Privacy Policy

Version Date: Jun 3, 2020 


Epsagon LLC.  and its subsidiaries (“Epsagon” or “we” or “us” or “our”) respects the privacy of its subscribers (“subscriber” or “you”) that use our subscription service (the “Subscription Service”). The following Epsagon privacy policy (“Privacy Policy”) is designed to inform you, as a subscriber of the Subscription Service, about the types of information that Epsagon may gather about or collect from you in connection with your use of the Subscription Service. It also is intended to explain the conditions under which Epsagon uses and discloses that information, and your rights in relation to that information. Changes to this Privacy Policy are discussed at the end of this document. Each time you use the Subscription Service, however, the current version of this Privacy Policy will apply. Accordingly, each time you use the Subscription Service you should check the date of this Privacy Policy (which appears at the beginning of this document) and review any changes since the last time you used the Subscription Service.  






Subscribers of the Subscription Service Generally


“Non-Personally-Identifying Information” is information that, without the aid of additional information, cannot be directly associated with a specific person. “Personally-Identifying Information,” by contrast, is information such as a name or email address that, without more, can be directly associated with a specific person. Like most online operators, Epsagon gathers from subscribers of the Subscription Service Non-Personally-Identifying Information of the sort that web browsers, depending on their settings, may make available. That information includes the subscriber’s Internet Protocol (IP) address, operating system and browser type, and the locations of the web pages the subscriber views right before arriving at, while navigating and immediately after leaving the Subscription Service. Although such information is not personally identifiable, it may be possible for Epsagon to determine from an IP address a subscriber’s Internet service provider and the geographic location of the visitor’s point of connectivity as well as other statistical usage data. Epsagon analyzes Non-Personally-Identifying Information gathered from subscribers of the Subscription Service to help Epsagon better understand how the Subscription Service is being used. By identifying patterns and trends in usage, Epsagon is able to better design the Subscription Service to improve subscribers’ experiences, both in terms of content and ease of use. From time to time, Epsagon may also release the Non-Personally-Identifying Information gathered from Subscription Service subscribers in the aggregate, such as by publishing a report on trends in the usage of the Subscription Service.


Web Cookies


A “Web Cookie” is a string of information which assigns you a unique identification that a website stores on a subscriber’s computer, and that the subscriber’s browser provides to the website each time the subscriber submits a query to the site. We use cookies on the Subscription Service to keep track of services you have used, to record registration information regarding your login name and password, to record your subscriber preferences, to keep you logged into the Subscription Service, and to facilitate purchase procedures. Epsagon also uses Web Cookies to track the pages that subscribers visit during each Subscription Service session, both to help Epsagon improve subscribers’ experiences and to help Epsagon understand how the Subscription Service is being used. As with other Non-Personally-Identifying Information gathered from subscribers of the Subscription Service, Epsagon analyzes and discloses in aggregated form information gathered using Web Cookies, so as to help Epsagon, its partners and others better understand how the Subscription Service is being used. SUBSCRIBERS WHO DO NOT WISH TO HAVE WEB COOKIES PLACED ON THEIR COMPUTERS SHOULD SET THEIR BROWSERS TO REFUSE WEB COOKIES BEFORE ACCESSING THE SUBSCRIPTION SERVICE, WITH THE UNDERSTANDING THAT CERTAIN FEATURES OF THE SUBSCRIPTION SERVICE MAY NOT FUNCTION PROPERLY WITHOUT THE AID OF WEB COOKIES. SUBSCRIBERS WHO REFUSE WEB COOKIES ASSUME ALL RESPONSIBILITY FOR ANY RESULTING LOSS OF FUNCTIONALITY.


Web Beacons


A “Web Beacon” is an object that is embedded in a web page or email that is usually invisible to the subscriber and allows website operators to check whether a subscriber has viewed a particular web page or an email. Epsagon may use Web Beacons on the Subscription Service and in emails to count subscribers who have visited particular pages, and viewed emails. Web Beacons are not used to access subscribers’ Personally-Identifying Information; they are a technique Epsagon may use to compile aggregated statistics about Subscription Service usage. Web Beacons collect only a limited set of information including a Web Cookie number, time and date of a page or email view, and a description of the page or email on which the Web Beacon resides. You may not decline Web Beacons, however, they can be rendered ineffective by declining all Web Cookies or modifying your browser setting to notify you each time a Web Cookie is tendered and permit you to accept or decline Web Cookies on an individual basis.  




We may use third-party vendors, including Google, who use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to provide analytics services, inform, optimize, and serve ads based on your past activity on our websites and applications, including Google Analytics for Display Advertising. These vendors may use Web Cookies, Web Beacons and other technologies to collect information about your use of the Subscription Service, our service and other websites, including your IP address, web browser, pages viewed, time spent on pages, links clicked and conversion information. This information may be used by us and others to, among other things, analyze and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests on our service and other websites and better understand your online activity. If you do not want any information to be collected and used by Google Analytics, you can install an opt-out in your web browser ( and/or opt out from Google Analytics for Display Advertising or the Google Display Network. You can do so by using Google’s Ads Settings ( For more information about interest-based ads, or to opt out in general of having your web browsing information used for behavioral advertising purposes, please visit


Aggregated and Non-Personally-Identifying Information


We may share aggregated and Non-Personally Identifying Information we collect under any of the above circumstances. We may also share it with third parties and our affiliate companies to develop and deliver targeted advertising on our Subscription Service and on websites of third parties. We may combine Non-Personally Identifying Information we collect with additional Non-Personally Identifying Information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to our Subscription Service and the most popular features or services accessed. This information does not contain any Personally-Identifying Information and may be used to develop content and services that we hope you and other subscribers will find of interest.






As defined above, Personally-Identifying Information is information that can be directly associated with a specific person. Epsagon may collect a range of Personally-Identifying Information from and about subscribers. Much of the Personally-Identifying Information collected by Epsagon about subscribers is information provided by subscribers themselves when (1) registering for our service, (2) participating in polls,  surveys or other features of our service, or responding to offers, (3) communicating with us, or (4) signing up to receive newsletters. That information may include each subscriber’s name, address, email address, and telephone number, and, if you transact business with us, financial information such as your payment method (valid credit card number, type, expiration date or other financial information). We also may request information about your interests and activities, your gender, age, date of birth, username, hometown and other demographic information, and other relevant information as determined by Epsagon from time to time. Subscribers of the Subscription Service are under no obligation to provide Epsagon with Personally-Identifying Information of any kind, with the caveat that a subscriber’s refusal to do so may prevent the subscriber from using certain Subscription Service features.



Epsagon Communications


We may occasionally use your name and email address to send you notifications regarding new services offered by the Subscription Service that we think you may find valuable. We may also send you service-related announcements from time to time through the general operation of the service. Generally, you may opt out of such emails at the time of registration or through your account settings, though we reserve the right to send you notices about your account, such as service announcements, and administrative messages, even if you opt out of all voluntary email notifications.




If you do not want to receive such messages, you may opt out or change your preferences in your account. Opting out may prevent you from receiving messages regarding updates, improvements, or offers.


Epsagon Disclosures


Epsagon will disclose Personally-Identifying Information under the following circumstances:

  • By Law or to Protect Rights. When we believe disclosure is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of Epsagon, our subscribers, our employees, or others; to comply with applicable law or cooperate with law enforcement; or to enforce our Subscription Service Agreement or other agreements or policies, in response to a subpoena or similar investigative demand, a court order, or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us. 
  • Third Party Service Providers. We may share your Personally-Identifying Information, which may include your name and contact information (including email address) with our authorized service providers that perform certain services on our behalf. These services may include fulfilling orders, providing customer service and marketing assistance, performing business and sales analysis, supporting our website functionality, and supporting surveys and other features offered through our Subscription Service. We may also share your name, contact information and credit card information with our authorized service providers who process credit card payments. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purpose.


  • Business Transfers; Bankruptcy. Epsagon reserves the right to transfer all Personally-Identifying Information in its possession to a successor organization in the event of a merger, acquisition, or bankruptcy or other sale of all or a portion of Epsagon’s assets. Other than to the extent ordered by a bankruptcy or other court, the use and disclosure of all transferred Personally-Identifying Information will be subject to this Privacy Policy, or to a new privacy policy if you are given notice of that new privacy policy and are given an opportunity to affirmatively opt-out of it. Personally-Identifying Information submitted or collected after a transfer, however, may be subject to a new privacy policy adopted by the successor organization.


Changing Personally-Identifying Information; Account Termination

You may at any time review or change your Personally-Identifying Information by going to your account settings (if applicable) or contacting us using the contact information below.  Upon your request, we will deactivate or delete your account and contact information from our active databases. Such information will be deactivated or deleted as soon as practicable based on your account activity and accordance with our deactivation policy and applicable law. To make this request, either go to your account settings (if applicable) or contact us as provided below. We will retain in our files some personal information to prevent fraud, to troubleshoot problems, to assist with any investigations, to enforce our Subscription Service Agreement and to comply with legal requirements as is permitted by law. Therefore, you should not expect that all your personal information will be completely removed from our databases in response to your requests. Additionally, we keep a history of changed information to investigate suspected fraud with your account.


General Use

We use the Personally-Identifying Information in the file we maintain about you, and other information we obtain from your current and past activities on the Subscription Service to: deliver the products and services that you have requested, manage your account and provide you with customer support, communicate with you by email, postal mail, telephone and/or mobile devices about products or services that may be of interest to you either from us, our affiliate companies or other third parties, develop and display content and advertising tailored to your interests on our Subscription Service and other sites, resolve disputes, troubleshoot problems, measure consumer interest in our services, inform you of updates, customize your experience, detect and protect us against error, fraud and other criminal activity, enforce our Subscription Service Agreement, and as otherwise described to you at the time of collection. At times, we may look across multiple subscribers to identify problems. In particular, we may examine your Personally-Identifying Information to identify subscribers using multiple subscriber IDs or aliases. We may compare and review your Personally-Identifying Information for accuracy and to detect errors and omissions. We may use financial information or payment method to process payment for any purchases made on our Subscription Service, enroll you in the discount, rebate, and other programs in which you elect to participate, to protect against or identify possible fraudulent transactions, and otherwise as needed to manage our business.




This section of the Privacy Policy addresses how Epsagon may collect, process, store, use and disclose the data which you may create, maintain, use or disclose in connection with your account (“Subscriber Data”). In order to provide the Subscription Service, Epsagon hosts and processes Subscriber Data in connection with your account. By creating, maintaining, using or disclosing Subscriber Data in connection with the Subscription Service and your account, you acknowledge that you are the owner or that you otherwise have the right, authority or consent to control such Subscriber Data and to authorize Epsagon and its employees, agents and contractors to take such actions with respect to Subscriber Data as described in this Privacy Policy.

Except as otherwise described in this Privacy Policy or the Subscription Service Agreement, Subscriber Data in your account is not accessible to anyone, unless you choose to make it accessible. Epsagon facilitates and provides tools for you to manage access to and use of your Subscriber Data, including sharing such information on a website or otherwise making such information available to others. However, you, and only you, control whether and what Subscriber Data to create, maintain, use or disclose in connection with your account and any corresponding website. You are solely responsible for granting access to others, publishing, sharing, updating or deleting such Subscriber Data in your account. Epsagon is not responsible for any such access to, activities, use or disclosure involving Subscriber Data, regardless of how or by whom such occurs.

In limited circumstances, Epsagon or its employees, agents and contractors may have access to, use or disclose Subscriber Data in order to provide the Subscription Service. The following are some of the more common (but not exhaustive) circumstances under which Epsagon, and its employees, agents and contractors may have access to, use or disclose Subscriber Data in order to provide the Subscription Service:

  1. To host, process, conduct data backups and maintenance, upgrades, debugging, troubleshooting, programming and other related administrative or technical activities required to provide the Subscription Service;
  2. To conduct security activities related to preventing, detecting, investigating and responding to security incidents, threats or vulnerabilities, implementing security safeguards and controls and other activities related to security;
  3. To respond to or provide support and related activities which you have requested in connection with your account and the Subscription Service, or which you have otherwise consented to;
  4. In response to court orders, legal process, or as otherwise required by applicable law;
  5. In connection with suspension, termination or expiration of the Subscription Service Agreement as set forth in the Subscription Service Agreement, or as necessary to resolve any dispute related to the Subscription Service Agreement; or
  6. When we act under exigent circumstances, to the extent permitted by applicable law, to protect the safety of customers or the public.


Epsagon will only make available Subscriber Data to its employees, agents or contractors who have a need to know or access in order to provide Subscription Service to or on behalf of Epsagon as described in this Privacy Policy. Epsagon will never use or disclose Subscriber Data for marketing, advertising or other similar commercial purposes.

Notwithstanding the foregoing, Epsagon may use and disclose information that includes, is based upon or is derived from the Subscriber Data for marketing, business and other related purposes, provided that such information is in a form that is aggregated and de-identified so that the data is not associable to any individual subscriber.

Retention and deletion by Epsagon of Subscriber Data is governed by the terms of the Subscription Service Agreement.



The Children’s Online Privacy Protection Act (“COPPA”) protects the online privacy of children under 13 years of age. We do not knowingly collect or maintain personal information from anyone under the age of 13, unless or except as permitted by law. Any person who provides personal information through the Subscription Service represents to us that he or she is 13 years of age or older.



Epsagon contractually prohibits its contractors, affiliates, vendors and suppliers from disclosing Personally-Identifying Information received from Epsagon, other than in accordance with this Privacy Policy. Third parties are under no obligation to comply with this Privacy Policy, however, with respect to Personally-Identifying Information that subscribers provide directly to those third parties or that those third parties collect for themselves. These third parties include advertisers, providers of games, utilities, widgets and a variety of other third party applications accessible through the Subscription Service. Epsagon neither owns nor controls the third-party websites and applications accessible through the Subscription Service. Thus, this Privacy Policy does not apply to information provided to or gathered by the third parties that operate them. Before visiting a third-party, or using a third party application, whether by means of a link on the Subscription Service, directly through the Subscription Service, or otherwise, and before providing any Personally-Identifying Information to any such third party, subscribers should inform themselves of the privacy policies and practices (if any) of the third party responsible for that website or application, and should take those steps necessary to, in those subscribers’ discretion, protect their privacy.



We take security of your Personally-Identifying Information seriously and use reasonable electronic, personnel, and physical measures to protect it from loss, theft, alteration, or misuse.  However, please be advised that even the best security measures cannot fully eliminate all risks. We cannot guarantee that only authorized persons will view your information. We are not responsible for third party circumvention of any privacy settings or security measures.


We are dedicated to protect all information on our Subscription Service as is necessary. However, you are responsible for maintaining the confidentiality of your Personally-Identifying Information by keeping your password confidential. You should change your password immediately if you believe someone has gained unauthorized access to it or your account. If you lose control of your account, you should notify us immediately.


EU-US Privacy Shield

Epsagon’s U.S. subsidiary, Epsagon, Inc., complies with both the EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries, the United Kingdom, and Switzerland to the United States. Epsagon, Inc. has certified that it adheres to the Privacy Shield Principles. If there is any conflict between the policies in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles will govern. To learn more about the Privacy Shield program, and to view our certification page, please visit

With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Epsagon, Inc. is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission. 

Pursuant to the Privacy Shield Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to If requested to remove data, we will respond within a reasonable timeframe. 

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to  


In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

Epsagon, Inc.’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Epsagon, Inc. remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Epsagon, Inc. proves that it is not responsible for the event giving rise to the damage. 

In compliance with the Privacy Shield Principles, Epsagon, Inc. commits to resolve complaints about our collection or use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Epsagon, Inc at:

Epsagon, Inc has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit for more information and to file a complaint. This service is provided free of charge to you.  

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at   



Epsagon may, in its sole discretion, change this Privacy Policy from time to time. Any and all changes to Epsagon’s Privacy Policy will be reflected on this page and the date new versions are posted will be stated at the top of this Privacy Policy. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your account. Subscribers should regularly check this page for any changes to its Privacy Policy. Epsagon will always post new versions of the Privacy Policy on the Subscription Service. However, Epsagon may, as determined in its discretion, decide to notify subscribers of changes made to this Privacy Policy via email or otherwise. Accordingly, it is important that subscribers always maintain and update their contact information.



California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our subscribers who are California residents to request and obtain from us once a year, free of charge, information about the personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to our privacy officer as listed below.



Our Subscription Service does not respond to “Do Not Track” signals or mechanisms.



At Epsagon, nothing to us is more important than the success of our customers and the protection of their Personally Identifiable Information (PII) or Protected Health Information (PHI). With customers in nearly every country in the world, we adhere to The Health Insurance Portability and Accountability Act compliance (HIPAA) and the General Data Protection Regulation (GDPR). sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have a physical, network, and process security measures in place and follow them to ensure HIPAA and GDPR Compliance. Covered entities (anyone providing treatment, payment, and operations in healthcare) and business associates (anyone who has access to patient information and provides support in treatment, payment, or operations) must meet HIPAA and GDPR Compliance. Other entities, such as subcontractors and any other related business associates that holds this data must also be in compliance.


What steps were taken by Epsagon following the HIPAA and GDPR requirements?

We worked with our engineering, product, security and legal teams to make both our product and our legal terms in line with the HIPAA and GDPR and will continue to ensure they keep in line continuously. As part of Epsagon readiness project we’ve taken the following steps:

  • Reviewed and strength our security infrastructure and practices, data encryption in transit and at rest, backup, logs, and security alerts.
  • A risk assessment and data mapping process was made to make sure any data that may be stored or processed is processed and managed according to the HIPAA and GDPR instructions.
  • Had an external audit made by E&Y to receive a SOC 2 Type II security attestation from the American Institute of Certified Public Accountants (AICPA)
  • Received an internationally recognized security certification for ISO 27001 ISMS (information security management system)
  • We’ve put on place all the internal procedures, processes and controls and recurring training sessions for the team, to ensure our on-going compliance with the HIPAA and GDPR
  • We’ve revised our Privacy Policy to support the HIPAA and GDPR requirements.
  • Performed security and privacy assessment to our sub-processors to ensure they are all complying with the HIPAA and GDPR requirements.
  • We’ve appointed a Data Protection Officer (DPO).
  • We’ll continue to monitor the guidance around HIPAA and GDPR compliance and will ensure that our product and processes are complying with that guidance when they become effective.
  • You have the right under certain circumstances:
    • to be provided with a copy of your personal data held by us;
    • to request the rectification or erasure of your personal data held by us;
    • to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
  • You may opt-out at any time from allowing further access by us to your location data.

We would appreciate the opportunity to directly address any HIPAA or GDPR issues you may have. Please contact us at



If you have any comments or questions regarding our Privacy Policy or if you have any concerns regarding your Privacy, you can contact Epsagon’s support at or our Data Protection Officer at