Everyone Counts respects individual privacy and values the confidence of its customers, employees, consumers, business partners and others. Everyone Counts collects, uses, and discloses personal information in a manner consistent with the laws of the countries in which it does business.
Who we Are
Everyone Counts is the global leader in election modernization software and services with a portfolio of products that includes voter registration, electronic poll books, in-person voting systems, and online voting. Everyone Counts is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Collection and Use of Personal Data (Notice)
Everyone Counts does not directly collect Personal Data (other than business contact information) from individuals for its own business use or purpose. Personal Data is either provided to Everyone Counts by a customer, or collected by Everyone Counts on behalf of a customer, for the express purpose of conducting an electoral event or maintaining a registration system as a service provider. In its capacity as a service provider, Everyone Counts receives, stores, and/or processes Personal Data. In such cases, Everyone Counts is acting as a data processor and will process the personal information on behalf of and under the direction of our customers. Everyone Counts uses all information collected or provided solely for the purpose of conducting the electoral event, and does not use, disclose, or retain this data for any other purpose.
The Personal Data collected or received includes – but is not limited to – name(s), date of birth, street or postal addresses, telephone numbers, e-mail addresses, digital signatures, individual identifiers (which may include data such as passport numbers, social security numbers, and driver’s license numbers), passwords, and other personal codes. In some cases, Everyone Counts may collect additional demographic data as requested or required by its clients in its capacity as a service provider.
By providing Personal Data to Everyone Counts (or a Customer who subsequently transfers it to Everyone Counts) for the purpose of participating in an electoral event, users are providing approval for their data to be used for that purpose only. Users may opt-out of providing this Personal Data, but as a result may not be eligible to participate in the electoral event. Everyone Counts shall provide individuals an opportunity to choose (or “opt-out”) whether their personal information is (a) to be disclosed to a third party, or (b) used for a purpose other than that for which it was originally collected. Everyone Counts shall not disclose an individual’s Personal Data, or use it for a purpose other than that for which it was originally collected. If Everyone Counts ever were to engage in any onward transfers of your data with third parties other than our agents, we would provide you with an opt-out choice to limit the use and disclosure of your personal data.
Accountability for Onward Transfer of Personal Data
Everyone Counts’ accountability for personal data that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Everyone Counts remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Everyone Counts proves that it is not responsible for the event giving rise to the damage.
The only third parties to which data is transferred include printing partners for the purpose of printing and mailing physical election materials. The only onward transfer Everyone Counts does not transfer client-specific Personal Data to any other unrelated third parties, unless lawfully directed by a client, or in certain limited or exceptional circumstances in accordance with the EU-U.S. Privacy Shield Framework. Everyone Counts will not transfer any Personal Data to a third-party without first ensuring, via written contract, that the third-party handles the data under the same level of protection as set forth in this policy.
In the event that Everyone Counts is requested to transfer client-specific Personal Data to an unrelated third party, Everyone Counts will ensure that such party will enter into a written agreement with the third party requiring them to provide protections consistent with the EU-U.S. Privacy Shield Framework and Everyone Counts’ EU-U.S. Privacy Shield Policy. Should Everyone Counts learn that an unrelated third party to which Personal Data has been transferred by Everyone Counts is using or disclosing Personal Data in a manner contrary to this Policy, Everyone Counts will take appropriate steps to prevent or stop the use or disclosure.
Contact information and Client Personal Data is accessible only by those Everyone Counts employees and consultants who have a reasonable need to access such information in order for us to fulfill contractual, legal, and professional obligations. All of our employees and consultants have entered into strict confidentiality agreements, and/or have been subjected to thorough criminal background checks requiring that they maintain the confidentiality of Personal Data. If requested by the Client, client-specific Personal Data may be isolated to specific data centers and access restricted based on geographical location, citizenship, or other factors as deemed necessary. For supplemental information on a specific client engagement, please contact Everyone Counts at firstname.lastname@example.org for information. Please be aware that Everyone Counts may be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. Please contact Everyone Counts at email@example.com for more information.
Everyone Counts has implemented specific physical and technical safeguards to protect Personal Data from loss, misuse, and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the Personal Data. Everyone Counts employs access restrictions, limiting the scope of personnel who have access to Personal Data based on a strict need-to-know basis. All Personal Data is encrypted in transit and at rest using standards-based technologies; further information on how data is secured may be provided upon request by contacting firstname.lastname@example.org.
Data Integrity and Purpose Limitation
Everyone Counts limits the Customer and Client Personal Data it processes to that which is relevant for the purposes of the particular processing. Everyone Counts does not process Personal Data in ways that are incompatible with the purposes for which the information was collected or subsequently authorized by the relevant Customer or Client. In addition, to the extent necessary for these purposes and consistent with its role as a Controller or Processor, Everyone Counts takes reasonable steps to ensure that the Personal Data the company processes is (i) reliable for its intended use, and (ii) accurate, complete and current. Customers and clients may contact Everyone Counts as indicated below to request that Everyone Counts update or correct relevant Personal Data.
Subject to applicable law, Everyone Counts retains Personal Data in a form that identifies or renders identifiable the relevant Customer or Client only for as long as it serves a purpose that is compatible with the purposes for which the Personal Data was collected or subsequently authorized by the Customer or Client, as appropriate.
Customers and Clients generally have the right to access their Personal Data. Accordingly, to the extent Everyone Counts acts as a Controller, where appropriate, Everyone Counts provides Customers and Clients with reasonable access to the Personal Data Everyone Counts maintains about them. Everyone Counts also provides a reasonable opportunity for those Customers and Clients to correct, amend or delete the information where it is inaccurate or has been processed in violation of the Privacy Shield Principles, as appropriate. We reserve the right to take appropriate steps to authenticate an applicant’s identity, to charge an adequate fee before providing access and to deny requests, except as required by the EU-U.S. Privacy Shield Framework. To receive instructions and appropriate forms for accessing and/or correcting Personal Data, please contact us as email@example.com.
Recourse, Enforcement, and Liability