Effective date: January 22, 2016
Irrespective of which country you reside in or supply information from, you authorize us to use your information in the United States and any other country where we may operate. We control and/or operate the Services from offices in the United States of America. We do not represent that the Services are appropriate or available for use in other locations. Persons who choose to access and use the Services from other locations do so on their own initiative and at their own risk, and are responsible for compliance with local laws, if and to the extent local laws are applicable.
What types of Personal Information do we collect?
The information we gather from users enables us to personalize and improve the Services. We collect the following types of information (all considered “Personal Information”) from our users:
Personal Information you provide to us:
We collect and store the following types of information on our servers only when you optionally choose to provide it to us by filling out a form or taking some other explicit action. You can choose not to provide us with any of the information below, but you may not be able to take advantage of certain features without providing the appropriate information.
- First and/or last name;
- Billing information;
- Phone number;
- Information publicly disclosed through the Services;
- Your company or customer information; and
- Other personal identifying information.
Personal Information collected automatically:
In order to understand how the Services are being used and to make them better, we also automatically receive, store, and log certain types of technical information whenever you interact with the Services. Information of this sort includes:
- Technical information about a user’s browser and mobile device;
- Usage information such as the pages users request, searches they conduct, emails they open, and features they interact with;
- IP address, tokens, cookies, and device identifiers;
- Crashes and error reports.
How do we use Personal Information?
In addition to the specific uses discussed above, Personal Information you submit to us may be used in the following ways:
- To provide access to and perform the Services;
- To communicate with users about their accounts;
- To process or fulfill request(s) and/or order(s) for products, services, information or features;
- To provide users with updates, offers, and announcements about products, new products, services, features, promotions, enhancements, improvements or updates;
- To notify users when we make material changes to this Policy or the Drawloop Terms of Service;
- To solicit input and feedback to improve user experience;
- To provide administrative services, manage account preferences, and to respond to and address technical issues, harm, or disputes;
- To help us optimize the Services.
How do we share Personal Information?
We will not disclose Personal Information of our users to any persons or entities outside of the Company, nor lease, license, rent, transfer, disclose, disseminate or otherwise grant access to such Personal Information unless:
- We must share user information in order to provide a product or service that has been ordered or requested by that user, in which case we will require that any third person or entity we use to fulfill the order agrees that it does not have the right to use user information other than to fulfill the order or request;
- We believe in good faith, that disclosure is necessary to protect our rights, protect your safety or the safety of others, or investigate fraud;
- We are involved in a bankruptcy, merger, acquisition, reorganization or sale of assets, at which point users’ Personal Information may be sold or transferred as part of that transaction;
- It is to any other third party with a user’s prior consent to do so;
- We receive a request in connection with a judicial, governmental or legal inquiry, investigation, order, or proceeding;
- It is reasonably necessary to enforce our other Drawloop terms and conditions, this Policy, or any other legal agreements we enter with our users;
- It is required to detect, prevent, or otherwise address fraud, abuse, misuse, potential violations of law (or rule/regulation), and/or security or technical issues;
- It is required or reasonably necessary to protect against imminent harm to the rights, property or safety of us, our users, employees, partners, minors, members of the public and/or other third parties;
- You have provided us with permission to do so.
We may also disclose information about you to our auditors or legal advisors in conjunction with accessing our disclosure obligations and/or rights under this Policy.
Types and disclosures of aggregate information
We may share aggregated information concerning our users, without attribution of Personal Information, to other companies with whom we conduct business. In other words, we may combine your anonymized data with those of all or a particular group of our users to prepare collective profiles of our users and their activities for our internal use and can share the same with our partners. For example, we may use and/or share the following information:
- Tracked number of our users who view certain pages or use certain features;
- Compiled total dollar amount of sales conducted through the Services in a particular geographic region;
- Tracked purchasing trends;
- Aggregated user data to market the Services to others; and
- Tracked user behavior and page views.
What do we do to keep Personal Information secure?
We take commercially reasonable security measures to protect against unauthorized access to, or unauthorized alteration, disclosure or destruction of Personal Information that you share and we collect and store. These security measures include practices such as:
- Keeping Personal Information on a secured server behind a firewall;
- Using secure socket layer technology;
- Using regular malware scanning;
- Internal reviews of our data collection, storage, and processing practices, including physical security measures, to guard against unauthorized access to systems; and
- Restricting access to Personal Information to Drawloop affiliates, employees, contractors, and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations.
No data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result: (a) there are security and privacy limitations of the Internet which are beyond our control; (b) the security, integrity and privacy of any and all information and data exchanged between you and us through the Services cannot be guaranteed and you transmit such information at your own risk; and (c) any such information and data may be viewed or tampered with in transit by a third party.
What can you do to protect Personal Information?
While we are committed to taking all reasonable precautions to protect Personal Information, there are steps you can take as well when using online services, such as ours:
- Use only secure websites when disclosing information;
- Create strong passwords and use them wisely (e.g. don’t use the same password for us that you use for your bank);
- Never respond to unsolicited requests for your social security number or financial information;
- Do not disclose passwords or account information to any other person; and
- If logins are required for site access, be sure to sign off when finished using a shared computer.
Be aware when clicking on links to third-party sites accessible through the Services. Other third party sites accessible through the Services, if any, via links or service partnerships are governed by their own privacy policies and data collection, use and disclosure practices. We encourage you to review other websites’ policies before revealing any sensitive or Personal Information. We cannot be and are not responsible for maintaining your privacy once you leave our site or applications and are not responsible for the policies or practices of third parties.
What can you do if you no longer want to receive communications from us?
You can opt out of any automated notifications or communications by:
- Following the instructions included with each email; or
- Contacting us with an unsubscribe request to our email address found at the end of this Policy; however our employees, contractors or agents may still need to contact users who opt out personally, for example, in response to a support inquiry or if that user is in violation of our website terms and conditions.
Credit card transactions and order fulfillment are handled by established third party banking, processing agents and distribution institutions. They receive only the information needed to verify and authorize your credit card or other payment information and to process your order.
In providing the Services, we receive our subscriber’s documents. However, subscriber documents will not be published by us at any time and any brief retention by us will only be for the purpose of delivering the Services. Drawloop does not retain backups or copies of your work for you. Drawloop disclaims all liability for the release of any documentation or content thereof that is uploaded to Drawloop.
Fair Information Practice Principles
The FTC created the Fair Information Practice Principles as a result of the Commission’s inquiry into the manner in which online entities collect and use personal information and safeguards to ensure that such practices are fair and provide adequate privacy protection. We take our own self-regulation very seriously and support your rights as a consumer to causes of action against disreputable and unprincipled data collectors and users. Consistent with the FTC’s Fair Information Practice Principles and other applicable laws, we will promptly notify users in the event of a data breach.
California Residents – California Civil Code Section 1798.83
California residents have the right to receive: a) information identifying any third party company(ies) to whom we may have disclosed (within the previous calendar year) Personal Information pertaining to you and your family for that company’s direct marketing purposes; and b) a description of the categories of Personal Information disclosed. If you are a California resident and wish to obtain such information, submit a request to our email address found at the end of this Policy with “Request for California Privacy Information” as the subject line and in the body of your message. Please be aware that not all information sharing is covered by these requirements and only information on covered sharing will be included in our response.
European Union Residents
As described in our Safe Harbor certification, we comply with the US-EU Safe Harbor Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Drawloop has certified that it adheres to the relevant Safe Harbor Privacy Principles. To learn more about the Safe Harbor program, and to view Drawloop’s certification, please visit the Safe Harbor website.
In addition to participating in the US-EU Safe Harbor Framework, Drawloop offers model contract clauses as an additional means of meeting the adequacy and security requirements of the European Parliament and Council of the European Union Data Protection Directive. Any European Union resident that wishes to utilize the Services must first sign the Drawloop End-User Web Services Subscription Agreement, and in doing so, will be required to affirmatively consent to model contract clauses.
How can you update, delete, or correct Personal Information?
You may change any of your Personal Information by contacting us with a request to update, review, or delete Personal Information at the support email found at the end of this Policy. Certain information or data of yours may only be stored on third-party platforms with which we partner, such as Salesforce.com. It is your responsibility to maintain any such third-party accounts and you understand that Drawloop does not have the ability to access, update, delete, or correct your data or any information that you submit or store on such third-party platforms.
Children’s Online Privacy Protection
The Services are not designed or intended for use by children under 13. If you are under 18, you should use the Services only with the direct involvement of a parent or guardian. Children under 13 may not submit any Personal Information to us, and if we discover that we have inadvertently gathered any Personal Information from a child under 13, we will take appropriate steps to delete it. If you are the parent or guardian of a person under the age of 13 who has provided Personal Information to us, please inform us by contacting us at email@example.com and we will remove such information from our database. If you are concerned about your children’s use of the Services, you may use web-filtering technology to supervise or limit access to the Services. Visit www.OnGuardOnline.gov for tips from the Federal Trade Commission on protecting the online privacy of children.
Do Not Track Browser Requests
Several browsers, including Internet Explorer, Firefox, and Safari offer a “do not track” option that sends a signal to websites visited by the user. Drawloop may not commit to responding to browsers’ “do not track” signals with respect to the Services.
How we comply with the CAN-SPAM Act
The CAN-SPAM Act is legislation in the United States that regulates commercial emails. The CAN-SPAM Act imposes strict penalties on those who send emails with materially false or misleading content or fail to provide recipients of commercial emails with an opportunity to decline them. In accordance with the CAN-SPAM Act, other applicable laws, and this Policy, we will do the following:
- NOT use false or misleading information in the subject line or body of our emails;
- Identify messages as advertisements by using the label “advertisement” in a conspicuous manner;
- Monitor third party email marketing services, if one is used;
- Provide accurate “From” fields so that users know who is sending the email;
- Provide visible and operable unsubscribe mechanisms in all of our emails;
- Include our physical address in the body of our emails;
- Honor any opt-out requests to our emails within 10 business days; and
- Refrain from using harvested email addresses.
You may contact us at the email below if you would like to unsubscribe from our marketing communications at any time.
Compliance and cooperation with regulatory authorities
We regularly review our compliance with this Policy. When we receive a formal written complaint, we will contact the person who made the complaint to follow up. We work with appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of Personal Information that we cannot resolve with our users directly.
What will happen if we change this Policy?
We may update this Policy from time to time and any changes to this Policy will be posted by us on this page with a more recent effective date in the header. Use of information we collect now is subject to the version of this Policy in effect at the time such information is used. If we make any material or significant changes to this Policy, we will deliver an email announcement to the email address associated with each user account. It is each user’s responsibility to maintain a valid email address. We will also keep prior versions of this Policy in an archive for your review. If you continue to use the Services after changes to this Policy become effective, you agree to abide by and be bound by the modified version of this Policy.
How can you contact us?
If you have any questions about this Policy or our privacy practices, please contact us by email at firstname.lastname@example.org.