VIP Software
Privacy Policy

1 Scope

This Privacy Policy applies to the information that VIP Software obtains on behalf of its clients and their customers.  

The extent of our collection of data includes:
- Websites SaaS Product offerings
- Downloadable data from Estimating Tools (XactAnalysis and Symbility)

It does not include:

Third party products clients choose to integrate to VIP Software products and
service offerings.

A "Device" is any computer used to access the VIP Software SaaS products, including without limitation a desktop, laptop, mobile phone, tablet or other consumer electronic device.Unless otherwise stated, our SaaS products and our downloadable products are treated the same for the purposes of this document.

By accepting VIP Software’s SaaS product, VIP Software assumes clients have accepted the collection, transfer, processing, storage and other uses described in this Privacy Policy.

2 Policy

2.1 Coverage
This Policy covers all data that is uploaded, submitted, posted, created, transmitted, stored or displayed in VIP Software’s applications.

2.2 Customer personal information
Information that may be collected such as: name, address, email address or phone number. Personal Information does not include any personal financial data except for policy and claims information stored in Insurers’ Policy and Claims systems and Estimating tools, i.e. Symbility and XactAnalysis. Except for this type of customer information, no other customer information is collected, stored, transmitted or processed in VIP Software’s system.

2.3 Changes to VIP Software’s privacy policy
VIP Software reviews all policies during a yearly review process and may change this Privacy Policy during the review or as needed.

2.4 Data on file, transmitted or processed

2.4.1 Account and profile information

Information on all users are collected and stored for each user who is invited to use VIP Software’s systems.

Information collected includes:
- Contact information such as name, email address of client users; contact information of client customers including name, address, telephone numbers, email address and claims property addresses.
- Claims amounts
- Account information such as a username and passwords which are stored in encrypted format on all VIP Software’s databases for access to VIP Software’s systems.
- Policy information on a need to know basis for client customers.

2.4.2 Usage information

Web logs

Information on interactions with VIP Software’s websites and SaaS products. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, system configuration information. In the case of our SaaS Product, the URLs accessed include usernames as well as elements of content as necessary for the SaaS Product to perform the requested operations.

Analytics information from website and SaaS products
Analytics information to improve products and services such as the username, sizes and original filenames of attachments, and additional information required to detail the operation of the function

Analytics information derived from content
Analytics information also consists of data to understand broader patterns and trends but does not include any customer personal information.

2.4.3 Data collected from other sourcesInformation from third party services: VIP Software downloads data from estimating tools
Symbility and XactAnalysis. Any access to such information is in accordance with the authorization procedures determined by that service.

2.4.4 VIP Software’s usage of customer data

- To process and complete transactions
- To provide customer service to resolve production issues
- To investigate and prevent fraudulent transactions, unauthorized access and other illegal activities

VIP Software does not collect or process PII, SSN, credit card or any other financial information except policy and claims data downloaded from the estimating tools. The use of information collected through VIP Software applications shall be limited to the purposes disclosed in this policy.

2.4.5 Information sharing and disclosure

VIP Software does not share or disclose client or customer personal information or content with third parties except as described in this policy.  

2.4.6 Access by client company administrators.

Client Company Administrators may from time to time access user emails and contact information for the purposes of providing access to company and third party users of VIP Software’s systems.

2.4.7 Service providers, business partners and others

VIP Software works with third party service providers to provide website, application development, hosting, maintenance, back-up, storage, virtual infrastructure, payment processing, analysis and other services. No production information on client customers is shared with any third party business parties or providers with the exception of clients and users calling in or providing information to VIP Software’s support staff for the purposes of resolving system and data issues.VIP Software requires all third party partners to sign confidentiality agreements prior to access of any confidential data and information.

2.4.8 Compliance with laws and law enforcement requests; protection of rights

VIP Software may disclose information (including customer personal information) to a third party if

(a) VIP Software believes that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request,
(b) to protect the security or integrity of VIP Software’s products and services, or (c) to protect VIP Software staff, clients or the public from harm or illegal activities. Such disclosure will be discussed with the appropriate clients based on this privacy policy and gain approval prior to any required disclosure.

2.4.9 Data storage, transfer and security

VIP Software’s infrastructure is hosted by IT Authorities in two US locations.  The servers on which personal information is stored are kept in a controlled environment. Personal information in websites or SaaS products are maintained at levels of protection. Where data is transferred over the internet as part of a website or SaaS product, the data is encrypted using industry standard SSL (HTTPS). Downloaded data utilizes SSL to prevent interception of data transmitted over networks and to restrict access to the databases and other storage used to hold data.Data stored in VIP Software’s hosted data bases is always maintained in US data centers within IT Authorities. No production data is shared outside the US. Data stored in VIP Software’s application data bases is encrypted using Azure Encryption Services.  VIP Software retains account information for as long as user accounts are active. If account access is managed by a company administrator, that account administrator may have control with regards to how user account information is retained and deleted.

2.4.10 Employee and contractor privacy and confidentiality agreements and yearly training

All employees and contractors must sign Privacy and Non-Disclosure agreements prior to working on any VIP Software systems.  They must also attend and take a Privacy and Security training course each year, which requires evidence that the course was taken and the test associated with the course was passed. The CISO maintains all certifications.

3 Policy Compliance

3.1 Non-Compliance
An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.