Forgot your password?
Last Updated: April 14, 2022

We respect your privacy and are committed to protecting it through compliance with this Policy. This Policy applies to all Candex websites, products, and services. In particular, this Policy describes the type of information we may collect from you or that you may provide when you visit the website candex.com (our “Site”) and/or in order for us to provide you services, and explains how we use and protect that information, and choices you may make with respect to it.  You do not have to provide us with any Personal Data (defined below) to visit the Site. However, if you choose to withhold requested information, you may not be able to visit all sections of the Site and/or use all the features of the Site. When we refer to ourselves as “we”, “us”, “our”, “Company”, or “Candex”, we mean Candex Solutions, Inc. and all of its affiliates, successors, and assigns, worldwide.

Please read this Policy carefully. If you do not agree with this Policy, your choice is not to use our Site or services. By accessing or using this Site, you agree to this Policy.


INFORMATION COVERED UNDER THIS POLICY


This Policy applies to information we collect on the Site and all Candex applications or services which reference this Policy. It does not apply to information collected by us offline through any other means, including any other website(s) operated by us or any third party, or to information collected by any third party, including through any application or content that may link to or be accessible from the Site. Further, our Site may contain links to third party websites/content/services that are not owned or controlled by Candex. Collection and use of your information by the above-referenced third parties is subject to the applicable policies of those third parties. Candex is not responsible for how these third parties operate or treat your Personal Data (as defined below), so we recommend you read the privacy policies and terms associated with these third party properties carefully. 


INFORMATION WE COLLECT AND USE

We collect several types of information from and about users of our Site, including:

  • Information that you choose to provide, e.g., through registrations, online forms, applications and surveys, and in connection with your inquiries and business transactions. This may include information that identifies you or can be used to identify or contact you (e.g., your name, email address, address, or phone number), as well as banking or financial information ("Personal Data"). As part of the registration process for the Site, we request Personal Data including your name, business email address, business phone number, company affiliation, and job title. As part of using the services on the Site, you may also provide your business financial information, and business details, such as supplier diversity status.

  • Information we collect automatically as you use the Site, e.g., your IP address, the date and time you access the Site and other device identifiers, the browser software you use and your operating system, your browser settings, your mobile device type, and how you navigate our site. See also “Cookies and Other Tools” below.

  • Information we obtain legally from third parties, for example, through participation in conferences and events, individual introductions, from companies that use our Site or services, and from selected third-party business partners. We may also obtain Personal Data, such as corporate or business email addresses of prospective suppliers, in order to engage suppliers on behalf of buyers on the Site.

  • Information collected in accordance with applicable law from public sources, including data that you may publish outside of the Site.

HOW WE USE PERSONAL DATA

We may use your Personal Data for the following purposes:

To Serve You
  • To operate our business;
  • To deliver our products and services;
  • To authenticate the identity of users of our Site;
  • To facilitate and manage access to and use of our Site;
  • To process, complete, and fulfill your requested transactions;
  • To provide customer service and respond to requests or inquiries;
  • To communicate to you important information about updates to the Site or our services; and
  • To communicate with you about products, programs, services, and promotions that we believe may be of interest to you (see “Your Choices Regarding Marketing Communications” for more information on your choices regarding these communications).

To Improve Products and Services

We use information we collect, including Personal Data, for data analysis, to better understand how the Site is working, for fraud prevention, and to further develop and improve the Site and our products and services. 

Data Security and Transaction Monitoring


We use the information we collect to support and enhance our data security measures and to monitor transactions made through our Site, including for the purpose of preventing and mitigating the risks of fraud, error, or any illegal or prohibited activity. 

To Comply with Legal Requirements and for Other Legitimate Purposes

We may also use information we collect, including Personal Data, to comply with legal, regulatory, compliance, and contractual obligations. We may aggregate and/or de-identify Personal Data such that the end-product does not personally identify an individual user of the Site. We may use such aggregate information for any legitimate purpose.


WHERE WE PROCESS PERSONAL DATA

While privacy laws vary across jurisdictions, we are committed to protecting Personal Data in accordance with this Policy, customer industry standards, and the laws and regulations in applicable jurisdictions based on where we collect and process Personal Data.

We primarily store data in the European Union (EU). However, in order to perform services and in the ordinary course of business, we may transfer, store, and process data in any country where we have facilities or in which we engage service providers. For Personal Data that is subject to the European Union General Data Protection Regulation (GDPR), we use approved contractual transfer mechanisms as-needed, such as adequacy decisions, and Standard Contractual Clauses for transfers to locations outside the European Economic Area that do not have adequacy decisions, like the United States.

HOW WE SHARE PERSONAL DATA 

We share Personal Data as follows:

With Third-Party Service Providers. We may provide Personal Data to third-party service providers, who provide services to us, including but not limited to, website hosting, technical support, electronic communication services, data analysis, security, payment processing, sub-processing and other services.

With Other Users. Data you provide may be shared with other individuals or entities using the Site or considering use of the Site, in particular with individuals and/or entities with which you or your employer are transacting. Such data is shared as a means to facilitate the Site’s services and support the engagement, management, and payment of third-party suppliers. Canedex is not responsible and does not control any further disclosure, use, or monitoring by or on behalf of the users with whom you or your employer may transact.

Within Our Family of Companies or In Case of a Change of Control. Candex may transfer Personal Data among our affiliates for the purposes described in this Privacy Policy. In addition, should Candex or any affiliate undergo any change of control or ownership, including by means of merger, acquisition, or purchase of substantially all or part of its assets, or will be considered or found eligible for a governmental grant, Personal Data may be shared with the parties involved in such an event. If we believe that such an event might materially affect your Personal Data then-stored with us, we will notify you of this event and the choices you may have via email or prominent notice on our Site.

To Strategic Partners and Co-Branded Sites. From time to time, we may enter into a special relationship with another company that is not owned by or affiliated with Candex to provide or promote joint products, services, applications, or features (together, “Offered Items”). Information, including Personal Data, that you provide in connection with one of these Offered Items will be shared with our third-party partners. You should check these third parties’ websites for information regarding their privacy practices. PLEASE NOTE THAT THIS PRIVACY POLICY DOES NOT ADDRESS THE PRIVACY OR INFORMATION PRACTICES OF ANY THIRD PARTIES. If you do not want Personal Data about you shared with such third parties, please do not provide Personal Data in connection with the Offered Items.

For Promotions. We may share the Personal Data you provide with your explicit consent in connection with Promotions with third-party sponsors of such Promotions (irrespective of whether such Promotions are hosted by us), or otherwise in accordance with the rules applicable to those Promotions.  (see “Your Choices Regarding Marketing Communications” for more information on your choices regarding these communications).


To Comply with Law/Protect. We reserve the right to disclose your Personal Data as required by law, when we believe disclosure is necessary or appropriate to comply with a regulatory requirement, judicial proceeding, court order, government request, or legal process served on us, or to protect the safety, rights, or property of our customers, the public, Candex, or others. Furthermore, we may disclose your Personal Data to the extent necessary to enforce our Terms of Use, protect our operations or those of any affiliated entities, and enable us to pursue available remedies or limit the damages that we may sustain. For example, we may, to the fullest extent the law allows, disclose Personal Data about you to law enforcement agencies to assist them in identifying individuals who have been or may be engaged in unlawful activities.

For Additional Other Purposes. Candex may share your Personal Data in additional manners, pursuant to your explicit consent, or if we are legally obligated to do so, or if we have successfully rendered such data non-personal, non-identifiable, and anonymous.


COOKIES AND OTHER TOOLS 

Cookies. A cookie is a small text file that the Site saves on your computer or mobile device when you visit the Site. It enables the Site to remember your actions and preferences (such as login, language, font size, and other display preferences) over a period of time, so you do not have to keep re-entering them whenever you come back to the Site or browse from one page to another. Cookies may be either "persistent" cookies or "session" cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed. Cookies do not contain any Personal Data, but Personal Data may be linked to the information stored in and obtained from cookies. The cookies used by Candex include those necessary for access and security, that track usage (performance cookies) and remember your login (functionality cookies). You can control and/or delete cookies as you wish. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit the Site and some services and functionalities may not work. The Site has a “Cookie Policy” that applies to its use of cookies and other similar tracking technologies. The Cookie Policy will apply in addition to this Policy.
https://www.candex.com/signin/cookies

Tools. We and our service providers may also use various common Internet tools such as 'pixel tags,' ‘action tags,’ ‘web beacons,’ ‘.gif tags,’ 'JavaScript Tags', ‘session recordings’ or similar technologies (together, "Tools") in connection with Site pages and email messages in certain formats to, among other things, track the actions of Site users and email recipients, to determine the success of marketing campaigns and to compile statistics about Site usage and response rates. Tools allow us to count users who have visited certain pages of the Site, to deliver services, and to help determine the effectiveness of promotional or advertising campaigns. When used in email messages in certain formats, Tools can tell the sender whether and when the email has been opened. We use cookies and Tools to understand how the Site is used and to customize and enhance the user experience. When you revisit the Site, Candex  may recognize you by a Tool and customize your experience. For example, once you have completed the registration process, a cookie and/or Tool will be used to avoid having you register again. We believe cookies and Tools add value to the user experience.

Google Analytics. We use Google Analytics, which uses cookies and other similar technologies, to collect and analyze information about Site use and to report on activities and trends. You can learn about Google’s practices by going to https://policies.google.com/technologies/partner-sites, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

Verification. We may use third-party services to verify that you are a human user. Any information collected as part of such verification is subject to the privacy policy of the third-party service provider.

IP Addresses. When you visit and interact with the Site, we and our third-party service providers may collect Internet Protocol (IP) addresses. Your IP address is a number that is automatically assigned to the computer that you are using by your Internet Service Provider (ISP). This number is identified and logged automatically in our server log files whenever you visit the Site, along with the time(s) of your visit(s) and the page(s) that you visited. We use IP addresses to understand how the Site is used by our users, to improve the Site and to enhance the user experience of the Site. We may also derive your approximate location from your IP address.

YOUR CHOICES REGARDING MARKETING COMMUNICATIONS

We hope to provide you with advertising for products and services you need or want. However, we also strive to provide you with choices regarding the use of your Personal Data in connection with such communications.

If you no longer want to receive marketing-related communication from us on a going-forward basis, you may stop receiving these marketing-related emails by sending an email to notice@candex.com or by changing your preferences in the settings page of the Site at any time.

If you would prefer that we do not share your Personal Data on a going-forward basis with our affiliates or with unaffiliated third parties for their marketing purposes, you may cease this sharing by sending an email to notice@candex.com or by changing your preferences in the settings page of the Site at any time.

We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you exercise the second option as described above, we will not be able to remove your Personal Data from the databases of our affiliates or unaffiliated third parties with which we have already shared your Personal Data (i.e., to which we have already provided your Personal Data as of the date that we implement your request). Further, please note that requesting us not to share your Personal Data with affiliates or unaffiliated third parties may result in you no longer receiving any marketing communication from Candex. Please also note that if you choose not to receive marketing-related messages from us, we may still send you important administrative messages, and you cannot elect to stop receiving such administrative messages unless you choose to stop receiving services from us.

HOW YOU CAN ACCESS, CHANGE OR SUPPRESS YOUR PERSONAL DATA

If you would like to request to review, correct, update, suppress, delete or otherwise limit our use of your Personal Data that has been previously provided to us, or if you would like to request to receive an electronic copy of your Personal Data for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may: (a) make a request by contacting us using the information provided in the “Contact Us” below; or (b) change your preferences in the settings page of the Site at any time. We will respond to your request as soon as reasonably practicable and consistent with applicable law. For your protection, we may implement requests only with respect to the Personal Data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any business transactions that you began prior to requesting the change or deletion. There may also be residual information that will remain within our databases and other records, which will not be removed.

CHILDREN’S PRIVACY

This Site is not intended for minors under 18 years of age. We do not knowingly collect personal information from children under 18. If you are under 18, do not register on this Site or use or provide any information on this Site or through any of its features. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at notice@candex.com.


DATA CONTROLLER/PROCESSOR
Certain data protection laws and regulations, such as the GDPR, typically distinguish between two main roles for parties accessing Personal Data subject to those laws and regulations: the “Data Controller”, who determines the purposes and means of processing; and the “Data Processor”, who processes the Personal Data on behalf of the Data Controller. Candex 

Candex is both a Data Controller and Data Processor of user data. We process user data on behalf of buyers and sellers utilizing the Site, in accordance with their reasonable instructions in connection with their specific use of the Site and services, and as further stipulated in our agreements, as applicable, with such buyers and sellers. We also act as the Data Controller for buyer and seller data gathered by Candex for our own legitimate purposes. 

Candex is both a Data Controller and Data Processor of user and platform usage data. Such Personal Data is processed by Candex for its own purposes (as described above), as an independent Data Controller; whilst also processing certain portions of it on behalf of buyers and sellers, as their Data Processor.

Both Candex and buyers and sellers are responsible for meeting any legal requirements applicable to Data Controllers (such as establishing a legal basis for processing and responding to Data Subject Rights requests concerning the data they control). Where Candex processes Personal Data solely on behalf of a buyer or seller, we do so strictly in accordance with the buyer or seller’s reasonable instructions and as further stipulated in our Site Terms of Use

For the avoidance of doubt, each buyer and seller respectively is responsible for the security, integrity and authorized use of user’s information in their control, and for providing adequate notice to their users whose personal data may be processed – including sufficient reference to the processing of their personal data via the Site – and any other information necessary to comply with all applicable privacy and data protection laws; and to obtain all approvals and consents from such individuals as required under such laws.

DATA SECURITY AND INTEGRITY

Candex uses organizational and technical measures to protect Personal Data within our organization from loss, misuse, or unauthorized access, disclosure, alteration or destruction. We believe the measures we take provide sound industry standard security, confirmed by Candex’s ISO27001 compliance certification. Please note, however, that regardless of our continuous efforts to protect your data and maintain a secure and reliable Site for users, no site is 100% secure, so we do not guarantee that your Personal Data will be secure from theft, loss, or unauthorized access or use, and we make no representation as to the reasonableness, efficacy, or appropriateness of the measures we use to safeguard such data. Users are responsible for maintaining the secrecy of their own account information, including in particular passwords, and we ask that you not send us, and you not disclose, any sensitive Personal Data, for example, information related to racial or ethnic origin, political opinions, religious or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership on or through this Site or otherwise unless necessary.

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please notify us of the problem immediately by contacting us at security@candex.com or through the information provided below in "Contact Us."


RETENTION PERIOD

We will retain Personal Data about you for as long as needed or permitted in light of the purpose(s) for which it was obtained and consistent with applicable law. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you; (ii) whether there is a legal obligation to which we are subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to enforcement of the Site Terms of Use or other commercial contracts, applicable statutes of limitations, litigation or regulatory investigations).

Please note that except as required by applicable law or our specific agreements with you, we will not be obligated to retain your Personal Data for any particular period, and we are free to securely delete it or restrict access to it for any reason and at any time, with or without notice to you.


CONTACT US

Questions or concerns regarding our data protection practices should be addressed to:

Privacy Department
Candex Solutions, Inc.
420 Lexington Avenue Suite 300
New York, NY 10170
Phone: +1 215 650-3214
E-mail: notice@candex.com

If you choose to contact us via email about this Policy, please mark the subject heading of your email “Privacy Inquiry.”

In the EEA, you also may file a complaint with the data protection authority for your country or region or where an alleged violation of applicable data protection law occurs.

UPDATES TO THIS POLICY

We may update this Policy from time to time as we deem necessary in our sole discretion. We will provide notification of any material changes to this Policy through the Site or as otherwise required by applicable law. We encourage you to review this Policy periodically to be informed regarding how we are using and protecting your information and to be aware of any changes. Your continued relationship with Candex after the posting or notice of any amended Policy shall constitute your agreement to be bound by any such changes. Any changes to this Policy take effect immediately after being posted or otherwise provided by us.



Thank you for your interest in Candex. Someone will be in touch with you to schedule a demonstration.