GreyMatter Mobile Application
User Privacy Notice

Introduction

ReliaQuest, LLC (“ReliaQuest”) is a Florida limited liability company located at 1001 Water Street, Suite 1900, Tampa, Florida 33602, United States of America. ReliaQuest and its subsidiaries (“Company,” “We,” “Us” or “Our”) describe in this GreyMatter Mobile Application User Privacy Notice (“Notice”) Our practices for handling the data or information related to an identifiable user (“User Information”) of the ReliaQuest GreyMatter Mobile Application (“App”). In particular, this Notice describes:

The types of User Information We may collect or that users may provide to Us when users download, install, register or authenticate with, access, or use the App (see Collection of User Information); and
Our practices for using, disclosing, maintaining and protecting User Information that users make available to Us in connection with the App (see Use of User Information, Disclosure of User Information and Data Security and Retention).

This Notice applies only to User Information We collect in the App. This Notice does not apply that We collect offline, separately from the App or on any other Company applications or websites or to data or information that users may provide to, or is collected by, any third party (see Third-Party Information Collection). Our other websites and applications, and those of other third parties, have their own privacy policies and practices, which We encourage users of the App to read before providing information on or through them.

Please read this Notice carefully to understand Our policies and practices regarding User Information and how We will handle User Information. If users do not agree with Our policies and practices as described in this Notice, then users should not download, install, register or authenticate with, access or use the App. By installing, downloading, registering or authenticating with, accessing or using the App, users accept the policies and practices outlined in this Notice. This Notice must be read in conjunction with the GreyMatter Mobile Application License Agreement, which governs your access to and use of the App.

Depending on where a user resides or the jurisdiction in or through which a user downloads, installs, registers or authenticates with, accesses or uses the App and the laws applicable to such user and the relevant User Information in those circumstances, users may be entitled to certain additional rights with respect to their User Information (see Jurisdiction-Specific Information on Privacy Rights).

This Notice may change from time to time (see Changes to this Notice). Continued use of the App after We revise this Notice means users accept the changes to Our policies and practices outlined in the Notice, as revised, so users must review this Notice periodically for updates.

Collection of User Information

When users download, install, register or authenticate with, access or use the App, We may ask users to provide or the App may automatically collect User Information as provided in the following chart:

Category	Examples	Collected?
Personal identifiers	Name or other unique identifier (name, username, account name); relevant user or account information	Yes
Demographic data	Age, race, gender or other protected classifications (citizenship, religion, disability, sexual orientation, veteran)	No
Commercial information	Products or services purchased; purchase or consuming histories or tendencies; consumer profile metrics (aggregate or prediction interests, habits, trends)	No
Biometric information	Genetic, physiological, behavioural and biological characteristics; fingerprints, faceprints, voiceprints, iris or retina scans; health-related data	No
Device or network activity data	Unique identifiers (IP address, MAC address, device serial number); log data (browser type or operating system); browsing or search history; application interaction or engagement analytics	Yes
Geolocation data	Physical location; movement tracking	No
Sensory data	Audio or visual records (users communications with Us)	Yes
Career information	Resume; job title, employment history	No
Non-public education information	Student or school records; grades or transcripts	No
Sensitive information	Government identifiers (social security number, driver’s license number); genetic or biometric data; precise geolocation; third-party communications; health or sexual information	No

Users may also provide User Information to Us by interacting with the App, such as by corresponding with Us using free-text response forms in the App or reporting issues or errors users encounter with respect to the App. We do not control users’ decisions to provide the information when users interact with such free-text response forms, and users are responsible for the information, including any User Information, User Information that users provide to Us in those cases.

Mobile Application Analytics Technology

We use mobile application analytics technology to collect metadata and related App information about how users interact with the App, which allows Our product management team to, among other things, prepare reports on use of the App, analyze App insights, create new features or functionalities for or further develop the App and enrich the App user interface and experience. The metadata and related App information may include User Information. If users do not want Us to collect metadata and related App information with respect to users’ interactions with the App, users may notify Us of their specific request in the manner described in the Contact Information section of this Notice.

Biometric Authentication

If users voluntarily use the App with or on an Apple or an Android/Google mobile device with biometric authentication functionality, We may offer users the optional capability to authenticate, access and use the App through FaceID or TouchID for Apple devices or Face Unlock or Fingerprint Unlock for Android/Google devices. To enable and use biometric authentication functionality with the App, a user must use the App with or on a mobile device with biometric authentication functionality and save the user’s login credentials for the App on the user’s mobile device. If a user enables and uses biometric authentication functionality with the App, anyone with access to the user’s biometric information, such as the user’s fingerprint(s) or face, may be able to access the App on the user’s behalf. We recommend that users employ a strong device password or other security measures as an additional layer of security for the user’s device. Neither We nor the App have direct access to a user’s fingerprint(s), facial recognition information or other biometric authentication information stored or processed on the user’s device.

For additional information on the biometric authentication functionality for Apple devices, see the Apple Platform Security documentation, available as of the Effective Date at https://support.apple.com/guide/security/welcome/web. For additional information on the biometric authentication functionality for Android/Google devices, see the Android security documentation, available as of the Effective Date at https://source.android.com/docs/security. You should also review your mobile device manufacturer’s product manual or other operating instructions for additional information on the biometric authentication functionality available with your device, if any.

Third-Party Information Collection

In the course of downloading, installing, registering or authenticating with, accessing or using the App, users may provide User Information to third parties or third parties may use automatic information collection technologies to collect User Information about users or their devices. These third parties may include:

The users’ mobile devices or telecommunications service provider;
The manufacturers, distributors or retailers of the users’ mobile devices, as well the parties who may control or access the users’ devices, such as their employers;
The developers of the operating system or other applications on the users’ devices or with which the users interact using their respective devices, including the digital marketplaces through which the App is made available to users; or
The persons responsible for developing, hosting or otherwise making available webpages and associated content, including the third parties of such persons, to the extent users interact with links to webpages and associated content outside the App.

The User Information these third parties collect may be associated with users directly, or the third parties may collect User Information about particular users over time and across different websites, apps, and other online or offline services or interactions. We do not control these third parties’ tracking technologies, and this Notice does not address the data handling policies and practices of such third parties. If users have any questions about the third parties described in this section of the Notice, users should contact the relevant third party directly.

Use of User Information

We use User Information that We collect about users or that users provide to Us to:

ReliaQuest Solutions: Make the App available to users and Our other customers and to enable the download, installation, registration or authentication with, access to or use of use of the App, including to communicate the content, notifications, updates and other features in or about the App and Our other solutions.
Support: Support Our provisioning and users download, installation, registration or authentication with, access to or use of the App and Our other solutions, as well as any technical or customer support users may require in connection with the App and Our other solutions.
Business Analysis and Improvement: Pursue Our legitimate interests in analyzing, understanding and improving Our business and its operations through means such as identifying and tracking usage patterns with respect to the App and Our other solutions; benchmarking, auditing, developing or improving the App and Our other solutions; or monitoring the health, performance and security of the App and Our other solutions.
Legal: Comply with, conform to the requirements of or carry out Our obligations and enforce Our rights arising under any applicable law or legal agreements between Us and users or the persons on whose behalf users act in using the App, such as users’ employers, to the extent We believe necessary or appropriate in the relevant circumstances.
Health and Safety: Promote the health, safety or property interests of users, Us or other third parties and to deter or mitigate fraudulent or otherwise inappropriate conduct with respect to the App.
Corporate Transactions: Explore or consummate certain corporate or enterprise transactions, such as a reorganization, merger, liquidation, receivership or transfer of some or all of Our business assets or equity.
Consent or Instruction: Discharge actions that users instruct us to undertake or for which users provide consent or to interact with and respond to users’ inquiries, communications or requests for information.

We do not sell User Information.

Disclosure of User Information

We may disclose User Information that We collect or that users provide to Us:

ReliaQuest Group: To Our personnel consistent with this Policy.
Service Providers: To service providers, contractors, vendors, subprocessors and other third parties, who support or enable Us to engage in Our business, such as those applicable persons identified in Our current list of Third Party Platform Providers.
Authorized Resellers: To Our authorized resellers and channel vendors, who assist Us in selling or delivering Our other solutions.
Legal: To consultants, advisers and similar service providers, public or private adjudicative bodies (such as courts, arbitrators or administrative tribunals), public or private enforcement, legislative or investigative bodies (such as regulatory or law enforcement agencies), and other affected or interested persons in connection with Our efforts to comply with, conform to the requirements of or carry out Our obligations and enforce Our rights arising under any applicable law or legal agreements between Us and users or the persons on whose behalf users act in using the App, such as users’ employers, to the extent We believe necessary or appropriate in the relevant circumstances.
Health and Safety: To consultants, advisers and similar service providers, public or private adjudicative bodies (such as courts, arbitrators or administrative tribunals), public or private enforcement, legislative or investigative bodies (such as regulatory or law enforcement agencies), and other affected or interested persons in connection with Our efforts to promote the health, safety or property interests of users, Us or other third parties and to deter or mitigate fraudulent or otherwise inappropriate conduct with respect to the App.
Corporate Transactions: To consultants, advisers and similar service providers, and targets, bidders, financiers and similar interested persons in connection with our exploration or consummation of certain corporate or enterprise transactions.
Consent or Instruction: To the persons necessary or appropriate for Us to discharge actions that users instruct Us to undertake or for which users provide consent.

Jurisdiction-Specific Information on Privacy Rights

Depending on where users reside or the jurisdiction in or through which users download, install, register or authenticate with, access or use the App and the laws applicable to users and User Information in those circumstances, users may be able to exercise certain privacy rights related to the User Information that We collect or users provide to Us in connection with the App, as outlined in the following bullet points.

Right of access: The right to request access to User Information that We hold about the requesting user and information about Our use of such User Information and with whom we share such User Information. This may include the right to request that We provide a copy of the requesting user’s User Information, as well as the following information about Our collection, use and disclosure of such User Information over the twelve-month period preceding the request: (i) the categories of and specific items of User Information We have collected about the requesting user; (ii) the categories of sources from which We collect such User Information; (iii) the categories of business or commercial purposes for collecting such User Information; (iv) the categories of third parties to whom such User Information was disclosed for a business purpose; and/or (v) and categories of User Information disclosed for a business purpose.
Right of correction: The right to request that We correct inaccurate personal information maintained about the requesting user.
Right to erase or delete: The right to request that We delete the requesting user’s User Information in certain circumstances and subject to certain exceptions. We cannot delete User Information except by also deleting the relevant user account.
Right to object or restrict: The right to object to Our processing of the objecting user’s User Information and, in certain circumstances, the right to require Us to stop processing such User Information We hold about the objecting user other than for storage purposes and/or the right to restrict or limit Our use or disclosure of sensitive User Information, if any, to only what is necessary to provide the App.
Right to portability: The right to request the portability of the requesting user’s User Information that We process.
Right to withdraw consent: Where We rely on consent to process a user’s User Information, the right to withdraw consent at any time by notifying Us in the manner described in the Contact Information section of this Notice. Withdrawing consent will not affect the lawfulness of Our processing before the user withdrew the user’s consent or the processing of the user’s User Information on another lawful basis.
Right to nondiscrimination: We will not discriminate against a user for exercising the rights to which the user is entitled.
Right to opt-out of sale: We do not sell User Information. To the extent that We sold User Information, the user would have the right to instruct Us not to sell the instructing user’s User Information.

If a user is entitled to one or more of the foregoing rights, the user may exercise the right(s) to which the user is entitled by notifying Us of the user’s specific request in the manner described in the Contact Information section of this Notice. If a user is unsure if the user is entitled to one or more of the foregoing rights, the user should consult the laws and regulations of the user’s applicable jurisdiction. We will use commercially reasonable efforts to comply with users’ requests.

For users’ protection, We will only respond to verifiable requests. Accordingly, We may need to collect certain information from the requesting user to verify the user’s identity, such as the user’s email address, government-issued identification or date of birth, before providing a substantive response to the user’s request. We may need to retain certain information for recordkeeping or legal purposes or to complete any transactions initiated before the user’s request.

The user may also be able to designate an authorized agent to exercise the right(s) to which the user is entitled. To do so, the user must provide the authorized agent written and signed permission to exercise such rights on the user’s behalf. We reserve the right to require the user’s agent to verify the agent’s identity and to confirm directly with the user that the user has provided the authorized agent permission to exercise the user’s right(s).

The rights and procedures described this section are in addition to the other terms of this Notice and are intended to supplement the remainder of this Notice where required by applicable law. The rights to which users may be entitled vary by the applicable jurisdiction and the facts and circumstances in which the rights are invoked, and, accordingly, one or more of the rights or procedures described in this section of the Notice may not apply, in full or in part, to a particular user. Furthermore, some rights may be limited by applicable law, such as if fulfilling a user’s request for access to or deletion of User Information will adversely affect other individuals or Our trade secrets or intellectual property, an overriding public interest justifications exist or We are by law required to retain or to delete or deny access to User Information.

International Transfers of User Information

ReliaQuest is based in the United States of America (“USA”), but We have global operations. When users download, install, register or authenticate with, access or use the App, users provide User Information to Us in the USA. ReliaQuest’s subsidiaries and the third parties to whom ReliaQuest discloses User Information are based in the USA, European Union, United Kingdom, India, Singapore and other jurisdictions, some of which may not have laws that require the same level of protection for User Information as where a user resides or the jurisdiction in which the user downloads, installs, registers or authenticates with, accesses or uses the App. We implement appropriate transfer mechanisms in accordance with applicable law to protect the User Information that We transfer, including by using the standard contractual clauses approved by the European Union’s European Commission and the United Kingdom’s Information Commissioner’s Office. Users may request additional information about the transfer mechanisms employed by ReliaQuest in the manner described in the Contact Information section of this Notice.

While We do no longer rely on the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the USA Department of Commerce (“Privacy Shield”) as a allowable transfer mechanism for User Information, ReliaQuest complies with the Privacy Shield regarding the collection, use, and retention of User Information transferred from the European Union and Switzerland to the USA. ReliaQuest has certified to the USA Department of Commerce that ReliaQuest adheres to the Privacy Shield principles. If there is any conflict between the terms in this Notice and the Privacy Shield principles, the Privacy Shield principles shall govern. To learn more about the Privacy Shield program, and to view Our certification, please visit https://www.privacyshield.gov/.

In compliance with the Privacy Shield principles, ReliaQuest commits to resolve complaints about Our collection or use of User Information. Users residing in or subject to the laws of the European Union or Swiss Confederation with inquiries or complaints regarding our Privacy Shield policy should first contact ReliaQuest in the manner described in the Contact Information section of this Notice. ReliaQuest has further committed to refer unresolved Privacy Shield complaints to the American Arbitration Association. If a user does not receive timely acknowledgement of the user’s complaint from Us, or if We have not addressed the user’s complaint to the user’s satisfaction, please visit https://go.adr.org/privacyshield.html for more information and to file a complaint.

ReliaQuest is subject to the investigatory and enforcement powers of the USA Federal Trade Commission (“FTC”), and the FTC has jurisdiction over ReliaQuest’s compliance with the Privacy Shield.

In cases of onward transfer to third parties of User Information relating to users residing in or subject to the laws of the European Union or Swiss Confederation pursuant to the Privacy Shield where such User Information is not protected in accordance with the Privacy Shield principles, ReliaQuest is potentially liable.

Children Under the Age of 13

The App is not intended for children under 13 years of age, and We do not knowingly collect User Information from children under 13 years of age. If We learn We have collected or received User Information from a child under 13 years of age without verification of parental consent, We will delete that User Information. If you believe We might control any information from or about a child under 13 years of age, please contact Us in the manner described in the Contact Information section of this Notice.

Data Security and Retention

We have implemented measures designed to secure User Information from accidental loss and from unauthorized access, use, alteration, and disclosure. All User Information is stored on Our secure servers behind firewalls.

The safety and security of User Information also depends on users. Where We have given users (or where users have chosen) credentials to access to the App, the users are responsible for keeping their respective credentials confidential. We ask users not to share their respective credentials with anyone.

Unfortunately, the transmission of information via the Internet, telecommunications infrastructure and other mobile platforms or devices is not completely secure. Although We intend to protect User Information, We cannot guarantee the security of User Information transmitted through the App. Any transmission of User Information is at the user’s own risk. We are not responsible for circumvention of any privacy settings or security measures We provide.

We will retain User Information only for as long as necessary to fulfill the purposes for which We collected the User Information. To determine the appropriate retention period, We consider the amount, nature and sensitivity of the User Information, the potential risk of harm from unauthorized use or disclosure of the User Information, the purposes for which We process the User Information and whether We can achieve those purposes through other means in accordance with applicable legal requirements. We will also retain and use User Information to the extent necessary to comply with Our legal obligations, resolve disputes and enforce Our policies (see User of User Information and Disclosure of User Information). If a user stops using the App or if a user deletes the user’s account with Us, We will store and delete the relevant User Information in accordance with Our standard data retention and deletion policies, unless We are earlier instructed to delete the relevant User Information, or as necessary to comply with Our legal obligations, resolve disputes and enforce Our policies.

Changes to this Notice

We may update this Notice from time to time. If We make material changes to Our policies and practices for handling User Information, we will post a revised version of this Notice on this page.

The date on which this Notice was last revised is identified at the top of this page. Continued use of the App after We revise this Notice means users accept the changes to Our policies and practices outlined in the Notice, as revised. Users are responsible for periodically visiting this page and reviewing this Notice to check for any changes.

Contact Information

To ask questions or comment about this Notice and Our privacy policies and practices or to submit a complaint with respect to the App or this Notice, users may contact Us by:

Sending an email to [email protected]
Calling us at 1-(800)-925-2159
Sending a letter to ReliaQuest, LLC, 1001 Water Street, Suite 1900, Tampa, Florida, 33602, United States of America, Attention: Legal Department.

Depending on where a user resides or the jurisdiction in or through which a user downloads, installs, registers or authenticates with, accesses or uses the App and the laws applicable to the user and the user’s User Information in those circumstances, the user may also be entitled to complain to the data protection supervisory authority in the applicable member state.