This Privacy Statement sets out how Engageware uses and protects any personal information and data (“Information”) provided to an Engageware group company, including TimeTrade Systems, Inc., SilverCloud, LLC, Aivo America Corp., and its affiliates, all DBA Engageware (collectively, “Engageware”). Engageware is fully committed to maintaining your confidence, trust and your privacy. Any questions you have regarding this policy can be directed to
privacy@engageware.com.
This Privacy Statement applies to users located in the United States, the European Union (“EU”), the European Economic Area (“EEA”), the UK, Switzerland, Argentina, Brazil and other jurisdictions where we operate. Depending on your location, different privacy laws may apply to your Information, including:
- the EU and UK General Data Protection Regulations (“GDPR”),
- Swiss Federal Act on Data Protection
- Argentina Personal Data Protection Law No. 25,326,
- Brazil (LGPD, Law No. 13.709/2018)
- applicable U.S. federal and state privacy laws.
By accessing our website, you agree to comply with and be bound by this Privacy Statement and the Terms and Conditions of Use published at
www.engageware.com/terms-of-use/ (the “Terms”). This Privacy Statement is incorporated into those Terms, and capitalized terms used, but not defined herein, have the meanings ascribed to them in the Terms.
PLEASE READ THIS PRIVACY STATEMENT CAREFULLY, AND PLEASE CHECK THIS PRIVACY STATEMENT FREQUENTLY, AS ENGAGEWARE RESERVES THE RIGHT TO CHANGE THIS PRIVACY STATEMENT AT ANY TIME WITHOUT NOTICE. BY ACCESSING THE WEBSITES OR ENGAGEWARE SERVICES AFTER THE “LAST UPDATED” DATE SET FORTH BELOW, YOU ARE DEEMED TO CONSENT TO OUR THEN-CURRENT PRIVACY STATEMENT.
1. What we collect
When you visit an Engageware website for information regarding our products, promotions, employment opportunities or to register to use Engageware’s services, Engageware may gather information about you. In addition, the Engageware services allow our clients (“Clients”) to collect information from their users or customers (“Users”) for the purpose of utilizing the services. Typically, the information collected by Engageware includes:
- Client Information: Name, email address, telephone number, mailing addresses, billing information, and time zones.
- User Information: Contact information such as names, email addresses, mailing addresses, phone numbers, and other information about Users as requested by our Clients.
- Visitor Information: information about your computer and your visits to our websites, such as your IP address, geographic location, browser type, referral source, length of visit, and pages viewed.
- Video and Image Data: Videos and images that you upload, share, or store through our service with consent.
- Financial Data: credit/debit card data, personal bank account information, and billing data, as defined in applicable U.S. state privacy law classifications (including the CCPA/CPRA and similar state statutes) as “Sensitive Information”, under which financial data constitutes a special category requiring heightened protection. For European Users, this financial data does not constitute “special categories of personal data” within the meaning of GDPR. Engageware does not process special category data (such as data revealing racial or ethnic origin, health, biometric, or similar data).
If you disclose any Information to us, you consent to our processing and use of such Information in accordance with this Privacy Statement.
2. What we do with the information
We process and use Information for the following purposes:
- for recordkeeping purposes with respect to the contracting and provision of the services, including payment procedures and communication regarding requested services.
- to contact you directly regarding Engageware services, career opportunities and/or to respond to your inquiries.
- to send promotional emails about new products, relevant news or other information which we think you may find interesting using the email address which you have provided.
- to improve the overall experience of using the Engageware services or websites by checking details of visits including, but not limited to, traffic data, location data, weblogs, communication data and other general statistics regarding use of the websites.
- for complying with our legal obligations under applicable laws to protect our rights or enforce our contracts, pursuing remedies available to us, or complying with lawful requests or judicial proceedings.
3. Personal data retention and your rights
Engageware retains Information only for as long as necessary to fulfil the purpose for which it was collected and to comply with applicable legal, regulatory, and internal policy requirements. The applicable retention period is determined by the following criteria:
- The duration of the contractual relationship with the Client/User
- The existence of a legal obligation requiring retention under applicable law
- The applicable statute of limitations for legal claims
- Any legitimate interest that may justify continued retention
When Information is no longer required, we securely delete or anonymize it. You have the right to access your Information and to request that Engageware limit its use or disclosure of, change, delete or correct your data at any time. Should you wish to do so, please contact us by email to
privacy@engageware.com, and we will respond within a reasonable timeframe. Except as specified elsewhere in this Policy Statement, Engageware considers all User information collected by Engageware on behalf of a Client to be the proprietary information of the applicable Client. Accordingly, all User Information is controlled by the Client and is subject to the Client’s privacy policy and practices, which may differ from this policy. We make no representation or warranty as to the privacy policies or practices of third parties, including our Clients or providers of third-party applications. Engageware will not share a User’s Information with anyone except the applicable Client or a third-party service provider performing services on behalf of Engageware.
4. Security
Engageware’s website and services have suitable administrative, technical, and physical safeguards in place designed to protect your Information from loss, misuse, and unauthorized access, disclosure, alternation, or destruction. Engageware utilizes industry adopted server and database security measures, including encryption of personal data over public networks. Engageware also limits its employee’s access to Information. Despite these protections, no information system is 100% secure, so we cannot guarantee the absolute security of your Information at all times.
5. Credit card transactions
Online credit/debit card data (credit/debit card numbers, CVV, and expiration dates) related to certain subscription services that we offer through our online ordering method is collected and processed exclusively by our third-party payment processors, who are certified at the highest level of PCI DSS v4.0 compliance and holds SOC 1, SOC 2, and ISO 27001 certifications. Engageware does not store, process, or transmit full payment card data on their own systems. Only tokenized payment references are retained for billing management purposes. Our third-party payment processor acts as a data processor on our behalf and is bound by appropriate data processing agreements. Financial data will not be shared with any party not directly involved with billing.
6. Third parties
Engageware uses third-party service providers who work on our behalf and who are bound by contract to keep all Information confidential and use the Information solely to carry out the services that they are performing for us. For example, Engageware uses third party service providers to assist with the following: Hosting of the application servers and collected Information, sending appointment confirmations, sending reminder e-mails and text/SMS messages. In addition, our services include some features which allow Clients to integrate with third party applications and which may bring in data from those applications to the services provided by Engageware. For more information about the purpose and scope of data collection from such third-party applications, please review the privacy policies of third parties which provide such applications.
7. Devices, cookies, and similar technologies
Engageware uses cookies and similar technologies to analyze trends, administer the website, track users’ movements, and gather demographic information. Cookies allow us to track overall usage, recognize users, and provide a customized experience. We also use web beacons to track the effectiveness of our emails and improve our communications. Most web browsers automatically accept cookies, but you can modify your browser settings to decline cookies if you prefer. Disabling the support of browser cookies is not recommended since non-use of cookies may lead to reduced functionality and or an unsatisfactory user experience.
8. Children’s privacy
Engageware’s services are not directed to children under the age of 16, and we do not knowingly collect personal data from children under the age of 16. If we become aware that we have inadvertently received personal data from a child under the age of 16, we will delete such information from our records.
9. Residents of the EU/EEA, UK and Switzerland (EU GDPR, UK GDPR and Swiss Federal Act on Data Protection)
This Section supplements the terms of this Privacy Statement for individuals located in the EU/EEA, UK and Switzerland. In accordance with applicable laws, Engageware processes personal data under one or more of the following legal bases:
- consent;
- performance of a contract;
- compliance with legal obligations; and/or
- legitimate business interests.
Where processing is based on consent, you may withdraw consent at any time. Information may be disclosed to authorities, Engageware affiliates, partners, and third-party service providers. Transfers outside the EU/EEA, the UK or Switzerland, including to the United States and Latin American countries, are performed subject to appropriate safeguards to protect your data in a manner which provides a degree of protection similar to the EU (or UK or Switzerland as applicable). To achieve this, we rely on Standard Contractual Clauses or other lawful transfer mechanisms approved by the European Commission with our third-party providers outside of the EEA (or UK or Switzerland as applicable). By providing us with your Information, you agree to such transfer and/or processing.
Engageware remains accountable for processing of the personal data in case of onward transfer.
Engageware complies with the EU-U.S. Data Privacy Framework (“EU-US DPF”), the UK Extension to the EU-U.S. DPF and the Swiss – U.S. Data Privacy Framework (“Swiss – U.S. DPF”) as set forth by the U.S. Department of Commerce. Engageware has certified to the U.S. Department of Commerce that we adhere to the EU – U.S., UK Extension to the EU-US DPF and Swiss – U.S. DPF Principles with regard to the processing of personal data received from the EU, the UK (and Gibraltar) and Switzerland in reliance (each to the extent applicable) on the EU – U.S., UK Extension to the EU-US DPF and Swiss – U.S. DPF.
If there is any conflict between the terms in this Privacy Statement and the EU-U.S., UK Extension to the EU-US DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles (each to the extent applicable) shall govern. To learn more about the Data Privacy Framework, and to view Engageware’s certification, please visit
https://www.dataprivacyframework.gov/.
In compliance with the EU – U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss U.S. DPF, Engageware commits to resolve complaints about our collection or use of your personal information. Individuals in the European Union, the United Kingdom and Switzerland, as applicable, with inquiries or complaints regarding our Privacy Statement or EU-US DPF Principles the UK Extension to the EU-U.S. DPF and or the Swiss-US DPF should first contact
privacy@engageware.com. We will respond to your inquiry promptly. Alternatively, Engageware has designated an EU Representative as the point of contact for data subjects and supervisory authorities within the European Union:
Augusto Oliva – Head of International Administration & Finance. Madrid, Spain /
oliva@engageware.com. European Users and supervisory authorities may contact the EU Representative directly for any matters relating to the processing of personal data or the exercise of rights under the GDPR.
In compliance with the EU – U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss U.S. DPF Engageware commits to cooperate and comply with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs, the UK’s ICO or the Swiss FDPIC for more information or to file a complaint. Their services are provided at no cost to you.
If we transfer personal information received under the EU-US DPF, the UK Extension to the EU-U.S. DPF and or the Swiss-US DPF to a third party, the third party’s access, use, and disclosure of the personal data must also be in compliance with our EU-US DPF, the UK Extension to the EU-U.S. DPF and or Swiss-DPF obligations, and Engageware will remain liable under the EU-US DPF, the UK Extension to the EU-U.S. DPF and or the Swiss-US DPF for any failure to do so by the third party unless we prove we are not responsible for the event giving rise to the damage. Engageware is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Under certain conditions, an individual can invoke binding arbitration. Engageware will disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
10. Controller of data
Data protection laws in certain jurisdictions differentiate between the “controller” and “processor” of personal data. In general, our Clients are the controller of Client and User Information and we are the processor of Client and User Information. For other personal data, for instance for business contact information, we may be the controller of such personal data, and, if applicable, you may contact us at
privacy@engageware.com.
11. Opt out
To opt out from receiving Engageware announcements of certain information you can use the “unsubscribe” links in the email messages. To view, remove, change, or transfer the Information collected by the websites, please send a written request detailing your desired action to
privacy@engageware.com, or you may send the request to:
Data Privacy & Compliance
Engageware
700 District Avenue, 6th Floor
Burlington, MA, 01803
12. Requests to view, remove, change, or transfer your information collected by a client
As noted above, Engageware considers all User Information collected by Engageware on behalf of a Client to our services, to be the proprietary information of the applicable Client. A Client may share your information pursuant to their own privacy policies. To initiate a request to modify the collected information from a Client’s data set, you must contact the Client (the company you interacted with, via the Engageware services) and request the desired action. The Client should have provided you with the appropriate contact information during the interaction. If you are unable to resolve your request with the Client, please provide the name of the Engageware Client who you interacted with to Engageware. We will refer your request to that Client and will support them as needed in responding to your request.
13. Residents of The State of California (California Consumer Protection Act, CCPA)
If you are a resident of California you have additional data rights pursuant to the applicable sections of the CCPA. Please reference the various sections of this Privacy Statement for the categories and description of the data collected and its usage and the available remedies if you would like to add, change or remove your data or if you believe that your data is not being used appropriately. Note that Engageware does not sell, trade or use your information for compensation or for other considerations to, or with, any third parties.
14. Residents of the Argentine Republic (Personal Data Protection Law 25.326 (LPDP))
This section applies exclusively to personal data subjects located in the Argentine Republic and supplements the terms of this Privacy Statement for those data subjects.
The entity responsible for processing personal data of Argentine data subjects and duly registered with the Agency for Access to Public Information (AAIP) is Y2K NETWORKS S.A. Hipólito Yrigoyen 146, Córdoba, Argentina – (part of the Engageware group companies with its email address at
privacy@engageware.com)
Engageware maintains the following databases registered with the AAIP for Argentine data subjects:
| Database |
Data Subjects |
Purpose |
| Customers and Users |
Corporate clients |
Provision of contracted services, billing, and support |
| Employees |
Y2K NETWORKS S.A. staff |
Employment management, payroll, legal compliance |
| Suppliers |
Vendors and contractors |
Commercial management and contractual compliance |
The processing of personal data of Argentine Data Subjects is carried out on the basis of:
- Contractual performance: for customers, users, and suppliers, within the framework of the commercial relationship
- Legal obligation: for employees, in compliance with Argentine labor, social security, and tax legislation
- Free, express, and informed consent (Art. 5 LPDP): for any processing that exceeds contractual purposes or legal obligations
In accordance with Art. 2 of Law 25.326, sensitive data is defined as data revealing racial or ethnic origin, political opinions, religious or moral beliefs, trade union membership, information relating to health or sexual life, and criminal conviction data. Engageware does not process sensitive data unless strictly necessary and with the express written consent of the data subject, or where processing is authorized by law.
Personal data of Argentine data subjects may be transferred to the United States. Such transfers are carried out under the corresponding agreements and with the adequate safeguards required.
Argentine personal data subjects have the following rights:
| Right |
Description |
Response Period |
| Access |
Obtain information about the data processed and its origin |
5 business days |
| Rectification |
Request correction of inaccurate or incomplete data |
5 business days from the time the error is established |
| Erasure |
Request deletion of data where processing does not comply with the law |
5 business days from the time the non-compliance is established |
| Confidentiality |
Request that data be blocked where neither rectification nor erasure is possible |
5 business days |
The exercise of these rights is free of charge and may be exercised every 6 months, unless a legitimate interest is demonstrated for more frequent exercise.
To exercise any of these rights, the data subject must send a written request to:
privacy@engageware.com
LPDP Notice — Right of Access: “The personal data subject has the right to access their data free of charge at intervals of no less than six months, unless a legitimate interest is demonstrated in accordance with Article 14, paragraph 3 of Law No. 25.326. The AGENCY FOR ACCESS TO PUBLIC INFORMATION, in its capacity as the supervisory body under Law No. 25.326, has the authority to handle complaints and claims filed in connection with non-compliance with personal data protection regulations.”
Argentine data subjects who believe their rights have been violated may file a complaint with: Agency for Access to Public Information (AAIP)
www.argentina.gob.ar/aaip /
datospersonales@aaip.gob.ar
Personal data of Argentine data subjects will be retained only for as long as necessary to fulfill the purpose for which it was collected, in accordance with the data quality principle established in Art. 4 of Law 25.326. Once that purpose has been fulfilled, the data will be deleted or anonymized, unless its retention is required by a legal obligation. Once the applicable retention periods have elapsed, and in the absence of any legal obligation requiring further retention, the data will be deleted in a secure and irreversible manner.
Any amendments to this Section will be communicated to Argentine data subjects with a minimum of 30 days’ notice by email or prominent notice on the website. Continued use of the service following such notice will constitute acceptance of the changes.
15. Residents of the Federative Republic of Brazil (LGPD, Law No. 13.709/2018)
This section applies exclusively to personal data subjects located in Brazil and supplements the terms of this Privacy Statement for those data subjects. Processing of personal data of Brazilian data subjects is overseen by the Autoridade Nacional de Proteção de Dados (ANPD). Engageware has designated a Data Protection Officer (Encarregado) with a contact at:
privacy@engageware.com.
Personal data of Brazilian data subjects is processed based on one or more of the following: consent; performance of a contract; compliance with a legal or regulatory obligation; legitimate interests; or regular exercise of rights in legal proceedings.
Brazilian data subjects have the additional right to: request data portability in a structured, interoperable format; request human review of decisions made solely on the basis of automated processing; and obtain information about the consequences of denying consent. All requests will be responded to within 15 days. Alternatively, Engageware has designated a Brazilian Representative as the point of contact for data subjects and supervisory authorities within Brazil:
Antonio Mariano Arias Etchebarne – Brazil Legal Representative /
arias@allende.com. Brazilian users and supervisory authorities may contact the Brazil Legal Representative directly for any matters relating to the processing of personal data or the exercise of rights under the LGPD.
In the event of a security incident that may result in risk or harm to Brazilian data subjects, Engageware will notify the ANPD and affected individuals within a reasonable timeframe, in addition to the general security measures described in this Privacy Statement.
Brazilian data subjects may file complaints with: Autoridade Nacional de Proteção de Dados (ANPD) —
www.gov.br/anpd /
anpd@anpd.gov.br.
16. Contacting us
Please direct any questions or requests regarding our Privacy Statement to our privacy coordinator at
privacy@engageware.com, or contact us at 1-877-884-9224
Last reviewed 06/01/2026
