We collect information about users of our Site and Mobile Apps and clients who contract with us to use our Platform (our “Customers” or “you”). This Policy describes how we collect, use, and share information provided to us by our Customers. This Policy does not apply to the data we process about the end users of our Customers’ services (“End Users”). Where we process personal data about our Customers, we are considered to be a “controller” under applicable law (i.e., the company with the right to decide how the data is used); where we process personal data about End Users, we do so as a “processor” on behalf of our Customers, and our Customer would be the “controller”.
It is important to understand that this Policy does not apply to our Customers’ collection, use, or sharing of End User data. To the extent that we collect or handle any data on behalf of our Customers, we do so at their instruction. If you are an End User, we encourage you to review the privacy policies of our Customers to understand their privacy practices.
By using any of our Services, you understand that your information, including personal data, will be handled as described in this Policy. Your use of our Services, and any dispute over privacy, is subject to this Policy and our Terms of Service, including its applicable limitations on damages and the resolution of disputes. The Terms of Service are incorporated by reference into this Policy.
EU & Swiss Privacy Shield
Woopra and the recipients of the information described in this Policy are located in the United States, where privacy laws may not provide as much protection as those of your country of residence. We comply with legal requirements for cross-border data protection through our participation in the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Frameworks or, in some cases, based on a third party’s reliance on European Commission-approved Standard Contractual Clauses.
Woopra participates in and has certified its compliance with the Privacy Shield Frameworks, and we are committed to the Privacy Shield principles of Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement, and Liability (collectively, the “Principles”). To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield website. We collect, process, disclose, and transfer personal data from the EU member countries and Switzerland as described in this Policy.
Woopra is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Woopra complies with the Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Woopra is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
We encourage individuals from the EU member countries and Switzerland who have questions or complaints about how we process their personal data under either Privacy Shield Framework to contact us directly at firstname.lastname@example.org. We will work to resolve your issue as quickly as possible, but in any event no later than 45 days of receipt. If you have an unresolved concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
What Information Do We Collect About You and Why?
We may collect information about you directly from you, from third parties, and automatically through your use of our Services.
Information We Collect Directly from Customers. We will collect any information that you provide to us. For example, certain areas and features of our Services may require registration. To register, Customers must provide us with their first name, last name, company name, email address, and website, and select a password. We also may collect additional optional information from Customers, including company size and phone number; however, you are not required to provide us with this information. In addition, if a Customer makes a purchase, we will also request that you provide your credit or debit card information and your billing address.
We may use the information we collect about you in aggregated form or associate it with other information that we collect about you.
Information that We Collect About You from Social Networking Platforms. If you are a Customer, you also may log into our Services through your social networking accounts. If you log into our Services using your LinkedIn account, you must enter your LinkedIn email address and password. By logging in through LinkedIn, you are granting us access to your first and last name, email address, company, and company size. We store the information that we receive from LinkedIn with other information that we collect from Customers or receive about Customers.
Any third-party social networking platform controls the information it collects from you. For information about how they may use and disclose your information, including any information you make public, please consult their respective privacy policies. We have no control over how any third party uses or discloses the personal data it collects about you.
Information We Collect Automatically. We may automatically collect the following information about your use of our Services through cookies and other technologies: your domain name; your browser type and operating system; web pages you view; links you click; your IP address; the length of time you visit or use our Services; the referring URL, or the webpage that led you to our Services; access time; and device ID.
How We Use Your Information
We use the information, including personal data, that we gather about you for the following purposes:
- To provide our Services to you, to communicate with you about your use of our Services, to respond to your inquiries, to fulfill your orders, and for other customer service purposes.
- To tailor the content and information that we may send or display to you, to offer location customization and personalized help and instructions, and to otherwise personalize your experiences while using our Services.
- To contact you, including for marketing and promotional purposes. For example, we may use your information, such as your email address, to send you news and newsletters, special offers, and promotions, or to otherwise contact you about products or information we think may interest you. We also may use the information that we learn about you to assist us in advertising our Services on third-party services.
- To better understand how individuals access and use our Services, including to learn about their engagement levels and navigation paths, as well as user retention and funnel drop-offs, and for other research and analytical purposes.
The laws in some jurisdictions require companies to tell you about the legal ground(s) they rely on to use or disclose your personal data. To the extent those laws apply, our legal grounds for processing data for which we are a controller are as follows:
- To Honor Our Contractual Commitments. Some of our processing of personal data is to meet our contractual obligations to Customers, or to take steps at Customers’ request in anticipation of entering into a contract with them.
Legitimate Interests. In most cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities, such as the following in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals:
- Customer service;
- Analyzing and improving our business;
- Protecting our business, personnel and property;
- Marketing; and/or
- Managing legal issues.
We may also process personal data for the same legitimate interests of our Customers and business partners.
- Legal Compliance. We need to use and disclose personal data in certain ways to comply with our legal obligations.
How We Share Your Information
We may share the information that we collect about you, including personal data, as follows:
- Affiliates. We may disclose your information to current or future affiliates or subsidiaries.
- Service Providers. We may disclose your information to third-party vendors, service providers, contractors, or agents who perform actions or functions on our behalf.
- Business Transfers. We may disclose your information to another entity in connection with, including during negotiations of, an acquisition or merger, sale or transfer of a business unit or assets, bankruptcy proceeding, or as part of any other similar business transfer.
- In Response to Legal Process. We may disclose your information in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena. In certain situations, Woopra may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
- To Protect Us and Others. We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Service or this Policy, or as evidence in litigation in which we are involved.
- Aggregate and De-Identified Information. We may share aggregate or de-identified information about users with third parties for marketing, advertising, research, or other purposes.
Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). Please note that by blocking any or all cookies, you may not have access to certain features or offerings of the Services.
If you are in the United States, you may opt out of many third-party ad networks by going to the Digital Advertising Alliance (“DAA”) Consumer Choice page for information about opting out of interest-based advertising and your choices regarding use of your information by DAA companies. You may also go to the Network Advertising Initiative (“NAI”) Consumer Opt-Out page for information about opting out of interest-based advertising and your choices regarding use of your information by NAI members. If you are in the European Economic Area (“EEA”), you may opt out of many third-party ad networks by going to the European Interactive Digital Advertising Alliance (“EDAA”) Your Online Choices page for information about opting out of interest-based advertising and your choices regarding use of your information by EDAA members.
Opting out from one or more companies listed on the DAA, NAI, or EDAA pages will opt you out of those companies’ delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through our Services or on other services. You may continue to receive ads, for example, based on a particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt out, your opt out may not be effective.
We may use third-party web analytics services on our Services to collect and analyze the information discussed above, and to engage in auditing, research or reporting. The information (including your IP address) collected by various analytics technologies described above will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services, including by noting the third-party website from which you arrive, analyzing usage trends, assisting with fraud prevention, and providing certain features to you.
Notice Concerning Do-Not-Track Signals
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT. You can learn more about Do Not Track here.
We have taken steps to help protect the personal data we collect from loss, misuse, unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can guarantee 100% security.
You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
We will hold your information for as long as necessary to fulfill the purposes set forth in this Policy or as long as we are legally required or permitted to do so. Information may persist in copies made for backup and business continuity purposes for additional time.
Your Choices and Rights
We offer the options described below for exercising rights and choices under applicable laws. Many of these are subject to important limits or exceptions under applicable law.
Customers. If you are a Customer:
- You may review and update certain information by logging into your account and reviewing and updating your information.
- In addition, the law of your jurisdiction (for example, within the EEA) may give you additional rights to request access to and rectification or erasure of certain personal data we hold. In some cases, you may be entitled to receive a copy of the personal data you provided to us in portable form or to request that we transmit it to a third party. The law may also give you the right to request restrictions on the processing of your personal data, to object to processing of your personal data, or to withdraw consent for the processing of your personal data (which will not affect the legality of any processing that happened before your request takes effect). You may contact us as described below to make these requests.
- You may contact us with any concern or complaint regarding our privacy practices, and you also may lodge a complaint with the relevant governmental authority.
- You may opt out of such communications by following the opt-out instructions contained in the email. Opting out is immediate, but in some cases it may take up to 10 business days for us to process opt-out requests. If you opt out of receiving emails about recommendations or other information we think may interest you, we may still send you emails about your account or any Services you have requested or received from us.
- You may opt out of receiving push notifications by turning them off in your device settings.
End Users. If you are an End User and would like to exercise your rights or choices with respect to personal data for which we are a processor, please make your request directly to the Customer for whom we process the personal data.
Our Services are not targeted to individuals under 16, and we do not knowingly collect personal data from individuals under the age of 16. Where required by applicable law, if we discover that a child under 16 has provided us with personal data, we will delete such personal data from our systems. In the United States, if we become aware that we have collected personal information (as defined by the Children’s Online Privacy Protection Act) from children under the age of 13, we will take reasonable steps to delete it as soon as practicable.
Access To My Personal Data
Upon request Woopra will provide you with information about whether we hold, or process on behalf of a third party, any of your personal data. You may access, correct, or request deletion of your personal data by logging into your account, contacting us at email@example.com, or by updating your profile information. We will respond to your request within a reasonable timeframe. In certain circumstances we may be required by law to retain your personal data, or may need to retain your personal data in order to continue providing a service. Please note that copies of information that you have updated, modified, or deleted may remain viewable in cached and archived pages of the Site or Mobile Apps for a period of time. We may retain your information for as long as your account is active, or as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements.
Woopra acknowledges that you have the right to access your personal data. When Woopra acts as a service provider to its Customers, it does not have a direct relationship with the End Users whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his/her query to the Woopra Customer. If requested by a Customer to review, correct, amend, or delete personal data, we will respond within a reasonable timeframe. We will retain personal data on behalf of our Customers for as long as needed to provide services to our Customers, or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you have questions about the privacy aspects of our Services or would like to make a complaint, please contact us at firstname.lastname@example.org.
300 Montgomery Street, Suite 208
San Francisco, CA 94104
Changes to this Policy
This Policy is current as of the last updated date set forth below. We will continue to evaluate this Policy as we update and expand the Services and our offerings, and we may make changes to the Policy accordingly. We encourage you to periodically review this page for the latest information on our privacy practices. If we make any material changes, we will notify you as required by law.
Last updated on May 25th, 2018.