This agreement was last modified on May 24, 2018.
Thanks for using DropTrack. Protecting your privacy is very important to us. This policy explains the what, how, and why of the information we collect when you use DropTrack. It also explains the specific ways we use and disclose that information. We never sell lists or email addresses.
The processing of Personal Data shall always be in line with the General Data Protection Regulation (“GDPR”), and in accordance with country-specific data protection regulations applicable to DropTrack.
We have implemented a number of technical and organizational measures to ensure the most complete protection of Personal Data processed through the Site.
For the purpose of the GDPR:
- In respect of the Personal Data of the Website and the Services the Data Controller is DropTrack;
Collection and Use of Information
Information Collected or Received from You
We collect information you provide directly to us. For example, we collect information when you participate in any interactive features of our services, fill out a form, request customer support, provide any contact or identifying information or otherwise communicate with us. The types of information we may collect include your name, email address, mailing address, credit card information, and other contact or identifying information you choose to provide.
Information We Collect Automatically When You Use the Services
Account holder Information
If you create an Account, we’ll collect certain personal information that can be used to identify you, such as your name and email address (“Personally Identifiable Information” or “PII”). In addition, if after you create an Account you connect it with your Facebook Account, we’ll be able to access and collect certain information, including your PII, that your privacy settings on such Facebook Account permit us to access. We may also collect your gender, zip code, and other information that is not considered PII because it cannot be used by itself to identify you. When you register for any Paid Services, we may collect your credit card information if you opt to pay using a credit card.
If you don’t register for an Account, but join our waitlist for future features or subscribe to our mailing list for receiving updates from our blog, we’ll collect your PII, such as your name and email address. We may use your PII to contact you by email any time we release a new feature or update our blog.
Like many website owners and operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information.
“Web Beacons” (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services and to monitor how many visitors view our Services. Unlike Cookies, which are stored on the user’s hard drive, Web Beacons are typically embedded invisibly on web pages.
Information Related to Use of the Services
Our servers automatically record certain information about how a person uses our Services (we refer to this information as “Log Data”), including both Account holders and non-Account holders (either, a “User”). Log Data may include information such as a User’s Internet Protocol (IP) address, browser type, operating system, the pages or features of our Services to which a User browsed and the time spent on those pages or features, search terms, the links on our Services that a User clicked on, music that a User listened to, and other statistics. We use Log Data to administer the Services, and we analyze (and may engage third parties to analyze) Log Data to improve, customize, and enhance our Services by expanding their features and functionality and tailoring them to our Users’ needs and preferences.
When you create your Account and when you connect your Account with your Facebook Account, we may collect and store information about your location if your privacy settings on such Facebook Account permit us to access. We may use location information to improve and personalize our Services for you.
By accessing and using our services, you consent to the processing and transfer of your information in and to the United States and other countries.
INFORMATION WE COLLECT AS A DATA PROCESSOR
1. Client Data
We may collect Personal Data about you that our clients have chosen to share with us, that is collected by their services or applications, such as your email address, name, birthdate and any other information included in a support ticket.
Our clients may have integrated DropTrack applications into their systems or vice versa. This means we may collect Personal Data that our clients may send to us either manually or automatically through API that is integrated with our system.
As a data processor DropTrack does not choose the information that will be sent to it by its clients and follows the instructions of its clients in connection with the processing of all of such information.
2. Use of Your Personal Data
In general, Personal Data you submit to us is used either to respond to requests that you make, or to aid us in provide the Services in a personalised, safe and efficient manner. We collect, use, store and share your Personal Data in the following ways:
- to conduct our business;
- administer contracts including to negotiate, execute and or manage a contract with you;
- for any marketing purposes;
- to facilitate the creation of and secure your Account;
- identify you as a user in our system;
- research, develop and improve our Site and Services;
- customize content to match your preferences;
- prevent suspended users from re-registering;
- provide the Services;
- send you a welcome e-mail to verify ownership of the e-mail address provided when your Account was created;
- provide you with access to protected areas of the site and to authenticate your account;
- send you administrative e-mail notifications, such as security or support and maintenance advisories;
- respond to your inquiries and requests;
- to make telephone calls to you, from time to time, as a part of secondary fraud protection or to solicit your feedback;
- to send newsletters, surveys, offers, and other promotional materials related to our Services and for other marketing purposes of DropTrack;
- comply with our legal obligations, a request by a governmental agency or regulatory authority or legally binding court order;
- aggregate and/or make anonymous your personal information, so that it cannot be used, whether in combination with other information or otherwise, to identify you;
- resolve disputes and to identify, test and resolve problems;
- notify you about the Site and updates to the Site from time to time;
- supply you with generalized, targeted or personalised marketing, advertising and promotional notices, offers and communications, and measure and improve our marketing, advertising and promotions based on your ad customisation preferences; or
- protect a person’s rights, property or safety.
If you access the Site from a shared device or a device of a third party (such as in an internet café), your personal information may also be available to other persons who access that device.
CREATION OF ANONYMOUS DATA
We may create Anonymous Data records from Personal Data by excluding information (such as your name) that make the data personally identifiable to you. We use this Anonymous Data to analyze request and usage patterns so that we may enhance the content of our Services and improve Site navigation. DropTrack reserves the right to use Anonymous Data for any purpose and disclose Anonymous Data to third parties in its sole discretion.
Disclosure of Your Personal Data
1. Service Providers
We may share your Personal Data with service providers to:
- provide you with the Services that we offer you through our Site;
- to conduct quality assurance testing;
- to facilitate creation of accounts;
- to provide technical support;
- and/or to provide other services to DropTrack.
The service providers (and if necessary data processors) include:
- independent contractors who provide email and call centre support to you or our clients or us, and who assist us with the tasks listed above under “Use of Your Personal Data”;
- information technology service providers such as web host providers and analytical providers; mailing houses;
- market research organisations to enable them to measure the effectiveness of our advertising; and specialist consultants.
These third party service providers are required not to use your Personal Data other than to provide the services requested by DropTrack.
2. Affiliates and Acquisitions
3. Third parties with your consent
We may disclose your Personal Data to third parties to whom you expressly ask to us to send the Personal Data to or to third parties you consent to us sending your personal information to. We may also, with your consent or at your direction, disclose your personal information to your authorised representatives.
4. Other disclosures
We will take reasonable steps to ensure that anyone to whom we disclose your personal information respects the confidentiality of the information and abides by the APPs the GDPR or equivalent privacy laws.
Where we act as a data processor the client may also provide us with instructions with regards to disclosure.
If we can’t collect your data
If you do not provide us with the personal information described above, some or all of the following may happen:
- we may not be able to provide the requested products or services to you, either to the same standard or at all;
- we may not be able to run the competitions and promotions in a way that benefits you;
- we may not be able to provide you with information about products and services that you may want; or
- we may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful.
Third Party Sites
Managing Your Personal Data
Subject to the GDPR you may request to access the personal information we hold about you by contacting us. All requests for access will be processed within a reasonable time.
1. Accessing or Rectifying your Personal Data
If required by law and if reasonably practicable, we may provide you with tools and account settings to access, correct, delete, or modify the Personal Data you provided to us. You can download and access certain information you provide to us by emailing us. In the event that you are unable to access your account to access or rectify your Personal Data, you may submit a request to us to correct, delete or modify your Personal Data and download the data for you.
We keep data for as long as it is needed for our operations. If you deactivate and delete your account your data will no longer be visible on your account.
If you wish to have us delete your data please contact us.
3. Object, Restrict, or Withdraw Consent
If you have an account on the website you will be able to view and manage your privacy settings. Alternatively, if you do not have an account, you may manually submit a request to us if you object to any Personal Data being stored, or if you wish to restrict or withdraw any consent given for the collection of your Personal Data.
You may withdraw your consent to the processing of all your Personal Data at any time. If you wish to exercise this right you may do so by contacting us.
You may withdraw your consent or manage your opt-ins by either viewing your account on the Site or clicking the unsubscribe link at the bottom of any marketing materials we send you.
We may provide you with the means to download the information you have shared through our services. If you require such information, please email us.
We may retain your information for fraud prevention or similar purposes. In certain instances we may not be required or able to provide you with access to your personal information. If this occurs we will give you reasons for our decision not to provide you with such access to your personal information in accordance with the Privacy Act and the GDPR.
There is no application fee for making a request to access your personal information. However, we may charge an administrative fee for the provision of information in certain circumstances such as if you make repeated requests for information or where the information is held by a third party provider. Where we act as a data processor, we do so on behalf of our client and in accordance with their instructions. This means that should you wish to access, review, correct, transfer, modify or delete any Personal Data we process on behalf of a client you should contact the client with your request.
Security of Your Personal Data
DropTrack is committed to protecting the security of your Personal Data. We (and our third party service providers) use a variety of industry-standard security technologies and procedures to help protect your Personal Data from unauthorized access, use, or disclosure. We also require you to enter a password to access your Account information. Please do not disclose your Account password to unauthorized people. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while DropTrack uses reasonable efforts to protect your Personal Data, DropTrack cannot guarantee its absolute security.
International Transfer and Disclosure of Personal Data
Where we transfer Personal Data outside of the European Union or EFTA States, we ensure an adequate level of protection for the rights of data subjects based on the adequacy of the receiving country’s data protection laws.
We may disclose personal information to our related bodies corporate and third party suppliers and service providers located overseas for some of the purposes listed above. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.
We may disclose your personal information to entities located outside of America, including the following: – our related bodies corporate; – our data hosting and other IT service providers, located in various countries; and – other third parties located in various foreign countries, such as our contractors in Africa, Asia and other foreign jurisdictions.
We may disclose your personal information to entities who may store or process your data overseas.
Where we act as a data processor DropTrack complies with our client’s requests in respect of how we deal with end customer data.
Notifiable Data Breaches
We take data breaches very seriously. Depending on where you reside our policy is:
If you reside in the European Union of EFTA States:
We will endeavour to meet the 72 hour deadline as imposed by the GDPR, to report any data breach to the supervisory authority where a data breach occurs that will likely be a risk to you. Further, where there is likely to be a high risk to your rights we will endeavour to contact you without undue delay.
We will review every incident and take action to prevent future breaches.
Automated individual decision-making, including profiling
If you reside in the European Union or EFTA States, you shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or similarly significantly affects you, as long as the decision is not necessary for entering into, or the performance of, a contract between us, or is not authorized by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or is not based on your explicit consent. If you wish to exercise your rights please contact us.
Retention of Data
We keep personal information from active accounts as long as it is reasonably needed for our operations and to fulfill the purposes set out herein. We will also keep personal information from accounts that have been deactivated where we are legally required to and also where it is necessary to stop fraud, collect outstanding fees, troubleshoot problems, or otherwise enforce our other policies accessible on the Site.
Information that We Share with Third Parties
We will not share any PII that we have collected from or regarding you except as described below:
Information Shared with the General Public or other Account Holders
When you create your Account using the Services, the general public will be able to view your Account name and photo uploaded by you on your Profile, and other Account holders may be able to access any PII or non-PII made available by you on your Page via the Services, such as your name and photo.
Information Shared with Our Services Providers
We may engage third-party services providers to work with us to administer and provide the Services. These third-party services providers have access to your PII only for the purpose of performing services on our behalf. For example we will share your credit card information with Stripe or any other Payment Services Providers.
Information Shared with Third Parties
We may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes.
Information Disclosed in Connection with Business Transactions
Information that we collect from our users, including PII, is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition, or asset sale, or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your PII, may be disclosed or transferred to a third party acquirer in connection with the transaction.
Information Disclosed for Our Protection and the Protection of Others
We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.
We offer you choices regarding the collection, use and sharing of your PII and we’ll respect the choices you make. Please note that if you decide not to provide us with the PII that we request, you may not be able to access all of the features of the Services.
Modifying Your Information
You can access and modify the PII associated with your profile on your Account by editing it through web forms available on the Services. If you want us to delete data related to your Account, please contact us at email@example.com with your request. We’ll take steps to delete your information as soon we can, but some information may remain in archived/backup copies for our records or as otherwise required by law.
The Security of Your Information
We take reasonable administrative and electronic measures designed to protect the information that we collect from or about you (including your PII) from unauthorized access, use or disclosure. When you enter sensitive information on our forms, we encrypt this data using SSL or other technologies. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information.
Links to Other Sites
Your PII may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your PII to us, we may transfer your PII to the United States and process it there.
Our Policy Toward Children
Our Services are not directed to children under 13 and we do not knowingly collect PII from children under 13. If we learn that we have collected PII of a child under 13, we will take steps to delete such information from our files as soon as possible.
Your California Privacy Rights
California residents may request and obtain from us, once a year, free of charge, a list of third parties, if any, to which we disclosed their PII for direct marketing purposes during the preceding calendar year and the categories of PII shared with those third parties. If you are a California resident and wish to obtain that information, please submit your request by sending us an email at firstname.lastname@example.org with “California Privacy Rights” in the subject line.
Your Acceptance of These Terms
By using the Services, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Services. Your continued use of the Services following the posting of changes to this policy will be deemed your acceptance of those changes.
1976 S. La Cienega Blvd #369
Los Angeles, CA 90034