This Privacy Policy (“Policy”) of Sellect, Inc., a Delaware corporation (“our,”“us,” or “we”), applies to each individual from whom we receive personal information through our Environment (defined below), who may be our customer, user, or visitor (“you” or “your”). This Policy relates to our Terms of Use, which incorporates this Policy. This Policy describes how we collect, use and disclose your personal information. We offer a software-based service, which uses artificial intelligence (AI) to record conversations in virtual meetings with the attendees’ prior consent, analyzes the recorded content, and generates feedback and insights that are usable to improve business outcomes for our customers (our “Meeting Analyzer”). In this Policy, we use certain terms that have specific meanings, such as “automated profiling,” “biometric information,” “cross-site targeted advertising,” “deidentified,” “personal information,” “sell,” and “sensitive personal information.” For the full set of definitions, please see the end of this Policy at Section 6.9. We may update this Policy from time to time. The date provided at the top of this Policy is the latest revision date of this Policy. To request a prior version of this Policy, please contact us.
2. OUR ENVIRONMENT
The following is a list of the resources and property that we and our affiliates may use to collect your personal information, which may vary depending on the nature of your interactions with us and may not include all of the examples listed below (collectively, our “Environment”): • the website that displays this Policy (“Site”) as well as any and all additional websites, mini sites, ecommerce stores, online portals, web portals, mobile applications and electronic user interfaces owned or controlled by us that are incorporated into or connected to the Site. • our Meeting Analyzer, including the webservers of us and our affiliates that are involved in deploying, operating or otherwise supporting our Meeting Analyzer. • social media pages, email messages, text messages and direct messages.phones, computers, web cameras and other communication devices operable to receive your written, oral, telephonic and video communications. • real time communications with our representatives, including interviews, discussions, conversations and conferences via in-person interaction or video, phone or other means. • any brick-and-mortar facilities (such as stores, offices, trade show buildings and convention centers) as well as any cameras, beacons, sensors and other tracking equipment located at such facilities. any means for personal interaction or observation, such as the collection of survey results from you when you are located at such facilities. surveys, forms and other materials used to document your answers, feedback or behavior at such facilities.
3. OUR NOTICES TO YOU
3.1 No Sale. We do not sell your personal information, nor do we sell any of your sensitive personal information that we may collect. Therefore, our Site does not display a “Do Not Sell” opt-out link.
3.2 No Sharing for Cross-Site Targeted Advertising. Cross-site targeted advertising involves the use of personal information by advertising networks. The advertising networks track activities of individuals over time as they visit various websites and mobile applications. By collecting information through the use of cookies, tracking pixels, and other tracking technologies, the advertising networks create a data file that is intended to represent an individual’s interests. Based on the files, various types of businesses may send ads to individuals regarding products or services related to their interests. We do not provide your sensitive personal information (if collected) or any of your other personal information to these types of advertising networks. In other words, we do not share your personal information for cross-site targeted advertising, nor do we share your sensitive personal information, if collected, for cross-site targeted advertising. For the reasons described above, our Site does not display a “Do Not Share” opt-out link.
3.3 Minors Under 16 Years of Age. As indicated above, we do not sell the personal information of any consumer under 16 years of age, nor do we share the sensitive personal information of any consumer under 16 years of age for cross-site targeted advertising.
3.4 Sensitive Personal Information. We may collect your sensitive personal information depending upon the intended use of our Environment, the nature of our transactions and communications with you, and our Business Purposes (defined in Section 3.6). To the extent required by applicable law, we will obtain your consent before collecting your sensitive personal information. If we collect your sensitive personal information, we may use or disclose it only: (a) as authorized by applicable law; or (b) as necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services, including the services that we perform for the Service Purposes (defined in Section 3.6). For the reasons described above, our Site does not display a “Limit the Use of My Sensitive Personal Information” opt-out link.
3.5 Categories of Personal Information That We Collect. The following is a list of the categories of your personal information that we may collect for our Business Purposes, which may vary depending on the nature of your interactions with us and may not include all of the examples listed below: Identifiers – such as your real name, alias, postal address, telephone number, unique personal identifier, online identifier, username, email address, account name, social security number, driver’s license number, state identification card number, passport number, signature, social security number, or other similar identifiers.
• Network Activity and Device Information – such as your Internet Protocol (IP) address, device, browser, internet or other electronic network activity information, including browsing history, search history, information regarding your interaction with an internet website, application, or advertisement, network routing information (where you came from), date/time stamps, clickstream information (when a webpage was visited and how much time was spent on the webpage), device information or identifier, browser type, referring/exit webpages, and number of visitors, views, and interactions. • Geolocation Data – such as your general geographic location, which may be determined using your Internet Protocol (IP) address or cellular signals generated by your mobile device.
• Audio, Visual and Other Information – such as your physical characteristics or description, and your audio, electronic, visual, thermal, olfactory, or similar information, including voices, sounds, photos and videos of you.
• Financial Information – such as your bank account number, credit card number, debit card number, or other financial information.
• Background Information – such as your education, professional background, biographical information, employment history, employment information, job application information, and work history.
• Characteristics of Protected Classes – such as your race, color, religion, sex (including pregnancy, sexual orientation, gender, gender identity or expression), age, disability, genetic information, national origin, and citizenship status.
• Consumption Records – such as records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
• Biometric Information – such as your biometric information, including information that specifies your face, eyes, fingerprints, or voice.
• Health Information – such as your health insurance policy number, health insurance information, medical information, and health information.
• Inferred Profile Information – such as inferences drawn from any of the information described above to create a profile about you reflecting your preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.
3.6 Our Purposes for Collecting Your Personal Information
Service Purposes. We may collect, use or disclose your personal information for the following purposes (“Service Purposes”):
• Quality & Safety – undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us, or to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us.
• Security – helping to ensure security and integrity to the extent the use of your personal information is reasonably necessary and proportionate for these purposes.
• Services – performing services on behalf of us, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of us.
• Short-Term Use – short-term, transient use, including nonpersonalized advertising shown as part of your current interaction with us, provided that your personal information is not disclosed to another third party and is not used to build a profile about you or otherwise alter your experience outside the current interaction with us.
Business Purposes. We may collect, use or disclose your personal information for our Service Purposes, our operational purposes, and the following additional purposes, provided that our use of your personal information is necessary and proportionate to achieve the purpose for which your personal information was collected or processed or for another purpose that is compatible with the context in which your personal information was collected (collectively, our “Business Purposes”):
• Auditing – auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards. Debugging – debugging to identify and repair errors that impair existing intended functionality.
• Internal Research – undertaking internal research for technological development and demonstration.Marketing – providing to you, advertising and marketing services other than cross-site targeted advertising, provided that, for the purpose of advertising and marketing, we will not combine the personal information of opted out consumers that we receive with personal information that we receive from another person or that we collect from our own interaction with consumers.
• Non-Inference – collecting or processing sensitive personal information for a purpose other than inferring characteristics about you. • Integration with Google Calendar. When you log into Sellect, events from the upcoming 90 days on your Google Calendar are synchronized with our database. This synchronization identifies events that match your predefined recording rules. Sellect only accesses and processes the following Google Calendar event details: >> The video conference URL >> The meeting start date and time For events that meet the recording criteria, Sellect securely passes the event information to a third-party service for recording and transcription. These recordings are then analyzed internally to generate actionable insights.If you disconnect your Google account from Sellect, all associated synchronized meeting data is permanently deleted from our systems.
• Complying with Law. We may also use or disclose your personal information to the extent necessary for us to: (a) comply with federal, state or local laws; (b) comply with civil, criminal or regulatory inquiries, investigations, search warrants, subpoenas, summons, orders, injunctions and mandates issued by courts, judicial authorities, law enforcement authorities or governmental authorities, including federal, state or local authorities; and (c) cooperate with such authorities.
3.7 How We Collect Your Personal Information. We may use our Environment to collect your personal information in a variety of methods, such as the following: • implementing our Meeting Analyzer to appear as a robot (i.e., bot) who attends virtual meetings with the attendees’ prior consent and records the meeting conversations, including any personal information provided in the conversations. • automatically pulling data from your browser or device (such as your computer or smartphone) by embedding computer code or data files to track your activity or geolocation, by other tracking means, or by using cookies, tracking pixels, or other tracking technologies that may be transparent or hidden from view. • receiving information you have provided to us via phone, text, email, electronic message, online form submission, or other communications. receiving information from third parties whom have disclosed to us, the information you have made publicly available, such as photos, videos and content you have posted on publicly-available social media platforms. • communicating with you in person.
3.8 Sources of Your Personal Information. We may obtain your personal information from the following categories of sources: • You – You may provide us with your personal information when you use our products, services or Environment. For example, by enabling or activating our Meeting Analyzer in your virtual meeting platform, such as Zoom™, Microsoft Teams™ or Google Meet™, you provide us with recordings of your meeting conversations based on the attendees’ prior consent. • Your Devices – We may pull your personal information from your devices and browsers through tracking methods and by placing cookies, as described below. • Our Affiliates – Our affiliates may collect your personal information for our Business Purposes.
3.9 Receivers of Your Personal Information. We may disclose your personal information to the following third party receivers:
• Technology Suppliers – third parties that: (a) supply and operate software-based tools and programs that we connect to our Site or Meeting Analyzer, such as plugins, widgets, and extensions; (b) supply and operate servers, databases, and online platforms that we connect to our Site or Meeting Analyzer, such as cloud-based applications and web portals; (c) software-as-a-service that we connect to our Site or Meeting Analyzer; and (d) other software-based services that we order, including the following: web hosting web content managementweb analytics and app analyticsAI processing and analytics for the Meeting Analyzeronline data synchronization with the applicationcredit card and payment processinghosting communication systems, such as emailing systems
• Contractors – third parties that provide, lease, or license products, services, data centers, or other facilities to us, such as customer support providers, payment processing consultants, order fulfillment contractors, product developers, event managers, information technology consultants, cyber security advisors, computer programmers, business advisors, auditors, accountants and attorneys.
• Corporate Affiliates – third parties that control us, that we control, or that are under common control with us, such as our parents, subsidiaries and sister entities.
• Legal Authorities – legal authorities, such as courts, judicial authorities, law enforcement authorities or governmental authorities (including federal, state, or local authorities) in connection with any civil, criminal or regulatory inquiry, investigation, search warrant, subpoena, summons, order, injunction or mandate issued by any such legal authority.
3.10 How Long We Keep Your Personal Information. For each of the categories of personal information provided above, we may keep your personal information for a period lasting as long as is reasonably necessary for our purpose of collecting it or as otherwise required by applicable law. At the end of the period or when you delete your user account, whichever comes first, we may permanently destroy, erase, delete, encrypt or disable access to your personal information in a manner designed to ensure that it cannot be reconstructed or read. You will not be able to recover such personal information later.
3.11 Your Personal Information Rights
• Right to Know. As described above, this Policy informs you of the categories of your personal information that we collect, our purposes for collecting or using it, whether we sell it or share it for cross-site targeted advertising, and the length of time that we retain it.
• Right to Request Deletion. You have the right to request that we delete your personal information that we have collected.
• Right to Request Correction. You have the right to request that we correct any inaccurate personal information about you that we maintain.
• Right to Request Usage Details. You have the right to request that we disclose the following to you: (a) confirmation as to whether or not we are collecting, using, storing, disclosing, analyzing deleting or modifying your personal information; (b) the categories of personal information that we have collected about you; (c) the categories of sources from which we have collected your personal information; (d) the business or commercial purpose for collecting your personal information and for any selling of it or sharing of it for cross-site targeted advertising; (e) the categories of third parties to whom we have disclosed your personal information; and (f) the specific pieces of personal information that we have collected about you, which may be requested in a portable, and to the extent technically feasible, readily usable format that enables you to transmit the personal information to another entity without hindrance.
• Right to Request Details About Sales, Sharing or Disclosure. You have the right to request that we disclose the following to you: (a) the categories of any of your personal information that we have sold or shared to third parties for cross-site targeted advertising; (b) the categories of any such third parties, itemized by category of your personal information; and (c) the categories of your personal information that we have disclosed to persons for a Business Purpose, and the categories of those persons.
• Right to Opt Out. You have the right, at any time, to: (a) direct any business that sells your personal information or shares it for cross-site targeted advertising, not to do so; (b) opt out of profile-based advertising; and (c) opt out of automated profiling, including automated profiling conducted in furtherance of decisions that produce legal or similarly significant effects concerning you.
• Right to Limit Use and Disclosure of Sensitive Personal Information. You have the right, at any time, to direct any business that collects your sensitive personal information to limit its use of your sensitive personal information to the extent authorized by regulations adopted pursuant to applicable law or only as necessary to perform the services or provide the goods reasonably expected by an average consumer who requests those goods or services, including the services that we perform for the Service Purposes.
• Right of Non-Discrimination. You have the right to be free of any discrimination related to your exercise of any of your rights provided in this Policy or otherwise under applicable law. You understand that, as permitted by applicable law, we may provide you with a price, rate, level, or quality of goods or services that differs from what we offer to other consumers if that price or difference is reasonably related to the value that we receive, if any, based on your data.
• Right and Method to Contact Us. To submit a request or notice to us under this Section, you may send your request or notice through our contact page or by writing or emailing us at the following address: Sellect, Inc. 19 Mowbray Avenue Bay Shore, New York 11706 Email Address: admin@sellect.ai
• Right to Authorize an Agent. You may authorize another person to provide us with your request or notice under this Section, and we will comply with such request or notice if we can verify that you have given such authority as described in Section 3.12.
3.12 Our Response Procedures
• Verification. For security purposes, before processing your request or notice under Section 3.11, we will take steps to determine whether the request is a verifiable request or whether the notice is verifiable. We are not obligated to provide information that you may request under this Section if we cannot verify, pursuant to applicable law, that the person making the request is the individual about whom we have collected information or is a person authorized by the individual to act on the individual’s behalf.
• Our Response. We will respond to your requests and notices within a reasonable timeframe and in accordance within the requirements, frequency and timing specified by applicable law. We may decline part or all of your requests or notices as permitted by applicable law, and we will inform you of the reason for the decline.
• Decline of Requests. We may decline to delete your personal information if it is reasonably necessary for us to maintain your personal information in order to: (a) complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated by you within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us; (b) help to ensure security and integrity to the extent the use of the your personal information is reasonably necessary and proportionate for those purposes; (c) debug to identify and repair errors that impair existing intended functionality; (d) exercise free speech, ensure the right of another consumer to exercise that your right of free speech, or exercise another right provided for by law; (e) engage in public or peer-reviewed scientific, historical, or statistical research that conforms or adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the ability to complete such research, if you have provided informed consent; (f) enable solely internal uses that are reasonably aligned with the expectations of you based on your relationship with us and compatible with the context in which you provided the information; or (g) comply with a legal obligation or applicable law.
• Frequency and Historical Period. Pursuant to applicable law, we may not be required to provide you with the same type of information under this Section more than twice in a twelve (12) month period, and we may not be required to provide more than twelve (12) months of historical information.
4. COOKIES AND OTHER TRACKING TECHNOLOGIES
• 4.1 Cookies. A cookie is a small data file that our websites store on the browser of your device, such as your computer or smartphone. Your browser, such as Chrome, Firefox, Edge or Safari, stores cookies in the memory of your device. Our webservers or the webservers of our affiliates may receive and use these cookies when you return to our websites. You can learn more information about cookies at www.allaboutcookies.org.
• 4.1.2 Essential/Necessary Cookies. Consistent with the GDPR (defined in Section 5.3.1) and other applicable laws, we may use certain types of cookies (sometimes referred to as essential cookies or necessary cookies) without your prior consent to enable our websites to work properly, securely and efficiently for Service Purposes, including enabling our Site to perform the functions described in this Section below. We use these types of cookies: (a) for the performance of a contract to which you are a party; (b) to take steps at your request before entering into a contract; or (c) as necessary for us to process your personal information for purposes of our legitimate interests in accordance with the GDPR. For example, we may use these types of cookies for the following purposes: To save pieces of information you have entered during online transactions at our website, such as items you have added to a shopping cart, as well as names, addresses, usernames, passwords and other text you have entered in forms on our websites. To verify whether you are logged-in to an account on our websites for authentication and security purposes. To operate with adequate security, speed and electronic performance.
• 4.1.3 Marketing/Other Cookies. We may use other types of cookies (sometimes referred to as nonessential cookies or marketing cookies) for our Business Purposes, including studying how you interact with our Site and spend time viewing particular content on our Site. For example, we may use these cookies to record your browsing history, such as the particular buttons you have clicked and the particular webpages you have visited. This helps us personalize your experience, improve our websites, enhance our products and services, and identify new products or services that may be in demand.
• 4.1.4 Cookie Banner. With your consent, we may use the types of cookies described in Section 4.1.3 for marketing and other Businesses Purposes. Our Site displays a cookie banner when you first enter our Site. You may use the cookie banner to accept or decline these types of cookies.
• 4.1.5 Disabling and Deleting Cookies. There are several ways for you to stop or limit our use of certain types of cookies. If there is a cookie settings button or hyperlink displayed in this Section above or on our Site, you may use the button or hyperlink to disable certain types of cookies. Also, you may use your browser’s settings to disable, limit or delete certain cookies. Please keep in mind, however, that our Site may no longer work properly if you disable, limit or delete cookies.
4.2 Other Tracking Technologies. Tracking pixels (sometimes referred to as web beacons or tags) can be used to track your activity. A tracking pixel is a small, transparent object or image that can be embedded within the graphics of a webpage, mobile application screen, or email. A tracking pixel is connected to computer code that is usable to collect information regarding transactions and activities. A tracking pixel can also be configured to collect personal information. We or our affiliates may use tracking pixels to collect information (including your personal information) regarding your transactions and activities for our Business Purposes. However, we and our affiliates do not use tracking pixels to collect your sensitive personal information, to sell your personal information, or to share your personal information for cross-site targeting advertising.
4.3 Do Not Track Signal. Some newer web browsers may enable you to set a “Do Not Track” preference or opt-out preference. Once set, the browsers are designed to automatically transmit a “Do Not Track” signal to the websites you visit, indicating that you do not want your activity to be tracked. A uniform technological standard has not yet been established for processing and responding to “Do Not Track” signals. Once this standard is established, we will implement a feature in our Site that responds to “Do Not Track” signals as required by applicable law. To learn more about “Do Not Track” signals, visit www.allaboutdnt.com.
5. NOTICES REGARDING PARTICULAR JURISDICTIONS
5.1 State Laws of the United States
5.1.1 States with Comprehensive Data Privacy Laws. Presently, several states of the United States have enacted comprehensive data privacy laws. This Policy has been prepared to provide you with the notices and rights set forth in these laws. If you reside in any of these states and have a question or concern related to this Policy, please contact us using one of the methods described in Section 3.11.
5.1.2 California – Information-Sharing Disclosure, Shine the Light. Under California Civil Code Section 1798.83 (also known as Information-Sharing Disclosure, Shine the Light), if you are a California resident and your business relationship with us is primarily for personal, family, or household purposes, you may request certain data regarding our disclosure, if any, of personal information to third parties for the third-parties’ direct marketing purposes. To make such a request, please use one of the methods described in Section 3.11. You may make such a request up to once per calendar year. In accordance with California Civil Code Section 1798.83, we will provide to you, by email, a list of the categories of personal information disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year, along with the third parties’ names and addresses and any other information required by California Civil Code Section 1798.83.
5.1.3 State Recording/Wiretapping Laws. The laws of certain states of the United States (sometimes referred to as recording or wiretapping laws) provide certain consent requirements related to recording conversations of individuals. If our Meeting Analyzer is connected to your virtual meeting platform, such as Zoom™, Microsoft Teams™ or Google Meet™, the platform will be configured to display a consent request to you and the other attendees of the meeting. Our Meeting Analyzer will not record the conversations without first obtaining the consent from you and the other attendees.
5.2 Federal Laws of the United States.We may enter into a contract with you (or engage in a transaction with you) that involves our receipt of information from you that is governed or regulated by federal laws of the United States. These federal laws may provide certain requirements that we must satisfy that are not set forth in this Policy, and we will comply with the requirements. Nothing in this Policy will eliminate or decrease any of our obligations under these federal laws. In the event of a conflict between any part of this Policy and any requirements of these federal laws, the requirements of the federal laws will control.
5.3 Europe. We are headquartered in the United States with no physical presence in Europe or in any other country outside of the United States. In the event that our business activities bring us within the scope of the General Data Protection Regulation ((EU) 2016/679)) (the details of which may be found at https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en) (“GDPR”), we will comply with the applicable requirements of the GDPR, and we may process your personal information if:
• (a) you have given us your consent to process your personal information for one or more specific purposes; • (b) it is necessary for us to process your personal information: (i) for the performance of a contract to which you are a party; or (ii) in order to take steps at your request before entering into a contract; • (c) it is necessary for us to process your personal information to comply with a legal obligation to which we are subject; • (d) it is necessary for us to process your personal information for purposes of our legitimate interests pursued by us or a third party (which includes our Service Purposes), except where the interests are overridden by the interests or fundamental rights and freedoms of you that require protection of personal information, particularly if you are a child; or • (e) another necessity arises for which such processing is permitted under the GDPR. If you have any concerns regarding our collection or processing of your personal information, you have the right to lodge a complaint with the supervisory authority established for your location in the European Economic Area, the United Kingdom, or Switzerland.
5.3.1 General Data Protection Regulation. We are headquartered in the United States with no physical presence in Europe or in any other country outside of the United States. In the event that our business activities bring us within the scope of the General Data Protection Regulation ((EU) 2016/679)) (the details of which may be found at https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en) (“GDPR”), we will comply with the GDPR as described below. In this Section 5.3, (a) the term “you” or “your” refers to an individual or data subject who is located in the European Economic Area, which includes member-countries of the European Union (“EEA”), or who is located the United Kingdom (UK) or Switzerland, (b) the term “personal information” means “personal data,” as defined in the GDPR or other applicable laws of the UK or Switzerland, and (c) we are considered the “data controller” under the GDPR or other applicable laws of the UK or Switzerland. If our business activities bring us within the scope of the GDPR, the information set forth in this Section 5.3 and the other information in this Policy provides you with the notices required by the GDPR.
5.3.2 Legal Basis. In accordance with the GDPR, we may process your personal information under several cases, including any one of the following cases: You have given us your consent to process your personal information for one or more specific purposes. It is necessary for us to process your personal information: (a) for the performance of a contract to which you are a party; or (b) in order to take steps at your request before entering into a contract. It is necessary for us to process your personal information to comply with a legal obligation to which we are subject.It is necessary for us to process your personal information in order to protect vital interests of you or another person. It is necessary for us to process your personal information for the performance of a task carried out in the public interest or in the exercise of official authority vested in us. It is necessary for us to process your personal information for purposes of our legitimate interests pursued by us or a third party, except where the interests are overridden by the interests or fundamental rights and freedoms of you that require protection of personal information, particularly if you are a child. Our legitimate purposes include our Service Purposes.
5.3.3 Supervisory Authority. In you have any concerns regarding our collection or processing of your personal information, you have the right to lodge a complaint with the supervisory authority established for your location in the EEA, the UK, or Switzerland.
5.3.4 Contractual Requirements. If you have ordered any services or products that we offer, such as our Meeting Analyzer, we may require you to provide us with certain personal information (such as your contact information) for our purposes of: (a) administering and providing the ordered services or products; and (b) inserting your personal information into a contract document, sales terms, order form, purchase order, invoice or other written instrument related to the ordered services or products. If you do not provide the required personal information, we reserve the right to decline or suspend the ordered services or products.
5.3.5 International Transfers of Personal Information
• Adequacy Decisions. The GDPR restricts the transfer of personal information from countries of the EEA to other countries. Likewise, the data protection laws of the UK and Switzerland restrict the transfer of personal information from those countries. The European Commission, the UK, and Switzerland have issued or otherwise adopted adequacy decisions or regulations which allow for the transfer of personal information from the EEA, the UK, and Switzerland, respectively, to certain countries deemed to have adequate protection for personal information.
• Appropriate Safeguards. Standard contractual clauses (“SCCs”) are written commitments between parties that establish data protection safeguards. SCCs can be used as grounds for personal information transfers from the EEA to other countries. You can find the latest version of the approved SCCs, here. The European Commission has approved the use of SCCs for personal information transfers from the UK and Switzerland to other countries.
• Trans-Atlantic Data Privacy Framework. The European Union and the United States reached an agreement that resulted in the Trans-Atlantic Data Privacy Framework, which includes the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) (collectively, the “DPF”). The DPF relates to the transfer of personal information from the EEA, UK (and Gibraltar), and Switzerland to the United States. The European Union has issued an adequacy decision, concluding that the United States ensures an adequate level of protection under the DPF. By self-certifying through the DPF, businesses and other entities may transfer personal information to the United States from the EEA, the UK, and Switzerland in accordance with the GDPR. To learn more about the DPF, please visit the DPF website.
• Our Approach to International Transfers. Our Site and possibly other Internet-accessible parts of our Environment (such as our Meeting Analyzer) are accessible to anyone having Internet access throughout the world. An individual located in the EEA, the UK, or Switzerland could use our Site or Meeting Analyzer to submit personal information, which will be transmitted to one or more of webservers of us or our affiliates. If our business activities bring us within the scope of the GDPR and any of these webservers are physically located in the United States or another country outside of the individual’s residence, the transfer of the personal information will comply with the GDPR on the basis of: (a) an adequacy decision in place that permits such transfer, as described above; (b) SCCs that we have put in place, as described above; or (c) self-certification under the DPF by us or our relevant affiliate, together with a data protection agreement in place between us and our affiliate to the extent required by the DPF.
6. MISCELLANEOUS
6.1 Deidentified Information. With respect to deidentified information derived from your personal information, we retain the right to collect, process, use, store, sell, share, disclose, and distribute the deidentified information in accordance with applicable laws. If we exercise this right, we will maintain and use the deidentified information and not to attempt to reidentify it, except that we may reidentify the information only to determine whether our deidentification processes satisfy the requirements of applicable laws.
6.2 Unsubscribing to Our Emails and Messages. Our Environment may enable you to subscribe to or signup for our marketing communications, such as emails or text messages that provide our newsletters, updates, or marketing messages. Our Environment or the communications will enable you to unsubscribe to our emails and messages by changing a setting, clicking an unsubscribe link, texting “Stop,” or making another input. Even if you opt out or unsubscribe to receiving our marketing communications, we may continue to send you non-marketing communications, such as communications related to services or products that you have ordered from us, or our performance of contractual obligations that we owe to you.
6.3 Your Prior Consent. Under certain circumstances, particular laws in certain jurisdictions might require us to obtain your informed consent before we collect, process or use your personal information. For example, this requirement may apply in certain circumstances based on: (a) state recording or wiretapping laws of the United States; (b) European laws, such as the GDPR; or (c) laws that regulate the collection, processing or use of sensitive personal information or biometric information. If any applicable law requires us to obtain your informed consent before we collect, process or use your personal information, we will do so in accordance with the requirements of such law.
6.4 Caution After Leaving Our Environment. Our Site may provide buttons or hyperlinks that enable you to leave our Site and connect with platforms owned or controlled by third parties, such as third party websites, services, social networks, and mobile applications. Clicking on these buttons or hyperlinks to leave our Site may enable the applicable third party to collect or disclose your personal information. These third party platforms are beyond our control. We encourage you to review the privacy policies of these third party platforms before providing your personal information to them.
6.5 Transfer/Storage Outside of the United States. In accordance with applicable laws, we may: (a) store your personal information in webservers located in the United States or outside of the United States; and (b) transfer your personal information from the United States to countries outside of the United States, where it may be stored and processed for the uses described in this Policy.
6.6 Safeguards for Your Personal Information. The security of your personal information is very important to us. Directly or through our affiliates, we implement safeguards designed to protect your personal information from unauthorized access. However, we do not guarantee or warrant the security or protection of your personal information, and you assume the risk that, despite our safeguards, an unauthorized party (e.g., a hacker or cyber attacker) might access, misuse, or destroy your personal information.
6.7 Mobile App Privacy. This Policy applies to personal information that we receive through our Environment. If we receive personal information through a mobile app that we own or operate, the related app license agreement or end user license agreement may provide information about how the app collects and uses such personal information. If the app collects and sends personal information to others, such agreement may describe that process as well. Therefore, to fully understand the privacy of any personal information collected by any of our mobile apps, please review the applicable license agreement as well as this Policy. You may find our app license agreements at our Site or at the mobile app marketplace where the app is available for downloading.
6.8 Law Enforcement and Legal Claims. Nothing in this Policy will prevent or restrict us from: complying with federal, state, or local laws or complying with a court order or subpoena to provide information.complying with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities. cooperating with law enforcement agencies concerning conduct or activity that we, our affiliates or associates reasonably and in good faith believe may violate federal, state, or local law.cooperating with a government agency request for emergency access to your personal information if a natural person is at risk or in danger of death or serious physical injury provided that: (a) the request is approved by a high-ranking agency officer for emergency access to your personal information; (b) the request is based on the agency’s good faith determination that it has a lawful basis to access the information on a nonemergency basis; and (c) the agency agrees to petition a court for an appropriate order within three days and to destroy the information if that order is not granted. exercising or defending legal claims.
6.9 Definitions. In this Policy, we use the words and phrases “including,” “includes,” “such as” and “e.g.” in a non-limiting fashion, and the following terms (whether used in capitalized or lowercase form) will have the following meanings given to them:
• “affiliates” means our third party technology suppliers, contractors, corporate affiliates, service providers, processors, vendors, licensors, lessors, and other third parties with whom we have a business relationship. • “automated profiling” (referred to in some jurisdictions as “profiling”) means any form of automated processing of personal information to evaluate, analyze, or predict personal aspects concerning any identified or identifiable individual’s economic situation, health, personal preferences, interests, reliability, behavior, location, or movements. • “biometric information” means an individual’s physiological, biological, or behavioral characteristics, including information pertaining to an individual’s deoxyribonucleic acid (DNA), that is used or is intended to be used singly or in combination with each other or with other identifying data, to establish individual identity. Biometric information includes: (a) imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted; (b) keystroke patterns or rhythms, gait patterns or rhythms, and sleep, health, or exercise data that contain identifying information; and (c) information based on an individual’s retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry, which is used to identify the individual, excluding any item of such information that is not deemed biometric information according to specific exclusions set forth in applicable law. • “business” means a sole proprietorship, partnership, limited liability company, corporation, association, person other than a consumer, or other legal entity. • “consumer” (referred to in some jurisdictions as “data subject”) means a natural person. • “cross-site targeted advertising” (referred to in some jurisdictions as “targeted advertising” or “cross-context behavioral advertising”) means the targeting of advertising to a consumer based on data that is derived from the consumer’s behavior across distinctly-branded platforms (e.g., websites, applications, and other venues) beyond the business or distinctly-branded platform with which the consumer intentionally interacts. The definition of cross-site targeted advertising does not include advertising based on your activities within our Environment, nor does it include other advertising activities that are not deemed to be cross-site targeted advertising according to specific exclusions set forth in applicable law. • “deidentified” (referred to in some jurisdictions as “pseudonymized”) means information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular consumer, provided that the business that possesses the information satisfies the requirements of applicable law related to the use of deidentified information. • “personal information” (referred to in some jurisdictions as “personal data”) means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household, but personal information does not include: (a) publicly available information as defined or characterized by applicable law; (b) lawfully obtained, truthful information that is a matter of public concern; or (c) consumer information that is deidentified. • “security and integrity” means the ability of: (a) networks or information systems to detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information; (b) businesses to detect security incidents, resist malicious, deceptive, fraudulent, or illegal actions and to help prosecute those responsible for those actions; and (c) businesses to ensure the physical safety of natural persons. “sell,” “selling,” “sale,” or “sold’’ means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to a third party for monetary or other valuable consideration, excluding any of the foregoing activities that are not deemed to be a sale according to specific exclusions set forth in applicable law. • “sensitive personal information” means: (1) personal information that reveals: (a) a consumer’s social security, driver’s license, state identification card, or passport number; (b) a consumer’s account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (c) a consumer’s precise geolocation, including any data that is derived from a device and that is used or intended to be used to locate the consumer within a geographic area that is equal to or less than the area of a circle with a radius of 1,850 feet, except as prescribed by applicable law; (d) a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership; (e) the contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication; or (f) a consumer’s genetic data; (2) the processing of biometric information for the purpose of uniquely identifying a consumer; (3) personal information collected and analyzed concerning a consumer’s health; and (4) personal information collected and analyzed concerning a consumer’s sex life or sexual orientation. Sensitive personal information that is “publicly available” (as described above) will not be considered sensitive personal information or personal information. • “verifiable request” means a request that is made by you, by you on behalf of your minor child, by a natural person or a person authorized by you to act on your behalf, or by a person who has power of attorney or is acting as a conservator for you, and that we can verify, using commercially reasonable methods, pursuant to applicable law.
