Privacy Policy

8457736952_6e1401dcc8_k_lq.jpg

EFFECTIVE MAY 25TH, 2018

This privacy policy has been compiled to serve those who are concerned with how their 'Personally Identifiable Information' (PII) is being used online. PII, as described in US information security and privacy laws, is information that can be used on its own or with other information to  identify, contact, or locate a single person, or to identify an individual in context. We provide this policy to give all of our users a clear understanding of how we collect, process, and protect your Personally Identifiable Information and what choices you have to control your Personally Identifiable Information, and, to adhere to adhere to the California Online Privacy Protection Act (CalOPPA)United States Federal Trade Commission's fair information practice principles (FIPPs), and the EU General Data Protection Regulation (GDPR).

TL;DR Version

  • We collect information from you when you subscribe to our newsletter, and when you sign up for, or log in to the Parabol software application
  • We will never give or sell this information to any third-party without advance notice to users
  • You can unsubscribe from email communications at any time by using the unsubscribe link at the bottom of any email
  • We use localStorage on your browser to store Parabol application data and enhance your experience
  • All financial transactions and credit card data are processed through a gateway provider and are not stored or processed on our own servers
  • We adhere to the California Online Privacy Protection Act (CalOPPA)United States Federal Trade Commission's fair information practice principles (FIPPs), and the EU General Data Protection Regulation (GDPR)
  • We do not specifically market to children under the age of 13 years old, or knowingly store information of children under the age of 16
  • You can contact a real human at any time from our contact page

Details

What personal information do we collect from the people that visit our blog, website or app?

When ordering or registering on our site, where appropriate, you may be asked to enter your name, email address, credit card information, or other details to help you with your experience.

When do we collect information?

We collect information from you when you register on our site, subscribe to a newsletter, request support, enter information on our site, or provide us with feedback on our products or services.

How do we process your information?

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, access the website, or use certain other site features in the following ways:

  • To personalize your experience and allow us to deliver the type of content and product offerings which are most relevant or interesting
  • To improve our website or application in order to better serve you
  • To allow us to better service you in responding to your customer service requests
  • To administer a contest, promotion, survey or other site feature
  • To quickly process your transactions
  • To send periodic emails regarding your order or other products and services

We do send your information to a number of third-party data processing services. For a list of these services, please see the section "Third-party disclosure and processing providers", below.

How do we protect your information?

We conduct regular assessments of our site and application for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

We do not use Malware Scanning.

Your personal information is stored behind secured networks and is only accessible by a limited number of persons who have special access rights to these systems. All employees with such access are required--as an obligation of their employment--to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Transport Layer Security (TLS) technology.

We implement a variety of security measures when a user places an order; or enters, submits, or accesses their information, in order to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers. Our servers never see your credit card data. Your credit card information is sent directly from your web client, using bank-level security, to our payment provider, which is PCI DSS certified.

What choices do you provide me to control my personal information?

Transparency

This Privacy Policy details what Personal Data we collect, how we use and share it and how you can exercise control over Personal Data.

Right to Review and Rectify Your Personal Data

You can update most of your Personal Data by logging in to your account. However, if additional assistance is required to change or delete inaccuracies within your Personal Data or would like to know what information about you was collected, please contact us at love@parabol.co.

Right to Remove or Withdraw Consent

You have the right to withdraw consent where such consent is required to share or use data and you may request that we delete your Personal Data by requesting that we delete your Personal Data by contact us at love@parabol.co. However, since your Personal Data is required for us to provide the Services to you, asking us to terminate your account or remove your data will also terminate your access to the services.

Data Retention

We take steps to delete Personal Data is no longer necessary in relation to provide the Services by deleting it within 90 days of your terminating your account. We may be required by law, to retain data to exercise or defend legal claims, or to comply with contractual obligations with our customers to retain some information in connection with our obligation to provide the Services.

Data Portability

If you would like us to transmit your Personal Data to another company providing similar services, we will work with them to do so upon request and verification of such request with both the requestor and the company receiving the Personal Data.

Right of Redress

European Economic Area residents residing in Europe, may, if they wish to, file a complaint regarding our practices by contacting the Data Commissioner’s office in the country in which they reside.

Do we use ‘cookies’?

Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information. They are used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to:

  • Understand and save user's preferences for future visits
  • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future
  • We may also use trusted third-party services that track this information on our behalf

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your personal browser settings. Since each browser is a little different, please referene your browser's Help Menu to learn the correct way to modify your cookies.

If users disable cookies in their browser, some of the features that make your site experience more efficient may not function properly. 

Third-party disclosure and processing providers

Disclosure

We do not sell, trade, or otherwise transfer your Personally Identifiable Information to any outside parties unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate to comply with the law, enforce our site policies, or to protect ours or others' rights, property or safety.

Processing Providers

Below is a table of third-party data processors currently used by Parabol:

Processor Name: Processing Activities: Data Location(s):
Adroll, Inc. Digital Advertising Retargeting Provider United States
Amazon Web Services, Inc. Cloud Service Provider United States
Auth0, Inc. Authentication Identity Provider United States
Datadog, Inc. Cloud Infrastructure Monitoring Provider United States
Digital Ocean, Inc. Cloud Service Provider United States
GitHub, Inc. Opt-in User Integration Provider United States
Google, Inc. Digital Advertising Provider United States
HubSpot, Inc. Marketing Cloud Service Provider United States
MailGun, Inc. Bulk Email Provider United States
Mixpanel, Inc. Product Usage Analytics Provider United States
Quickbooks, Inc. Accounting Software Provider United States
Segment, Inc. Usage Analytics Data Transport Provider United States
Sentry, Inc. Product Failure Reporting Provider United States
Slack, Inc. Internal Communications Tool Provider United States
Stripe, Inc. Payments Gateway Processor United States

 

Transnational Transfer of Data

If you are providing your Personal Data to us directly to use our Services, we will transmit your data, including your Personal Data, to the United States in order to fulfill our service to you. To the extent we transfer and process any Personal Data of European Union or Swiss data subjects to the United States from processors or controllers in the European Union or Switzerland, we will take steps to enter into a Data Protection Addendum with the controller or processor to ensure that data subject Personal Data is processed and transmitted in compliance with the GDPR.

Minors Under 16 Years of Age

Parabol does not knowingly collect or store any personal information from or about children under the age of 16.

If you believe a child under the age of 16 has under any circumstances provided us with personal information and data, a parent or legal guardian can email us at admin@parabol.co to request that their children’s information be deleted from our records.

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following:

  • Users can visit our website anonymously
  • A link to this privacy policy is included on our home page
  • Our Privacy Policy link includes the word 'Privacy' to make it easy to find
  • Users will be notified of any Privacy Policy changes on our Privacy Policy Page
  • Users can change their personal information by logging into their account

How does our site handle Do Not Track signals?

We do not honor Do Not Track signals. We don't honor them because they would degrade our application experience.

Does our site allow third-party behavioral tracking?

We do allow third-party behavioral tracking.

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.

We do not specifically market to children under the age of 13 years old.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States, and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

  • We will notify you via email within 7 business days.
  • We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

CAN-SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

  • Send information, respond to inquiries, and/or other requests or questions
  • Process orders and to send information and updates pertaining to orders
  • Send you additional information related to your product and/or service
  • Market to our mailing list or continue to send emails to our clients after the original transaction has occurred

To be in accordance with CAN-SPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses
  • Identify the message as an advertisement in some reasonable way
  • Include the physical address of our business or site headquarters in emails
  • Monitor third-party email marketing services for compliance, if one is used
  • Honor opt-out/unsubscribe requests quickly
  • Allow users to unsubscribe by using the link at the bottom of each email
  • If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email and we will promptly remove you from all correspondence

Changes to Privacy Policy

Parabol reserves the right to amend this Privacy Policy at any time. If Parabol makes material changes to its Privacy Policy, we will notify you by (1) changing the Effective Date on our Privacy Policy and provide additional notification either (1) via email, notice when you log in, or other means as we may deem commercially reasonable.

 

Contacting Us

If there are any questions regarding this privacy policy, you may contact us here:

love@parabol.co

Parabol, Inc.
152 Carlton Ave, Third Floor
Brooklyn, New York 11205
United States

Last Updated on May 24th, 2018