Privacy Policy
Updated October 12, 2020
Welcome
What Information is Collected
End Users
Customers
In addition to the information collected about a Customer when they sign up for the Services, we collect information from the Customer that, while not Personal Information, is confidential, including marketing goals and other internal business or organizational information. Such information is kept confidential in accordance with our Terms of Service, applicable law, and this Policy.
How Information is Used
Except as noted in this Privacy Policy, we collect and use the Personal Information (and non-personal information) of our Users for internal purposes only. We may use a User’s Personal Information to provide to them the Services we are contractually obligated to provide, or for our own legitimate business interests to the extent those interests do not outweigh the User’s privacy rights. For example, we may use Personal Information to:
Process transactions Users complete using the Services.
Conduct routine business operations in furtherance of our legitimate business interests such as billing, identification, authentication, contact purposes and general research. As part of our routine business operations, we may transfer Personal Information to certain third parties with whom we contract for the limited purpose of providing services such as web hosting, email, and credit card processing. These service providers are obligated to protect User information, and we do not permit them to use Personal Information for their own commercial purposes.
Employ internal marketing techniques such as tracking customer preferences to provide a customized Site experience and communicating with Users about the Services, special offers, and other services.
Enhance the Services.
Generate reports based on aggregated and anonymized generic product, location and other contributed information, which we may use internally, or which we may sell to others.
Comply with court and governmental orders.
Administer a contest, promotion, survey or other feature of the Site or the Services.
End Users
Automated Data Collection Policy
We use FullStory for the web browser and UX Cam for the mobile app, and other web analytics tools, to gather data on User behavior for the purpose of improving the User experience with the Opendorse platform. FullStory collects information on your use of the site, such as pages visited, links clicked, non-sensitive text entered, and mouse movements, as well as information more commonly collected such as the referring URL, browser, operating system, and Internet Protocol (“IP”) address. We use publicly available sources to approximate your geographic region and Internet Service Provider based on your IP address. If you wish to prevent all websites using the FullStory Services to be able to record activity, including ours, you can opt-out of the FullStory Services here: https://www.fullstory.com/optout/. UXCam may record: Screens visited, Interaction patterns (such as screen actions, gestures: taps, scrolls) and Device details (Type, Version, Model, Operating System). If you wish to prevent UX Cam recordings, you may reach out support@opendorse.com.
Cookie Policy
In order to improve our Services and provide more convenient, relevant experiences to our customers, we and our agents may use “cookies,” “web beacons,” and similar devices to track User activities. A cookie is a small amount of data that is transferred to the browser by a web server and can only be read by the server that deposited it. It functions as an identification card and enables the saving of passwords and preferences. It cannot be executed as code or deliver viruses. A web beacon is a small transparent .gif image that is embedded in an HTML page or email used to track when the page or email has been viewed. Most browsers are initially set to accept cookies, and most services that include similar devices are typically initially activated to collect data. Browsers can be set to notify you when you receive a cookie, giving you the chance to decide whether to accept it. We do not support browsers’ Do Not Track features. You can enable or disable Do Not Track by visiting the preferences or settings page of your browser, keeping in mind that disabling these devices may make the Services fail to work as expected.
Google Maps API
Opendorse uses Google Maps APIs which is subject to Google’s Terms of Service. You may find the Google Maps APIs Terms of Service here. To find out more about Google’s Privacy Policy, please refer to this link.
We use the Google Maps API to retrieve certain information when you make location-specific requests. This includes:
- Adding your location to your profile
- Adding your hometown to your profile
- Adding your current training location
- Adding deal locations to deals
Disclosure of Personal Information
We do not sell, trade, or otherwise transfer to outside parties the Personal Information of our Users except for those reasons listed above. We may also release User information when we believe release is appropriate to comply with the law, to enforce our site policies, or to protect the rights, property, or safety of ourselves or others. However, anonymized and aggregated visitor information may be provided to other parties for marketing, advertising, or other uses. Such information does not identify any User individually.
Personal Information may be stored, processed, used, or accessed in the United States or other countries depending on our business needs. Our operations will be governed by the laws of the countries in which we are using the information, including requirements to disclose information to government authorities, courts, or law enforcement agencies.
In the event Opendorse sells substantially all of its assets, or is acquired, Personal Information will likely be one of the assets transferred to the new owner, who will be entitled to use the information in accordance with this Privacy Policy.
Storage and Protection of Personal Information
Opendorse collects and uses Personal Information only for the purposes for which it was collected and in accordance with this Policy. We review our data collection, storage and processing practices to ensure that we only collect, store and process the Personal Information needed to provide or improve our services. We take reasonable steps to ensure that the Personal Information we process is accurate, complete, and current, but we depend on our Users to update or correct their Personal Information whenever necessary.
We store the Personal Information we collect only as long as it is necessary for us to comply with our various contractual, legal, and ethical obligations. We will delete the Personal Information of any User upon their reasonable request.
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of all data and information collected by us. These include secure servers and processing equipment, internal reviews of our data collection, storage, and processing practices, and introducing security measures, including physical security measures, to guard against unauthorized access to systems where we store personal data.
We restrict access to Personal Information to Opendorse employees, service providers and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. However, no method of transmission of information, or method of electronic storage, is 100% secure. Therefore, while we strive to protect all Personal Information, we cannot guarantee its absolute security. IN NO EVENT WILL OPENDORSE OR ITS SUBSIDIARIES, AFFILIATES OR ANY PARTY INVOLVED IN CREATING, PRODUCING OR DELIVERING THE SERVICES BE LIABLE IN ANY MANNER WHATSOEVER FOR ANY INCIDENTAL, CONSEQUENTIAL, INDIRECT, SPECIAL OR PUNITIVE DAMAGES ARISING OUT OF UNAUTHORIZED ACCESS TO THE PERSONAL INFORMATION COLLECTED BY OPENDORSE IN THE PROVISION OF THE SERVICES.
Rights of the User
We are fully committed to respecting the rights and wishes of our Users as they pertain to Personal Information, including by complying with relevant data privacy laws and regulations as detailed below. We constantly weigh our business needs and the legitimate privacy interests of our Users and do not engage in business activities in which their interests outweigh ours. If you have any questions or concerns about our use of Personal Information, you are encouraged to contact us.
Users are responsible for updating us on any name, e-mail or postal address, telephone number or other Personal Information changes by contacting us. Similarly, Users may decline to receive newsletters or other marketing materials from Opendorse by unsubscribing from these items, or submitting a request to support@opendorse.com. All Users can mute notifications from the Platform in their profile settings.
In general, your rights include:
If you choose to exercise any of the rights listed herein, you will not be discriminated against in our pricing or otherwise in the provision of Services. However, if you elect to have us remove your information from the system, we will likely not be able to provide the Services to you anymore.
For International Opendorse Users:
For Canadian Residents
We collect, use and disclose your Personal Information with your consent, which may be express or implied. You may withdraw your consent to the use and disclosure of your Personal Information by us or by third parties for marketing purposes at any time by contacting us at the addresses listed below If you would like to access, update, or ask us to delete your preferences or the Personal Information that we have collected about you, please contact us, and we will respond to your request within 30 days.
For Citizens of the EU
As a citizen of the European Union, you are entitled to the full spectrum of the rights under the General Data Protection Regulation (“GDPR”) that entered into effect on May 25, 2018 and all data privacy regulations that preceded it to the extent that they were not preempted by the GDPR. We will go out of our way to accommodate any valid request within a reasonable amount of time, and in all cases in the statutorily required amount of time. As required by the GDPR, we require that all processors and subprocessors of the data we collect fully comply with the obligations of the GDPR and do not infringe on your privacy rights in any way. In particular, you have the following rights:
Right to Access
You have the right to see any Personal Information we have collected about you as well as the purpose of our collection and processing of it and whether we plan on sharing such Personal Information with anyone.
Right to Correct
You have the right to correct any inaccurate Personal Information in our possession. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed by providing a supplementary statement to Opendorse at support@opendorse.com.
Right to Erase
You have the right to have your Personal Information erased from our data stores without undue delay. Additionally, we will erase Personal Information without undue delay if:
the Personal Information is no longer necessary in relation to the purposes for which it was collected;
the User withdraws consent and there is no other legitimate basis for the processing;
the User objects to the processing and there are no overriding legitimate grounds for the processing;
the Personal Information has been unlawfully processed;
the Personal Information must be erased for compliance with a legal obligation;
Right to Restrict
You have the right to restrict processing of your Personal Information.
Right to Port Data
You have the right to request your Personal Information be ported over to another controller. However, because we don’t store much Personal Information, we likely will not have the technical means to port the information automatically. If this is the case, we will recommend simply deleting the Personal Information instead. If you really want it transferred to another party, we’ll email data fields directly to the new controller and let you know via email when it is complete.
Right to Object
You have the right to object to the collection or processing of Personal Information at any time if you believe data was collected or processed unlawfully. Our team will work with the you directly to investigate the claim and take appropriate action. While the claims are under investigation, your data will be deleted from our stores. If you’d like, you may re-submit your data for access to Opendorse content at any time.
Online Privacy Policy Only
This online privacy policy applies only to information collected through the Site and Services and not to information collected offline. This Privacy Policy operates in conjunction with our Terms of Use, which detail restrictions on the use of the Services as well as our warranties and limited liabilities related to the use of the Services.
Changes to our Privacy Policy
We are free to update this Privacy Policy at any time, without notice. However, we will notify Users a reasonable amount of time in advance if there are major modifications made to this Policy. The continued use of the Services indicates consent to the terms of this Policy.
Governing Law
The terms of this Privacy Policy are governed by and in accordance with the laws of the state of Nebraska. Users should not provide us with any Personal Information unless they consent to the application of United States law and, where applicable, Nebraska law, and to the use and disclosure of information in accordance with the terms of this Privacy Policy.
Contacting Us
If there are any questions regarding this Privacy Policy you may contact us using the information below:
opendorse.com
1320 Q Street
Lincoln, Nebraska 68508
United States