At VersaWare, we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect your personal data in compliance with relevant privacy laws, including the General Data Protection Regulation (GDPR), the Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act (CCPA), and other applicable laws.

1. Definitions

• Personal Data: Information that identifies, relates to, describes, or could reasonably be linked with a particular individual.
• Processing: Any operation performed on personal data, including collection, recording, storage, adaptation, or use.
• Data Controller: VersaWare, who determines the purposes and means of processing personal data.
• Data Processor: Any third party that processes personal data on behalf of VersaWare.

2. Information We Collect

We collect the following types of data:

• Personal Identification Information: Name, email address, phone number, etc.
• Health Data: Information necessary to operate health-monitoring features in compliance with HIPAA.
• Usage Data: Including log data, interaction logs, and analytics, to improve our product’s functionality.
• Audio Data: Captured through wake word detection, which activates voice processing features.
• Cookies and Tracking Technologies: We use cookies and similar technologies to track user behavior on our platforms and improve our services.

3. Legal Basis for Data Processing

We process personal data on the following legal grounds:

• Consent: Where required by law, such as for marketing communications, we will seek your explicit consent to process your data.
• Contractual Obligations: Processing necessary for the performance of a contract (e.g., providing our services).
• Legitimate Interest: For purposes like improving product performance, ensuring security, or preventing fraud.
• Compliance with Legal Obligations: Processing to comply with applicable laws and regulations, including HIPAA, GDPR, and CCPA.

4. Data Collection for Health Information

• HIPAA Compliance: VersaWare is committed to adhering to HIPAA and other regulations protecting the collection and storage of health-related data. Health data will only be collected and processed with explicit user consent where required and stored with encryption.
• Data Use and Sharing: We do not sell or disclose your health data to third parties without explicit consent, except as required by law (e.g., in response to a subpoena).
• Minimum Necessary Rule: We collect only the minimum amount of data necessary to achieve the intended purpose.

5. Audio Data Collection and Wake Word Detection

Our products include hands-free wake word detection technology. VersaWare employs the following safeguards for audio data:

• Activation and Capture: Audio capture is initiated only after a specific wake word is detected. No audio is recorded or stored prior to wake word activation unless the model returns a question or expects a follow up response from the user for additional clarification or consent.
• Data Retention: Audio data is retained only as long as necessary to fulfill the purpose of processing, and securely deleted after a limited time.
• Third-Party Access: We do not share audio data with third parties except as required by law or as necessary to fulfill contractual obligations, always with user consent where applicable.

6. Retention of Personal Data

We retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. The retention period for health data will comply with HIPAA regulations.

7. Data Transfers

Personal data may be transferred to and processed in countries outside the jurisdiction of your residence, including the United States, which may not provide the same level of data protection as your home country. In such cases, we ensure appropriate safeguards (e.g., Standard Contractual Clauses) are in place to protect your personal data.

8. Right to Be Forgotten

You have the right to request that VersaWare permanently delete all personal data collected from you. To exercise this right, contact us at [hello@versaware.com]. VersaWare will comply with your request without undue delay, subject to legal obligations that may require data retention (e.g., for regulatory or contractual reasons).

9. Anonymous Data Collection

VersaWare may collect anonymous data, which is data that has been stripped of any personally identifiable information and cannot be linked back to individual users. We may use this anonymous data for research, product development, or marketing purposes.

10. Security of Your Information

VersaWare implements appropriate technical and organizational measures to protect personal data from unauthorized access, alteration, disclosure, or destruction, including:

• Encryption: Data is encrypted both in transit and at rest using industry-standard protocols.
• Access Control: Access to personal data is limited to authorized personnel who require such access to perform their duties.

11. Data Breach Notifications

In the event of a data breach, VersaWare will notify affected users and regulatory authorities as required by law within 72 hours of becoming aware of the breach, if it poses a high risk to the rights and freedoms of individuals.

12. Your Rights and How to Exercise Them

• Right of Access: You may request details of the personal data we hold about you.
• Right of Rectification: You have the right to request corrections to any inaccurate or incomplete personal data.
• Right of Erasure: As previously stated, you have the right to request that we delete your personal data.
• Right to Object: You may object to the processing of your personal data for direct marketing purposes or where the processing is based on legitimate interests.
• Right to Data Portability: You have the right to request that we transfer your data to another organization, where feasible.

13. Limitation of Liability

To the extent permitted by law, VersaWare shall not be liable for any indirect, incidental, or consequential damages arising out of or related to the use of personal data, even if VersaWare has been advised of the possibility of such damages.

14. Governing Law and Dispute Resolution

This Privacy Policy shall be governed by and construed in accordance with the laws of the State of Michigan, without regard to its conflict of law provisions. Any disputes arising under this policy will be resolved through binding arbitration in [Insert Location] in accordance with the rules of the American Arbitration Association.

15. Changes to This Privacy Policy

VersaWare reserves the right to update or modify this Privacy Policy at any time. If we make material changes, we will notify you through the contact details provided or by posting a notice on our website.

16. Contact Us

For questions or concerns about this Privacy Policy, or to exercise your rights, please contact us at:

VersaWare Privacy Team
Email: hello@versaware.com
Address: 21415 Civic Center Dr. Suite 100, Southfield, MI 48076