Privacy Policy

• You can find information about what data we collect, and how we collect it from our customers and their End Users when using Case Symmetry.
• You can find information about rights End Users and Case Persons have to choose how their data is collected and used.
• You can find information about our automatic information gathering tools, such as cookies, pixels, web beacons and other tools that collect information from End Users when they visit our Case Symmetry website, or utilize our Services, and how these tools can be managed.
• You can find information about our privacy and security practices.
• You can find information about how we share data with third parties, as well as how you can find information about these third parties' information sharing practices.

Case Symmetry is a software product designed to assist case management organizations in rationalizing their caseloads and subsequent staffing requirements. In order to provide Case Symmetry and the Services, we need to collect and process data. The data we collect depends on what Services you are using and your relationship with us. Case Symmetry currently supports the following user categories:

• Organization End User – that is, employees or agents of an organization that has entered into a Customer Agreement with Tacaiocht ("Organization") who are designated by Organization as an authorized user of Case Symmetry in their capacity as an employee or agent of such Organization.
• Organization Super User – that is, such employees or agents of Organization who have been granted authority to manage Organization End Users, including granting, modifying, suspending and terminating their access and use of Case Symmetry.

Collectively, we refer to all user categories listed above as "End Users". You acknowledge and understand that Case Symmetry is offered as a product for use solely under the direction and control of Organization and is not intended as a product directly offered to individuals for their personal use outside of their employment with Organization.

The types of data we may collect, and process are described below and are collectively referred to as "Data":

• Navigation Data. When you use Case Symmetry through our website, such as logging into and using Case Symmetry, we may automatically receive and record information from your browser, including your IP address, geolocation, browser type, referrer page, domain name, access time, entry page, exit page, operating system type, and search engine keywords used. In certain circumstances, Navigation Data may also be Personal Data/Information (defined below).
• Business Data. We may collect and process the following business information from Organization, including their respective End Users who use Case Symmetry: business entity's name, business address, contact information, stakeholder information such as employee names, titles, and email addresses, communication information, interactions, usage and diagnostic information such as software or device reports and information, error messages, audit trails, authentication and similar usage information, operational information, transaction information, payment information, End User information, and other related information about the business and its employees and agents.
• Case Person's Data. We may process a Case Person's Data that the Organization or its End Users provides to us, either directly or indirectly, in connection with use of Case Symmetry. With regard to a Case Person's Data, you should specifically note the following:
  • We do not determine or control the type or amount of information which Organization and its End Users may collect and enter in Case Symmetry. With regard to a Case Person associated with Organization, Organization generally collects this information from such Case Person directly or creates or obtains it in other ways. As such, Organization's Privacy Notices, including its HIPAA Notice of Privacy Practices, explain what information they may collect, maintain, use and disclose about Case Persons.
  • Case Person's Data may include medical, sensitive and other information about such Case Person or their family member and is usually considered "protected health information" (PHI) subject to state and federal laws, including HIPAA (see Section 3, FEDERAL AND STATE DATA PROTECTION LAWS). Because Organization and its End Users solely determine whether, what type and how much information to include when they use Case Symmetry, we have no way of knowing whether any specific information which we process is considered Personal Data/Personal Information, PHI or contains sensitive information.
• Personal Data/Information. We may collect and process personal information about you directly in order to create and manage a Case Symmetry account for Organization, such as your: name, phone number, email address, mailing address, website URL, employer or company, communication information, interactions, usage and diagnostic information (such as software or device reports), error messages, audit trails and similar usage information. With regard to Personal Data/Information, you should note specifically the following:
  • If such information is collected from you in Case Symmetry in the context of your role and capacity as an employee or agent of Organization, this information is treated as Business Data (i.e., "business to business" (B2B) data) or Case Person's Data (i.e., PHI governed by HIPAA) and is NOT, for purposes of this Privacy Policy and our privacy practices, considered your "personal data" or "personal information."
  • Any Personal Data/Information provided in connection with your use of Case Symmetry will be connected to Organization and its Customer Agreement. Therefore, in the event your access and use of Case Symmetry is terminated or Organization terminates its contract with us, your Personal Data/Information may also be deleted.

We need to process Data in order to provide Case Symmetry and the Services, including collecting, hosting, maintaining and transmitting Data from Organization and making such Data available for End Users to access and view through authorized Case Symmetry accounts, as well as support exchange of such Data as authorized by Organization. BY ACCESSING AND USING CASE SYMMETRY, YOU CONSENT TO ALL OF THE FOLLOWING PROCESSING, USES AND SHARING OF DATA. In connection with such processing, uses and sharing we may utilize a combination of our employees, agents, subcontractors, software tools or machine-learning/artificial intelligence to provide Case Symmetry and the Services. Note that we will never use identifiable Case Person's Data, Personal Data/Information or PHI for any purpose not permitted by this Privacy Policy or applicable law as more specifically described in Section 3. Here is how we process use and share the Data we collect:

• We may process, use and share Data in order to provide Services to Organization and its End Users. For example, our Services help to connect Organization's departments, Case Managers and Case Persons, and share Data that is needed to support Organization's caseloads and staffing requirements.
• We may process, use and share Data in order to aggregate, analyze, audit, correct, develop, enhance, host, improve, maintain, conduct performance improvement, conduct service personalization, conduct product research, conduct security and compliance activities, troubleshoot, and upgrade Case Symmetry and the Services. For example, we may analyze End User performance and usage Data and activities to identify solutions and recommendations for Organization or to determine how we can improve Case Symmetry.
• We may process, use and share Data in order to create, maintain and host Case Symmetry accounts, provide customer support, process payments, enforce Customer Agreements or Terms, or to suspend or terminate a Case Symmetry account as described in the applicable Terms and Customer Agreement.
• We may process, use and share Data for our management and administration, including compliance purposes, business development, as well as to create anonymized or limited data sets, de-identify and/or analyze Data. We may use and share Data which has been de-identified in accordance with applicable laws for any business purposes permitted by law.
• We may process, use and share Data if required by applicable law, such as court order or other legal process.
• We may share Data with our suppliers and service providers that we have contracted with to provide us with services and help us provide Case Symmetry and Services to Organization and its End Users, as described more specifically in Section 6, and our suppliers and service providers may share Data back to us for these purposes.
• We may otherwise process, use and share Data pursuant to Organization's specific direction and consent or authorization provided.

Certain Data is subject to additional protections under applicable federal, state or local data protection laws ("Data Protection Laws"). This includes applicable state and federal laws including the federal Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act (collectively, "HIPAA") which governs the use and disclosure of "protected health information" (PHI), as defined by HIPAA.

To the extent Organization is a "covered entity" as defined under HIPAA and, through its End Users, shares PHI with Case Symmetry, we will comply with applicable HIPAA obligations that govern "business associates," as such terms are defined by HIPAA, when we use and disclose PHI created, received, maintained, or transmitted by or on behalf of Organization. We will also comply with the terms of the Business Associate Agreement we enter with Organization.

Given the nature of Case Symmetry and circumstances under which we process Data, we cannot independently determine what Data may include PHI or other information which is subject to Data Protection Laws. Likewise, we cannot independently determine in what circumstance Data may include "sensitive information" that may also be subject to additional protections under Data Protection Laws. Therefore, Organization and its End Users are solely responsible for obtaining any and all consents, as may be required, for the processing activities described in this Privacy Policy prior to disclosing any Data subject to Data Protection Laws in connection with Case Symmetry. Failure to do so may result in suspension or termination of access and an applicable account. By uploading or sharing Data or materials in connection with Case Symmetry, you represent that you are the owner of such Data or materials, or that you have the right and authority to post or share such Data or materials, and that such uploading or sharing is compliant with all Data Protection Laws.

In the event the HIPAA Business Associate Agreement conflicts with anything set forth in this Privacy Policy, the terms of such the HIPAA Business Associate Agreement will control with respect to our use and disclosure of PHI.

Organization and its End Users have the capability to exercise the following options with respect to Data and the Case Symmetry account:

• Access or update certain Personal Data/Information or Business Data available directly in your Case Symmetry account, such as your name, address, contact information.
• Add, modify or delete Personal Data/Information that you uploaded directly in your Case Symmetry account. We may, however, need to retain copies of any such Personal Data/Information which you may choose to modify or delete from your Case Symmetry account related to the purposes for which it was processed under this Privacy Policy, such as for our internal business, compliance, and legal purposes, or as part of our routine backup and disaster recovery processes.
• Add, modify or delete Case Person's Data that you uploaded directly in your Case Symmetry account. We may, however, need to retain copies of any such Case Person's Data which you may choose to modify or delete from Case Symmetry related to the purposes for which it was processed under this Privacy Policy, such as for our internal business, compliance, and legal purposes, or as part of our routine backup and disaster recovery processes.
• Case Person's Data that is PHI is subject to HIPAA. This means that Case Persons may exercise any rights which HIPAA may afford to their PHI. However, the Case Person will need to exercise these rights directly through Organization. For example, a Case Person associated with Organization who wishes to request restrictions on the use of such Case Person's PHI that is part of a designated record set maintained in Case Symmetry will need to contact the Organization directly to make such request.

A cookie is information saved by your web browser. When you visit a website, the site may place a cookie on your web browser so it can recognize your device in the future. If you return to that site later, it can read that cookie to remember you from your last visit and keep track of you over time.

We may use cookies, pixel tags, web beacons and similar technologies to gather information, some of which may be Personal Data/Information, for the following purposes: for operation of the Services, including your Case Symmetry account and our website or mobile application, to store and manage your preferences and settings, to gather usage and performance data, for sign-in functionality, product analyze and performance improvement, and other operation of the Services. Certain services and functionalities may not work if you disable cookie functions on your browser.

For a list of the third parties that set cookies on our website, including service providers acting on our behalf, please visit our third-party cookie inventory webpage. On our Case Symmetry website and mobile application, a list of third parties is available directly on the site. The third parties on these sites may not be included in the list on our third-party cookie inventory.

You have a variety of tools to control the data collected by cookies, pixel tags, web beacons, and similar technologies. For example, you can use controls in your internet browser to limit how the websites you visit are able to use cookies and to withdraw your consent by clearing or blocking cookies. However, Case Symmetry may not work as intended if you disable cookies and similar technologies. Therefore, use of Case Symmetry which requires cookies and similar technology to perform as intended requires your acceptance of these cookies and similar technologies.

We may also automatically collect other information from you using automated technology when you interact with us via our website, email or your Case Symmetry account, including computer and device information, audit trails, authentication and credential information, usage information, and similar information.

We may contract with independent software and application developers, suppliers, service providers and other contractors in order to facilitate our provision of Case Symmetry and Services ("Suppliers and Service Providers"). By using Case Symmetry, you authorize us to exchange Data with them as necessary to provide Case Symmetry and Services to Organization. For example, we host Case Symmetry through Amazon Web Services and we may utilize backup and disaster recovery vendors. If we would share any PHI with such Suppliers and Service Providers, we will obtain a sub-contractor HIPAA Business Associate Agreement with such Suppliers and Service Providers when required.

We may also integrate with Google Analytics and similar entities to provide geolocation data when you navigate our website or account, or with Microsoft Office 365, Windows and other functionalities]. You may be able to utilize any tools such third party makes available to exercise your choice over what Data and functionality is utilized by such third party. However, Case Symmetry and certain Services may not work if you disable these third-party tools. Therefore, use of Case Symmetry or any Service which requires a third-party tool to perform as intended is your acceptance of such third-party tool.

Unless we have a written contract with such third party, we do not have any control over these other parties, and therefore we are not responsible for and disclaim any liability for the privacy and security of any Data that you provide in connection with such third parties. Organization and its End Users are solely responsible for all Data or materials which are posted or shared with these third parties in connection with use of Case Symmetry.

If you have any privacy-related questions or concerns about this Privacy Policy, you may contact Tacaiocht's Privacy Officer at [email protected], or mail your question or concern to: 1 Pillsbury St., Suite 200, Concord, NH 03301. We will respond to any inquiries promptly.

Please review this Privacy Policy carefully before using Case Symmetry. BY USING CASE SYMMETRY, YOU ACCEPT THIS PRIVACY NOTICE AND CONSENT TO THE COLLECTION, PROCESSING AND USE OF ALL DATA AS DESCRIBED IN THIS PRIVACY POLICY. We may change this Privacy Policy at any time in our sole discretion from time to time by posting the revised Privacy Policy on this [subpage] and the changes will be effective the next time you use Case Symmetry. Your continued use of Case Symmetry constitutes acceptance of such changes.

THIS PRIVACY NOTICE DOES NOT APPLY TO ANY INDEPENDENT DATA COLLECTION, PROCESSING, USE, OR DISCLOSURE DIRECTLY BY A THIRD PARTY, AGENCY, OR END USER. THIS PRIVACY NOTICE ONLY APPLIES TO OUR OWN DATA PRACTICES WITH REGARD TO YOUR USE OF CASE SYMMETRY. YOU ARE SOLELY RESPONSIBLE FOR REVIEWING AND ABIDING BY YOUR ORGANIZATION'S OWN PRIVACY NOTICES, INCLUDING ITS HIPAA NOTICE OF PRIVACY PRACTICES, AS APPLICABLE.