Privacy

Privacy Policy

Last Revised: May 12, 2026

Please read this Privacy Notice carefully. This Privacy Notice describes the data collection, use, protection, and privacy practices of MaintainX Inc. (hereinafter, “MaintainX”, “we”, “our” or “us”) with respect to information and data we may collect about you in connection with our products, services, and business.  If you have any questions, comments, or concerns regarding this Privacy Notice and/or our data practices, please see 18. HOW TO CONTACT US.

If you're a resident of California or visiting us from the European Economic Area ("EEA"), Switzerland, or United Kingdom (“UK”), you should read the applicable sections below for specific rights applicable to California (15. CALIFORNIA PRIVACY RIGHTS) and the EEA, Switzerland and UK. (16. ADDITIONAL RIGHTS FOR EEA, SWITZERLAND, AND UK)

BY ACCESSING OR USING ANY OF OUR SERVICES (AS DEFINED BELOW), OR SUBMITTING INFORMATION IN CONNECTION WITH YOUR USE OF ANY OF OUR SERVICES, YOU ACKNOWLEDGE AND AGREE THAT YOU HAVE READ THIS PRIVACY NOTICE.

Table of Contents

1. MaintainX’s Services and Scope of Privacy Notice

2. Important Note Regarding Information Controlled by our Customers

3. Changes to this Privacy Notice

4. Information We Collect

5. Children’s Privacy

6. Sensitive Data

7. MaintainX’s Purposes for Collecting and Using Personal Data

8. Sharing Personal Data

9. Marketing Communications

10. Your Choices

11. Data Retention

12. Data Security and Protection

13. Third Party Social Media Plug-Ins

14. External Websites

15. California Privacy Rights

16. Additional Rights for EEA, Switzerland and UK

17 International Transfers

18. How to Contact Us

1. MaintainX’s Services and Scope of Privacy Notice

MaintainX’s Services

  • our business and corporate “Website” located at www.getmaintainx.com, including, its subdomains, and any other websites that include an authorized link to this Privacy Notice; and
  • our computerized maintenance and management software as a service platform that we make available online through our Websites and through one or more mobile applications (the “MaintainX Service”).

When we refer to the “Services” throughout this Privacy Notice, we mean, collectively, the Websites, the MaintainX Service, and any other products, websites, services, and/or applications provided by us and that include a link and/or reference to this Privacy Notice, and any related services and/or new features and/or functionality provided by us through or in connection with any of the foregoing.

The term “personal data” means any information about an individual from which that person may be identified. For example, it may include a person’s name, telephone number, email address, IP Address, or other unique identifiers. It does not include data from which the identity of an individual has been definitively removed along with any identifiers connected to such individual (also known as anonymous or anonymized data or de-identified data).

Please note, our Services are designed for businesses and their representatives, and we do not offer products or services directly to or for use by individuals for their personal, family or household purposes.

Scope of this Privacy Notice

This Privacy Notice applies to personal data that may be collected, received, and processed in connection with the use of our Services by:

  • Individual “Visitors” browsing or using our Websites or who interact with us through any pages or feeds of our accounts on any social media sites or platforms, such as through LinkedIn, Twitter, and/or any Meta platforms (“Social Media Platforms”).
  • MaintainX’s “Customers” who purchased access to the MaintainX Service or other Services pursuant to MaintainX’s Terms of Service or other agreement entered into by MaintainX and the Customer for use of the applicable Services (the “Customer Agreement”).
  • The employees, contractors, or agents of a Customer who have been authorized to access or use the Services on behalf of the Customer (hereinafter, “Authorized Users”).

2. Important Note Regarding Information Controlled by Our Customers

If you are an Authorized User of a Customer, please be aware that certain personal data and other information you provide, submit, and/or upload in connection with the Services as an Authorized User, is collected and processed by MaintainX on behalf of the applicable Customer pursuant to the applicable Customer Agreement as the “data processor” or “service provider” for such Customer who is the “data controller” or “business.”

Each Customer determines its own policies for handling personal data, and if you are an Authorized User, you are responsible for reviewing such policies, including any privacy policies, of the applicable Customer.  If you have inquiries regarding how a Customer processes your personal data or if you wish to submit a data rights request, as applicable under relevant data protection law, please contact the applicable Customer.  Please note that if you submit any such request to us, we will forward it to the applicable Customer.

3. Changes to This Privacy Notice

MaintainX reserves the right to update or modify this Privacy Notice at any time.  We will provide notice of any such changes to the Privacy Notice as required by any applicable Customer Agreement or applicable law. The date this Privacy Notice was last updated is identified at the top of the page. We will notify you of changes to this Privacy Notice by updating the “last revised” date and posting the updated Privacy Notice on the Website. We may email or otherwise communicate reminders about this Privacy Notice, but you should check our Services periodically to see the current Privacy Notice and any changes we have made to it.

If you do not agree to any updates or modifications to the Privacy Notice, cease all use of the Services.  Continued use of the Services by you, or any of your Authorized Users if you are a Customer, after the applicable effective date of the revised Privacy Notice, signifies to us that you acknowledge and agree to be bound by the revised Privacy Notice.

4. Information We Collect

The personal data we collect in connection with the use of the Services depends on how and why you use the Services.  For instance, the information that we may process about Visitors is more limited than the information we may process if you are a Customer or Authorized User.

4a. Information Provided Directly to MaintainX by Users of our Services

  • Contact Information:  We may collect contact information, such as your first and last name, phone number, email address and/or mailing address, when you register an account to use the Services (an “Account”), sign-up to receive our marketing communications and/or newsletters, or participate in one of our promotions or giveaways (“Promotions”).
  • Account Registration & Profile Information:  When you register an Account for the Services, we will collect the contact information as described above, and may collect other Account profile information regarding your position or access of the Services as an Authorized User of a Customer as an employee, service repair person, contractor, or agent.
  • Login Credentials:  When you login to your Account as a registered user, we collect your username, password and/or other login credentials.
  • Payment Transaction Information:  If you purchase a subscription to access the Services, our third-party PCI-compliant payment processors will collect certain payment and transaction information, such as your credit card, bank account information.  MaintainX does not directly collect or store any payment information.  Payment transaction information is processed and stored exclusively by our third-party PCI-compliant payment processors, in accordance with their terms of service and privacy policies and statements, on our behalf in order to collect fees payable by you in connection with your use of the Services.  The information provided to MaintainX only includes partial payment or credit card information, and limited transaction information.
  • Surveys, Feedback, Communications & Support:  We collect the information, data, content, documents and/or materials you provide to us when you fill out forms, answer surveys, or contact us (such as your feedback, requests for support, or other communications with us).
  • Usage Information: We collect Usage Information as described below in the Section titled 4b. Information Collected Automatically.

Please be advised that we may ask you to update your information from time to time in order to keep it accurate.  Additionally, if you provide personal data to us about someone else, you must ensure that you are entitled to disclose that information to us and, without us having to take any further steps required by data protection laws, that we may collect, use and disclose such information for the purposes described in this Privacy Notice. For example, you should ensure the individual concerned is aware of the terms detailed in this Privacy Notice and that they have not objected or do not object to you sharing their information with us.

4b. Information Collected Automatically

We and/or our authorized third-party Service Providers (as defined below) or agents automatically collect technical and/or analytics information, using the cookies and similar technologies as described in Section 8 below, about how users use and/or interact with the Services (collectively, “Usage Information”), which may include (but is not necessarily limited to) identifiers, commercial information, and internet activity information such as IP address (or proxy server), information about the device and/or platform (e.g., iOS or Android) used by you to interact with and/or access the Services, mobile device number, device and application information, device event information, crash data, and log files and data, identification numbers and features, your approximate location (as determined through your IP address), browser type, plug-ins, integrations, Internet service provider or mobile carrier, the pages and files viewed, website and webpage interactions including searches and other actions you take, websites, apps and/or ads that referred you to the Website, advertising and language preferences, operating system type and version, system configuration information, date and time stamps associated with your usage, and frequency of visits to the Websites, and details of which of our products and product versions you are using.

4c. Information Collected from Third Parties or Sources Outside the Services

In some instances, we process personal data from third parties, which consists of:

  • Our Customers:  If you are an Authorized User, we may receive personal data about you from our Customers.
  • Service Providers: We receive information from third parties that provide services to us that help us in the operation, provision, administration and management of the Services (“Service Providers”), such as our cloud or hosting service providers, customer support providers, and our analytics providers.
  • Third Party Integrations:  If you interact with and/or use third-party services, platforms, or other online tools that integrate with or connect to the Services (collectively, “Third Party Integrations”), we may receive personal data in connection with your use of such Third Party Integrations.
  • Marketing and Advertising Providers: We may receive information from entities who perform advertising and/or marketing functions for MaintainX, which may include, but is not necessarily limited to, business contact information included in potential customer and/or lead lists we may receive.
  • Other Third Parties & Sources:  We may receive data and information from third party partners, and/or other data licensors and/or providers that we have a relationship with, and/or information collected from publicly available sources, such as online business profiles, social media accounts, and/or webpages, which may include your name, or a publicly available business address, and related activity on such profiles, social media accounts, and/or webpages.
  • Social Media Interactions:  If you interact with us through any Social Media Platforms, we may collect information such as your name, username, demographic information, contact information such as email address, location, interests, and publicly posted data such as your social media activity.

4d. Cookies & Similar Technologies; Targeted Advertising

We or third parties with whom we work may collect certain information by automated means using cookies and/or similar technologies such as, web beacons, embedded scripts, pixels, and browser analysis tools (collectively, “Cookies”). Cookies collect information such as Usage Information. If you do not allow functional cookies then some or all services may not function properly.  For more information on our use of these technologies, see our Cookie Policy.  

When you interact with the Services, there are third parties that may use automatic collection technologies to collect information about you or your device. These third parties may include:

  • Advertisers, ad networks, and ad servers, such as Amazon, Google, Bing, LinkedIn, and Meta.
  • Analytics companies, such as Google Analytics (as further described below).
  • Your device manufacturer.
  • Your internet or mobile service provider.

These third parties may use tracking technologies to collect information about you when you use the Services. The information they collect may be associated with your personal data or they may collect information, including personal data, about your online activities over time and across different websites, apps, platforms, and other online services. They may use this information to provide you with interest-based (behavioral) advertising or other targeted content.

We do not control these third parties' tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly.

Some of our websites use Google Analytics, a service provided by Google Inc., which uses cookies to find out how visitors use our website. To learn how Google Analytics collects and processes data, please visit: “How Google uses data when you use our partners’ sites or apps” located at www.google.com/policies/privacy/partners.  You can opt out of Google Analytics by downloading, installing, and enabling the Google Analytics’ Opt-out Browser Add-on, which can be found at https://tools.google.com/dlpage/gaoptout/.  For more information on our and/or third-party advertising partners’ use of these targeting & advertising cookies and similar technologies, please see our Cookie Policy.

When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email or online profiles. We (or service providers on our behalf) may then send communications and marketing to these emails or profiles. You may opt out of receiving this advertising by visiting: https://warmly.ai/p/do-not-sell-share-my-data.

We also may access the Claritas Identity Graph to obtain information about you.  If you wish to have your information deleted from the Claritas Identity Graph, please make your request at https://privacyportal.onetrust.com/webform/68582716-6ce4-4f6e-bf08-78371b5f3292/6c7dc52d-0e2b-481f-9256-0755179e3783.

4e. Aggregated Data and De-Identified Data

We may aggregate or de-identify personal data so that it may no longer be used to identify you and use such information to analyze the effectiveness of our Services, to improve and add features to our Services, to conduct research, and for other similar purposes.  With the personal data (including, Usage Information) collected by us, we process “Aggregated Data”, such as statistical or demographic data and analyses of the general behavior and characteristics of users of our Services.  From time to time, we may share Aggregated Data with third parties, publish such Aggregated Data, or make such Aggregated Data generally available.  We may collect Aggregated Data through the Services, through Cookies, and through other means described in this Privacy Notice.  Aggregated Data may be derived from personal data, but is not considered personal data under the law if it does not directly or indirectly reveal your identity.  If we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data, which will be processed in accordance with this Privacy Notice.  We will maintain and use de-identified information in anonymous or de-identified form and we will not attempt to reidentify the information, unless required by law.

5. Children's Privacy

MaintainX does not target the Services to persons under the age of 18, nor does MaintainX knowingly collect personal data of persons under the age of 18.  Therefore, we ask you not to provide us with personal data of persons under the age of 18.  If we learn that personal data of persons under the age of 18 has been collected on or through the Services, we will delete that information. We may also deactivate the account or otherwise terminate access to the Services.

6. Sensitive Data

MaintainX does not require you to provide any sensitive data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health and genetics, or biometric data to use the Services.

7. MaintainX’s Purposes for Collecting and Using Personal Data and Legal Basis

Generally, we process your personal data for one or more of the following legal bases:

  • Performance of a Contract:  In order to perform the Services and fulfill our obligations under the contract we are about to enter into or have entered into with you, or if you are an Authorized User, the Customer Agreement we have entered into with the relevant Customer. This may also include disclosure to the third parties who help us perform our obligations to you in connection with your use of the Services, such as hosting providers, and payment processors.
  • Legitimate Interests:  When it is reasonably necessary to achieve our legitimate business interests (or those of a third party), and your interests and fundamental rights do not override those interests. For example, for security purposes and protection against fraud.
  • Legal Obligations:  Where we need to comply with a legal or regulatory obligation.  For example, keeping records of our sales for tax compliance.
  • Vital Interests:  Where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
  • Consent:  Where you have given us specific consent to use your personal data in a specific purpose. Please note that where we rely solely on your consent for processing your personal data,  you have the right to withdraw your consent at any time.

More specifically, and depending on whether you are a Visitor, Customer, or Authorized User and how you use the Services, we and/or our Service Providers process personal data for the purposes and on the legal bases (in italics) as follows:

  • To host the Websites and the online aspects of the Services (legitimate interests, performance of a contract);
  • To perform and provide the Services to our Visitors and Customers and their Authorized Users, including, performing our obligations under our Customer Agreements (performance of a contract);
  • To enable Third Party Integrations that you use in connection with the Services (performance of a contract, legitimate interests);
  • To maintain, enable, upgrade, update, improve, and/or enhance the Services, and develop new features, functionality, and/or other products and services (performance of a contract, legitimate interests);
  • To conduct analytics related to the Services, such as to understand how they are being used and where improvements may be needed (legitimate interests);
  • To personalize our Services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit the Services (legitimate interests);
  • To provide customized advertisements, content, and information regarding our Services, where and as permitted under applicable law (for our legitimate business purposes, and with your prior consent where required by law);
  • To facilitate and administer our Promotions (performance of a contract);
  • Deliver direct marketing communications to you regarding our products and services that we may think are of interest to you (for our legitimate business purposes and with your prior consent where required by law);
  • Respond to your queries and requests, or otherwise communicate directly with you (performance of a contract, legitimate interests);
  • Detect any fraudulent or illegal activity against MaintainX, you, and our other users (legitimate interests);
  • To evaluate or participate in an actual or potential merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets (a “Business Transfer”)  (legitimate interests);
  • To keep you updated about changes to policies related to the Services (including this Privacy Notice) (performance of a contract, legitimate interests);
  • To comply with a legal or regulatory obligation (for example, keeping records of our sales for tax compliance) (compliance with a legal obligation); and Provide information to regulatory bodies when legally required, and only as outlined below in 8f. Legal Obligations and Security. (compliance with a legal obligation).

8. Sharing Personal Data

Aside from disclosing your information to those of our employees, contractors and agents who are authorized to process the information in order to provide the Services and who are committed to confidentiality, we disclose your personal data to third parties only as described below.

8a. Third-Party Service Providers

We share personal data with our Service Providers that help us in the operation, provision, administration and management of the Services, and to otherwise operate our business.  Depending on how you use the Services, the following categories of third parties collect or receive personal data on our behalf as our Service Providers:

  • Hosting providers,
  • Analytics providers,
  • Payment processing providers;
  • Providers of business operations and communication tools,
  • Other third-party service providers that help us provide features and functions for the Services (e.g., customer support providers), and
  • Professional service providers, such as auditors, lawyers, consultants, accountants and insurers.

For a list of all Service Providers we use, please contact us via email at privacy@getmaintainx.com. We require all Service Providers to respect the security of your personal data and to treat it in accordance with the law.

8b. Disclosures Directed by our Customers

We will share and disclose personal data of Authorized Users with the applicable Customer and otherwise in accordance with the Customer’s instructions, including any applicable terms in the Customer Agreement, and in compliance with applicable law and legal process.

If you are an Authorized User of a Customer, please contact the relevant Customer to learn more about how your information may be used, shared and/or disclosed by us on their behalf.

8c. Third Party Integrations

When you interact with and/or use Third Party Integrations, certain information may be shared between MaintainX and the provider of the applicable Third Party Integration.  Note that the Third Party Integrations you choose to interact with and/or use are not our service providers. The applicable providers of Third Party Integrations may use personal data differently than we do and we do not control their use of your personal data.  Please review the privacy notices for the Third Party Integrations.

8d. Business Transfers

We may also share data with third parties to whom we choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Notice.

8e. Affiliates and Subsidiaries

Personal data that we collect about you may be shared with the employees, contractors, and agents of MaintainX and our affiliated and subsidiary entities (“Affiliates”) who are involved in providing or improving the Services that we offer to you. We obligate the employees, contractors and agents of MaintainX and our Affiliates to ensure the security and confidentiality of your personal data and to act on that personal data only in a manner consistent with this Privacy Notice.

8f. Legal Obligations and Security

Regulatory and Government Bodies – Compliance with Law

We may disclose your information to regulatory agencies and official government bodies, as required to comply with or satisfy any laws, rules, or regulations applicable to MaintainX.

Required Disclosures – Responding to Legal Orders

If we are required to disclose personal data by law, such as pursuant to a subpoena, warrant or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States. Under such circumstances, unless prohibited by applicable law, we will attempt to provide you with prior notice that a request for your personal data has been made in order to give you an opportunity to object to the disclosure.  We will attempt to provide this notice by email, if you have given us an email address. However, government requests may include a court-granted non-disclosure order, which prohibits us from giving notice to the affected individual.  In cases where we receive a non-disclosure order, we will notify you when it has expired or once we are authorized to do so.

If you are an Authorized User, please consult with the relevant Customer to learn more about how they respond to requests for information pursuant to legal orders.

Exigent Circumstances & Enforcement/Protection of Our Rights

Your information, including the contents of all of your online communications in our Services and between you and MaintainX may be accessed and monitored as needed to provide our Service and may be disclosed to law enforcement, regulatory agencies, official government bodies, and other third parties, as we, in our sole discretion, believe necessary or appropriate:

  • To enforce our rights under our terms of use, terms of service, customer agreements and/or any other terms and conditions applicable to the use of the Services;
  • In connection with an investigation of fraud, intellectual property infringement, piracy or other unlawful activity or activity that may expose us or our affiliates, partners and/or agents to legal liability; and/or
  • If we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person.

8g. With Your Consent

There may be situations where you are asked to consent to share personal data with third parties for additional reasons not included in this Privacy Notice.  In such event, we will only share such personal data if we have received your prior consent and only for the purposes as listed in the request to share such information.

Except where otherwise required by applicable law, your consent for the use and/or disclosure of your personal data in specific situations will continue in full force and effect until you revoke that consent, which you may do by contacting us via email at privacy@getmaintainx.com.  For the avoidance of doubt, the revocation of consent shall only apply to the use of the information after our receipt and processing of such request (which we shall process promptly and in accordance with applicable law), and not to any use or disclosure prior to such revocation in compliance with your consent.

9. Marketing Communications

If you have not otherwise opted out (or with your consent where required by applicable law), or if you have opted in to receive direct marketing from us, we may use your personal data to send you marketing information about the MaintainX business, our Services, new product releases, new feature releases of the Services, and/or other products and services, that we think may interest you.  We carry out direct marketing by email and may also do so by physical mail.

If you no longer wish to receive marketing communications, you have the right at any time to opt out as further explained in 10. YOUR CHOICES.

10. Your Choices

10a. Accessing, Updating and Correcting Personal Data

If you have an Account, you can access, update, and correct certain personal data through the options in your Account.  If you do not have an Account, or you would like to access, update, and correct personal data not available through the options in your Account, please contact us via email at privacy@getmaintainx.com, and we will use reasonable efforts to correct and/or update such information.

Please note that if you are an Authorized User, any request to correct, access, update or delete your personal data will need to be directed to the applicable Customer.

Depending on your state or country of residence, you may have certain rights related to your personal data, including (but not limited to) those described in 15. CALIFORNIA PRIVACY RIGHTS or 16. ADDITIONAL RIGHTS FOR EEA, SWITZERLAND, AND UK. These include:

  • Access and Data Portability. You may confirm whether we process your personal data and access a copy of the personal data we process. To the extent feasible and required by law, data will be provided in a portable format.
  • Correction. You may request that we correct inaccuracies in your personal information that we maintain, taking into account the information’s nature and processing purpose.
  • Deletion. You may request that we delete personal data about you that we maintain, subject to certain exception under applicable law.
  • Opt Out of Using Personal Data for Targeted Advertising, Profiling, and Sales. If applicable, you may request that we do not use your personal information for these purposes.

The exact scope of these rights varies by jurisdiction. There are also several exceptions where we may not have an obligation to fulfill your request. We will not discriminate in response to any privacy requests you make.

In order to ensure that a request is genuine, we may need to take steps to verify your identity or the identity of an agent making a request on your behalf.

To exercise any of these rights, please email us at privacy@getmaintainx.com or call us at 510-495-0974.

If we cannot fulfill, or are permitted to decline, your request then we will alert you or your authorized agent. We may charge a reasonable fee to respond in certain circumstances where permissible under applicable law, such as if you have made several repetitive requests.

In certain situations, if we do not fulfill your request, you may appeal by contacting us through the methods described above.

10b. Direct Marketing

You may manage the receipt of marketing and non-transactional communications sent by email by clicking on the “unsubscribe” link located on the bottom of any of our marketing e-mails.

We will use commercially reasonable efforts to process such requests in a timely manner.  Note that you cannot opt out of receiving transactional e-mails or communications related to the Services (e.g., requests for support), which, for clarification, are not marketing communications.

10c. Cookies & Targeted Advertising

You can manage your cookie and tracking preferences as described in our Cookie Policy.

You can set your browser to refuse all or some browser cookies or other tracking technology files, or to alert you when these files are being sent. If you disable or refuse cookies or similar tracking files, some Services features may be inaccessible or not function properly. Some browsers include a "Do Not Track" (DNT) setting that can send a signal to the online services you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our Services may not respond to all browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described in this Privacy Notice and the Cookie Policy.

10d. SMS Messages

If at any time you wish to stop receiving SMS messages from us, you can opt out by texting STOP to opt-out.  Please note that the opt-out process may take up to 10 business days to become effective.  During this period, you may still receive SMS messages from us.

Once you have opted-out, we will not send you any more SMS messages.  We also will not sell or transfer your phone number to another party.

11. Data Retention

We keep the personal data described in this Privacy Notice for as long as reasonably necessary to fulfill the purposes described or for as otherwise legally permitted or required, such as maintaining the Services, operating our organization, complying with our legal obligations, resolving disputes, and for safety, security, and fraud prevention. This means that we consider our legal and business obligations, potential risks of harm, and nature of the information when deciding how long to retain personal data. At the end of the retention period, personal data will be deleted, destroyed, or deidentified.

If you are an Authorized User, contact the relevant Customer if you wish to request the removal of personal data under their control.

12. Data Security and Protection

We have put in place reasonable and appropriate security measures designed to prevent your personal data from being accidentally lost, altered, disclosed, used or accessed in an unauthorized way. For example, we may use encryption, firewalls, and password protection. In addition, we limit access to personal data to those employees, agents, contractors and the third parties who have a business need-to-know.  We also have procedures in place to deal with any suspected data security breach.

However, no method of transmission over the Internet, or method of electronic storage, is 100% secure, and while we take reasonable steps to provide secure services, by using the Services, you understand and assume the risks associated with your activities on the internet.

Additionally, we cannot control the actions of other users with whom you may choose to share your information. Further, even after information posted on the Services is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Services. To the fullest extent permitted under applicable law, we cannot and do not guarantee that information you post on or transmit to the Services will not be viewed by unauthorized persons.

13. Third Party Social Media Plug-ins

On or through the Services we may provide third-party “share” buttons which enable you to share certain content via social media sites (e.g., Facebook, Twitter, Instagram, YouTube, and LinkedIn).  These “share” buttons may function as web beacons when you interact with the button.  Please note that when you “share” using the buttons, you may send to the third party provider of the “share” button the information that you are viewing.  If you are not logged into your account with the third party provider, then the third party may not know your identity.  If you are logged in to your account with the third party, then the third party may be able to link information or actions about your interactions with the Services to your account with the applicable third party provider. Please refer to each third party’s privacy policies to learn more about its data practices.

14. External Websites

On or through the Services we may provide or make available, for informational purposes only, links to other websites or resources with which we do not have a contractual relationship and over which we do not have control (“External Websites”).  Such links do not constitute an endorsement by MaintainX of those External Websites, and are provided to you only as a convenience. By clicking on links to External Websites, the operators of the External Websites may collect your personal data. We are not responsible for the content or data collection practices of those External Websites, and your use of External Websites is subject to their respective terms of use and privacy policies.

If you download any of our mobile applications in connection with the Services, your app store (e.g., Apple App Store or Google Play) may collect certain information in connection with your use of the applications, including, without limitation, personal data, geolocational information, and other usage-based data. We have no control over the collection of such information by a third-party app store, and any such collection or use will be subject to that third party’s applicable privacy policies.

15. California Privacy Rights

This section applies only to residents of the State of California and generally describes how we collect, use, and disclose the personal information of California residents and their households that we receive both through the Services and through other methods, including offline (“California Personal Information”). This section supplements the rest of our Privacy Notice by providing certain additional information and describing certain rights that apply only to these individuals. It does not apply to information subject to applicable exceptions from the California Consumer Privacy Act of 2018 as amended from time to time (the “CCPA”), such as deidentified information.

15a. Categories of California Personal Information Collected and Processed

We may have collected and processed the following categories of California Personal Information regarding consumers within the last 12 months:

  • Identifiers such as your real name and email address.
  • Unique and online identifiers such as device identifiers, internet protocol addresses, cookie identifiers, beacon identifiers, pixel tags or mobile ad identifiers or similar technology, or other forms of persistent or probabilistic identifiers that can be used to identify a particular consumer or device.
  • Commercial information that identifies or could reasonably be linked to you, such as products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
  • Internet or other electronic network activity information that identifies or could reasonably be linked to you, such as browsing history, search history and information regarding an individual’s interaction with an internet website, application, or advertisement.
  • Geolocation information, such as your approximate location as derived from your IP address.
  • Professional or employment-related information, such as your employer, title, job responsibilities, and work history.
  • Personal information categories covered by the laws this section is intended to address, such as name, signature, address, telephone number, or financial information. Some personal information included in this category may overlap with other categories.

We may collect, use, disclose, or otherwise process the categories of California Personal Information described above, for one or more of the business purposes and commercial purposes described in 7. MAINTAINX’S PURPOSES FOR COLLECTING AND USING PERSONAL DATA. The categories of third parties to whom we disclose this information for a business purpose are described in 8. SHARING PERSONAL DATA. The period of time for which we retain this information is also described in 11. DATA RETENTION.  

15b. Sharing and Selling of California Personal Information

We do not sell your California Personal Information to third parties and have not sold it in the preceding 12 months. We may “share” your California Personal Information for cross-context behavioral advertising as described in 8. SHARING PERSONAL DATA.

We do not knowingly “sell” or “share” California Personal Information of children under 16 years of age.

15c. California Personal Information Rights and Choices

The CCPA provides consumers with specific rights regarding their California Personal Information. We have described these rights generally, without noting all applicable or potentially applicable limitations or exceptions. When you make a request, we may provide more detailed information regarding any legal requirements applicable to or your request and whether any exception or limitation applies.

  • Right to Access Specific California Personal Information. You have the right to request to receive certain information about our collection, use, and disclosure of your California Personal Information during the applicable time period for your request.
  • Right to Data Portability. You may request to receive a copy of your electronic California Personal Information in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another controller without hindrance.
  • Right to Deletion. Subject to certain exceptions, you have the right to request that we delete the California Personal Information that we collected about you.
  • Right to Correct Inaccuracies. You may request that we correct California Personal Information about you that is inaccurate (though we generally recommend first making any changes in your Account if you have one). We will take into account the nature of the California Personal Information and the purposes of our processing when we address your request.
  • Right of Non-Discrimination. You have a right to not receive discriminatory treatment for exercising your rights described above.

15d. Exercising Your Rights

To exercise the access, portability, deletion, or correction rights described above, please submit a request to us by either:

Only you, or an authorized agent that you authorize to act on your behalf, may make a verifiable consumer request related to your California Personal Information. We may mandate additional requirements for requests submitted through an authorized agent, such as requiring you to verify your identity directly with us or to directly confirm the authorized agent’s permission to act on your behalf.

Your request must provide information sufficient to permit us to reasonably verify you are the person about whom we collected California Personal Information, or an authorized agent (except for requests submitted via opt-out preference signal). In order to verify your request, we may ask you to provide information such as your first and last name, email address, mailing address, telephone number, or any other information necessary to verify your identity or that you are a representative of the person. Your request also must include sufficient detail for us to properly understand, evaluate, and respond to it. If we are not able to verify your request, we will contact you for more information.

16. Additional Rights for EEA, Switzerland, and UK

The European Union’s General Data Protection Regulation and certain other countries’ data protection laws provide certain rights for data subjects. If you are a resident of the EEA, Switzerland, the UK, or another country with data protection laws that provide for certain data subject rights, you may submit a request to exercise your rights.

We respond to all requests we receive from individuals wishing to exercise their data rights in accordance with applicable data protection laws.

Depending on your country of residence, your rights may include:

  • The right to be informed – that’s an obligation on us to inform you how we use your personal data (and that’s what we’re doing in this Privacy Notice);
  • The right of access – that’s a right to make what’s known as a ‘data subject access request’ for a copy of the personal data we hold about you;
  • The right to rectification – that’s a right to request that we correct personal data about you that may be incomplete or inaccurate (though we generally recommend first making any changes in your Account if you have one);
  • The right to erasure (also known as the ‘right to be forgotten’) – that’s where in certain circumstances you can ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it);
  • The right to restrict processing – that’s a right for you, in certain circumstances, to ask us to suspend processing personal data;
  • The right to data portability – that’s a right for you to ask us for a copy of your personal data in a common format (for example, a .csv file);
  • The right to object – that’s a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing); and
  • Rights in relation to automated decision-making and profiling – that’s a right you have for us to be transparent about any profiling we do, or any automated decision-making.
  • Withdraw Consent—that’s the right to revoke any consent you may have previously given us at any time, if we have collected and processed your personal data with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
  • File a complaint—that’s the right to file a complaint with a supervisory authority about our collection and processing of your personal data.

Exercising Your Rights

These rights are subject to certain rules around when you can exercise them. If you are located in the EEA, Switzerland or UK and wish to exercise any of the rights set out above, please contact us. (See 18. CONTACT US)

You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.

If you no longer wish to receive our marketing/promotional information, you may opt out as described in the 10. YOUR CHOICES section above.

Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to deal with your concerns before you approach the supervisory authority, so please contact us first. (See 18. CONTACT US)

Please note that if you are an Authorized User, we may forward your request to exercise your rights to the relevant Customer with respect to the information controlled by such Customer.

17. International Transfers

MaintainX is based in the United States. The personal data that we process is stored, hosted and processed on servers located in the United States.  Additionally, MaintainX operates globally and may transfer the personal data that we process to our other offices and to the third parties described above. These recipients may be situated outside of your country or regional area of residence and may process personal data outside of your country or regional area. In particular, information provided to us or collected by us likely will be transferred to and processed in the United States by us or our Affiliates and our respective agents and contractors. The data protection laws of the United States or other countries may not be as comprehensive or equivalent to those in your country of residence.

We rely on legally provided mechanisms to transfer personal data across borders where and as required under applicable law.

18. How to Contact Us

General Questions; Data Subject Requests:  If you have any questions about this Privacy Notice, including any requests to exercise your legal rights, please contact us as follows:

By email: privacy@getmaintainx.com; Subject Line: Privacy Request

By phone: Customer Service at 510-495-0974

By mail: MaintainX, Inc. Attn: MaintainX Privacy Request 382 NE 191st Street PMB 98008 Miami, FL 33179-3899

Security:  If you would like to report a security concern about any of our Services, please contact us at security@getmaintainx.com.

Previous Version

2024-08-19