Privacy Policy

Introduction

Everbridge, Inc., (“Everbridge,” “Company”, “we,” “our,” or “us”) respects your privacy and are committed to protecting it through our compliance with this Mobile App Privacy Policy (the “Policy”). This Policy describes:

• The types of information we may collect or that you may provide when you purchase, download, install, register with, access or use our secure messaging services, such as HipaaBridge or SecureBridge (each, the “App”). This Policy supersedes and replaces our privacy policy with respect to these Apps only. For other services, please refer to our privacy policy located on www.everbridge.com, or as otherwise indicated in the relevant service.
• Our practices for collecting, using, maintaining, protecting and disclosing the information we obtain through your download of, installation of, access to, registration with, or use of the App.

This Policy applies only to information we collect in or through the App and, in or through email, text and other electronic communications sent through the App. This Policy will not override the terms of a Client Services Agreement in effect between you and Everbridge. A “Client Services Agreement” refers to the written contract executed by, and applicable to, a client in receipt of the Everbridge Services. These may be in the form of a services agreement (typically our Core Platform Agreement), (beta) license agreement, pilot agreement, end user agreement, or any other written agreement between Everbridge and the client. This Policy DOES NOT apply to information that:

• We collect offline or on any other Company apps or websites, including websites you may access through this App.
• You provide to or is collected by any third party (see Third-party Information Collection).

Everbridge offers websites and other apps that are subject to other privacy policies. Third parties you may access through the App may also have their own privacy policies. We encourage you to read these other policies before providing information on or through these other websites or apps.

Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, do not download, install, register with, access, or use the App. By downloading, installing, registering with, accessing, or using the App, you agree to this Policy. This Policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of the App after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

Applicable Law; Security

To the extent applicable, Everbridge agrees to abide by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), Health Information Technology for Economic and Clinical Health Act (“HITECH Act”), and the Gramm-Leach-Bliley Act, in connection with the operation of the services provided through the App. Everbridge’s IT security and compliance program includes the following industry standards generally adopted by U.S. based SaaS providers: (i) reasonable and appropriate technical, organizational and security measures against the destruction, loss, unavailability, unauthorized access or alteration of client data in the possession or under the control of Everbridge, including to ensure the availability of information following interruption to, or failure of, critical business processes; and (ii) a third party audit of its security controls as provided in the “Privacy and Security Compliance” link on www.everbridge.com.

In addition, we are a participant in the US-EU Safe Harbor Framework and US-Swiss Safe Harbor Framework. We have certified that we adhere to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. In compliance with the US-EU and US-Swiss Safe Harbor Principles, Everbridge commits to resolve complaints about your privacy and our collection or use of your personal information. Inquiries or complaints regarding this Policy, including from European Union or Swiss citizens, may be directed to us at the contact information provided below.

The App is hosted in the United States and is governed by United States law. If you are using the App from outside the United States, please be aware that your information may be transferred to, stored and processed in the United States where our servers are located and our databases are operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. By using the App, you consent to your information being transferred to our facilities and to the facilities of those third parties with whom we share it as described in this Policy.

Children Under the Age of 13

The App is not intended for children under 13 years of age, and we do not knowingly collect personal information from children under 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any personal information from a child under 13, please contact us at privacy@everbridge.com.

Information We Collect and How We Collect It

We collect information from and about users of our App:

• Directly from you when you provide it to us.
• Automatically when you use the App.

Information You Provide to Us

When you download, install, register with, access, or use the App, we may ask you to provide information:

• By which you or others may be personally identified, such as name, address, e-mail address, and telephone number (“personal information”).

This information may include, but is not limited to:

• Information that you provide by filling in forms in the App. This includes personal information provided at the time of registering to use the App or requesting further services. We may also ask you for information when you report a problem with the App.
• Records and copies of your correspondence (including e-mail addresses and phone numbers), if you contact us.
• Communications through the App. For example, you may provide us with information when you direct the App to communicate with other users of the App you are using or another App (i.e., a HipaaBridge user can message a SecureBridge user) (“User Messages”).
• Stored information and files. At your request or with your permission, we may access information and files stored on your mobile device or external server, such as photographs, audio and video clips, personal contacts, address book information and electronic health records. You may, for example, direct the App to access such information and files to send User Messages.

Automatic Information Collection

When you download, install, register with, access, or use the App, it may use technology to automatically collect:

• Usage Details. We may automatically collect certain details of your access to and use of the App, including traffic data, logs and other communication data and the resources that you access and use on or through the App.
• Device Information. We may collect information about your mobile device and internet connection, including the device’s unique device identifier, IP address, operating system, browser type, mobile network information and the device’s telephone number.
• Stored Information and Files. We may also automatically access metadata and other information associated with other files stored on your device. Such files may include, for example, photographs, audio and video clips, personal contacts and address book information when such files are accessed by the App at your request or with your permission.
• Mobile Analytics. We use mobile analytics software to allow us to better understand the functionality of the App on your mobile device. This software may record information such as how often you use the App, the events that occur within the App, aggregated usage, performance data, and where the App was downloaded from. We do not link the information we store within the analytics software to any personal information you submit through the App.

If you do not want us to collect this information, do not download the App or, if you have already downloaded it, immediately delete it from your device. For more information, see “Your Choices about Our Collection, Use and Disclosure of Your Information.”

Information Collection And Tracking Technologies

The technologies we use for automatic information collection may include:

• Cookies (or mobile cookies). A cookie is a small file placed on your mobile device. It may be possible to refuse to accept mobile cookies by activating the appropriate setting on your mobile device. However, if you select this setting you may be unable to access certain parts of our App or certain functionalities within the App.

Third Party Information Collection

Automatic Collection by Third Parties. When you access or use the App or its content, certain third parties may use automatic information collection technologies to collect information about you or your device. We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. These third parties may include:

• Your mobile device manufacturer.
• Your mobile service provider.

Voluntary Disclosure of User Messages to Third Parties. We offer enterprise versions of the App for businesses and other entities (each an “Entity Purchaser”). The employees, contractors, or other agents affiliated with that Entity Purchaser (each, an “Entity User”) may obtain a version of the App through the Entity Purchaser. If your User Messages are sent to an Entity User, the Entity Purchaser will be able to view certain information, including all communications between you and that Entity User, and all data associated with those communications, such as your name, the time and date of each communication, and whether each communication was a video chat, phone call, or text message. Likewise, if you are an Entity User, your affiliated Entity Purchaser will be able to view certain information, including all communications between you and other users of the App, and all data associated with those communications, such as the name of the individuals you communicate with, the time and date of each communication, and whether each communication was a video chat, phone call, or text message. Entity Purchasers may access and view the content of such communications with Entity Users if you use either the HipaaBridge or the SecureBridge product. By communicating as an Entity User or with an Entity User, you expressly understand and agree to disclose your User Messages with the affiliated Entity Purchaser(s).

How We Use Your Information

We use information that we collect about you or that you provide to us, including any personal information, to:

• Provide you with the App and its contents, and any other information, products or services that you request from us.
• Fulfill your requests.
• Carry out our legal and contractual obligations.
• Enforce our rights arising from any contracts entered into between you and us.
• Notify you when App updates are available, and of changes to any products or services we offer or provide though the App.
• Offer you products or services that we believe may be of interest to you.

For personal information that constitutes protected health information under HIPAA, we may use your personal information for the proper administration of Everbridge, provided that such access, use, or disclosure would not violate HIPAA, the HITECH Act, the HIPAA Regulations, or applicable state law if done or maintained by the applicable HIPAA covered entity.

We use the App usage information we collect to improve our App and to deliver a better and more personalized experience. This information enables us to, for example:

• Estimate our audience size and usage patterns.
• Speed up your searches.
• Recognize you when you use the App.

Disclosure of Your Information

We reserve the right to use or disclose aggregated and/or de-identified information about our users (information that does not identify any individual) without limitation for any purpose, and such information is not subject to any restrictions under this Policy.

Consistent with any applicable obligations we have under HIPAA, the HITECH Act, or the Gramm-Leach-Bliley Act, we may disclose personal information about you:

• To our subsidiaries and affiliates.
• To contractors, service providers and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.
• To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Everbridge’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information held by Everbridge about our App users is among the assets transferred.
• To fulfill the purpose for which you provide it.
• For any other purpose disclosed by us when you provide the information.
• To healthcare providers or other third parties with your consent or at your direction, such as consent provided through the App. This includes disclosures to applicable Entity Purchasers. As noted above, if you communicate with an Entity User you are directing us to share certain information with the affiliated Entity Purchaser. This includes all communications between you and that Entity User, and all data associated with those communications, such as your name, the time and date of each communication, and whether each communication was a video chat, phone call, or text message. Likewise, if you are an Entity User, you are directing us to share certain information with your affiliated Entity Purchaser, including all communications between you and other users of the App, and all data associated with those communications, such as the name of the individuals you communicate with, the time and date of each communication, and whether each communication was a video chat, phone call, or text message.
• To comply with any court order, law or legal process, including to respond to any government or regulatory request. For example, we may disclose your information in accordance with our legal obligations under HIPAA and associated business associate agreements we enter into.
• To enforce our rights arising from any contracts entered into between you and us, including the App Terms of Use or Client Services Agreement, as applicable.
• If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Everbridge, our customers or others. However, all such disclosures shall comply with any applicable Client Services Agreement.

Your Choices about Our Collection, Use and Disclosure of Your Information

We strive to provide you with choices regarding the personal information you provide to us and to Entity Purchasers. This section describes mechanisms we provide for you to control certain uses and disclosures of your information.

• Tracking Technologies. You can choose whether or not to allow the App to collect information through other tracking technologies through the settings on your mobile device. If you disable or refuse cookies or block the use of other tracking technologies, some parts of the App may then be inaccessible or not function properly.
• Disclosures to Entity Purchasers. By electing to communicate as an Entity User or with Entity Users, you elect to allow affiliated Entity Purchasers to access your communications as set forth in this Policy. If you are not an Entity User, you may choose not to communicate with Entity Users, and if you are an Entity User, you may choose to use a version of the App that is not affiliated with your Entity Purchaser.

Accessing and Correcting Your Personal Information

You can review and change your name or phone number by logging into the App and visiting your account profile page. Because your email address is your unique identifier you cannot change the email address unless you delete the App and re-register.

Except as provided in this Policy, you may also send us an e-mail at SecureBridge@everbridge.com or support@HipaaBridge.com, as applicable, to request access to, correct or delete any personal information that you have provided to us. We cannot delete your personal information except by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

If you delete your User Messages from the App, copies of your User Messages may remain in cached and archived pages, or might have been copied or stored by other App users or Entity Purchasers as applicable. Proper access to and use of information provided on the App, including User Messages, is governed by our Secure Messaging User Agreement located at https://everbridge.com/about/legal/secure-messaging-apps/user-agreement/

Please note that if you are accessing the App as an Entity User, you will need to make any changes to your contact information through the affiliated Entity Purchaser. Everbridge has no direct relationship with Entity Users whose data it processes on behalf of Entity Purchasers. An Entity User who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his/her query to the Entity Purchaser (the data controller). If the Entity Purchaser requests Everbridge to remove the data, we will endeavor to respond to their request within 30 business days.

Your California Privacy Rights

California Civil Code Section 1798.83 permits users of our App that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. We do not currently disclose your personal information to third parties for their direct marketing purposes.

California Do-Not-Track Disclosure

We are committed to providing you with meaningful information about the data collected through the App, and how you may modify or delete certain data. However, we do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations and solutions.

Data Security

We have put in place commercially reasonable physical, technical, and administrative safeguards to help prevent unauthorized access, use, alteration, and disclosure of the information we collect and store. All information you provide to us is stored in encrypted form on our secure servers behind firewalls. When you send User Messages through the App, we encrypt the transmission of that information using industry-standard technology. The security of your personal information and our clients’ information is important to us. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our App, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Before you relinquish ownership of your mobile device, we ask that you log out of the App and delete the App from your mobile device.

The proprietary technology in our Apps allows you to send HIPAA and HITECH compliant messages. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted through the App. Any transmission of personal information is at your own risk. When using the App to transmit confidential information, you are responsible for taking all necessary precautions to assure that information is not accessed by unauthorized third parties. This includes, for example, securing your mobile device from unauthorized access, and otherwise ensuring that unauthorized individuals may not view the information within the App. We are not responsible for circumvention of any privacy settings or security measures we provide. You further understand that when you send User Messages through the App, your User Messages may be passed along or made public by any recipient of your communication, including any applicable Enterprise Purchaser. You understand we cannot control the actions of these third parties.

Data Retention

Everbridge will retain personal information provided by our users of the App for only so long as needed to provide services to our users, including HIPAA covered entities and Enterprise Purchasers, in accordance with any applicable Client Services Agreement, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Future Business Transactions

As we continue to develop our business, we might undergo a change of ownership such as a merger and/or a sale of all or substantially all our stock or assets. In such transactions, user information, generally is one of the transferred business assets, and by submitting information through the App, data import, or any other means, you agree that such may be transferred to such parties in these circumstances. However, any party purchasing our assets will be subject to an obligation to maintain the integrity of your information. You will be notified via email and/or a prominent notice through the App of any change in ownership or any material changes in uses of user information, as well as any choices you may have regarding your information.

Changes to Our Privacy Policy

We reserve the right to update this Policy from time to time. If we make material changes to how we treat our users’ personal information, we will post the new Policy on this page with a notice that the Policy has been updated and notify you by an in-App alert the first time you use the App after we make the change.

The date the Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable e-mail address for you and for periodically visiting this Policy to check for any changes.

Contact Information

If you have any questions about this Policy or the practices of the App, please contact us at:

Everbridge
500 North Brand Blvd.
Glendale, California 91203
Email: privacy@everbridge.com
Phone: +1-818-230-9798