Our Privacy Principles
Privacy matters. Don’t let anyone tell you otherwise. How Take 44, Inc., the company behind NextAgency, knows protecting your sensitive data is important. We strongly urge you to read this document.
We believe anything you post to NextAgency is owned by you. This means you control your data.
We believe anything you post to NextAgency is private to you. This means we help you control who can view your data.
Security and confidentiality is critical to privacy. This means we’ve implement strong encryption and other security measures.
Agencies and brokers may make components of NextAgency available to their clients and prospects. We will contact these clients and prospects directly when needed for them to use NextAgency. We will not solicit them for services, products or programs with the permission of the agency or broker who invited them to use NextAgency.
Employers may have access to information concerning their employees. We will contact these employees directly when needed for them to use NextAgency, but will not solicit them for services, products or programs.
Effective: June 7, 2016
We may change this policy from time to time, and if we do we’ll post any changes on this page. If you continue to use Take 44 after those changes are in effect, you agree to the revised policy.
Information we collect and receive
We collect different kinds of information. Some of it is personally identifiable and some is non-identifying or aggregated.
User information. To use the NextAgency Platform you will need to provide personally identifiable information, some of it highly sensitive (i.e. bank account information, tax identification numbers). We also obtain contact information (e.g., name, email, physical addresses) of users, and billing information from the user licensing NextAgency.
Service provider information: In using NextAgency you may provide us with information about service providers you use (e.g., payroll firms, compliance companies, carriers). As described in the Security Measures section, below, we are careful to protect this information. Now or in the future, we may integrate the NextAgency Platform with service providers you use. We will strive to collect the minimum amount of highly sensitive information necessary to facilitate this integration and provide this service.
Log data. When you use NextAgency, our servers automatically record certain information such as your IP address. Log data does not contain message content. We do not share log data with third-parties for marketing purposes. Log data may provide some geo-location information which helps us protect our sites from some cyber-attacks.
Sharing of Data with System Administrators and Inviters
System Administrators of your NextAgency installation have access to all information entered by users in that installation. For example,
Inviters are brokers and agencies who invite their prospects and clients (collectively referred to as “Clients”) to use the NextAgency Platform (i.e., NextHR and perhaps other components). Customer data related to benefits, including, but not limited to, coverage options and census data, is shared with Inviters. Other information including, but not limited to, banking information, service provider credentials including passwords are not shared with Inviters unless explicitly permitted by the Employer.
We do not contract with tracking services that follow you across the web (e.g., DoubleClick, Facebook, Quantcast). Personally, some of us at Take 44 dislike cookies. We urge you to carefully monitor your cookies and their usage. Your browser may enable you to block cookies, although doing so may limit your use of the NextAgency Platform.
Information We Use
We use your information for the following:
Providing the NextAgency service: We use information you provide to authenticate you and deliver message content to you and from you
Understanding and improving our products: To make the product better we have to understand how users are using it.
Investigating and preventing bad stuff from happening: We work hard to keep NextAgency secure and to prevent abuse and fraud.
Testing security: We also work hard to keep your data confidential and secure. We may employ qualified third-parties to try to hack or exploit our system in order to identify weaknesses before bad guys do.
Communicating with you:
Solving your problems and responding to your requests. If you contact us with a problem or question, we will use your information to respond to that request and address your problems or concerns.
Administrative communications. We may contact you through NextAgency in-product messaging tools concerning matters relating to your use of the NextAgency Platform. For example, we may inform you of upcoming scheduled maintenance.
Brokers and Agencies. We may sometimes communicate information to you concerning new NextAgency products, features, services or other news about Take 44 or NextAgency.
Prospects and Clients. We will not send marketing communications to prospects and clients without the permission of the broker or agency that invited them to use the NextAgency Platform.
Data Access, Export and Retention
System Administrators have considerable control over the way data is accessed, exported and retained in their installation of NextAgency. Other users have some control in these matters as well.
Take 44 recognizes you own the data you enter into the NextAgency Platform. We also recognize that you may need to provide data in NextAgency to third-parties (i.e., when conducting an audit or responding to requests from regulators).
PLEASE NOTE: Federal and state regulations may apply to your data. You are responsible for meeting the requirements of those regulations including, but not limited to, record retention requirements. This may require you to download and store messages and other data apart from your NextAgency installation.
Data Access: System Administrators (Administrative Brokers and Administrators) have the ability to restrict access to data by users of their installation of the NextAgency Platform by selecting roles for these users. These roles are explained within the NextAgency Platform.
To provide NextAgency services and resolving service issues Take 44 personnel may access your data. Access to sensitive data requires multiple authentications and is restricted to authorized personnel performing specific tasks for you. When our personnel’s access to critical data is not required for the job duties, data available to them will be fully or partially redacted.
Data Export: Users may export the data with which they are associated at any time using the tools available within NextAgency. System Administrators may be notified when data is exported by other users.
Data Retention: System Administrators are responsible for retaining documents in compliance with state and federal laws and regulations. Users may edit or delete files and forms. They may edit and archive user data; they cannot delete user data. System Administrators may deactivate an account of Users they have invited to use the NextAgency Platform at any time. Deactivation of an account disables the deactivated user’s access to NextAgency, but does not delete Data associated with the account, the user’s profile or content. System Administrators may still access this information.
NextAgency Retention Goals: Take 44 will attempt to retain archived user data for seven (7) years while you are a licensed user of the NextAgency Platform and for one (1) year following your termination date when you are no longer a licensed user of the NextAgency Platform.
There are times when Take 44 may share user information and content, including:
With consent, to comply with legal process, or to protect Take 44 and our users. When we have your consent or if we believe that disclosure is reasonably necessary to comply with a law, regulation or legal request; to protect the safety, rights, or property of the public, any person, or Take 44; or to detect, prevent, or otherwise address fraud, security or technical issues.
About you with your organization or System Administrator(s). We provide your name, email information, and other information to System Administrators so they know who within their organizations are authorized users of the NextAgency Platform. When you contact Take 44 for help in resolving a service we may need to share the issue with the System Administrator(s) of your NextAgency installation.
That is aggregated and non-identifiable. We may also share aggregated or non-personally identifiable information with our partners or others for business or research purposes. For example, we may publish information concerning the number of licensees using NextAgency.
Take 44 is committed to protecting the you enter into NextAgency service from loss, misuse, and unauthorized access or disclosure. When you enter sensitive information (such as sign-in credentials) we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it. However, no electronic or email transmission or digital storage mechanism is ever fully secure or error free
HIPAA Compliance: We also take steps to protect Personal Health Information (“PHI”) under the Health Insurance Privacy and Protection Act (“HIPAA”). As part of the Agency and user onboarding process you will be required to make us a Business Associate of your Agency under HIPAA. Our ability to protect PHI is limited to protecting the information on our service. Once it is transferred or made available to you, your agency, your clients or authorized third-parties you or they are responsible for protecting PHI.
Keeping Your Information Safe: We encrypt your data from the moment you login. We adhere to among the highest available encryption standards, 256-bit SSL encryption. Your data will be transferred with high-grade TLS and multi-layered encryption at rest with AES-128. Encryption keys are stored separately from your data.
Access to sensitive data requires multiple authentications and is restricted to authorized personnel performing specific tasks for our customers. When our personnel’s access to critical data is not required for the job duties, data available to them will be fully or partially redacted.
Data Monitoring: Our data security team reviews the security aspect of NextAgency on a daily basis to ensure your data is always secured. For additional oversight we maintain a real-time access log of all data and changes made by admins, clients, employees and our automated system.