Twin Oaks’ Software Development, Inc. Privacy and Security Policy

This policy was last updated on December 4, 2012.

PRIVACY AND SECURITY POLICY

Welcome to one of the websites of Twin Oaks Software Development, Inc. (“Twin Oaks,” “we,” “us,” or “our”), which provides payment processing and related services, and services accounts, for fitness facilities and health clubs, among others (each, a “Club”). All of the websites owned or operated by Twin Oaks and which contain a link to this Privacy and Security Policy are collectively, together with all services available through such websites, referred to as the “Site.”

This policy describes the way we collect, store, use, and protect your personal information. This Privacy and Security Policy applies to and is part of the Site, which is also governed by the Site’s Terms of Use. By using the Site, you signify your assent to the conditions stated in the Privacy and Security Policy and the Terms of Use. If you do not agree with this Privacy and Security Policy or our Terms of Use, you may not visit or use the Site. Our postal address is: 1463 Berlin Turnpike, Berlin, Connecticut 06037 – ATTN: Customer Service – Privacy and Security Policy. If you have additional questions or would like further information on this topic, please feel free to write to us or email us at webadmin@tosd.com. We may update this Privacy and Security Policy and our Terms of Use from time to time by posting a revised version on the Site without notice to you. The revised version will be effective at the time we post it, so please check our Privacy and Security Policy and our Terms of Use periodically for changes.

Personal information is information capable of being associated with a particular person through one or more identifiers, as more particularly described under applicable privacy legislation, including, but not limited to, a Social Security Number, a driver’s license number, a state identification card number, an account number, a credit or debit card number, a passport number, an alien registration number or a health insurance identification number, and does not include publicly available information that is lawfully made available to the general public from federal, state or local government records or widely distributed media.

How we collect information about you

We collect various types of information depending on how you use the Site.

Non-personal information. When you visit the Site, our servers, some of which are hosted by a third party, collect your IP address and standard web log information, such as your browser type the web page from which you entered the Site, the length of time of each visit, and the pages you accessed on the Site. By itself, an IP address is not personal information, although this information may be combined with other personal information. We also collect non-personal information from you by means of Cookies (See below for a discussion of Cookies). This automatically collected information provides us with data regarding the use of the Site, and we use this information to monitor and improve the Site. In particular, we use IP addresses to analyze trends, administer the Site, track users’ movements, and gather information for aggregate use. IP addresses are not linked to personal information.

Personal information. If a Club offers, you may become a member of the Club, make payments, change your personal information, and schedule and pay for specialty services at the Club, through use of the Site (“Services”). In the ordinary course of providing our core services for your Club, primarily the payment processing of membership dues and other payments, as well as the online services described, we collect and maintain personal information about you from you and from your Club. This information includes the following types of information:

  • Contact information – your name, address, phone(s), email, birth date, and other similar information.
  • Financial information – the bank account numbers and credit card numbers, with expiration date, for the accounts you choose to pay for your membership and/or other services at the Club, and if you use the Site for these purposes, a Personal Identification Number (“PIN”).

Before permitting you to use the Services, your Club may require you to provide additional information used to verify your identity or address or manage risk, such as your social security number or other information. We may also obtain information about you from your Club.

When you are using our Services, we collect information about your account transactions and we may collect information about your computer or other access device for fraud prevention purposes.

How We Use the Information We Collect

Our primary purpose in collecting personal information is to fulfill our payment processing and other obligations to your Club, and to assist the Club with the maintenance, billing and servicing of your account. We may use your personal information to:

  • Assist you in creating a membership account with the Club;
  • Process transactions you request with respect to your account with the Club;
  • Allow you to change your personal information;
  • Facilitate your scheduling of and payment for specialty services at the Club;
  • Prevent potentially prohibited or illegal activities, and enforce our Terms of Use;
  • Compare information for accuracy and verify it with your Club; and
  • Protect your account from unauthorized access or identity theft.

We only make your personal information available to your Club, except that on rare occasions we may be required to disclose your personal information by law pursuant to lawful requests such as subpoenas, court or agency orders, or as we may reasonably determine to be necessary to protect our rights or the rights of others, to deter fraud and credit risk, or to enforce our Terms of Use or this Privacy and Security Policy.

How We Share Personal Information

We do not share or use your personal information for marketing purposes. We will not sell or rent your personal information to third parties, except as disclosed in this Privacy and Security Policy. To perform the Services, and fulfill our obligations to the Club, we share your personal information with your Club. We may also share your personal information with:

  • Various departments of our company responsible for different aspects of the Services and our relationship with the Club;
  • Service providers under contract who help with parts of our business operations (examples include fraud prevention, agreements with financial institutions and others for payment processing, technology, and security). Our service providers, by contract, only use personal information in connection with the services they perform for us and not for their own benefit.
  • Companies that we would consider merging with, or being acquired by, or as part of a corporate reorganization, stock sale or other change in control.
  • When we believe, in good faith, that disclosure is appropriate to comply with the law or a regulatory requirement or to comply with a subpoena or court order; to prevent or investigate a possible crime, such as fraud or identity theft; to protect the rights, property or safety of its employees, customers and visitors to the Site.
How Do We Protect and Store Personal Information

Some of our servers are physically located at our business premises. Some of our servers are dedicated servers hosted on a secure network of a third party service provider with which we have a contract for the hosting and for other related services. Such contract requires, among other things, that the service provider will not use any of our confidential information except in performing services for us, or as required by law to protect its servers. Further, our service provider is required to comply with security practices, procedures, and controls set forth in the contract.

Although no website can fully eliminate security risks and no data transmission over the internet can be guaranteed to be 100% secure, we employ various security measures designed to help protect the personal information that we collect about you. Our privacy policies are the same whether you are online or not, although we have extra measures to protect your privacy when you use the Services on the Site. We maintain reasonable physical, electronic and procedural safeguards that comply with federal and state regulations to guard your Social Security Number and other personal information. The information you provide to us online is protected by firewalls and Secure Socket Layer (SSL) technology. SSL scrambles your account information as it moves between your PC’s browser and our computer systems. When information is scrambled, or encrypted in this way, it becomes nearly impossible for anyone other than Twin Oaks to read it. This secure session helps protect safety and confidentiality of your personal information when you interact with us online.

If you use the Site to enter personal information, or change your personal information, this information is sent to your Club electronically in encrypted format for review and/or approval.

We enforce physical access controls to our buildings and files, and we authorize access to personal information only for those employees who require it to fulfill their responsibilities. All documents, materials, or computer screens that display all or more than four sequential digits of a Social Security Number or your personal information are kept out of public view at all times. All documents containing Social Security Numbers and other personal information are stored in a physically secure manner, such as a locked safe, and no personal information is stored on computer or other electronic devices that are not secured against unauthorized access.

Documents containing personal information are retained in accordance with the requirements of federal and state law. At such time as documents containing personal information may be disposed of, we dispose of physical documents and electronic media containing Social Security Numbers and other personal information in such a manner that destroys, erases, or makes unreadable the data, computer files and documents containing personal information through the use of disposal methods such as shredding and the use of electronic “scrubbing” programs that permanently erase all data stored on electronic media.

We take reasonable measures to enforce this Privacy and Security Policy, and to correct and prevent the reoccurrence of any known violations. Any employee who knowingly obtains, uses or discloses personal information for unlawful purposes or contrary to the requirements of this Privacy and Security Policy or applicable law is subject to discipline up to and including termination of employment. We cooperate with appropriate law enforcement and administrative agencies in the apprehension and prosecution of any person who knowingly obtains, uses, or discloses personal information through the Company for unlawful purposes. We have a duty to inform you of any breach of security involving your personal information, if such were ever to occur. We have no control over the public or third party network through which you send your personal information to the Site.

What are Cookies and Do We Use Them?

A cookie is a small piece of information that our Site places on your computer. The cookie is saved on the hard drive by your computer’s browser. It holds information our Site may need to interact with you and personalize your experience, and helps the Site recognize you. When you return to the Site, your browser gives data back to our server. Contrary to reports about cookies and online privacy, cookies do not contain viruses and most cannot reveal any personal information about you unless you willingly provide it as a use of the Site and our Services.

As a matter of security, we do not imbed your Social Security Number or other personal information in our cookies. Any personal information you provide to us in utilizing the Site is stored safely and separately on our secured servers, and you need a password to access it.

Most web browsers allow you to exercise control over cookie files on your computer by erasing them, blocking them, or notifying you when such a file is stored. Please take a look at your particular browser for instructions on this function. If you do elect to disable our cookies, please note that you may not be able to take full advantage of a personalized experience on the Site.

If you are a registered user of the Site, we recommend that you complete your online transactions and log off before surfing to other sites or turning off your PC. We also suggest that you do not surf to other sites during your online session on the Site.

Policies for Children

From our Site, we do not knowingly collect or use personal information from children under the age of 18.

Links to and from Other Websites

We are not responsible for the privacy practices and policies of non-Twin Oaks websites, including your Club. We have no knowledge of how your Club or any third party uses cookies, or how they collect, use, store, and protect your personal information. You should read the legal, privacy and security information contained in each and every website you visit.

Acceptance of Privacy and Security Policy and Terms of Use

By viewing, accessing, or using this Site; becoming a member of your Club, accessing or modifying your account information, making a payment, and/or by scheduling and paying for specialty services offered by your Club by using the Site, you accept and agree to all the terms, conditions and notices contained in or referenced on the Site, including this Privacy and Security Policy and our Terms of Use, into which this Privacy and Security Policy is incorporated. If you do not agree with all of the terms, conditions and notices in the Site or the Terms of Use, you may not use the Site or any Service or information provided by the Site.

Public Display

This Privacy and Security Policy is the publicly displayed privacy protection policy of Twin Oaks Software Development, Inc. in accordance with §42-471 of the Connecticut General Statutes.