Privacy Policy

Last Updated on December 30, 2019


Xtime, Inc. and its wholly owned subsidiaries worldwide (collectively, “Xtime,” “we,” “us” and “our”) respect your privacy. Accordingly, we’re providing this Privacy Policy to explain our practices regarding the collection, use and disclosure of information, including information that can be used to identify you personally (“PII”) that we collect from, or obtain about, you.


Which Privacy Policy Applies?


Any information that we collect or obtain is subject to the version of this Privacy Policy that is in effect at the time that information is collected or obtained. Please remember that we may have to change or update this Privacy Policy from time to time. If we make any material changes, we’ll notify you of those changes by posting them on the Site (defined below) or by sending you an email or other notification, and we’ll indicate when those changes will become effective. Your continued use of the Site and Services (defined below) indicates your acceptance of our updated Privacy Policy.


How We Collect Information


Directly from You

  • We collect PII from you directly, via our websites including those associated with our SaaS services, like dev.reinventingretention.com and xtime-info.com (the “Sites”), telephone inquiries, and in connection with your interest in our online services (collectively the “General Services”). For example, we collect PII from you when you apply for a job, download a white paper, complete questionnaires, contact us with questions or comments, request information in response to a newsletter or provide us with feedback. The type of PII that we collect depends upon your interactions with us, and may include, but is not limited to, contact information, such as your name, address, email address, telephone number, and other PII that you submit to us.
  • We have relationships with third parties, including automotive manufacturers, dealerships, dealer service departments and original equipment manufacturers of passenger cars, vans, cargo trucks and parts and services related to such vehicles (“Business Customers”) and we offer a variety of services to such Business Customers, including SaaS and service retention applications (“Business Services”). We collect PII from the personnel of our Business Customers through their use of the Business Services. For example, we maintain databases comprising PII, such as name, email address, company name, employment title and telephone number about our points of contact at each of our Business Customers.
  • As described below, our Business Customers provide PII to us about their current and potential customers and sales leads via their use of the Business Services. However, if you are an individual customer of one of our Business Customers you may also submit PII to us directly. For example, via an online customer service portal that we offer as part of our Business Services to our Business Customers.

To make this Privacy Policy easier to read, General Services and Business Services are referred to together as the “Services”.


From our Business Customers

  • Our Business Customers submit information, including PII, to us about their current and potential customers and sales leads via their use of the Business Service. Xtime accesses and uses this information only for the purpose of providing the Business Services, preventing or addressing service or technical problems, at a Business Customer’s request in connection with customer support matters, or as may be required by law.  For example, a Business Customer may store contact details such as name and telephone number together with information about an individual’s vehicle repair and maintenance history via our Services. In this context, Xtime acts as a data processor (rather than a data controller), and therefore does not ultimately determine precisely what information, including PII, is processed or how it is utilized. Any access to, or use of, such information by Xtime is incidental to completing Xtime’s contractual obligations as data processor to its Business Customers. Similarly, in connection with Xtime’s professional services operations as part of the Services, Xtime processes information, including PII and acts as a data processor on behalf of its Business Customers.
  • Xtime also collects, transfers and uses information, including PII, of current and prospective Business Customers and current and prospective business partners for sales, billing, marketing and business partner recruitment purposes. In this context, Xtime acts as a data controller.

From Third Parties

We may also obtain PII about you from our third party affiliates, or partner companies, and from marketing or advertising companies that provide us with information as a part of their relationship with us. We may combine this with information that we already have collected about you in order to offer Business Services that may be of interest to you.

Automatically Through Our Sites

We use various tracking technologies to collect and store information from or about you as a user of our Sites and Services as described below in the Section entitled “Cookies and Other Tracking Devices.”


How We Use Your Information


We use information, including PII, that we collect from, or obtain about, you to provide and improve our Sites and Services, such as developing new features and services, providing information and support, better understanding your needs and interests, personalizing communications and advertising and promoting a quality experience for you. We will also aggregate and analyze the information, including PII, that we collect from, or obtain about, you for these purposes and to analyze industry trends, and we will share such aggregated, non-personally identifiable information about you with third parties, including our Business Customers, for marketing, advertising, research, analytics or similar purposes.

We may link your information with information that we collect from multiple sources to provide better Services to you and to improve our Services. Once in our possession, PII from other sources will be governed by this Policy.  We will always ask you for your permission prior to using your PII for purposes unrelated to the purpose for which we first collected or obtained your PII.


How We Share and Disclose Your Information

  • Within Xtime, we will share your PII with Xtime employees, agents and contractors who have a legitimate business reason to obtain access to your PII.  For example, we may share your PII with contractors and agents who provide product development services to us.
  • We may share your PII with our business partners and our customers for our marketing and administrative purposes. However, we will not sell your PII to unaffiliated third parties for their own marketing purposes (i.e., for purposes unrelated to the business of Xtime).
  • We may engage third-party services providers to work with us to administer and provide Services to you. These third-party services providers have access to your PII only for the purpose of performing Services on our behalf and are expressly obligated not to disclose or use your PII for any other purpose or in a purpose inconsistent with the Privacy Policy. For example, we may share your PII with third parties who help us manage our business activities (e.g., mailing list platform providers and marketing agents).
  • We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims, legal process (including subpoenas), to protect our property and our rights or those of a third party, the safety of the public or any person, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law.
  • Information that we collect from, or obtain about, you, including PII, is considered to be a business asset. If we are acquired by, or merged with, another entity, and if all or part of our assets are acquired, or in response to a bankruptcy proceeding, then we may transfer your information to the other entity.
  • We may collect PII about you when you voluntarily post in blogs, chat rooms, forums or message boards available from our Sites, or via social media websites and services that we utilize. All of the information that you post will be available to all visitors to our Sites and to such social media offerings. Xtime is not responsible for the PII that you choose to submit in these forums and we cannot prevent such information from being used in a manner that may violate this Privacy Policy, the law or your personal privacy expectations.

Cookies and Other Tracking Devices Used by Xtime


Like many service providers, we use cookies and other tracking mechanisms to track information about your use of our Sites and Services.

Cookies

We use cookies to perform many different jobs, including letting you navigate between pages efficiently, storing your preferences and generally improving your experience on our Sites. Cookies make the interaction between you and the Sites faster and easier. We use cookies to improve your user experience by enabling our Sites to ‘remember’ you, either for the duration of your visit (using a “session cookie”) or for repeat visits (using a “persistent cookie”). We use both session cookies and persistent cookies when you access our Sites. Session cookies expire and no longer have any effect when you log out of your account, if you have one, or close your browser. Persistent cookies remain on your browser until you erase them or they expire. You may encounter cookies or pixel tags on websites that we do not control. For example, if you view a Web page created by a third party, there may be a cookie or pixel tag placed by the Web page. Likewise, these third parties may place cookies or pixel tags that are not subject to our control and this Privacy Policy does not cover their use.

Most Web browsers automatically accept cookies, but if you prefer, you may edit your browser options to block them in the future. The help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Please note, however, that if you don’t accept cookies, you may not be able to access all portions or features of our Services.

Web Beacons

We may use “Web beacons” (electronic images that are also known as pixel tags or clear gifs) to recognize a cookie on your computer when you view or act upon a Web page, an advertisement that we’ve placed on a third-party Web page, or an email or other electronic communication that we’ve sent.

Local Storage Objects (“LSOs”)

We also use LSOs, sometimes referred to as “Flash” cookies. Flash LSOs are different from browser cookies because of the amount and type of data stored. Typically, you cannot control, delete or disable the acceptance of Flash LSOs through your Web browser. For more information about Flash LSOs, or to learn how to manage your settings for Flash LSOs, please visit your Adobe Flash Player Help Page, choose “Global Storage Settings Panel” and follow the instructions. To see the Flash LSOs currently on your computer, from within your Adobe Flash Player Help Page, choose “Website Storage Settings Panel” and follow the instructions to review and, if you choose, to delete any specific Flash LSO.

Other Tracking Technologies

We may collect one or more unique identifiers for any particular device that you use to access the Internet (each, a “Device Identifier”). When analyzed, usage information helps us determine how our Sites and Services are used, such as what features you may find most relevant. If we associate your Device Identifier with other PII that we have collected or obtained about you, we will treat the combined information as PII.

Information Related to Use of the Services

Our servers automatically record certain information about how a person uses our Services (we refer to this information as “Log Data”). Log Data may include information such as a user’s Internet Protocol (IP) address, browser type, operating system, Web page that a user was visiting before accessing our Sites and Services, pages or features of our Sites and Services to which a user browsed, time spent on those pages or features, search terms, links on our Sites and Services that a user clicked on and other statistics. We use Log Data to administer the Services and we analyze (and may engage third parties to analyze) Log Data to improve, customize and enhance our Services by expanding their features and functionality and tailoring them to our users’ needs and preferences. We may use a person’s IP address to fight spam, malware and identity theft. We also use the IP address to generate aggregate, non-identifying information about how our General Services are used.


Cookies and Other Tracking Devices Used by Third Parties


Xtime may allow certain companies, such as analytics partners and network advertisers, to use cookies, Web beacons, LSOs and other tracking technologies on the Sites and Services as described below.

Analytics

Xtime uses a variety of third-party services to help us understand the use of our Sites and Services (e.g., Google Analytics). Third-party service providers may collect information sent by your browser, such as cookies or your IP address. For example, the information generated by a cookie and other platform-specific technology about your use of our Services (including your IP address) may be transmitted to and stored by Google. In such event, Google will use this information for the purpose of evaluating your use of our Sites and Services, compiling reports on website activity for website operators, and providing other services relating to your website activity and Internet usage. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.

Advertising

We use third parties such as network advertisers to assist us in displaying advertisements on our Sites and/or on third party websites. Network advertisers are third parties that display advertisements based on your visits to our Sites and/or other websites. For re-targeting purposes, third party ad network providers, advertisers, sponsors and/or traffic measurement services may put cookies, JavaScript, Web beacons (including clear GIFs), Flash LSOs and other technologies on your computer or other Internet-enabled device to collect information about your interests. This practice enables us and network advertisers to provide website visitors with advertising displays or text ads that more closely aligned to your services and information interests, and enables better measurements of ad effectiveness.

You may opt out of many third party ad networks. To learn more about this choice, please visit the Network Advertising Initiative (“NAI”) at www.networkadvertising.org/choices or the Digital Advertising Alliance (“DAA”) at www.aboutads.info/choices. Opting out of one or more NAI member or DAA member networks only means that those members will no longer deliver targeted content or ads to you. It does not, however, mean that you will no longer receive any targeted content or see any ads on our Sites or other websites.


Access and Opt-Out


You may review and update the PII we have about you by accessing and modifying the information in your Xtime account, if you have one, or by submitting a request to Xtime at privacy@xtime.com.  We’ll take steps to delete your information as soon as is practicable, but some information may remain in archived/backup copies for our records or as otherwise required by law.

If you choose not to receive Xtime-sent emails or our newsletters, you may: (i) opt out or unsubscribe by emailing privacy@xtime.com or (ii) follow the opt-out instructions in the email or newsletter.

Please note that while Xtime offers you some control over marketing communication, certain transactional, relationship and legally required communications will not be affected by the choices you have made about marketing communications.


International Transfer


Your PII may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your PII to us, we may transfer your PII to the United States and process it there. We have put in place the necessary measures to comply with applicable EU laws on the adequacy of data transfers to non-EU/EEA countries (such as EU Model Clauses). Your use of any of our services followed by your submission of any PII represents your agreement to that transfer.


Links to Third Party Site(s) and Applications


This Privacy Policy only describes our information collection and usage practices. It does not describe the practices of our Business Customers or any other third parties, including third party social media websites and services. Our Sites and Services may contain links to other websites and services. When you provide information, including PII to a third party, including one of our Business Customers, your information will be used by the third party in accordance with its privacy policy. We’re not responsible for the content, privacy or security practices and policies of those websites or services of third parties. To protect your information we recommend that you carefully review the privacy policies of other websites and services that you access.


Security


We take reasonable administrative, physical and electronic measures designed to protect the information that we collect from, or obtain about, you (including your PII) from unauthorized access, use or disclosure. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information. We will make any legally required disclosures of any breach of the security, confidentiality or integrity of your unencrypted electronically stored “personal data” (as defined in the applicable statutes) to you via email or conspicuous posting on the Sites in the most expedient time possible and without unreasonable delay, consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.


Children’s Privacy


Our Sites and Services are not directed to children under 13 and we do not knowingly collect PII from children under 13. If we learn that we have collected PII of a child under 13 we will take steps to delete such information from our files as soon as possible.


Your California Privacy Rights


This PRIVACY NOTICE FOR CALIFORNIA RESIDENTS supplements the information contained in the Privacy Statement of Xtime, Inc. and its subsidiaries (collectively, “we,” “us,” or “our”), a Cox Automotive, Inc. company, and applies solely to consumers who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”) and other California privacy laws.  Any terms defined in the CCPA have the same meaning when used in this notice.

 

Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with an individual consumer, household, or device (“personal information”). We have collected the following categories of personal information from consumers within the last twelve (12) months:

 

The following examples are taken directly from California Consumer Privacy Act, Xtime collects at least one of the example items from each category.

 

Category Examples Collected
A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers. YES
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. YES
C. Protected classification characteristics under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). NO
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. YES
E. Biometric information. Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. NO
F. Internet or other similar network activity. Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. YES
G. Geolocation data. Physical location or movements. NO
H. Sensory data. Audio, electronic, visual, thermal, olfactory, or similar information. NO
I. Professional or employment-related information. Current or past job history or performance evaluations. YES
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. NO
K. Inferences drawn from other personal information. Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. YES

 

We obtain the categories of personal information listed above from the following categories of sources:

 

  • Directly from our customers or their agents. For example, from documents that our clients provide to us related to the services for which they engage us.
  • Indirectly from our clients or their agents. For example, through information we collect from our clients in the course of providing services to them.
  • Directly and indirectly from activity on our client’s website, as well our xtime.com website. For example, from submissions through our website portal or website usage details collected automatically.
  • From third-parties that interact with us in connection with the services we offer and/or perform.

 

Sharing Personal Information

We may disclose your personal information to a third party for a business purpose.  When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.

 

In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:

 

Category A:             Identifiers.
Category B:             California Customer Records personal information categories.
Category D:             Protected classification characteristics under California or federal law.

Category F:            Internet or other similar network activity.
Category I:              Professional or employment-related information.

Category K:            Inferences drawn of other personal information

 

We disclose your personal information for a business purpose to the following categories of third parties:

 

  • Our affiliates.
  • Service providers.
  • Third parties to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.

In the preceding twelve (12) months, we have not sold any personal information.

 

Your Rights and Choices

The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.

 

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

 

  • The categories of personal information we collected about you.
  • The categories of sources for the personal information we collected about you.
  • Our business or commercial purpose for collecting or selling that personal information.
  • The categories of third parties with whom we share that personal information.
  • The specific pieces of personal information we collected about you (also called a data portability request).
  • If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
    • sales, identifying the personal information categories that each category of recipient purchased; and
    • disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.

 

California Civil Code Section 1798.83 entitles California users to request information concerning whether a business has disclosed certain information about you to any third parties for the third parties’ direct marketing purposes. California users who wish to request further information in compliance with this law or have questions or concerns about our privacy practices and policies may contact us as specified in the “How to Contact Us” section below.

 

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected about you and retained, subject to certain exceptions in the CCPA. Once we receive and confirm your verifiable consumer request, we will delete your personal information from our records, unless an exception applies, and we will direct our service providers to similarly delete your personal information from their records.

 

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a “verifiable consumer request” (defined below) to us by either:

 

 

Only you or someone you authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.

 

A verifiable consumer request must:

 

  • Provide enough information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and
  • Describe your request with enough detail that allows us to properly understand, evaluate, and respond to it.

 

You may only make a verifiable consumer request for access or data portability twice within a 12-month period.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.  Making a verifiable consumer request does not require you to create an account with us.  We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

 

Non-Discrimination

We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not deny you goods or services, charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, provide you a different level or quality of goods or services, or suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

 

Do Not Track

Online Tracking Policy for California Residents. As of the effective date of this Privacy Statement, there is no commonly accepted response for Do Not Track signals initiated by browsers, therefore we do not respond to them.

 

Contact Information

If you have any questions or comments about this notice, our Privacy Statement, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:

 

Website: xtime.com
Email: privacy@coxautoinc.com
Postal Address: Cox Automotive, Inc.
Attn: Scott Hilsen, Chief Compliance & Privacy Officer
6205 Peachtree Dunwoody Rd. NE
Atlanta, Ga 30328


Contact Us


Please contact us by writing to us at: privacy@xtime.com or Xtime, Inc., 1400 Bridge Parkway, Suite 200, Redwood City, CA, 94065 USA, c/o General Counsel, if you have any questions regarding this Policy.

Book Your Xtime Demo Now!

  • This field is for validation purposes and should be left unchanged.