Types of Information Collected
• Before or at the time of collecting Personal Information, we will identify the purposes for which information is being collected.
• We will collect Personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned. The Personal Information collected is stored and managed on servers and third-party hosting services, including without limitation, Stripe, Inc., Microsoft Azure, SendGrid, WordPress.
Navigational Information. If you are visiting or using the Dashboard or the Website, we may automatically collect “Navigational Information”, such as your IP address, the date and time of the visit and how long you remained on our Dashboard or the Website, the referral URL, the pages visited on our Dashboard or the Website and information about the device and browser (such as, browser type and version and operating system). We may also collect visitor data through third party services in order to better understand visitor behavior, demographics, locations, page views, time spent on the Dashboard or the Website, and other metrics and analytics used to provide and improve the our services. In addition to the information we collect on our Dashboard or the Website, we may also collect your city location, device model and version, and OS version. This information is primarily needed to maintain the security and operation of our Services, and for Our internal analytics and reporting purposes. We do not sell this information to any third-parties, vendors, partners or affiliates.
• There are areas on our App or Dashboard where you can share information that is unique to an individual, such as your name, email address, country or region, and credit card information (“Personal Information”). We ask for this information in order to deliver requested services and products to you, respond to your questions, or deliver a product. If you communicate with us by email or complete online forms, we may require Personal Information that personally identifies you.
• Location information: after installation, the App will prompt you regarding whether to Allow or Deny the App’s access to your device’s location. If you Allow this capability, the App has functionality that can determine the device’s location. When enabled, this information is used solely for purposes of calculating the distance of the device to service providers. This location information is not transmitted to our servers, nor is it permanently stored on the device.
Push Notifications. We may request to send you push notifications regarding your account or the App. If you wish to opt-out from receiving these types of communications, You may turn them off (where applicable, in Your device’s settings) or by emailing us at firstname.lastname@example.org.
All of the above information is considered Personal Information.
• We do not knowingly solicit or collection information (including Personal Information) from anyone under 13 years of age. The use of our App, merchant dashboard, or website by anyone under 13 years of age is prohibited. We ask that anyone under 13 years of age not submit information to us. Parents can contact us to access, change, or delete the Personal Information that has been submitted by a child.
Use of Personal Information Collected
• We will collect and use Personal Information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain your consent or as otherwise required by law.
• We may use Personal Information you provide to customize your experience on our Services.
• We will only retain Personal Information as long as necessary for the fulfillment of those purposes.
• We will protect Personal Information by taking reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use, or modification.
• We may share your Personal Information to affiliates and trusted business partners with which we partner.
• We will readily make available to customers information about our policies and practices relating to the management of Personal Information.
Use and Handling of Speech and Language Data Collected
The App uses speech-based natural language dialogue with users in order to meet the objectives of the users. During the course of these dialogues we collect and subsequently store some of this information. We do not store audio or speech data. We do store language input from users, referred to as “Language Data”. In addition to using this data as stated to meet the user’s objectives, we may also use Language Data solely for analytical purposes that are intended to improve the user experience. If you object to this use of your data do not use the App.
When will information be shared?
• Service Providers and Affiliates.
ii. We and our affiliated entities may share information with third-party data controllers, law enforcement agencies and potential transaction partners where we and our affiliated entities have a legal basis to do so.
• By Law or Protected Right.
i. We may disclose part or all Personal Information collected through the Services, if (1) required by law; (2) if we believe that disclosure is necessary to comply with the law; (3) to enforce our intellectual property rights; (4) to protect the rights, property or safety of us and our employees or agents; and (5) if necessary to defend against third-party claims. We may also disclose Personal Information collected on the Services when requested to comply with a court order, investigation, subpoena or governmental request. We will notify you of such use, either by a notification on the Services or by email to you.
• Business Transfers.
• Vendors, Consultants and Third-Party Service Providers.
Who will your information be shared with?
We may share and disclose your Personal Information with the following third parties, vendors, contractors and affiliates solely for the purposes of providing and improving the Services.
a. Payment Processing: Stripe. We use this service to process payments and refunds associated with your account. We use a secure third-party payment gateway. Further we do not store your payment information.
b. Communication and Marketing: SendGrid. We use these services to communicate with you directly regarding your account, our services, promotions, offers and marketing material. You have the right to unsubscribe from marketing and advertising emails and communications from us.
c. Hosting and Servers: Microsoft Azure
d. Data Backup and Security: Microsoft Azure
e. Analytics: Google Analytics. We use (these) affiliates to better understand how users interact with our Services, in order to improve our business and services to you.
Third-party Privacy Policies
Our Services may contain links to other websites or mobile applications. We do not have control over the use of such other websites or mobile applications, and you should exercise caution when deciding to disclose Personal Information on these other websites or mobile applications. We are not responsible for the privacy policies, practices, or other content of other websites or mobile applications.
By placing and receiving orders on our App, you also agree to be bound by Stripe’s Terms and Conditions, available at: https://stripe.com/us/connect-account/legal. If you want your credit card information to be deleted from Stripe, please contact us.
How do we keep your information safe?
a. We are committed to protecting your Personal Information and we implement appropriate administrative, technical, and physical safeguards designed to safeguard the information that we collect. For instance, we encrypt all data when in transit. However, no information system can be 100% secure. This means that we cannot guarantee the absolute security of your Personal Information. Moreover, we are not responsible for the security of information you transmit to us over networks that we do not control, including the internet and wireless networks, or the data that is stored on your device. Although we will do our best to protect your Personal Information, transmission of Personal Information to and from our Services is at your own risk. You should only access the services within a secure environment.
b. Secure Sockets Layer (SSL) technology protects data on our Services using both server authentication and data encryption, ensuring that user data is safe, secure, and available only to authorized persons.
c. Our computer systems are hosted in a secure data center environment that uses a firewall, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders.
d. Technical Safeguards:
i. Unique password requirements and limited employee access;
ii. Destruction, deletion or de-identification of personal data;
iii. Industry standard security protocols;
iv. Employee training on how to handle sensitive data, breach notice and procedures;
v. Secure Technology (SSL), server authentication and data encryption and use of firewall to host data;
vi. Designated security coordinator on the team;
vii. Sub-processors and third-parties are bound to same security practice obligations;
viii. Backups; and
ix. Periodic audits.
We will comply with all applicable federal and state laws that require notification to individuals, entities, state agencies, or federal agencies in the event of a data breach. When we reasonably suspect and/or become aware of a disclosure or security breach concerning any Personal Information, we will notify the affected individual immediately and mitigate the damage of such security breach to the greatest extent possible. We further agree that we will fully cooperate, and assist as specifically requested. In the event of an actual data breach or the unauthorized access or disclosure of any sensitive or personal data, we will notify you in writing as soon as possible outlining the following information:
i. What happened (date of breach is possible, or estimated date of incident, or the date range within which the breached occurred);
ii. What information was involved (list the type of Personal Information);
iii. What we are doing to help resolve or mitigate the issue (and if there was any delay in providing this notice due to law enforcement investigation);
iv. What you can do to help us;
v. How you can get more information or contact us;
vi. Information about what we have done to protect individuals whose information has been breached;
vii. Advice on steps that the person whose information has been breached may take to protect himself or herself; and
viii. Information about the steps we have taken to cure the breach and the estimated timeframe for such cure.