Privacy Policy

Our Commitment to Privacy

Cority respects the privacy of every individual who visits our corporate websites at www.Cority.com and related websites, sends us e-mail, uses our applications on a hosted environment, or utilizes our support portal. This Privacy Policy outlines the information Cority will collect and how we will use that information. This explanation will instruct you on what to do if you do not want your personal information collected or shared when you visit our web sites. Cority’s Privacy Policy is subject to periodic change. We respect your right to privacy and protect your personal data.

Information We Collect

The following are some examples of when Cority may require that you provide personally identifiable information: (1) To complete an online form for a product or service surveys (if you do not wish to complete an online form, we will always provide an option for you to complete an order by calling a phone number); (2) To request more information about new or current Cority products or services. We use the information to contact customers to further discuss customer interest in our company, the services that we provide, and to send information regarding our company. Cority does not sell, transfer or provide any personally identifiable information to third parties, except for data processors for our hosted product as noted below under the section titled “Third Parties”, and complies with the EU General Data Protection Regulations (GDPR) and the California Consumer Privacy Act (CCPA).

Respect of the Rights of Individuals

Customers of Cority hosted software services will be using Cority-provided infrastructure to host data and information. Cority will not release such customer employee data except on the explicit written instructions of an approved officer of the Customer or as otherwise required by law. Individual records may at times be viewed or accessed by Cority to resolve a problem, provide user support, to investigate a customer’s compliance with our terms and conditions, or as may be required by law.

Customers are responsible for compliance with applicable privacy laws, including:

Obtaining employee’s informed and signed consent on the transmission of personal health data to Cority’s hosting services. This includes the process for handling user opt-out, requests for erasure (‘right to be forgotten’), their right to request access to a copy of their personal information stored by Cority, their right to request a correction to their personal information stored by Cority, and their right to request a record of uses and disclosures of their personal information stored by Cority.

Maintaining the confidentiality and security of their employee data, user registrations and passwords, and restricting access to their personal data.

Third Parties

Cority will not share personally identifiable information with third parties unless stated at the time of collection and except as follows: Cority may store customer data with third-party data centers or managed service platforms as part of Cority’s hosted software offering, but only with third parties that meet Cority’s information security standards, as evidenced by certifications for their information security management system (ISO 27001, SAS 70).

Cority’s corporate website contains links to other sites. Cority is not responsible for the privacy practices or the content of such third party web sites. Third party vendors, including Google, display Cority online advertisements on sites on the internet. These third-party vendors, including Google, use cookies to serve ads based on a user’s prior visits to Cority’s website. Users may opt out of Google’s use of cookies by visiting the Google advertising opt-out page. Also keep in mind that Cority’s website may make chat rooms, forums, message boards, and/or news groups available to its users. Please remember that any information that is disclosed in these areas becomes public information and you should exercise caution when deciding to disclose your personal information.

Use of Cookies

When you view one of our web sites or advertisements, we may store some information on your computer. This information will be in the form of a “Cookie” or similar file and will be used to determine ways to improve our Web sites, advertisements, products or services. For example, Cookies allow us to tailor a Web site to better match your interests and preferences.

Security of your Personal Data

Cority has achieved ISO 27001 certification for Information Security Management Systems. As part of its compliance with this rigorous information security system, Cority has implemented appropriate technical and organizational security measures to prevent (1) unauthorized or unlawful disclosure or access to personal data; (2) accidental or unlawful loss, destruction, alteration, or unauthorized disclosure of your personal data; and (3) accidental damage to your personal data. These measures ensure an appropriate level of security in relation to the risks inherent in the processing and the nature of the personal data to be protected. Your securely held personal data will only be accessible by select authorized members of staff within Cority.

Cority has also achieved ISO/IEC 27018 certification. ISO/IEC 27018 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO/IEC 29100 for the public cloud computing environment.

For European Union, UK and Swiss – US data transfers, Cority adheres to the Data Privacy Framework Principles, which are available at: https://www.cority.com/data-privacy-framework-statement/

Who to Contact

Should you have other questions or concerns about these privacy policies, or any information privacy-related questions, please contact Cority’s Chief Privacy Officer at 416-863-6800 or cpo@cority.com