Legal
Privacy Policy
Arta Shipping, Inc. Privacy Policy
This Privacy Policy (“Policy”) describes how Arta Shipping, Inc. d/b/a Arta (“Arta” or “we” or “our” or “us”) collects, stores, shares, and uses information, and your choices about privacy when you use our website, products, and services (collectively, “Services”). Your privacy is important to us, and we ask that you read this Policy carefully to be informed about our practices. This Policy is part of our Terms and Conditions, which can be viewed at Arta Terms. Any capitalized terms that are used but not defined in this Policy have the same meaning given to them in our Terms and Conditions. By accessing or using our Services in any way, you agree that your information may be collected, stored, shared, and used as described in this Policy and our Terms and Conditions. By using our Services, you consent to the collection, use and sharing of your Personal Information as outlined in this Policy. You may withdraw consent at any time in writing, however such withdrawal does not negate our right to process your data prior to your withdrawal.
Effective date: July 19, 2023
Last modified date: January 1, 2024
Table of Contents
- When This Privacy Policy Applies
- Types of Information We Process
- How We Use the Information We Collect and Why
- Communication Preferences
- Accounts and User Profiles
- User Content
- User Communications
- With Whom Do We Share Personal Information?
- Aggregated and Non-personal Information
- Payment Information
- Other Websites and Services
- International Processing
- Transfer of Data
- Children’s Information
- Security
- Statutory Requests
- Dispute Resolution
- Changes to this Privacy Policy
- Contacting Arta
1. When This Privacy Policy Applies
This Policy applies to all of our Services, regardless of how you use them, and whether or not you register for an Arta account. This Policy only applies to how we collect, store, share, and use information. This Policy does not apply to any entity that we do not own or control, or to any person that we do not employ or manage. If, at any time during the course of using our Services, you are directed to a third-party site, you understand and agree that the policies of the third-party site govern.
2. Types of Information We Process
Information You Provide: We may collect the information that you provide or otherwise make available to us when you access or use our Services, including when you:
- fill in any forms on our Services, such as when you register for an Arta account or update your account or User profile information, or submit a shipment request;
- access or use our Services, such as when you submit or view a shipping request, view or select a quote, make a payment for a shipment or otherwise perform transactions (this can include the information you provide on or through our Services, and information about how you access or use our Services, such as which features you use and when you use them);
- link your Arta account to your account on another service (for example if you enable an inventory management integration), in which case we may obtain your username on that service and other information you make publicly available through that service, which may vary depending on your settings on that service; or
- communicate with us.
Information Collected Automatically: We may automatically collect certain information about how you access or use our Services, and by using our Services you consent to the collection of that information. Examples include but are not limited to Internet browser, operating system, device and application identifiers, IP address and geo-location information, access times and dates, referring and exit pages and URLs, clickstream data, search terms, pages viewed, time spent on pages, bounce rate and login frequency.
Information from Cookies, Web Beacons and Similar Technologies: We may collect information through the use of cookies, web beacons and similar technologies. These technologies help us to operate, improve and customize our Services, Content and marketing, for example, by helping us to better understand how Users access and engage with our Services, Content and emails. We may also use third-party service providers (such as analytics or payments providers) that may use cookies, web beacons and similar technologies to help operate their services. Your browser may have settings that let you decline cookies, but please note that some of our Services may not be available if you decline cookies, as some of our Services require cookies to operate. For more information about cookies, web beacons, similar technologies, and how they are used, please see our Cookie Policy below, which is considered part of this Policy.
Information from Other Users: If another User uses our Services to arrange a service for you, or if you allow another user to perform a transaction on your behalf (for example specifying you as the payment party for a shipment), we may obtain information about you from other Users. Also, when Users share User Content through our Services, if it contains information about you, we will receive that information as well. More information about User Content is provided below.
Information from Other Sources: We may obtain information about you from third-party partners (such as other companies with which we may jointly offer services or conduct promotional events), third-party service providers, credit bureaus or other sources, including but not limited to demographic information, contact information, open data, publicly available data and credit check information. We may use this information for legitimate business purposes, including the performance of a contract, customer support, fraud prevention, and credit-related decisions in connection with our Services, along with other purposes described in this Policy.
Information from Mobile Use: When you access our Services on a mobile device, for example, when you visit our website from a mobile browser, we may obtain information about your location and mobile device, including a unique identifier for your device for legitimate business purposes. Along with the other purposes described in this Policy, we may use this information in order to customize our Services, Content and marketing for your location. Most mobile devices let you disable location services, and your choices for location services may vary depending on your mobile device.
Types of Information We Collect:
- Identity information, such as your first name, last name, username or similar identifier;
- Contact information, such as your postal address, email address and telephone number;
- Profile information, such as your username and password, preferences, feedback and survey responses;
- Feedback and correspondence, such as information you provide in your responses to surveys, when you participate in market research activities, report a problem with Service, receive customer support or otherwise correspond with us;
- Financial information, such as your credit card or other payment details;
- Transaction information, such details about purchases you make through the Service and billing details;
- Usage information, such as information about how you use the Service and interact with us;
- Marketing information, such your preferences for receiving marketing communications and details about how you engage with them;
Sensitive Personal Information
Subject to the following paragraph, we ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Service or otherwise.
If you send or disclose any sensitive personal information to us (such as when you submit user generated content to the Site), you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not provide it.
Changes to Your Personal Information
It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us by updating your registration profile or emailing us at legal@arta.io.
3. How We Use the Information We Collect and Why
The information we collect helps us to operate, improve, protect, and customize our Services, and to develop new Services. The information we collect also helps us to provide customer support and make our Services more efficient for you and other Users. For the sake of transparency, it is our responsibility to outline for you the legitimate business purposes for the collection of information, and the reasons why we do so, in order for you to make an informed decision regarding the use of our Services. In addition to the other uses of information described in this Policy, we may use all of the information that we obtain from or about you for the following purposes and reasons:
- to provide our Services to you, including new Services we develop later (reason: legitimate business purpose and performance of a contract);
- to provide you with customer support (reason: legitimate business purpose);
- to facilitate your communications or transactions with us or other Users (reason: to receive consent, and for legitimate business purpose);
- to operate, improve, and customize our Services, Content, and marketing, to develop new Services, and to understand how you use and interact with our Services and Content, and the products, services, and Content of others (reason: legitimate business purpose);
- to develop and display more customized Content to you on or off our Services (reason: to receive consent, and for legitimate business purpose);
- to promote and maintain a trusted, safer, and more reliable environment on our Services, for example, to help detect, prevent or otherwise address fraud, security or technical issues, conduct investigations or risk assessments, or verify actions taken by you or associated with your account (reason: to protect the public interest and for legitimate business purpose);
- to contact you (by email, postal mail, telephone, mobile devices, SMS text message, or as otherwise authorized by you) in order to address issues with your account or use of our Services, collect fees, send you updates about our Services or policies, or for other purposes permitted by law (reason: performance of a contract and for legitimate business purpose);
- to contact you (by email, postal mail, telephone, mobile devices, SMS text message, or as otherwise authorized by you) in order to send you marketing communications, promotional messages, and offers about our Services and Content, and the products, services, and Content of others (see below for information on how to opt out of receiving certain communications from us) (reason: to receive consent, and for legitimate business purpose);
- to facilitate your participation in contests, sweepstakes or other promotional events sponsored or conducted by us or by others in conjunction with us (reason: performance of a contract);
- to comply with our legal obligations, resolve disputes, or enforce our Terms and Conditions or any other Arta policies or agreements with Users (reason: compliance with a legal obligation);
- to perform other functions as described when the information is collected or requested, or for other purposes with your prior consent (reason: legitimate business purpose).
4. Communication Preferences
Every email we send, both marketing and transactional, contain links that allow you to unsubscribe. If you do not want to receive marketing email from us, you can unsubscribe by following the unsubscribe link in the email you received, or emailing us. If you choose to opt out of transactional emails, the opt out will only be temporary, as those communications are critical to conducting business with us, such as email about your account, your relationship with us, or your transactions. For further information, please contact us at legal@arta.io. Please note that unsubscribing from receiving emails from us may result in a less robust experience of our Services.
5. Accounts and User Profiles
Registration, Access and Records: To register for an Arta account, you will need to provide your full name and a valid email address. If you have received our permission to use our Services as a business, you may need to complete an additional registration process and provide additional information. If you have an Arta account, you may access, add, remove or update certain information about you in your profile and account settings, as indicated on our Services. It is your responsibility to update all such information as necessary to keep it accurate and current. When you update your account or profile information, we may keep a record of the unrevised information for purposes consistent with this Policy. If you wish to terminate your account and all data associated with it, you may do so by emailing legal@arta.io, subject to any other agreements between you and us. If you terminate your account, we may keep a record of any or all information associated with you or your account, as required or permitted by law, for purposes consistent with this Policy; specific account data that includes Personal Information including your name, e-mail, contact information, and certain other records such as shipments, quotes and vendor preferences will be removed at such termination. For further information, please contact us at legal@arta.io.
Data Retention: We will keep and use your data as described in this Policy for (i) as long as your account is in use, is open, or is active; (ii) as long as is necessary to comply with any tax, legal, and/or other regulatory requirements; and (iii) to protect and defend against potential legal claims. If you would like to request the deletion of your personally identifiable information or request that it be returned to you, please contact us at legal@arta.io. By deleting your data from our Site, you understand that you will no longer be able to use our Services. We will retain your anonymized, aggregated, depersonalized data after it has been deleted from our Site.
6. User Content
As described in our Terms and Conditions, some Services may enable you to provide User Content on or through our Services. When you post or share User Content on or via our Services, any information contained in the User Content (including information in images or videos) becomes accessible on our Services (and may also be indexed by and accessible through third-party search engines), and we and other Users may access and use the User Content as described in our Terms and Conditions. This applies even if you or someone else also provides such information to us by other means, and our use of such information might have been more limited under this Policy if such information was only provided to us by such other means. It is your responsibility to ensure that you have the right to share any information about others that you may share with us or with others through our Services. For further information, please contact us at legal@arta.io.
7. User Communications
Connecting with Other Users: We aim to provide a platform and marketplace where Users can discover and engage with a wide range of shipping and other service vendors. To help make this happen, our Services may include features, such as messaging tools and email addresses hosted on our Services, that enable you to contact and communicate with other Users.
Sharing Information with Other Users: When you use our Services to contact another User or perform a transaction with another User, such as an auction house, gallery, vendor or institution, they may obtain your name, email address and (as applicable) other contact information from us to facilitate communications, services or transactions.
8. With Whom Do We Share Personal Information?
Personal Information: Under this Policy, “Personal Information” means information that by itself can be used to identify or contact a specific person (for example, a person’s name, email address, postal address or phone number), and Personal Information does not include information that has been aggregated or made anonymous so that by itself it no longer identifies and can no longer reasonably be used to contact a specific person. We will only share your Personal Information with others in the ways described in this Policy, or otherwise with your prior consent. In addition to the other sharing of Personal Information described in this Policy, we may share your Personal Information with others in the following contexts.
Service Providers: We may contract with third-party service providers that help us provide some of our Services, or that perform some services for us related to our Services, and they may access your Personal Information as needed to perform their functions for us. Examples may include but are not limited to order fulfillment, package delivery, payment processing, bill collection, fraud investigation, email and postal mail administration, customer service assistance, web and mobile data analytics, and server and database hosting services.
We use third parties, including Stripe, TransferWise, Quickbooks and Bill.com, to gather your data from financial institutions. By using our Services, you grant our third-party providers the right, power, and authority to act on your behalf to access and transmit your personal and financial information from the relevant financial institution according to terms of such third-party providers’ privacy policies and service terms.
Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your Personal Information may be one of the assets transferred. In this event, if you have registered for an Arta account, we will notify you of the change of ownership by sending an email to the most recent email address you provided us under your Arta account.
Legal Purposes: We may access, preserve, and disclose your Personal Information and/or other information if we believe that such access, preservation or disclosure is reasonably necessary to: (i) comply with any law, regulation, legal process or governmental request (such as search warrants, subpoenas or court orders), which may include responding to legal requests from jurisdictions outside the United States; (ii) enforce our Terms and Conditions or our other policies or agreements with Users, or investigate potential violations; (iii) detect, prevent or otherwise address fraud, security or technical issues; (iv) protect or enforce the rights or property of Arta, you, or any other person or entity; or (v) prevent physical harm to any person, including situations involving possible violence or self-harm; granted that we will provide you with prompt notice thereof so that you may seek an appropriate protective order or other appropriate relief, or waive compliance with the provisions of this Agreement.
9. Aggregated and Non-personal Information
We may aggregate or make anonymous any Personal Information that we have obtained in any way from or about you or others so that such information no longer contains any Personal Information. We may use and share any aggregated, anonymous or other non-personally identifying information for any legitimate business purposes, including research and development, marketing, and to inform others about how our Services or Content are engaged with or used.
10. Payment Information
If you use our marketplace or register for certain Services, you may need to provide payment information, such as a credit card number, type and expiration date. We do not store credit card information entered on our Services. This information is stored by a third-party payment processor, and the use and storage of this information will be subject to the payment processor’s own terms of service and privacy policy. We do receive certain information from the payment processor, including a unique token that we associate with you to authorize your purchases, and in certain cases, the last four digits of the credit card number associated with that token, in order to help prevent fraud and identity theft. If you do not wish to provide payment information, you will not be able to use certain Services on our Site.
11. Other Websites and Services
Our Services may include links to other websites or services that we do not own or control, and other websites or services that we do not own or control may include links to our Services. Our Services may also include features that enable you to link your Arta account to your account on other services. For example, you may be able to sign up for (or sign in to) our Services through another service such as an inventory management system. Our Services may also include features that enable you to share Content on other websites and social media services. However, these links and features are not an endorsement by us of any other websites or services, or any of their privacy policies or practices. When you visit or use other websites or services, they may collect information from you, including through the use of cookies, web beacons or similar technologies. We encourage you to read the privacy policies of other websites and services that you visit or use to be informed of their practices.
12. International Processing
Arta is based in the United States. Our Users (including the galleries and other organizations that use our Services), service providers, and other third parties you may interact with in connection with our Services, may be located in the United States and other countries around the world, including countries that may not offer the same level of protection for Personal Information as that offered in the United States.
13. Transfer of Data
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. If you are located outside United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. Arta Shipping, Inc. will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information. By accessing or using our Services in the United States or any other country or jurisdiction, you agree that your information may be transferred and processed in the United States and any other country or jurisdiction.
14. Children’s Information
Our Services are not directed to children under the age of 13, and we do not knowingly collect Personal Information from people in this age group. If you believe we may have collected Personal Information from anyone under the age of 13, please contact us at legal@arta.io.
15. Security
Every Arta account is protected by a password to help maintain privacy and security on our Services. If you register for an account, we urge you to use a strong password containing unique numbers, letters and special characters, and to protect the confidentiality of your password at all times. If you suspect or become aware of any unauthorized access to or use of your account or password, you agree to immediately notify us and change your password. Please note that while we seek to protect your information and maintain the security of our Services, due to the possibility of hardware or software failure, unauthorized entry or use and other factors, we cannot guarantee the security of any information, whether online or offline. Any transmission of information is at your own risk. Please also note that any information you provide to us via email is unencrypted.
16. Statutory Requests
Some jurisdictions have laws that give people the right to access or correct their Personal Information which a company has about them. We will honor any statutory right you may have to access or correct your Personal Information that we have in our records, and you can email such requests to legal@arta.io. Once we receive your request, we will let you know if an administrative fee will apply to fulfill your request, as permitted by applicable law. However, please note that even if you have a legal right to request access to information or to correct information, as permitted by applicable law, we may reject requests that are unreasonably repetitive, would require disproportionate technical effort (for example, developing a new system or materially changing an existing practice), would jeopardize the privacy of others, or would be extremely impractical to fulfill (for example, requests to access information located on backup systems).
17. Dispute Resolution
As this Policy is part of our Terms and Conditions, any disputes involving you and us that relate to privacy or the use of your information, and that arise out of or are related to this Policy or our Services, will be subject to our Terms and Conditions, including any provisions regarding the limitation of damages and liability, choice of law, and dispute resolution.
If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at legal@arta.io or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
18. Changes to this Privacy Policy
Our business changes with time, and our Privacy Policy will change also. We reserve the right to change this Policy, including our Cookie Policy, without prior notice, at any time at our sole discretion. For example, and without limitation, we may change this Policy to reflect changes to the law or changes to our Services. All changes to this Policy will be effective when posted on our Services, or at such later date as may be specified in the updated Policy. We will notify you of any changes to this Policy by posting the updated Policy on our Services, and you agree to review this Policy regularly and inform yourself of all applicable changes. By continuing to use our Services after any changes to this Policy become effective, you agree to such changes and the updated Policy. Unless we notify you otherwise, the current version of this Policy will apply to all information that we have about you or your account.
19. Contacting Arta
If you have questions or comments about our Privacy Policy or practices, would like to know what Personal Information we hold about you, or would like to update, delete, or request access to such Personal Information, you may contact us by email sent to legal@arta.io, or by postal mail sent to:
Arta Shipping, Inc.
160 Varick Street, Suite 3-130
New York, New York 10013
USA
Arta Global Insurance Services, LLC Privacy Policy
Your privacy is important to us. At Arta Global Insurance Services, LLC (hereinafter referred to as “Arta”), we are committed to protecting your non-public personal information as required by law. This notice is to advise you of how we will handle this information.
Effective date: July 19, 2023
Last modified date: January 1, 2024
Table of Contents
- What is Personal Data?
- Types of Information We Collect on this Website
- How We Use Your Information/Use of Collected Personal Information
- The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
- State Specific Privacy Laws
- Confidentiality and Security
- Questions and Concerns
- Addendum 1
- California Privacy Rights
- Virginia Consumer Data Protection Act
- Colorado Privacy Act
- Massachusetts Information Privacy Act
- Connecticut Data Privacy Act (CTDPA)
- The Utah Consumer Privacy Act (UCPA)
1. What is Personal Data?
In this privacy policy, references to “personal information” or “personal data” are references to information that relates to an identified or identifiable individual. Some examples of personal data are your name, company, e-mail address, address, and telephone number but it may also include information such as your IP address and location, in certain jurisdictions.
2. Types of Information We Collect on this Website
You can visit the website of Arta without revealing who you are or providing any personal information about yourself.
There will be times, such as when you request information or a publication, when we will need to obtain personally identifiable information from you or about you. However, this information will not be collected without your knowledge.
The information we receive about you or from you may be used by us to process your inquiry or request, to comply with any law, regulation, or court order, and to help improve our website or the products or services we offer.
When you visit this website, we may collect usage information (including, but not limited to, IP addresses, browser and platform types, domain names, access times, and referral data) to help us understand how our website is navigated and used. This data does not include any personal information about you and is used only to measure and improve the effectiveness of our website.
3. How We Use Your Information/Use of Collected Personal Information
Arta only processes personal information for the purposes described in this Privacy Policy and/or privacy notice for specific services. Such services may include:
- Providing our insurance services to users;
- Auditing, research, and analysis in order to maintain, protect, and improve our services;
- Ensuring the technical functioning of our network; and
- Developing new services.
3.1 Promotional Messaging or Advertising:
Any Promotional Messaging or Advertising material is for general informational purposes only and does not constitute an offer to sell or a solicitation of an offer to buy any product or service.
3.2 Ability to Opt-in/Out
If we propose to use your personal information for any purposes other than those described in this Policy and/or in the specific service notices, you may "opt-out"—or say no to—having your information shared by contacting us through our contact page. We will not collect or use sensitive information for purposes other than those described in this Policy and/or in the specific service notices unless we have obtained your prior consent.
If you do choose to decline to submit personal information to any of our services, there may be some instances in which we may not be able to provide those services to you.
3.3 Information Provided by You
When you engage us to provide insurance services, we may ask you for personal information (such as your name, address, social security number, date of birth, phone numbers, credit card information, and email address) which we maintain in encrypted form on secure servers. We may combine the information submitted under various forms and services in order to provide customers with a better experience and to improve the quality of our services.
We may need to use your personal data in order to carry out the following activities:
- To set you up as a new client (including carrying out ‘know your customer’ checks);
- To provide you with an insurance quote;
- To provide our products and services to you;
- To respond to your inquiries;
- To accept payments from you;
- To communicate with you about your policy;
- To renew your policy;
- To obtain reinsurance for your policy;
- To process insurance and reinsurance claims;
- For general insurance administration purposes;
- To comply with our legal and regulatory obligations;
- To model our risks;
- To defend or prosecute legal matters;
- To respond to your inquiries;
- When you sign up for an online account;
- To make our products and services better and to develop new products and services; and
- To send you notices and information regarding our products or services, including notifying you about special promotions or offers, where we are legally permitted to do so.
3.4 Information Collected from Other Sources
From time to time, we may receive personal information about you from third party sources but only where we have checked that these third parties either have your consent or are otherwise legally permitted or required to disclose your personal information to us. This Privacy Policy applies to how we handle your information. We do not exercise control over the websites that are displayed in other browser windows opened by links from within our various services. These other sites may place their own cookies or other files on your computer, collect data, or solicit personal information from you.
3.5 Disclosure of Personal Information to Third Parties, Vendors, Service Providers, or for Company Communications
We may disclose personal information that we collect, or you provide, as described in this privacy policy under the following circumstances:
- To transfer data to our affiliates from time to time for our legitimate business purposes. Affiliates are defined as group companies, subsidiaries, parent companies, joint ventures, and other corporate entities under common Arta ownership;
- To contractors, service providers, and other third parties we use to support our business that are bound by an obligation to keep personal information confidential and use it only for the purposes for which we disclose it to them;
- To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of the Company's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by the Company about our Website users is among the assets transferred; and
- To fulfill the purpose for which you provide it.
3.6 Choices about the Collection and Use of Your Information
- This website may use "cookies" to enhance your viewing experience. A cookie is a tiny element of data that is sent to your browser to be stored on your hard drive so that we can recognize you when you return. You may set your browser to notify you when you receive a cookie or refuse cookies from all websites. Please note, if you reject cookies, it is possible that some web pages may not load properly, your access to certain information might be denied, or you might be required to enter information more than once.
- Promotional Offers from the Company: If you do not wish to have your e-mail address/contact information used by the Company to promote our own or third parties' products or services, you can opt-out by using one of the methods described above in 'How We Use Your Information'.
- Targeted Advertising: If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers' target-audience preferences, you can opt-out by using one of the methods described above in 'How We Use Your Information'.
3.7 Access to and Correction of Personal Information
If you believe that any personal information we have collected about you is inaccurate, you may send a written request via our contact page to correct or delete any personal information that you have provided to us. We will investigate your request and make appropriate changes if warranted.
We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
3.8 Collection of Information from Children
We do not knowingly collect personal information from anyone under the age of 13. If you believe that we are processing personal information pertaining to a child inappropriately, we ask you to contact us using the information provided under the “Contact Us” section.
For more information about protecting your child's privacy online, visit the Federal Trade Commission website at https://www.ftc.gov.
3.9 Other Considerations
When you use some Arta products, services, or applications or post on an Arta forum, chat room, or social networking service such as Facebook, Twitter, or other such social media sites, the personal information and content you share is visible to other users and can be read, collected, or used by them.
4. The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Arta is required by law to take reasonable steps to ensure the privacy of your personally identifiable health information, and to inform you about:
- The Company's uses and disclosures of Protected Health Information ("PHI");
- Your privacy rights with respect to your PHI;
- The Company's duties with respect to your PHI;
- Your right to file a complaint with the Company and to the Secretary of the U.S. Department of Health and Human Services ("HHS"); and
- The person or office to contact for further information regarding the Company's privacy practices.
PHI includes all individually identifiable health information transmitted or maintained by Arta, regardless of form (e.g. oral, written, electronic). A federal law, the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), regulates PHI use and disclosure by Arta. You may find these rules at 45 Code of Federal Regulations Parts 160 and 164.
5. State Specific Privacy Laws
Many states and territories have their own privacy regulations which apply to individuals and corporations that live or do business in, frequent, or offer good and services to its residents. The individual laws of these states vary and as such you should familiarize yourself with your individual state laws.
Addendum 1 which can be found at the end of this notice summarizes each current state privacy regulation.
6. Confidentiality and Security
We will not add your name to mailing lists unless you specifically request that we do so. We do not share, sell, lease, or rent our mailing or customer lists to third parties. We may use third parties to help us administer e-mail alerts. If personally identifiable information (i.e. name, address, e-mail address, telephone number) is provided to any of these third parties, we will require that they maintain such information in strictest confidence in compliance with this policy. We also assess new technology for protecting customer information on an ongoing basis.
We take the security of your personal information seriously and make appropriate technical and organizational measures against unauthorized or unlawful processing of personal data, and against accidental loss, destruction of, or damage to, personal data. Please contact us immediately if you believe your Personal Information has been exposed.
Although we take appropriate measures to protect the security of the information communicated through the website, no Internet connected computer system can be made absolutely secure from intrusion. We, therefore, cannot and do not guarantee that information communicated by you to us will be received or that it will not be altered before or after its transmission to us. If you elect to use the website to communicate with us, you do so at your own risk.
7. Questions and Concerns
If you have any questions or comments in regards to this privacy statement, or if you have any concerns as to the validity of information made available within these pages, we recommend you seek verification by contacting us via our ‘Contact Us’ page.
Please note that we may update and modify this Privacy Statement. It remains your responsibility to access and check these terms and conditions whenever you access the Website as the latest version of these terms and conditions will govern. We do not accept any liability for any errors or omissions.
8. Addendum 1
9. California Privacy Rights
California Civil Code Section §1798.83 and the California Consumer Privacy Act (CCPA) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. The CCPA also provides California residents the right ‘To Be Forgotten’ by a company.
A California resident has the right to know what Personal Information is collected, used, disclosed, or sold, to delete any Personal Information collected, to opt-out of the sale of Personal Information, and to not be discriminated against for exercising such rights.
9.1 Right to Know
A California resident has the right to request that we disclose what Personal Information we collect, use, disclose or sell. You may request that we disclose the following information upon receipt of a verifiable consumer request:
- The categories of Personal Information collected and categories of sources from which the Personal Information is collected;
- The business or commercial purpose for collecting or selling Personal Information;
- The categories of third parties with whom we share Personal Information; and
- The specific pieces of Personal Information we have collected about you.
9.2 Right to Delete
As a California resident, you have the right to request that we delete any Personal Information about you which we have previously collected. If it is necessary for us to maintain the Personal Information for certain purposes, we are not required to comply with your deletion request. If we determine that we will not delete your Personal Information when you request us to do so, we will inform you and tell you why we are not deleting it.
9.3 Right to Opt-Out of Sale of Personal Information
We do not sell Personal Information, including the Personal Information of minors under the age of 16. However, pursuant to applicable law, a California resident may request that their information not be sold in the future. To do so please send a request via our ‘Contact Us’ page.
9.4 No Discrimination
You have the right not to be discriminated against because you exercised any of your rights under the CCPA.
If you would like to exercise any such rights, please send a request via our ‘Contact Us’ page.
10. Virginia Consumer Data Protection Act
The Virginia Consumer Data Protection Act (VCDPA) provides consumers with certain rights related to their personal data. Under the Act, these rights include:
- The right to know, access, and confirm personal data;
- The right to delete personal data;
- The right to correct inaccuracies in personal data;
- The right to data portability (i.e., easy, portable access to all pieces of personal data held by a company);
- The right to opt out of the processing of personal data for targeted advertising purposes;
- The right to opt out of the sale of personal data;
- The right to opt out of profiling based upon personal data; and
- The right to not be discriminated against for exercising any of the foregoing rights.
If you are a Virginia resident and would like to exercise any such rights, please send a request via our ‘Contact Us’ page.
11. Colorado Privacy Act
The Colorado Privacy Act (CPA) provides consumers with certain rights related to their personal data.
The CPA provides five main rights for the consumer.
Right of access. You have the right to confirm whether a controller is processing your personal data and to have the sole right to access your personal data.
Right to correction. You have the right to correct inaccuracies in any personal data, taking into account the nature of the personal data and the purposes of the processing of your personal data.
Right to delete. You have the right to delete personal data concerning the consumer.
Right to data portability. You have the right to obtain your personal data in a portable and, to the extent technically feasible, readily usable format that allows you the consumer to transmit the data to another entity without hindrance.
Right to opt out. You have the right to opt out of the processing of your personal data purposes of:
- targeted advertising;
- the sale of personal data; or
- profiling in furtherance of decisions that produce legal or similarly significant effects on you as the consumer.
Right to appeal. The CPA also provides you the right to appeal a business’ denial to take action within a reasonable time period. A business must respond to a request within 45 days of receipt and may subsequently extend that deadline by an additional 45 days when reasonably necessary. When a business elects to extend that deadline, it must notify you within the initial 45-day response period.
If you are a Colorado resident and would like to exercise any such rights, please send a request via our ‘Contact Us’ page.
12. Massachusetts Information Privacy Act
MGL c.214, § 1B Right of Privacy of the Massachusetts Information Privacy Act (MIPA) provides that any Massachusetts resident (resident) shall have a right against unreasonable, substantial, or serious interference with his privacy. Information may only be collected with the resident’s express permission and any company that holds such information must immediately delete it upon a request to do so from the impacted resident.
To make any such request as a resident of the Commonwealth of Massachusetts, please send a request via our ‘Contact Us’ page.
13. Connecticut Data Privacy Act (CTDPA)
The CTDPA gives Connecticut residents certain rights over their personal data and establishes responsibilities and privacy protection standards for data controllers that process personal data. It protects a Connecticut resident acting in an individual or household context, such as browsing the Internet or making a purchase at a store.
What is considered personal data: Personal data is any information that can be linked to an identifiable individual, excluding publicly available information. Examples of personal data include: a home address, a driver’s license or state identification number, passport information, a financial account number, login credentials, and payment card information.
Access. Consumers have the right to confirm whether a controller is processing their personal data and access such personal data, unless such actions would reveal a trade secret.
Correction. Consumers have the right to correct inaccuracies in their personal data (with some limitation).
Deletion. Consumers have the right to delete personal data provided by or about the consumer.
Data portability. Consumers have the right to obtain a portable copy of their personal data to the extent technically feasible and provided the controller will not be required to reveal any trade secret.
Opt-out of certain data processing. Consumers have the right to opt out of the processing of personal data for purposes of:
- targeted advertising,
- the sale of personal data or
- profiling in connection with automated decisions that produce legal or similarly significant effects concerning the consumer.
Designation Rights: Consumers have the sole right to designate another person as an authorized agent to exercise the right to opt out on their behalf.
To make any such request as a resident of the State of Connecticut, please send a request via our ‘Contact Us’ page.
14. The Utah Consumer Privacy Act (UCPA)
The UCPA is applicable to the following:
Any controller or processor who:
- conducts business in the state of Utah; or
- produces a product or service that is targeted to consumers who are residents of the state of Utah.
Any owner of the information (Consumer) who:
- is a resident of the state of Utah; or
- is provided a good or a service from a business that conducts its business in the state of Utah.
The UCPA provides consumers the right to:
- confirm whether a controller is processing the consumer's personal data;
- access the consumer's personal data.
- delete the consumer's personal data that the consumer has provided to the controller.
- obtain a copy of the consumer's personal data, that the consumer previously provided to the controller, in a format that:
i. is portable;
ii. is readily usable; and
iii. allows the consumer to transmit the data to another controller without impediment; - opt out of the processing of the consumer's personal data for purposes of:
i. targeted advertising; and/or
ii. the sale of personal data.
A consumer may exercise their right by submitting a request to a controller, by means prescribed by the controller, specifying the right the consumer intends to exercise.