Webinar
Unlock Collaborative Budgeting—Don’t Miss Our Nov 20th Webinar!
Register
New Blog
Check out our latest blog: Deep dive into variance analysis
Read now

Centage Corporation Privacy Policy

Introduction

Centage Corporation offers online software for financial planning and analytics. The software is designed for business use and most of our customers are businesses or other organizations.  We are headquartered in San Antonio, Texas but offer our services worldwide.

This policy describes the purposes for which we collect personal data, the types of personal data we collect, and how we use and protect that data.  Please contact us if you have any questions about the information in this Privacy Policy or our handling of your personal data, or would like to access, correct, delete, restrict our use, or take other action with regard to your personal data.

In addition to personal data that we collect for our own business use we may have access to personal data that our customers have collected for their business use.  This Privacy Policy does not describe our use of personal data we may have access to as a service provider to our customer. We use that customer-controlled personal data only to provide our services to our customers. We have included information below to describe our commitments to you if we have access to your data in our role as a service provider to our customer but you should review the privacy policy of our customer that controls your personal data to understand its privacy practices.

We are committed to managing personal data in accordance with all applicable laws and this Privacy Policy. We welcome your feedback on this Privacy Policy.

How to Contact Us

Email: legal@centage.com or by physical mail to: Centage Corporation, 122 E. Houston Street, Suite 105, San Antonio, Texas  78025, Attn:  Privacy Notice.

Changes to Privacy Policy

We may change this Privacy Policy from time to time. We will manage your personal data in accordance with the Privacy Policy version that was published on the date that we collected the data about you. Prior versions of our Privacy Policy may be found here.

We encourage you to periodically review this Privacy Policy to stay informed about our collection, processing and sharing of your personal data.

Definitions

The types of data we collect and our purpose for collecting it depend on how you interact with us.  For example, we collect different data about one-time website visitors than authorized users of our application services. We have used defined terms for the different types of relationships to help us explain our privacy practices:

  • customer means our application services customer; this is the business or other organization that establishes an account with Centage for the use of our services;
  • customer representative means an individual who interacts with us as a representative of our customer; this includes our customers’ users, billing contacts, and technical support contacts;
  • visitor means an individual who visits our website or our social media pages, visits our offices or interacts with us at a trade show or other industry event, or interacts with us in some way other than as a customer representative.

These words also have certain meanings in this Privacy Policy:

  • services means the Centage online application services and related software;
  • site or website refers to www.centage.com and any other website where this Privacy Policy is posted;
  • we, our and us refer to Centage;
  • you and your refer to visitors and customer representatives as indicated by the context.

Data Collection Purposes

We collect personal data for our business purposes:

  • to operate our website;
  • to improve our website and service offerings;
  • to market our services;
  • to manage our relationship with our customers, including account administration;
  • to provide our online services to our customers;
  • to provide customer support; and
  • to manage our vendors.

The Section below captioned, “How We Use Data” explains how we use different categories of data for each of these purposes.

We allow third party advertisers, such as GoogleAds to collect personal data on our site for their use in selling targeted advertisement services, both to Centage and others.  See Advertising Ecosystem below.

Data Collection Methods

Automated data collection on our website and online services platform

When you visit our website or use our services our servers capture data that may be used to identify you or your device, such as  your IP address, browser settings and plugins, and device information such as numerical identifiers, operating system, time zone setting, and language setting. Depending on your device settings, we may also capture location information. Our servers may also capture information about your navigation to and on our site and services platform, such as the website you visited right before you visited our site, the time and duration of your visit on each page on our site and services platform, and your navigation path from page to page (i.e., what you click on).  We use third-party service providers such as Google Analytics and Pendo to help us collect this data. We may also record your navigation and scrolling activity on our site and services interface using a third-party service such as Hotjar.

We may place a cookie on your Web browser or use other tracking technologies to help us capture this data and to identify you as a repeat visitor and we permit our third-party service providers to do the same.  Please see the section below captioned “Online Tracking Technologies” for more information on these technologies and the means available to you to block them.

Data provided by data services

We use data services such as ZoomInfo to supplement the data we collect about sales contacts for prospective customers and customer representatives.  ZoomInfo and similar services collect this data from public online sources and from their customers who elect to provide information to them for their use in building their data service. For example, see https://www.zoominfo.com/data-sources   We do not allow ZoomInfo or other data service providers to use any data about you to build their data service, only to provide data services to Centage.

Data provided by advertisers

If you arrive at our site by clicking on a link that is part of an advertisement on another site (including an advertisement on a social media platform), the advertising service will identify the link, enabling us to associate you with the advertising parameters we provided to the advertising service.  For example, we may ask an advertising service to target our ad to individuals who the ad service has identified as financial professionals. If you arrive at our site by means of the link in that ad, we will be able to identify you as a financial professional. Advertising services are responsible for the collection, use and disclosure of the data they provide to us in accordance with their published privacy policies.  See the section below captioned Advertising Ecosystem and How to Opt Out of Online Data Collection.

Data provided by you as part of your communications with us

We collect personal data that you submit to us as part of a communication with us as a visitor or customer representative, such as via chat on our site, email, submission of a web form, telephone, or in person (such as at a meeting, trade show or other event).  For example, you may communicate with us as a visitor to obtain more information about our services, or as a customer representative to request technical support.  The communication may include information that can be used to identify you such as your name, job title, job function, the organization you represent, email address, phone number as well as information about your interest in our company or our services.  We do not solicit information from you as part of these communications other than information that is useful to us in light of the purposes described above, but if you choose to volunteer more personal information than we ask for we will collect that as part of the communication.

We use a third party chat service, currently Drift, that may identify you using a cookie or other tracking technique.  The chat services uses these tracking technologies to control chat spam and abuse across their customer base.

Data provided by you or your organization to establish and maintain the Centage account

Our customers are required to name individuals to serve as billing, administrative, technical and other type of representatives. We collect the name and business contact information of these account representatives and will require each individual account representative to establish their own set of account credentials (username and password).

If you use a personal payment card or other financial account to make payment arrangements then we may collect information relevant to the processing of the payment transaction.

Marketing Partners and Resellers

We have relationships with other companies that help us market, sell and deliver our services.  They may collect personal data of the types described above using the methods described above and provide that data to us. For example, we have relationships with companies who refer customers to us and may have resellers who offer our services under the reseller’s own brand name.  We will treat personal information we receive from our marketing partners and resellers the same as the personal information we collect directly, but you should review the privacy policies of our marketing partners and resellers should have.

Combinations of data collected using different methods

We use service providers such as Google Analytics and Pendo to help us associate the personal data we capture about you as part of visitor interactions with personal data we collect about you as a customer representative.

We do not associate data about visitors or customer representatives (alone or combined) with personal information we may have about you as a social media user.

Social Media Visits

If you visit our pages on LinkedIn, Instagram, or other social media sites we will have access to information about you and your visit that the provider of the social media makes available to its users generally. For example, if you share a sentiment or comment we will have access to that sentiment or comment and your username on the social media site. Social media services providers collect and use information about your visit to our pages on these sites for their own business purposes so you should review their privacy policies.

Social Media Features on our Site

We may place buttons on our website that allow you to publish information about your visit to our site to a social media platform.  For example, we may have a “like” or “tweet” or similar button that, when clicked on, will generate a social media posting by you on LinkedIn or other platform that highlights or points back to the content on our site that you liked, tweeted, etc.  If you use the social media features on our website we will capture the fact that you originated your post by means of the button on our site.

Service Provider Data

Our customers use our online software applications to analyze their financial records for budgeting, planning and analytics purposes.  If our customer’s financial records include information about you then we may have access to that information in our role as a service provider.  For example, some of our customers identify individuals who are their customers in their ledgers or other financial records with an account number.  If our customer uses our services to analyze financial records that include your account number then we will have access to that account number. We do not use this information for any purpose other than providing services to our customer.

Some of our customers are subject to special data privacy laws, such as the General Data Protection Regulation adopted by the European Union in May 2018 (the “GDPR”) or its UK equivalent and the California Consumer Privacy Act of 2018 (the “CCPA”).   We make appropriate contractual commitments to our customers in support of their obligations under the GDPR, CCPA or other data privacy and protection laws applicable to them.

Please contact us at the address above if you have questions or concerns regarding our processing of the data described in this Section. We ask, however, that your first contact our customer if you have a request to access, block, erase or take other action with respect to data that we have solely as a data processor for our customer.

How We Use Data

This section describes more specifically how our use of the data relates to the purposes for which we collected the data.

Visitors: We use data collected about visitors:

  • to operate our website – web servers, by their nature, must capture your IP address and information about your browser and device to display our site to you;
  • to develop our website and product offerings  – we use the information about visitor navigation on our site to help us understand what part of our website and products offerings is of interest to different kinds of visitors so that we can modify and improve our site content and other marketing materials to be more appealing to prospective customers;  we may also use the information about your site visits and other visitor interactions to help us measure interest in our services or various features of our services;  if you arrive at our site via an advertisement we may use that fact to make inferences about your interests and target content to you on that basis;
  • to show you personalized content when you visit our site – we use information about your prior visit to our site to customize your subsequent visits;  for example, we may make more visible to you information or offers about products or services that appear to be of interest to you based on your navigation of our site on a prior visit;
  • to register you for webinars, office visits, or other online or off-line events we may host – we may use your name, contact email, contact address, and phone number to register you as an attendee and communicate with you about the event;
  • to communicate with you as part of our marketing efforts – if you provide us with contact information we may use it to send you communications about our company, our products or services, or related topics that we think you may find of interest; and
  • to measure the success of our advertising efforts – we use visitor information to verify whether the ad services we purchase from third parties are actually resulting in visits to our site or other visitor interactions;

Customer representatives:  we use data collected about customer representatives (alone or as combined with data collected as part of a customer representative’s visitor activity (such as pre-login activity on the Site):

  • to provide our online services – we use login credentials to authenticate individuals as authorized users of our services; we use IP addresses to provide our services; we use cookies to save your settings and your place in the workflow on our service platform;
  • we use contact information such as your email or physical address to send invoices and other account communications, authenticate individuals who request information or support on the customer’s behalf, and administer the customer’s account, such as processing billing information to complete customer purchases;
  • to review compliance with usage terms in our services agreements and enforce the terms and conditions that govern our services;  for example if the customer’s use of our services is limited to a certain number of individuals we may use personal data to help us monitor compliance with the usage restrictions;
  • to help us develop our service offerings – we use information about your use of our services to measure interest in various features, to plan enhancements and new features, and to improve user experience;
  • to communicate with you as part of our marketing efforts – we use contact information and information about your use of our services to send you communications about our products or services, or related topics that we think you may find of interest; and
  • to market our services – if you provide a customer testimonial or other content for marketing purposes we will publish the content with your name or other identifying information that you authorize us to use;  if you agree that we may use you as a reference, we may provide your name and contact information to prospective customers for our services so that they may contact you to discuss your experience with our services.

Data Integrity

We process personal information only for the purposes for which it was collected and in accordance with this Privacy Policy. We regularly review our data collection, storage, and processing practices to ensure that we only collect, store, and process the minimum personal information needed for the purpose collected. We take reasonable steps to ensure that the personal information that we process is accurate, complete, and current, but we depend on our customer representatives to update their personal data as necessary.

Requests to access, amend, delete or restrict the use of your personal data

Please send us a request at legal@centage.com if you would like to know what personal data we have about you, or would like us to correct inaccurate data, delete your personal data, or restrict the use of your personal data. We commit to responding to your request promptly and honoring your reasonable requests. We will comply with all applicable legal requirements related to your requests, but please note that we are not required by law to delete or restrict the use of your data in a way that prevents us from complying with our legal obligations to our customer or that interferes with our reasonable record keeping as necessary to demonstrate compliance with our contracts and applicable law.

Additional Information for California Visitors

If you are a California resident, you have certain rights under the California Consumer Privacy Act, that include the following.

You may request disclosure of the following specific information:

  • the categories of personal information as well as the specific pieces of personal information that we have collected about you for our business purposes over the prior 12 months:
  • the categories of sources from which we have collected that personal information,
  • our purpose(s) for collecting that personal information,
  • the categories of third parties with whom we have shared personal information, such as our service providers, and
  • whether we have sold the personal information to third parties or disclosed the information to third parties for a business purpose, and if so the categories of personal information and third parties.

In addition, you have the right to ask Centage to delete your personal information.  We will comply with your deletion request and require our service providers to do the same, unless we plan to retain the personal information on a legally permitted basis and we give you notice of this fact and the legal basis on which we rely.

You may make a request by calling our toll-free number 1-800-366-5111 or submitting the request to https://www.centage.com/contact/ or by sending an email or physical mail request to the addresses above.

Before responding to your request we may ask you to provide information needed to verify that you are the consumer (or have authorization from the consumer) whose personal information is covered by the request.

We may not discriminate against you because you make a request described in this Section by denying you our services or providing a different quality or price for our services, unless the different service or price is reasonably related to the value provided to you by your data.

If you are under 16 years of age, you are not authorized to use our website or our services and we don’t want your personal data.

Disclosure to third parties

We have not sold or leased personal data and will not sell or lease your personal data unless you give us your consent to do so.  We do allow online advertising services to collect data about your interaction with our site that originates from ads that we place. See Advertising Ecosystem below. This may be considered a “sale” of your personal data under some regulations even though we do not receive any funds from the advertisers.

We will not disclose your personal data to third parties except as follows:

Legal Reasons

When we believe release is appropriate to comply with the law, to enforce our terms of use and other rights, or to protect the rights and safety of others.

This may include exchanging information with government regulatory or law enforcement agencies, or with other companies and organizations for fraud protection and legal compliance.

Protecting Network and Information Security

As necessary to protect our information and systems from unauthorized actions that compromise their security or availability, such as disclosures as part of industry initiatives to identify and block malicious actors.

Sale of Business

As part of a sale of business assets where the purchaser needs the personal data to use the assets.

We may in the future sell all or part of our assets or be involved in a merger. We may provide the company that is seeking to acquire our business with access to personal data as part of their evaluation of our business but will require them to maintain the personal data in confidence and use it only to evaluate our business. If we complete a transaction, it is customary to transfer personal data that is related to the purchased business assets to the purchaser.

Service Providers

We use the services of companies like the ones listed below to collect data on our behalf or to help us analyze, store, manage and otherwise process your personal data. Each of these companies commits in its contract with us to use the personal data only according to our contract with them or our other instructions as necessary to support our business. They are not authorized to use your personal data for any other purpose. They are not authorized to disclose your personal data to others except with our permission, and only if they require the others to comply with the same restrictions that apply to them.

  • Amazon AWS- Infrastructure provider, applications
  • Bing Ads – advertising
  • CData  – data integration
  • Drift – engagement platform/chatbot
  • Google – organization email and documents management provider
  • Google Analytics – analytics
  • Google Ads – advertising
  • Gong – call coaching/recording/email nurture
  • Marketo – automated marketing communications, landing pages
  • Microsoft Ads – advertising
  • MongoDB Atlas – Infrastructure provider, database
  • PandaDoc – E-signing
  • Pendo – user feedback
  • Salesforce – customer relationship management
  • Sendgrid – outgoing email
  • Stripe – payment processing
  • Sumologic – log files
  • Zendesk – incoming email, support
  • ZoomInfo – data services

Specifically, the Drift engagement platform captures conversations with a website visitor and creates a transcript of the interaction, which is stored and provided to Centage and the user who voluntarily submits their information. Drift maintains the transcripts for Centage; however Drift does not use or process personal data submitted via the chat function beyond what is necessary to provide the Drift service to Centage, nor does Drift share any chat communications data with any third parties.

Online Data Collection

Advertising Ecosystem

We use online advertising services that enable a practice referred to as “online behavioral advertising.” These services aggregate data about an individual’s behavior on many different sites and online services and use that data to sell targeted advertising services. For example, we permit Google’s advertising services to collect data about your behavior on the Centage Site, as do many other website operators who use Google’s ad services. Google combines the data about an individual that it collects from different sources and uses this aggregate data to sell advertising services that target the display of ads to web users who meet certain behavioral criteria. Google does not disclose this aggregate data to Centage, but we are able to infer that users who interact with our ad meet the advertising criteria we provided. Google collects this data using cookies, web server logs (its own and its advertising customers), clear gifs and other online data collection techniques. See Online Data Collection Techniques and How to Opt Out of Online Data Collection.

Online Data Collection Techniques

A cookie is a unique alphanumeric identifier that is placed by a web server on the browser used to view the content or use the service at the site. Cookies are used to analyze use of online websites and services. For example, a website operator can use the cookie to identify the number of unique visitors to the site, whether or not those visitors are repeat visitors, and information about the visitor’s activity on the site, device and device settings. A tracking pixel, also known as a web bug or web beacon, is a small graphic (usually 1 pixel x 1 pixel) invisible to the eye, that is embedded in web content or email. When content that has an embedded web beacon is viewed, the browser will request content from a web server, which in turn will set a cookie.

How To Opt Out of Online Data Collection

You may be able to configure your browser to block cookies. The ‘Help’ feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, how to disable cookies, and when cookies will expire. If you disable all cookies on your browser, neither we nor third parties will transfer cookies to your browser. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some features and services may not work.

Our servers do not recognize or respond to any “do not track” setting you may have in your browser.

Google Advertising: See https://policies.google.com/technologies/ads?/hl=en&gl=us&hl=en for information on how to block data collection by Google as part of its advertising services.

Communications Policy

If you do not wish to receive our email or other communications, please send your request to legal@centage.com. Please note that it may take up to ten days to remove your contact information from our marketing communications lists, so you may receive correspondence from us for a short time after you make your request.

Children

Children are not permitted to use our site or services. We do not knowingly collect personal information from anyone under 16. If you are under 16, do not use or provide any information on our Sites unless you have involved your parent or guardian. If we discover that we have information about a child we will delete that information. If you are the parent or guardian of a child and you believe we have personal data about the child without your consent, please contact us at the address appearing at the top of this page and we will delete that information.

Security

Centage protects personal data from unauthorized use, disclosure, corruption and destruction using appropriate technical and organizational measures.

Data Retention

We will retain your personal data only for as long as reasonably necessary to fulfill the purpose for which it was collected, and to comply with our legal obligations, and will use secure means to destroy the data after that time. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. We may retain contact information of customer representatives following service termination so that we may market our services to them in the future.

International Transfers

We will comply with laws applicable to the transfer of personal data across international borders.  We provide appropriate contractual commitments to our customers in the United Kingdom, European Union and other jurisdictions that require protections around our customers’ transfer of personal data to the United States.

Additional Disclosure for data subjects in the United Kingdom, European Economic Area (EEA) and Certain Other Territories: Your Rights under the General Data Protection Regulation

If you are from certain territories (such as the United Kingdom or European Economic Area), you may have the right to exercise additional rights available to you under applicable laws, including:

  • Right of erasure: In certain circumstances, you may have a broader right to erasure of personal information that we hold about you. For example, if it is no longer necessary in relation to the purposes for which it was originally collected. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.
  • Right to object to processing: You may have the right to request that Centage stop processing your personal information and/or to stop sending you marketing communications.
  • Right to restrict processing: You may have the right to request that we restrict processing of your personal information in certain circumstances (for example, where you believe that the personal information we hold about you is inaccurate or unlawfully held).
  • Right to data portability: In certain circumstances, you may have the right to be provided with your personal information in a structured, machine readable and commonly used format and to request that we transfer the personal information to another data controller without hindrance.

If you would like to exercise such rights, please contact us at the contact details section below. We will consider your request in accordance with applicable laws. To protect your privacy and security, we may take steps to verify your identity before complying with the request.

You also have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. A list of contact details for the EU data protection authorities is available here. https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm