PRIVACY POLICY
Owner: Sound Concepts, Inc of 782 S. Auto Mall Drive Suite A, American Fork, UT 84003, United States (we/us).

Services: We use a platform called Brightools, which is a sales automation tool designed to help you share your story with others. Namely, we supply program applications to help you build your business, assess and communicate with [prospective clients and [your customers], help manage leads and share digital content on social media and messaging platforms. (Services).

Sites: We also have three websites where you can sign up to our Services or find out more information about what we do: https://www.soundconcepts.com/, http://brightools.com/ and http://mybuildersystem.com. (Sites).

At Sound Concepts Inc., we take data privacy very seriously. The following information sets out the uses to which we will put the information that we have about you and the legal basis for doing so, as well as explaining to you the rights that you have over the way that we use your information. This policy should be read in conjunction with our Data Retention Policy and Data Protection Policy.

For the purposes of the General Data Protection Regulation (GDPR), and [any subsequent EU member state legislation covering data protection], we are the data controller for the contact details, billing details and other account information we collect from our users in the EU upon registration to our Services on one of the Sites namely the entity that collects and processes your data for various purposes, including asking one or more third parties to do so on our behalf, details of which are set out below (where applicable). However, you remain the data controller for all personal data of your device contacts (see the ‘Contact Data’ section below for more details).  

As we are based outside the European Union (EU) and as required by the GDPR, we have appointed a representative who will deal with all data protection related queries on our behalf. Please address all queries relating to this policy and/or data protection more generally to [Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

Your Personal Data

In order to use our Services, basic user information about you is collected upon registration, either by us or by a third party authorized to do so. The information we collect about you might include the following:
  • first name
  • last name
  • email (for login)
  • username
  • phone number
  • distributor or member number
  • social networks
  • personal bio
  • If applicable, payment information, including your credit card details and billing address
  • decisions made by you when using our Services or the Sites (such as notification preferences)
  • specific information about the device you use and manner in which you choose to access our Services, such as the hardware model and operating system version of your device, any advertising identifier, unique application identifiers, unique device identifiers, browser type, language, OS version, push tokens, time zone, how the app is used and wireless network used;
  • any preferences which you tell us about when using our Services or the Sites, such as language, market in which your business operates, notifications and screen display.

How we collect information

Personal Data will be collected when you sign up to our Services and in the course of your use of the Services and the Sites.

We may collect information from you whenever you contact us or have any involvement with us for example when you:
  • enquire about our activities or services
  • sign up to receive news about our activities
  • create a user account with us
  • engage with our platform or services
  • attend a meeting with us and provide us with information
  • contact us in any way including online, email, phone, SMS, social media or post
  • from 3rd party companies that you are affiliated with.

Where we collect information from

We collect information:
  1. from you when you give it to us directly: you may provide your details when you ask us for information, sign up for a user account, or contact us for any other reason. Your information may be collected by an organization we are working with, but we are still responsible for your information.
  2. when you give it to us indirectly: your information may be shared with us by other organizations. They should only do so in the way they have set out in their own Privacy Policy which you should check when you give your details.
  3. when you have given other organizations permission to share it: your information may be provided to us by other organizations if you have given them your permission. This might for example be a business working with us or when you buy a product or service from a third-party organization. The information we receive from other organizations depends on your settings or the optional responses you have given them.
  4. when you use one of the Sites: when you do, information about you is recorded and stored. See the information about the use of cookies under that heading below.
  5. when it is made available on social media: depending on your settings or the privacy policies applying for the social media and messaging services you use, like Facebook, Instagram or Twitter, you might give us permission to access information from those accounts or services.

The Purposes for Which We Collect Your Data

The information that we collect about you will be used for the following purposes:
  • to ensure that the content of our Services or Sites is presented in the most effective manner for you, in relation to preferences you have told us about;
  • to personalize and recommend content and information of potential interest;
  • to allow you to participate in interactive features, when you choose to do so;
  • to carry out our obligations arising from any contracts entered into between you and us;
  • to notify you about changes to our Services;
  • to notify you if and when one of your contacts or prospects interacts with a link you have asked us to create;
  • to display your information to your contacts so they can get in touch with you;
  • to contact you about our products and additional services, where you have consented that we may do so;
  • to send you our newsletter(s), where you have consented that we may do so;
  • to enable you to log on to different devices and have consistent information available across each device; and
  • to meet any other business purpose(s) that may emerge or change from time to time, to meet our obligation to you, the user.
We will never sell, license or rent your Personal Data to anyone.

Legal Justification for Processing Your Data

The use of your Personal Data for these Purposes set out above is lawful because one or more of the following applies:
  • it is necessary for us to hold and use your Personal Data so that we can perform our obligations under the contract we have entered into with you to provide the Services and help you build your business and assess and communicate with prospective clients; or
  • where the purpose of our processing is the provision of information or services to you, we may also rely on the fact that it is necessary for our legitimate interests in relation to providing the information or service requested, and given that you have made the request, would presume that there is no prejudice to you in our fulfilling your request;
  • it is in our economic legitimate interests to process your Personal Data
  • you have freely given a specific, informed and unambiguous indication in a data capture form of your consent to receiving information or recommendations about our products, additional services and sending you newsletters. You may withdraw this consent at any time by clicking the Unsubscribe link at the bottom of the message or by sending such a request to support@mysecureoffice.com, but this will not affect the lawfulness of processing of your data in accordance with your consent prior to withdrawal of your consent being received and actioned
  • you can request in writing, through mobile app or desktop app, to have your Personal Data removed completely from our systems

Contact Data

As part of our Services, you have the option of uploading some or all of your device contacts (Contact(s)).

You may ask us to create bespoke links to marketing material or ask us to send other communications to these Contact(s).

For the avoidance of doubt, you, as user of our Services, are the data controller in relation to the Contact(s) and their personal data and we are the data processors.

When you sign up to our Services, you will be asked to agree to the terms of a data processing agreement with us and which provides further detail of this arrangement, which requires that you distribute your own privacy notice to your Contact(s), and which will include information about us and our processing of the Contact(s)’ Personal Data.

You are not required to upload your Contact(s) to use our Services, so if you do not agree to the terms of our data processing agreement; please do not upload your Contact(s). Uploading your Contacts without a data processing agreement in place and without the Contacts having received a privacy notice from you will put you (or your employer, if doing this on behalf of your employer) in breach of [UK and] European data protection legislation, as well as the domestic laws of individual member states of the European Union and which could result in sanctions from the relevant data protection authority.

We ask you to enter into a data processing agreement with us because it is necessary for us (and you, as data controller) to meet our obligations under the GDPR.

Anti-Spam Policy

Spam is unsolicited email also known as UCE (Unsolicited Commercial Email).

We have a ‘no tolerance’ spam policy. Our customer support actively monitors large import lists and emails going to a large number of contacts. Any customer found to be using our Services for the purposes of sending spam will be immediately cut-off from use of the Services. If you know of or suspect any violators, please notify us immediately at support@mysecureoffice.com

As you will see in our data processing agreement, any Contact(s) which you upload or communicate with when using our Services or ask us to do so on your behalf must have a pre-existing business relationship with you (or there must be another lawful ground which you can rely upon to contact them) and must have been clearly and fully notified by you in advance by means of the sending of a privacy notice to them about the collection and use of his or her contact details by you.

This is echoed in our strict permission-based philosophies:

Communication - By accepting our data processing agreement and other terms, you have agreed to use only permission-based lists and never to sell or rent your lists.

Unsubscribe - Every email generated from our Services contains an unsubscribe link which allows your Contact(s) to opt-out of future emails and automatically updates your database of Contacts in order to avoid the chance of sending unwanted emails to visitors who have unsubscribed.

Contact Information - All of your emails are pre-filled with your Contacts’ information. You are required to make sure this information is up to date and accurate.

For more information, please contact Customer Support at support@mysecureoffice.com.

Security of Your Data

We understand the importance of keeping your personal information secure and take appropriate steps to safeguard it.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share this password with anyone.

We take precautions to protect your information. When you submit Personal Data when using our Services or Site, this is protected both online and offline. Wherever we collect Personal Data, it is encrypted and transmitted to us in a secure way.

We work to protect the security and unauthorized use of your information and data during transit by using Secure Sockets Layer (SSL) software. This encrypts information between our servers and the applications which form part of our Services. We also ensure that our apps are talking only to our servers through SSL pinning. If we store your password, it is encrypted in our database and we use password tokenization during login validation and data exchanges with our servers. 

We encrypt Personal Data transmitted online, we also protect your Personal Data offline. We always ensure only authorized persons have access to your information, which means only our employees and contractors, and that everyone who has access is appropriately trained to manage your information. Only employees and contractors who need access to the information to perform a specific and necessary function are granted access to Personal Data and we will do our best to ensure that that they act only in line with our Data Protection Policy and are under an appropriate duty of confidence. The computers/servers on which we store Personal Data are kept in a secure environment.

Please note, as no data transmissions over the internet can be guaranteed to be one hundred percent secure, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk. However, we will take all steps necessary to ensure that your Personal Data is treated securely in accordance with this Privacy Policy.

Transfers to Third-Parties

Your information [will/may] be passed to the following third parties:
  • third party services for the purpose of facilitating payment and the completion of your purchase of the Services. This third parties might be, for example, Apple's iTunes or Google Play stores, PayPal or Authoroize.net;
  • Deductr – If you elect to sign up for other services such as tax or learning manage systems, we will pass to them your name and email to provision your account with these third-party systems. 
  • Bronto for email campaigns for newsletters
  • TorchLMS or Light Speed - if you subscribe to our learning management system feature.
  • Achieve Today – when you subscribe to personal motivation content
  • Ziplingo – for delivery of mobile text
  • SendGrid – email relay service
The transfer of your Personal Data is lawful because it is necessary for us to perform our obligations under the contract we have entered into with you for the Purpose(s), or because it is necessary for the purposes of a legitimate interest pursued by us, or by a third party, and we have reasonably determined that these legitimate interests are not overridden by your fundamental rights and freedoms which require protection of the personal data.

When we transfer Personal Data to a third party, they are acting as an agent on our behalf. Sound Concepts, Inc. remains liable if such Personal Data is processed in a manner inconsistent with this policy, unless Sound Concepts, Inc. is able to prove that they are not responsible for the event giving rise to the claim.

We may also transfer your Personal Data where we are under a duty to disclose or share it in order to comply with a legal obligation. We are subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC).

Your Personal Data may also be transferred to another company in the event of the transfer of our assets to a third party. In that event, we will endeavor, where possible, to notify you prior to the event and offer you the chance to cease use of the Services and remove your Personal Data from our database. In any event, we will endeavor to ensure that your rights and freedoms in respect of the processing of your personal data are adequately and appropriately protected. If the transferee is based outside of the EU, the provisions of sub-paragraph (ii) below will also apply.

If you desire to not disclose your Personal Data to third parties by using our platform, then you can select the no sync option to limit this. However, limited data such as email or mobile number, might be provided to deliver correspondence to you via email or SMS. If you prefer to have no Personal Data disclosed to third parties, then please choose another provider.

(i) Outside the EU

We do send your Personal Data outside of the EU because our servers are based outside the EU, and our head office is outside the EU, in the United States. However, we meet our obligations under the applicable legislation by ensuring that any Personal Data we control has the same protection as if it were being held within the EU because we have self-certified ourselves under the EU-US Privacy Shield regime. For further details, please see our entry in the register for the Privacy Shield Framework here.

Where we transfer Personal Data outside the EU other than in the above circumstances, we will meet our obligations under the GDPR in relation to that transferee company:
  • by ensuring that the third party is certified under the EU-US Privacy Shield Framework; or
  • by entering into model EU clauses with them concerning the protection of your Personal Data
  • where they form part of our group of companies, by establishing a set of binding corporate rules; or
  • because the Information Commissioner has made a positive finding of adequacy in relation to the territory in which the sub-processor is based and to which your Personal Data may be transferred.
Sound Concepts, Inc. complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Sound Concepts, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Dispute and Unresolved Dispute Resolution

In compliance with the Privacy Shield Principles, Sound Concepts, Inc. commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Sound Concepts, Inc. at: support@mysecureoffice.com 

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

You have the right, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by Sound Concepts, Inc. or through TurstArc, our third-party dispute resolution provider. More information can be found at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction

Storage of Data
Your information will be always be stored in accordance with our Data Retention Policy and in any event, only for so long as is reasonably necessary in order to carry out the Purpose(s).

Where we rely on your consent to contact you for direct marketing purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. This will usually be for [two] years. We may periodically ask you to renew your consent. If you ask us to stop contacting you with marketing materials, we will keep a record of your contact details and limited information needed to ensure we comply with your request.

Cookies

Cookies are small text files that are placed on your computer by apps that you use or websites that you visit. They are widely used in order to make apps or websites work, or work more efficiently, as well as to provide information to us. The table below explains the cookies we use and why. We do not do this to track individual users or to identify them, but to gain useful knowledge about how users use the Services and Site, so that we can keep improving it for you.

The law states that we can store cookies on your machine if they are essential to the operation of the Services and Sites but that for all other purposes, we need your permission to do so.

Below is a table of non-essential cookies which we also store about your use of the Sites:


If you do not wish to receive cookies from us or on any other website, you can turn cookies off on your web browser: please follow your browser provider’s instructions in order to do so. In a few cases, some of our Services and Sites’ features may not function as a result. Most web browsers allow some control of cookies through its settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org, www.allaboutcookies.org or www.civicuk.com/cookie-control/browser-settings.

Your Rights Under EU and other Data Protection Laws

You have the right to request details of the processing activities that we carry out with your Personal Data through making a Subject Access Request. Such requests have to be made in writing. More details about how to make a request, and the procedure to be followed, can be found in our Data Protection Policy. To make a request, please contact us at Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

You also have the following rights:
  • the right to request rectification of information that is inaccurate or out of date;
  • the right to erasure of your information (known as the “right to be forgotten”);
  • the right to object to the way in which we are dealing with and using your information; and
  • the right to request that your information be provided to you in a format that is secure and suitable for re-use (known as the “right to portability”);
  • rights in relation to automated decision making and profiling including profiling for marketing purposes.

All of these rights are subject to certain safeguards and exemptions, further details of which can be found in our Data Protection Policy. To exercise any of these rights, you should contact [Dayne Deader, Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

If you are not happy with the way in which we have processed or dealt with your information, you can complain to the Information Commissioner’s Office. Further details about how to complain can be found here

Children

Our services are not intended for anyone under sixteen and we do not knowingly collect personal information from anyone under sixteen.

Use of Aggregated/Anonymized Data

We may use information obtained about you from monitoring your use of the Services and Sites solely for internal purposes, including the performance and evaluation of the Services and Sites. Data collected by monitoring will be aggregated and anonymized.

We are entitled to do this because the resulting data will not personally identify you and will therefore no longer constitute personal data for the purposes of data protection laws.

We may also use the information we gather to notify you about important functionality changes and alterations to the Services and Sites, or offer of products, services or information that might be of particular interest to you (where you have consented to this).

The use of your information for these purposes is lawful because it is necessary for the purposes of legitimate interests pursued by us, our application and our website developers in order to keep the Services and Sites up to date and provide additional services to our users from time to time.

Mailing Lists

If you subscribe to our mailing lists for news releases and other information, we may also ask you to answer various general questions about yourself. You will be asked to specify the areas in which you are interested so that we can tailor the information which we send to you to cover the new products and special offers which we believe you might be interested in.

Newsletter

If you subscribe to our newsletter and at any time you wish to stop receiving this or any other information you may have requested from us or any other company, please email or write to support@mysecureoffice.com or click the Unsubscribe/Opt-out link at the bottom of any newsletter you may receive from us.

Amendments to this Privacy Policy

We may occasionally modify this Privacy Policy, such variations becoming effective thirty days after posting to the Sites and of which we shall send you notification of such variations based on your notification preference.
Translations Coming Soon
PRIVACY POLICY
Owner: Sound Concepts, Inc of 782 S. Auto Mall Drive Suite A, American Fork, UT 84003, United States (we/us).

Services: We use a platform called Brightools, which is a sales automation tool designed to help you share your story with others. Namely, we supply program applications to help you build your business, assess and communicate with [prospective clients and [your customers], help manage leads and share digital content on social media and messaging platforms. (Services).

Sites: We also have three websites where you can sign up to our Services or find out more information about what we do: https://www.soundconcepts.com/, http://brightools.com/ and http://mybuildersystem.com. (Sites).

At Sound Concepts Inc., we take data privacy very seriously. The following information sets out the uses to which we will put the information that we have about you and the legal basis for doing so, as well as explaining to you the rights that you have over the way that we use your information. This policy should be read in conjunction with our Data Retention Policy and Data Protection Policy.

For the purposes of the General Data Protection Regulation (GDPR), and [any subsequent EU member state legislation covering data protection], we are the data controller for the contact details, billing details and other account information we collect from our users in the EU upon registration to our Services on one of the Sites namely the entity that collects and processes your data for various purposes, including asking one or more third parties to do so on our behalf, details of which are set out below (where applicable). However, you remain the data controller for all personal data of your device contacts (see the ‘Contact Data’ section below for more details).  

As we are based outside the European Union (EU) and as required by the GDPR, we have appointed a representative who will deal with all data protection related queries on our behalf. Please address all queries relating to this policy and/or data protection more generally to [Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

Your Personal Data

In order to use our Services, basic user information about you is collected upon registration, either by us or by a third party authorized to do so. The information we collect about you might include the following:
  • first name
  • last name
  • email (for login)
  • username
  • phone number
  • distributor or member number
  • social networks
  • personal bio
  • If applicable, payment information, including your credit card details and billing address
  • decisions made by you when using our Services or the Sites (such as notification preferences)
  • specific information about the device you use and manner in which you choose to access our Services, such as the hardware model and operating system version of your device, any advertising identifier, unique application identifiers, unique device identifiers, browser type, language, OS version, push tokens, time zone, how the app is used and wireless network used;
  • any preferences which you tell us about when using our Services or the Sites, such as language, market in which your business operates, notifications and screen display.

How we collect information

Personal Data will be collected when you sign up to our Services and in the course of your use of the Services and the Sites.

We may collect information from you whenever you contact us or have any involvement with us for example when you:
  • enquire about our activities or services
  • sign up to receive news about our activities
  • create a user account with us
  • engage with our platform or services
  • attend a meeting with us and provide us with information
  • contact us in any way including online, email, phone, SMS, social media or post
  • from 3rd party companies that you are affiliated with.

Where we collect information from

We collect information:
  1. from you when you give it to us directly: you may provide your details when you ask us for information, sign up for a user account, or contact us for any other reason. Your information may be collected by an organization we are working with, but we are still responsible for your information.
  2. when you give it to us indirectly: your information may be shared with us by other organizations. They should only do so in the way they have set out in their own Privacy Policy which you should check when you give your details.
  3. when you have given other organizations permission to share it: your information may be provided to us by other organizations if you have given them your permission. This might for example be a business working with us or when you buy a product or service from a third-party organization. The information we receive from other organizations depends on your settings or the optional responses you have given them.
  4. when you use one of the Sites: when you do, information about you is recorded and stored. See the information about the use of cookies under that heading below.
  5. when it is made available on social media: depending on your settings or the privacy policies applying for the social media and messaging services you use, like Facebook, Instagram or Twitter, you might give us permission to access information from those accounts or services.

The Purposes for Which We Collect Your Data

The information that we collect about you will be used for the following purposes:
  • to ensure that the content of our Services or Sites is presented in the most effective manner for you, in relation to preferences you have told us about;
  • to personalize and recommend content and information of potential interest;
  • to allow you to participate in interactive features, when you choose to do so;
  • to carry out our obligations arising from any contracts entered into between you and us;
  • to notify you about changes to our Services;
  • to notify you if and when one of your contacts or prospects interacts with a link you have asked us to create;
  • to display your information to your contacts so they can get in touch with you;
  • to contact you about our products and additional services, where you have consented that we may do so;
  • to send you our newsletter(s), where you have consented that we may do so;
  • to enable you to log on to different devices and have consistent information available across each device; and
  • to meet any other business purpose(s) that may emerge or change from time to time, to meet our obligation to you, the user.
We will never sell, license or rent your Personal Data to anyone.

Legal Justification for Processing Your Data

The use of your Personal Data for these Purposes set out above is lawful because one or more of the following applies:
  • it is necessary for us to hold and use your Personal Data so that we can perform our obligations under the contract we have entered into with you to provide the Services and help you build your business and assess and communicate with prospective clients; or
  • where the purpose of our processing is the provision of information or services to you, we may also rely on the fact that it is necessary for our legitimate interests in relation to providing the information or service requested, and given that you have made the request, would presume that there is no prejudice to you in our fulfilling your request;
  • it is in our economic legitimate interests to process your Personal Data
  • you have freely given a specific, informed and unambiguous indication in a data capture form of your consent to receiving information or recommendations about our products, additional services and sending you newsletters. You may withdraw this consent at any time by clicking the Unsubscribe link at the bottom of the message or by sending such a request to support@mysecureoffice.com, but this will not affect the lawfulness of processing of your data in accordance with your consent prior to withdrawal of your consent being received and actioned
  • you can request in writing, through mobile app or desktop app, to have your Personal Data removed completely from our systems

Contact Data

As part of our Services, you have the option of uploading some or all of your device contacts (Contact(s)).

You may ask us to create bespoke links to marketing material or ask us to send other communications to these Contact(s).

For the avoidance of doubt, you, as user of our Services, are the data controller in relation to the Contact(s) and their personal data and we are the data processors.

When you sign up to our Services, you will be asked to agree to the terms of a data processing agreement with us and which provides further detail of this arrangement, which requires that you distribute your own privacy notice to your Contact(s), and which will include information about us and our processing of the Contact(s)’ Personal Data.

You are not required to upload your Contact(s) to use our Services, so if you do not agree to the terms of our data processing agreement; please do not upload your Contact(s). Uploading your Contacts without a data processing agreement in place and without the Contacts having received a privacy notice from you will put you (or your employer, if doing this on behalf of your employer) in breach of [UK and] European data protection legislation, as well as the domestic laws of individual member states of the European Union and which could result in sanctions from the relevant data protection authority.

We ask you to enter into a data processing agreement with us because it is necessary for us (and you, as data controller) to meet our obligations under the GDPR.

Anti-Spam Policy

Spam is unsolicited email also known as UCE (Unsolicited Commercial Email).

We have a ‘no tolerance’ spam policy. Our customer support actively monitors large import lists and emails going to a large number of contacts. Any customer found to be using our Services for the purposes of sending spam will be immediately cut-off from use of the Services. If you know of or suspect any violators, please notify us immediately at support@mysecureoffice.com

As you will see in our data processing agreement, any Contact(s) which you upload or communicate with when using our Services or ask us to do so on your behalf must have a pre-existing business relationship with you (or there must be another lawful ground which you can rely upon to contact them) and must have been clearly and fully notified by you in advance by means of the sending of a privacy notice to them about the collection and use of his or her contact details by you.

This is echoed in our strict permission-based philosophies:

Communication - By accepting our data processing agreement and other terms, you have agreed to use only permission-based lists and never to sell or rent your lists.

Unsubscribe - Every email generated from our Services contains an unsubscribe link which allows your Contact(s) to opt-out of future emails and automatically updates your database of Contacts in order to avoid the chance of sending unwanted emails to visitors who have unsubscribed.

Contact Information - All of your emails are pre-filled with your Contacts’ information. You are required to make sure this information is up to date and accurate.

For more information, please contact Customer Support at support@mysecureoffice.com.

Security of Your Data

We understand the importance of keeping your personal information secure and take appropriate steps to safeguard it.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share this password with anyone.

We take precautions to protect your information. When you submit Personal Data when using our Services or Site, this is protected both online and offline. Wherever we collect Personal Data, it is encrypted and transmitted to us in a secure way.

We work to protect the security and unauthorized use of your information and data during transit by using Secure Sockets Layer (SSL) software. This encrypts information between our servers and the applications which form part of our Services. We also ensure that our apps are talking only to our servers through SSL pinning. If we store your password, it is encrypted in our database and we use password tokenization during login validation and data exchanges with our servers. 

We encrypt Personal Data transmitted online, we also protect your Personal Data offline. We always ensure only authorized persons have access to your information, which means only our employees and contractors, and that everyone who has access is appropriately trained to manage your information. Only employees and contractors who need access to the information to perform a specific and necessary function are granted access to Personal Data and we will do our best to ensure that that they act only in line with our Data Protection Policy and are under an appropriate duty of confidence. The computers/servers on which we store Personal Data are kept in a secure environment.

Please note, as no data transmissions over the internet can be guaranteed to be one hundred percent secure, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk. However, we will take all steps necessary to ensure that your Personal Data is treated securely in accordance with this Privacy Policy.

Transfers to Third-Parties

Your information [will/may] be passed to the following third parties:
  • third party services for the purpose of facilitating payment and the completion of your purchase of the Services. This third parties might be, for example, Apple's iTunes or Google Play stores, PayPal or Authoroize.net;
  • Deductr – If you elect to sign up for other services such as tax or learning manage systems, we will pass to them your name and email to provision your account with these third-party systems. 
  • Bronto for email campaigns for newsletters
  • TorchLMS or Light Speed - if you subscribe to our learning management system feature.
  • Achieve Today – when you subscribe to personal motivation content
  • Ziplingo – for delivery of mobile text
  • SendGrid – email relay service
The transfer of your Personal Data is lawful because it is necessary for us to perform our obligations under the contract we have entered into with you for the Purpose(s), or because it is necessary for the purposes of a legitimate interest pursued by us, or by a third party, and we have reasonably determined that these legitimate interests are not overridden by your fundamental rights and freedoms which require protection of the personal data.

When we transfer Personal Data to a third party, they are acting as an agent on our behalf. Sound Concepts, Inc. remains liable if such Personal Data is processed in a manner inconsistent with this policy, unless Sound Concepts, Inc. is able to prove that they are not responsible for the event giving rise to the claim.

We may also transfer your Personal Data where we are under a duty to disclose or share it in order to comply with a legal obligation. We are subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC).

Your Personal Data may also be transferred to another company in the event of the transfer of our assets to a third party. In that event, we will endeavor, where possible, to notify you prior to the event and offer you the chance to cease use of the Services and remove your Personal Data from our database. In any event, we will endeavor to ensure that your rights and freedoms in respect of the processing of your personal data are adequately and appropriately protected. If the transferee is based outside of the EU, the provisions of sub-paragraph (ii) below will also apply.

If you desire to not disclose your Personal Data to third parties by using our platform, then you can select the no sync option to limit this. However, limited data such as email or mobile number, might be provided to deliver correspondence to you via email or SMS. If you prefer to have no Personal Data disclosed to third parties, then please choose another provider.

(i) Outside the EU

We do send your Personal Data outside of the EU because our servers are based outside the EU, and our head office is outside the EU, in the United States. However, we meet our obligations under the applicable legislation by ensuring that any Personal Data we control has the same protection as if it were being held within the EU because we have self-certified ourselves under the EU-US Privacy Shield regime. For further details, please see our entry in the register for the Privacy Shield Framework here.

Where we transfer Personal Data outside the EU other than in the above circumstances, we will meet our obligations under the GDPR in relation to that transferee company:
  • by ensuring that the third party is certified under the EU-US Privacy Shield Framework; or
  • by entering into model EU clauses with them concerning the protection of your Personal Data
  • where they form part of our group of companies, by establishing a set of binding corporate rules; or
  • because the Information Commissioner has made a positive finding of adequacy in relation to the territory in which the sub-processor is based and to which your Personal Data may be transferred.
Sound Concepts, Inc. complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Sound Concepts, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Dispute and Unresolved Dispute Resolution

In compliance with the Privacy Shield Principles, Sound Concepts, Inc. commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Sound Concepts, Inc. at: support@mysecureoffice.com 

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

You have the right, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by Sound Concepts, Inc. or through TurstArc, our third-party dispute resolution provider. More information can be found at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction

Storage of Data
Your information will be always be stored in accordance with our Data Retention Policy and in any event, only for so long as is reasonably necessary in order to carry out the Purpose(s).

Where we rely on your consent to contact you for direct marketing purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. This will usually be for [two] years. We may periodically ask you to renew your consent. If you ask us to stop contacting you with marketing materials, we will keep a record of your contact details and limited information needed to ensure we comply with your request.

Cookies

Cookies are small text files that are placed on your computer by apps that you use or websites that you visit. They are widely used in order to make apps or websites work, or work more efficiently, as well as to provide information to us. The table below explains the cookies we use and why. We do not do this to track individual users or to identify them, but to gain useful knowledge about how users use the Services and Site, so that we can keep improving it for you.

The law states that we can store cookies on your machine if they are essential to the operation of the Services and Sites but that for all other purposes, we need your permission to do so.

Below is a table of non-essential cookies which we also store about your use of the Sites:


If you do not wish to receive cookies from us or on any other website, you can turn cookies off on your web browser: please follow your browser provider’s instructions in order to do so. In a few cases, some of our Services and Sites’ features may not function as a result. Most web browsers allow some control of cookies through its settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org, www.allaboutcookies.org or www.civicuk.com/cookie-control/browser-settings.

Your Rights Under EU and other Data Protection Laws

You have the right to request details of the processing activities that we carry out with your Personal Data through making a Subject Access Request. Such requests have to be made in writing. More details about how to make a request, and the procedure to be followed, can be found in our Data Protection Policy. To make a request, please contact us at Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

You also have the following rights:
  • the right to request rectification of information that is inaccurate or out of date;
  • the right to erasure of your information (known as the “right to be forgotten”);
  • the right to object to the way in which we are dealing with and using your information; and
  • the right to request that your information be provided to you in a format that is secure and suitable for re-use (known as the “right to portability”);
  • rights in relation to automated decision making and profiling including profiling for marketing purposes.

All of these rights are subject to certain safeguards and exemptions, further details of which can be found in our Data Protection Policy. To exercise any of these rights, you should contact [Dayne Deader, Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

If you are not happy with the way in which we have processed or dealt with your information, you can complain to the Information Commissioner’s Office. Further details about how to complain can be found here

Children

Our services are not intended for anyone under sixteen and we do not knowingly collect personal information from anyone under sixteen.

Use of Aggregated/Anonymized Data

We may use information obtained about you from monitoring your use of the Services and Sites solely for internal purposes, including the performance and evaluation of the Services and Sites. Data collected by monitoring will be aggregated and anonymized.

We are entitled to do this because the resulting data will not personally identify you and will therefore no longer constitute personal data for the purposes of data protection laws.

We may also use the information we gather to notify you about important functionality changes and alterations to the Services and Sites, or offer of products, services or information that might be of particular interest to you (where you have consented to this).

The use of your information for these purposes is lawful because it is necessary for the purposes of legitimate interests pursued by us, our application and our website developers in order to keep the Services and Sites up to date and provide additional services to our users from time to time.

Mailing Lists

If you subscribe to our mailing lists for news releases and other information, we may also ask you to answer various general questions about yourself. You will be asked to specify the areas in which you are interested so that we can tailor the information which we send to you to cover the new products and special offers which we believe you might be interested in.

Newsletter

If you subscribe to our newsletter and at any time you wish to stop receiving this or any other information you may have requested from us or any other company, please email or write to support@mysecureoffice.com or click the Unsubscribe/Opt-out link at the bottom of any newsletter you may receive from us.

Amendments to this Privacy Policy

We may occasionally modify this Privacy Policy, such variations becoming effective thirty days after posting to the Sites and of which we shall send you notification of such variations based on your notification preference.
Translations Coming Soon
PRIVACY POLICY
Owner: Sound Concepts, Inc of 782 S. Auto Mall Drive Suite A, American Fork, UT 84003, United States (we/us).

Services: We use a platform called Brightools, which is a sales automation tool designed to help you share your story with others. Namely, we supply program applications to help you build your business, assess and communicate with [prospective clients and [your customers], help manage leads and share digital content on social media and messaging platforms. (Services).

Sites: We also have three websites where you can sign up to our Services or find out more information about what we do: https://www.soundconcepts.com/, http://brightools.com/ and http://mybuildersystem.com. (Sites).

At Sound Concepts Inc., we take data privacy very seriously. The following information sets out the uses to which we will put the information that we have about you and the legal basis for doing so, as well as explaining to you the rights that you have over the way that we use your information. This policy should be read in conjunction with our Data Retention Policy and Data Protection Policy.

For the purposes of the General Data Protection Regulation (GDPR), and [any subsequent EU member state legislation covering data protection], we are the data controller for the contact details, billing details and other account information we collect from our users in the EU upon registration to our Services on one of the Sites namely the entity that collects and processes your data for various purposes, including asking one or more third parties to do so on our behalf, details of which are set out below (where applicable). However, you remain the data controller for all personal data of your device contacts (see the ‘Contact Data’ section below for more details).  

As we are based outside the European Union (EU) and as required by the GDPR, we have appointed a representative who will deal with all data protection related queries on our behalf. Please address all queries relating to this policy and/or data protection more generally to [Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

Your Personal Data

In order to use our Services, basic user information about you is collected upon registration, either by us or by a third party authorized to do so. The information we collect about you might include the following:
  • first name
  • last name
  • email (for login)
  • username
  • phone number
  • distributor or member number
  • social networks
  • personal bio
  • If applicable, payment information, including your credit card details and billing address
  • decisions made by you when using our Services or the Sites (such as notification preferences)
  • specific information about the device you use and manner in which you choose to access our Services, such as the hardware model and operating system version of your device, any advertising identifier, unique application identifiers, unique device identifiers, browser type, language, OS version, push tokens, time zone, how the app is used and wireless network used;
  • any preferences which you tell us about when using our Services or the Sites, such as language, market in which your business operates, notifications and screen display.

How we collect information

Personal Data will be collected when you sign up to our Services and in the course of your use of the Services and the Sites.

We may collect information from you whenever you contact us or have any involvement with us for example when you:
  • enquire about our activities or services
  • sign up to receive news about our activities
  • create a user account with us
  • engage with our platform or services
  • attend a meeting with us and provide us with information
  • contact us in any way including online, email, phone, SMS, social media or post
  • from 3rd party companies that you are affiliated with.

Where we collect information from

We collect information:
  1. from you when you give it to us directly: you may provide your details when you ask us for information, sign up for a user account, or contact us for any other reason. Your information may be collected by an organization we are working with, but we are still responsible for your information.
  2. when you give it to us indirectly: your information may be shared with us by other organizations. They should only do so in the way they have set out in their own Privacy Policy which you should check when you give your details.
  3. when you have given other organizations permission to share it: your information may be provided to us by other organizations if you have given them your permission. This might for example be a business working with us or when you buy a product or service from a third-party organization. The information we receive from other organizations depends on your settings or the optional responses you have given them.
  4. when you use one of the Sites: when you do, information about you is recorded and stored. See the information about the use of cookies under that heading below.
  5. when it is made available on social media: depending on your settings or the privacy policies applying for the social media and messaging services you use, like Facebook, Instagram or Twitter, you might give us permission to access information from those accounts or services.

The Purposes for Which We Collect Your Data

The information that we collect about you will be used for the following purposes:
  • to ensure that the content of our Services or Sites is presented in the most effective manner for you, in relation to preferences you have told us about;
  • to personalize and recommend content and information of potential interest;
  • to allow you to participate in interactive features, when you choose to do so;
  • to carry out our obligations arising from any contracts entered into between you and us;
  • to notify you about changes to our Services;
  • to notify you if and when one of your contacts or prospects interacts with a link you have asked us to create;
  • to display your information to your contacts so they can get in touch with you;
  • to contact you about our products and additional services, where you have consented that we may do so;
  • to send you our newsletter(s), where you have consented that we may do so;
  • to enable you to log on to different devices and have consistent information available across each device; and
  • to meet any other business purpose(s) that may emerge or change from time to time, to meet our obligation to you, the user.
We will never sell, license or rent your Personal Data to anyone.

Legal Justification for Processing Your Data

The use of your Personal Data for these Purposes set out above is lawful because one or more of the following applies:
  • it is necessary for us to hold and use your Personal Data so that we can perform our obligations under the contract we have entered into with you to provide the Services and help you build your business and assess and communicate with prospective clients; or
  • where the purpose of our processing is the provision of information or services to you, we may also rely on the fact that it is necessary for our legitimate interests in relation to providing the information or service requested, and given that you have made the request, would presume that there is no prejudice to you in our fulfilling your request;
  • it is in our economic legitimate interests to process your Personal Data
  • you have freely given a specific, informed and unambiguous indication in a data capture form of your consent to receiving information or recommendations about our products, additional services and sending you newsletters. You may withdraw this consent at any time by clicking the Unsubscribe link at the bottom of the message or by sending such a request to support@mysecureoffice.com, but this will not affect the lawfulness of processing of your data in accordance with your consent prior to withdrawal of your consent being received and actioned
  • you can request in writing, through mobile app or desktop app, to have your Personal Data removed completely from our systems

Contact Data

As part of our Services, you have the option of uploading some or all of your device contacts (Contact(s)).

You may ask us to create bespoke links to marketing material or ask us to send other communications to these Contact(s).

For the avoidance of doubt, you, as user of our Services, are the data controller in relation to the Contact(s) and their personal data and we are the data processors.

When you sign up to our Services, you will be asked to agree to the terms of a data processing agreement with us and which provides further detail of this arrangement, which requires that you distribute your own privacy notice to your Contact(s), and which will include information about us and our processing of the Contact(s)’ Personal Data.

You are not required to upload your Contact(s) to use our Services, so if you do not agree to the terms of our data processing agreement; please do not upload your Contact(s). Uploading your Contacts without a data processing agreement in place and without the Contacts having received a privacy notice from you will put you (or your employer, if doing this on behalf of your employer) in breach of [UK and] European data protection legislation, as well as the domestic laws of individual member states of the European Union and which could result in sanctions from the relevant data protection authority.

We ask you to enter into a data processing agreement with us because it is necessary for us (and you, as data controller) to meet our obligations under the GDPR.

Anti-Spam Policy

Spam is unsolicited email also known as UCE (Unsolicited Commercial Email).

We have a ‘no tolerance’ spam policy. Our customer support actively monitors large import lists and emails going to a large number of contacts. Any customer found to be using our Services for the purposes of sending spam will be immediately cut-off from use of the Services. If you know of or suspect any violators, please notify us immediately at support@mysecureoffice.com

As you will see in our data processing agreement, any Contact(s) which you upload or communicate with when using our Services or ask us to do so on your behalf must have a pre-existing business relationship with you (or there must be another lawful ground which you can rely upon to contact them) and must have been clearly and fully notified by you in advance by means of the sending of a privacy notice to them about the collection and use of his or her contact details by you.

This is echoed in our strict permission-based philosophies:

Communication - By accepting our data processing agreement and other terms, you have agreed to use only permission-based lists and never to sell or rent your lists.

Unsubscribe - Every email generated from our Services contains an unsubscribe link which allows your Contact(s) to opt-out of future emails and automatically updates your database of Contacts in order to avoid the chance of sending unwanted emails to visitors who have unsubscribed.

Contact Information - All of your emails are pre-filled with your Contacts’ information. You are required to make sure this information is up to date and accurate.

For more information, please contact Customer Support at support@mysecureoffice.com.

Security of Your Data

We understand the importance of keeping your personal information secure and take appropriate steps to safeguard it.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share this password with anyone.

We take precautions to protect your information. When you submit Personal Data when using our Services or Site, this is protected both online and offline. Wherever we collect Personal Data, it is encrypted and transmitted to us in a secure way.

We work to protect the security and unauthorized use of your information and data during transit by using Secure Sockets Layer (SSL) software. This encrypts information between our servers and the applications which form part of our Services. We also ensure that our apps are talking only to our servers through SSL pinning. If we store your password, it is encrypted in our database and we use password tokenization during login validation and data exchanges with our servers. 

We encrypt Personal Data transmitted online, we also protect your Personal Data offline. We always ensure only authorized persons have access to your information, which means only our employees and contractors, and that everyone who has access is appropriately trained to manage your information. Only employees and contractors who need access to the information to perform a specific and necessary function are granted access to Personal Data and we will do our best to ensure that that they act only in line with our Data Protection Policy and are under an appropriate duty of confidence. The computers/servers on which we store Personal Data are kept in a secure environment.

Please note, as no data transmissions over the internet can be guaranteed to be one hundred percent secure, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk. However, we will take all steps necessary to ensure that your Personal Data is treated securely in accordance with this Privacy Policy.

Transfers to Third-Parties

Your information [will/may] be passed to the following third parties:
  • third party services for the purpose of facilitating payment and the completion of your purchase of the Services. This third parties might be, for example, Apple's iTunes or Google Play stores, PayPal or Authoroize.net;
  • Deductr – If you elect to sign up for other services such as tax or learning manage systems, we will pass to them your name and email to provision your account with these third-party systems. 
  • Bronto for email campaigns for newsletters
  • TorchLMS or Light Speed - if you subscribe to our learning management system feature.
  • Achieve Today – when you subscribe to personal motivation content
  • Ziplingo – for delivery of mobile text
  • SendGrid – email relay service
The transfer of your Personal Data is lawful because it is necessary for us to perform our obligations under the contract we have entered into with you for the Purpose(s), or because it is necessary for the purposes of a legitimate interest pursued by us, or by a third party, and we have reasonably determined that these legitimate interests are not overridden by your fundamental rights and freedoms which require protection of the personal data.

When we transfer Personal Data to a third party, they are acting as an agent on our behalf. Sound Concepts, Inc. remains liable if such Personal Data is processed in a manner inconsistent with this policy, unless Sound Concepts, Inc. is able to prove that they are not responsible for the event giving rise to the claim.

We may also transfer your Personal Data where we are under a duty to disclose or share it in order to comply with a legal obligation. We are subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC).

Your Personal Data may also be transferred to another company in the event of the transfer of our assets to a third party. In that event, we will endeavor, where possible, to notify you prior to the event and offer you the chance to cease use of the Services and remove your Personal Data from our database. In any event, we will endeavor to ensure that your rights and freedoms in respect of the processing of your personal data are adequately and appropriately protected. If the transferee is based outside of the EU, the provisions of sub-paragraph (ii) below will also apply.

If you desire to not disclose your Personal Data to third parties by using our platform, then you can select the no sync option to limit this. However, limited data such as email or mobile number, might be provided to deliver correspondence to you via email or SMS. If you prefer to have no Personal Data disclosed to third parties, then please choose another provider.

(i) Outside the EU

We do send your Personal Data outside of the EU because our servers are based outside the EU, and our head office is outside the EU, in the United States. However, we meet our obligations under the applicable legislation by ensuring that any Personal Data we control has the same protection as if it were being held within the EU because we have self-certified ourselves under the EU-US Privacy Shield regime. For further details, please see our entry in the register for the Privacy Shield Framework here.

Where we transfer Personal Data outside the EU other than in the above circumstances, we will meet our obligations under the GDPR in relation to that transferee company:
  • by ensuring that the third party is certified under the EU-US Privacy Shield Framework; or
  • by entering into model EU clauses with them concerning the protection of your Personal Data
  • where they form part of our group of companies, by establishing a set of binding corporate rules; or
  • because the Information Commissioner has made a positive finding of adequacy in relation to the territory in which the sub-processor is based and to which your Personal Data may be transferred.
Sound Concepts, Inc. complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Sound Concepts, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Dispute and Unresolved Dispute Resolution

In compliance with the Privacy Shield Principles, Sound Concepts, Inc. commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Sound Concepts, Inc. at: support@mysecureoffice.com 

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

You have the right, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by Sound Concepts, Inc. or through TurstArc, our third-party dispute resolution provider. More information can be found at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction

Storage of Data
Your information will be always be stored in accordance with our Data Retention Policy and in any event, only for so long as is reasonably necessary in order to carry out the Purpose(s).

Where we rely on your consent to contact you for direct marketing purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. This will usually be for [two] years. We may periodically ask you to renew your consent. If you ask us to stop contacting you with marketing materials, we will keep a record of your contact details and limited information needed to ensure we comply with your request.

Cookies

Cookies are small text files that are placed on your computer by apps that you use or websites that you visit. They are widely used in order to make apps or websites work, or work more efficiently, as well as to provide information to us. The table below explains the cookies we use and why. We do not do this to track individual users or to identify them, but to gain useful knowledge about how users use the Services and Site, so that we can keep improving it for you.

The law states that we can store cookies on your machine if they are essential to the operation of the Services and Sites but that for all other purposes, we need your permission to do so.

Below is a table of non-essential cookies which we also store about your use of the Sites:


If you do not wish to receive cookies from us or on any other website, you can turn cookies off on your web browser: please follow your browser provider’s instructions in order to do so. In a few cases, some of our Services and Sites’ features may not function as a result. Most web browsers allow some control of cookies through its settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org, www.allaboutcookies.org or www.civicuk.com/cookie-control/browser-settings.

Your Rights Under EU and other Data Protection Laws

You have the right to request details of the processing activities that we carry out with your Personal Data through making a Subject Access Request. Such requests have to be made in writing. More details about how to make a request, and the procedure to be followed, can be found in our Data Protection Policy. To make a request, please contact us at Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

You also have the following rights:
  • the right to request rectification of information that is inaccurate or out of date;
  • the right to erasure of your information (known as the “right to be forgotten”);
  • the right to object to the way in which we are dealing with and using your information; and
  • the right to request that your information be provided to you in a format that is secure and suitable for re-use (known as the “right to portability”);
  • rights in relation to automated decision making and profiling including profiling for marketing purposes.

All of these rights are subject to certain safeguards and exemptions, further details of which can be found in our Data Protection Policy. To exercise any of these rights, you should contact [Dayne Deader, Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

If you are not happy with the way in which we have processed or dealt with your information, you can complain to the Information Commissioner’s Office. Further details about how to complain can be found here

Children

Our services are not intended for anyone under sixteen and we do not knowingly collect personal information from anyone under sixteen.

Use of Aggregated/Anonymized Data

We may use information obtained about you from monitoring your use of the Services and Sites solely for internal purposes, including the performance and evaluation of the Services and Sites. Data collected by monitoring will be aggregated and anonymized.

We are entitled to do this because the resulting data will not personally identify you and will therefore no longer constitute personal data for the purposes of data protection laws.

We may also use the information we gather to notify you about important functionality changes and alterations to the Services and Sites, or offer of products, services or information that might be of particular interest to you (where you have consented to this).

The use of your information for these purposes is lawful because it is necessary for the purposes of legitimate interests pursued by us, our application and our website developers in order to keep the Services and Sites up to date and provide additional services to our users from time to time.

Mailing Lists

If you subscribe to our mailing lists for news releases and other information, we may also ask you to answer various general questions about yourself. You will be asked to specify the areas in which you are interested so that we can tailor the information which we send to you to cover the new products and special offers which we believe you might be interested in.

Newsletter

If you subscribe to our newsletter and at any time you wish to stop receiving this or any other information you may have requested from us or any other company, please email or write to support@mysecureoffice.com or click the Unsubscribe/Opt-out link at the bottom of any newsletter you may receive from us.

Amendments to this Privacy Policy

We may occasionally modify this Privacy Policy, such variations becoming effective thirty days after posting to the Sites and of which we shall send you notification of such variations based on your notification preference.
Translations Coming Soon
PRIVACY POLICY
Owner: Sound Concepts, Inc of 782 S. Auto Mall Drive Suite A, American Fork, UT 84003, United States (we/us).

Services: We use a platform called Brightools, which is a sales automation tool designed to help you share your story with others. Namely, we supply program applications to help you build your business, assess and communicate with [prospective clients and [your customers], help manage leads and share digital content on social media and messaging platforms. (Services).

Sites: We also have three websites where you can sign up to our Services or find out more information about what we do: https://www.soundconcepts.com/, http://brightools.com/ and http://mybuildersystem.com. (Sites).

At Sound Concepts Inc., we take data privacy very seriously. The following information sets out the uses to which we will put the information that we have about you and the legal basis for doing so, as well as explaining to you the rights that you have over the way that we use your information. This policy should be read in conjunction with our Data Retention Policy and Data Protection Policy.

For the purposes of the General Data Protection Regulation (GDPR), and [any subsequent EU member state legislation covering data protection], we are the data controller for the contact details, billing details and other account information we collect from our users in the EU upon registration to our Services on one of the Sites namely the entity that collects and processes your data for various purposes, including asking one or more third parties to do so on our behalf, details of which are set out below (where applicable). However, you remain the data controller for all personal data of your device contacts (see the ‘Contact Data’ section below for more details).  

As we are based outside the European Union (EU) and as required by the GDPR, we have appointed a representative who will deal with all data protection related queries on our behalf. Please address all queries relating to this policy and/or data protection more generally to [Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

Your Personal Data

In order to use our Services, basic user information about you is collected upon registration, either by us or by a third party authorized to do so. The information we collect about you might include the following:
  • first name
  • last name
  • email (for login)
  • username
  • phone number
  • distributor or member number
  • social networks
  • personal bio
  • If applicable, payment information, including your credit card details and billing address
  • decisions made by you when using our Services or the Sites (such as notification preferences)
  • specific information about the device you use and manner in which you choose to access our Services, such as the hardware model and operating system version of your device, any advertising identifier, unique application identifiers, unique device identifiers, browser type, language, OS version, push tokens, time zone, how the app is used and wireless network used;
  • any preferences which you tell us about when using our Services or the Sites, such as language, market in which your business operates, notifications and screen display.

How we collect information

Personal Data will be collected when you sign up to our Services and in the course of your use of the Services and the Sites.

We may collect information from you whenever you contact us or have any involvement with us for example when you:
  • enquire about our activities or services
  • sign up to receive news about our activities
  • create a user account with us
  • engage with our platform or services
  • attend a meeting with us and provide us with information
  • contact us in any way including online, email, phone, SMS, social media or post
  • from 3rd party companies that you are affiliated with.

Where we collect information from

We collect information:
  1. from you when you give it to us directly: you may provide your details when you ask us for information, sign up for a user account, or contact us for any other reason. Your information may be collected by an organization we are working with, but we are still responsible for your information.
  2. when you give it to us indirectly: your information may be shared with us by other organizations. They should only do so in the way they have set out in their own Privacy Policy which you should check when you give your details.
  3. when you have given other organizations permission to share it: your information may be provided to us by other organizations if you have given them your permission. This might for example be a business working with us or when you buy a product or service from a third-party organization. The information we receive from other organizations depends on your settings or the optional responses you have given them.
  4. when you use one of the Sites: when you do, information about you is recorded and stored. See the information about the use of cookies under that heading below.
  5. when it is made available on social media: depending on your settings or the privacy policies applying for the social media and messaging services you use, like Facebook, Instagram or Twitter, you might give us permission to access information from those accounts or services.

The Purposes for Which We Collect Your Data

The information that we collect about you will be used for the following purposes:
  • to ensure that the content of our Services or Sites is presented in the most effective manner for you, in relation to preferences you have told us about;
  • to personalize and recommend content and information of potential interest;
  • to allow you to participate in interactive features, when you choose to do so;
  • to carry out our obligations arising from any contracts entered into between you and us;
  • to notify you about changes to our Services;
  • to notify you if and when one of your contacts or prospects interacts with a link you have asked us to create;
  • to display your information to your contacts so they can get in touch with you;
  • to contact you about our products and additional services, where you have consented that we may do so;
  • to send you our newsletter(s), where you have consented that we may do so;
  • to enable you to log on to different devices and have consistent information available across each device; and
  • to meet any other business purpose(s) that may emerge or change from time to time, to meet our obligation to you, the user.
We will never sell, license or rent your Personal Data to anyone.

Legal Justification for Processing Your Data

The use of your Personal Data for these Purposes set out above is lawful because one or more of the following applies:
  • it is necessary for us to hold and use your Personal Data so that we can perform our obligations under the contract we have entered into with you to provide the Services and help you build your business and assess and communicate with prospective clients; or
  • where the purpose of our processing is the provision of information or services to you, we may also rely on the fact that it is necessary for our legitimate interests in relation to providing the information or service requested, and given that you have made the request, would presume that there is no prejudice to you in our fulfilling your request;
  • it is in our economic legitimate interests to process your Personal Data
  • you have freely given a specific, informed and unambiguous indication in a data capture form of your consent to receiving information or recommendations about our products, additional services and sending you newsletters. You may withdraw this consent at any time by clicking the Unsubscribe link at the bottom of the message or by sending such a request to support@mysecureoffice.com, but this will not affect the lawfulness of processing of your data in accordance with your consent prior to withdrawal of your consent being received and actioned
  • you can request in writing, through mobile app or desktop app, to have your Personal Data removed completely from our systems

Contact Data

As part of our Services, you have the option of uploading some or all of your device contacts (Contact(s)).

You may ask us to create bespoke links to marketing material or ask us to send other communications to these Contact(s).

For the avoidance of doubt, you, as user of our Services, are the data controller in relation to the Contact(s) and their personal data and we are the data processors.

When you sign up to our Services, you will be asked to agree to the terms of a data processing agreement with us and which provides further detail of this arrangement, which requires that you distribute your own privacy notice to your Contact(s), and which will include information about us and our processing of the Contact(s)’ Personal Data.

You are not required to upload your Contact(s) to use our Services, so if you do not agree to the terms of our data processing agreement; please do not upload your Contact(s). Uploading your Contacts without a data processing agreement in place and without the Contacts having received a privacy notice from you will put you (or your employer, if doing this on behalf of your employer) in breach of [UK and] European data protection legislation, as well as the domestic laws of individual member states of the European Union and which could result in sanctions from the relevant data protection authority.

We ask you to enter into a data processing agreement with us because it is necessary for us (and you, as data controller) to meet our obligations under the GDPR.

Anti-Spam Policy

Spam is unsolicited email also known as UCE (Unsolicited Commercial Email).

We have a ‘no tolerance’ spam policy. Our customer support actively monitors large import lists and emails going to a large number of contacts. Any customer found to be using our Services for the purposes of sending spam will be immediately cut-off from use of the Services. If you know of or suspect any violators, please notify us immediately at support@mysecureoffice.com

As you will see in our data processing agreement, any Contact(s) which you upload or communicate with when using our Services or ask us to do so on your behalf must have a pre-existing business relationship with you (or there must be another lawful ground which you can rely upon to contact them) and must have been clearly and fully notified by you in advance by means of the sending of a privacy notice to them about the collection and use of his or her contact details by you.

This is echoed in our strict permission-based philosophies:

Communication - By accepting our data processing agreement and other terms, you have agreed to use only permission-based lists and never to sell or rent your lists.

Unsubscribe - Every email generated from our Services contains an unsubscribe link which allows your Contact(s) to opt-out of future emails and automatically updates your database of Contacts in order to avoid the chance of sending unwanted emails to visitors who have unsubscribed.

Contact Information - All of your emails are pre-filled with your Contacts’ information. You are required to make sure this information is up to date and accurate.

For more information, please contact Customer Support at support@mysecureoffice.com.

Security of Your Data

We understand the importance of keeping your personal information secure and take appropriate steps to safeguard it.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share this password with anyone.

We take precautions to protect your information. When you submit Personal Data when using our Services or Site, this is protected both online and offline. Wherever we collect Personal Data, it is encrypted and transmitted to us in a secure way.

We work to protect the security and unauthorized use of your information and data during transit by using Secure Sockets Layer (SSL) software. This encrypts information between our servers and the applications which form part of our Services. We also ensure that our apps are talking only to our servers through SSL pinning. If we store your password, it is encrypted in our database and we use password tokenization during login validation and data exchanges with our servers. 

We encrypt Personal Data transmitted online, we also protect your Personal Data offline. We always ensure only authorized persons have access to your information, which means only our employees and contractors, and that everyone who has access is appropriately trained to manage your information. Only employees and contractors who need access to the information to perform a specific and necessary function are granted access to Personal Data and we will do our best to ensure that that they act only in line with our Data Protection Policy and are under an appropriate duty of confidence. The computers/servers on which we store Personal Data are kept in a secure environment.

Please note, as no data transmissions over the internet can be guaranteed to be one hundred percent secure, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk. However, we will take all steps necessary to ensure that your Personal Data is treated securely in accordance with this Privacy Policy.

Transfers to Third-Parties

Your information [will/may] be passed to the following third parties:
  • third party services for the purpose of facilitating payment and the completion of your purchase of the Services. This third parties might be, for example, Apple's iTunes or Google Play stores, PayPal or Authoroize.net;
  • Deductr – If you elect to sign up for other services such as tax or learning manage systems, we will pass to them your name and email to provision your account with these third-party systems. 
  • Bronto for email campaigns for newsletters
  • TorchLMS or Light Speed - if you subscribe to our learning management system feature.
  • Achieve Today – when you subscribe to personal motivation content
  • Ziplingo – for delivery of mobile text
  • SendGrid – email relay service
The transfer of your Personal Data is lawful because it is necessary for us to perform our obligations under the contract we have entered into with you for the Purpose(s), or because it is necessary for the purposes of a legitimate interest pursued by us, or by a third party, and we have reasonably determined that these legitimate interests are not overridden by your fundamental rights and freedoms which require protection of the personal data.

When we transfer Personal Data to a third party, they are acting as an agent on our behalf. Sound Concepts, Inc. remains liable if such Personal Data is processed in a manner inconsistent with this policy, unless Sound Concepts, Inc. is able to prove that they are not responsible for the event giving rise to the claim.

We may also transfer your Personal Data where we are under a duty to disclose or share it in order to comply with a legal obligation. We are subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC).

Your Personal Data may also be transferred to another company in the event of the transfer of our assets to a third party. In that event, we will endeavor, where possible, to notify you prior to the event and offer you the chance to cease use of the Services and remove your Personal Data from our database. In any event, we will endeavor to ensure that your rights and freedoms in respect of the processing of your personal data are adequately and appropriately protected. If the transferee is based outside of the EU, the provisions of sub-paragraph (ii) below will also apply.

If you desire to not disclose your Personal Data to third parties by using our platform, then you can select the no sync option to limit this. However, limited data such as email or mobile number, might be provided to deliver correspondence to you via email or SMS. If you prefer to have no Personal Data disclosed to third parties, then please choose another provider.

(i) Outside the EU

We do send your Personal Data outside of the EU because our servers are based outside the EU, and our head office is outside the EU, in the United States. However, we meet our obligations under the applicable legislation by ensuring that any Personal Data we control has the same protection as if it were being held within the EU because we have self-certified ourselves under the EU-US Privacy Shield regime. For further details, please see our entry in the register for the Privacy Shield Framework here.

Where we transfer Personal Data outside the EU other than in the above circumstances, we will meet our obligations under the GDPR in relation to that transferee company:
  • by ensuring that the third party is certified under the EU-US Privacy Shield Framework; or
  • by entering into model EU clauses with them concerning the protection of your Personal Data
  • where they form part of our group of companies, by establishing a set of binding corporate rules; or
  • because the Information Commissioner has made a positive finding of adequacy in relation to the territory in which the sub-processor is based and to which your Personal Data may be transferred.
Sound Concepts, Inc. complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Sound Concepts, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Dispute and Unresolved Dispute Resolution

In compliance with the Privacy Shield Principles, Sound Concepts, Inc. commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Sound Concepts, Inc. at: support@mysecureoffice.com 

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

You have the right, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by Sound Concepts, Inc. or through TurstArc, our third-party dispute resolution provider. More information can be found at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction

Storage of Data
Your information will be always be stored in accordance with our Data Retention Policy and in any event, only for so long as is reasonably necessary in order to carry out the Purpose(s).

Where we rely on your consent to contact you for direct marketing purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. This will usually be for [two] years. We may periodically ask you to renew your consent. If you ask us to stop contacting you with marketing materials, we will keep a record of your contact details and limited information needed to ensure we comply with your request.

Cookies

Cookies are small text files that are placed on your computer by apps that you use or websites that you visit. They are widely used in order to make apps or websites work, or work more efficiently, as well as to provide information to us. The table below explains the cookies we use and why. We do not do this to track individual users or to identify them, but to gain useful knowledge about how users use the Services and Site, so that we can keep improving it for you.

The law states that we can store cookies on your machine if they are essential to the operation of the Services and Sites but that for all other purposes, we need your permission to do so.

Below is a table of non-essential cookies which we also store about your use of the Sites:


If you do not wish to receive cookies from us or on any other website, you can turn cookies off on your web browser: please follow your browser provider’s instructions in order to do so. In a few cases, some of our Services and Sites’ features may not function as a result. Most web browsers allow some control of cookies through its settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org, www.allaboutcookies.org or www.civicuk.com/cookie-control/browser-settings.

Your Rights Under EU and other Data Protection Laws

You have the right to request details of the processing activities that we carry out with your Personal Data through making a Subject Access Request. Such requests have to be made in writing. More details about how to make a request, and the procedure to be followed, can be found in our Data Protection Policy. To make a request, please contact us at Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

You also have the following rights:
  • the right to request rectification of information that is inaccurate or out of date;
  • the right to erasure of your information (known as the “right to be forgotten”);
  • the right to object to the way in which we are dealing with and using your information; and
  • the right to request that your information be provided to you in a format that is secure and suitable for re-use (known as the “right to portability”);
  • rights in relation to automated decision making and profiling including profiling for marketing purposes.

All of these rights are subject to certain safeguards and exemptions, further details of which can be found in our Data Protection Policy. To exercise any of these rights, you should contact [Dayne Deader, Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

If you are not happy with the way in which we have processed or dealt with your information, you can complain to the Information Commissioner’s Office. Further details about how to complain can be found here

Children

Our services are not intended for anyone under sixteen and we do not knowingly collect personal information from anyone under sixteen.

Use of Aggregated/Anonymized Data

We may use information obtained about you from monitoring your use of the Services and Sites solely for internal purposes, including the performance and evaluation of the Services and Sites. Data collected by monitoring will be aggregated and anonymized.

We are entitled to do this because the resulting data will not personally identify you and will therefore no longer constitute personal data for the purposes of data protection laws.

We may also use the information we gather to notify you about important functionality changes and alterations to the Services and Sites, or offer of products, services or information that might be of particular interest to you (where you have consented to this).

The use of your information for these purposes is lawful because it is necessary for the purposes of legitimate interests pursued by us, our application and our website developers in order to keep the Services and Sites up to date and provide additional services to our users from time to time.

Mailing Lists

If you subscribe to our mailing lists for news releases and other information, we may also ask you to answer various general questions about yourself. You will be asked to specify the areas in which you are interested so that we can tailor the information which we send to you to cover the new products and special offers which we believe you might be interested in.

Newsletter

If you subscribe to our newsletter and at any time you wish to stop receiving this or any other information you may have requested from us or any other company, please email or write to support@mysecureoffice.com or click the Unsubscribe/Opt-out link at the bottom of any newsletter you may receive from us.

Amendments to this Privacy Policy

We may occasionally modify this Privacy Policy, such variations becoming effective thirty days after posting to the Sites and of which we shall send you notification of such variations based on your notification preference.
Translations Coming Soon
PRIVACY POLICY
Owner: Sound Concepts, Inc of 782 S. Auto Mall Drive Suite A, American Fork, UT 84003, United States (we/us).

Services: We use a platform called Brightools, which is a sales automation tool designed to help you share your story with others. Namely, we supply program applications to help you build your business, assess and communicate with [prospective clients and [your customers], help manage leads and share digital content on social media and messaging platforms. (Services).

Sites: We also have three websites where you can sign up to our Services or find out more information about what we do: https://www.soundconcepts.com/, http://brightools.com/ and http://mybuildersystem.com. (Sites).

At Sound Concepts Inc., we take data privacy very seriously. The following information sets out the uses to which we will put the information that we have about you and the legal basis for doing so, as well as explaining to you the rights that you have over the way that we use your information. This policy should be read in conjunction with our Data Retention Policy and Data Protection Policy.

For the purposes of the General Data Protection Regulation (GDPR), and [any subsequent EU member state legislation covering data protection], we are the data controller for the contact details, billing details and other account information we collect from our users in the EU upon registration to our Services on one of the Sites namely the entity that collects and processes your data for various purposes, including asking one or more third parties to do so on our behalf, details of which are set out below (where applicable). However, you remain the data controller for all personal data of your device contacts (see the ‘Contact Data’ section below for more details).  

As we are based outside the European Union (EU) and as required by the GDPR, we have appointed a representative who will deal with all data protection related queries on our behalf. Please address all queries relating to this policy and/or data protection more generally to [Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

Your Personal Data

In order to use our Services, basic user information about you is collected upon registration, either by us or by a third party authorized to do so. The information we collect about you might include the following:
  • first name
  • last name
  • email (for login)
  • username
  • phone number
  • distributor or member number
  • social networks
  • personal bio
  • If applicable, payment information, including your credit card details and billing address
  • decisions made by you when using our Services or the Sites (such as notification preferences)
  • specific information about the device you use and manner in which you choose to access our Services, such as the hardware model and operating system version of your device, any advertising identifier, unique application identifiers, unique device identifiers, browser type, language, OS version, push tokens, time zone, how the app is used and wireless network used;
  • any preferences which you tell us about when using our Services or the Sites, such as language, market in which your business operates, notifications and screen display.

How we collect information

Personal Data will be collected when you sign up to our Services and in the course of your use of the Services and the Sites.

We may collect information from you whenever you contact us or have any involvement with us for example when you:
  • enquire about our activities or services
  • sign up to receive news about our activities
  • create a user account with us
  • engage with our platform or services
  • attend a meeting with us and provide us with information
  • contact us in any way including online, email, phone, SMS, social media or post
  • from 3rd party companies that you are affiliated with.

Where we collect information from

We collect information:
  1. from you when you give it to us directly: you may provide your details when you ask us for information, sign up for a user account, or contact us for any other reason. Your information may be collected by an organization we are working with, but we are still responsible for your information.
  2. when you give it to us indirectly: your information may be shared with us by other organizations. They should only do so in the way they have set out in their own Privacy Policy which you should check when you give your details.
  3. when you have given other organizations permission to share it: your information may be provided to us by other organizations if you have given them your permission. This might for example be a business working with us or when you buy a product or service from a third-party organization. The information we receive from other organizations depends on your settings or the optional responses you have given them.
  4. when you use one of the Sites: when you do, information about you is recorded and stored. See the information about the use of cookies under that heading below.
  5. when it is made available on social media: depending on your settings or the privacy policies applying for the social media and messaging services you use, like Facebook, Instagram or Twitter, you might give us permission to access information from those accounts or services.

The Purposes for Which We Collect Your Data

The information that we collect about you will be used for the following purposes:
  • to ensure that the content of our Services or Sites is presented in the most effective manner for you, in relation to preferences you have told us about;
  • to personalize and recommend content and information of potential interest;
  • to allow you to participate in interactive features, when you choose to do so;
  • to carry out our obligations arising from any contracts entered into between you and us;
  • to notify you about changes to our Services;
  • to notify you if and when one of your contacts or prospects interacts with a link you have asked us to create;
  • to display your information to your contacts so they can get in touch with you;
  • to contact you about our products and additional services, where you have consented that we may do so;
  • to send you our newsletter(s), where you have consented that we may do so;
  • to enable you to log on to different devices and have consistent information available across each device; and
  • to meet any other business purpose(s) that may emerge or change from time to time, to meet our obligation to you, the user.
We will never sell, license or rent your Personal Data to anyone.

Legal Justification for Processing Your Data

The use of your Personal Data for these Purposes set out above is lawful because one or more of the following applies:
  • it is necessary for us to hold and use your Personal Data so that we can perform our obligations under the contract we have entered into with you to provide the Services and help you build your business and assess and communicate with prospective clients; or
  • where the purpose of our processing is the provision of information or services to you, we may also rely on the fact that it is necessary for our legitimate interests in relation to providing the information or service requested, and given that you have made the request, would presume that there is no prejudice to you in our fulfilling your request;
  • it is in our economic legitimate interests to process your Personal Data
  • you have freely given a specific, informed and unambiguous indication in a data capture form of your consent to receiving information or recommendations about our products, additional services and sending you newsletters. You may withdraw this consent at any time by clicking the Unsubscribe link at the bottom of the message or by sending such a request to support@mysecureoffice.com, but this will not affect the lawfulness of processing of your data in accordance with your consent prior to withdrawal of your consent being received and actioned
  • you can request in writing, through mobile app or desktop app, to have your Personal Data removed completely from our systems

Contact Data

As part of our Services, you have the option of uploading some or all of your device contacts (Contact(s)).

You may ask us to create bespoke links to marketing material or ask us to send other communications to these Contact(s).

For the avoidance of doubt, you, as user of our Services, are the data controller in relation to the Contact(s) and their personal data and we are the data processors.

When you sign up to our Services, you will be asked to agree to the terms of a data processing agreement with us and which provides further detail of this arrangement, which requires that you distribute your own privacy notice to your Contact(s), and which will include information about us and our processing of the Contact(s)’ Personal Data.

You are not required to upload your Contact(s) to use our Services, so if you do not agree to the terms of our data processing agreement; please do not upload your Contact(s). Uploading your Contacts without a data processing agreement in place and without the Contacts having received a privacy notice from you will put you (or your employer, if doing this on behalf of your employer) in breach of [UK and] European data protection legislation, as well as the domestic laws of individual member states of the European Union and which could result in sanctions from the relevant data protection authority.

We ask you to enter into a data processing agreement with us because it is necessary for us (and you, as data controller) to meet our obligations under the GDPR.

Anti-Spam Policy

Spam is unsolicited email also known as UCE (Unsolicited Commercial Email).

We have a ‘no tolerance’ spam policy. Our customer support actively monitors large import lists and emails going to a large number of contacts. Any customer found to be using our Services for the purposes of sending spam will be immediately cut-off from use of the Services. If you know of or suspect any violators, please notify us immediately at support@mysecureoffice.com

As you will see in our data processing agreement, any Contact(s) which you upload or communicate with when using our Services or ask us to do so on your behalf must have a pre-existing business relationship with you (or there must be another lawful ground which you can rely upon to contact them) and must have been clearly and fully notified by you in advance by means of the sending of a privacy notice to them about the collection and use of his or her contact details by you.

This is echoed in our strict permission-based philosophies:

Communication - By accepting our data processing agreement and other terms, you have agreed to use only permission-based lists and never to sell or rent your lists.

Unsubscribe - Every email generated from our Services contains an unsubscribe link which allows your Contact(s) to opt-out of future emails and automatically updates your database of Contacts in order to avoid the chance of sending unwanted emails to visitors who have unsubscribed.

Contact Information - All of your emails are pre-filled with your Contacts’ information. You are required to make sure this information is up to date and accurate.

For more information, please contact Customer Support at support@mysecureoffice.com.

Security of Your Data

We understand the importance of keeping your personal information secure and take appropriate steps to safeguard it.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share this password with anyone.

We take precautions to protect your information. When you submit Personal Data when using our Services or Site, this is protected both online and offline. Wherever we collect Personal Data, it is encrypted and transmitted to us in a secure way.

We work to protect the security and unauthorized use of your information and data during transit by using Secure Sockets Layer (SSL) software. This encrypts information between our servers and the applications which form part of our Services. We also ensure that our apps are talking only to our servers through SSL pinning. If we store your password, it is encrypted in our database and we use password tokenization during login validation and data exchanges with our servers. 

We encrypt Personal Data transmitted online, we also protect your Personal Data offline. We always ensure only authorized persons have access to your information, which means only our employees and contractors, and that everyone who has access is appropriately trained to manage your information. Only employees and contractors who need access to the information to perform a specific and necessary function are granted access to Personal Data and we will do our best to ensure that that they act only in line with our Data Protection Policy and are under an appropriate duty of confidence. The computers/servers on which we store Personal Data are kept in a secure environment.

Please note, as no data transmissions over the internet can be guaranteed to be one hundred percent secure, we cannot ensure or warrant the security of any information you transmit to us and you do so at your own risk. However, we will take all steps necessary to ensure that your Personal Data is treated securely in accordance with this Privacy Policy.

Transfers to Third-Parties

Your information [will/may] be passed to the following third parties:
  • third party services for the purpose of facilitating payment and the completion of your purchase of the Services. This third parties might be, for example, Apple's iTunes or Google Play stores, PayPal or Authoroize.net;
  • Deductr – If you elect to sign up for other services such as tax or learning manage systems, we will pass to them your name and email to provision your account with these third-party systems. 
  • Bronto for email campaigns for newsletters
  • TorchLMS or Light Speed - if you subscribe to our learning management system feature.
  • Achieve Today – when you subscribe to personal motivation content
  • Ziplingo – for delivery of mobile text
  • SendGrid – email relay service
The transfer of your Personal Data is lawful because it is necessary for us to perform our obligations under the contract we have entered into with you for the Purpose(s), or because it is necessary for the purposes of a legitimate interest pursued by us, or by a third party, and we have reasonably determined that these legitimate interests are not overridden by your fundamental rights and freedoms which require protection of the personal data.

When we transfer Personal Data to a third party, they are acting as an agent on our behalf. Sound Concepts, Inc. remains liable if such Personal Data is processed in a manner inconsistent with this policy, unless Sound Concepts, Inc. is able to prove that they are not responsible for the event giving rise to the claim.

We may also transfer your Personal Data where we are under a duty to disclose or share it in order to comply with a legal obligation. We are subject to the investigatory and enforcement powers of the United States Federal Trade Commission (FTC).

Your Personal Data may also be transferred to another company in the event of the transfer of our assets to a third party. In that event, we will endeavor, where possible, to notify you prior to the event and offer you the chance to cease use of the Services and remove your Personal Data from our database. In any event, we will endeavor to ensure that your rights and freedoms in respect of the processing of your personal data are adequately and appropriately protected. If the transferee is based outside of the EU, the provisions of sub-paragraph (ii) below will also apply.

If you desire to not disclose your Personal Data to third parties by using our platform, then you can select the no sync option to limit this. However, limited data such as email or mobile number, might be provided to deliver correspondence to you via email or SMS. If you prefer to have no Personal Data disclosed to third parties, then please choose another provider.

(i) Outside the EU

We do send your Personal Data outside of the EU because our servers are based outside the EU, and our head office is outside the EU, in the United States. However, we meet our obligations under the applicable legislation by ensuring that any Personal Data we control has the same protection as if it were being held within the EU because we have self-certified ourselves under the EU-US Privacy Shield regime. For further details, please see our entry in the register for the Privacy Shield Framework here.

Where we transfer Personal Data outside the EU other than in the above circumstances, we will meet our obligations under the GDPR in relation to that transferee company:
  • by ensuring that the third party is certified under the EU-US Privacy Shield Framework; or
  • by entering into model EU clauses with them concerning the protection of your Personal Data
  • where they form part of our group of companies, by establishing a set of binding corporate rules; or
  • because the Information Commissioner has made a positive finding of adequacy in relation to the territory in which the sub-processor is based and to which your Personal Data may be transferred.
Sound Concepts, Inc. complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Sound Concepts, Inc. has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Dispute and Unresolved Dispute Resolution

In compliance with the Privacy Shield Principles, Sound Concepts, Inc. commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Sound Concepts, Inc. at: support@mysecureoffice.com 

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

You have the right, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by Sound Concepts, Inc. or through TurstArc, our third-party dispute resolution provider. More information can be found at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction

Storage of Data
Your information will be always be stored in accordance with our Data Retention Policy and in any event, only for so long as is reasonably necessary in order to carry out the Purpose(s).

Where we rely on your consent to contact you for direct marketing purposes, we will treat your consent as lasting only for as long as it is reasonable to do so. This will usually be for [two] years. We may periodically ask you to renew your consent. If you ask us to stop contacting you with marketing materials, we will keep a record of your contact details and limited information needed to ensure we comply with your request.

Cookies

Cookies are small text files that are placed on your computer by apps that you use or websites that you visit. They are widely used in order to make apps or websites work, or work more efficiently, as well as to provide information to us. The table below explains the cookies we use and why. We do not do this to track individual users or to identify them, but to gain useful knowledge about how users use the Services and Site, so that we can keep improving it for you.

The law states that we can store cookies on your machine if they are essential to the operation of the Services and Sites but that for all other purposes, we need your permission to do so.

Below is a table of non-essential cookies which we also store about your use of the Sites:


If you do not wish to receive cookies from us or on any other website, you can turn cookies off on your web browser: please follow your browser provider’s instructions in order to do so. In a few cases, some of our Services and Sites’ features may not function as a result. Most web browsers allow some control of cookies through its settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org, www.allaboutcookies.org or www.civicuk.com/cookie-control/browser-settings.

Your Rights Under EU and other Data Protection Laws

You have the right to request details of the processing activities that we carry out with your Personal Data through making a Subject Access Request. Such requests have to be made in writing. More details about how to make a request, and the procedure to be followed, can be found in our Data Protection Policy. To make a request, please contact us at Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

You also have the following rights:
  • the right to request rectification of information that is inaccurate or out of date;
  • the right to erasure of your information (known as the “right to be forgotten”);
  • the right to object to the way in which we are dealing with and using your information; and
  • the right to request that your information be provided to you in a format that is secure and suitable for re-use (known as the “right to portability”);
  • rights in relation to automated decision making and profiling including profiling for marketing purposes.

All of these rights are subject to certain safeguards and exemptions, further details of which can be found in our Data Protection Policy. To exercise any of these rights, you should contact [Dayne Deader, Data Protection Officer/Systems Engineer, Sound Concepts, Inc., 782 South Auto Mall Dr. Suite A, American Fork, UT 84003 or by email at sysadmin@soundconcepts.com].

If you are not happy with the way in which we have processed or dealt with your information, you can complain to the Information Commissioner’s Office. Further details about how to complain can be found here

Children

Our services are not intended for anyone under sixteen and we do not knowingly collect personal information from anyone under sixteen.

Use of Aggregated/Anonymized Data

We may use information obtained about you from monitoring your use of the Services and Sites solely for internal purposes, including the performance and evaluation of the Services and Sites. Data collected by monitoring will be aggregated and anonymized.

We are entitled to do this because the resulting data will not personally identify you and will therefore no longer constitute personal data for the purposes of data protection laws.

We may also use the information we gather to notify you about important functionality changes and alterations to the Services and Sites, or offer of products, services or information that might be of particular interest to you (where you have consented to this).

The use of your information for these purposes is lawful because it is necessary for the purposes of legitimate interests pursued by us, our application and our website developers in order to keep the Services and Sites up to date and provide additional services to our users from time to time.

Mailing Lists

If you subscribe to our mailing lists for news releases and other information, we may also ask you to answer various general questions about yourself. You will be asked to specify the areas in which you are interested so that we can tailor the information which we send to you to cover the new products and special offers which we believe you might be interested in.

Newsletter

If you subscribe to our newsletter and at any time you wish to stop receiving this or any other information you may have requested from us or any other company, please email or write to support@mysecureoffice.com or click the Unsubscribe/Opt-out link at the bottom of any newsletter you may receive from us.

Amendments to this Privacy Policy

We may occasionally modify this Privacy Policy, such variations becoming effective thirty days after posting to the Sites and of which we shall send you notification of such variations based on your notification preference.