dashboardWISE Privacy Policy

dashboardWISE is committed to protecting and respecting your privacy. This Privacy Policy sets out the basis on which personal data we collect from you, that you provide to us, or that is provided to us by a Subscriber to the Service, will be processed by us.

Important B2B SaaS note (Subscriber vs. Authorized User vs. Subscriber's end-clients):

• A "Subscriber" is the organization that signs up for the Service (for example, a business or law firm).
• "Authorized Users" are individuals the Subscriber permits to use the Service.
• The Subscriber may upload or connect data that includes personal data relating to its own clients, customers, or staff.
• In many cases, dashboardWISE processes that data on the Subscriber's instructions, and the Subscriber controls what is uploaded, how it is used, and the lawful basis for processing.

For clarity in this Privacy Policy:

• "Personal Data" means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked with an identified or identifiable individual.
• "Subscriber Data" means information provided by a Subscriber (or on its behalf) to set up and administer its account, including billing, account contacts, and configuration.
• "Customer Content" means data, files, records, text, and other content submitted to the Service by or on behalf of a Subscriber or Authorized Users, including data imported from third-party services or integrated systems.
• "Controller" means the entity that determines the purposes and means of processing personal data.
• "Processor" means the entity that processes personal data on behalf of a Controller.

3.1 dashboardWISE as Controller (Account/Website Context): We act as a Controller for personal data collected to operate the Websites and to administer the business relationship with Subscribers and Authorized Users (for example, account registration, billing contacts, support requests, marketing preferences where permitted by law).

3.2 dashboardWISE as Processor / Service Provider (Service Context): We commonly act as a Processor (GDPR) or Service Provider/Processor (CCPA/CPRA) for personal data contained in Customer Content that Subscribers upload or connect to the Service. In that context, the Subscriber is typically the Controller (or "Business" under CCPA/CPRA) and determines what data is processed and why.

If you are an individual whose personal data is included in a Subscriber's Customer Content (for example, a client of a Subscriber), your relationship is generally with the Subscriber. Please direct your rights requests to that Subscriber first, because dashboardWISE may only be able to act on those requests based on the Subscriber's instructions and applicable law.

We may collect and process the following categories of information.

4.1 Information You Give Us

You may provide information by filling in forms on our Websites, creating an account or being added as an Authorized User, subscribing to the Service, communicating with us by email, phone, or otherwise, requesting support, demos, or information, and participating in surveys, promotions, webinars, events, or other communications.

This information may include:

• name, job title, company or organization name;
• work email address and phone number;
• mailing address and billing information;
• login credentials and account settings (including MFA settings if enabled);
• communications and support content (messages, tickets, attachments).

Payment information: Payment transactions are generally handled by third-party payment processors. dashboardWISE typically does not store full payment card details, though we may store billing metadata (for example, plan level, payment status, invoice history) and tokens or references provided by a processor.

4.2 Information Provided to Us by Subscribers

If a Subscriber designates you as an Authorized User, the Subscriber may provide your business contact details (for example, name and email) to provision access and manage permissions.

Subscribers may also upload or connect Customer Content that could include personal data relating to individuals (for example, contacts, billing records, matter records, notes) depending on the Subscriber's use of the Service.

4.3 Information We Collect Automatically (Websites and Service)

When you use the Websites or Service, we may automatically collect:

• Log and device data: IP address, browser type, device identifiers, operating system, language, referring and exit pages, and date/time stamps.
• Usage data: pages or features used, clicks, navigation patterns, interaction events, and performance diagnostics.
• Security data: authentication events, access logs, fraud prevention signals, and anomaly detection data.

We may combine automatically collected information with other information we collect to improve the Websites and Service, enhance security, and support operations.

We use cookies and similar technologies (such as pixels, beacons, tags, and scripts) on our Websites and, where applicable, in the Service to support functionality, security, preferences, analytics, and performance.

Cookies may be session cookies (expire when you close your browser) or persistent cookies (remain until deleted or expire).

5.1 Types of Cookies We Use

• Security cookies: authenticate users, protect accounts, prevent fraudulent use, and support security features.
• Preference cookies: remember settings and personalize your experience.
• Session state cookies: help the Websites and Service function properly and remember state across pages.
• Analytics cookies: help us understand how the Websites and Service performs and how users engage with features, to improve usability and reliability.

5.2 Third-Party Cookies

We may use third-party providers for analytics, communications, and payment processing. Depending on your configuration, these providers may set cookies or use similar technologies.

Examples may include tools for analytics and product measurement, email delivery and customer communications, and payment processing.

You should review the privacy and cookie policies of any third-party services that may apply. Where required by law, we will request consent for certain cookies or provide cookie controls.

5.3 Managing Cookies

You can restrict, block, or delete cookies through your browser settings. If you disable cookies, some features may not function properly.

We use personal data for the following purposes, depending on context and relationship.

6.1 Information You Provide to Us

We may use this information to:

• create, administer, and secure accounts;
• provide access to the Service and its features;
• perform our obligations under contracts with Subscribers (including Order Forms);
• provide customer support, respond to requests, and resolve issues;
• send important operational messages (for example, security alerts, service updates, billing notices);
• improve the Websites and Service through testing, troubleshooting, analytics, and research;
• communicate about product features, events, and other offerings (subject to your marketing preferences and applicable law).

6.2 Information We Collect Automatically

We may use this information to:

• administer and improve the Websites and Service;
• maintain performance, reliability, and availability;
• monitor, detect, prevent, and investigate security incidents, fraud, misuse, or policy violations;
• measure feature adoption and usage trends;
• develop aggregated insights about usage and system performance.

6.3 Information We Receive From Other Sources

We may receive information from third-party providers used in connection with the Service (for example, payment processors, analytics providers, hosting providers, or integrated third-party platforms) and may use it to support account administration, improve the Service, and ensure security and compliance.

7.1 Customer Content is used to provide the Service

We store and process Customer Content to deliver the features and functionality of the Service, including generating analytics, reports, dashboards, exports, and automations requested by Subscribers.

7.2 No use of Customer Content for marketing without explicit agreement

dashboardWISE does not use Customer Content for advertising or marketing purposes unless the Subscriber separately and explicitly agrees in writing.

7.3 Aggregated and de-identified analytics

We may create and use aggregated and/or de-identified data derived from Customer Content and usage patterns to improve the Service (for example, performance improvements, reliability, feature enhancements), provided such data does not reasonably identify individuals.

We may share personal data as follows.

8.1 Service Providers and Subprocessors

We may share personal data with trusted vendors, suppliers, and subcontractors who provide services on our behalf, such as hosting and infrastructure providers, customer support tooling, email and communications providers, analytics and monitoring providers, payment processors and billing systems, and security and fraud prevention providers.

These providers are authorized to access personal data only as needed to perform services for us and are required to protect it consistent with applicable law and contractual obligations.

8.2 Legal and Compliance Disclosures

We may disclose personal data if required to do so by law or in response to valid requests by public authorities (including law enforcement or national security), or when we believe disclosure is necessary to:

• comply with a legal obligation;
• enforce agreements and policies;
• protect the rights, property, or safety of dashboardWISE, Subscribers, users, or others;
• investigate and prevent fraud or security issues.

8.3 Business Transfers

If dashboardWISE is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of all or a portion of its assets, personal data may be transferred as part of that transaction. Where required, we will provide notice of any material changes in ownership or use of personal data.

8.4 Aggregate Information

We may share aggregated information that does not identify individuals (or is reasonably de-identified) for business or analytical purposes.

We retain personal data for as long as necessary to provide the Websites and Service, fulfill contractual obligations, meet legal, accounting, and compliance requirements, resolve disputes and enforce agreements, and maintain security and prevent fraud.

Retention periods depend on the nature of the data and legal requirements. Where feasible, we delete, de-identify, or anonymize data when it is no longer needed.

Customer Content: Upon account termination, Subscribers may have a limited period to export Customer Content as provided in the applicable service terms or account settings. We may retain limited backups for a period consistent with security and disaster recovery practices, subject to legal obligations.

Personal data may be stored and processed in the United States and/or other locations where dashboardWISE or its service providers operate.

We take reasonable steps to ensure personal data is treated securely and in accordance with this Privacy Policy. Where required by law for international transfers (including transfers of personal data from the EEA, UK, and Switzerland), we use appropriate safeguards such as:

• Standard Contractual Clauses (SCCs);
• the UK International Data Transfer Addendum;
• and/or other lawful transfer mechanisms recognized by applicable law.

We maintain administrative, technical, and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction.

Security measures may include:

• access controls and authentication protections;
• encryption in transit where appropriate;
• monitoring and logging for security events;
• least-privilege access practices;
• operational safeguards around data handling.

No method of transmission over the internet or electronic storage is completely secure. You are responsible for keeping passwords and access credentials confidential and for using secure practices within your organization.

You may request access to or correction of certain personal data we maintain about you. You may also request deletion where appropriate, subject to legal and contractual limitations.

If your personal information changes or you no longer desire to use the Service, you may request updates or account actions by contacting us at admin@dashboardwise.com.

Where we send marketing emails, you can opt out by:

• using the unsubscribe link in the email; or
• contacting us at admin@dashboardwise.com.

Even if you opt out of marketing, we may continue to send service-related communications (for example, security notices, transactional messages, and policy updates).

Depending on your location and applicable law, you may have rights to:

• request access to personal data;
• request correction of inaccurate data;
• request deletion (subject to exceptions);
• request restriction or objection to processing;
• request data portability;
• withdraw consent (where processing is based on consent).

Some rights may be limited where we process data as a Processor on behalf of a Subscriber. In those cases, requests should be directed to the Subscriber, and we will assist the Subscriber as required by law and applicable agreements.

If you are located in the European Economic Area or the United Kingdom, the GDPR/UK GDPR provides certain rights regarding your personal data.

15.1 Lawful Bases for Processing

Where we act as a Controller, we process personal data on one or more of the following lawful bases:

• Contract: processing necessary to provide the Service or fulfill obligations;
• Legitimate interests: security, fraud prevention, service improvement, and business operations (balanced against your rights);
• Consent: where required (for example, certain marketing communications or cookies);
• Legal obligation: compliance with applicable laws.

Where we act as a Processor for Customer Content, the Subscriber determines the lawful basis.

15.2 Your GDPR Rights

You may have the right to:

• access your personal data;
• correct inaccuracies;
• request deletion ("right to be forgotten");
• restrict or object to processing;
• data portability;
• withdraw consent (where applicable);
• lodge a complaint with a supervisory authority.

We may need to verify identity before responding. We will respond within the timeframes required by applicable law.

If you are a California resident, you may have the right to:

• Know what personal information we collect, use, disclose, and/or share;
• Access specific pieces of personal information;
• Delete personal information, subject to exceptions;
• Correct inaccurate personal information;
• Opt out of the "sale" or "sharing" of personal information (as defined by law);
• Limit the use and disclosure of "sensitive personal information" where applicable;
• Non-discrimination for exercising rights.

16.1 Sale/Sharing

dashboardWISE does not sell Customer Content. We do not share Customer Content for cross-context behavioral advertising. If we engage in activities that constitute "sale" or "sharing" under CPRA for Website analytics or advertising in the future, we will provide appropriate opt-out mechanisms as required by law.

16.2 Submitting Requests

To exercise California privacy rights, contact admin@dashboardwise.com with sufficient detail for us to process your request. We may verify your identity and authority, including verifying authorized agents.

Our Websites may include social media features or widgets. These features may collect your IP address, the page you are visiting, and may set a cookie to enable the feature to function properly. Social media features are governed by the privacy policies of the companies that provide them.

If we provide public-facing forums or comment areas (if any), any information posted there may be read, collected, and used by others. Please use caution when posting personal information in public areas.

The Websites and Service are not directed to individuals under the age of 13, and we do not knowingly collect personal information from children under 13.

If you believe a child has provided us with personal information, contact us at admin@dashboardwise.com. If we learn that we collected personal information from a child under 13, we will take steps to delete it as required by law.

We may update this Privacy Policy from time to time. Changes will be posted on this page, and where appropriate we will notify Subscribers or Authorized Users via the Service, email, or other reasonable means.

Continued use of the Websites or Service after the effective date of the updated policy constitutes acceptance of the updated Privacy Policy.

Questions, comments, and requests regarding this Privacy Policy can be addressed to:

Privacy Email: admin@dashboardwise.com

Mailing Address: 8 The Green STE A, Dover, Kent County, DE 19901, United States

If you are an individual whose data is included in a Subscriber's Customer Content, you may also contact the relevant Subscriber (your organization or service provider) directly for rights requests relating to that data.