Growlytics complies with the requirements of the EU-U.S. Privacy Shield Framework (“Privacy Shield”), as set forth by the U.S. Department of Commerce and the Federal Trade Commission (“FTC”), regarding the collection, use, and retention of Personal Information transferred from the European Economic Area to the United States. Growlytics has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view Growlytics certification, please visit https:// www.privacyshield.gov. Additionally, Growlytics may protect information through other legally valid methods, including international data transfer agreements.
This Policy applies to all Growlytics’s operating divisions, subsidiaries, affiliates, and branches, including its U.S. affiliates certified under the Privacy Shield, and any additional subsidiary, affiliate, or branch of Growlytics that we may subsequently form.
3. Transparency/Notice – Types Of Personal Information We Collect And How We Use It
The types of Personal Information we may collect (directly from you or from Third-Party sources) and our privacy practices depend on the nature of the relationship you have with Growlytics and the requirements of applicable law. Some of the ways that Growlytics may collect Personal Information include:
- You may provide Personal Information directly to Growlytics through interacting with the Services, participating in surveys, during events such as sweepstakes, and requesting Services, or information.
- As you navigate the Services, certain passive information may also be collected about your visit, including through cookies and similar technologies as described below. We endeavor to collect only that information which is relevant for the purposes of Processing. Below are the ways we collect Personal Information and how we use it.
We endeavor to collect only that information which is relevant for the purposes of Processing. Below are the ways we collect Personal Information and how we use it.
3.1 Types Of Personal Information We Collect
Growlytics collects Personal Information regarding its current, prospective, and former clients, customers, users, visitors, and guests (collectively “Individuals”).
- Information You Provide Directly to Us. When you use the Services or engage in certain activities, such as registering for an account with Growlytics, purchasing a Plan from Growlytics, requesting Services or information, or contacting us directly through the “Contact Us” feature or by some other method, we may ask you to provide some or all of the following types of information:
- Communications with Us. We may collect Personal Information from you such as name, email address, phone number, company or organization name, location, or mailing address when you use the “Contact Us” feature, register for Growlytics, choose to request information about our Services, request to receive customer or technical support, or otherwise communicate with us. We may also receive a confirmation when you open an email from us, which helps us make our communications with you more interesting and improve our Services.
- Surveys. From time to time, we may contact you to participate in online surveys. If you do decide to participate, you may be asked to provide certain information which may include Personal Information. All information collected from your participation in our surveys is provided by you voluntarily. We may use such information to improve our products, Sites and/or Services and in any manner consistent with the policies provided herein.
- Purchase of a Plan. When you purchase a Plan on the Site you must provide your email address, first and last name, credit card number, card expiration date and card CVC code. The credit card information is encrypted and transmitted to a Third Party payment processor for processing and storage to a high security vault according to strict industry standards. Once the data reaches the vault it is “tokenized”. No credit card information is received or retained in Growlytics’s own systems. Your credit card information is not exposed anywhere in our own systems. Please do not send your credit card information to our team directly, for example by emailing this information to email@example.com. Please use our secure, online system to enter your credit card information.
- Offline Information. As you might expect, we usually collect or receive information through our Site. But we also may collect information offline and it’s important to us that we preserve the privacy of your Personal Information both online and off. For example, if we speak with you by phone as part of our sales process, we may ask for your location. There are other ways we could learn of Personal Information offline, but this Privacy Notice doesn’t try to predict all those methods. We just want you to know that we try to treat offline information collection, uses and disclosures consistently with our online privacy practices.
- Information Submitted Via Services. You agree that Growlytics is free to use the content of any communications submitted by you via the Services, including any ideas, inventions, concepts, techniques, or know-how disclosed therein, for any purpose including developing, manufacturing, and/or marketing goods or Services. Growlytics will not release your name or otherwise publicize the fact that you submitted materials or other information to us unless: (a) you grant us permission to do so; (b) we first send notice to you that the materials or other information you submit to a particular part of a Service will be published or otherwise used with your name on it; or © we are required to do so by law.
- Information from Other Sources. We may receive information about you from other sources, including through Third-Party services and organizations to supplement information provided by you (for example, lead or data enrichment services). . This supplemental information allows us to verify information that you have provided to Growlytics and to enhance our ability to provide you with information about our business, products, and Services. Through cookies we place on your browser or device, we may also collect information about your online activity after you leave our Site. We use this information to improve the Site and customize your online experience.
- Event Data Information. The Growlytics Services monitor errors in web, mobile and server applications and programs under the direction of its Customers, to provide session, error and crash Event Data. Each Growlytics Customer provides Growlytics with session, error and crash Event Data from the Customer’s applications and programs. Event Data may contain personal information of the Customer’s end user. This means that if you are an end user of a service provided by a Growlytics Customer, then Growlytics may receive Personal Information about you from the Growlytics Customer. Not all Customers provide Personal Information about their end users to Growlytics. Customers use the Services dashboard to control or block the use of end user Personal Information by the Services. Growlytics itself does not collect this end user Personal Information and Growlytics has no direct relationship with these individuals. For example, a Customer may direct Growlytics to log certain software application’s end user information associated with Event Data, such as the end user’s device ID, email and name. Growlytics is a data processor and follows the instructions of the Customer in these cases. To find out more about how our Customers issue these instructions to us and handle this Personal Information you will need to review the privacy policies of each Customer. An individual who wants to correct, amend or delete inaccurate data should direct his or her request to Growlytics’s Customer (the data controller). Separately, if our Customer requests that we remove Event Data from the Services then we will respond promptly to this request.
- No Sensitive Data or Sensitive Personal Information. Growlytics does not collect Sensitive Data as defined under the laws of the European Union.
3.2 Personal Information Collected And Controlled By Customers
- Growlytics monitors web, mobile and server applications and programs under the direction of its Customers, to provide error Event Data about the Customer’s applications and programs to the Customer. Event Data may contain Personal Information of the individuals who use the Customer’s applications. Growlytics itself does not collect this end user Personal Information and Growlytics has no direct relationship with these individuals. For example, a Customer may direct Growlytics to log certain software application’s end user information associated with Event Data, such as the end user’s device ID, email and name. Growlytics is a data processor and follows the instructions of the Customer in these cases.
- To find out more about how our Customers issue these instructions to us and handle this Personal Information you will need to review the privacy policies of each Customer. An individual who wants to correct, amend or delete inaccurate data should direct his or her request to Growlytics Customer (the data controller). Separately, if our Customer requests that we remove Event Data from the Services then we will respond promptly to this request.
- If you are a Customer then you are responsible for obtaining permission from your end users to share any data that may contain the end users’ Personal Information with the Growlytics Platform. Customers use the Services dashboard to control or block the use of end user Personal Information by the Services. From time to time Growlytics creates statistics about the way Customers generally use our Services. These statistics are derived from large sets of anonymized, aggregated Event Data. We refer to this information as “Aggregated Information.” Aggregated Information contains no Personal Information and no information that can be associated with any specific Customer. Growlytics shares Aggregated Information with its Customers to educate them about the usefulness of the Services and to help them understand industry trends.
3.3 How Growlytics Uses Your Information#
We acquire, hold, use, and Process Personal Information about Individuals for a variety of business purposes, including:
- To Provide Products, Services, or Information Requested. Growlytics may use information about you to fulfill requests for products, Services, or information, including information about potential or future Services, including to:
- Generally manage Individual information and accounts;
- Respond to questions, comments, and other requests;
- Provide access to certain areas, functionalities, and features of Growlytics Services;
- Contact you to answer requests for customer support or technical support;
- Allow you to register for events.
- Administrative Purposes. Growlytics may use Personal Information about you for its administrative purposes, including to:
- Measure interest in Growlytics Services;
- Develop new products and Services;
- Ensure internal quality control;
- Verify Individual identity;
- Communicate about Individual accounts and activities on Growlytics’s Services and systems, and, in Growlytics’s discretion, changes to any Growlytics policy;
- Send email to the email address you provide to us to verify your account and for informational and operational purposes, such as account management, customer service, or system maintenance;
- Process payment for products or Services purchased;
- Process applications and transactions;
- Prevent potentially prohibited or illegal activities;
- Enforce our Terms.
- Marketing Growlytics Products and Services. Growlytics may use Personal Information to provide you with materials about offers, products, and Services that may be of interest, including new content or Services. Growlytics may provide you with these materials by phone, postal mail, facsimile, or email, as permitted by applicable law. Such uses include:
- To tailor content, advertisements, and offers;
- To notify you about offers, products, and services that may be of interest to you;
- To provide Services to you and Third Parties
- For other purposes disclosed at the time that Individuals provide Personal Information; or
- Otherwise with your consent.
You may contact us at any time to opt-out of the use of your Personal Information for marketing purposes, as further described in Section 5 below.
- Research and Development. Growlytics may use Personal Information to create non-identifiable information that we may use alone or in the aggregate with information obtained from other sources, in order to help us to optimally deliver our existing products and Services or develop new products and Services. From time to time, Growlytics may perform research (online and offline) via surveys. We may engage Third-Party service providers to conduct such surveys on our behalf. All survey responses are voluntary, and the information collected will be used for research and reporting purposes to help us better serve Individuals by learning more about their needs and the quality of the products and Services we provide. The survey responses may be utilized to determine the effectiveness of our Services, various types of communications, advertising campaigns, and/or promotional activities. If an Individual participates in a survey, the information given will be used along with that of other study participants. We may share anonymous Individual and aggregate data for research and analysis purposes.
- Direct Mail, Email and Outbound Telemarketing. Individuals who provide us with Personal Information, or whose Personal Information we obtain from Third-Parties, may receive periodic emails, newsletters, mailings, or phone calls from us with information on Growlytics’s or our business partners’ products and services or upcoming special offers/events we believe may be of interest. We offer the option to decline these communications at no cost to the Individual by following the instructions in Section 5 below.
- Anonymous and Aggregated Information Use. Growlytics may use Personal Information and other information about you to create anonymized and aggregated information, such as de-identified demographic information, de-identified location information, information about the computer or device from which you access Growlytics’s Services, or other analyses we create. Anonymized and aggregated information is used for a variety of functions, including the measurement of visitors’ interest in and use of various portions or features of the Services. Anonymized or aggregated information is not Personal Information, and Growlytics may use such information in a number of ways, including research, internal analysis, analytics, and any other legally permissible purposes. We may share this information within Growlytics and with Third-Parties for our or their purposes in an anonymized or aggregated form that is designed to prevent anyone from identifying you.
- Other Uses. Growlytics may use Personal Information for which we have a legitimate interest, such as direct marketing, individual or market research, anti-fraud protection, or any other purpose disclosed to you at the time you provide Personal Information or with your consent.
3.4 Cookies, Pixel Tags/Web Beacons, Analytics Information, And Interest-Based Advertising
- Cookies. Cookies are small text files placed in visitors’ computer browsers to store their preferences. Most browsers allow you to block and delete cookies. However, if you do that, the Site may not work properly.
- Pixel Tags/Web Beacons. A pixel tag (also known as a web beacon) is a piece of code embedded on the Site that collects information about users’ engagement on that web page. The use of a pixel allows us to record, for example, that a user has visited a particular web page or clicked on a particular advertisement.
- Analytics. We may also use certain analytics tools to collect information regarding visitor behavior and visitor demographics on some of our Services, and to develop Site content. This analytics data is not tied to any Personal Information.
Our uses of such Technologies fall into the following general categories:
- Advertising or Targeting Related. We may use first-party or Third-Party cookies and web beacons to deliver content, including ads relevant to your interests, on our Sites or on Third-Party sites. This includes using technologies to understand the usefulness to you of the advertisements and content that has been delivered to you, such as whether you have clicked on an advertisement.
If you would like to opt-out of the Technologies we employ on our Sites, Services, applications, or tools, you may do so by blocking, deleting, or disabling them as your browser or device permits.
3.5 Third-Party Websites, Social Media Platforms, And Software Development Kits
The Site may contain links to other websites and other websites may reference or link to our Site or other Services. These other domains and websites are not controlled by us, and Growlytics does not endorse or make any representations about Third-Party websites or social media platforms. We encourage our users to read the privacy policies of each and every website and application with which they interact. We do not endorse, screen or approve, and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk. Growlytics’s Services may include publicly accessible blogs, community forums, or private messaging features. The Site and our other Services may also contain links and interactive features with various social media platforms (e.g., widgets). If you already use these platforms, their cookies may be set on your device when using our Site or other Services. You should be aware that Personal Information which you voluntarily include and transmit online in a publicly accessible blog, chat room, social media platform or otherwise online, or that you share in an open forum may be viewed and used by others without any restrictions. We are unable to control such uses of your information when interacting with a social media platform, and by using such services you assume the risk that the Personal Information provided by you may be viewed and used by Third-Parties for any number of purposes.
3.6 Third-Party Payment Processing
When you purchase a subscription for the Services, we process your payments through a Third-Party payment processor. The Third-Party payment processor may collect certain financial information from you to process a payment on behalf of Growlytics, including your name, email address, address and other billing information.
4. Onward Transfer – Growlytics May Disclose Your Information
4.1 Information We Share
- We Use Vendors and Service Providers. We may share any information we receive with vendors and service providers. The types of service providers to whom we entrust Personal Information include service providers for: (i) provision of IT and related services; (ii) provision of information and services you have requested; (iii) payment processing; (iv) customer service activities; and (v) in connection with the provision of the Site. Growlytics has executed appropriate contracts with the service providers that prohibit them from using or sharing Personal Information except as necessary to perform the contracted services on our behalf or to comply with applicable legal requirements.
- Business Partners. Growlytics may share Personal Information with our business partners, and affiliates for our and our affiliates’ internal business purposes or to provide you with a product or Service that you have requested. Growlytics may also provide Personal Information to business partners with whom we may jointly offer products or services, or whose products or services we believe may be of interest to you. In such cases, our business partner’s name will appear, along with Growlytics. Growlytics requires our affiliates and business partners to agree in writing to maintain the confidentiality and security of Personal Information they maintain on our behalf and not to use it for any purpose other than the purpose for which Growlytics provided them.
- Privacy Shield. With respect to onward transfers to Agents under Privacy Shield, Privacy Shield requires that Growlytics remain liable should its Agents Process Personal Information in a manner inconsistent with the Privacy Shield Principles.
- Marketing – Interest-Based Advertising and Third Party Marketing. Through our Services, Growlytics may allow Third-Party advertising partners to set tracking tools (e.g., cookies) to collect information regarding your activities (e.g., your IP address, page(s) visited, time of day). We may also share such de-identified information as well as selected Personal Information (such as demographic information and past purchase history) we have collected with Third-Party advertising partners. These advertising partners may use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit non-Growlytics related websites within their networks. This practice is commonly referred to as “interest-based advertising” or “online behavioral advertising. We may allow access to other data collected by the Site to facilitate transmittal of information that may be useful, relevant, valuable or otherwise of interest to you. If you prefer that we do not share your Personal Information with Third-Party advertising partners, you may opt-out of such sharing at no cost by following the instructions in Section 5 below.
- Disclosures to Protect India or Others (e.g., as Required by Law and Similar Disclosures). We may access, preserve, and disclose your Personal Information, other account information, and content if we believe doing so is required or appropriate to: (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) respond to your requests; (iii) protect yours’, ours’ or others’ rights, property, or safety; (iv) to enforce Growlytics policies or contracts; (v) to collect amounts owed to Growlytics; (vi) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation or prosecution of suspected or actual illegal activity; or (vii) if we, in good faith, believe that disclosure is otherwise necessary or advisable. In addition, from time to time, server logs may be reviewed for security purposes – e.g., to detect unauthorized activity on the Services. In such cases, server log data containing IP addresses may be shared with law enforcement bodies in order that they may identify users in connection with their investigation of the unauthorized activities.
4.2 Data Transfers
All Personal Information collected via or by Growlytics may be stored anywhere in the world, including but not limited to, the United States, Canada, the European Union, India, in the cloud, on our servers, on the servers of our affiliates or the servers of our service providers. Your Personal Information may be accessible to law enforcement or other authorities pursuant to a lawful request. By providing information to Growlytics, you consent to the storage of your Personal Information in these locations.
5. Opt-Out (Right To Restrict Processing)
You have the right to opt-out of certain uses and disclosures of your Personal Information. Where you have consented to Growlytics’s Processing of your Personal Information or Sensitive Personal Information, you may withdraw that consent at any time and opt-out to further Processing by contacting us at firstname.lastname@example.org. Even if you opt-out, we may still collect and use non-Personal Information regarding your activities on our Sites and/or information from the advertisements on Third-Party websites for non-interest based advertising purposes, such as to determine the effectiveness of the advertisements.
5.2 Email And Telephone Communications
WE MAINTAIN TELEPHONE “DO-NOT-CALL” AND “DO-NOT-MAIL” LISTS AS MANDATED BY LAW. WE PROCESS REQUESTS TO BE PLACED ON DO-NOT-MAIL, DO-NOT-PHONE AND DO-NOT-CONTACT LISTS WITHIN 60 DAYS AFTER RECEIPT, OR SUCH SHORTER TIME AS MAY BE REQUIRED BY LAW
5.3 Mobile Devices
Growlytics may occasionally send you push notifications through our mobile applications with information that may be of interest to you. You may at any time opt-out from receiving these types of communications by changing the settings on your mobile device. Growlytics may also collect location-based information if you use our mobile applications. You may opt-out of this collection by changing the settings on your mobile device.
5.4 “Do Not Track”
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
5.5 Cookies And Interest-Based Advertising
As noted above, you may stop or restrict the placement of cookies on your computer or remove them from your browser by adjusting your web browser preferences. Please note that cookie-based opt-outs are not effective on mobile applications. However, on many mobile devices, application users may opt-out of certain mobile ads via their device settings.
The online advertising industry also provides websites from which you may opt-out of receiving targeted ads from our data partners and our other advertising partners that participate in self-regulatory programs. You can access these, and also learn more about targeted advertising and consumer choice and privacy, at www.networkadvertising.org/managing/opt_out.asp, or http://www.youronlinechoices.eu/ and www.aboutads.info/choices/.
6. Rights Of Access, Rectification, Erasure, And Restriction
Although Growlytics makes good faith efforts to provide Individuals with access to their Personal Information, there may be circumstances in which Growlytics is unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the Individual’s privacy in the case in question or where it is commercially proprietary. If Growlytics determines that access should be restricted in any particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries. To protect your privacy, Growlytics will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Information.
7. Data Retention
8. Security of Your information
By using the Site or providing Personal Information to us, you agree that we may communicate with you electronically regarding security, privacy, and administrative issues relating to your use of the Site. If we learn of a security system’s breach, we may attempt to notify you electronically by posting a notice on the Site or sending an e-mail to you. You may have a legal right to receive this notice in writing.
9. International Users
If you are visiting from the United States, European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the India and to Processing of your data globally. By providing your Personal Information, you consent to any transfer and Processing in accordance with this Policy.
10. Children’s Privacy
The Services are not directed to children under 13 (and in certain jurisdictions in the EU under the age of 16) years of age, and Growlytics does not knowingly collect Personally Identifiable Information from children under 13 (and in certain jurisdictions in the EU under the age of 16) years of age. If you are under the age of 18, you must have your parent’s permission to access the Services. Growlytics urges parents to instruct their children never to give out their real names, addresses, or phone numbers, without parental permission, when online. If you learn that your child has provided us with Personal Information without your consent, you may alert us at email@example.com. If we learn that we have collected any Personal Information from children under 13 (and in certain jurisdictions in the EU under the age of 16), we will promptly take steps to delete such information and terminate the child’s account.
11. Redress/Compliance and Accountability
If you are an EU citizen and feel that Growlytics is not abiding by the terms of this Policy, or is not in compliance with the Privacy Shield Principles, please contact Growlytics at the contact information provided above.
In addition, Growlytics has agreed to refer unresolved complaints related to Personal Information to JAMS Privacy Shield Dispute Resolution Program. For more information and to submit a complaint regarding Individual data to JAMS, a dispute resolution provider which has locations in the United States and EU, visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim.
Such independent dispute resolution mechanisms are available to citizens free of charge. If any request remains unresolved, you may contact the national data protection authority for your EU Member State.
You may also have a right, under certain conditions, to invoke binding arbitration under Privacy Shield; for additional information, see https://www.privacyshield.gov/article?id=ANNEX-I-introduction. The FTC has jurisdiction over Growlytics’s compliance with the Privacy Shield.
12. Other Rights and Important Information
- New Uses of Personal Information. Additionally, before we use Personal Information for any new purpose not originally authorized by you, we will endeavor to provide information regarding the new purpose and give you the opportunity to opt-out. Where consent of the Individual for the Processing of Personal Information is otherwise required by law or contract, Growlytics will endeavor to comply with the law or contract.
12.2 California Privacy Rights
This Policy shall be implemented by Growlytics and all its operating divisions, subsidiaries and affiliates. Growlytics has put in place mechanisms to verify ongoing compliance with Privacy Shield Principles and this Policy. Any Growlytics employee who violates these Privacy Shield Principles and/or this Policy will be subject to disciplinary procedures.
The following capitalized terms shall have the meanings herein as set forth below.
- “Agent” means any Third-Party that Processes Personal Information pursuant to the instructions of, and solely for, Growlytics or to which Growlytics discloses Personal Information for use on its behalf.
- “Personal Information” is any information relating to an identified or identifiable natural person (“Individual”).
- “Privacy Shield Principles” means the seven (7) principles of the Privacy Shield Framework: (1) notice, (2), choice, (3) accountability for onward transfer, (4) security, (5) data integrity and purpose limitation, (6) access, and (7) recourse, enforcement, and liability. Additionally, it includes the sixteen (16) supplemental principles described in the Privacy Shield: (1) sensitive data, (2) journalistic exceptions, (3) secondary liability, (4) performing due diligence and conducting audits, (5) the role of the data protection authorities, (6) self-certification, (7) verification, (8) access, (9) human resources data, (10) obligatory contracts for onward transfers, (11) dispute resolution and enforcement, (12) choice – timing of opt-out, (13) travel information, (14) pharmaceutical and medical products, (15) public record and publicly available information, and (16) access requests by public authorities.
- “Process” or “Processing” means any operation which is performed upon Personal Information, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Sensitive Data” or “Sensitive Personal Information” is a subset of Personal Information which, due to its nature, has been classified by law or by policy as deserving additional privacy and security protections. Sensitive Personal Information includes Personal Information regarding EU residents that is classified as a “Special Category of Personal Data” under EU law, which consists of the following data elements: (1) race or ethnic origin; (2) political opinions; (3) religious or philosophical beliefs; (4) trade union membership; (5) genetic data; (6) biometric data where Processed to uniquely identify a person; (6) health information; (7) sexual orientation or information about the Individual’s sex life; or (8) information relating to the commission of a criminal offense.
- “Third Party” is any company, natural or legal person, public authority, agency, or body other than the Individual, Growlytics or Growlytics’s Agents.