FlexWaiver Privacy Policy

Information We Collect

How We Use Information

We use the collected information for the following purposes:

• Providing and Improving the Service: To operate FlexWaiver's platform, create and manage accounts, process electronic signatures, store and organize waiver records, and customize user experience. Participant information is used strictly to facilitate the signing process and deliver completed waivers to the appropriate Client.
• Communication: To send service-related communications. For example, we may email Clients with account notifications, invoices, updates about new features, or customer support responses. We may also send Participants a confirmation or copy of their signed waiver if requested by the Client.
• Customer Support: To respond to inquiries, resolve technical issues, and provide assistance to both Clients and Participants.
• Service Enhancement: To research and analyze usage of our Service (using aggregated or de-identified data) in order to improve functionality, security, and user experience. We may monitor metrics like total waivers signed, site traffic, and feature usage to guide our development.
• Marketing (Clients only): We may use Client contact information to send newsletters, product offers, or updates about FlexWaiver. Clients can opt out of marketing emails at any time. We do not use Participants' email or phone information for marketing purposes unless they separately consent to the Client who collected it.
• Legal Compliance: To comply with legal obligations. For example, we may use or disclose information as required to fulfill tax and accounting requirements, to enforce our Terms of Service, or to respond to lawful requests by authorities.

How We Share Information

FlexWaiver values your privacy. We do not sell personal information to third parties. We only share information in the following circumstances:

• With the Client (Business) You Signed a Waiver With: If you are a Participant, the personal information and responses you submit on a waiver are made available to the Client that provided the form. That Client will have access to your completed waiver and associated data, since the waiver is an agreement between you and that business.
• Service Providers (Processors): We employ trusted third-party companies and individuals to support our Service. These include: cloud hosting providers (to securely store data and allow quick access to waiver records), database and infrastructure services, payment processors (to handle subscription billing for Clients), email and SMS delivery services (to send out links or confirmations), and analytics tools (to understand how our website is used). These service providers only receive the information necessary to perform their specific functions, and we contractually require them to protect personal data and use it only for our purposes.
• Business Transfers: If FlexWaiver is involved in a merger, acquisition, bankruptcy, or sale of all or a portion of its assets, personal information may be transferred to the successor entity as part of that transaction. In such cases, we will ensure the new owner continues to uphold the privacy protections described here, or we will notify you and give you an opportunity to opt out of the transfer of your personal information.
• Legal Requirements: We may disclose personal information when required by law or valid legal process, such as responding to a subpoena, court order, or other government demand. We may also share information when we believe in good faith that disclosure is necessary to protect our rights, investigate fraud or security issues, or protect users' safety.
• With Consent: We will share personal information with third parties outside of the above conditions only if you have your consent to do so.

Participant Data collected on behalf of Clients is not used or disclosed by FlexWaiver except as directed by the Client or as needed to provide our services. We do not access the content of waivers except as necessary for troubleshooting, support, or legal compliance, and we do not share Participant Data with any third party for its own purposes.

Data Retention

• Waiver Records: We store signed waiver documents and associated Participant Data on behalf of our Clients. By default, waiver records are retained for as long as the Client's account remains active, so that Clients can access their past waivers at any time for legal or operational needs. FlexWaiver's policy is to provide secure, long-term storage of waivers ("stored securely forever") as a feature of our Service. However, Clients have control over their data - they may delete individual waiver records from their account, and such deletions will permanently remove the records from our active databases (with possible delayed removal from backups in accordance with our backup policy).
• Account Data: We retain Client account information (like registration details, profile info, billing records) while the account is active and as needed for legitimate business purposes (for example, record-keeping or legal compliance). If a Client terminates their account, we may archive certain information for a period of time to facilitate reactivation or as required by law. Payment transaction records may be kept for a duration required by financial regulations.
• After Account Termination: If a Client's subscription or account is terminated (either by the Client or by us), we generally retain their stored waiver data for a grace period (e.g. 30 days) to allow the Client to export or migrate their records if needed. After this period, we may delete or anonymize the Participant Data associated with that account, unless we are legally required to retain it longer. Note to Clients: It is your responsibility to download any waiver records you wish to keep before your account is closed. We will maintain certain minimal information to prevent fraud, resolve disputes, or enforce our agreements as permitted by law.
• Web Analytics Data: Information collected via cookies and analytics may be retained for internal analysis purposes. Generally, analytics data is aggregated or anonymized over time.
• Backup and Recovery: Even after deletion of data from our active systems, residual copies may persist in backups for a short duration. We maintain backup data to ensure resilience of the Service, but we implement processes to purge or secure personal data in backups after a retention period.

Data Security

We take reasonable and appropriate security measures to protect personal information from unauthorized access, alteration, disclosure, or destruction. This includes the use of encryption, both in transit (SSL/TLS encryption for data transmitted between your device and our servers) and at rest (encrypted storage of waiver files and sensitive data). Waiver records are stored in secure cloud infrastructure with data redundancy and regular backups. We also implement access controls so that only authorized personnel with a legitimate need can access Client or Participant data.

Our platform supports additional security features such as multi-factor authentication for Client account logins to help prevent unauthorized account access. We continuously monitor for vulnerabilities and regularly update our systems to address new security threats. FlexWaiver is committed to industry best practices for data security and privacy; for example, we strive to meet standards comparable to SOC 2 principles for security, confidentiality, and privacy.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we work diligently to protect your information, we cannot guarantee absolute security. Clients and users are responsible for keeping their account credentials secure and notifying us immediately of any unauthorized use of their account.

Your Choices and Rights

• Access and Correction: Clients may access and update their personal or business information (such as contact details or email address) at any time by logging into the FlexWaiver dashboard. Participants who wish to access or correct information submitted on a waiver should contact the business that collected their waiver, as FlexWaiver cannot modify the content of signed waivers on behalf of Participants (we act on the Client's instructions).
• Opt-Out of Marketing: If you are a Client, you may unsubscribe from our marketing emails by using the "unsubscribe" link in those emails or contacting us. Transactional or account-related communications (e.g., billing notices, important service updates) may still be sent as they are necessary for service administration. We do not send marketing communications to Participants.
• Privacy Requests for Participant Data: If you are an individual who signed a waiver and you have concerns about your personal information (for example, a request to delete your data or obtain a copy of it), please direct your request to the business or organization that collected your waiver. We rely on our Clients to fulfill such requests, as they are the data controller for Participant Data. We will assist our Clients in fulfilling privacy-related requests as needed and in accordance with applicable laws. For instance, if a Client asks us to delete a particular waiver or all data for a specific individual to comply with a user's request, we will carry that out (unless legally prohibited).
• California Privacy Rights: If you are a California resident using our Service (either as a Client or Participant), certain rights under the California Consumer Privacy Act (CCPA) or other state laws may apply to you. These may include the right to know what categories of personal information we have collected about you, the right to request deletion of your personal information, and the right to opt out of any "sale" of personal information. FlexWaiver does not sell personal information to third parties. For Participant Data, FlexWaiver acts as a "service provider" under CCPA, processing data on behalf of our business Clients. If we receive a CCPA request from a Participant, we will, as appropriate, either direct the individual to contact the relevant Client or work with our Client to help them fulfill the request. Clients who must comply with privacy laws are responsible for ensuring that their use of FlexWaiver is consistent with those requirements.
• Do Not Track: Our websites do not currently respond to "Do Not Track" signals from web browsers. You may set your browser to block cookies or alert you when cookies are being sent (see Information Collected Automatically above for implications of disabling cookies).
• International Users: FlexWaiver is based in the United States and primarily serves U.S. businesses. If you access our Service from outside the U.S., be aware that your information will be transferred to and stored on servers in the U.S. and possibly other countries. By using the Service or submitting information, you consent to the transfer of your data to the U.S. (and other jurisdictions where our service providers may operate). We will handle all personal data as described in this Policy, wherever it is processed. If you are in the EU, UK, or other regions with data protection laws, you may have additional rights (e.g., GDPR rights). At this time, FlexWaiver mainly targets U.S. customers, but we will endeavor to provide similar privacy protections and compliance for international users. EU or UK residents with inquiries can contact us as noted below.

Children's Privacy

Our Service is not directed to children under the age of 13, and children under 13 are not permitted to create accounts or use FlexWaiver's services on their own. We do not knowingly collect personal information from children under 13 without verifiable parental consent. Any waivers involving minors must be signed by a parent or legal guardian, and it is the responsibility of our Client (the business) to obtain any necessary parental consent for a minor's participation. If you are a parent or guardian and believe your child under 13 has provided personal information directly to us (for example, by fraudulently creating an account or signing a waiver without consent), please contact us. If we become aware that we have inadvertently collected personal information from a child under 13 without consent, we will take steps to delete that information from our records.

Note: While minors (e.g., children under 18) may be Participants in activities and have their information included on a waiver, FlexWaiver expects that such waivers are signed by their adult guardians. Minors are prohibited from creating Client accounts or using the platform to collect waivers. If you are under 18, you may only use the signing features of the Service under the supervision and with the consent of a parent or legal guardian.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will revise the "Effective Date" at the top of this policy. If changes are significant, we will provide a more prominent notice (such as by email notice to Clients or a notice on our website) to inform you of the update. Continued use of the Service after a revised Privacy Policy has been posted signifies your acceptance of the updated terms. We encourage you to review this Privacy Policy periodically for any updates.

If you do not agree with the changes to the Privacy Policy, you should discontinue use of the Service and, if you are a Client, you may consider canceling your account. For material changes that affect Participant Data, we may also coordinate with our Clients to ensure that participants receive any required notices or consents.

Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at legal@flexwaiver.com. We will do our best to address your inquiry promptly.

By using FlexWaiver, you acknowledge that you have read and understood this Privacy Policy. Thank you for trusting FlexWaiver with your digital waiver needs.