TownChest Logo

Enbasis Inc - Privacy Policy

Last Updated: 08/06/2024

(Located at web address https://townchest.com/privacy )

About This Policy

Townchest.com is owned and operated by Enbasis Inc. Enbasis Inc. values your privacy and the protection of your personal data. This policy (“Policy”) explains how Enbasis Incorporated, its affiliates, subsidiaries, and related companies (together, “Enbasis”, “our”, “us”, “we”) collect, use, share, or otherwise process information that we collect through our services. These services include, as applicable, our websites, mobile applications, social media pages, marketing activities, and other activities described in this Policy, or when other businesses provide us your Personal Data (collectively, the “Services”). This Policy applies to both online and offline information collection.

This Policy is global, meaning it applies to all Enbasis Services. We may provide additional or supplemental privacy policies for certain products or services. To the extent you were provided with a different notice, those notices apply and govern our interactions with you. 

Policy Scope

This Policy describes our privacy practices when we process:

  • Personal data for the purposes of providing the benefits of our websites and the Enbasis platform, which includes all Enbasis’s services, sites, experiences, and software (including through our mobile applications and desktop applications) (the “Enbasis Platform”); and
  • Personal data as necessary to manage, run, improve, and develop our business and personalize your experience while interacting with the Enbasis Platform. Depending on your settings, this may include showing you personalized ads or recommending certain Enbasis products based on your interests.

Personal Data” is any information that can be used to directly or indirectly identify an individual or that can be reasonably expected to link to an individual. This can include items such as name, address, telephone number, credit card details, email address, ID number, Internet Protocol (“IP”) address of an electronic device used by an individual, or other identifying code (even absent of other identifying information). Statistical and non-identifiable metric data are not considered Personal Data. If you provide Personal Data about parties other than yourself, you are responsible for ensuring their knowledge of how we will process their personal data, and, where applicable, obtaining any necessary consents required in advance.

The Enbasis subsidiary, affiliate, or related company with which you interact is, where applicable, the data controller (or equivalent under applicable law) responsible for the processing of your Personal Data. You can find a list of the relevant legal entities that act as data controllers below:

Enbasis Inc. 

1041 W. Market St

Akron, OH 44313 

We may share your Personal Data within the Enbasis group companies and conduct processing activities as controllers or joint controllers for the purposes set out in this Policy.

We are committed to processing Personal Data in accordance with applicable laws. Please note that if you do not wish to provide your Personal Data to us, some products and/or services may become unavailable to you. Your use of any or all these platforms indicates you have been notified of our collection, use, transfer, and disclosure of your information as described in this Policy to the extent permitted by applicable law. 

What Data We Collect and Why

The below table denotes the categories and sources of Personal Data that may be processed under this Policy in addition to the purposes and legal bases for such processing. Please note that the items contained within this table may be shared, received or processed by Enbasis, our partners that assist us in providing the products or services or help us improve our marketing or administration, persons with the legal right to access the Personal Data and Parties involved in potential business transactions.

Identity and Contact Information

Examples of Personal Data Processed

Sources of Personal Data

Purpose of Processing the Personal Data

Legal Basis for Processing the Personal Data

First and last name, email address, postal address, phone number, job title, professional license numbers, account username and password, IP address, and national provider identifier or state license number

Directly from you; from your devices; from our business partners; from publicly available sources; from other subsidiaries, affiliates, or related companies of Enbasis.

To provide you with our products and services; to communicate with you; to identify and authenticate you; to customize content for you; to detect security incidents; to protect against malicious or illegal activity; to offer or provide our products and services; to ensure the appropriate use of our products and services; to improve our products and services; for short-term, transient use; for administrative purposes; for marketing, internal research, and development; and/or for quality assurance

For the purposes of our legitimate interests; in the public interest; to comply with a legal obligation; to perform a contract; to protect vital interests; in circumstances where we have requested and received consent; and for other purposes that may be required or allowed by law dependent upon the type of Personal Data

Demographic Information

Examples of Personal Data Processed

Sources of Personal Data

Purpose of Processing the Personal Data

Legal Basis for Processing the Personal Data

Age, gender, marital status, and date of birth

Directly from you; from your devices; from our business partners; from publicly available sources; from other subsidiaries, affiliates or related companies of Enbasis.

To provide you with our products and services; to communicate with you; to identify and authenticate you; to customize content for you; to detect security incidents; to protect against malicious or illegal activity; to ensure the appropriate use of our products and services; to improve our products and services; for short-term, transient use; for administrative purposes; for marketing, internal research, and development; and/or for quality assurance

For the purposes of our legitimate interests; in the public interest; to comply with a legal obligation; to perform a contract; to protect vital interests; in circumstances where we have requested and received consent; and for other purposes that may be required or allowed by law dependent upon the type of Personal Data

Commercial and Financial Information

Examples of Personal Data Processed

Sources of Personal Data

Purpose of Processing the Personal Data

Legal Basis for Processing the Personal Data

Transaction records, products and services (purchased, obtained, or considered), requested documentation, customer service records, financial transaction history, transfers of value, and financial account number

Directly from you; from your devices; from our business partners; from publicly available sources; from other subsidiaries, affiliates or related companies of Enbasis.

To provide you with our products and services; to communicate with you; to identify and authenticate you; to customize content for you; to detect security incidents; to protect against malicious or illegal activity; to ensure the appropriate use of our products and services; to improve our products and services; for short-term, transient use; for administrative purposes; for marketing, internal research, and development; and/or for quality assurance

For the purposes of our legitimate interests; in the public interest; to comply with a legal obligation; to perform a contract; in circumstances where we have requested and received consent; and for other purposes that may be required or allowed by law dependent upon the type of Personal Data

Professional and Educational Information

Examples of Personal Data Processed

Sources of Personal Data

Purpose of Processing the Personal Data

Legal Basis for Processing the Personal Data

Job title or position, employer, National Provider Identifier number, work skills, employment history, graduate degree, certification, specialized training, responses to surveys and questionnaires, and enrollment history for our education and training events, LinkedIn profile

Directly from you; from your devices; from our business partners; from publicly available sources; from other subsidiaries, affiliates or related companies of Enbasis.

To provide you with our products and services; to communicate with you; to identify and authenticate you; to customize content for you; to detect security incidents; to protect against malicious or illegal activity; to ensure the appropriate use of our products and services; to improve our products and services; for short-term, transient use; for administrative purposes; for marketing, internal research, and development; and/or for quality assurance

For the purposes of our legitimate interests; in the public interest; to comply with a legal obligation; to perform a contract; in circumstances where we have requested and received consent; and for other purposes that may be required or allowed by law dependent upon the type of Personal Data

Technical Information

Examples of Personal Data Processed

Sources of Personal Data

Purpose of Processing the Personal Data

Legal Basis for Processing the Personal Data

IP addresses, browser type, browser language, device type, advertising IDs associated with your device (such as Apple’s Identifier for Advertising (IDFA) or Android’s Advertising ID (AAID)), the date and time you use our products and services, Uniform Resource Locators, or URLs (i.e., website addresses) visited prior to arriving and after leaving our products and services, activity on our products and services and referring websites or applications, data collected from cookies or other similar technologies, and geolocation information

Directly from you; from your devices; from our business partners; from publicly available sources; from other subsidiaries, affiliates or related companies of Enbasis.

To provide you with our products and services; to communicate with you; to identify and authenticate you; to customize content for you; to detect security incidents; to protect against malicious or illegal activity; to ensure the appropriate use of our products and services; to improve our products and services; for short-term, transient use; for administrative purposes; for marketing, internal research, and development; and/or for quality assurance

For the purposes of our legitimate interests; in the public interest; to comply with a legal obligation; to perform a contract; to protect vital interests; in circumstances where we have requested and received consent; and for other purposes that may be required or allowed by law dependent upon the type of Personal Data

How We Share Data

We may share your Personal Data in the following circumstances:

  • For certain product features. We may use third party API services, such as YouTube and Twilio, for certain product features. If you choose to use those features, you acknowledge and agree that you are also bound by the third party’s privacy policy. You may manage your YouTube API data by visiting Google’s security settings page here. You may make choices about your Twilio API data by visiting Twilio’s privacy notice here.
  • When you connect to your social media account. Some of our features enable you to connect to a social media account or share information on social media platforms, like Facebook and Twitter. Any information you choose to share on social media may potentially be visible to a global audience and will be subject to the social media provider’s privacy policies (not this Privacy Statement). You should take care only to share information on social media that you are comfortable sharing.
  • For joint features, sales, promotions and events. With your consent we may share your Personal Data with third parties who are jointly providing features, sales initiatives, promotions or events with us.
  • When you publicly post the information. We may provide opportunities for you to publicly post reviews, questions, comments, suggestions, or other content that may include Personal Data, such as your name or username. Anything you share in a public forum is public, and you should think carefully before you decide to share.
  • With your wireless carrier. When you use your wireless device in connection with the Enbasis Platform, you authorize your wireless carrier to use or disclose information about your account and your wireless device, if available, to Enbasis or its service provider for the duration of your business relationship, solely to help them identify you or your wireless device and to prevent fraud.
  • When you participate in the short code program. Personal Data collected through the short code program (i.e., when you sign up for SMS texts), will not be shared, sold, or rented to affiliated or unaffiliated third parties for their own marketing purposes.

Other circumstances.

We also share your Personal Data with third parties in the following circumstances.

For research. With appropriate controls, we may share information with third parties, such as academic institutions, government, and non-profit organizations, for research purposes or to publish academic or policy-related materials. We only share information in a way that does not identify any individual.

With service providers or agents. We share Personal Data with our service providers or agents who provide services on our behalf for the purposes described in this Privacy Statement. Service providers or agents are required to implement reasonable privacy and information protection controls to maintain the privacy and security of information provided to them consistent with the privacy practices outlined in this Privacy Statement. Service providers or agents may include companies that assist us with our advertising, marketing, and sales efforts, help us with our technology offerings (such as a hosting, security or anti-fraud providers) and help us run our business. Service providers or agents also include AI providers, including generative AI providers such as Microsoft Azure OpenAI.

  • For mergers and acquisitions. If we are involved with a merger, asset sale, financing, liquidation, bankruptcy, or the acquisition of all or part of our business to another company, we may share your Personal Data with that company and its advisors before and after the transaction date.
  • With our affiliates and subsidiaries and your right to limit information sharing. We may share your Personal Data with our affiliates and subsidiaries for everyday business purposes as described in this Statement, including for marketing purposes, for improving and developing our offerings, and for personalizing your experience on our Platform. Certain laws may provide you with the right to limit our information sharing activities in certain circumstances. Please review these rights in the “Region and state-specific terms” section below.
  • For advertising and analytics. Enbasis may use advertising networks and other providers to display advertising on our Enbasis Platform or on other sites. Our advertising partners may place cookies on unaffiliated websites in order to serve advertisements that may be relevant to you based on your browsing activities and interests and determine the effectiveness of such advertisements. See also the “Region and state-specific terms” section below for additional information.

For legal reasons. We may share your Personal Data with third parties for legal reasons without your consent, and as permitted by law, including:

  • When we reasonably believe disclosure is required in order to comply with a subpoena, court order, or other applicable law, regulation or legal process;
  • To protect the rights, property, or safety of Enbasis, the Enbasis Platform, our customers or others;
  • To protect or defend against attacks;
  • To enforce, remedy, or apply our Terms of Service or other agreements;
  • To prevent fraud, cybersecurity attacks or illegal activity;
  • For debt collection; and
  • With regulatory agencies, including government tax agencies, as necessary to help detect and combat fraud and/or protect our customers, users and/or the Enbasis Platform, or in required institutional risk control programs.

How We Store and Transfer Data

We may transfer, process, and store your information to the US, Canada, India, European Union member states, the United Kingdom, or other countries. Our affiliates or other third-party service providers may also transfer, process, or store your information in the US or other countries. Our sites and businesses may be subject to US laws, which may not afford the same level of protection as those in your country.

Data Retention

Unless you specifically ask us to delete your personal data, we retain your personal data as long as it is necessary to carry out the purposes the Personal Data was collected for or for the period prescribed by applicable laws, whichever is longer. In considering how long to retain your Personal Data the following are considered:

  • The potential risk of harm if the data was subject to unauthorized use or disclosure;
  • The volume and sensitivity of the Personal Data;
  • Applicable legal requirements; and
  • If circumstances have changed such that the purposes for which the Personal Data was collected can be achieved by other means.

Even if you submit a deletion request, we may be required to maintain your personal data for as long as necessary to:

  1. comply with our legal or regulatory compliance needs (e.g., maintaining records of transactions you have made with us);
  2. to exercise, establish or defend legal claims; and/or
  3. to protect against fraudulent or abusive activity on our service.

This means we may keep different data for different periods. If your account is canceled because you haven’t used it for a long time, we may delete this data immediately.

When the retention of your Personal Data is no longer required we will delete or anonymize the data as per below. There may be occasions where we are unable to fully delete, anonymize, or de-identify your personal data due to technical, legal, regulatory compliance, or other operational reasons. Where this is the case, we will take reasonable measures to securely isolate your personal data from any further processing until such time as we are able to delete, anonymize, or de-identify it.

Anonymized and Aggregated Data

Anonymized/de-identified data is data for which the characteristics that can identify you, directly or indirectly, have been removed such that you are no longer identifiable, and this information is no longer considered Personal Data under data protection laws. We rely on our legitimate business interest, scientific or historical research and/or statistical purposes, consent or other purposes that may be required or allowed by law as the legal basis to anonymize Personal Data. Enbasis may process anonymized/de-identified data.

We may also obtain and use certain types of combined data sets such as demographic data for any purpose (“Aggregated Data”). Aggregated Data may be derived from your personal data but does not directly or indirectly reveal your identity. For example, we may aggregate certain information technology-related data of yours with others’ data to calculate the percentage of users accessing a specific feature on our website. We may use Aggregated Data for any purpose without restriction. However, if we re-combine or re-connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Policy.

International Data Transfers

We may transfer your Personal Data to recipients in countries other than the country in which your Personal Data was originally collected. When we transfer your Personal Data in such a manner, we take steps for your data to be protected consistent with this Policy and the laws and requirements in your country, including the requirements that apply to cross-border data transfers. We implement appropriate technical and organizational measures to provide a level of security appropriate to the risk of protecting your Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. As is the case with all websites, applications, products, and services, we unfortunately cannot guarantee the security of the data collected at all times.

Sale or Transfer of Data

If we are involved in a sale or transfer of all or some of our business assets or operations via a share or asset transaction, your personal data may be transferred to the acquiring organization who will be required to take at least the same or higher standards of care in the treatment of your Personal Data. Should such a sale or transfer occur, if required by law, you will be informed about this and may withdraw your consent to or, as applicable, instigate any other legally available rights as detailed in the “Your Data Rights and Choices” section of this Policy with regards to the processing and use of your Personal Data by the transferee.

Cookies

As outlined above, your interaction with our website is an additional source for collecting your information. We may use “cookies”, web beacons, and other technologies to help us evaluate and improve the content or functions of the products or services we provide. We collect your information through several methods:

  • Web beacons
  • Pixels
  • Tags
  • Tracking Cookies
  • Marketing Cookies
  • Analytic Cookies
  • Social Media Cookies

Our Cookie Policy https://townchest.com/cookies provides more detailed information about this topic and how we use cookies to enhance your experience and better serve you.

Third Party Links and Tools

We may link to other sites or apps on our platforms that we do not control. If you click on a third-party link, you will be taken to a platform we do not control. This policy does not apply to the privacy practices of that website or platform. Read other companies’ privacy policies carefully. We are not responsible for these third parties. Our site may also serve third party content that contains their own cookies or tracking technologies. We do not control the use of those technologies.

Your Data Rights

Some jurisdictions such have provided individuals with rights in relation to the processing of their Personal Data. These rights are not available to everyone, and they do not necessarily apply in all contexts. Depending on the applicable law or the legal basis, you may have the right to:

  • Object to the processing of your Personal Data;
  • Request access to your Personal Data;
  • Request correction of your Personal Data should your Personal Data be inaccurate, incomplete, or obsolete;
  • Request erasure/deletion of your Personal Data;
  • Withdraw your consent to future processing where we processed Personal Data on the basis of your consent;
  • Request restrictions on the processing of your Personal Data, including restricting the sale of or sharing of your Personal Data;
  • Request the transfer of your Personal Data to yourself or a third party;
  • Opt-out of certain transfers to third parties.

To exercise a right that you believe you may be entitled to under applicable law you can contact us directly. We may need to verify your identity before we fulfil your request or, under applicable law, we may be unable to action your submission. We shall notify you in a timely manner of such decisions or requirements as necessary.

California Residents. Please see the “California Residents” section below for an overview of how consumers in California receive certain privacy rights and protections.

If you are not able to resolve a problem directly with us and wish to make a formal complaint, you can contact your local data protection authority or other enforcement authority.

Changes to This Policy

From time to time we may change this Policy. The most updated copy will be found on our website. You can see when this Policy was last updated by checking the “last updated” date at the top of this Policy Please review this Policy periodically to stay informed about how Enbasis protects your privacy.

Contact Us

If you have questions or comments about this Privacy Statement or our practices, please contact us.

You can write to us at:

1041 West Market Street #1

Akron, OH 44313

Alternatively, you can email us directly at: privacy@enbasis.com

California Residents

Scope This section applies only to California residents. It describes how we collect, use, and share Personal Data of California residents in our capacity as a “business” under the California Consumer Privacy Act (“CCPA”) and your rights with respect to that Personal Data. For purposes of this section, the term “Personal Data” has the meaning given in the CCPA but does not include information exempted from the scope of the CCPA. Please note that we may claim legal exemptions for certain types of Personal Data and certain Enbasis companies from all or certain parts of the CCPA. In some cases, we may provide a different privacy notice to certain categories of California residents, such as employees and job applicants, in which case that notice will apply instead of this section. In the event of a conflict between the Policy and this section, this section shall control with respect to our processing of Personal Data relating to California residents that is subject to the CCPA, otherwise the Policy shall control.

CCPA Definition of Personal Data

Under the CCPA and for the purpose of this Notice “Personal Data” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, as defined in the. Personal Data includes, but is not limited to, the following if it identifies, relates to, describes, is reasonably capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household (California Consumer Privacy Act Section 1798.140(v)):

  • Personal Data does not include information that is deidentified or aggregate information. Nor does it include Publicly Available information. Publicly Available information is information lawfully made available from federal, state, or local government records, or information that a business has a reasonable basis to believe is lawfully made available to the public by the consumer or from widely distributed media; or information made available by a person to whom the consumer has disclosed the information if the consumer has not restricted the information to a specific audience. Publicly available does not mean biometric information collected by a business about a consumer without the consumer’s knowledge.

Personal Data Collection See the section of the Privacy Policy entitled “What Data We Collect and Why” for more information about the types of Personal Data we collect and about the sources from which we obtain Personal Data. This includes types of Personal Data that may be considered “sensitive” under the CCPA.

Purposes of Personal Data Collection See the section of the Privacy Policy entitled “What Data We Collect and Why” for more information about the business and commercial purposes for which we collect, use, and disclose Personal Data, including Personal Data that may be considered “sensitive” under the CCPA. See the section of the Policy entitled “Data Retention” for more information about retention practices.

Personal Data Notice See the section of the Privacy Policy entitled “What Data We Collect and Why” for more information about the circumstances in which we disclose Personal Data and the parties to whom we disclose such Personal Data. As described in the Policy, we disclose Personal Data relating to California residents for various business purposes to Company entities and Third Party Service Providers that process such Personal Data on our behalf, including the following:

Categories of Personal Data that we Disclosed for Business Purpose

  • Identity and Contact Information
  • Demographic Information
  • Commercial and Financial Information
  • Health Information
  • Professional and Education Information
  • Technical Information

Your Rights under the CCPA

You may have the right under applicable law to:

  • Request to know the categories of Personal Data we collect
  • Request to know the categories of Service Providers and 3rd Parties we share your Personal Data with
  • Request access to your Personal Data (a copy of the data will be provided to you in a reasonable format)
  • Request we delete your Personal Data
  • Request we correct your Personal Data
  • Request we transfer your Personal Data to another person or organization
  • Request that we do not sell your data with third parties
  • Request that we opt you out of sharing your Personal Data for cross-context behavioral advertising or automated decision making
  • Request that we limit use or disclosure of Sensitive Personal Data

Verification

In order to protect your Personal Data from unauthorized access or deletion, we may require you to verify your credentials before you can submit a rights request. If you do not have an account with us, or if we suspect your account has been accessed without your authorization, we may ask you to provide additional Personal Data for verification.

How To Make A Request

To exercise your rights under the CCPA, you can contact us via email or mail at:

privacy@enbasis.com

Attn: Data Privacy Office

1041 West Market Street #1

Akron, OH 44313

We will not unlawfully deny you goods or services or discriminate against you for exercising your privacy rights.

Authorized agents

You may use an authorized agent to submit a rights request. If you do so, the authorized agent must present signed written authorization to act on your behalf, and you will also be required to independently verify your own identity directly with us and confirm with us that you provided the authorized agent permission to submit the rights request. This verification process is not necessary if your authorized agent provides documentation showing that the authorized agent has power of attorney to act on your behalf under Cal. Prob. Code §§ 4121 to 4130.

Sales and Sharing of Information of California Residents

We do not sell or share your Personal Data, including Personal Data of minors under the age of 16, with third parties for any purpose other than to provision services to you, and which are in line with our Privacy Policy. To exercise your right to opt-out, please contact us.

Personal Data Exempt from the CCPA

Certain types of Personal Data are exempt from the CCPA. If you submit a request regarding your Personal Data, and in our sole opinion we believe that your Personal Data is either in part or in whole exempt from the CCPA we will inform you as such. Examples include Personal Data that is processed under the following laws or obligations:

  • Our compliance with federal, state, or local laws, compliance with a court order or subpoena to provide information, or cooperating with law enforcement and regulatory agencies in conducting investigations
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Confidentiality of Medical Information Act
  • Gramm-Leach-Bliley Act
  • California Financial Information Privacy Act

For a full list of the exemptions please visit California Consumer Privacy Act Section 1798.145