Privacy Policy

Effective as of June 11, 2021

At Privacy Request, responsibly using and protecting data is at the core of who we are and what we do. Our goal is to help you manage your privacy obligations for your company and customers and to do this, we work hard at not just saying we respect privacy, but putting words into actions as we develop and share our products and services with you. 

This Privacy Notice (“Privacy Notice") explains our privacy practices for the activities described herein.  Please read this Privacy Notice carefully to learn how we collect, use, share, and otherwise process information relating to individuals (“Personal Information”), and to learn about your rights and choices regarding your Personal Information.

1. About Us

Privacy Request, Inc. is the controller of your Personal Information as described in this Privacy Notice, unless specified otherwise. 

This Privacy Notice does not apply to the extent we process Personal Information in the role of a processor or service provider on behalf of our customers, including where we offer to our customers various cloud products and services through which our customers (or their affiliates): (i) send electronic communications to others; or (ii) otherwise collect, use, share or process Personal Information via our cloud products and services.

For detailed privacy information related to a Privacy Request customer or a customer affiliate who uses the Privacy Request cloud products and services as the controller, please contact our customer directly. We are not responsible for the privacy or data security practices of our customers, which may differ from those explained in this Privacy Notice.

2. Processing Activities Covered

This Privacy Notice applies to the processing of Personal Information collected by us when you:

  • Visit our websites that display or link to this Privacy Notice;
  • Visit our branded social media pages;
  • Receive communications from us, including emails, phone calls, texts or fax;
  • Use our cloud products and services as an authorized user (for example, as an employee of one of our customers who provided you with access to our services) where we act as a controller of your Personal Information;
  • Register for, attend or take part in our events, webinars, or contests; or
  • Participate in community and open source development.

Processing of Personal Information is required for receiving certain products or services.

Our websites and services may contain links to other websites, applications, and services maintained by third parties. The information practices of other services, or of social media platforms that host our branded social media pages, are governed by their Privacy Notices, which you should review to better understand their privacy practices.

3. Information We Collect

1. Personal Information we collect directly from you

The Personal Information we collect directly from you includes identifiers, professional or employment-related information, financial account information, and internet activity information. We collect such information in the following situations: 

How We Collect Information From YouWhat Data We Collect

If you contact us for any reason, including to ask for more information about our products and services, sign up to use our products and services, register to attend an event, webinar, or participate in any contest.

Your name, job title, company name, address, phone number, email address or username and password, or social media usernames

If you purchase a subscription to use our products and services.

Your financial and billing information, such as billing name and address, credit card number or bank account information

If you use our website or interact with any emails or marketing content.

Device information, including Internet Protocol (IP) addresses, device identifiers (AAID, IDFA), or cookie IDs; usage data about how you use our products and services

If you participate in a survey, poll, or other questionnaire

Any information you voluntarily provide

2. Personal Information we collect from other sources

We also collect information about you from other sources including third parties from whom we purchase Personal Information and from publicly available information.  We may combine this information with Personal Information provided by you. This helps us update, expand, and analyze our records, identify new customers, and create more tailored advertising to provide services that may be of interest to you. The Personal Information we collect from other sources includes identifiers, professional or employment-related information, education information, commercial information, visual information, internet activity information, and inferences about preferences and behaviors. In particular, we collect such Personal Information from the following sources:

  • Third party providers of business contact information, including mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), IP addresses, social media profiles, LinkedIn URLs and custom profiles, for purposes of direct marketing; and
  • Another individual at your organization who may provide us with your business contact information for the purposes of obtaining services; and 
  • Platforms such as GitHub to manage code check-ins and pull requests. If you participate in an open source or community development project, we may associate your code repository username with your community account so we can inform you of program changes that are important to your participation or relate to additional security requirements.
3. What device and usage data do we process?

We use common information-gathering tools, such as tools for collecting usage data, cookies, web beacons, pixels, and similar technologies to automatically collect information that may contain Personal Information as you navigate our websites, our services, or interact with emails we have sent to you. For more information, see Cookies below. 

4. Device and usage data

As is true of most websites, we gather certain information automatically when individual users visit our websites. This information may include identifiers and internet activity information such as:

IP address (or proxy server information)device and application information

identification numbers and features

location

browser type

plug-ins

integrations

Internet service provider

mobile carrier

the pages and files viewed

searches

referring website

app or ad

operating system

system configuration information

advertising and language preferences

date and time stamps associated with your usage

frequency of visits to the websites.

This information is used to analyze overall trends, help us provide and improve our websites, offer a tailored experience for website users, and secure and maintain our websites.

In addition, we gather the following information automatically as part of your use of our cloud products and services:

UsernameIP address (or proxy server)

mobile device number

device and application identification numbers

location

browser type

Internet service provider or mobile carrier

the pages and files viewed

date and time stamps

operating system and system configuration information

Password

website and webpage interactions including searches and other actions you take

This information is used to maintain the security of the services, to provide necessary functionality, to improve performance of the services, to assess and improve customer and user experience of the services, to review compliance with applicable usage terms, to identify future opportunities for development of the services, to assess capacity requirements, to identify customer opportunities, and for the security of Privacy Request generally (in addition to the security of our products and services). 

Some of the device and usage data collected by the services, whether alone or in conjunction with other data, could be personally identifying to you. 

5. Cookies, web beacons and other tracking technologies

We use technologies such as web beacons, pixels, tags, and JavaScript, alone or in conjunction with cookies, to gather information about the use of our websites and how people interact with our emails.

We use both session-based and persistent cookies on our websites and product. Session-based cookies exist only during a single session and disappear from your device when you close your browser or turn off the device. Persistent cookies remain on your device after you close your browser or turn your device off. You can also control the use of cookies on your device but choosing to disable cookies on your device may limit your ability to use some features on our websites and services.

We also use web beacons and pixels on our websites and in emails. For example, we may place a pixel in marketing emails that notify us when you click on a link in the email. We use these technologies to operate and improve our websites and marketing emails. You may always opt out of receiving our marketing communications using the link in the email footer or by contacting us. You may also use your browser settings to block or reset your cookies at any time.

We use the following cookies:

Cookie SubgroupsCategoryCookiesCookies UsedLifespan

privacyrequest.com

Functional

gatsby-gdpr-google-analytics

1st party

4 days

analytics.google.com

Analytics

_ga

3rd party

30 seconds

Analytics

_gid

3rd party

1 day

calendly.com

Functional

_calendly_session

3rd party

Session

6. Opt-Out from the setting of cookies on your individual browser

In many cases you may opt-out from the collection of non-essential device and usage data on your web browser (see the “What device and usage data we process” section, above) by managing your cookies at the browser or device level. Please note, however, that by blocking or deleting cookies and similar technologies used on our websites, you may not be able to take full advantage of the websites.

7. Do Not Track

While some internet browsers offer a “do not track” or “DNT” option that lets you tell websites that you do not want to have your online activities tracked, these features are not yet uniform and there is no common standard adopted by industry groups, technology companies, or regulators. Therefore, we do not currently commit to responding to Do Not track signals with respect to our websites.

4. How We Use Your Information

We collect and process your Personal Information for the following purposes. Where required by law, we obtain your consent to use and process your Personal Information for these purposes. Otherwise, we rely on another authorized legal basis (including but not limited to the (a) performance of a contract or (b) legitimate interest) to collect and process your Personal Information.

Purpose of Processing Legal Basis

Providing our websites and services (including necessary functionality for both):

To provide our products and services to you under contract or where we have a legitimate interest in to provide you with access and information to our products and services.

Promoting the security of our websites and services

We have a legitimate interest in monitoring and investigating suspicious activity as well as enforcing our terms of service to protect our rights and the rights of others.

Registering and maintaining user accounts

To provide our products and services to you under contract.

Managing Customer Support requests and other communications

To provide our products and services to you under contract, with your consent, or where there is a legitimate interest in fulfilling your requests and communicating with you.

Managing contests or promotions

To provide our products and services to you under contract, subject to our terms of service and any additional contest rules.

Managing payments and subscriptions

To provide our products and services to you under contract, as well as fulfill any of our legal requirements with respect to tax, fraud, or identity as required under law.

To further develop and improve our products and services

To analyze and track your usage data in order to provide for our legitimate interest in developing, improving, optimizing, and personalizing our products and services for you or where we seek your consent.

To review compliance with contractual requirements

To review your compliance with our applicable customer contracts subject to our legitimate interest.

Assessing capacity requirements

To analyze the performance of our products and services provided under contract to our customers and in our own legitimate interest in managing the performance of our products and services.

Sending marketing communications

To communicate with you as a potential customer in our own legitimate interest or with your consent where required by law.

Complying with legal obligations

To cooperate with public and government authorities, courts, or regulators in accordance with our legal obligations under applicable laws to protect our rights or where necessary for our legitimate interest to protect against misuse or abuse of our products and services, to protect property or safety, to comply with legal orders and processes, to respond to lawful requests, or for auditing purposes.

5. How We Share Your Information

We may share your Personal Information as follows:

  • Service Providers: With our contracted service providers, who provide services such as IT and system administration and hosting, credit card processing, research and analytics, marketing, and customer support for the purposes and pursuant to the legal bases described above;
  • Customers With Whom You Are Affiliated: If you use our services as an authorized user, we may share your Personal Information with your affiliated customer responsible for your access to the services to the extent this is necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies; 
  • Contest and Promotion Sponsors: With sponsors of contests or promotions for which you register;
  • Professional Advisers: In individual instances, we may share your Personal Information with professional advisers acting as service providers, processors, or joint controllers - including lawyers, bankers, auditors, and insurers based in countries in which we operate who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Personal Information; and
  • Third Parties Involved in a Corporate Transaction: If we are involved in a merger, reorganization, dissolution or other fundamental corporate change, or sell a website or business unit, or if all or a portion of our business, assets or stock are acquired by a third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Information to an unaffiliated third party.

We may also share anonymous or de-identified usage data with Privacy Request’s service providers for the purpose of helping Privacy Request in such analysis and improvements. Additionally, Privacy Request may share such anonymous or de-identified usage data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our services.

You may review a list of our service providers here. For more information on the recipients of your Personal Information, please contact us by using the information in the “Contacting us” section, below.

6. International Transfer of Information

Your Personal Information may be collected, transferred to and stored by us in Europe and by our affiliates and third-parties that are based in other countries, including Canada. 

Therefore, your Personal Information may be processed outside your jurisdiction. We ensure that the recipient of your Personal Information offers an adequate level of protection and security, for instance by entering into the appropriate agreements.

7. Children

Our websites are not directed at children. We do not knowingly collect Personal Information from minors under the age of 18 unless (a) we have obtained consent from a parent or guardian, (b) such collection is subject to a separate agreement with us or (c) the visit by a child under the age of 16 is unsolicited or incidental. If you are a parent or guardian and believe your child has provided us with Personal Information without your consent, please contact us by using the information in the “Contacting us” section below and we will take steps to delete their Personal Information from our systems.

8. How Long We Keep Information

We may retain your Personal Information for a period of time consistent with the original purpose of collection (see the “Purposes for which we process Personal Information and the legal bases on which we rely” section, above) or as long as required to fulfill our legal obligations. 

After expiry of the applicable retention periods, your Personal Information will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of such data.

For more information on data retention periods, please contact us by using the information in the “Contacting us” section, below.

9. Your Rights

1. California “Do Not Sell” Rights

WE DO NOT SELL YOUR PERSONAL INFORMATION.

Under various privacy laws, including the CCPA, you have the right to opt out of the sale of  your personal information. When we receive your personal data, Privacy Request commits not to sell your personal data in any fashion, including for marketing purposes. We may share your data with service providers who help us provide the Privacy Request software to you, or help us manage our business, as explained in this Notice, but we do not sell your data. 

If you have any questions about how we share your data or with whom, we encourage you to reach out to us to ask for more information.

2. Your Personal Rights

You may exercise the following rights regarding your personal information, subject to our ability to verify your request and certain other limitations:

  • Information about You: You may ask for us to state what categories of Personal Information about you we have, and the categories of sources from which we collect your Personal Information.
  • Receive a Copy of Your Data: You may request the categories and specific pieces of information (if any) we have about you, the categories of Personal Information that we have disclosed about you for a business purpose, and the categories of third parties with which we have shared Personal Information in the previous 12 months.
  • Delete Your Data: You may request that we delete the Personal Information we have collected from you.
  • Do-Not-Sell: You may opt out of our sale(s) of your Personal Information, as “sale” is defined by California law. Please see above for more information. We extend this right to all regardless of location.
  • Non-Discrimination: We will not discriminate against you for exercising you rights. 

Note: Where certain technologies rely on your data to provide the Services, the absence of that data may impact the operation of the Services.

3. How to Exercise Your Rights

To exercise any of the above rights, please follow the instructions below:

If we have received your information because we have been engaged by one of our customers to handle the Personal Information of their users, we may refer your request to the appropriate customer to handle. 

4. Verification Process and Required Information

All requests must be verified. Some requests, including receiving a copy of your data or requests made by an agent claiming to be acting on your behalf, are subject to heightened requirements. If we cannot verify your identity based on the information provided, a request for a copy of your data shall be treated as a request for information and if we cannot verify your identity, a request to delete personal information may be treated as a request to opt out of the sale of personal information.

5. Authorized Agent

You may designate an authorized agent to make a request on your behalf. An Authorized Agent must have written documentation of their authority to act on your behalf, such as a Power of Attorney.

10. Security

We take appropriate precautions including organizational, technical, and physical measures to help safeguard against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of, or access to, the Personal Information we process or use.

While we follow generally accepted standards to protect Personal Information, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions. If you have any questions about the security of our websites, please contact us by using the information in the “Contacting us” section, below.

11. Changes to this Privacy Notice

We will update this Privacy Notice from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. If we do, we will update the “effective date” at the top. If we make a material update, we may provide you with notice prior to the update taking effect, such as by posting a conspicuous notice on our website or by contacting you directly, or where required under applicable law and feasible, seek your consent to these changes.

We encourage you to periodically review this Privacy Notice to stay informed about our collection, processing and sharing of your Personal Information.

12. Contact Information

Please email us at privacy@privacyrequest.com if you have any questions regarding this Privacy Notice. You may also mail us at: 

Privacy Request Data Protection Officer
70 Plains Road West, Unit 44
Burlington, ON Canada
L7T 0B6

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy.