Information We Collect
Understanding what information we collect and how we use it
Personal Information
Contact Information:
- Full name and preferred name
- Email address
- Phone numbers (mobile and business)
- Mailing and service addresses
- Emergency contact information
Identification Information:
- Government-issued photo ID details
- Driver's license or passport information
- Date of birth (when required for notarization)
- Signature samples
- Biometric data (thumbprints for certain notarizations)
Business Information
Professional Details:
- Company name and business address
- Job title and professional role
- Business license information
- Tax identification numbers (when applicable)
- Professional certifications
Service-Related Information:
- Document types and purposes
- Service preferences and special requirements
- Scheduling preferences and availability
- Payment information and billing details
- Service history and interaction records
| Information Type | Collection Method | Purpose | Retention Period |
|---|---|---|---|
| Contact Information | Forms, Phone, Email | Service delivery, communication | 7 years (business records) |
| Identification Data | In-person verification, RON | Identity verification, legal compliance | 10 years (notary journal) |
| Document Information | Service provision | Notarization, legal records | 10 years (NJ law requirement) |
| Payment Data | QuickBooks, payment processors | Billing, financial records | 7 years (tax requirements) |
| RON Recordings | BlueNotary platform | Legal compliance, verification | 10 years (NJ P.L.2021, c.179) |
Remote Online Notarization (RON) Privacy
Special privacy considerations for RON services
RON Session Data
What We Record:
- Audio/Video Recording: Complete RON session from start to finish
- Identity Verification: Credential analysis and knowledge-based authentication
- Digital Signatures: Electronic signature data and timestamps
- Session Metadata: Date, time, duration, participants, IP addresses
- Document Handling: Document uploads, downloads, and modifications
RON Platform Security
BlueNotary Platform Features:
- End-to-end encryption for all communications
- Secure cloud storage with SOC 2 compliance
- Multi-factor authentication requirements
- Tamper-evident digital seals and certificates
- Audit trails for all system activities
Legal Requirements
Under New Jersey P.L.2021, c.179, we are required to:
- Retain RON recordings for 10 years minimum
- Ensure recordings are tamper-evident
- Provide access to recordings upon legal request
- Maintain detailed logs of all RON activities
- Report any security breaches to state authorities
RON Security Standards
Compliance Standards:
- MISMO Standards: Industry best practices
- NIST Guidelines: Federal security standards
- NJ State Requirements: P.L.2021, c.179 compliance
- SOC 2 Type II: Annual security audits
- ISO 27001: Information security management
Your RON Rights:
- Request copies of your RON recordings
- Receive notification of any data breaches
- Understand how your RON data is used
- Report concerns about RON privacy
HIPAA Compliance & Healthcare Privacy
Special protections for healthcare-related notarizations
HIPAA Business Associate Agreement
Healthcare Facility Partnerships: When providing notary services at healthcare facilities or for healthcare-related documents, we operate under Business Associate Agreements (BAAs) that ensure:
Protected Health Information (PHI) Safeguards:
- Minimum necessary access to PHI
- Secure handling of all healthcare documents
- Encrypted transmission and storage
- Limited access on need-to-know basis
- Immediate destruction of temporary PHI copies
Healthcare Professional Standards:
- EMT background provides healthcare familiarity
- Understanding of medical terminology and procedures
- Respect for patient privacy and dignity
- Compliance with facility policies and procedures
- Coordination with healthcare staff as needed
Patient Rights Under HIPAA:
- Access: Right to access your own health information
- Amendment: Right to request corrections to your health information
- Accounting: Right to know who has accessed your health information
- Restriction: Right to request limits on use/disclosure of your health information
- Confidential Communication: Right to request confidential communications
- Complaint: Right to file complaints about privacy practices
Healthcare Document Types
Common Healthcare Notarizations:
- Healthcare power of attorney documents
- Advance healthcare directives and living wills
- HIPAA authorization forms
- Medical consent forms
- Healthcare proxy appointments
- Medical records release forms
- Insurance claim documents
- Disability benefit applications
Special Healthcare Protections:
- No retention of healthcare document copies
- Immediate secure disposal of any temporary materials
- Encrypted communication for all healthcare-related scheduling
- Compliance with facility visitor policies
- Coordination with healthcare staff when appropriate
Emergency Medical Context
EMT Background Benefits:
- Medical Environment Familiarity: Understanding of hospital protocols and procedures
- Patient Care Sensitivity: Experience with patients in vulnerable situations
- Medical Terminology: Familiarity with healthcare language and documentation
- Crisis Management: Training in high-stress medical situations
- Professional Boundaries: Clear understanding of scope limitations
Important Limitations:
- EMT certification does not authorize medical advice
- Cannot provide healthcare recommendations
- Cannot interpret medical documents or procedures
- Cannot assist with medical decision-making
- Must refer medical questions to healthcare professionals
How We Use Your Information
Transparent practices for data usage and processing
Service Delivery
Primary Uses:
- Identity Verification: Confirming signer identity per NJ law
- Document Processing: Performing notarial acts and maintaining records
- Scheduling & Communication: Coordinating appointments and service delivery
- Payment Processing: Billing and financial transaction management
- Legal Compliance: Meeting state and federal record-keeping requirements
Quality Assurance:
- Service improvement and training
- Error prevention and correction
- Customer satisfaction monitoring
- Professional development and education
Legal & Regulatory
Compliance Requirements:
- Notary Journal: NJ law requires detailed record-keeping
- RON Recordings: 10-year retention per P.L.2021, c.179
- Business Records: Financial and operational documentation
- Audit Support: Regulatory examination compliance
- Legal Proceedings: Court orders and subpoenas
Professional Standards:
- NNA Certified Signing Agent requirements
- E&O insurance claim support
- Professional licensing compliance
- Continuing education documentation
Business Operations
Operational Uses:
- Service Improvement: Analyzing service patterns and feedback
- Business Development: Understanding client needs and preferences
- Marketing Communications: Service updates and educational content
- Emergency Response: 24/7 service coordination
- Package Management: Subscription service administration
Analytics & Reporting:
- Service utilization patterns
- Geographic service analysis
- Performance metrics and KPIs
- Financial reporting and planning
Information Sharing & Disclosure
When and how we share your information with third parties
Authorized Sharing
Service Providers & Partners:
- BlueNotary Platform: RON technology provider with SOC 2 compliance
- QuickBooks/Intuit: Payment processing and financial management
- Calendly: Scheduling and appointment management
- Google Workspace: Secure document storage and communication
- PNC Bank: Business banking and payment processing
Professional Partners:
- Backup Notaries: Megan Lopez-Cepero and approved substitutes
- Healthcare Facilities: When providing on-site services
- Law Firms & Title Companies: For loan signings and legal documents
- Insurance Providers: E&O insurance and claims processing
Legal Requirements
Mandatory Disclosure:
- Court Orders: Subpoenas and legal proceedings
- Law Enforcement: Valid warrants and investigations
- Regulatory Authorities: State notary oversight and audits
- Government Agencies: Tax authorities and compliance investigations
- Legal Counsel: Attorney consultation and representation
Emergency Situations:
- Immediate danger to health or safety
- Suspected fraud or criminal activity
- Child or elder abuse reporting requirements
- Public health emergencies
- National security concerns
We Do NOT Share Information For:
- Marketing Sales: We never sell your personal information
- Third-Party Advertising: No data sharing for advertising purposes
- Unsolicited Communications: No sharing for spam or telemarketing
- Data Brokers: No participation in data broker networks
- Social Media Platforms: No automatic social media integration
- Competitor Analysis: No sharing with business competitors
- Non-Essential Vendors: Limited to necessary service providers only
- International Transfers: Data remains within the United States
Data Security & Protection
Comprehensive security measures to protect your information
Technical Safeguards
Encryption & Security:
- Data Encryption: AES-256 encryption for all stored data
- Transmission Security: TLS 1.3 for all data in transit
- Access Controls: Multi-factor authentication required
- Network Security: VPN and firewall protection
- Backup Systems: Encrypted, redundant backups
Platform Security:
- SOC 2 Type II compliant systems
- Regular security audits and assessments
- Intrusion detection and monitoring
- Automated security updates
- Incident response procedures
Administrative Safeguards
Access Management:
- Principle of Least Privilege: Minimum necessary access only
- Role-Based Access: Access based on job function
- Regular Access Reviews: Quarterly access audits
- Employee Training: Privacy and security education
- Confidentiality Agreements: All staff and contractors
Operational Procedures:
- Documented security policies and procedures
- Incident response and breach notification plans
- Regular staff training and awareness programs
- Vendor security assessment requirements
- Business continuity and disaster recovery plans
Physical Safeguards
Physical Security:
- Secure Office: Locked office with controlled access
- Document Storage: Fireproof safe for physical records
- Mobile Security: Locked briefcase for mobile services
- Device Protection: Encrypted laptops and mobile devices
- Disposal Procedures: Secure shredding and data wiping
Environmental Controls:
- Climate-controlled document storage
- Fire suppression and detection systems
- Backup power and surge protection
- Security cameras and alarm systems
- Visitor access controls and logging
Your Privacy Rights
Understanding and exercising your privacy rights
Access & Control Rights
Right to Know:
- Data Access: Request copies of your personal information
- Usage Information: Learn how your data is being used
- Sharing Details: Know who has access to your information
- Retention Periods: Understand how long we keep your data
- Source Information: Learn where we obtained your data
Right to Control:
- Correction Rights: Request corrections to inaccurate information
- Deletion Rights: Request deletion of personal information (subject to legal retention requirements)
- Opt-Out Rights: Unsubscribe from marketing communications
- Portability Rights: Request your data in a portable format
- Restriction Rights: Limit how we process your information
Communication Preferences:
- Choose email vs. phone communication
- Set preferred contact times and methods
- Opt out of non-essential communications
- Request confidential communication methods
- Update contact information and preferences
Important Limitations
Legal Retention Requirements:
- Notary Journal: Required by NJ law for 10 years minimum
- RON Recordings: Must be retained for 10 years per P.L.2021, c.179
- Business Records: Tax and financial records for 7 years
- Legal Proceedings: Records subject to litigation hold
- Regulatory Requirements: Professional licensing compliance
Processing Limitations:
- Identity Verification: Cannot be restricted for notarization
- Legal Compliance: Required disclosures cannot be limited
- Service Delivery: Essential information needed for services
- Safety & Security: Emergency contact information
- Financial Records: Payment and billing information
Exercising Your Rights
To exercise any of these rights, contact us at [email protected] or (856) 388-2341. We will respond within 30 days and may request verification of your identity before processing requests.
Cookies & Website Tracking
How we use cookies and tracking technologies on our website
Cookie Usage
Essential Cookies:
- Session Management: Maintaining your session while browsing our website
- Security: Protecting against cross-site request forgery and other attacks
- Form Data: Remembering information you've entered in contact forms
- Preferences: Storing your website preferences and settings
Analytics Cookies:
- Google Analytics: Understanding website usage and performance
- Calendly Analytics: Tracking scheduling system usage
- Performance Monitoring: Identifying and fixing website issues
- User Experience: Improving website navigation and functionality
Third-Party Services
Integrated Platforms:
- Calendly: Online scheduling system with its own privacy policy
- Google Services: Maps, Analytics, and Workspace integration
- BlueNotary: RON platform with SOC 2 compliance
- QuickBooks: Payment processing and invoicing
- Social Media: Facebook and LinkedIn integration for business pages
Cookie Controls
Your Options:
- Browser Settings: Control cookies through your browser preferences
- Opt-Out Tools: Use browser extensions to block tracking
- Do Not Track: We respect browser Do Not Track signals
- Analytics Opt-Out: Google Analytics opt-out available
Cookie Categories:
- Essential Required for website function
- Analytics Help us improve our website
- Functional Enhance user experience
- Marketing Currently not used
Note
Disabling essential cookies may affect website functionality and your ability to schedule services online.
Data Retention & Disposal
How long we keep your information and secure disposal practices
| Data Type | Retention Period | Legal Basis | Disposal Method |
|---|---|---|---|
| Notary Journal Entries | 10 years minimum | NJ Notary Law (N.J.S.A. 52:7-10 et seq.) | Secure shredding, digital wiping |
| RON Session Recordings | 10 years minimum | NJ P.L.2021, c.179 | Encrypted deletion, certified destruction |
| Business Financial Records | 7 years | IRS requirements, business law | Secure shredding, digital wiping |
| Client Contact Information | 7 years or until request for deletion | Business records, customer service | Secure deletion, data overwriting |
| Healthcare-Related PHI | No retention (immediate disposal) | HIPAA compliance | Immediate secure shredding |
| Marketing Communications | Until opt-out request | Consent-based processing | Immediate removal from systems |
| Website Analytics | 26 months (Google Analytics default) | Legitimate business interest | Automatic expiration, manual deletion |
| Payment Information | 7 years (business records) | Financial regulations, tax law | Secure deletion, certified destruction |
Retention Policies
Automatic Deletion:
- Temporary Files: Deleted within 24 hours of service completion
- Cache Data: Cleared weekly from all systems
- Session Data: Expires after 30 minutes of inactivity
- Backup Copies: Included in retention schedule calculations
- System Logs: Retained for 90 days for security monitoring
Manual Review Process:
- Annual review of all retained data
- Quarterly assessment of retention needs
- Immediate review upon client request
- Legal hold procedures for litigation
- Compliance audits and documentation
Secure Disposal
Physical Document Disposal:
- Cross-Cut Shredding: All physical documents shredded on-site
- Witnessed Destruction: Disposal documented and witnessed
- Secure Containers: Locked disposal containers until shredding
- Certificate of Destruction: Documentation for sensitive materials
- No Third-Party Disposal: All destruction handled internally
Digital Data Disposal:
- Multi-Pass Overwriting: DOD 5220.22-M standard
- Cryptographic Deletion: Encryption key destruction
- Physical Destruction: Hard drive destruction when necessary
- Cloud Data Deletion: Verified removal from all cloud systems
- Backup Verification: Confirmation of backup deletion
Children's Privacy Protection
Special protections for minors and family services
COPPA Compliance
Children Under 13:
- No Direct Collection: We do not knowingly collect personal information from children under 13
- Parental Consent: Any services involving minors require parental presence and consent
- Limited Data: Only collect information necessary for notarization services
- No Marketing: Children are never targeted for marketing communications
- Immediate Deletion: Any inadvertently collected child data is immediately deleted
Minors (13-18 Years):
- Parental Involvement: Parent or guardian must be present for most notarizations
- Limited Authority: Minors have limited capacity to sign legal documents
- Educational Documents: School-related documents may be notarized with proper authorization
- Special Protections: Enhanced privacy protections for all minor-related services
- Confidentiality: Special attention to family privacy and sensitive situations
Family Services
When providing notary services for family documents (custody agreements, guardianship papers, etc.), we take extra care to protect the privacy of all family members, especially children. All family-related information is handled with the highest level of confidentiality.
Privacy Law Compliance
Compliance with federal, state, and international privacy regulations
Federal Laws
HIPAA (Health Insurance Portability and Accountability Act):
- Business Associate Agreements with healthcare facilities
- Protected Health Information (PHI) safeguards
- Minimum necessary access standards
- Breach notification requirements
- Patient rights and complaint procedures
COPPA (Children's Online Privacy Protection Act):
- No collection of information from children under 13
- Parental consent requirements for minors
- Enhanced protections for family services
- Immediate deletion of inadvertently collected child data
State Laws
New Jersey Privacy Laws:
- NJ Identity Theft Prevention Act: Enhanced security requirements
- NJ Personal Information Privacy Act: Breach notification requirements
- NJ Notary Law (N.J.S.A. 52:7-10 et seq.): Record retention and confidentiality
- NJ P.L.2021, c.179: RON-specific privacy and security requirements
- NJ Consumer Fraud Act: Truth in advertising and fair practices
Professional Standards:
- New Jersey State Bar Association guidelines
- National Notary Association standards
- American Bar Association model rules
- Emergency Medical Technician confidentiality standards
International Standards
GDPR Principles (Applied Voluntarily):
- Lawfulness, Fairness, Transparency: Clear privacy practices
- Purpose Limitation: Data used only for stated purposes
- Data Minimization: Collect only necessary information
- Accuracy: Maintain accurate and up-to-date records
- Storage Limitation: Retain data only as long as necessary
- Integrity & Confidentiality: Secure data processing
- Accountability: Demonstrate compliance with privacy principles
International Clients:
- Enhanced privacy protections for international clients
- Compliance with home country privacy expectations
- No international data transfers without consent
- Respect for cultural privacy norms
Privacy Questions & Complaints
How to contact us about privacy concerns and file complaints
Privacy Officer Contact
Ian Eddy, Owner & Privacy Officer
South Jersey Professional Solutions℠
Contact Information:
- Email: [email protected]
- Phone: (856) 388-2341 (Business)
- Emergency: (877) 906-1157 (24/7)
- Mail: P.O. Box 445, Norma, NJ 08347
- Office: P.O. Box 445, Norma, NJ 08347
Response Timeframes:
- Privacy Requests: 30 days maximum
- Breach Notifications: 72 hours when required
- General Inquiries: 2 business days
- Emergency Privacy Issues: Same day
- Complaint Acknowledgment: 5 business days
Filing Complaints
Internal Complaint Process:
- Contact Us First: Email or call with your privacy concern
- Provide Details: Describe the issue and desired resolution
- Investigation: We will investigate within 10 business days
- Response: Written response with findings and corrective actions
- Follow-Up: Ensure resolution meets your satisfaction
External Complaint Options:
- NJ Division of Consumer Affairs: www.njconsumeraffairs.gov
- NJ Attorney General: Consumer protection complaints
- Federal Trade Commission: www.ftc.gov
- HHS Office for Civil Rights: HIPAA-related complaints
- Better Business Bureau: Business practice complaints
No Retaliation Policy
We will not retaliate against anyone who files a good faith privacy complaint or exercises their privacy rights. Your concerns will be handled confidentially and professionally.
Policy Updates & Changes
How we handle changes to this privacy policy
Update Process
When We Update This Policy:
- Legal Changes: New privacy laws or regulations
- Business Changes: New services or business practices
- Technology Updates: New systems or security measures
- Best Practices: Industry standard improvements
- Client Feedback: Addressing privacy concerns or suggestions
Notification Methods:
- Website Notice: Prominent notice on our homepage
- Email Notification: Direct email to active clients
- Service Notification: Notice during next service interaction
- Social Media: Announcement on business social media
- Direct Mail: For significant changes affecting rights
Your Options After Updates:
- Review Period: 30 days to review changes before they take effect
- Opt-Out Rights: Discontinue services if you disagree with changes
- Data Deletion: Request deletion of your data before new policy takes effect
- Questions: Contact us to discuss any concerns about changes
- Grandfathering: Some existing agreements may maintain previous terms
Version History
Current Version: 2.0 (Effective May 27, 2025)
Previous Version: 1.0 (Effective January 1, 2024)
Major Changes: Added RON privacy provisions, enhanced HIPAA compliance, expanded data retention policies, and strengthened security measures.