Privacy Policy

Effective date: March 5, 2024

Five to Nine, Inc (“Five to Nine”, “us”, “we”, or “our”) takes the privacy and security of your personal data seriously. This Privacy Policy describes how we protect and use the personal data we collect about you through our website and in connection with the services we offer (“Service”).

As a visitor or Member of Our Platform, the collection, use and sharing of Your Personal Data is subject to this Privacy Policy and any updates.

Five to Nine operates the Platform. This section informs You of Our policies regarding the collection, use and disclosure of personal data when You use Our Platform and the choices You have associated with that data.

We use Your data to provide and improve the Platform. By using the Platform, You agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms of Use, accessible from https://fivetonine.co/terms-of-use.

Please contact [email protected] with any requests, questions, or concerns relating to this Privacy Policy.

Definitions

“Personal Data” means data about a living individual or entity that can be identified from those data (or from those and other information either in Our possession or likely to come into Our possession). Personal Data may include, but is not limited to:

Usage Data

Usage Data is data collected automatically either generated by the use of the Platform or from the Platform infrastructure itself (for example, the duration of a page visit).

Cookies

Cookies are small files stored on Your device (computer or mobile device).

Types of Data Collected

Personal Data

While using Our Platform, We may ask You to provide Us with certain Personal Data. We may use Your Personal Data to contact You with information that We deem may be of interest to You. You may opt out of receiving any, or all, of these communications from Us by contacting Us.

Usage Data

We may also collect information on how the Platform is accessed and used (“Usage Data”). This Usage Data may include information such as Your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of Our Platform that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on Our Platform and We hold certain information.

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to Your browser from a website and stored on Your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze Our Platform.

You can instruct Your browser to refuse all cookies or to indicate when a cookie is being sent. However, if You do not accept cookies, You may not be able to use some portions of Our Platform.

Examples of Cookies We use:

Use of Data

Five to Nine uses the collected data for various purposes:

Data Privacy Framework

Five to Nine complies with the EU-U.S. Data Privacy Framework (EU‑U.S. DPF), and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Five to Nine has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Five to Nine has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program and to view our certification, please visit dataprivacyframework.gov/.

This statement outlines our general policy and practices for implementing the EU‑U.S. DPF Program (refers collectively to the EU-U.S. DPF and the Swiss-U.S. DPF), including the types of personal data that Five to Nine gathers; how we use it; and the choices that affected individuals have regarding our use of, and their ability to correct, the personal data relating to them. If there is any conflict between this statement and the Principles, the Principles will govern. To learn more about the EU-U.S. DPF Program, the Swiss-U.S. DPF Program, and to view the firm’s certification, please visit dataprivacyframework.gov/s/participant-search.

This statement applies to personal data that we handle (See definition for “personal data” above).

Principles protecting individuals’ privacy notice and choice

Transfer of Data

Because Five to Nine and its servers are located in the United States, we necessarily transfer any data that is collected from outside the United States to the United States for processing and storage. Your information, including Personal Data, may be transferred to – and maintained on – computers located in the state of Virginia, U.S.A. The data protection laws may differ from those of Your jurisdiction. However, Five to Nine will protect personal data in accordance with the EU-U.S. DPF Program and/org Swiss-U.S. DPF Program regardless of the jurisdiction in which the data resides.

Five to Nine is responsible for the third-party acts within its control that result in the processing of personal data inconsistent with the EU-U.S. DPF Program and/or Swiss-U.S. DPF Program.

Access

An individual has the right to access personal data that Five to Nine holds about that person as specified by the EU-U.S. DPF Program and/org Swiss-U.S. DPF Program. An individual may contact us by submitting, in writing, a request to  either:

Or

The individual will need to provide sufficient identifying information, such as name, address, and birth date. We may request additional identifying information as a security precaution, such as a national identifier (e.g., a Social Security number). In addition, we may limit or deny access to personal data where providing such access would be unreasonably burdensome or expensive in the circumstances or where the rights of persons other than the individual would be violated. In some circumstances, we may charge a reasonable fee for access to personal data.

Disclosure of Data

Business Transaction

If Five to Nine is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Legal Requirements

Five to Nine may disclose Your Personal Data in the good faith belief that such action is necessary to:

Security of Data

The security of Your data is important to Us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security. More about our security can be found at https://fivetonine.co/security/

Accountability and enforcement

We have established a program to monitor our adherence to the EU-U.S. DPF Program and Swiss-U.S. PDF Program and to address questions and concerns regarding our adherence. This program will include a statement, at least once a year, signed by an authorized representative of Five to Nine, verifying that this statement is accurate, comprehensive for the information that is intended to be covered, prominently displayed, completely implemented and accessible. We encourage interested persons to raise any concerns with us using the contact information below.

The Federal Trade Commission has jurisdiction over Five to Nine’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Retention of Data

Five to Nine generally retains your Personal Data for a period of time consistent with the original purpose of collection. For instance, Five to Nine retains company data for the duration of their contract with Five to Nine and purges it at termination of contract. We may also retain your Personal Data during the time you have an account to use our platform, website, and services. We also may retain your Personal Data as necessary to comply with our legal obligations, to establish proof of a right or a contract, resolve disputes, enforce our agreements, in accordance with the law.

Our data retention policy can additionally adhere to client retention policy as long as it’s in accordance with applicable law.

Service Providers

Five to Nine employs third party companies solely for the purposes of facilitating our platform’s hosting, analyzing how it is used, or improving the function of platform-related services.

AWS: Hosting Services
SendGrid: Email provider
Hotjar: Product improvements
Pendo: Product usage tracking

These third parties may have access to Your Personal Data only to perform these tasks on Our behalf and are obligated not to disclose or use it for any other purpose.

Payments

We may provide paid products and/or services within the Platform. In that case, we use third-party services for payment processing ( “Payment Processors”).

We will not store or collect Your or Your employees’ payment card details. That information is provided directly to Our Payment Processors whose use of personal information is governed by their privacy policy. These Payment Processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

Links to Other Sites

Our Platform may contain links to other sites that are not operated by Us. If You click a third party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Children’s Privacy

Our Platform does not address anyone under the age of 18 (“Children”).

We do not knowingly collect Personal Data from anyone under the age of 18. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from children without verification of parental consent, We take steps to remove that information from Our servers.

California Privacy Rights

Users residing in certain jurisdictions, like California, have a right to access Personal Data held by Us about them and their right of access can be exercised in accordance with applicable law. California law requires certain businesses to respond to requests from California residents asking about the business’ practices related to disclosing Personal Data to third parties for the third parties’ direct marketing purposes. Alternatively, such businesses may have in place a policy not to disclose Personal Data of customers or clients to third parties for the third parties’ direct marketing purposes if the resident has exercised an option to opt-out of such information sharing. We have such a policy in place.

California residents may request further information about our approach to this law by writing to Us. When writing to Us, you must include any relevant information (like Your name, contact information, any Member number or unique site identifier associated with You) in order to assist in Your request. Please allow 30 days for a response.

EU, European Economic Area (“EEA”), United Kingdom (“UK”) Privacy Rights

Users residing in the EU, European Economic Area (“EEA”), United Kingdom (“UK”) have a right to access Personal Data held by Us about them and their right of access can be exercised in accordance with applicable law. Users may request access to their personal data and obtain information about our processing of personal data, with whom we share this personal data, and User’s rights around this data. Users may request that we restrict our processing of their personal data. Users may object to our processing of their personal data as well as where we process personal data based on a User’s consent, and they may withdraw their consent. Users may request that their personal data be updated or removed from the system. However, we may retain certain information to comply with our legal obligations, resolve disputes, or enforce our agreements, and there may be some delay in deleting certain data from our servers and back-up storage. To submit a question or concern about rights, please email [email protected] message our live chat.

Exporting Your Data

Five to Nine will adhere to a User’s request for an export of personal data. Please forward request to [email protected] or reach out via live chat with the subject line “GDPR Export”.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify You of any changes by emailing You the new Privacy Policy and/or posting the updated Privacy Policy within the Platform website prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact Us: