Score Infinity, LLC ("Score Infinity", "we", "us", or "our") operates https://scoreinfinity.com (the "Site") and provides cloud-based SaaS products, one-time purchases, free trials and consulting services (together, the "Services"). This Privacy Policy explains what personal data we collect, how we use it, who we share it with, your rights, and how to contact us.
1. Scope
This Policy applies to: visitors to the Site, users of our Services, customers (including administrators of customer accounts), and any individuals whose data is provided to us by our customers ("Customer Data"). It covers personal data processed in connection with our Services and any related support, billing, or marketing activities.
2. Data We Collect
We may collect the following categories of personal data:
- Account & identity: name, business email, job title, company name, phone number.
- Authentication & security: password hashes, multi-factor authentication tokens, login timestamps, IP addresses.
- Contact & billing: billing address, billing contact, payment method metadata (we do not store full card details if we use a processor).
- Usage & diagnostics: product usage logs, performance metrics, cookies and device identifiers.
- Customer Data: data uploaded or entered by customers (may include personal data of end users).
- Marketing: newsletter subscriptions, event registrations.
- Cookies & tracking: analytics and functional cookies (see Cookies section).
We do not intentionally collect special category (sensitive) personal data unless explicitly agreed in writing with a customer.
3. Lawful Bases (GDPR)
Where applicable, we rely on the following lawful bases to process personal data:
- Performance of a contract: to deliver the Services you request.
- Legal compliance: to comply with legal obligations.
- Legitimate interests: product improvement, security, fraud prevention, and limited marketing (balanced against individual rights).
- Consent: for cookies and direct marketing where required.
4. How We Use Personal Data
We use personal data to:
- Provide, operate, maintain and improve the Services.
- Process billing and payments through third-party payment processors.
- Provide customer support and respond to inquiries.
- Detect, prevent and remediate fraud or security incidents.
- Communicate about the Services, updates, and marketing (where permitted).
- Comply with legal obligations and enforce our agreements.
5. Sharing & Subprocessors
We share data with:
- Subprocessors and vendors (hosting, analytics, payment processors, CRM, email and support providers). We use HubSpot for CRM and marketing automation.
- Law enforcement or courts when legally required.
- Professional advisors and auditors for legal and compliance purposes.
We maintain a current list of subprocessors and will notify customers of material changes. Customers may request the list at [email protected].
6. Customer Data & Ownership
Customers retain ownership and control of Customer Data. We process Customer Data as a processor (or service provider) under customer direction. We will process, access, and use Customer Data only to provide the Services, comply with law, or as authorized by the customer. See our Data Processing Addendum (DPA) for further details.
7. International Transfers
Data may be transferred and processed outside your jurisdiction (e.g., United States). We use appropriate safeguards such as EU Standard Contractual Clauses (SCCs) where required. Contact [email protected] for specific transfer details and mechanisms.
8. Data Retention
We retain personal data for as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Typical retention examples:
- Account and transactional data: while account active + 7 years.
- Logs and analytics: aggregated or retained for 1–3 years depending on purpose.
Specific retention periods may be set forth in contractual terms for enterprise customers.
9. Security
We implement industry-standard administrative, technical, and physical safeguards (encryption in transit and at rest, role-based access, logging, vulnerability management). If applicable, we will indicate certifications (e.g., SOC 2 Type II, ISO 27001) on request. Contact [email protected] for our security overview.
10. Your Rights (GDPR & similar)
Where applicable, you have rights to:
- Access, correct, or delete your personal data.
- Object to or restrict processing.
- Data portability.
- Withdraw consent where processing is based on consent.
- Lodge a complaint with your supervisory authority.
To exercise rights: contact [email protected]. We will verify requests and respond in accordance with applicable law.
11. California Privacy (CCPA/CPRA)
For California residents: we disclose categories of personal data collected, sources, purposes, and categories of third parties shared with. California residents have rights to access, delete, and opt-out of sale of personal information. We do not sell personal information for monetary consideration. To submit a request, contact [email protected].
12. Cookies & Tracking
We use cookies and similar technologies:
- Strictly necessary cookies (authentication, session).
- Functional cookies (preferences).
- Analytics cookies (product improvement).
- Marketing cookies (with consent where required).
You can manage cookie preferences via our Privacy Preferences center when available.
13. Children
Our Services are not directed at children under 16. We do not knowingly collect personal data from children. If we learn we have collected such data we will delete it.
14. Changes to this Policy
We will post updates with a revised Effective Date. For material changes we will provide notice on the Site or by direct communication.
15. Contact & Data Protection Officer
Questions, requests or complaints: [email protected]
Address: Score Infinity, LLC — 11405 Tall Forest Circle, Germantown, MD 20876, USA