We receive information about you from various sources, including:
If you are located in the European Union ("EU"), United Kingdom, Lichtenstein, Norway, Iceland or Switzerland, you may have additional rights under the EU General Data Protection Regulation ("GDPR") with respect to your Personal Data, as outlined below.
We collect Personal Data about you when you provide such information directly to us, when third parties such as our business partners or service providers provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Services.
Information We Collect From You Directly
We receive Personal Data directly from you when you provide us with such Personal Data, including without limitation the following:
Account Information: When you create an Account with the Services, you will provide information that could be Personal Data, such as your name, username, password, email address, profile picture, location and company affiliation. You acknowledge that this information may be personal to you, and by creating an account with the Services and providing Personal Data to us, you allow others, including us, to identify you and therefore may not be anonymous. We may use your contact information to send you information about our Services, but only rarely when we feel such information is important. You may unsubscribe from these messages via the email communication, although we, regardless, reserve the right to contact you when we believe it is necessary, such as for account recovery purposes.
Information We Receive From Third Party Sources: Some third parties, such as our business partners and service providers, (including, but not limited to those who provide services related to customer messaging, surveying, advertising, marketing, social media, and analytics), provide us with Personal Data about you, such as the following:
Information We Automatically Collect When You Use Our Services: Some Personal Data is automatically collected when you use the Services, such as the following:
IP Address Information and Other Information Collected Automatically: We automatically receive and record information from your web browser when you interact with the Services, including your IP address, device ID, and cookie information. This information is used for fighting spam/malware and also to facilitate the collection of data concerning your interaction with the Services (e.g., what links you have clicked on).
Generally, the Services automatically collect usage information, such as which parts of the Site you use and the number and frequency of visitors to the Site. We may use this data in a manner that would identify you personally. This type of data enables us and third parties authorized by us to figure out how often individuals use parts of the Services so that we can analyze and improve them.
Email Communications: We may receive a confirmation when you open an email from us. We use this confirmation to improve our customer service.
Most browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new cookie in a variety of ways.
Analytics Data: We collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for the Services. These tools collect information sent by your browser or mobile device, including the pages you visit, your use of third party applications, and other information that assists us in analyzing and improving the Services.
Aggregate Information: We collect statistical information about how both unregistered and registered users, collectively, use the Services ("Aggregate Information"). Some of this information is derived from Personal Data. While Aggregate Information is not Personal Data, it may be tied back to you, your Account or your web browser.
We process Personal Data to operate, improve, understand and personalize our Services. For example, we use Personal Data to:
We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our "legitimate interests", as further described below.
Contractual Necessity: We may process some Personal Data as a matter of "contractual necessity", meaning that we need to process the data to perform under our Terms of Service with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.
Legitimate Interest: We may process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties. Examples of these legitimate interests include:
Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We use regular Malware Scanning and your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.
In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when you place an order, enter, submit, or access your information to maintain the safety of your personal information.
All transactions are processed through our gateway provider Stripe who are a PCI Service Provider Level 1, with no transaction information being stored or processed on our servers.
For more information on how we protect your information, please refer to our Security Information page.
We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you Services, and for an additional two years or until we receive a request to delete it. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
We do not include or offer third-party products or services on our website.
We may also release your information as required to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
If you are located in the EU, the United Kingdom, Lichtenstein, Norway, or Iceland, and use or access the Services, you may have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email email@example.com. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by logging into your account.
Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by logging into your account. Please contact us as soon as possible upon noticing any such inaccuracy or incompleteness.
Erasure: You can request that we erase some or all of your Personal Data from our systems.
Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes.
Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
Right to File Complaint: You have the right to lodge a complaint about Userback.io's practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
We value your privacy and have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We, therefore, will not distribute your personal information to outside parties without your consent. As part of the California Online Privacy Protection Act, all users of our site may make any changes to their information at any time by logging into their account and going to the 'Edit Profile' page.
In accordance with the Childrens Online Privacy Protection Act, we do not intentionally gather personal information from visitors who are under the age of 13. If you are under the age of 13, you are not permitted to submit any personal information to us. If we learn that a child under 13 submits personal information the Services we will delete the information as soon as possible. If you believe that we might have any personal information from a child under 13, please contact us at firstname.lastname@example.org.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
To be in accordance with CAN-SPAM, we agree to the following:
If at any time you would like to unsubscribe from receiving future emails, you can email us at email@example.com. Further you can follow the instructions at the bottom of each email, and we will promptly remove you from email correspondence.
We're always keen to hear from you.
If you’re curious about what personal data we hold about you or you have a question or feedback for us on this notice, our websites or services, please get in touch at firstname.lastname@example.org.