VES-Artex Privacy Policy

Our Privacy Philosophy

You own your data.
VES-Artex will not do any of the following without your permission:
• Access your computers
• Access your system
• Share your files with third parties

Our Privacy Policy highlights our commitment to transparency, your data ownership, and privacy. It covers the following:
• Security
• Anonymity: protecting the identity and privacy of customers
• Rights of natural persons using VES-Artex services and software
• Use of VES-Artex and customer data
• Protecting VES-Artex’s system and software
• Contact information for privacy issues

This Privacy Policy governs the use of your information by VES Environmental Solutions, Inc. (“VES”) and VES-Artex Systems Canada, ULC (“VES-Artex Canada”). “VES-Artex” is used to refer to both companies or either one of them.

VES-Artex maintains the following Privacy Policy. It may be subject to change from time to time. These changes can be found on this website: www.artexbarn.com. 

Scope: This Privacy Policy governs how VES-Artex and Affiliates treat information you share with VES-Artex. Examples of how you share information with VES-Artex includes inputting information into software provided by VES-Artex, providing information to VES-Artex through VES-Artex-provided services, or otherwise provided to VES-Artex—including by sharing information through your use of the VES-Artex website and use of VES-Artex technology. An “Affiliate” is any person (natural or legal) that directly or indirectly controls, is controlled by, or is under common control with VES-Artex. “Control” is presumed if at least one of the following conditions is present: (a) for corporate entities, owning at least fifty percent of the stock or shares, directly and indirectly, having the right to vote for the election of directors or any direct or indirect parent of that corporate entity, and (b) for non-corporate entities, owning at least fifty percent of the equity interest, directly or indirectly, with the power to direct the management and policies of that non-corporate entity.

Cookies: VES-Artex’s websites, services, and software uses “Cookies” to track your activities and preferences. This allows VES-Artex to make the websites, services, and software more responsive to your needs. VES-Artex does that by using Cookies to process user requests, improving functionality for users, and improve web content (making the web design and content are relevant to you). A web-page server places a Cookie or data file on your hard disk. Programs cannot be run nor can viruses be delivered using the Cookies. You can accept or deny these Cookies at the bottom of the VES web page (https://www.artexbarn.com). Browsers can be configured to accept all cookies, reject all cookies, or notify you when a cookie is set. If you have questions about how to do that, consult the “Help” menu of the browser you are using. Certain web pages on our site cannot be used if you reject all cookies.

Security: VES-Artex will take reasonable efforts to secure the data you provide—including information that identifies natural persons—from unauthorized access. Reasonable efforts include encrypting all passwords in the VES-Artex database and sending traffic between VES-Artex controlled systems over encrypted channels. But it is impossible to guarantee that every communication or transmission over the internet is secure. Thus, despite VES-Artex’s reasonable efforts, it cannot guarantee the safety of this personal information. By using VES-Artex’s system, service, or website you agree that VES-Artex will not be held liable for any unauthorized access. If your information is compromised because of a security breach, VES-Artex will notify you in accord with applicable law.

Anonymity: VES-Artex anonymizes data to the extent that it does not interfere with the services VES-Artex provides to you, any obligation VES-Artex has under law, or developing or improving VES-Artex’s products and services:

• Anonymize means removing information that would allow anyone to identify you or your business as the source of data.

• VES-Artex will ask you to expressly opt in before participating in any benchmarking or similar activity that requires data that is not anonymous.

• VES-Artex, its Affiliates, and contractors will not provide data to others that can identify you or your business without your express permission or unless required by law; for example, you may authorize VES-Artex to share non-anonymized data with another vendor for the purpose of facilitating services you receive from that vendor.

Use of Information: Subject to the Anonymity provision above, VES-Artex and its Affiliates use your information in the following ways: Your information is used to provide and improve the services or products offered, licensed, or provided to you by VES-Artex. VES-Artex will also use your information for internal business purposes. VES-Artex also shares your information with Affiliates or third parties, when VES-Artex is making the disclosure to provide you with or to improve the products or services offered, licensed, or provided by VES-Artex. VES-Artex may also use the information you provide to produce data for other commercial purposes in anonymized form, including by aggregating it with other data. VES-Artex may also provide or disclose your information, if that disclosure is required by law; if VES-Artex is required to do so, to seek remedies for a breach of any end-user agreement or contract; if the data is transferred as part of a sale of VES-Artex or a portion of its business; and if VES-Artex believes disclosure is necessary to protect its rights or the personal safety of others. VES-Artex may also disclose your information to appropriate authorities and financial institutions.

Links Outside VES-Artex: VES-Artex’s website, services, and software might provide links to third-party sites. Third parties may also link to VES-Artex’s website, services, and software. VES-Artex does not make any representations about the privacy policies or content of third-party sites. VES-Artex is not responsible or liable for any third-party policies, acts, or omissions.

Updates: This policy may be updated from time to time. VES-Artex recommends that you regularly return to VES-Artex’s website to stay up to date regarding VES-Artex’s Privacy Policy. Any updates are effective immediately upon them being published or otherwise made available on VES-Artex’s website. If you expressly accept this Privacy Policy as part of any End User Subscription Agreement or End User License Agreement, then any update to this Privacy Policy will be presented to you for acceptance. If you do not accept the update, VES-Artex can—in its sole discretion—choose to either continue to provide services under the previously accepted Privacy Policy or to terminate services and any accompanying End User Subscription Agreement or End User License Agreement.
Personal Data: To the greatest extent possible, VES-Artex does not keep or process the personal data of natural persons, except for the purpose of identifying authorized users, providing customer service, customer sales, and product development. Any information of this kind is only shared with VES-Artex employees and vendors for customer service, product development, customer sales, and verification purposes. Any natural person that provides their data to VES-Artex can contact VES-Artex to access personal information, if any, VES-Artex has collected about them and request changes be made for accuracy and completeness.

Additional Rights Regarding Personal Data under GDPR: The following notices and disclosures apply to all natural persons who provide personal data to VES-Artex, i.e., data subjects, who are covered by the EU General Data Protection Regulation (Regulation EU 2016/679):

Length of Data Use: Personal data of a data subject is maintained while the data subject or the data subject’s employer is a customer of VES-Artex, and for a reasonable time afterwards to make it easier for VES-Artex to serve the data subject or his or her employer if either re-subscribe to VES-Artex’s services and to contact them about subscription renewal and new products and services.

Right to Access and Rectification: A data subject has the right to demand access to and the rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing as well as the right to data portability.

Withdrawal of Consent: A data subject also has the right to withdraw the consent provided by his or her acceptance of this Privacy Policy at any time, without affecting the lawfulness of any data processing based on consent before its withdrawal.

• Right to Lodge Complaint: A data subject also has the right to lodge a complaint with a supervisory authority regarding VES-Artex’s processing of his or her personal data.

• Need for Personal Data & Consequences of Withdrawing Consent: The personal data provided by the data subject under this Privacy Policy is required for VES-Artex to perform its obligations under any contract between VES-Artex and the data subject or an employer of the data subject because this information is needed to identify authorized users and provide customer service. A data subject that no longer provides consent or requests erasure of his or her personal data will no longer be able to use VES-Artex services or products because this information is needed to ensure that the data subject is an authorized user.

• Providing Personal Data to Data Subject: VES-Artex can provide to a data subject—upon request—remote access to a secure system that provides that natural person with direct access to his or her personal data. This type of request will not be fulfilled in way that may adversely affect the rights or freedoms of others, including trade secrets or intellectual property, and, in particular, the copyrights, protecting VES-Artex’s software. Depending on the amount of data that falls within this type of request, VES-Artex may request that, before the information is delivered, the data subject specify the information or processing activities to which his or her request relates.

• Data Transfer outside the EU: VES-Artex transfers your information, including personal information of natural persons, outside the European Union to the United States or Canada because the transfer is necessary for the performance of the services contract between you and VES-Artex or the implementation of pre-contractual measures taken at your request. Not all states in the United States have data-protection and privacy laws as comprehensive as the European Union. If European Union data-protection and privacy laws apply to you, then VES will maintain measures to protect your personal information identifying natural persons in a manner commiserate with the protections required under European Union law. The EU has not determined that the United States has adequate legal safeguards outside of certain self-certification programs that VES-Artex currently does not participate in.

• Who to Contact: A data subject can use the following email to contact VES-Artex regarding any of the privacy rights provided for or granted under law or under this Privacy Policy: legal@ves.co.

California Consumers Only: This additional provision applies only to California consumers.
As stated above, VES-Artex does not sell personal information. If VES-Artex changes its policy and decides to sell consumer’s non-anonymized personal information to third parties—which it currently does not—a consumer will have the right, at any time, to direct VES-Artex not to sell the consumer’s personal information. This right is referred to as the right to opt-out. VES-Artex will provide notice of any change in its current policy before engaging in any sale of consumer’s personal information. VES-Artex will not discriminate against a consumer because the consumer exercised any of the consumer’s rights. Nothing in this California-consumer provision prevents VES-Artex from collecting, using, retaining, selling, or disclosing consumer information that is anonymized or in the aggregate consumer information to the extent otherwise allowed under this Privacy Policy. Nor does it prevent VES-Artex from collecting or selling a consumer’s personal information if every aspect of that commercial conduct takes place wholly outside of California to the extent otherwise allowed under this Privacy Policy. For purposes of this provision, commercial conduct takes place wholly outside of California if the business collected that information while the consumer was outside of California, no part of the sale of the consumer’s personal information occurred in California, and no personal information collected while the consumer was in California is sold. You represent that any users of VES-Artex’s products or services are at least 16 years old.

A consumer has the right to request that VES-Artex disclose to that consumer the categories and specific pieces of personal information that VES-Artex has collected. VES-Artex does not have to provide information upon consumer request more than twice in any twelve-month period. VES-Artex uses and collects the following types of personal information as described in the sections of this Privacy Policy marked by the following headings: Personal Data, Length of Data Use, Need for Personal Data & Consequences of Withdrawing Consent, and Use of Information. These categories of types of data and collection correspond to the following required disclosure of categories of use and collection found subdivision (c) of Section 1798.110 and subdivision (c) of Section 1798.115 (additional information is provided in italics below):

Section 1789.110:

(1) The categories of personal information it has collected about that consumer.
VES-Artex collects name, address, password, and employer information.

(2) The categories of sources from which the personal information is collected.
VES-Artex gets personal information from You, Your employer, and from Your computer and interaction and use of the VES-Artex website, services, and software.

(3) The business or commercial purpose for collecting or selling personal information.
VES-Artex does not sell personal information. VES-Artex uses personal information to identify authorized users, provide customer service, track use of VES-Artex software and services, follow up with communications for new software and services and renewals, and coordinate provision of software and services with Value Added Resellers, third-party developers, and VES-Artex vendors.

(4) The categories of third parties with whom the business shares personal information.
As stated above, VES-Artex shares personal information with third-party developers and VES-Artex vendors that help VES-Artex provide, develop, troubleshoot, or modify software or services.

Section 1798.115:

(c) A business that sells consumers’ personal information, or that discloses consumers’ personal information for a business purpose, shall disclose, pursuant to subparagraph (C) of paragraph (5) of subdivision (a) of Section 1798.130:

(1) The category or categories of consumers’ personal information it has sold, or if the business has not sold consumers’ personal information, it shall disclose that fact.
VES-Artex does not sell consumers’ personal information.

(2) The category or categories of consumers’ personal information it has disclosed for a business purpose, or if the business has not disclosed the consumers’ personal information for a business purpose, it shall disclose that fact.
As explained above, VES-Artex discloses consumers’ personal information only to vendors for customer service, product development, troubleshooting, customer sales, and verification purposes. 

A consumer has the right to request that VES-Artex delete any personal information about the consumer which VES-Artex has collected from the consumer. VES-Artex is not required to comply with a consumer’s request to delete the consumer’s personal information if it is necessary for VES-Artex to maintain the consumer’s personal information in order to:

(1) Complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of VES-Artex’s ongoing business relationship with the consumer, or otherwise perform a contract between VES-Artex and the consumer.

(2) Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.

(3) Debug to identify and repair errors that impair existing intended functionality.

(4) Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.

(5) Comply with the California Electronic Communications Privacy Act pursuant to Chapter 3.6 (commencing with Section 1546) of Title 12 of Part 2 of the Penal Code.

(6) Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.

(7) To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with VES-Artex.

(8) Comply with a legal obligation.

(9) Otherwise use the consumer’s personal information, internally, in a lawful manner that is compatible with the context in which the consumer provided the information.

A consumer may contact VES-Artex at the following toll-free telephone number 888.622.2999 and email address legal@ves.co to request the information, deletion, or exercise any right to opt out provided under this Privacy Policy or California law, which has not been or cannot be waived by the requesting consumer. VES-Artex will use any personal information collected from the consumer in connection with the business’s verification of the consumer’s request solely for the purposes of verification.

Definitions: “Consumers” means a natural person who is a California resident, as defined in Section 17014 of Title 18 of the California Code of Regulations, as that section read on September 1, 2017, however identified, including by any unique identifier. “Aggregate consumer information” means information that relates to a group or category of consumers, from which individual consumer identities have been removed, that is not linked or reasonably linkable to any consumer or household, including via a device. “Aggregate consumer information” does not mean one or more individual consumer records that have been anonymized. For California consumers, “anonymize” and its derivatives in this Privacy Policy will have the same meaning as “deidentified” in the California Consumer Privacy Act of 2018, Cal. Civ. Code § 1798.100, et seq. For California consumers, “personal information” will have the following definition as found in the California Consumer Privacy Act of 2018: “Personal information” means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information includes, but is not limited to, the following if it identifies, relates to, describes, is capable of being associated with, or could be reasonably linked, directly or indirectly, with a particular consumer or household:

(A) Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.

(B) Any categories of personal information described in subdivision (e) of Section 1798.80.

(C) Characteristics of protected classifications under California or federal law.

(D) Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

(E) Biometric information.

(F) Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.

(G) Geolocation data.

(H) Audio, electronic, visual, thermal, olfactory, or similar information.

(I) Professional or employment-related information.

(J) Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99).

(K) Inferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

(2) “Personal information” does not include publicly available information. For these purposes, “publicly available” means information that is lawfully made available from federal, state, or local government records, if any conditions associated with such information. “Publicly available” does not mean biometric information collected by a business about a consumer without the consumer’s knowledge. Information is not “publicly available” if that data is used for a purpose that is not compatible with the purpose for which the data is maintained and made available in the government records or for which it is publicly maintained. “Publicly available” does not include consumer information that is deidentified or aggregate consumer information.