Scrimmage Privacy Policy

Access Marketing & Communications LLC, dba Scrimmage
Privacy Policy
EFFECTIVE: April 20, 2021

Introduction and Scope

We at Access Marketing & Communications LLC, dba Scrimmage ("Scrimmage", "we", "us", "our") know that your privacy is important. This Privacy Policy is designed to assist you in understanding how we will collect and use personally identifiable information ("PII") in our web-based Scrimmage application and our iOS Scrimmage application (the "Apps") and the related services we provide (together with the Apps, the "Services"). Please read this Privacy Policy to learn more about the ways in which we collect and use your PII. If we make any material changes to this Privacy Policy, we will notify you in accordance with the process described in the section Changes to this Privacy Policy, below.

Controllership

In the context of this Privacy Policy, Scrimmage acts as a data processor for the PII we process.

PII We Process

Categories of PII

PII that is provided to us could include biographical information such as your first and last name, contact information such as your street address, telephone number, and email address, information about your profession, and any other information we collect about you that by itself may not be PII but if combined with PII could be used to personally identify you.

How we Receive PII

We may receive your PII when:

• you or a colleague registers for our Services, or registers and/or sets up an account to access and use our Services;
• you submit a support ticket; and
• you engage in any other transactions with us on or in relation to our Services.

Information We Automatically Collect

When you use our Apps, whether by computer, mobile phone, or other device, we automatically collect certain data about your use of our Apps (this information may include without limitation: geographical location and IDs of your computer, mobile or other device; bandwidth used; system and connection performance; browser type and version; operating system; referral source; length of visit; page views; your mobile carrier; IP address or other unique identifier for your computer, mobile phone or other device). We use technologies such as cookies and web beacons for this purpose.

Cookies

A "cookie" is a small file stored on your hard drive that contains information about your computer. By showing how and when visitors use the application, cookies help us save user preferences and track user trends and patterns. We use session cookies, which are cookies that are deleted when you leave our application and persistent cookies, which are cookies that remain after you leave our application so that you are recognized when you return.

The use of cookies is industry standard, so your browser may be set to accept cookies. If you would prefer not to accept cookies, you can alter the configuration of your browser to reject all cookies or some cookies. For more information, please visit https://www.aboutcookies.org/. Note, if you reject certain cookies, you may not be able to access all of the features of our Apps.

Web Beacons

We may use web beacons (also known as clear GIFs) to access cookies and count users who visit our web application or open our HTML-formatted email messages. Web beacons are single-pixel graphic files with a unique identifier, similar to cookies. Web beacons are embedded invisibly on web pages and are stored on a user's hard drive. You can modify your browser settings to control web beacons.

Responding to Do Not Track Signals

Our Apps do not have the capability to respond to “Do Not Track” signals received from various web browsers.

How We Use Your PII

Basis of Processing

Within the scope of this Privacy Policy, Scrimmage, acting as a data processor, processes PII based on the documented instructions of the relevant data controllers.

Purposes of Processing

Scrimmage may use your PII to:

• enable the use of our Services; and
• respond to your inquiries, and/or other requests or questions.

With regard to automatically collected data, we may use such non-personally identifying information to improve your experience with our Services.

We may use IP addresses to help diagnose problems with our server, analyze trends, track users' movement, gather broad demographic information for aggregate use in order for us to improve our Services, and deliver customized content.

Data Retention Periods

When the purposes of processing are satisfied, we will delete the related PII within one month.

Sharing PII with Third Parties

We may use third parties to perform certain services on our behalf. We may share your PII with these third parties solely to enable them to perform the services for us.

Such third parties include those:

• hosting our Services;
• providing cloud storage; and
• providing a support ticketing system.

We require that those third-party vendors maintain at least the same level of confidentiality and data protection that we maintain for such PII. We do not provide your PII to parties unconnected with our Services.

Scrimmage remains liable for the protection of PII that we transfer to our service providers within the scope of our Privacy Shield certification, except to the extent that we are not responsible for the event giving rise to any unauthorized or improper processing.

Disclosure of PII

We may disclose your PII:

• to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders;
• if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change; or
• to our subsidiaries or affiliates only if necessary for business and operational purposes.

We reserve the right to use, transfer, sell, and share aggregated, anonymous data, which does not include any PII, about the users of our Services as a group for any legal business purpose, such as analyzing usage trends and seeking compatible advertisers, sponsors, clients and customers.

If we must disclose your PII in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your PII will maintain the privacy or security of your PII.

Except as provided in this Privacy Policy, we will not provide your PII to third parties.

Security

Scrimmage has implemented and will maintain commercially reasonable technical and organizational security measures to protect PII from unauthorized processing, such as unauthorized access, disclosure, alteration, or destruction. Unfortunately, data transmission over the Internet is never 100% secure so we cannot guarantee the security of any information you transmit to us or from our Apps, therefore you use our Services at your own risk.

Accessing / Limiting the Use and Disclosure of Your PII

If you are a data subject about whom we store PII, you may have the right to request access to, and the opportunity to update, correct, or delete such PII. If we have received your PII in reliance on the Privacy Shield, you may also have the right to opt out of having your PII shared with third parties and to revoke your consent to our sharing your PII with third parties. You may also have the right to opt out if your PII is used for any purpose that is materially different from the purpose(s) for which it was originally collected or which you originally authorized.

To submit such requests, please contact the party that has provided your PII to us (e.g., your employer). We have limited rights to access the PII our customers submit to us. Therefore, if you choose to contact us with such a request, please provide the name of our customer who submitted your PII to us. We will forward your request to that customer and provide any needed assistance as they respond to your request.

If you have provided your PII to us directly or if you want to raise any other questions related to the way we process your PII, please contact us using the information in the Contact Information section of this Policy.

Children’s Privacy

Our Services are not directed at, or intended for use by, children under the age of 13. We do not knowingly process the PII of anyone under 18. Children should always get permission from a parent or guardian before sending PII over the Internet. If you believe your child may have provided us with PII, you can contact us using the information in the Contact Us section of this Privacy Policy and we will delete the PII.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time by posting a new version on this page. You should visit this page occasionally to ensure you agree with any changes. We will post our revised Privacy Policy on this page and update the "Effective" date above to reflect the date of the changes.

By continuing to use our Services after we post any such changes, you accept the Privacy Policy as modified.

EU-U.S. and Swiss-U.S. Privacy Shield Frameworks

With respect to PII in the scope of this Privacy Policy, Scrimmage complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (the "Privacy Shield"), as adopted and set forth by the U.S. Department of Commerce regarding the processing of personal data. Scrimmage commits to adhere to and has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.

To learn more about the Privacy Shield, and to view Access Marketing & Communications LLC, dba Scrimmage’s certification, please visit https://www.privacyshield.gov and https://www.privacyshield.gov/list, respectively.

VeraSafe Privacy Program

Scrimmage is a member of the VeraSafe Privacy Program, meaning that with respect to PII processed in the scope of this Privacy Policy, VeraSafe has assessed Scrimmage’s data governance and data security for compliance with the VeraSafe Privacy Program Certification Criteria. The certification criteria require that participants maintain a high standard for data privacy and implement specific best practices pertaining to notice, onward transfer, choice, access, data security, data quality, recourse, and enforcement.

Dispute Resolution

Where a privacy complaint or dispute cannot be resolved through Scrimmage’s internal processes, Scrimmage has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe and participate in the VeraSafe Privacy Shield Dispute Resolution Procedure, please submit the required information here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/.

Binding Arbitration

If your dispute or complaint can’t be resolved by us, nor through the dispute resolution program established by VeraSafe, you may have the right to require that we enter into binding arbitration with you pursuant to the Privacy Shield’s Recourse, Enforcement and Liability Principle and Annex I of the Privacy Shield.

Regulatory Oversight

Scrimmage is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

Contact Us

If you have any questions about this Privacy Policy or our treatment of your PII, please write to our Chief Technology Officer by email at security@actoapp.com or by postal mail at:

Attn: Kumar Erramilli, Chief Technology Officer
Access Marketing & Communications LLC, dba Scrimmage
60 Atlantic Avenue, Suite 200
Toronto, ON M6K 1X9
CANADA

Please allow up to two weeks for us to reply.