Privacy Statement


Level Access (Level) takes privacy seriously and recognizes the need to be proactive about protecting personal data, also known as Personally Identifiable Information (PII). Level collects personal data for a variety of purposes and has implemented significant measures to protect the data in each case.

This Statement is split into two sections. The first section describes the measures Level takes to protect personal data. The second section describes the details of Level’s processing activities and your rights as an individual that Level upholds.

How Level Protects Your Data

This section describes the measures Level takes to protect personal data.

Accountability and Governance

Level incorporates the data protection principles of accountability, lawfulness, transparency, accuracy, limitation and security into our business processes.

Level internally publishes and maintains a Data Protection Policy, which outlines the commitment from the Management team and the responsibilities of our staff to protect personal data.

Level has an appointed Data Protection Lead to ensure the Policy is effective and executed.

Information Audit, Processing Purpose, and Risks to Individuals

All personal data processed by Level is assessed with identifying risks to individual privacy in mind.

Whenever Level processes personal data, care is taken to stay within the boundaries of the law, follow best practices, and uphold regional or contractual requirements that stipulate restrictions on who can access that data.

The following is a summary of key processing of personal data at Level:

  1. Contracts with Customers for use of our Services
    • Basic user contact information to provide a login to the software only.
    • Level does not capture PII about our customers’ customers.
  2. Marketing and Sales
    • Basic contact and business information used to communicate industry news, product updates and community events.
    • Information is sometimes shared with third-parties.
  3. Business Purposes
    • Some personal data is captured in the normal course of doing business, such as for reasons of executing a contract or improving our software services.

Please see Personal Data Processing and Your Rights for more details about our processing activities and your rights as an individual.

Collection and Retention

When collecting personal data, Level abides by the limitation principle and collects only what is needed to achieve the specified purpose.

Level also abides by the limitation principle for retention and only keeps personal data for as long as it is needed to achieve the specified purpose. For example, data will be kept for a length of time based off balancing the interests of the parties and risks to individuals, or, for the duration of the contract plus a length of time needed to fulfill legal obligations.


Level uses security controls to protect personal data. In addition to what is described in this section, Level utilizes technical controls, such as encryption, MFA and intrusion detection, and other organizational controls, such as privacy training for staff and the principle of least privilege, to protect personal data.


Level is a US company that conducts its core operations from North America. By default, all information is transferred to the US for all types of processing. Personal data is not transferred outside the US, except in the case of employment where that employee resides in another country. Level never sells information gathered from customer relationships to third parties.


Level uses some third-party suppliers to enhance the services we offer to our customers. In that case, Level uses contracts to manage the protection of personal data we share with those third-parties and requires nondisclosure agreements in cases where personal data is being shared.

Personal Data Processing Purposes and Your Rights

It is Level’s aim to support the rights of individuals when it comes to privacy and knowing what happens with your data.

There are certain rights that apply generally; these are listed immediately below. Following those are details about each of the specific processing purposes.

To exercise these rights or request more information, please contact Level at

Your Rights – Summary

The following is a summary of the general rights of individuals relating to the processing of personal data:

  1. If Level collects or process your data, Level will proactively inform you. The only exception to this is if you have come to us, where we assume that you already know of the processing.
  2. You may always request access to your data.
  3. In most cases, you may request that Level update your information.
  4. In some cases, you may request that Level restricts the processing of your data.
  5. In some cases, you may request your data to be erased.
  6. In some cases, you may object to Level processing your data.
  7. In all cases, individuals may request to be removed from direct marketing.
  8. In some cases, you may request that Level port your data to another service
  9. Level does not use your data to perform automated decision-making, including profiling.
  10. If you are a European resident, you may lodge a complaint about Level’s processing activities to an EU Supervisory Authority

Your Rights – Contracts with Customers for use of our Software Services

Level sells a variety of software services, and some of those services require the creation of a user account. In such cases, Level captures basic contact information so that you or your nominated users can login and use those services.

Some software services also set cookies to enable functionality. For example, to identify your device to create a secure session. The use of cookies in our software services is purely for functionality and is unrelated to the use of cookies for marketing– see Your Rights – Marketing and Sales below.

Level does not transfer the information gathered by our software services to any other parties and Level does not transfer the information to any country outside of the US.

The information may be removed on request by the account owner, otherwise it is kept for the duration of the contract plus a period of 30 days, or as described in The Agreement.

As an individual, you have all the rights described above in the Summary section.

If you didn’t sign up and/or believe you have received an account in error, you may request Level to update, restrict processing of, or erase your information. Please contact Level at for assistance

Your Rights – Marketing and Sales

Level believes our mission of bringing digital accessibility to the world is important for everyone, and our Marketing and Sales teams play a key role in achieving that mission.

Level uses cookies and other tracking technologies to gather information from recipients of our emails and users of our website in order to tailor our business strategy and to direct sales activities. For more information about this, see the Cookies section on our website.

Level collects contact information to provide our current and prospective customers, and other interested parties, with updates on our products, industry news and community events.

Level uses third-party systems to enhance our Marketing and Sales activities. These systems reside in the US.

Level sometimes partners with others in the industry to provide the educational resources, such as webinars. If you sign up to one of these educational resources, Level will share your contact information with that partner or partners. You may opt-out if you do not want your information to be shared.

If Level receives your information from a source other than yourself, Level will inform you about it and your rights as laid out in this Statement in a timely manner.

As an individual, you have all the rights described above in the Summary section.

If you are an EU resident, you have the right to request Level to update, object to, restrict processing of, or erase your information.

In all cases, you may request to be removed from direct marketing.

Your Rights – Business Purposes

Business Contract

Level will collect some personal data, such as contact and business information, in the course of doing business with you.

Level will store this information in our business support systems, which includes some third-party systems. All our business support systems reside in the US.

As an individual, you have all the rights described above in the Summary section. If you are an EU resident, Level may also be able to assist you with porting your personal data to another service. Please contact Level at for help.

Employment Contract

If you come to work for Level, some personal data must be collected during the recruiting process and during the term of your employment.

Level will store this information in our business support systems, which includes some third-party systems. Some of our business support systems reside in the US and some have an international presence, including the following; Canada, countries in the European Union, and India.

As an individual, you have all the rights described above in the Summary section. If you are an EU resident, Level may also be able to assist you with porting your personal data to another service. Please contact Level at for help.

Usage Information

If you visit or interact with Level’s sites or software services, information about your interaction (“usage data”) may collected or stored to improve and protect the services Level will offer to you.

Level does not transfer usage data to any other parties, nor outside of the region where that site or service resides.

Usage data is typically anonymous, however, if it is somehow associated with your identity or is otherwise considered PII under applicable law, it will be treated as personal data and you may exercise your rights as described in the Summary section above.