RIVIO PRIVACY STATEMENT


AICPA SOC
GDPR
TRUSTe
TRUSTe

Effective on: March 15, 2024

General Information

This privacy statement applies to www.RIVIO.com owned and operated by RIVIO LLC. This privacy statement describes the types of information RIVIO LLC ("RIVIO," "we," or "us") or our service providers collect from or about visitors to or users of our website: www.RIVIO.com (the "Site"). It also explains our practices for using, retaining, protecting, disclosing, and transferring such information and the choices available to you regarding your personal information and how you can access and update this information. This privacy statement has been organized by topic to clearly explain our practices:

  • Personal and other information collected through the Site
  • How RIVIO uses and retains your information
  • Collection of information using cookies and other online tracking tools
  • Collection and use of third-party personal information
  • With whom RIVIO shares your personal information
  • Transfer of personal data internationally
  • EU-U.S. Data Privacy Framework and Swiss-U.S. Data Privacy Framework
  • Independent recourse mechanism for privacy policy complaints
  • Security of your personal information
  • Right to access and correct your personal information
  • Opt-out preferences
  • Data disposal
  • Links to non-RIVIO websites and services
  • Questions about this privacy statement
  • Changes to this privacy statement

Personal and Other Information Collected Through the Site

For purposes of this Privacy Statement, “personal information” or “personal data” means information that relates to an identified or identifiable individual.

Information You Voluntarily Provide Us

While you interact as a visitor or user of our site, we may ask, or you may volunteer, certain personal information such as your name, address, telephone number, e-mail address, user IDs and passwords, billing and transaction information, credit card or other financial information, contact preferences, employment information, professional credentials, board membership and licensing information, and similar information provided; however that personal information does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.

Information We Collect Automatically

We also may collect information that is related to you but that does not personally identify you, such as your computer’s operating system, browser, and information regarding your use of and activities on our websites or applications. All such collected information is used only for the conduct of the provision of our service. See also the discussion below on cookies and other electronic tools used for the collection of such information.

How RIVIO Uses and Retains Your Information

RIVIO uses information that we collect from or about you, including any personal information for the following purposes:

  • to welcome you to the Site;
  • to help you complete a transaction or in order to deliver services requested by you;
  • to bill you for services you ordered;
  • to set up a profile for your use of the Site;
  • to provide ongoing service and support;
  • to carry out our obligations or enforce our rights arising from any contracts entered into between you and us;
  • to notify you about changes to our websites or applications, or any products or services we offer or provide through them;
  • to improve our websites, applications, services, and products, including by developing data analytics and reports about your and others’ use of them;
  • to contact you to complete surveys that we use for marketing or quality assurance purposes;
  • to e-mail or otherwise send you marketing or other promotional information about RIVIO’s, our affiliates, or third parties’ products or services that may interest you;
  • to combat fraud or any other criminal activity;
  • to comply with a subpoena, warrant, court order, or other legal process;
  • in any other way we may describe when you provide the information or with your consent; and/or
  • as otherwise required or permitted by law.

To assist us with the uses described in this Privacy Statement, information we or our service providers have collected from or about you may be combined with or enhanced by other information from or about you that we have obtained from other online or offline sources, including from our service providers or business partners, such as the AICPA membership databases. Examples of the types of personal information that may be obtained from other online or offline sources and combined with information we already have about you, may include purchased marketing data about our customers, for the purposes as illustrated above.

We will retain your information for as long as your account is active or as needed to provide you services after which it will be deleted or archived except to the extent that it is necessary for us to continue to comply with legal obligations, resolve disputes, and enforce our agreements. If you wish to cancel your account or request that we no longer use your information to provide you services, contact us at Customer.Support@RIVIO.com. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Co-branding Relationship

RIVIO is a LLC which has both CPA.com and Biz2Credit as its only members. Personal data collected on RIVIO will be shared between the two organizations for the purpose of uses described in this privacy statement.

We may offer some services in connection with a third party via a co-branded webpage, such as for bill payment, and validation. Where you have provided personal information on a webpage that is controlled by the co-branding party, then that personal information is available to the co-branding partner and not to us. We encourage you to consult the co-branding partner’s privacy policy to ensure that you understand how it intends to use your information and how you may exercise control over it.

Collection of Information Using Cookies and Other Online Tracking Tools

Technologies, such as cookies, are used by RIVIO and partners, affiliates, or analytics or service providers. These technologies are used in analyzing trends, administering the Site, tracking users’ movements around the Site, and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

We use cookies for our shopping cart, to remember users’ settings (e.g. language preference), and for authentication. Users can control the use of cookies at the individual browser level. If you disable cookies, you may still use our Site, but you may not be able to access some features or functions, such as contests or surveys.

Our service providers use cookies to track high level usage statistics such as the number of distinct users visiting the site and the traffic source by which users arrived.

As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, the information viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data. We do not link this automatically collected data to other information we collect about you.

RIVIO will not sell or disclose your information to third parties for monetary or other valuable consideration.

Collection and Use of Third-Party Personal Information

You may also provide personal information about other people, such as their first and last name and email address. This information is only used for the sole purpose of completing your request or for whatever reason may have been provided. You must not provide the personal information of another person to us for any reason unless you have the right to do so.

We share our customers’ concern that children’s privacy is important. However, we do not monitor the age of users of the website and do not intentionally collect information from children under the age of 13. If you are under the age of 13, you should not submit personal information on this website.

With Whom RIVIO Shares Your Information

We will share your personal information with third parties only in the ways that are described in this privacy statement

RIVIO contracts with third-party service providers and suppliers (including distributors and resellers) to deliver certain products, services, and customer solutions. Examples of such services provided on our behalf are mail delivery, website hosting, transaction processing, and processing payments. RIVIO shares your personal information with its service providers and suppliers only to the extent necessary to deliver the product or service you requested, respond to your requests for information on products or services, or otherwise support your business needs. You will not have the opportunity to opt out of having your information shared with these third-party service providers and suppliers for these purposes, and they may contact you directly in connection with such purposes. Third-party service providers and suppliers receiving personal information are expected to maintain privacy and security protections that are consistent with RIVIO’s privacy and information security policies. These companies are authorized to use your personal information only for the purposes for which it was originally intended or as required by law. However, unless otherwise dictated by law or agreement, RIVIO is not responsible for any improper use by such parties.

Some of our pages utilize framing techniques to serve content to/from our partners while preserving the look and feel of our website. Please be aware that you are providing your personal information to these third parties and not to RIVIO.

We may also disclose your personal information and other information, including across country borders:

  • to our subsidiaries, affiliates, and worldwide offices related by common ownership or control to carry out regular business activities, such as to provide, maintain and personalize our sites and services, to communicate with you, and to accomplish our legitimate business purposes, pursuant to contractual safeguards;
  • in certain situations, RIVIO may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements;
  • to comply with the law or in response to a subpoena, court order, law enforcement or government request, or other legal process;
  • to produce relevant documents or information in connection with litigation, arbitration, mediation, adjudication, government or internal investigations, or other legal or administrative proceedings;
  • if RIVIO determines in its good-faith judgment that such disclosure is necessary to provide its services or to protect the rights, interests, safety, or property of its business, employees, suppliers, customers, or others;
  • in connection with any proposed or actual sale or other transfer of some or all assets of RIVIO, and/or any proposed or actual sale or merger of RIVIO or any division of RIVIO (in this event, we will notify you via email and/or a notice on our Site of any change in ownership;
  • to enforce the terms of any agreement with RIVIO;
  • to combat fraud or other criminal activity;
  • for any other purpose disclosed by us when you provide the information or with your consent; and/or
  • as otherwise required or permitted by law.

We may disclose information that does not constitute personal information (e.g., non-personal, aggregated data) without restriction.

Transfer of Personal Data Internationally

By providing us with your personal data, you acknowledge and agree that we may from time-to-time transfer any of your personal data to any of our offices or to the offices of any of our affiliates, agents, or appointed representatives located around the world. We have implemented appropriate safeguards for transfers of personal information originating from the European Economic Area (EEA) to countries located outside of the EEA. These safeguards include utilizing standard contractual clauses or written agreements, the European Commission’s adequacy decisions, and transferring personal data with your consent. Please do not submit any personal data to us if you do not wish for your data to be transferred internationally.

EU-U.S. Data Privacy Framework with UK Extension and Swiss-U.S. Data Privacy Framework

RIVIO LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. RIVIO LLC has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. RIVIO LLC has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov.

RIVIO LLC is responsible for the processing of personal data it receives, under the EU-U.S. DPF and Swiss-U.S. DPF, and subsequently transfers to a third party acting as an agent on its behalf. RIVIO LLC complies with the EU-U.S. DPF and Swiss-U.S. DPF Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, RIVIO LLC commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. These dispute resolution services are provided at no cost to you.

For complaints regarding EU-U.S. DPF and Swiss-U.S. DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2

Independent Recourse Mechanism for Privacy Policy Complaints

In compliance with the Privacy Policy, RIVIO LLC commits to resolve complaints about our collection or use of your personal information. EU, Swiss, and UK individuals with inquiries or complaints regarding our Privacy Policy should first contact RIVIO LLC at:

Customer.Support@RIVIO.com

You can also contact our Data Protection Officer (DPO):

DPO@RIVIO.com

Please refer to the section above for the 3rd party dispute resolution provider, TRUSTE, designated to address complaints and provide appropriate recourse free of charge.

In providing our services, data will be processed on behalf of the users of our services in relation to personal data that is processed using the service, in which case the relevant personal data will be processed only for the purpose(s) of providing the service and otherwise in accordance with our agreement with the users and the regulations that apply to us.

Legal Basis for Personal Data Processing

Collecting, processing, and using personal data by RIVIO and third-party service providers occurs under the following legal bases:

  • Legitimate Interest – User validation and transactional confirmation activities including authorization, user access permissions, user account management, core site communications, and customer support.

Automated Decisions

Personal data processed by RIVIO and third-party service providers is never used to make automated decisions that would have negative consequences for its data subjects.

Supervisory Authority

The appropriate supervisory authorities in the EU, United Kingdom, and Switzerland can provide further information about your rights and our obligations in relation to personal data, as well as to address any complaints that you have about our processing of your personal data. If you are a resident of an EU member state, a list of supervisory authorities may be found here: https://edpb.europa.eu/about-edpb/board/members_en. If you are a resident of the United Kingdom, the supervisory authority is the Information Commissioner’s Office: https://ico.org.uk/. If you are a resident of Switzerland, the supervisory authority is the Federal Data Protection and Information Commissioner (FDPIC): https://www.edoeb.admin.ch/edoeb/en/home.html.

Representative for data subjects in the EU

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website https://prighter.com/q/19615218887

Security of Your Personal Information

RIVIO has implemented reasonable and appropriate administrative, technical, and physical measures designed to protect your personal information from accidental loss and from unauthorized access, disclosure, use, alteration, or destruction. When you provide us with credit card information via the Site, we will protect that information consistent with industry security standards. Because no method of transmission over the Internet, nor method of electronic storage, is 100% secure, we cannot guarantee the absolute security of information you provide through the Site. If you have questions regarding our security, you can contact us via Customer.Support@RIVIO.com.

Right to Access and Correct Your Personal Information

Upon request RIVIO will provide you with information about whether we hold any of your personal information. You are responsible for maintaining the accuracy of the information you provide to us. You can access and make changes to certain personal information by logging in to your account through our website and updating information on your "My Account" page, or contact us to update your “Company Profile” or “email address.” We will provide you with reasonable access to your personal information in accordance with relevant laws, including by making reasonable efforts to provide you with online access and the opportunity to update your information. To protect your privacy and security, we will take steps to verify your identity before granting access or making changes to your personal information. You may access, delete, correct, and restrict processing of your personal information by using the “User Profile” tab within the Site or by emailing our Customer Support at Customer.Support@RIVIO.com. We will respond to your request within a reasonable timeframe.

Opt-out Preferences

When you register for an account, we will use your name and email address to send periodic emails to you of both promotional and transactional in nature. You may choose to stop receiving promotional emails by following the unsubscribe instructions included in these emails or you can contact us at Customer.Support@RIVIO.com.

We will also send you services-related email announcements, such as to notify you of changes to our service or if our service is temporarily suspended for maintenance. You may not opt out of these emails, which are not promotional in nature.

Data Disposal

RIVIO will honor client requests to remove personal information from its data center and from any billing account data stored for future transactions which was provided to RIVIO. The process utilized by RIVIO removes names, addresses, and organizational information. RIVIO’s disposal process includes data removal from Data Center production databases. RIVIO’s Data Disposal service requires a request in writing from the client. Thirty days are needed to complete a full data disposal project.

Links to Non-RIVIO Websites and Applications

Our Site includes links to other websites whose privacy practices may differ from those of RIVIO. This Privacy Statement does not apply to any other website, and if you submit personal information to any of those sites, that information is governed by their privacy policies. We encourage you to carefully read the privacy statement of any website you visit.

Questions About this Privacy Statement

If you have any questions or comments regarding our Privacy Statement, please contact us at:

RIVIO LLC
Customer.Support@RIVIO.com
1345 6th Avenue
27th Floor
New York, NY 10019

or

RIVIO LLC
Customer.Support@RIVIO.com
PO BOX 4836
New York, NY 10185

Changes to this Privacy Statement

RIVIO will review and consider updating this Privacy Statement on a minimum of an annual basis, and will note the date of its most recent revision above. If we make material changes to this Privacy Statement, we will notify you either by prominently posting a notice of such changes prior to implementing the changes or by directly sending you a notification, which may be sent by email. We encourage you to review this Privacy Statement frequently to be informed of how RIVIO is collecting, using, retaining, protecting, disclosing, and transferring your information.