Epilogix Privacy Notice

This Privacy Notice explains how Epilogix LLC (hereafter “Epilogix”) processes information about Epilogix Clients, prospective Clients, Suppliers, Employees, prospective Employees, and visitors to our website (hereafter “Epilogix stakeholders” or “you”). Epilogix processes personal information in the process of marketing and delivering our Services. 

You may contact us with questions or concerns about this Privacy Notice, or to request deletion of your personal data, through the following channels:

Email: Via our Contact Form

Postal mail: 4938 Hampden Ln, Suite 152, Bethesda, MD 20814, USA

Telephone: +1 301 825 5331

We put together this Privacy Notice to inform Epilogix stakeholders about the information we collect from them and about them. Epilogix places great value on maintaining the privacy of the people and businesses with which it interacts. Epilogix maintains a comprehensive Privacy Policy that is part of our proprietary Quality Management System. This Privacy Notice is the public domain subset of that Privacy Policy, which includes content that is directly relevant to informing you and other Epilogix stakeholders of your rights with respect to our processing of your personal information.

Epilogix LLC is a United States legal entity. However, our Clients, Suppliers, and Employees are distributed worldwide. Therefore, we have structured this Privacy Notice considering the privacy rights and expectations of multiple global jurisdictions. For example, this Privacy Notice is informed by guidance from the European Union General Data Protection Regulation. Sections of this document were developed with the assistance of templates from the United Kingdom's Information Commissioner's Office. You may contact us to suggest additional privacy standards that are relevant to jurisdictions in which you live or work, if you believe that this Privacy Notice does not adequately meet those additional standards.

We collect or use the following information to provide services and goods, including delivery:

• Names and contact details

• Addresses

• Purchase or account history

• Account information

• Photographs or video recordings

• Call recordings

• Records of meetings and decisions

• Information relating to compliments or complaints

We collect or use the following information for the operation of customer accounts and guarantees:

• Names and contact details

• Addresses

• Purchase history

• Account information, including registration details

• Marketing preferences

We collect or use the following information for service updates or marketing purposes:

• Names and contact details

• Addresses

• Marketing preferences

• Location data

• Recorded images, such as photos or videos

• Purchase or viewing history

We collect or use the following information for recruitment purposes:

• Contact details (eg name, address, telephone number or personal email address)

• Employment history (eg job application, employment references or secondary employment)

• Education history (eg qualifications)

• Details of any criminal convictions

In addition to describing how we use your personal information, the European Union's General Data Protection Regulation requires applicable data processors to assert the lawful bases under which they collect personal information. This section refers to specific lawful bases recognized by those regulations for the types of personal information we collect.

Epilogix has conducted a “Legitimate Interest Analysis” for those areas in which we assert a legitimate interest as our lawful basis for collecting and processing personal information. We have summarized our specific legitimate interests in the applicable sections below.

Our lawful bases for collecting or using personal information to provide services and goods are:

• Contract

• Legitimate interest:

  • Our legitimate interests for collecting personal information of Epilogix Clients include providing updates on the progress of Epilogix Service delivery and transmitting deliverables associated with those Services. We give our individual Epilogix Client contacts control over their perceived risks of Epilogix personal information processing by asking them about their communication preferences for receiving Epilogix Service deliverables.

Our lawful bases for collecting or using personal information for the operation of customer accounts and guarantees are:

• Contract

Our lawful bases for collecting or using personal information for service updates or marketing purposes are:

• Contract

• Legitimate interest:

  • Our legitimate interests for collecting personal information of Epilogix Clients and prospective Clients also include identifying the needs of these stakeholders, or the Client companies for whom they work, that may be addressed by Epilogix Services. Although we believe that our processing of personal data for these interests involves minimal risk to those from whom we collect information, we offer stakeholders the opportunity to request that their personal information be deleted or forgotten to mitigate any unwanted risks that those stakeholders might perceive.

Our lawful bases for collecting or using personal information for recruitment purposes are:

• Consent

• Contract

• Legal obligation

Epilogix collects personal information from:

• The people with whom we interact directly in the course of our normal business,

• Publicly available sources, and

• The following third parties:

  • We collect information obtained from social media engagement with Epilogix company and Employee accounts on social media sites such as LinkedIn. Epilogix may add company accounts on other social media sites and communications networks in the future, such as Instagram, Skype, or WhatsApp.

Epilogix has a proprietary Records Retention Policy that outlines our standards for retaining or destroying various forms of records, including your personal information. According to that policy, Epilogix keeps personal information from contracted or prospective Clients, Suppliers, and Employees for three years from our last recorded date of contact. You may contact us to request deletion of your personal information before the end of that three-year period, unless the personal information is part of other records that Epilogix is required to keep for longer periods, such as employment records subject to regulatory review.

In extremely rare circumstances, the Services that Epilogix provides may require sharing your personal information in response to a subpoena, court order, or other governmental or regulatory request.

Epilogix may voluntarily disclose stakeholders' personal information to law enforcement or regulatory agencies if we believe in good faith that such disclosures are necessary to uphold Epilogix policies regarding anti-corruption, information security, or privacy protection.

As of the date this Privacy Notice was published, Epilogix has neither volunteered nor received requests to share personal information of Epilogix stakeholders to law enforcement or other regulatory authorities.

Certain jurisdictions, including the United Kingdom and the European Union, restrict the transfer of citizens’ personal information across borders. Where necessary, we may transfer personal information of UK data subjects outside of the UK, and EU data subjects outside of the EU. When doing so, we comply with applicable GDPR requirements, making sure that appropriate safeguards are in place.

We make extensive use of Google cloud-based services to ensure that personal information data transfers outside of the UK or EU are consistent with applicable law. Epilogix has ensured that its service agreements with Google provide for data processing consistent with GDPR regulations for UK and EU data subjects.

If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice.

Citizens covered under the UK’s version of GDPR may, if they remain unsatisfied with how Epilogix has used their data after responding to your complaint, may raise a complaint with the Information Commissioner’s Office (ICO).

The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline number: 0303 123 1113

Website: https://www.ico.org.uk/make-a-complaint

Citizens covered under GDPR in European Union countries may lodge a complaint with the Data Protection Authority (DPA) for their specific country. Please consult this directory of Data Protection Authorities for more information.