GENEX Privacy Policy Statement
We are committed to safeguarding the privacy of our website visitors and customers.
It is important to us that you understand how we will treat your personal information when you visit our website, use our mobile applications, or engage in a transaction for our products or services. For purposes of this Statement, “Personal Information” or “Personal Data” shall mean information that describes or relates to you as defined under applicable governmental law.
(1) What Personal Information have we collected in the past twelve (12) months? We may have collected, stored and used the following kinds of Personal Information:
(a) Internet or Network Activity Information about your visits to and use of this website, as explained below in section (2);
(b) Commercial Information about any transactions carried out between you and us, including information relating to any purchases you made of our goods or services, as explained below in section (3);
(c) Information that you provide to us for the purpose of registering with us and/or subscribing to our website services and/or email notifications, as explained below in section (4);
(d) Identifiers such as name, contact information, and online identifiers;
(e) Geolocation Data such as device location.
We may collect this Personal Information directly from you and automatically when you visit our websites. We also collect this Personal Information from our affiliates, vendors, joint marketing partners, and social media platforms.
(2) Information about website visits and the use of cookies
We may collect information about your computer and your visits to this website such as your IP address, geographical location, browser type, referral source, length of visit and number of page views. We may use this information to pursue our legitimate interests, namely in the administration of this website, to improve the website’s usability, and to improve your browsing experience by personalizing the website. We may also use such information for marketing purposes, as further specified in section (5).
We use cookies on this website. A cookie is a text file sent by a web server to a web browser, and stored by the browser. The text file is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We may send a cookie which may be stored by your browser on your computer’s hard drive. We may use the information we obtain from the cookie in the administration of this website, to improve the website’s usability and for marketing purposes. We may also use that information to recognize your computer when you visit our website, and to personalize our website for you.
(3) Information about transactions
We store information about any transaction concluded between you and us, including invoicing details as required under local legislation. We use this information in order to comply with laws governing the execution of such transactions, including amongst others, taxation requirements. We also process such information to perform our obligations and pursue our rights under the contract entered into by you and us, including in the context of any legal proceedings if necessary.
Such information is also collected and treated at the stage prior to concluding any contract as a follow-up to you placing an order or making any other relevant inquiry.
Furthermore, we use this information in the context of our legitimate interests, namely to carry out actions in view of our direct marketing purposes, as further specified in section (5).
(4) Website subscription information and newsletters
We collect and use information you provide us with, after having declared your consent, when you sign up on our website services to ensure user authentication and enable our website to perform the functions you choose.
We also gather and process information when you subscribe to our newsletter lists.
Furthermore, we use this information in the context of our legitimate interests, namely to carry out actions in view of our direct marketing purposes, as further specified in section (5).
(5) Direct marketing in more detail
In the context of our direct marketing purposes, we may use your personal information, wherever this is stipulated in this policy, to: (a) Send to you marketing communications relating to our business which we think may be of interest to you by post or, where you have specifically agreed to this, by email or similar technology.
(6) Other use cases of Personal Information
We may also use the Personal Information we collect for the following purposes:
• Services and Support. To provide and operate our services, communicate with you about your use of the services, provide troubleshooting and technical support, respond to your inquiries, fulfill your orders and requests, process your payments and claims, communicate with you about the Services, and for similar service and support purposes.
• Analytics and Improvement. To better understand how users access and use the services, and our other products and offerings, and for other research and analytical purposes, such as to evaluate and improve our services and business operations, to develop services and features, and for internal quality control and training purposes.
• Customization and Personalization. To tailor content we may send or display on the services, including to offer location customization and personalized help and instructions, and to otherwise personalize your experiences.
• Marketing and Advertising. For marketing and advertising purposes. For example, to send you information about our services, such as offers, promotions, newsletters and other marketing content, as well as any other information that you sign up to receive. We also may use certain information we collect to manage and improve our advertising campaigns so that we can better reach people with relevant content.
• Research and Surveys. To administer surveys and questionnaires, such as for market research or member satisfaction purposes.
• Infrastructure. To maintain our facilities and infrastructure and undertake quality and safety assurance measures.
• Security and Protection of Rights. To protect the Services and our business operations; to protect our rights or those of our stakeholders; to prevent and detect fraud, unauthorized activities and access, and other misuse; conduct risk and security control and monitoring; where we believe necessary, to investigate, prevent or take action regarding illegal activities, suspected fraud, or situations involving potential threats to the safety or legal rights of any person or third party.
• Compliance and Legal Process. To comply with the law and our legal obligations, to respond to legal process and related to legal proceedings.
• General Business and Operational Support. To consider and implement mergers, acquisitions, reorganizations, bankruptcies, and other business transactions such as financings, and related to the administration of our general business, accounting, auditing, compliance, recordkeeping, and legal functions.
• Business Transfers. To consider and implement mergers, acquisitions, reorganizations, and other business transactions, and where necessary to the administration of our general business, accounting, recordkeeping, and legal functions.
We retain the Personal Information we collect only as reasonably necessary for the purposes described above or otherwise disclosed to you at the time of collection. For example, we will retain your account data for as long as you have an active account with us, as well as an additional period of time as necessary to protect, defend or establish our rights, defend against potential claims, comply with our legal obligations.
(7) Disclosure and Recipients of Personal Information
We may disclose Personal Information for the following purposes:
• Operating Services and Sites and Providing Related Support. To provide our products and operate our services, communicate with you about your use of the products or services, provide troubleshooting and technical support, respond to your inquiries, fulfill your orders and requests, and for similar service and support purposes.
• Business Transfers. If we or our affiliates are or may be acquired by, merged with, or invested in by another company, or if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may transfer the information we have collected from you to the other company. As part of the business transfer process, we may share certain Personal Information with lenders, auditors, and third-party advisors, including attorneys and consultants.
• In Response to Legal Process. We may disclose your Personal Information to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
• To Protect You, Us, and Others. We disclose your Personal Information when we believe it is appropriate to do so to investigate, prevent, or take action regarding illegal activities, suspected fraud, or situations involving potential threats to the safety of any person.
We may disclose the Personal Information that we collect for the purposes described above with the following parties:
• Vendors. We may disclose Personal Information we collect to our service providers or agents who perform functions on our behalf. These may include, for example, IT service providers, suppliers, business partners, payment processors, analytics providers, consultants, auditors, and legal counsel.
• Our Affiliates. We may disclose Personal Information we collect to our affiliates or subsidiaries.
• Third-Party Ad Networks and Providers. We may disclose Personal Information to third-party ad network providers, sponsors and/or traffic measurement services. These third parties may use cookies, JavaScript, web beacons (including clear GIFs), and other tracking technologies to measure the effectiveness of their ads and to personalize advertising content to you. These third-party cookies and other technologies are governed by each third party's specific privacy policy, not this one.
• Government or Public Authorities. We may disclose Personal Information to a third party if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process, or governmental request, (b) to enforce our agreements, policies, and terms of service, (c) to protect the security or integrity of our Services, (d) to protect the property, rights, and safety of us, our users, or the public from harm or illegal activities, (e) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person, or (f) to investigate and defend ourselves against any third-party claims or allegations.
(8) International data transfers
Information that we collect may be stored and processed in and transferred between any of the countries in which we or our affiliates operate in order to enable us to use the information in accordance with this privacy policy.
We note that the GDPR establishes the free flow of personal data throughout the European Union. To the extent personal data identifying European subjects is transferred to countries, we store our data on Microsoft Azure and Office 365 data centers that may be outside the EU. However, we ensure our data access policies are in line with GDPR no matter where the data is stored.
(9) Data retention
We will keep your personal information for an appropriate period considering the nature of such data and the purposes for which they are processed.
Information pertinent to transactions between you and us shall be stored throughout the life-cycle of the transactions concerned and for as long as is necessary for the pursuit of legal claims or required by local law, including amongst others, tax legislation.
Information about your visits to and use of this website shall be kept within our Google Analytics Data for up to 24 months, after which time has passed we will automatically remove any customer data collected.
Information from your subscription to our website and newsletter lists shall be kept within our Email Marketing Software ( DOTMAILER ). We may contact you on a regular basis to seek for the renewal of your approval of us keeping such information.
(10) GDPR Rights
If you are a data subject within the European Union, you are entitled to exercise any of the following rights with regard to your Personal Data processed by us, subject to the conditions provided for by law:
(a) Right of access: the right to be provided with a copy of your Personal Information;
(b) Right to rectification: the right to require us to correct any mistakes in your Personal Information;
(c) Right to have your Personal Data erased: the right to require us to delete your Personal Information—in certain situations;
(d) Right to restriction of processing concerning your Personal Data—in certain circumstances like contesting the accuracy of the data;
(e) Right to object:
i. at any time to your Personal Information being processed for direct marketing or automated individual decision-making (including profiling);
ii. in certain other situations to our continued processing of your Personal Information, e.g., processing carried out for the purpose of our legitimate interests.
(f) Right to data portability: the right to receive the Personal Information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations.
(g) Right to lodge a complaint with a supervisory authority. You may exercise your rights by contacting us in any suitable way, such as by phone or post, using the contact details referred to in section (12). However, we strongly encourage you to do so by email: privacy@urus.org in order to enable us to deal with your request swiftly.
(11) Security of your personal data
We shall implement appropriate technical and organizational measures to ensure the protection of your privacy and a level of security appropriate to the risks entailed in any processing operation. We will take reasonable precautions to prevent the loss, misuse or alteration of your personal information.
However, we note that data transmission over the internet is inherently insecure, and we shall have no liability for events for which we are not responsible.
(12) Policy amendments
We may update this privacy policy from time-to-time by posting a new version on our website.
(13) Third-party websites
The website contains links to other websites. We are not responsible for the privacy policies (or content) of third-party websites.
(14) Our identity and contact details
We act as controllers under the GDPR. Should you have any concern about your privacy, or in case you want to exercise your rights as a data subject, please use the following contact details:
URUS, Privacy team, privacy@urus.org, 519.766.4622
Last Updated: November 20, 2023