Digital Engagement Services - Privacy Notice
Updated: August 12, 2021
Thank you for your interest in the services known as “Digital Engagement Services”, namely AppInsight, AppIdentity and AppWise, brought to you by AppDirect, Inc.(together with its subsidiaries, "AppSmart," "we," "us," or "our"). This Privacy Notice describes how AppDirect collects, uses, discloses, and stores your information obtained through the Digital Engagement Services (the “Services”) which is a productivity suite of services including AppWise, AppInsights and AppIdentity.
Introduction to the Service
- The Information We Collect
- How We Use Your Information
- Legal Bases For Processing Personal Information (For EEA Visitors)
- Online Analytics And Advertising
- How We Share Your Information
- Third Party Links And Features
- Security
- Data Retention
- Children’s Privacy
- Your Choices And Rights
- Information For California Residents
- Information for Brazil
- Information For International Users
- Changes And Updates To This Privacy Notice
- Contact Information
1. Introduction to the Services
The Services consist of three main capabilities: AppWise, App and Identity management.
AppInsights. This capability is a productivity tool than enhances the application experience and boosts productivity by allowing users to simultaneously search for information in their email, cloud storage, messaging platform, and a host of other applications and receive a single, organized search result. As users search, this capability automatically shows what services and content types contain the terms being looked for, so users can quickly get to the information they need.
AppWise. This capability integrates with a variety of information sources (such as applications, databases, spreadsheets and custom data APIs) and provides users with real-time reporting, data analytics, and visualizations. This allows them to communicate strategies, develop insights, and align teams, driving collaboration by uniting people around the key numbers to help meet the company's business goals.
AppIdentity. This capability provides a single sign-on service, allowing users to use a single set of credentials to launch all their web applications from a single web page. It also provides IT managers with user directory integration, user provisioning, and access control and logging solutions. These tools provide administrative control over cloud consumption while offering secure and convenient access to applications.
2. The Information We Collect
We collect information in multiple ways, including:
Information you provide. We collect any information that you provide us when you use the Services, including:
- Registration and Profile Information. If you register for one of our Services, we will ask you to provide your name, email address, and title. You may optionally provide additional profile information such as your phone number, date of birth, IM screen name, Twitter handle, and professional experience.
- Information from Third-Party Cloud Services. If you connect to third party cloud-based services and provide the needed permissions when requested, you authorize and enable us to access your third party cloud-based services and the content (“Third Party Service Content”) contained on those services in order to provide the Services and to provide you with productivity tools. The Services may retrieve data maintained by these third party cloud-based services and copy it in a different format to AppSmart-controlled servers. The data can then be stored, aggregated, modified, removed, or provided to other users in case you are sharing content with other users. This allows us to provide you with search,data analytics, visualization and user management functionality for your data. The type of data copied to AppSmart-controlled servers depends entirely on the type of data you store and maintain in the third-party cloud-based services. You can disconnect any third party cloud-based services at any time. Once disconnected, AppSmart will no longer aggregate new data from that service. We will only use Third-Party Cloud Service Content to provide the Services, and AppDirect employees will not read your Third-Party Cloud Service Content unless you consent, it is necessary for security purposes or to comply with applicable law, or we need to use it for internal operations (but we will aggregate or anonymize it first).
- Communications and Other Interactions. We may collect information you provide if you interact with other users through the Services. We may also collect information through your communications with our sales or customer-support team.
Information we collect through automated means. We and our service providers (which are third party companies that work on our behalf) may use a variety of technologies, including cookies and similar tools, to assist in collecting certain technical information from your computer or mobile device.
- Device and Usage Information. When you use the Services or open one of our HTML emails, we may automatically record certain information from your web browser by using different types of technology, including standard log files, "clear gifs" or "web beacons." This automatically collected information may include Internet Protocol address ("IP Address") or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or just after you visit the Services, the pages you view on the Services, and the dates and times that you visit the Services.
- Cookies: When you use the Services, we may send one or more cookies – small text files containing a string of alphanumeric characters – to your computer. Cookies help us to operate and improve our services, customize your experience and preferences, allow you to access and use our services without re-entering your email and password and to understand which areas and features of our services are most popular and count visits. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits. Persistent cookies can be removed. Please review your web browser "Help" file to learn the proper way to modify your cookie settings.
Please note that if you delete, or choose not to accept, cookies from the Services, you may not be able to utilize the features of the Services to their fullest potential. Additionally, as we adopt additional technologies, we may also gather information through other methods. - Analytics Information. We use website and application analytics services provided by internal and third parties that use cookies and other similar technologies to collect information about the use of our Services and to report trends, without identifying individual visitors. The third parties that provide us with these services may also collect information about your use of third-party websites.
Information we collect from others. We may also obtain information from third parties and sources other than the Services that we combine with information collected through the Services. The types of information we collect from third parties include company roles and system identification numbers and we use the information we receive from these third parties to the extent necessary to provide the Services or maintain and/or improve the accuracy of the records we hold about you.
3. How We Use Your Information
We, or our service providers, use your information (including any information that we collect, as described in this Privacy Notice) for various business and operational purposes depending on the types of information we have collected from and about you and the specific Service you use, in order to:
- Respond to your request for information and provide you with more effective and efficient customer service
- Provide you with updates and information about products you have purchased from us
- Contact you by email, postal mail, or phone regarding AppSmart and third party products, services, surveys, research studies, promotions, special events and other subjects that we think may be of interest to you. (We will not use Third Party Service Content for this purpose, however.)
- Customize the content of the Services
- Help us better understand your interests and needs, and improve the Services
- Engage in analysis, research, and reports regarding use of our Services
- Synthesize and derive insights from your use of different Services
- Provide, manage, and improve the Services and their performance, and test and create new products, features, and services
- Secure our websites, products, software, or applications
- Understand and resolve app crashes and other issues being reported
- Comply with any procedures, laws, and regulations which apply to us where it is necessary for our legitimate interests or the legitimate interests of others
- Establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others
- Protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or our Services
- Prevent fraud
We will only use Third-Party Cloud Service Content as described in Section 2 above.
Combined information. For the purposes discussed in this Privacy Notice, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Privacy Notice. Where we combine that information with Third Party Service Content, it will only be used where it is consistent with our use of Third Party Service Content in this Privacy Notice.
Aggregate/anonymous data. We may aggregate and/or anonymize any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/Anonymous Information”). We may use Aggregate/Anonymous Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with any third parties, including advertisers, promotional partners, and sponsors. We will only use aggregated or anonymized Third Party Service Content to provide or improve the Service, however.
4. Legal Bases For Processing Personal Information (For EEA Visitors)
If you are a resident from the European Economic Area, our legal bases for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. Generally, the legal bases are as follows:
- Where use of your information is necessary to perform our obligations under a contract with you (for example, to comply with: the terms of service of our websites which you accept by browsing the websites/registering; and/or our contract to provide our Services to you).
- Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security for our websites, products, software, or applications; operate our business and our Services; ensure safe environments for our staff and visitors; make and receive payments; comply with legal requirements and defend our legal rights; prevent fraud and to know the customer to whom we are providing Services).
- Where we have your consent, in accordance with applicable legal requirements, to use your information for a particular purpose.
- Where we use your information to comply with applicable legal obligations (for example, keeping track of purchases for tax and auditing purposes).
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contact Information” section below.
5. Online Analytics And Advertising
Analytics. We may use third-party web and mobile application analytics services (such as those of Google Analytics) on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on.
Marketing. Except for Third Party Service Content, we may use information we collect for marketing purposes, such as providing you with promotional materials that may be useful, relevant, valuable or otherwise of interest to you, in accordance with your marketing preferences. Where required under applicable law, we will obtain your prior opt-in consent to send you electronic marketing communications. You will have the ability to opt-out of receiving any such communications, either through unsubscribe links provided in the messages, by updating your account preferences, or by contacting us using the contact details provided under the "Contact Information" section below.
Notice Concerning Do Not Track. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our website for third party purposes, and that is why we provide the variety of opt-out mechanisms listed above. However, we do not currently recognize or respond to browser-initiated DNT signals. Learn more about Do Not Track.
6. How We Share Your Information
We may share your information in a variety of circumstances in connection with the operation of our business:
- Vendors and Service Providers. AppSmart works with third party service providers who provide website development, hosting, maintenance, and support as well as other business services for us. To the extent it is necessary for these service providers to provide the services, these third parties may have access to or process your information.
- Other Users. The Services allow users to communicate in a variety of ways. Any information that you voluntarily choose to include in an area on the Services that is accessible to another user, such as a public profile page or in a review, comment, posting, electronic message, or other User Submission, will be available to other users who have access to that content. Once you make your information available to others in any of these ways, it may be collected, used, and disclosed by the recipients without restriction.
- Employers. If your employer is enrolled with the Services, and you sign up for the Services using your employer email account, we will report information to your employer's administrator such as service usage statistics that may include names of most active users, top search terms that are used, number of documents indexed and services that are accessed.
- Aggregate/Anonymous Information. AppSmart may disclose Aggregate/Anonymous Information with interested third parties, to assist such parties in understanding the usage, viewing, and demographic patterns for certain programs, content, services, advertisements, promotions, and/or functionality on the Services. We will only share aggregated or anonymized Third Party Service Content with third parties if it is necessary to provide or improve the Service, however.
- Third Party Applications. We may enable you to share information from the Services to third party applications. We are not responsible for how you share this information through these or similar services. These third parties may use or share your information in accordance with their own privacy policies. We strongly suggest you review the third parties’ privacy policies if you use the relevant features.
- Affiliates and Subsidiaries. We may share information with affiliates and subsidiaries.
- As Required by Law and Similar Disclosures. We may disclose information about you: (i) if we are required to do so by law, regulation, or legal process, such as a court order or subpoena; (ii) in response to requests by government agencies, such as law enforcement authorities; (iii) when we believe disclosure is necessary or appropriate to protect the rights, property, or safety of AppSmart, our users and partners, or the public; and (iv) to enforce our agreements, policies, and Terms of Service.
- Merger, Sale, or Other Asset Transfers. We reserve the right to transfer your information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets.
- Consent. We may also disclose your information to any third parties based on your permission to do so.
7. Third Party Links and Features
The Services may contain links to and integrate with websites and services provided by third parties. Any information you provide on third party sites or services is provided directly to that third party and is subject to that third party's policies, if any, governing privacy and security. We are not responsible for the content or privacy and security practices and policies of third party sites or services to which links are displayed on the Services. We encourage you to learn about third parties’ privacy and security policies before providing them with your information.
8. Security
AppDirect utilizes a combination of physical, technical, and organizational security measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. Please note that no data transmission over the Internet or method of electronic storage can be guaranteed to be 100% secure. We cannot ensure or warrant the security of any information you transmit to AppDirect, and you do so at your own risk. Once we receive your transmission of information, AppDirect endeavors to secure our systems, but please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by system malfunction or circumvention of our safeguards.
Where we have given you (or where you have chosen) a password which enables you to access our services, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
9. Data Retention
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements). The length of time for which we retain information depends on the purposes for which we collected and use it and/or as required to comply with applicable laws.
10. Children’s Privacy
The Services are intended for general audiences and not for children under the age of 13. If we become aware that we have collected “personal information” (as defined by the United States Children’s Online Privacy Protection Act) from children under the age of 13 without legally valid parental consent, we will take reasonable steps to delete it as soon as possible. We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible. We also comply with other age restrictions and requirements in accordance with applicable local laws.
11. Your Choices And Rights
We respect your right to make choices about the ways we collect, use, and disclose your information.
Your legal rights. Depending on the laws of your local jurisdiction, you may have certain rights and choices with respect to your information. For example, under local laws, you may be able to ask us to:
- provide access to and/or a copy of certain information we hold about you
- prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
- update or rectify information which is out of date or incorrect
- delete certain information which we are holding about you
- oppose, cancel, or restrict the way that we process and disclose certain of your information
- transfer your information to a third-party provider of services
- revoke your consent for the processing of your information
We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. We may request you provide us with information necessary to verify your identity before responding to your request as required or permitted by applicable law.
You have the right to complain to a data protection authority about our collection and use of your personal information. Alternatively, you may seek a remedy through local courts if you believe your rights have been violated.
Marketing. You may instruct us not to use your contact information to contact you by email, postal mail, or phone regarding products, services, and promotions that might appeal to your interests through unsubscribe links provided in the messages, by updating your account preferences, or by contacting us using the contact details provided under the "Contact Information" section below.
Please note that, regardless of your request, we may still use and share certain information as permitted by this Notice or as required by applicable law. For example, you may not opt out of certain operational emails, such as those reflecting our relationship or transactions with you.
12. Information For California Residents
This section applies only to “personal information” about California residents, as that term is defined in the California Consumer Privacy Act (“CCPA”), and it supplements the information in the rest of our Privacy Notice. Data about individuals who are not residents of California may be handled differently and is not subject to the same California rights described below. This section does not apply to personal information we collect from employees or job applicants in their capacity as employees or job applicants. It also does not apply to personal information we collect from employees, owners, directors, officers, or contractors of businesses in the course of our provision or receipt of business-related services.
CCPA categories of California Personal Information we collect. Throughout this Notice, including the “Information we collect” section, we discuss in detail the specific pieces of personal information we collect from and about our users. Under the CCPA, we are also required to provide you with the CCPA “categories” of personal information we collect. The categories we collect are: identifiers (such as name, address, email address); commercial information (such as transaction data); financial data (such as credit card information); internet or other network or device activity (such as browsing history or IP address); location information (e.g., your city and state based on IP address or precise location, with your consent); professional or employment related data; audio information (e.g., call recordings if you don’t opt out); and other information that identifies or can be reasonably associated with you. We also may collect certain categories of information that you choose to disclose as part of your use of the Service.
How We Use and Disclose These Categories of Personal Information. We and our service providers may use and disclose (and in the past 12 months have used and disclosed) all of the personal information we collect for the business purposes described in this Notice, and in accordance with our disclosures in the “How we use your information” section above.
How We Share These Categories of Personal Information. We describe our information sharing practices in the “How we Share your information” section above. If you use the Services for feeds and visualizations using your employer email account, we may share identifiers and internet or other network or device activity with your employer.
Your California Privacy Rights. If you are a California resident, the CCPA allows you to make certain requests about your personal information. Specifically, the CCPA allows you to request us to:
- Inform you about the categories of personal information we collect or disclose about you; the categories of sources of such information; the business or commercial purpose for collecting your personal information; and the categories of third parties with whom we share/disclose personal information.
- Provide access to and/or a copy of certain personal information we hold about you.
- Delete certain personal information we have about you.
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right not to be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the Services to you. If you ask us to delete it, you may no longer be able to access or use the Services.
If you would like further information regarding your legal rights under California law or would like to exercise any of them, please contact us at privacy@appsmart.com. You will need to provide us with information sufficient to verify your identity before we can satisfy your request. To do so, you will need to provide us with certain information regarding yourself and/or your usage of the Services. You may also designate an authorized agent to make a request on your behalf. To do so, you need to provide us with written authorization for the agent to act on your behalf. You will still need to verify your identity directly with us.
The CCPA sets forth certain obligations for businesses that “sell” personal information. Based on the definition of “sell” under the CCPA and under current regulatory guidance, we do not believe we engage in such activity and have not engaged in such activity in the past twelve months. We do share certain information as described in the “How we share your information” section above, and we allow third parties to collect certain information about your activity, for example through cookies, as explained above. You can control these cookies through browser settings and other controls; for more information, see the “Online analytics and advertising” section above.
California “Shine the Light” Disclosure
The California “Shine the Light” law gives residents of California the right under certain circumstances to opt out of the sharing of certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes.
13. Information for Brazil
This section applies to personal data processing activities under Brazilian law, and takes effect on the LGPD’s effective date.
If you are a resident of Brazil, you may have certain rights. Brazilian law may permit you to request that we:
- confirm whether we process your data;
- provide access to and/or a copy of certain information we hold about you;
- correct incomplete, inaccurate and outdated data;
- anonymize, block or delete data that is unnecessary, excessive or not being processed in accordance with Brazilian data protection law;
- port your personal data to another service or product vendor;
- delete personal data processed with your consent, when applicable;
- provide you with information regarding the public and private entities with which we share data;
- provide you with information about the possibility of withdrawing consent and the consequences of such withdrawal, where applicable;
- withdraw your consent.
To exercise your rights, please contact us at privacy@appsmart.com. You may be required to verify your identity before we fulfill your request. To do so, you will need to provide us with certain information regarding yourself and/or your usage of the Services.
14. Information For International Users
Please note that in providing services to you, we may subcontract the processing of your data to, or otherwise share your information with, other members within the AppSmart group, trusted service providers, and trusted business partners in countries other than the country in which the information was originally collected, including the United States of America. Please note that the privacy laws in those countries may be different from the laws applicable to the place where you are a resident.
If you live in the EEA, please note that if we provide any information about you to any non-EEA members of our group or third party information processors, we will take appropriate safeguards, as required by applicable law. These safeguards include the use of Standard Contractual Clauses, which may be used in conjunction with additional safeguards. We have implemented similar appropriate safeguards with our third party service providers and partners. For more information about these safeguards, please contact us as set forth below.
15. Changes And Updates To This Privacy Notice
Please revisit this page periodically to stay aware of any changes to this Privacy Notice, which may be revised from time to time at AppSmart's sole discretion. If we modify the Privacy Notice, we will make it available through the Services, and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder, we will notify you as may be required by law.
Our amended Privacy Notice will automatically take effect 30 days after it is made available through the Services, except that (i) we will not, without your consent, use your previously collected personal information in a manner inconsistent with the Privacy Notice in effect when we received that information, and (ii) if you do not agree with any changes to the Privacy Notice, you may terminate your account ceasing use of the Services.
15. Contact Information
If you have any questions, concerns or complaints regarding the use or disclosure of your information or if you would like to review, delete or update information we have about you or your preferences, you can contact us by either mail or email:
AppDirect, Inc., Attn. Privacy Office
650 California Street, Floor 25
San Francisco, CA 94108
USA