Privacy Policy

October 10, 2023

Go back home

Privacy Policy

Last updated August 23, 2023

This privacy notice for Assista Inc (‘Assista’, 'Company', 'we', 'us', or 'our'), describes how and why we might collect, store, use, and/or share ('process') your personal data when you use our Assista chat Platform, website or any other Assista app ('Services'), such as when you:

  • Sign up for and use our Platform (Assista.chat) or any other Assista application that links to this privacy notice;
  • Engage with us in other related ways, including any sales, marketing, or events.
  • Use our website. 

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at [email protected].


To reflect any changes to the way we process your personal data or any changes to your legal requirements, periodic updates and changes to this Privacy Policy will be posted on this page. We abide by the highest standards and we value your personal data, therefore, our Policy is established in accordance with the rules imposed by the EU Regulation 2016/679 (GDPR).


Who are we? Assista Inc is a company registered in Delaware, United States of America. For the purposes of data protection compliance, Assista Inc has appointed Digital Amorph Services SRL, a company registered in Romania, as representative in the EEA for EEA customers. 


How to contact us? You can contact us at [email protected] or by filling in this form. 


SUMMARY OF KEY POINTS

Do we process personal data? When you visit, use, or navigate our Services, we may process personal data depending on how you interact with Assista Inc  and the Services, the choices you make, and the products and features you use. 


Why do we process your personal data? We may process your personal data to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with the law. We may also process your information for other purposes with your consent. We process your information only when we have a valid legal reason to do so. 

In what situations and with which parties do we share personal information?  Your personal data may be shared with other entities or persons with whom we are in contractual relations, such as suppliers, IT service providers or online payment service providers. This allows us to provide our services. 

How do we keep your information safe? We have organisational and technical processes and procedures in place to protect your personal information. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. 

What are your rights? Depending on where you are located geographically, the applicable privacy law may mean you have certain rights regarding your personal information. Generally, you have the right of access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object and the right not to be subject to a decision based solely on automated decisions. Click here to learn more.

How do you exercise your rights? The easiest way to exercise your rights is by filling out our data subject request form available here, or by contacting us by email at [email protected] We will consider and act upon any request in accordance with applicable data protection laws.


TABLE OF CONTENTS

1. WHAT PERSONAL DATA DO WE COLLECT?

2. HOW DO WE PROCESS YOUR INFORMATION?

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?   

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

7. HOW LONG DO WE KEEP YOUR INFORMATION?

8. HOW DO WE KEEP YOUR INFORMATION SAFE?

9. DO WE COLLECT INFORMATION FROM MINORS?

10. WHAT ARE YOUR PRIVACY RIGHTS?

11. CONTROLS FOR DO-NOT-TRACK FEATURES

12. DO CALIFORNIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

13. DO VIRGINIA RESIDENTS HAVE SPECIFIC PRIVACY RIGHTS?

14. DO WE MAKE UPDATES TO THIS NOTICE?

15. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

16. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?


1. WHAT PERSONAL DATA DO WE COLLECT?


Personal data collected directly from you:


Contact information

When you decide to contact us using our contact form, you provide us with your name, e-mail, phone number. This information will be used to reach out to you and answer your inquiry. 

We also collect your email when you decide to sign up or log in on the Assista Chat Platform. 


Payment information:

We may collect data necessary to process your payment if you make purchases, such as your credit/debit card number, and the security code associated with your payment instrument, your billing address. All payment data is stored by Stripe. You may find their privacy notice link(s) here: https://stripe.com/en-gb-ro/privacy.


Uploads on the platform:

You may upload your files and documents (“Your Uploads”),  on the Assista Chat Platform, subject to size and file type parameters. The personal data contained on these files may vary.   Our Services allow you to upload your own documents in order to have better interactions with our chat bot. To make that possible, we store and process Your Uploads. This also includes information such as the size of the file, the time it was uploaded and usage activity. It is your choice whether you want to upload sensitive information on the platform. 


Personal data collected indirectly:


Navigation data. We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information. This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.


Your IP address is a number that is automatically assigned to your computer, a unique string of characters that identifies each computer using the Internet Protocol to communicate over a network. An IP address is identified and logged automatically in our servers whenever a user visits our website, along with the time of the visit and the pages visited. Collecting IP addresses is standard practice and is done automatically by most online service providers. We use IP addresses for purposes such as calculating Service usage levels, diagnosing server problems, and administering the Service. We may also derive your approximate location from your IP address.


Cookies: We use cookies that enable us to operate and administer our Site and Services, and improve your experience on it. A “cookie” is a piece of information sent to your browser by a website you visit. You have the option to accept all cookies, to reject all cookies, or to select what particular type of cookies you want to enable. However, refusing a cookie may in some cases negatively affect the display or function of our website or certain areas or features of a website and you will not be able to experience all the functionalities of our Services.


Analytics: We may use cookies that help us analyze how users use the Site and Services and enhance your experience when you use the Site and Services.


Personal data collected from third-parties


In Short: If you choose to register or log in to our Services using a social media account, we may have access to certain information about you.


On our Platform you can create an account and log in to through the following Third-party Social Media Services:

  • Facebook
  • Apple


 If you choose to register in this way, we will collect the personal data provided to us by the social media platform, according to their own Privacy Policies, allowing you to log in. The profile information we receive may vary depending on the social media provider concerned, but will often include your name, email address, and profile picture, as well as other information you choose to share from a social media platform.

We will use the information we receive only for the purposes that are described in this privacy notice or that are otherwise made clear to you on the relevant Services. Please note that we do not control, and are not responsible for, other uses of your personal information by your third-party social media provider. We recommend that you review their privacy notice to understand how they collect, use, and share your personal information, and how you can set your privacy preferences on their sites and apps.



2. WHY  DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

We process your personal information for a variety of reasons, depending on how you interact with our Services, including:


  • To facilitate account creation and authentication and otherwise manage user accounts. We may process your information so you can create and log in to your account, as well as keep your account in working order.
  • To provide you with our Services: We need to process your personal data in order to grant you access to our Services.
  • For Billing, account management, and administrative purposes: If you sign up for a trial or purchase a paid subscription, we may collect and process payment information, including your name, credit or debit card information, billing address, and details of your transaction history.
  • To save or protect an individual's vital interest. We may process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm.
  • To improve our services: ‍In order to provide you with the best online browsing experience on our website, we may collect and use certain information about your activity on the site. We rely on our legitimate interest to carry out activities for you in optimal conditions, while taking care to respect your fundamental rights and freedoms.  For example, we use device information to detect abuse and identify and troubleshoot bugs.
  • To defend our legitimate interests: ‍In certain situations, we will use or transmit information to protect our rights and activities. Among these we list: various measures to protect the website and its users against cyber attacks, measures to prevent and detect fraudulent attempts, including the transmission of information to the competent public authorities.
  • For statistics purposes: To enable us to improve the Services and better understand our users and the markets in which we operate. For example, we may conduct or facilitate research and use learnings about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns, areas for additional features and improvement of the Services and other insights.
  • To provide customer support: To resolve technical issues you encounter, to respond to your requests for assistance, comments and questions, to analyze crash information, to repair and improve the Services and provide other customer support.
  • To sort out your requests: We collect your data in order to provide you with information of interest to you as a beneficiary of our services. We will use the contact details provided by you exclusively with the purpose of processing your specific request. We always make sure that processing is carried out in accordance with your rights and freedoms and that the decisions taken on the basis of them do not affect you.
  • To keep you informed of our Services: We may collect your personal data that you directly and willingly provide to use for marketing purposes to keep you up to date with our Services, events, promotions or updates. You can withdraw your consent and unsubscribe at any time, without any consequences. 
  • To fulfill our legal obligations: To comply with applicable law, legal process and regulations and protect legitimate business interests.


3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR INFORMATION?

In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e. legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfil our contractual obligations, to protect your rights, or to fulfil our legitimate business interests.

If you are located in the EU or UK, this section applies to you.

The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. As such, we may rely on the following legal bases to process your personal information:

  • Consent. We may process your information if you have given us permission (i.e. consent) to use your personal information for a specific purpose. You can withdraw your consent at any time (this is the case for marketing communications or when you decide to sign up for our newsletter).
  • Performance of a Contract. We may process your personal information when we believe it is necessary to fulfil our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.
  • Legal Obligations. We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.
  • Vital Interests. We may process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
  • Legitimate interests. We might have a legitimate interest when we processes personal data for direct marketing purposes, to prevent fraud or to ensure the network and information security of your IT systems.

In legal terms, we are generally the 'data controller' under European data protection laws of the personal information described in this privacy notice, since we determine the means and/or purposes of the data processing we perform. This privacy notice does not apply to the personal information we process as a 'data processor' on behalf of our customers. In those situations, the customer that we provide services to and with whom we have entered into a data processing agreement is the 'data controller' responsible for your personal information, and we merely process your information on their behalf in accordance with your instructions. If you want to know more about our customers' privacy practices, you should read their privacy policies and direct any questions you have to them.


4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

In Short: We may share information in specific situations described in this section and/or with the following third parties.

WE DO NOT SELL YOUR PERSONAL DATA. 


Where applicable, we may transmit or provide access to certain personal data of yours to various categories of suppliers, personnel, or other companies with which we may develop partnerships necessary for the conduct of our business, but only if there is a good reason and sufficient technical and organizational measures have been taken to secure the same level of protection by such third parties.


We may also disclose certain personal data to public authorities, if we have a legal obligation or if it is necessary to defend a legitimate interest.


We ensure that access to your data by third parties under private law is made in accordance with the legal provisions on data protection and confidentiality of information, based on contracts concluded with them. Therefore, all data is transmitted with appropriate safeguards, by encrypting the transmitted files.


We may need to share your personal information in the following situations and with the following categories of suppliers:


  • Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Suppliers needed to perform our Services: We may share your personal data with service providers provide us support for our Services, including but not limiting to website and application development, hosting, maintenance, backup, storage, payment processing, analysis, identity verification, banking services, accounting services, and other services for us, which may require them to access or use personal data about you.
  • Law or Public Interest: We may disclose your information to third parties if we determine that such disclosure is reasonably necessary to: (a) comply with any applicable law, regulation, legal process, or appropriate government request; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse of the Company or our users; (d) protect our rights, property, safety, or interest; or (e) perform a task carried out in the public interest.
  • Consultants and auditors: Your personal information might be examined by our lawyers, accountants, financial professionals, auditors, and insurance providers. This is essential for delivering services related to consultation, regulatory compliance, financial transactions, legal matters, insurance coverage, accounting, and similar areas.
  • Advertisers: We may also allow third-parties, including ad servers or ad networks, to serve advertisements on our Services and such third parties may be provided with access to your personal data to provide advertising tailored to your interests.

5. DO WE USE COOKIES AND OTHER TRACKING TECHNOLOGIES?

In Short: We may use cookies and other tracking technologies to collect and store your information.

We use cookies and similar tracking technologies (like web beacons and pixels) to access or store information, to enhance your browsing experience, and analyze our traffic. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice.

Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to sign in or use other interactive features of our website and services that depend on cookies. 

6. FOR HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfil the purposes outlined in this privacy notice unless otherwise required by law.

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us to keep your personal information for longer than the period of time in which users have an account with us.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

7. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through a system of organisational and technical security measures.

We have implemented appropriate and reasonable technical and organisational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorised third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

8. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at [email protected].


9. IN WHAT COUNTRIES DO WE TRANSFER YOUR PERSONAL DATA?


‍We currently store and process your personal data in the United States. However, given the geographic scope of our business, we may transfer certain of your personal data to partners or suppliers in other countries, 

We take all measures to ensure that any international transfer of personal data is carefully managed in order to protect your rights and interests, and we allow such transfers only when absolutely necessary, applying the principle of minimization. Data transfers will always be protected by contractual commitments and, where appropriate, by other guarantees of a technical or organizational nature. To find out more about the countries where we transfer your data, you can contact us at any time. 

Despite the measures taken to protect your personal data, we do not take responsibility for vulnerabilities in systems that are not under our control. We remind you that the transmission of information via the Internet is not completely secure, there is a risk that the data will be viewed and used by unauthorized third parties regardless of our intervention.


10. WHAT ARE YOUR PRIVACY RIGHTS?


‍You have the following rights as a data subject:

Access

‍You can ask us to confirm whether we process your personal data, as well as to provide you with a copy of it and to present to you the data we have, what we use it for, to whom we disclose it, if we transfer it abroad, how we protect it, how long we keep it, what rights you have, how you can file a complaint, where we got your data from, to the extent that the information has not already been provided to you in this page.


Rectification

‍You may ask us to rectify or complete your inaccurate or incomplete personal data. It is possible to check the accuracy of the data before rectifying it.


Data deletion

‍You can ask us to delete your personal data, but only if:

• they are no longer necessary for the purposes for which they were collected;

• you have withdrawn your consent (if the data processing was based solely on your consent);

• they were processed illegally;

• exercise a legal right to oppose;

• we have a legal obligation in this regard. We are not required to comply with your request to delete personal data in any circumstance. The most likely situations in which we could deny your request are:

• for compliance with a legal obligation;

• for establishment, exercising or the defense of a right in court.


Restricting data processing

‍You can request that we restrict the processing of personal data only if:

• their accuracy is challenge and we need to verify their accuracy;

• they are no longer needed for the purposes for which they were collected, but you need them to establish, exercise or defense of a right in court;

• processing is illegal, but you do not want the data to be deleted;

• you have exercised your right to object, and the verification of our rights prevails is ongoing. We may continue to use your personal data following a request for restriction if we have your consent, or to ascertain, exercise or ensure the defense of a right in court or to protect the rights of Assista or another natural or legal person.


Data portability

‍You can ask us to provide you with personal data in a structured, commonly used and automatically readable format, or you can request that it be ported directly to another data controller, provided that the processing is based on your consent or on the conclusion or execution of a contract with you and to be done by automatic means, as well as to make the porting technically possible.


Right to oppose data processing

‍You may object to the processing of your data at any time if you believe that your fundamental rights and freedoms prevail over our legitimate commercial interest.


Automated decisions

‍You may request that you not be subject to a decision based solely on automatic processing when that decision:

• produces legal effects on you;

• it affects you in a similar way and to a significant extent. This right will not apply where the decision was reached by following automated decision-making:

• we are required to enter into or enter into a contract with you;

• is authorized by law and there are adequate guarantees for your rights and freedoms;

• is based on your explicit consent.


Claims

You have the right to submit a complaint regarding the processing of your personal data and we assure you that we will make every effort to resolve any issues in a reasonable and peaceful way. You may contact us by email at [email protected]. We promise to respond to any valid requests within a maximum of 30 days, unless this is particularly complicated or if you have made multiple requests, in which case we will respond within a maximum of 60 days, with the information your properly.


To request to review, update, or delete your personal information, please submit a request form by clicking here.


Additionally, you can also submit your request by post.


However, please note that given the global reach of our app, we strongly recommend that you contact us by email. We cannot guarantee the arrival on time by post. If you, however, choose to submit a request through the mail, we recommend that you mail your request with confirmation of receipt. 



We will consider and act upon any request in accordance with applicable data protection laws. If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

If you are located in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html.


Opting out of marketing and promotional communications: You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us using the details provided in the section 'HOW CAN YOU CONTACT US ABOUT THIS NOTICE?' below. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.

Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can:

  • Contact us using the contact information provided.

Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our legal terms and/or comply with applicable legal requirements.

Cookies and similar technologies: Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services. To opt out of interest-based advertising by advertisers on our Services visit http://www.aboutads.info/choices/.

If you have questions or comments about your privacy rights, you may email us at [email protected]

11. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ('DNT') feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognising and implementing DNT signals has been finalised. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.


12. LINKS TO OTHER WEBSITES 


Our website contains links to other websites such as Facebook, Instagram, Twitter and LinkedIn. Once you click those links, you leave the realm of our app, which means our policies no longer apply, but instead, those websites’ policies apply. Our Privacy Policy does not apply to those companies' websites, you should refer to each of those sites to obtain information on their privacy policies. If you cannot find the Privacy Policy on any of these sites once you have arrived at their site via a link from our site, you should contact that site directly for more information or you can e-mail at us [email protected]. We are not responsible for the contents of those sites and they will process your personal data in accordance with their Privacy Policy.


13. APPLICABLE LAW

By visiting the Website and thus expressly accepting this Privacy Statement and the conditions therein, you agree that any dispute or claim relating to this Privacy Statement and the processing of Personal Data shall be governed by the laws of the state Delaware and of the United States of America. Any legal action or procedure relating to this website must be filed only in a federal or state court with jurisdiction over the matter, located in Delaware. 


14. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.

We reserve the right to update this privacy notice from time to time. The updated version will be indicated by an updated 'Revised' date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information. 

15. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

We are always open to find out your thoughts and views and to provide you with any additional information you may need regarding the processing of your data. If you have any questions about the content of this document or wish to exercise your rights, please do not hesitate to contact us by email at [email protected] or by post at 27 Grindeanu Constanta, Constanța 900046, Romania.


SUMMARY:  HOW CAN YOU ENFORCE YOUR PRIVACY RIGHTS? 

To enforce your privacy rights  please submit a request form by clicking here or by contacting us at [email protected].



Button