EBM EXCLUDED DATA POLICY

Date: 07/21/2023

EBM has DOES NOT allow Customers to store or upload information in its Software or platforms that: a) includes information that can be used to identify or (other than name and email address) contact a specific individual, b) contains protected health information (as defined by the U.S. HIPAA Privacy Rule), including medical records and other individually identifiable health information, or c) that includes information that can identify a financial account of a specific individual, including telephone number, date of birth, social security number, or account number of any such person’s savings, checking, credit card, brokerage or similar financial account (collectively, the “Excluded Data”).

1. Excluded Data – Customer Obligations:

By using EBM Software or platforms, Customer agrees that it will:

• Not store or download any Excluded Data on EBM’s Software or Platforms.
• Not encourage its employees to store or upload any Excluded Data on EBM’s Software or Platforms.
• Contact EBM if Customer determines it has stored or uploaded Excluded Data on the EBM’s system in the course of its use of the Software in accordance with the Agreement or otherwise, so the parties can work together to remove the Excluded Data from EBM’s Software or platforms within forty-eight (48) hours.

2. Excluded Data – EBM Obligations:

If EBM discovers that the Customer is storing or uploading Excluded Data into EBM’s Software or platforms, EBM will contact the Customer and provide Customer with forty-eight (48) hours to remove the Excluded Data before EBM deletes the Excluded Data from its Software or platforms.

3. Excluded Data Liability:

Customer agrees that it is liable for any Excluded Data or other data that it stores or uploads in or onto the EBM Software or platforms.  EBM will not be liable to Customer, or any other party harmed by such Excluded Data being stored on EBM’s systems by the Customer.