Effective January 13, 2020
2. Information we collect
We collect information from you including activity and usage data from the Whiteblock web site, any email you may send us or that you may respond to, or one of our email newsletters or other emails that we may send to you from time to time related to our products and services.
We collect personal information from you every time you enter data into online forms on the Whiteblock web site, contact us with questions regarding our services or to request a demonstration of our products and make other opportunities available that ask individuals to provide personal information such as their name and email address. You may also provide personal information when you request a whitepaper or other information from Whiteblock and may provide our employees with your business card, or provide information for billing and other business purposes.
If you create an account on the Whiteblock web site, we collect your username, password, email address, country, account type and may collect billing information when you register. For users that register an account with Whiteblock, our server logs also automatically collect user information such as users’ IP addresses, pages users access, browser type and language, and the date and time of visits, which helps Whiteblock track use of the web site and understand trends.
We and/or our selected third-party partners may also collect data about visitors’ activities on this Web site and across the Internet over time for nonadvertising purposes, including to conduct analytics, measure trends, and streamline web site usability. The technologies used for this purpose may include log files, cookies, web beacons, and social media plug-ins. One of the service providers we use is Google Analytics. To learn more about how Google Analytics collects and processes data and the choices you may have to control these activities, you may visit https://www.google.com/policies/privacy/.
3. How we use the information we collect
3.1. We process personal data about you either with your consent or in order to: • Fulfill our contractual responsibility to deliver the services to you
• To pursue Whiteblock’s legitimate interests of:
• improving service experience; and
• developing new products and service features.
By licensing one or more of our products and services, or by viewing content on our web site, you have consented to us using certain types of tracking and third-party cookies on our services. For more information, see Section 6 below.
3.2. We or third-party data and advertising platforms that we work with may use or combine multiple technologies, such as cookies, page tags, mobile identifiers and IP addresses to infer users’ common identities across different services and multiple devices such as tablets, browsers, and mobile phones. We may do so, for instance, to tailor ads to users, to enable us to determine the success of our advertising campaigns and to improve upon them. These third-party data and advertising platforms may sometimes use data that we provide to them in order to improve their technologies and their ability to match common devices to users. We also may also use this to measure the performance of email messaging and to learn how to improve email deliverability and open rates.
The above data and techniques are used for personalized marketing, analytics, and related purposes. We may also use this data to personalize online marketing campaigns to be relevant to you and your interests in our services. By clearing your cookies in your browser settings you will no longer see personalized messages in this way but you continue to see ads over the internet that are not based on information you provided to Whiteblock.
• Contact Information.
We use contact information to respond to your inquiries, send you information as part of the services, and send you marketing information (for as long as you do not opt-out).
• How you use our services.
We use information about how you use our services to improve our services for you and all users. We collect information about the types of plans you purchase and your account transactional behavior to help direct you and your organization to other relevant features and services we offer and help you in using our services, for example by making recommendations for you to optimize use of our services.
• Device and browser data.
We use device data both to troubleshoot problems with our service and to make improvements to it. We also infer your geographic location based on your IP address. We collect this to help us improve your service experience through a specific device/browser by optimizing how the services look in a particular device, and to ensure the service operates optimally and as it should on different devices and browsers.
• Log data.
We use log data for many different business purposes to include:
• To monitor abuse and troubleshoot.
• To create new services, features, content or make recommendations.
• To track behavior to identify and understand trends in the various interactions with our services.
• To fix bugs and troubleshoot product functionality. • Referral information.
We use referral information to track the success of our integrations and referral processes. • Third parties and integrations.
We collect and use information from third parties and integration partners to:
• To personalize our services for you; and
• Ensure you can use our service in conjunction with other services. • Service and Marketing uses.
○ We use information we hold about you to help us to make our sales and marketing efforts more relevant to you and to personalize and improve your service experience. Some information about you may be provided to us from third party sources.
○ To manage our services we will also internally use your information and data, for the following limited purposes:
To enforce our agreements where applicable.
To prevent potentially illegal activities.
To screen for and prevent undesirable or abusive activity.
• Legal uses.
To respond to legal requests or prevent fraud, we may need to use and disclose information or data we hold about you. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
3.4. We collect and use your account information on the basis that we have to use this information in order to fulfill our contract with you. We need to use your account information to run your account, provide you with services, bill you for our services, provide you with customer support, and contact you about your service or account. We occasionally send you communications of a transactional nature (e.g. service-related announcements, billing-related matters, changes to our services or policies, a welcome email when you first register). You cannot opt out of these communications since they are required to provide our services to you.
4. Information we share
We may need to disclose your information to third parties such as to law enforcement authorities or our legal advisers, where it is necessary to comply with the law or regulation; enforce or apply our user terms and conditions; to protect our rights, or to preserve the safety of our users. This may include exchanging information with other companies and organizations for fraud protection.
We may also share your personal information with companies that provide services to help us with our business activities (e.g. processing payments or submitting emails to you on our behalf), in connection with any merger, a sale of all or substantially all of Whiteblock’s assets, or a financing or acquisition of all or a portion of our business to another company. Whenever we share your personal information for this reason, we will ensure that the recipient is bound by all appropriate confidentiality obligations and that it commits to using your personal information only for the purposes for which you originally provided it.
You should also be aware that the information submitted to public areas, such as our blogs, may be read, collected, and used by others who access them.
• To gather metrics about your experience.
• To make our services easier to use.
For example, the “Remember me” feature when you sign into your account, we store your username in a cookie to make it quicker for you to sign in whenever you return to the Whiteblock web site.
• For security reasons.
• To provide you with personalized content.
We store user preferences, your default language, device and browser information, your profile information which includes, the level of usage of service and the web-pages on our site which you visit, so we can identify you across devices and personalize the content you see.
• To improve our services.
• To advertise to you.
We, or our service providers and other third parties we work with, place cookies when you visit our web site and other web sites or when you open emails that we send you, in order to provide you with more tailored marketing content (about our services or other services), and to evaluate whether this content is useful or effective. For instance, we evaluate which ads are clicked on most often, and whether those clicks lead users to make better use of our tools, features and services.
• Google Analytics.
In addition to the above, we have implemented on our web sites and other services certain Google Analytics features that support Display Advertising, including re-targeting. Visitors to our web sites may opt out of certain types of Google Analytics tracking, customize the Google Display Network ads by using the Google Ad Preferences Manager and learn more about how Google serves ads by viewing its Customer Ads Help Center. If you do not wish to participate in Google Analytics, you may also download the Google Analytics opt-out browser add-on.
You can choose to remove or disable cookies via your browser settings.
6. Third Party Web sites
The Whiteblock web site may contain links to web sites operated by third parties whose privacy practices may differ from ours. While we endeavor to associate only with reputable entities, Whiteblock is not responsible for the privacy practices of these other web sites. We encourage you to check the privacy policies of all web sites that you visit.
7. How Do We Keep Information Secure?
The security of your personal and nonpersonal information is important to us. Whiteblock uses reasonable physical, managerial, and technical safeguards to prevent loss, misuse, and unauthorized access, disclosure, destruction and alteration of the information that our web site collects.
Please be aware, however, that no data security measures can be guaranteed to be completely effective. Consequently, Whiteblock cannot ensure or warrant the security of collected data or other information. In particular, we cannot guarantee that collected data or other information will not be disclosed, altered, or accessed in accidental circumstances or by unauthorized or unlawful acts of others.
8. How Long Do We Keep This Information For?
Whiteblock retains personal information we collect from you as long as we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements, resolve disputes and enforce our agreements) unless a longer retention period is required or permitted by law.
Whiteblock retains nonpersonal information as long as is legitimately necessary unless a longer retention period is required or permitted by law.
Whiteblock will delete or otherwise discard customer data or data we collect about you while using our services at our discretion or when you contact us to do so. You can initiate such a request by contacting email@example.com.
9. Legal Basis For Processing (European Union and Switzerland Visitors Only)
If you are a visitor from the European Union (EU) and Switzerland, our legal basis for collecting and processing the information described above will depend on the information concerned and the specific context in which we collect and process it. We collect and process information from you only where we have your consent (Art. 6 para 1 lit. a) GDPR), where we need the information to provide our contractual obligation to you (Art. 6 para 1 lit. b) GDPR) or where we have a legitimate interest to do so.
10. International Transfers
Whiteblock complies with the U.S. Children’s Online Privacy Protection Act (COPPA) and does not knowingly collect personal information from children under the age of thirteen (13) or from web sites or online services directed to children under the age of thirteen (13).
If you are a visitor from the European Union (EU) or Switzerland, Whiteblock does not process the personal data of a child younger than 16 years old. Whiteblock makes reasonable efforts to verify in such cases that consent is given or authorized by the holder of parental responsibility over the child, taking into consideration available technology.
Consumers should not create Whiteblock accounts on our Web site or license our services, unless they are legally old enough to from a binding contract and in any case are 18 years of age or older. In the unlikely event that you are the parent or legal guardian of a child under 18, who has registered with the Whiteblock web site or has licensed services from us, please contact firstname.lastname@example.org to have your child’s personal information deleted.
12. Sensitive Personal Data
We do not knowingly collect or obtain from third parties, any personal data, including any “Sensitive Personal Data,” as defined under the GDPR. “Sensitive Personal Data” are personal data, revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership; data concerning health or sex life and sexual orientation; genetic data or biometric data.
13. Your Rights
• You have the right to access the information that company maintains about you, request deletion of your data, update your data, object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information and you correct or amend that information if it is inaccurate or has been processed in violation of privacy laws, to the extent allowed by law, including the General Data Protection Regulation (GDPR).
• If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
• You have the right to opt-out from our marketing communications at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you.
• You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
To exercise these rights, please email email@example.com.
14. Changes In Corporate Structure
16. Privacy Shield
Whiteblock complies with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks (“Frameworks”) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal
We may be accountable for the personal information we receive under the Privacy Shield that we may transfer to third parties if they process personal information in a manner inconsistent with the Privacy Shield Principles and we are responsible if they do so and for the harm caused.
Within the scope of this privacy notice, if a privacy complaint or dispute cannot be resolved through Whiteblock, Inc.’s internal processes, Whiteblock, Inc. has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe under the Privacy Shield Dispute Resolution Procedure, please submit the required information to VeraSafe here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/.
If your complaint is not resolved through these channels, under certain conditions a binding arbitration option may be available before a Privacy Shield Panel. For additional information, please visit: https:// www.privacyshield.gov/article?id=ANNEX-I-introduction.
The Federal Trade Commission has jurisdiction over Whiteblock’s compliance with the Privacy Shield.
17. Contacting Us
The California Consumer Privacy Act (“CCPA”) provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting or selling that personal information.
• The categories of third parties with whom we share that personal information.
• The specific pieces of personal information we collected about you.
• If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
• sales, identifying the personal information categories that each category of recipient purchased; and
• disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
1. Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
2. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
3. Debug products to identify and repair errors that impair existing intended functionality.
4. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
5. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
6. Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
7. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
8. Comply with a legal obligation.
9. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access and Deletion Rights
To exercise the access and deletion rights described above, please submit a verifiable consumer request to us by email at firstname.lastname@example.org.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or deletion once within a 12-month period. The verifiable consumer request must:
• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
You do not need to create an account with us to exercise your opt-out rights. We will only use personal information provided in an opt-out request to review and comply with the request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
• Deny you goods or services.
• Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• Provide you a different level or quality of goods or services.
• Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
Other California Privacy Rights
California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please write us at email@example.com.