Last Updated: November 22, 2022
This privacy statement explains how First Light handles personal data collected by us as a data manager during the normal course of business (sales, marketing, and support) (“Business Data”), as well as how First Light as a data manager handles all information input into the First Light software or generated on behalf of Clients in connection with the services (“Client Data”). Client Data includes data collected from cases (“Cases”).
ABOUT FIRST LIGHT FIRST LIGHT
First Light Web Services is the premier provider of cloud-based survey and feedback platforms for education and healthcare markets. This Policy applies to all FIRST LIGHT software, services, and website (collectively the “Service”). This Policy describes how FIRST LIGHT collects, uses and discloses the information it collects via the Service. In some instances, our Service may be accessible via a third party website, including that of an Authorized Entity (defined below). This Policy does not apply to how a third party or an Authorized Entity uses or releases any data related to Service users.
FIRST LIGHT SOFTWARE AND SERVICES
First Light produces software for universities, and other organizations. The software is accessed using a web browser via the Internet. IMPACT Feedback software is self-service; Clients determine and are solely responsible for what and how Client Data is collected. Client Data includes data collected from cases (“Cases”).
Client Data is stored in multiple geographical regions. Client Data may be collected in numerous ways, including via email, a web link, or offline mobile app.
First Light acts as a data manager with respect to Client Data and processes this data as instructed by clients, who are the data governors.
DATA COLLECTED DURING NORMAL BUSINESS OPERATIONS (UNRELATED TO THE SOFTWARE)
In the course of normal business operations, First Light collects data such as contact information (e.g. name, address, phone number, e-mail address, and employer) and payment details for clients. We may also collect browsing data from individuals who visit the First Light information website. In these cases, First Light acts as a data governor. First Light also acts as a data governor with respect to client relationship management data. This is data that First Light needs in order to provide services to Clients, including performing contractual obligations, engaging in marketing activities, and providing support services (e.g. responding to Client inquiries and requests).
HOW WE USE PERSONAL INFORMATION
FIRST LIGHT generally uses the information we collect as follows:
- To improve our website, Services, and Software in order to better serve you.
- To follow up with them after correspondence (live chat, email or phone inquiries).
- To ensure the security and integrity of our Services and Software.
- To ensure enforcement of our Terms of Services, EULA, and other legal terms and policies with you.
- To communicate with you about your use of the Service; to respond to your inquiries; to send you surveys; to fulfill your requests; and for other Client service purposes.
- To troubleshoot any technical issues you might experience while using our Service.
- To send you communications about additional services and other information we think may interest you where we have appropriate permissions.
- To better understand how user’s access and use our Service, in order to improve our Service, to respond to user desires and preferences, and for other research and analytical purposes.
- To develop aggregated reports and related analysis regarding user activities.
- To tailor the survey content and information that we may send or display to you, to offer personalized help and instructions.
- To comply with applicable legal requirements, such as tax and other government regulations and industry standards, contracts and law enforcement requests.
- To inform you of other products or services offered by us.
HOW WE PROTECT YOUR INFORMATION
While no service or software is completely secure, we do make security of our user’s data, our products, Services, and Software one of our top priorities. Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We also employ security measures such as firewalls to protect against intruders, automated monitoring and reporting services and agents to detect suspicious activities, redundancies throughout our network (so that if one server goes down, another can cover for it), encryption where at all possible or appropriate or required by law, testing for and protecting against network vulnerabilities, and regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order, enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
However, with the above in mind, no security system is 100% secure, and therefore we cannot guarantee the security of your information or assume liability for improper access to it. It is the user’s responsibility to keep their password for accessing our sites and Services confidential, change the password frequently and use a strong password. We also recommend that you use the Two-Factor Authentication methods where available to better help protect your accounts from unauthorized access. We strongly recommend that you do not share your password with anyone.
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. Using Do Not Track signals will affect and restrict the user experience on our websites, Services, and Software.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information except where noted below. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety.
Exceptions where we may share the information we collect:
Legal Disclosures. We may disclose a Service user’s information where we believe that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, or other valid legal processes. We may also disclose personal information where we believe it is necessary to identify, contact or bring legal action against someone who may be violating the Terms of Service for our Service, to detect fraud, for assistance with a delinquent account, as evidence in litigation in which we are involved, or protect ours or others’ rights, property or safety.
Aggregate and De-Identified Information. We may also provide aggregate, anonymous or de-identified information about users and the Service for marketing and research purposes. For example, we might inform third parties regarding the number of unique users who visit the Service, the demographic breakdown of our registered users of the Service.
Google. Our sites may use third party services such as Google Analytics that collect, monitor and analyze information collected from you when visiting one or more of our sites. This may include, but not limited to, information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, operating system, geographic location, country, the pages of our sites that you visit, the time and date of your visit, the time spent on those pages and other statistics.
More information about Google Analytics can be found at https://www.google.com/analytics/.
HOW WE INTERACT WITH OTHER WEBSITES
Our Service may contain links to other websites not owned or operated by FIRST LIGHT, and may provide Service users with access to other websites and services. Please be aware that we are not responsible for the privacy practices of such third-party websites or services and any access to and use of such linked websites is not governed by this Policy. We encourage you to read the privacy policies or statements of each and every website you visit.
REQUEST TO REMOVE OR UPDATE DATA
If you would like to amend your profile information, you may log in to your account and do so or email us at firstname.lastname@example.org. You should understand that in some cases, we may retain copies of such information in our systems or databases where required or permitted by law.
If you wish to exercise rights in relation to Personal Data for which First Light acts a data governor, you should contact email@example.com. Please note, however, that First Light can or will delete your Personal Data only if there is no statutory obligation or prevailing right of First Light to retain it. Note further that if you request that First Light deletes your Personal Data, you will not be able to continue to use any First Light service that requires First Light’ use of your Personal Data.
CALIFORNIA PRIVACY RIGHTS
In accordance with CalOPPA, we agree to the following:
- Users can visit our site anonymously.
You can update your personal information:
- By logging in to your account and making updates accordingly
OUR POLICY REGARDING ‘DO NOT TRACK’ SIGNALS
We honor ‘Do Not Track’ signals and Do Not Track, store cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. Using DNT signals will affect and restrict the user experience on our websites, the Services, and Software.
DATA COLLECTED BY CLIENTS
Clients own, and are data governors of, Client Data. Depending on how the Client chooses to use the software, Client Data may include personal data or personal information. Clients manage all Client Data, as well as the users who create, manage, distribute, or report the Client Data. To the extent that First Light processes Client Data, First Light does so as a data manager on behalf of Clients.
First Light processes Client Data on behalf of Clients in a manner consistent with this Privacy Statement. Each Client, in its capacity as a data governor, may process Client Data in other ways. Cases should check the Client’s own privacy statement to learn how the Client intends to process Case-specific data that may be included in Client Data. If a Case submits queries to First Light or otherwise seeks to exercise rights under applicable data protection legislation, First Light will forward these requests to the relevant Client, as can be reasonably determined, in accordance with our contractual arrangements.
First Light treats all Client Data as highly confidential. All Client Data is safeguarded using industry-best security practices to prevent unlawful disclosure. First Light does not sell or make available Client Data except as requested by a valid court order, search warrant, subpoena, or otherwise as agreed by the parties or required by law.
Mail: PO Box 755, Bellingham, WA 98227
Phone: (888) 253-6364
© 2022 FIRST LIGHT WEB SERVICES. All Rights Reserved.