy policy does not mention age restrictions or age-related content that could help determine the app’s age rating. The “Children’s Privacy” section of our Privacy Policy states that we do not knowingly collect, maintain, or use personal information from children under 16 years of age and that no parts of our services are directed to children under 16 years of age.

2. Contents Rights:

While the policy covers data collection and usage, it does not explicitly address the inclusion or exclusion of copyrighted content within the app. We do not think this is applicable to our app, as it is a browser. Can you please clarify what Apple is looking for here, as this is not a topic typically covered in a Privacy Policy (and our product is a browser, so do not understand how this would apply to the app or the functionality it offers)?

3. Digital Services Act (DSA) Information:

The privacy policy lacks specific details on compliance with the European Union’s Digital Services Act, such as mechanisms for reporting illegal content and user rights related to content moderation. We do not believe that the DSA is applicable in any way to our browser product, and this is also not typically a concept covered in a Privacy Policy.

4. Detailed App Privacy Practices:

The policy should include a table format as required by Apple, detailing what data is collected, how it is used, with whom it is shared, and the purpose of collection in a clear and concise manner.  We have updated our Privacy Policy to include this information in the required table format (see attached).