We collect different types of information about different types of Users, but generally we collect from all Users the Personal Information they give us when they register with the Site or use the Services, including name, address, phone number, date of birth, email address, credit card or bank information, and other Personal Information requested as part of using the Site or the Services. We automatically collect certain Personal Information such as a User’s IP address and Session ID in order to prevent fraud and abuse of our Services as well as to provide a consistent and relevant experience for our Users.
In addition, we collect technical information including device, browser type, operating system, CPU speed, referring or exit webpages, and click patterns. We also collect general data about what pages visitors access, the number of visits, average time spent on the Site and other similar factors. This information can, under certain circumstances, identify a particular user. However, we do not use this information for anything beyond user experience improvements. Please see the FullStory Acceptable Use Policy (which we adhere to strictly) here and our Automated Data Collection Policy below for more details.
In addition to the information collected about an End User when they sign up for our Services (or their Agent signs up on their behalf), we monitor the social media behavior of End Users in order to analyze the performance of their social posts to determine the potential effectiveness of sharing content with the End User for our Customers. We collect information about the social media presence of the End User, including their particular identifiers (usernames, handles, etc.) and information about their reach and engagement with their followers (“Audience”). As part of the Services, End Users may choose to connect their social media accounts and provide various permissions to us via the social media platform’s app authorization pages.
In addition to the information collected about a Customer when they sign up for the Services, we collect information from the Customer that, while not Personal Information, is confidential, including marketing goals and other internal business or organizational information. Such information is kept confidential in accordance with our Terms of Service, applicable law, and this Policy.
Process transactions Users complete using the Services.
Conduct routine business operations in furtherance of our legitimate business interests such as billing, identification, authentication, contact purposes and general research. As part of our routine business operations, we may transfer Personal Information to certain third parties with whom we contract for the limited purpose of providing services such as web hosting, email, and credit card processing. These service providers are obligated to protect User information, and we do not permit them to use Personal Information for their own commercial purposes.
Employ internal marketing techniques such as tracking customer preferences to provide a customized Site experience and communicating with Users about the Services, special offers, and other services.
Enhance the Services.
Generate reports based on aggregated and anonymized generic product, location and other contributed information, which we may use internally, or which we may sell to others.
Comply with court and governmental orders.
Administer a contest, promotion, survey or other feature of the Site or the Services.
In order to provide our Services, we may share the Personal Information of End Users with Customers and other Users. This includes analyzing and sharing information about the End User’s social media presence in order to examine the performance of their social posts to determine the potential effectiveness of sharing content with the End User for our Customers. The information we use is made readily available by the End User when they voluntarily post to social media, and the monitoring of this information is done in our legitimate business interest without infringing on the privacy interests of the End User. We do not share the personal contact information of End Users with any third parties or other Users.
Collecting information about the social media presence of the End User requires that we also collect a vast amount of information about the individuals who follow and engage with the End User on various platforms (the “Audience”). We use this information to provide our Customers with statistics on the performance of a particular campaign. This information is fully aggregated and does not identify the individual Audience members.
We use FullStory for the web browser and UX Cam for the mobile app, and other web analytics tools, to gather data on User behavior for the purpose of improving the User experience with the Opendorse platform. FullStory collects information on your use of the site, such as pages visited, links clicked, non-sensitive text entered, and mouse movements, as well as information more commonly collected such as the referring URL, browser, operating system, and Internet Protocol (“IP”) address. We use publicly available sources to approximate your geographic region and Internet Service Provider based on your IP address. If you wish to prevent all websites using the FullStory Services to be able to record activity, including ours, you can opt-out of the FullStory Services here: https://www.fullstory.com/optout/. UXCam may record: Screens visited, Interaction patterns (such as screen actions, gestures: taps, scrolls) and Device details (Type, Version, Model, Operating System). If you wish to prevent UX Cam recordings, you may reach out email@example.com.
In order to improve our Services and provide more convenient, relevant experiences to our customers, we and our agents may use “cookies,” “web beacons,” and similar devices to track User activities. A cookie is a small amount of data that is transferred to the browser by a web server and can only be read by the server that deposited it. It functions as an identification card and enables the saving of passwords and preferences. It cannot be executed as code or deliver viruses. A web beacon is a small transparent .gif image that is embedded in an HTML page or email used to track when the page or email has been viewed. Most browsers are initially set to accept cookies, and most services that include similar devices are typically initially activated to collect data. Browsers can be set to notify you when you receive a cookie, giving you the chance to decide whether to accept it. We do not support browsers’ Do Not Track features. You can enable or disable Do Not Track by visiting the preferences or settings page of your browser, keeping in mind that disabling these devices may make the Services fail to work as expected.
We do not sell, trade, or otherwise transfer to outside parties the Personal Information of our Users except for those reasons listed above. We may also release User information when we believe release is appropriate to comply with the law, to enforce our site policies, or to protect the rights, property, or safety of ourselves or others. However, anonymized and aggregated visitor information may be provided to other parties for marketing, advertising, or other uses. Such information does not identify any User individually.
Personal Information may be stored, processed, used, or accessed in the United States or other countries depending on our business needs. Our operations will be governed by the laws of the countries in which we are using the information, including requirements to disclose information to government authorities, courts, or law enforcement agencies.
Opendorse collects and uses Personal Information only for the purposes for which it was collected and in accordance with this Policy. We review our data collection, storage and processing practices to ensure that we only collect, store and process the Personal Information needed to provide or improve our services. We take reasonable steps to ensure that the Personal Information we process is accurate, complete, and current, but we depend on our Users to update or correct their Personal Information whenever necessary.
We store the Personal Information we collect only as long as it is necessary for us to comply with our various contractual, legal, and ethical obligations. We will delete the Personal Information of any User upon their reasonable request.
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of all data and information collected by us. These include secure servers and processing equipment, internal reviews of our data collection, storage, and processing practices, and introducing security measures, including physical security measures, to guard against unauthorized access to systems where we store personal data.
We restrict access to Personal Information to Opendorse employees, service providers and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations. However, no method of transmission of information, or method of electronic storage, is 100% secure. Therefore, while we strive to protect all Personal Information, we cannot guarantee its absolute security. IN NO EVENT WILL OPENDORSE OR ITS SUBSIDIARIES, AFFILIATES OR ANY PARTY INVOLVED IN CREATING, PRODUCING OR DELIVERING THE SERVICES BE LIABLE IN ANY MANNER WHATSOEVER FOR ANY INCIDENTAL, CONSEQUENTIAL, INDIRECT, SPECIAL OR PUNITIVE DAMAGES ARISING OUT OF UNAUTHORIZED ACCESS TO THE PERSONAL INFORMATION COLLECTED BY OPENDORSE IN THE PROVISION OF THE SERVICES.
We are fully committed to respecting the rights and wishes of our Users as they pertain to Personal Information, including by complying with relevant data privacy laws and regulations as detailed below. We constantly weigh our business needs and the legitimate privacy interests of our Users and do not engage in business activities in which their interests outweigh ours. If you have any questions or concerns about our use of Personal Information, you are encouraged to contact us.
Users are responsible for updating us on any name, e-mail or postal address, telephone number or other Personal Information changes by contacting us. Similarly, Users may decline to receive newsletters or other marketing materials from Opendorse by unsubscribing from these items, or submitting a request to firstname.lastname@example.org. All Users can mute notifications from the Platform in their profile settings.
In general, your rights include:
If you choose to exercise any of the rights listed herein, you will not be discriminated against in our pricing or otherwise in the provision of Services. However, if you elect to have us remove your information from the system, we will likely not be able to provide the Services to you anymore.
We collect, use and disclose your Personal Information with your consent, which may be express or implied. You may withdraw your consent to the use and disclosure of your Personal Information by us or by third parties for marketing purposes at any time by contacting us at the addresses listed below If you would like to access, update, or ask us to delete your preferences or the Personal Information that we have collected about you, please contact us, and we will respond to your request within 30 days.
As a citizen of the European Union, you are entitled to the full spectrum of the rights under the General Data Protection Regulation (“GDPR”) that entered into effect on May 25, 2018 and all data privacy regulations that preceded it to the extent that they were not preempted by the GDPR. We will go out of our way to accommodate any valid request within a reasonable amount of time, and in all cases in the statutorily required amount of time. As required by the GDPR, we require that all processors and subprocessors of the data we collect fully comply with the obligations of the GDPR and do not infringe on your privacy rights in any way. In particular, you have the following rights:
Right to Access
You have the right to see any Personal Information we have collected about you as well as the purpose of our collection and processing of it and whether we plan on sharing such Personal Information with anyone.
Right to Correct
You have the right to correct any inaccurate Personal Information in our possession. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed by providing a supplementary statement to Opendorse at email@example.com.
Right to Erase
You have the right to have your Personal Information erased from our data stores without undue delay. Additionally, we will erase Personal Information without undue delay if:
the Personal Information is no longer necessary in relation to the purposes for which it was collected;
the User withdraws consent and there is no other legitimate basis for the processing;
the User objects to the processing and there are no overriding legitimate grounds for the processing;
the Personal Information has been unlawfully processed;
the Personal Information must be erased for compliance with a legal obligation;
Right to Restrict
You have the right to restrict processing of your Personal Information.
Right to Port Data
You have the right to request your Personal Information be ported over to another controller. However, because we don’t store much Personal Information, we likely will not have the technical means to port the information automatically. If this is the case, we will recommend simply deleting the Personal Information instead. If you really want it transferred to another party, we’ll email data fields directly to the new controller and let you know via email when it is complete.
Right to Object
You have the right to object to the collection or processing of Personal Information at any time if you believe data was collected or processed unlawfully. Our team will work with the you directly to investigate the claim and take appropriate action. While the claims are under investigation, your data will be deleted from our stores. If you’d like, you may re-submit your data for access to Opendorse content at any time.