Privacy Statement

Updated: 01/12/2024

Effective Date: 4/14/2021

This privacy statement describes how Cornerstone Information Systems, Inc. and its subsidiary, ApexConnect (“Cornerstone Information Systems companies”) collects and uses the personal information you provide on our Web sites:,,, and our Service. The use of information collected through our service shall be limited to the purpose of providing the service for which the Client has engaged Cornerstone Information Systems companies. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.

EU-U.S. Data Privacy Framework with UK Extension, and Swiss-U.S. Data Privacy Framework

Cornerstone Information Systems companies complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  Cornerstone Information Systems companies have certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) under the UK Extension to the EU-U.S. DPF.  Cornerstone Information Systems companies have certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit

Cornerstone Information Systems companies is responsible for the processing of personal data it receives, under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF and subsequently transfers to a third party acting as an agent on its behalf.  Cornerstone Information Systems companies complies with the EU-U.S. DPF Principles and the Swiss-U.S. DPF Principles for all onward transfers of personal data from the EU, UK, and Switzerland, including the onward transfer liability provisions.

The Federal Trade Commission has jurisdiction over Cornerstone Information Systems companies compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. In certain situations, Cornerstone Information Systems companies may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, Cornerstone Information Systems companies commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF to TRUSTe, an alternative dispute resolution provider based in the United States.  If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit for more information or to file a complaint.  These dispute resolution services are provided at no cost to you.

For complaints regarding EU-U.S. DPF, the UK Extension to the EU-U.S DPF, and Swiss-U.S. DPF compliance not resolved by any of the other DPF mechanisms, you have the possibility, under certain conditions, to invoke binding arbitration. Further information can be found on the official DPF website:

Information Collection and Use

Cornerstone Information Systems companies may collect Personally Identifiable Information (“PII”) voluntarily in the process of servicing our clients. The kinds of information we may collect could include full name, email, addresses, and credit card information.

In addition, we may collect and store on behalf of our clients some system administration contact information. Typically, this involves our client’s contact information such as email address to notify users of service notifications.

Legal Disclosure

Cornerstone Information Systems companies reserves the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served on our Web Site.

In the event any of the Cornerstone Information Systems companies goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personally identifiable information will likely be among the assets transferred. You will be notified via email of any such change in ownership or control of your personal information.

Children’s Personal Information

Cornerstone Information Systems companies offer only business-related services and does not offer areas specifically designed for children.

Passive Collection

As is true of most websites, Cornerstone Information Systems companies gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.

Tracking Technologies

Cornerstone Information Systems companies use cookies and/or similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base as a whole. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service.

We may partner with a third party to display advertising on our website or to manage our advertising on other sites. Our third-party partner may use cookies or similar technologies in order to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click here [or if located in the European Union click here]. Please note you will continue to receive generic ads.


Cornerstone Information Systems companies do not share, sell, or rent user’s personally identifiable information (PII) to third party parties in ways other than disclosed in this privacy statement.

We will share aggregated demographic information with our business partners. This is not linked to any personal information that can identify any individual person, nor is it linked to any client proprietary information.

If Cornerstone Information Systems companies intend to transfer information to a third party acting as an agent on their behalf in the future, they will continue to be held accountable under the DPF Principles if the agent processes such personal information in a manner that contradicts the DPF Principles. This liability persists unless the organization can demonstrate that it is not responsible for the incident causing the harm.


This web site contains links to other sites. Please be aware that Cornerstone Information Systems companies are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of every web site that collects personally identifiable information (PII). This privacy statement applies solely to information collected by Cornerstone Information Systems companies web sites.


This website takes every precaution to protect our users’ information. When our customers handle sensitive information via the website, information is protected both online and off-line.

All online data transmitted is secured via TLS 1.2 encryption and all data at rest is protected by AES 256bit encryption. All our users’ information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job are granted access to personally identifiable information (PII).
Our employees must use password-protected screensavers when they leave their desk. When they return, they must re-enter their password to re-gain access to your information.

Furthermore, ALL employees are kept current on our security and privacy practices. Every calendar quarter, as well as any time new policies are added, our employees are notified and/or reminded about the importance we place on privacy, and what they can do to ensure our customers’ information is protected.

Finally, the servers that may store personally identifiable information (PII) on are kept in a secure environment and located in rooms that require security card access readers and cameras. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on any Cornerstone Information Systems companies Web site, you can contact us at

Supplementation of Information

For this website to properly fulfill its obligation to our clients, it is necessary for us to supplement the information we receive with information from third party sources. As indicated above we may collect some information from industry databases. This information is tied to an identifier that our clients use to run reports and analyze the data. It is possible for our clients to then also be able to append more of their own data to it.

Site and Service Updates

From time to time Cornerstone Information Systems companies send clients site and service announcement updates. These announcements contain important information about the service, therefore are required as part of the service. Generally, you may not opt-out of these required communications as they are necessary to receive the service. If you wish to stop receiving these communications, please see the “Choice/Opt-out” section below for instruction. We communicate with the user to provide requested services and with regards to issues relating to their account via email or phone.

Correction/Updating Personal Information

Upon request Cornerstone Information Systems companies will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. If a client’s personally identifiable information (PII) changes (such as your zip code) we provide a way to correct, update or remove that user’s personal data provided to us. This can usually be done at the system administration information page or by emailing our Customer Support. We will respond to your request within a reasonable timeframe.

Cornerstone Information Systems companies acknowledges that you have the right to access your personal information.  Cornerstone Information Systems companies have no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the Cornerstone Information Systems companies Client (the data controller). If requested to remove data, we will respond within a reasonable timeframe. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the Client that you interact with directly. We handle client data as a data processor. Consequently, access requirements are handled by them, though we will cooperate with any requests made by our data controller clients having to do with their end users. The data controller clients can expect a response to their request with 10-20 business days.

We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our Clients.

We will retain your information and information we process on behalf of our Clients for as long as your account is active or as needed to provide you services or to our Clients. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

All requests to update or delete currently held information can be initiated by sending an email to


We handle client data as a data processor. Consequently, choice requirements are handled by the administrator assigned by the client. If you wish to stop receiving site and service announcements or trip notifications, please contact your system administrator.

Notification of Changes

If we decide to change our privacy policy, we will post those changes on our corporate Web page so our users are always aware of what information we collect, how we use it, and under circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information (PII) in a manner materially different from that stated at the time it was collected, we will notify users by way of an email or prominent posting on the website. Users will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.

Enforcement of this Privacy Statement

If you have questions regarding this statement you should contact Cornerstone Information Systems at: You may also contact Cornerstone Information Systems by telephone (812-330-4361) or postal mail. Please mail correspondence to:

Cornerstone Information Systems
304 W. Kirkwood Avenue

Suite 101
Bloomington, IN 47404