Frederick Terms of Service

Last Updated June 29, 2018

Thanks for using Frederick! These terms of service ("Terms") cover your use and access to the services, client software and websites ("Services") provided by Frederick Labs LLC. By using our Services, you're agreeing to be bound by the Terms set forth herein, and to review our Privacy Policy. If you're using our Services for an organization, you're agreeing to these Terms on behalf of that organization.

Certain additional terms apply if you are entering information that originates in the European Economic Area.

To the extent that Frederick acts as a processor to You as a controller in relation to Your Data originating from the European Economic Area, the terms of the Privacy Annex apply between the Parties. In the event the terms of the Privacy Annex and the terms of this Agreement conflict, the terms of the Privacy Annex will prevail.

Users of Frederick for Businesses ("Subscribers"): Your Data and Your Permissions

When you use our Services as a Subscriber, you provide us with things like your calendar data, contacts and so on ("Your Data").

We need your permission to do things like accessing Your Data to present your schedule and menu of services to clients, book appointments and sync appointments with Third Party Services like your calendar or management system. Our Services also provide you with features like business analytics and automated marketing campaigns. These and other functions, such as our billing and customer support, data science and product or service improvement and reporting may require our systems to access, store and scan Your Data. You give us permission to do those things, and this permission extends to trusted third parties we work with.

Self-service booking of appointments by clients requires creation of a Frederick account. When clients create a Frederick account, they must agree to these Terms of Service to utilize the Services. Frederick may send communications to clients to notify them of benefits of using our Services, and may utilize their account history and preferences to offer them the most relevant experience possible when using our Services.

Frederick for clients ("Clients"): Your Data and Your Permissions

When you use our Services, you provide us with things like your contact information, booking history, communication preferences and so on ("Your Data"). We need your permission to do things like provide you with personalized communications from businesses. These and other features may require our systems to access, store and scan Your Data. You give us permission to do those things, and this permission extends to trusted third parties we work with.

Your Responsibilities

You represent and warrant that you are authorized to process Your Data and make such data available to Frederick for uses as set out in the Agreement and Privacy Policy, including through appropriate notice, consent and by referring individuals to the Frederick Privacy Policy (notwithstanding Frederick's ability and right, to which you agree, to request consent, and provide notice and its Privacy Policy separately to individuals).

You're responsible for your conduct, Your Data and you must comply with our Acceptable Use Policy. Content in the Services may be protected by others' intellectual property rights. Please don't copy, upload, download or share content unless you have the right to do so.

We may review your conduct and content for compliance with these Terms and our Acceptable Use Policy. With that said, we have no obligation to do so. We aren't responsible for the content people post and share via the Services.

Please safeguard your password to the Services, make sure that others don't have access to it, and keep your account information current.

Finally, our Services are not intended for and may not be used by people under the age of 13. By using our Services, you are representing to us that you're over 13.

Service Use and Limitations and Changes to the Services

The Services contains content and technology of Frederick that is protected by copyright, trademark, patent, trade secret and other laws. Frederick owns intellectual property rights to any protectable part of the Services, including but not limited to the design, artwork, logos, functionality, and documentation (collectively, the "Company Property"). You may not copy, modify, or reverse engineer any part of the Services or the Company Property.

In order to operate the Services, Frederick needs to make certain use of your publicly posted Content. Therefore, by posting, uploading or submitting to Frederick, or making available for inclusion in publicly accessible areas of Frederick, any text, images, photos, graphics, audio or video, including any content protected by intellectual property rights (collectively, "Content"), you represent that you have full authorization to do so. You also hereby grant Frederick a non-exclusive, transferable, sub-licensable, royalty-free, worldwide license to use, distribute, reproduce, modify, adapt, publicly perform, publicly display and make derivative works of such Content in connection with the Services and any services or products affiliated with the Services, regardless of the form of media used or of whether such services or products now exist or are developed in the future. This license exists only for as long as you continue to include such Content on Frederick and will terminate at the time such Content is removed from the Services by you or by Frederick.

Subject to the terms and conditions hereof, Frederick hereby grants each Subscriber a limited, revocable license to display the logos, trademarks or other design marks of Frederick solely for personal, non-commercial use in connection with your use of the Services, promotion of services offered via the Services or other uses expressly permitted by Frederick in writing. Notwithstanding such permitted uses and license, you acknowledge that all derivative designs and artwork that utilize Frederick's Company Property (collectively, "Derivative Works") are the sole property of Frederick. No other rights are granted to you with respect to the Company Property other than those rights granted explicitly herein, including with respect to any Derivative Works.

Any Content posted by a User belongs to the person that posted such Content. You may use any Content posted by you in any way without restriction. You may only use Content posted by others in the ways described in these Terms of Service. Frederick reserves the right to remove any Content from the Services, at its sole discretion.

The Company respects the intellectual property of others. It may, in appropriate circumstances and at its discretion, disable and/or terminate the accounts of Subscribers who Frederick, in its determination, believes have repeatedly infringed others' rights. If you believe that your work has been copied in a way that constitutes copyright infringement, or your intellectual property rights have been otherwise violated, please notify us at friends@hirefrederick.com.

Frederick reserves the right to send Clients communications from time to time in connection with the Services. This communication will be highly targeted based on how each Client uses Frederick and will be designed to inform Clients of how to get more value from the Services.

As part of the Services, Frederick offers Subscribers the option to send communications to their Clients for various reasons such as reminding them of an upcoming appointment. By agreeing to these Terms of Service and using such tools, each Subscribers certifies that it has permission from each Client to send communications and that each Subscriber takes full responsibility for adhering to each Client's preferences with respect to such communications.

Copyright

We respect the intellectual property of others and ask that you do too. We respond to notices of alleged copyright infringement if they comply with the law, and such notices should be reported to us. We reserve the right to delete or disable content alleged to be infringing and terminate accounts of repeat infringers. Please send notices of infringement to friends@hirefrederick.com.

Paid Accounts

Billing. When available, you can add paid features to your account (turning your account into a "Paid Account"). We'll automatically bill you from the date you convert to a Paid Account and on each periodic renewal until cancellation. You're responsible for all applicable taxes, and we'll charge tax when required to do so.

No Refunds. You may cancel your Frederick Paid Account at any time but you won't be issued a refund.

Downgrades. Your Paid Account will remain in effect until it's cancelled or terminated under these Terms. If you don't pay for your Paid Account on time, we reserve the right to suspend it or reduce your features to free account levels. You're responsible for all taxes, and we may charge taxes when required to do so.

Changes. We may change the fees in effect but will give you advance notice of these changes via a message to the email address associated with your account.

Termination

You're free to stop using our Services at any time. We also reserve the right to suspend or end the Services at any time at our discretion and without notice. For example, we may suspend or terminate your use of the Services if you're not complying with these Terms, or use the Services in a manner that would cause us legal liability, disrupt the Services or disrupt others' use of the Services, if we are required to do so by law, or where we do not agree on the use of a sub-processor. Except for Paid Accounts, we reserve the right to terminate and delete your account if you haven't accessed our Services for 12 consecutive months. We'll of course provide you with notice via the email address associated with your account before we do so.

Services "AS IS"

We strive to provide great Services, but there are certain things that we can't guarantee. TO THE FULLEST EXTENT PERMITTED BY LAW, FREDERICK AND ITS AFFILIATES, SUPPLIERS AND DISTRIBUTORS MAKE NO WARRANTIES, EITHER EXPRESS OR IMPLIED, ABOUT THE SERVICES. THE SERVICES ARE PROVIDED "AS IS." WE ALSO DISCLAIM ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. Some states don't allow the disclaimers in this paragraph, so they may not apply to you.

Limitation of Liability

TO THE FULLEST EXTENT PERMITTED BY LAW, IN NO EVENT WILL FREDERICK, ITS AFFILIATES, SUPPLIERS OR DISTRIBUTORS BE LIABLE FOR (A) ANY INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, EXEMPLARY OR CONSEQUENTIAL DAMAGES OR ANY LOSS OF USE, DATA, BUSINESS, OR PROFITS, REGARDLESS OF LEGAL THEORY, WHETHER OR NOT FREDERICK HAS BEEN WARNED OF THE POSSIBILITY OF SUCH DAMAGES, AND EVEN IF A REMEDY FAILS OF ITS ESSENTIAL PURPOSE; (B) AGGREGATE LIABILITY FOR ALL CLAIMS RELATING TO THE SERVICES MORE THAN THE GREATER OF $20 OR THE AMOUNTS PAID BY YOU TO FREDERICK FOR THE PAST 12 MONTHS OF THE SERVICES IN QUESTION. Some states don't allow the types of limitations in this paragraph, so they may not apply to you.

Resolving Disputes

Let's Try To Sort Things Out First. We want to address your concerns without needing a formal legal case. Before filing a claim against Frederick, you agree to try to resolve the dispute informally by contacting friends@hirefrederick.com. We'll try to resolve the dispute informally by contacting you via email. If a dispute is not resolved within 30 days of submission, you or Frederick may bring a formal proceeding.

We Both Agree To Arbitrate. You and Frederick agree to resolve any claims relating to these Terms or the Services through final and binding arbitration, except as set forth under Exceptions to Agreement to Arbitrate below.

Arbitration Procedures. The American Arbitration Association (AAA) will administer the arbitration under its Commercial Arbitration Rules and the Supplementary Procedures for Consumer Related Disputes. The arbitration will be held in the United States county where you live or work, San Luis Obispo (CA), or any other location we agree to.

Arbitration Fees and Incentives. The AAA rules will govern payment of all arbitration fees. Frederick will not seek its attorneys' fees and costs in arbitration unless the arbitrator determines that your claim is frivolous.

Exceptions to Agreement to Arbitrate. Either you or Frederick may assert claims, if they qualify, in small claims court in San Francisco (CA) or any United States county where you live or work. Either party may bring a lawsuit solely for injunctive relief to stop unauthorized use or abuse of the Services, or intellectual property infringement (for example, trademark, trade secret, copyright, or patent rights) without first engaging in arbitration or the informal dispute-resolution process described above.

No Class Actions. You may only resolve disputes with us on an individual basis, and may not bring a claim as a plaintiff or a class member in a class, consolidated, or representative action. Class arbitrations, class actions, private attorney general actions, and consolidation with other arbitrations aren't allowed.

Judicial forum for disputes. In the event that the agreement to arbitrate is found not to apply to you or your claim, you and Frederick agree that any judicial proceeding (other than small claims actions) will be brought in the federal or state courts of San Francisco County (CA). Both you and Frederick consent to venue and personal jurisdiction there.

Controlling Law

These Terms will be governed by California law except for its conflicts of laws principles.

Entire Agreement

These Terms constitute the entire agreement between you and Frederick with respect to the subject matter of these Terms, and supersede and replace any other prior or contemporaneous agreements, or terms and conditions applicable to the subject matter of these Terms. These Terms create no third party beneficiary rights.

Waiver, Severability & Assignment

Frederick's failure to enforce a provision is not a waiver of its right to do so later. If a provision is found unenforceable, the remaining provisions of the Terms will remain in full effect and an enforceable term will be substituted reflecting our intent as closely as possible. You may not assign any of your rights under these Terms, and any such attempt will be void. Frederick may assign its rights to any of its affiliates or subsidiaries, or to any successor in interest of any business associated with the Services.

Modifications

We may revise these Terms from time to time, and will always post the most current version on our website. If a revision meaningfully reduces your rights, we will notify you (by, for example, sending a message to the email address associated with your account, posting on our blog or on this page). By continuing to use or access the Services after the revisions are posted, you agree to be bound by the revised Terms.

Frederick Privacy Policy

Last Updated June 29, 2018

At Frederick Labs LLC and our affiliates ("Frederick"), we respect your privacy and are committed to maintaining your trust.

This Privacy Policy describes our practices in connection with information that we collect through:

  • our consumer-facing web application ("Frederick Web App")
  • our marketing automation software ("Software Service")
  • our social media pages
  • HTML-formatted email messages that we send to you that link to this Privacy Policy
  • and any other Frederick products and services offered through any other venues, websites and mobile applications that direct you to this Privacy Policy

collectively, the "Frederick Services".

When you access or use the Frederick Services, you agree to the terms and conditions of this Privacy Policy.

1. Defined Terms

The following terms will have the meanings indicated below. Please refer to our Terms of Service for any capitalized terms that are not defined in this policy.

"End User" means any individual who interacts with the Frederick Services or individuals who book appointments, purchase services and otherwise interact with our Subscribers through the Frederick Services.

"Other Information" is any information that does not reveal your specific identity or does not directly relate to an individual, such as Frederick Services usage data.

"Personal Information" is information that identifies you as an individual or relates to an identifiable person, such as name, postal address, telephone number, email address, credit card number, and social media account ID. It does not include strings of code such as browser cookie IDs.

"Subscriber" is any business or entity that subscribes to (or otherwise accesses or uses) our Software Service.

Sometimes, we use the term "information" in this Privacy Policy, which may refer to either Personal Information or Other Information.

2. Categories of Personal Information

Personal Information we collect or obtain includes:

  • Contact details (e.g., name, address, email, telephone number),
  • Personal details (e.g., date of birth, education, nationality),
  • Financial and transaction data (e.g., purchase history, account information, shipping and billing information, etc.), and
  • Other Frederick Services related data (e.g., customer requests, statistics, etc.)

3. How We Collect Information

Through the Frederick Services

We collect information about you whenever you use the Frederick Services, for example:

  • If you are a customer of a Subscriber, when you create an account on the Frederick Web App, we may ask for Personal Information such as your name, email and postal address, social media account ID, and Other Information you may provide with your account.
  • If you are a Subscriber, when you sign up for our Software Service, we ask for your name, phone number, email, and other information about you, as well as your company name, address, phone number, email, and other information about your business, including Personal Information about your contacts and customers that you provide to us, both directly and by connecting a third party data source such as a business management system with the Frederick Services. We also collect Personal Information about your contacts and customers that they provide to the Frederick Services when they interact with you, such as responding to a marketing campaign or booking an appointment. If you attend one of our events (e.g., a tradeshow, webinar, or training), we may ask for your feedback, contact details or other information to follow-up with you, such as to send you marketing communications consistent with your choices.
  • We collect information about you when you interact with the Frederick Services. For example, if you respond to a marketing campaign sent from a Subscriber, we may collect information about you, such as your name, email, phone number, address, as well as any other information you provide in order to enable us to provide you an offer, connect you with a Subscriber or their business, or complete your transaction. This information may be shared with third parties for the same purposes. We may also collect other Personal Information at the request of the Subscriber you are interacting with.
  • We may also store information that your computer or mobile device provides to us in connection with your use of the Frederick Services, such as IP address.

From other sources

  • In addition to the information we collect from you through Frederick Services, we may receive information about you from other sources, such as public databases, strategic and joint marketing partners, social media pages and platforms, people with whom you are friends or otherwise connected on social media platforms, as well as from other third parties, including our Subscribers and data sources they have connected with the Frederick Services. For example, if you elect to connect your social media account to your Frederick App account, certain information from your social media account may be shared with us, including information that's part of your profile or your friends' profiles. We may also collect other Personal Information through the Frederick Services under the direction of our Subscribers.

We need to collect Personal Information in order to provide the requested Frederick Service to you. If you do not provide or enable us to collect the necessary information, we may not be able to provide the Frederick Service. If you disclose any Personal Information relating to other people to us or to our service providers in connection with the Frederick Services, you represent that you have the authority to do so and to permit us to use the information in accordance with this Privacy Policy.

4. How Personal Information May Be Used

We may use your Personal Information for legitimate business purposes, including:

To provide the functionality of Frederick Services and related support

  • To create, and administer accounts, fulfil and record transactions, and provide you with related assistance (e.g., technical help, answer inquiries relating to Personal Information, etc.)
  • To send administrative information to you, for example, information regarding our services and changes to our terms, conditions, and policies.

We will engage in these activities to manage our contractual relationship with you, with your consent, and/or to comply with a legal obligation.

To provide you with marketing and promotional materials and opportunities, and facilitate social sharing

  • To send you marketing communications and offer other materials that we believe may be of interest to you, such as to send you newsletters or other direct communications.
  • To share information with other marketers (and their service providers) to permit them to send you marketing communications, consistent with your choices.
  • To allow you to participate in sweepstakes, contests or similar promotions.
  • To facilitate social sharing functionality if you choose to do so.

We will engage in this activity with your consent, to manage our contractual relationship with you, or where we have a legitimate interest.

For reporting and trending

  • To better understand you and our other users, so that we can tune and personalize our offering.
  • For trending and statistics, and to improve our products and services.

We will engage in this activity because we have a legitimate interest.

To accomplish our business purposes

  • For audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements.
  • For fraud and security monitoring purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft.
  • For responding to legal duties, such as requests from public and government authorities.

We will engage in these activities to comply with a legal obligation or because we have a legitimate interest.

To the extent that we process your Personal Information based on your consent, you may withdraw your consent at any time.

5. How Personal Information May Be Disclosed

We may disclose your Personal Information:

  • To our affiliates for the purposes described in this Privacy Policy. Frederick Labs LLC is the party responsible for the management of the jointly-used Personal Information.
  • To our strategic partners and third-party service providers who provide services such as website hosting, data analysis, payment processing services, order fulfillment, information technology and related infrastructure provision, customer service, email delivery, credit card processing, auditing and other similar services.
  • To our Subscribers if you are an End User and are using our Frederick Services to interact with that Subscriber. Please contact the Subscriber you interact with directly for more information on that Subscriber's privacy practices.
  • To third parties to permit them (or their own customers) to send you marketing communications, consistent with your choices.
  • To third-party sponsors of sweepstakes, contests and similar promotions, consistent with your choices.
  • To you, through message boards, chat, profile pages and blogs and other services to which you are able to post information and materials, including as described in the sections below titled "Testimonials, Ratings and Reviews" and "Public Forum."
  • To your friends associated with your social media account, to other website users and as well as to your social media account provider, in connection with your social sharing activity, such as if you connect your Facebook account to your Frederick Services account or our social media pages.
  • To business partners in the context of a corporate transaction. If Frederick is involved in a sale or business transaction (e.g., merger or acquisition), Frederick will retain a legitimate interest in disclosing or transferring your Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings). Such third parties may include, for example, an acquiring or target entity and its advisors.

Please note that we may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Information under applicable law, then we may use it for all the purposes for which we use and disclose Personal Information. In some instances, we may combine Other Information with Personal Information. If we combine any Other Information with Personal Information, we will treat the combined information as Personal Information.

6. Your California Privacy Rights: Notice to California Customers and Opt-Out Information

California's "Shine the Light" law, Civil Code section 1798.83, requires certain businesses to respond to requests from California customers asking about businesses' practices related to disclosing personal information to third parties for the third parties' direct marketing purposes. Alternatively, such businesses may have in place a policy not to disclose personal information of customers to third parties for the third parties' direct marketing purposes if the customer has exercised an option to opt-out of such information-sharing. If you wish to opt-out of our sharing of your information with third parties for the third parties' direct marketing purposes offline, please follow the instructions in Sections 8 below.

7. How to access, correct, delete or exercise other rights regarding your Personal Information

We have made it easy for you to request that we delete Personal Information that you have previously provided to us by using our automated request form. Additionally, where applicable law allows for such a request, if you would like to request to access, correct, object to the use, restrict or delete Personal Information that you have previously provided to us, or if you would like to request to receive an electronic copy of your Personal Information for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact Frederick at privacy@hirefrederick.com with the subject line "Data Subject Request." We will respond to your request consistent with applicable law.

For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable. Moreover, where you are an End User, Frederick may need to forward your request and refer you to your Subscriber who may be better placed to address your request.

Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase or enter a promotion, you may not be able to change or delete the Personal Information provided until after the completion of such purchase or promotion). There may also be residual information that will remain within our databases and other records, which will not be removed.

If you are under 18 years of age and a user of the Frederick Services, you may also be entitled to ask us to remove content or information that you have posted to the Frederick Services by submitting a request to support@hirefrederick.com. Please note that your request does not ensure complete or comprehensive removal of the content or information.

If you are a customer of one of our Subscribers and would no longer like to be contacted by one of our Subscribers, or would like request the exercise of a right as set out above in relation to Personal Information held by a Subscriber, please contact the Subscriber directly.

8. Your choices regarding our use and disclosure of information

Information you provide may be used by Frederick for marketing purposes such as one-off promotional emailing, mobile text messages, direct mail, and sales contacts. We give you many choices regarding our use and disclosure of your Personal Information for marketing purposes. You may opt-out from:

  • Receiving electronic communications from us: If you are a user of the Frederick Web App and no longer want to receive marketing-related emails or mobile text messages from us on a going-forward basis, you may opt-out of receiving these marketing-related emails or mobile text messages by sending a request for list removal to unsubscribe@hirefrederick.com or by clicking the unsubscribe link in any marketing-related email sent to you by us. If you have provided your information to Frederick, and opt-out, Frederick will put in place processes to honor your request. This may entail keeping some information for the purpose of remembering that you have opted-out.

We will try to comply with your request(s) as soon as reasonably practicable. Please also note that if you do opt-out of receiving marketing-related emails from us, we may still send you messages for administrative or other purposes directly relating to your use of the Frederick Services, and you cannot opt-out from receiving those messages.

9. Tracking and Advertising

We and our third party service providers may collect Other Information in a variety of ways. We and/or our third party partners may employ various tracking technologies, such as cookies, web beacons and analytics software, that help us better manage content on the Frederick Services by informing us what content is effective. For more information on our use of cookies and similar technologies, please refer to our Cookies Policy.

10. Social Media Features and Widgets

The Frederick Services includes social media features such as the Facebook Like button, and widgets, such as the Share This button or interactive mini-programs that run on our websites. These features may collect your IP address, which page you are visiting on our websites, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our websites. Your interactions with these features are governed by the privacy policy of the company providing it. See Section 22 for a list of third parties and their applicable privacy policies.

11. Sign-In Services

You can log in to some of the Frederick Services using sign-in services such as Facebook Login, Google OAuth, or an Open ID provider. These services will authenticate your identity and provide you the option to share certain Personal Information with us such as your name and email address.

12. Testimonials, Ratings and Reviews

If you submit testimonials, ratings or reviews to the Frederick Services, any Personal Information you include may be displayed in the Service. If you want your testimonial removed, please contact us at support@hirefrederick.com

We may also partner with third-party service providers to collect and display ratings and review content on our web site.

13. Third Party Payment Processor

We currently use third party payment processors as a Third Party Offering for internet based payment services. If you wish to make a payment through Frederick Services, your Personal Information may be collected by such processors directly and not by us, and will be subject to the third party's privacy policy. See Section 22 for a list of third parties and their applicable privacy policies. We have no control over, and are not responsible for, third parties' collection, use and disclosure of your Personal Information.

14. Links to Other Websites

This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including our Subscribers and any third party operating any Third Party Offering, site or other products and services used in connection with the Frederick Services. The inclusion of a link does not imply endorsement of the linked site or service by us or by our affiliates.

Please note that we are not responsible for the collection, usage and disclosure policies and practices (including the data security practices) of other organizations, such as Facebook, Apple, Google, Microsoft, RIM or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including any Personal Information you disclose to other organizations through or in connection with the Frederick Services, including our social media pages.

15. Data Retention

We will retain your Personal Information for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law. The criteria used to determine our retention periods include:

  • The length of time we have an ongoing relationship with you and provide the Frederick Services to you (for example, for as long as you have an account with us or keep using the Frederick Services);
  • Whether there is a legal obligation to which we are subject (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
  • Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

16. Security of Your Information

The security of Personal Information is a high priority at Frederick. We seek to use reasonable technical, administrative and physical safeguards to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure.

17. Use of Service by Minors

The Frederick Services are not directed nor targeted at children under the age of sixteen (16), and we request that they do not provide Personal Information through the Frederick Services.

18. Cross-Border Transfer

The Frederick Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States.

Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Frederick Services you understand that your Personal Information will be transferred to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.

Some of the non-European Economic Area ("EEA") countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en). For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place adequate measures, such as standard contractual clauses (based on the clauses published at http://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32010D0087) a copy of which can be obtained by contacting us at privacy@hirefrederick.com.

Omega8454%

19. Sensitive Information

We ask that you not send us, and you not disclose, any sensitive Personal Information (e.g. information related to racial or ethnic origin, political opinions, religion or other beliefs, biometrics or genetic characteristics, trade union membership or criminal background) on or through the Frederick Services or otherwise to us, except where explicitly requested or consented to.

20. Changes to This Privacy Policy

Frederick may make changes to this Privacy Policy from time to time. Any changes we make will become effective when we post a modified version of the Privacy Policy to https://hirefrederick.com/tos#privacypolicy. If we make any material changes to the Privacy Policy, we may also notify you by posting notice on our websites or within the applicable Frederick Services, or by sending you an email. If you continue using the Frederick Services after any notice of any such changes, it means you have accepted them. If you do not agree to any changes, you must stop using the Frederick Services, as applicable. It is your obligation to ensure that you read, understand and agree to the latest version of The Privacy Policy. The "Last Updated" legend at the top of the Privacy Policy indicates when it was last updated.

21. Contact Us

If you have any questions regarding this Privacy Policy you can contact us via email at privacy@hirefrederick.com or via postal mail at:

ATTN: Frederick Legal - Privacy Policy Issues
Frederick Labs LLC
4051 Broad Street Suite 220
San Luis Obispo, CA 93401

For the EEA, you may also:

22. Third Party Sub Processors

The following is a list of current third party vendors that may either directly or indirectly collect information from you in their capacity as a sub processor. Please review the relevant privacy policies (links current as of the date of publication of this Privacy Policy) for further information on how each third party handles your Personal Information:

Third Party Name Privacy Policy/Notice Link
Amazon Web Services https://aws.amazon.com/privacy/
Citus Data https://www.citusdata.com/privacy
Salesforce https://www.salesforce.com/company/privacy/
Sendgrid https://sendgrid.com/policies/privacy/
Twilio https://www.twilio.com/legal/privacy

Privacy Annex for Frederick Services

Last Updated June 29, 2018

This Privacy Annex ("Annex") is an annex to the overhead agreement which refers to this Annex as being applicable between the Parties ("Terms"). If there are any conflicts or inconsistencies between this Annex and the Terms, the provisions of this Annex prevail. To the extent that Frederick acts as a Processor to you as a Controller, in relation to Your Data originating from the EEA, the following terms apply.

1. Compliance with your instructions

Frederick may only process Personal Data in connection with its obligations and rights under the Terms, or as otherwise instructed by you or required by applicable law. The subject-matter, duration, nature and purpose of the Processing, types of Personal Data and categories of individuals will be the same as for the relevant Services to which the Processing relates. Frederick may aggregate or anonymize Your Data for the purpose of product or service improvements, data science and reporting.

2. Security

Frederick will implement commercially reasonable technical and organizational measures for the Services that are designed to protect Personal Data against accidental or unlawful destruction, loss, alteration, disclosure or access. If you have questions about what security measures Frederick has implemented that are not answered by Appendix 2, please reach out to security@hirefrederick.com. Frederick will notify you of a Personal Data Breach as required under applicable law.

3. Audits

Upon your request, up to once a year, Frederick will provide to you a copy of a self-certification confirming that Frederick complies with the material requirements set out in this Annex. Such self-certification will be Frederick's confidential information. The Parties acknowledge and agree that such self-certification, where applicable, will satisfy clause 5 (f) of the Controller to Processor Standard Contractual Clauses and Article 28.3(h) of the GDPR.

4. Assistance

Frederick will provide you reasonable assistance to allow you, at your sole costs, to demonstrate your compliance with obligations pursuant to this Annex in respect of notifying Personal Data Breaches to a Supervisory Authority and individuals and conducting Data Protection Impact Assessments.

5. Individuals

Frederick will notify you of requests received directly from individuals in relation to the Processing of their Personal Data, unless prohibited from doing so under applicable law. Frederick may, but is not required to, acknowledge receipt of such request and ask additional questions to determine the identity and nature of the request, or may refer such request and individual to you directly, and provide you with reasonable assistance in meeting the request in a timely manner.

You are solely responsible for providing any necessary notices to, and obtaining any necessary consents from, individuals with respect to the Processing of Personal Data pursuant to the Terms and this Annex.

6. Sub-Processors

You agree that Frederick may use Sub-Processors to assist Frederick in Processing Personal Data for the performance of the Services, provided that:

  1. Frederick imposes no less stringent duties on such Sub-Processors regarding security and confidentiality of Personal Data as those set out in this Annex.
  2. Frederick remains responsible to you for the performance of the relevant Services by the Sub-Processor, and
  3. Frederick maintains a list of such Sub-Processors in Section 22 of its Privacy Policy. In order to receive notice of any change to this list, you must request to subscribe to our notification process by emailing us at privacy@hirefrederick.com and requesting to join the Additional Sub-Processor Notification List. You accept that Your failure to join the list may result in missing the deadline to object to new Sub-Processors. You may within five (5) business days of receiving a notice, object to the involvement of such new Sub-Processor on objective justifiable grounds related to the ability of such Sub-Processor to protect the Personal Data or comply with data protection requirements applicable to Sub-Processor. In the event that the objection is not unreasonable, the Parties will work together in good faith to find a solution to address such objection, including but not limited to reviewing additional documentation supporting the Sub-Processors' compliance.

7. Transfers

To the extent that the Services involve a transfer of Personal Data originating from the EEA, the Controller to Processor Standard Contractual Clauses, which are herein incorporated by reference, will apply and Frederick will comply, as the Processor, with the obligations therein to facilitate such transfers. The Appendices of such Controller to Processor Standard Contractual Clauses (the "Appendices") are appended to this Annex and are incorporated herein by reference. Your click-through acceptance of the Terms constitutes your signature to and acceptance of the Controller to Processor Standard Contractual Clauses and the Appendices.

8. Return and Deletion of Personal Data

Upon termination or expiration of the Services, Frederick will make available to you Personal Data maintained by Frederick for a duration of three (3) months to allow you to retrieve where reasonably technically feasible your Personal Data in a commonly used format set out by Frederick. After such period, Frederick will destroy or otherwise render inaccessible, at our discretion, such Personal Data from the production environment of the Services, except as may be required by law. Actions set out in this section are at your sole cost.

9. Changes

We may make changes to this Annex, including the Appendices, from time to time as necessary to reflect changes in our business or legal and regulatory requirements. Changes we make will become effective when we publish a modified version of the Annex on our websites. If you continue using the Services after any changes, it means you have accepted them. If you do not agree to any material changes, you must stop using the Services, and you can terminate your account by emailing support@hirefrederick.com.

10. Key definitions

Unless otherwise defined below, capitalized terms have the meaning set out in the Terms or the Privacy Policy.

10.1 "Controller", "Personal Data Breach", "Data Protection Impact Assessment", "Process/Processing", "Processor", and "Supervisory Authority" have the meaning set out in the GDPR.

10.2 "Controller to Processor Standard Contractual Clauses" means Standard Contractual Clauses adopted by the EU Commission pursuant to its decision C(2010)593 located at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087 (as updated or replaced from time to time).

10.3 "EEA" means all member states of the European Union, Norway, Iceland, Liechtenstein and, for the purposes of the Annex, Switzerland;

10.4 "GDPR" means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

10.5 "Parties" means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

10.6 "Personal Data" means Your Data to the extent that it relates to an identified or identifiable natural person.

10.7 "Sub-Processors" means third party organizations that Frederick engages for the Processing of the Personal Data and which do not act under Frederick's direct authority.

Appendix 1 to the Controller to Processor Standard Contractual Clauses (description of transfer)

This Appendix forms part of the Controller to Processor Standard Contractual Clauses.

The Member States may complete or specify, according to their national procedures, any additional necessary information to be contained in this Appendix.

Data Exporter and Data Importer

You transfer, and Frederick receives, Personal Data in relation to the supply of Services as set out in the Terms.

Data subjects

The personal data transferred concern the following categories of data subjects:

Employees, including temporary and prospective employees, relatives, guardians and associates of the individual, existing and prospective (customers') customers (including gyms, fitness studios, practitioners), consumers, suppliers, visitors or registrants at offices, web sites and/or events, employees of corporate business associates, advisors, consultants and other professional experts, and other categories as relevant to the Services.

Categories of data

Data as necessary for the Services, including contact and other personal details (name, address, telephone or mobile number, fax number, email, education and background, etc.), billing and financial details, purchase and sales history, electronic data (including IP address, application, device, Internet, network and browser data), sales and marketing data (including prospects, membership and mailing list participation), visit, class attendance, and appointment data, demographic or geographic information, analysis and business intelligence, statistics and use trends, service account data, training and technical support data, know-how, and other data as relevant to the Services.

Processing operations

The personal data transferred will be subject to the following basic processing activities (please specify):

Processing operations are limited to the extent necessary to provide the Services as specified under the Terms.

Appendix 2 to the Controller to Processor Standard Contractual Clauses

This Appendix forms part of the Controller to Processor Standard Contractual Clauses.

1. Physical Security Controls

Processor must implement appropriate physical security controls within its premises to prevent unauthorized persons from gaining access to data and systems. For this, Processor has implemented the following measures:

  • Identification card for all members of staff
  • Manned reception area in all buildings
  • Visitor access procedure
  • Locked entry gates at all external doors
  • Data center access limited to authorized personnel
  • Entry security systems 24x7 (e.g., smart card reader, code locks)

2. Access Control

Processor must prevent unauthorized access to data processing systems. Processor has implemented the following measures for electronic access control:

  • Access control system (User ID and Strong Password)
  • Screen locks that activate after period of inactivity
  • Encryption of data on personal computers, portable devices, or removable media
  • Encryption of data transmitted via unsecure networks
  • Firewalls
  • Penetration testing
  • Documented Security Incident Response Plan

3. Authorization Process

Processor must ensure that authorized members of staff have access only to the data which they require in the course of their work duties and to which they have a right of access and must prevent any unauthorized access outside of the granted permissions. Processor has implemented the following measures:

  • Regular controls of authorizations granted and change process to reflect termination of employment, contract, agreement, or change of roles
  • Privileged access limited to essential administration personnel
  • Authentication process (User ID and Strong Password)
  • Secured interfaces
  • Encryption of data on personal computers, portable devices, or removable media
  • Encryption of data transmitted via unsecure networks

4. Transmission Control

Processor shall ensure that personal data are protected against any unauthorized reading, modification, copying, or removal during electronic transmission or transport. Measures must be in place to verify to which recipient's transfers are envisaged. Processor has implemented the following measures during transport, transfer, and transmission or storage on data carriers:

  • Encryption of data transmitted via unsecure networks

5. Input Control

Processor shall ensure that it is possible to verify what personal data were entered into processing systems, modified, or removed, at what time, and by whom. Processor has implemented the following to allow for retrospective review of whether and by whom personal data are entered, modified, or removed:

  • Authentication process (User ID and Strong Password)
  • Documented Incident Response Plan

6. External Parties

Processor shall ensure that, in the case of sub-contracting personal data will be processed only in accordance with the instructions of the Controller and will maintain:

  • Written contractual arrangements/instructions with all sub-contractors
  • Access controls to restrict access to what is required to perform the specific services

7. Availability Control

Processor shall take measures to protect personal data against accidental loss or destruction. Processor has implemented the following measures for availability control:

  • Daily automated Back-up
  • Redundant power feeds
  • Temperature and humidity controls and monitoring
  • Encryption of data transmitted via unsecure networks

8. Data Segregation

The data of the Controller are to be separated from the data of other customers and the Processor. Personal data collected for different purposes must be processed separately. Some measures taken by Processor for separation control are:

  • Customer data and systems are separated from internal systems
  • Separation of production and test systems
  • Defined roles and responsibilities including appropriate segregation of duties amongst member of staff

Frederick Client Communication and Anti-Spam Policy

Last Updated June 29, 2018

Frederick's Policy

Frederick's customer support actively monitors import lists and emails going to a large number of subscribers. Any customer found to be using Frederick for spam will be immediately cut-off from use of the product.

Every marketing communication from Frederick contains a mandatory unsubscribe link to allow consumers to update their communication preferences at any time.

What is Spam?

Spam is unsolicited email also known as UCE (Unsolicited Commercial Email). By sending email to only to those who have requested to receive it, you are following accepted permission-based email guidelines.

What constitutes consent?

The recipient of your communication has been clearly and fully notified of the collection and use of his or her email address or phone number and has consented prior to such collection and use. This is often called informed consent.

Your must comply with anti-spam and data privacy regulations

The CAN-SPAM Act is a US federal anti-spam law that went into effect on January 1st, 2004 and preempts all state laws. While this law will not stop spam, it does make most spam illegal and ultimately less attractive to spammers. The law is specific about requirements to send commercial email and empowers the federal government to enforce the law. The penalties can include a fine and/or imprisonment for up to 5 years.

If you send or receive mail via mail servers in Canada, you must also comply with Canada's Anti-Spam Law ("CASL").

If you or your organization is located within the European Union or if you send communications to EU data subjects, you must also comply with the General Data Protection Regulation ("GDPR").

The above is not an exhaustive list of laws and regulations that may apply to you and your organization. We urge you to consult your own legal counsel to familiarize yourself with the requirements that govern your own specific situation.

How Frederick protects you from sending spam

Frederick is a permission-based email-marketing and sms-marketing platform that follows the strictest permission-based philosophies:

  • Permission - By accepting our terms of service, you have agreed to use only permission-based lists and never to sell or rent your lists.
  • Verification - Frederick only sends email and text messages to contacts that you certify have already given express permission to receive marketing communications from your business.
  • Unsubscribe - Every marketing communication generated from Frederick contains an unsubscribe link which allows your subscribers to opt-out of future email or text campaigns and automatically updates your subscriber lists to avoid the chance of sending unwanted communications to visitors who have unsubscribed.
  • Identification - Your email header information is correct because it is pre-set for you by Frederick.
  • Contact Information - all of your emails are pre-filled with your contact information.

How to protect yourself from Spam: Take the Spam Test

  1. Are you importing a purchased list of ANY kind?
  2. Are you sending to non-specific addresses such as:
    • sales@domain.com, business@domain.com, webmaster@domain.com, info@domain.com, or other general addresses.
  3. Are you sending to distribution lists or mailing lists which send indirectly to a variety of email addresses?
  4. Are you mailing to anyone who has not explicitly agreed to join your mailing list?
  5. Have you falsified your originating address or transmission path information?
  6. Have you used a third party email address or domain name without their permission?
  7. Does your email's subject line contain false or misleading information?
  8. Does your email fail to provide a working link to unsubscribe?
  9. Are you failing to process any unsubscribe requests that come to you via a reply to your email within 10 days of the request?

If you have answered YES to ANY of the above questions you will likely be labeled a SPAMMER. For more information visit The Coalition Against Unsolicited Email (www.cauce.org) or contact Customer Support (support@hirefrederick.com)

Cookies and Similar Technologies Policy

Last Updated June 29, 2018

This Cookies & Similar Technologies Policy ("Cookie Policy") describes the different types of cookies and similar technologies that are used on the websites of Frederick LLC and its affiliates ("Frederick"). Please also consult our Privacy Policy to understand how we handle personal and other information in general.

1. What are cookies and similar technologies?

Cookies are a standard feature of websites that allow us to store small amounts of data on your computer or other device about your visit to our websites. Cookies help us learn which areas of our websites are useful and which areas need improvement.

Some cookies may facilitate additional website features for enhanced performance and functionality such as remembering preferences, allowing social interactions, analysing usage for website optimization, providing custom or localized content and pricing, allowing third parties to provide social sharing tools, and serving images or videos from third party websites. Some features on this site will not function if you do not allow cookies. We may link the information we store in cookies to Personal or Other Information you submit while on our websites.

2. What cookies and similar technologies do we use?

Cookies

We may use both session ID cookies and persistent cookies. A session ID cookie expires when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. Persistent cookies enable us to track and target the interest of our users to enhance the experience on our websites. We use various types of cookies:

  • Essential cookies, persistent and session type, store information to enable core website functionality, such as Live Chat and Client ID remembrance.
  • Functional cookies are cookies that are used to track your preferences, such as your preferred language or display settings, and customize the website to you. Some of these cookies may be essential cookies.
  • Analytics cookies allow us to count page visits and traffic sources so we can measure and improve the performance of our websites and our marketing campaigns.
  • Advertising cookies may be set through our website by our advertising partners. Data may be collected by these companies that enable them to serve up advertisements on other websites that are relevant to your interests.

Web beacons / pixel tags

Web beacons, also known as pixel tags, are tiny graphic objects that are embedded in a web page or email and are usually invisible to the user but allow checking that a user has viewed the page or email. We (or third party data or ad networks we work with) may use web beacons alone or in conjunction with cookies to compile information about our services, or other information we or they have collected. Web beacons may be used within our services to track email open rates, web page visits or form submissions. In some cases, we tie the information gathered by web beacons to our subscribers' and end users' personal information. For example, we use clear gifs in our HTML-based emails to let us know which emails have been opened by recipients. This allows us to gauge the effectiveness of certain communications and the effectiveness of our marketing campaigns. Web Beacons are also deployed by third parties, in connection with cookies, to serve interest-based (and other) advertising, as described in the below section titled "Advertising Networks".

Flash LSOs

We use Flash Local Shared Objects ("Flash LSOs") and other technologies to, among other things, collect and store information about your use of our websites. Third parties with whom we partner to provide certain features on our website or to display advertising based upon your web browsing activity also use Flash LSOs to collect and store information. If you do not want Flash LSOs stored on your computer, you can adjust the settings of your Flash player to block Flash LSO storage using the tools contained in the Website Storage Settings Panel. You can also go to the Global Storage Settings Panel and follow the instructions (which explain, for example, how to delete existing Flash LSOs, how to prevent Flash LSOs from being placed on your computer without your consent, and how to block Flash LSOs that are not being delivered by the operator of the page you are on at the time). Please note that setting the Flash player to restrict or limit acceptance of Flash LSOs may reduce or impede the functionality of some Flash applications.

Physical Location

We collect the physical location of your device by, for example, using satellite, cell phone tower, or WiFi signals. We use your device's physical location to provide you with location-based services and content. You may disable our use of certain location data through your device or browser settings.

Analytics Software

We and our third party tracking-utility partners use log files on our services to gather certain information automatically and store it for analytical purposes. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. We use third party partners such as Google Analytics, which uses cookies and other, similar technologies to collect and analyze information about use of our services and report on activities and trends. This service may also collect information regarding the use of other websites, apps and online resources. You can learn about Google's practices by going to https://www.google.com/policies/privacy/partners/, and opt out of them by downloading the Google Analytics opt-out browser add-on. Please see Section 24 of the Privacy Policy for a list of additional third party tracking partners integrated within the Frederick Services.

We also use this information to track and aggregate other information to analyze trends, administer our websites, track users' movements around our services and to gather demographic information about our user base in the aggregate.

Advertising Networks

We partner with third party data or ad network(s) and other service providers to show you relevant ads (whether for our products or those of other companies), including ads displayed on our services and on other companies' websites or apps, on any of your devices.

We and our service providers may use cookies and web beacons to deploy and read cookie identifiers and Mobile Ad IDs, associated with your activities on our services, third party websites, mobile apps or other information we collect, to provide you targeted advertising based upon your interests. They may also use these technologies, along with activity information they collect, to recognize you across the devices you use, such as a mobile device and a laptop or other computer. These ad networks and their customers may also use any of this information to measure ad performance, understand their (or our) audience, or otherwise improve and enhance their marketing.

Similarly, we or a third party data partner may associate cookies with hashed (non-human readable) versions of your registration data (e.g., your email address), along with other interest-based or demographic data. You can learn more about or opt out of this type of advertising through the links in the following paragraph.

Mobile Opt Out

You can opt out of having your Mobile Ad IDs used for interest-based mobile advertising by accessing the settings on your Apple or Android mobile device, as follows:

  • Apple Devices: If you have an Apple device, you can opt out of most cross-app advertising by toggling Limit Ad Tracking to ‘ON'. This can currently be found under Settings > Privacy > Advertising.
  • Android Devices: If you have an Android device, you can opt out of most cross-app advertising by clicking on Google Settings > Ads, and selecting the option to opt-out of interest-based ads.

Please note that these platforms control how these settings work, so the above instructions may change. Likewise, if your device uses other platforms not described above, please check the settings for those devices.

Web-based Opt Out

If you wish to opt-out of many of the ad platforms that serve or support interest-based advertising (or learn more about this type of advertising), go to http://www.networkadvertising.org/managing/opt_out.asp, http://www.aboutads.info/choices and http://preferences-mgr.truste.com/ to opt out in desktop and mobile web browsers. You may download the AppChoices app at http://youradchoices.com/appchoices to opt out in mobile apps. For individuals in the EU, please also visit http://www.youronlinechoices.eu/.

Please note that any opt-out from interest-based advertising will not result in the cessation of all advertising, as we, or our third party advertisers, may continue to serve you contextual-based advertising. Please also note that the above opt-out mechanisms are cookie-based, so if you change or modify your browser, or clear your cookies, you will need to opt out again.

3. How do I manage cookies and similar technologies?

We will use cookies and similar technologies where you have opted-in and applicable law requires opt-in.

In addition to the options provided above, you can refuse or accept cookies from our websites at any time by activating the settings on your browser. Information about the procedure to follow in order to enable or disable cookies can be found on your Internet browser provider's website via your help screen. Please refer to http://www.allaboutcookies.org/manage-cookies/index.html for information on commonly used browsers.

If you want to clear all cookies left behind by the websites you have visited, here are links where you can download three programs that clean out tracking cookies:

We may change this Cookie Policy from time to time. Please take a look at the "LAST UPDATED" legend at the top of this page to see when this Cookie Policy was last updated. Any changes in this Cookie Policy will become effective when we make the revised Cookie Policy available on or through our websites.

Contact Us

If you have any questions, please contact us by email at privacy@hirefrederick.com, or write to us at the following address:

ATTN: Frederick Legal – Cookies Policy Issues
Frederick Labs LLC
4051 Broad Street Suite 220
San Luis Obispo, CA 93401

Frederick Security Policy

Last Updated June 29, 2018

Frederick Labs LLC ("Frederick", "we", "us" or "our") has created this security policy ("Security Policy") in order to demonstrate our commitment to safeguarding our customers' data using commercially reasonable and appropriate security controls for such data that we obtain from you on our mobile sites and applications hirefrederick.com (the "Site") and the services, features, content, or applications we offer (collectively with the Site, the "Frederick Service" or "Service").

We reserve the right to change this Security Policy from time to time. Your access and use of the Site and Service is subject to the Security Policy in effect at the time of such access. If we make material changes to our security controls, we will notify you by posting an announcement on the Service or sending you an email; and we will post the most up-to-date version of this Security Policy at hirefrederick.com/tos#securitypolicy. Please review this Security Policy frequently to remain informed of Frederick's information security practices. You are bound by any changes to the Security Policy when you use the Service after such changes have been first posted.

Data Security

We follow alerts issued by various vendors and security groups, especially related to newly found vulnerabilities, also called zero-day vulnerabilities.

We protect data in transit with strong encryption and selectively use data at rest encryption, tokenization, and data masking.

Hosting Security

Frederick's physical infrastructure is hosted and managed within Amazon's secure data centers and utilize the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon's data center operations have been accredited under:

  • ISO 27001
  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  • PCI Level 1
  • FISMA Moderate
  • Sarbanes-Oxley (SOX)

Recommended Best Practices For You

While Frederick maintains the security of our systems as described in this policy, you, as a Frederick Subscriber are responsible for other recommended security practices:

  • Maintain an appropriate level of security (both physical and logical) for all local systems (including but not limited to networks, desktop computers, swipers, tablets, and mobile phones)
  • The security program should include, but is not limited to:
    • Installing appropriate anti-virus and anti-malware protection;
    • Enabling web browser auto-updates;
    • Implementing a robust operating system and software patching process;
    • Implementing a good user and password management process, including periodic password changes, deleting user accounts promptly after staff departures and so forth;
    • Replacing old peripherals and hardware with more modern and secure alternatives, for example, replacing systems with non supported operating systems
    • Using the Frederick system as designed; and
    • Notifying Frederick immediately (security@hirefrederick.com) of any suspected compromise or unusual account activity
  • Leverage Frederick system security controls, including:
    • Create a separate Location Admin for each staff member you wish to provide access
    • Use Frederick's data sync tools, contact import tools, and opt-in management tools

How to Contact Frederick

Questions regarding this Security Policy or the security-related practices of the Site should be directed by sending an email to security@hirefrederick.com.