2201 Broadway, 4th Floor
Oakland, CA 94612
List of our other privacy-related documents:
“Controller” means the natural or legal person, public authority, agency or other bodies which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data
“EU Representative” – means a natural or legal person established in the European Union (“EU”) who, designated by the Controller or Processor in writing, represents the Controller or Processor with regard to their respective data Processing obligations.
“Personal Data” – is any information relating to an identified or identifiable natural person (“Data Subject”).
Personal Data Breach – is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise Processed.
“Processor” means a natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Controller;
“Processing” – is any operation or set of operations which are performed on Personal Data or on sets of Personal Data, whether or not by automated means.
“Staff” means any natural person or legal entity employed or contracted by us (including, but not limited to employees, interns, contract employees, consultants and volunteers).
“Third Party” means a natural or legal person, public authority, agency or body other than the Data Subject, Controller, Processor and persons who, under the direct authority of the Controller or Processor, are authorized to Process Personal Data;
Your privacy is important to us, and so is being transparent about how we collect, use, and share your Personal Data and Customer Data.
We are responsible as a Controller and Processor.
As a Controller, we determine the purposes and means of the Processing of Personal Data while as a Processor we Processes Personal Data on your behalf.
We may collect and store any Personal Data you or your Authorized Users provide to us.
We collect non-personally identifiable information automatically for the primary purpose of customizing the Platform and Services, understanding how they are used, and preventing misuse.
Some devices allow applications to access real-time location-based information:
GPS or sensor data from your device that may provide information on nearby wi-fi access points and cell towers. In addition, some of the information we collect from you, for example, IP address can sometimes be used to approximate a device’s location. Finally, some browsers share your location information (either the location registered with your account or gleaned from other geolocation methods) with sites you visit and we may obtain location information about you in this way. If you do not wish us to receive this information, please configure your devices and browsers not to share it. If you do not provide certain geographical information, however, you may not be able to use all aspects of the Platform or the Services.
We use Local Storage Objects such as HTML5 or Flash to store content information and preferences. Third parties with whom we partner to provide certain features on our site may use LSOs such as HTML 5 or Flash to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs.
We may use Personal Data that we collect about you to deliver the Services, and manage the Platform and our business. We only conduct these activities in a lawful manner. The lawful basis we rely on is detailed in the table below.
|Lawful Basis||Example Users|
|Lawful base: Contract|
We need this information to provide you with the Services you are paying us for.
|Lawful base: Legitimate Interest|
We have a legitimate business interest to offer you the best service possible.
|Lawful base: User’s Consent|
Automatically collected non-personally identifiable information may be aggregated and disclosed without restriction.
| We may share aggregated, non-personally identifiable information publicly. For example, we may share information publicly to show trends about the general use of the Services with the press, in our marketing materials or with our business partners.|
We may collate or connect non-personally identifiable information with your Personal Data, in which case the resulting personally identifiable information will be treated as Personal Data.
Lawful basis: Applicable Law, Vital Interest, Legitimate Interest
We use credit card and other Personal Data (such as IOS store, Stripe email addresses) you submit to us on the Platform, and other information that we collect, as required, to process payments you make through the Platform through our payment processor intermediaries. We do not store credit card or other payment method information. Our third-party payment processors have the sole and complete responsibility for the storage of credit card and payment information. We may also share Personal Data with our payment processor intermediaries for risk management and fraud prevention.
Our Staff having permanent or regular access to Personal Data undergo appropriate data protection training. All persons authorized to Process your information have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
The Website may include links to Third-Party websites, plug-ins, and applications. Clicking on those links or enabling those connections may allow Third Parties to collect or share data about you. We do not control these Third-Party websites and are not responsible for their privacy obligations.
Your interactions with Third Parties through the Platform and Services are governed by the privacy policies, if any, of those Third Parties. We are not responsible for what those Third Parties do with your information. So you should make sure you trust those Third Parties and that they have privacy policies acceptable to you.
When you click-through on Third-Party offers featured on the Platform, we may share Personal Data with the businesses with which we partner to offer you the applicable products or services. When you elect to engage in a particular merchant’s offer or program, you authorize us to provide your email address and other information to that Third Party. We may share your information with a Third-Party application or a Third-Party merchant services provider or other resellers with your consent, for example when you choose to access the Platform through such an application or are provided with access to the Platform through such a Third-Party merchant services firm.
When you use the Services to disclose information to Third Parties, we may share that information with those Third Parties as requested.
The Platform may include, from time to time, social media features, such as Linkedin and Twitter buttons and widgets, such as “share” buttons or interactive mini-programs that run on our Platform. These features may collect your IP address, which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a Third Party or hosted directly on the Platform.
We use reasonable methods, consistent with industry practices, to protect the confidentiality of your information, including administrative, physical and technical methods. Information you submit to or receive from our Services is sent using an encrypted TLS (SSL) connection.
No method of transmission over the internet is completely secure and no method of protecting information is completely secure. Therefore we cannot and do not guarantee the security of your information.
To find out more about our security practices visit our security page.
In the event that we become aware of a Personal Data Breach which has resulted or may result in the unauthorized access, use or disclosure of Personal Data belonging to you or your Authorized Users, we will promptly investigate the matter and notify you of such breach.
Such investigation will be without delay, consistent with
(1) legitimate needs of law enforcement;
(2) measures necessary to determine the scope of the breach;
(3) efforts to identify the individuals affected; and
(4) steps to restore the reasonable integrity of our Platform.
We are responsible for notifying you and, as applicable, any other parties of any security breach in accordance with Applicable Law.
Information collected from you may be stored and Processed in the EEA, Switzerland, the United States or any other country in which we or our service providers maintain facilities.
By using the Services, you agree to any such transfer of information outside of your country. Such countries may have laws which are different, and potentially not as protective, as the laws of your own country.
Whenever we share Personal Data originating in the EEA or Switzerland we will rely on suitable safeguards.
If you reside in the EEA, Switzerland or other regions with Law governing data collection and use, please note that you are agreeing to the transfer of your Personal Data to the United States and other jurisdictions in which we operate.
You have the ability to review and update your Personal Data online by logging into your account and editing your account profile. More information about how to contact us is provided below.
If you have an account with us, you also may close your account at any time through the Platform. After you close your account, you will not be able to sign in to the Platform or access any of your Personal Data. If you close your account, we may retain
Information stored in routine backups may also be retained for the period those backups are retained in the ordinary course of business.
You can choose not to provide us with certain information, but that may result in you being unable to use certain features of the Platform and Services because that information may be required in order for you to register as a customer, purchase Services, obtain customer support, or initiate other transactions.
You also will be given the opportunity, in any commercial email that we send to you, to opt-out of receiving such messages in the future. We may send you transactional and relationship emails, such as service announcements, administrative notices, and surveys, without offering you the opportunity to opt-out of receiving them. Please note that changing information in your account, or otherwise opting out of receipt of promotional email communications, will only affect future activities or communications from us. If we have already provided your information to a Third Party or a service provider before you have changed your preferences or updated your information, we will notify said Third Party or service provider.
Our mobile applications may also deliver notifications to your phone or mobile device. You can disable these notifications by visiting the personal profile page associated with your account, accessing the notification settings menu on your device, or by deleting the relevant application.
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of the Platform and Services.
If you reside in the EEA or Switzerland, you have the right to exercise additional rights available to you under Applicable Law, including:
You reserve the right to obtain information regarding the Processing of your Personal Data and access to the Personal Data which we hold about you.
You can request that we erase your Personal Data in certain circumstances. Please note, however, that we may need to retain certain information for record-keeping purposes, to complete transactions or to comply with our legal obligations, among other things.
You have the right to request that we stop Processing your Personal Data and/or to stop sending you marketing communications.
Right to restrict Processing
You have the right to request that we restrict Processing of your Personal Data in certain circumstances, for example, where you believe that the Personal Data we hold about you is inaccurate or unlawfully held.
Upon your request you will be provided with the Personal Data we hold about you in a structured, machine-readable and commonly used format.
If you would like to exercise any of the above rights, please contact our privacy support team (see our contact details in Section 2.9.3 below). We will consider your request in accordance with Applicable Law. To protect your privacy and security, we may take steps to verify your identity before complying with the request.
You also have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority.
For additional information contact firstname.lastname@example.org
Our EU Representative is Tom McNamara, ℅ Kimura Limited, 32 Pleasants Street, Dublin 8, Ireland.
Our Services are intended for use by businesses that are our customers. Where the Services are made available to an Authorized User through our customer (e.g. an employer), our customer is the administrator of the Services and is responsible for the accounts and/or Services over which it has control. Authorized Users should direct data privacy questions to their administrators, as their use of the Services is subject to that business’s policies.