What personal information do we collect from folks that visit our blog, website or app?
When ordering or registering on our site, where appropriate, you may be asked to enter your name, email address, credit card information, or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, subscribe to a newsletter, request support, enter information on our site, or provide us with feedback on our products or services.
How do we process your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, access the website, or use certain other site features in the following ways:
We do send your information to a number of third-party data processing services. For a list of these services, please see the section "Third-party disclosure and processing providers", below.
How do we protect your information?
We conduct regular assessments of our site and application for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We do not use Malware Scanning.
Your personal information is stored behind secured networks and is only accessible by a limited number of persons who have special access rights to these systems. All employees with such access are required--as an obligation of their employment--to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Transport Layer Security (TLS) technology.
We implement a variety of security measures when a user places an order; or enters, submits, or accesses their information, in order to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers. Our servers never see your credit card data. Your credit card information is sent directly from your web client, using bank-level security, to our payment provider, which is PCI DSS certified.
What choices do you provide me to control my personal information?
Right to Review and Rectify Your Personal Data
You can update most of your Personal Data by logging in to your account. However, if additional assistance is required to change or delete inaccuracies within your Personal Data or would like to know what information about you was collected, please contact us at firstname.lastname@example.org.
Right to Remove or Withdraw Consent
You have the right to withdraw consent where such consent is required to share or use data, and you may request that we delete your Personal Data contacting us at email@example.com. However, as your Personal Data is required for us to provide the Services to you, asking us to terminate your account or remove your data will also terminate your access to the services.
We take steps to delete Personal Data that is no longer necessary in relation to providing the Services by deleting it within 90 days of your terminating your account. We may be required by law to retain data to exercise or defend legal claims, or to comply with contractual obligations with our customers to retain some information in connection with our obligation to provide the Services.
If you would like us to transmit your Personal Data to another company providing similar services, we will work with them to do so upon request and verification of such request with both the requestor and the company receiving the Personal Data.
Right of Redress
European Economic Area residents residing in Europe, may, if they wish to, file a complaint regarding our practices by contacting the Data Commissioner’s office in the country in which they reside.
Do we use ‘cookies’?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your personal browser settings. As each browser is a little different, please reference your own browser's Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser, some of the features that make your site experience more efficient may not function properly.
Third-party disclosure and processing providers
We do not sell, trade, or otherwise transfer your Personally Identifiable Information to any outside parties unless we first provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate, to comply with the law, enforce our site policies, or to protect ours or others' rights, property, or safety.
Below is a table of third-party data processors currently used by Parabol:
|Processor Name:||Processing Activities:||Data Location(s):|
|Amazon Web Services, Inc.||Cloud Service Provider||United States|
|Amplitude, Inc.||Product Analytics Provider||United States|
|Datadog, Inc.||Cloud Infrastructure Monitoring Provider||United States|
|Digital Ocean, Inc.||Cloud Service Provider||United States|
|GitHub, Inc.||Opt-in User Integration Provider||United States|
|Google, Inc.||Digital Advertising Provider||United States|
|HubSpot, Inc.||Marketing Cloud Service Provider||United States|
|LogRocket, Inc.||Product Analytics||United States|
|MailGun, Inc.||Bulk Email Provider||United States|
|Mixpanel, Inc.||Product Analytics Provider||United States|
|Quickbooks, Inc.||Accounting Software Provider||United States|
|Segment, Inc.||Usage Analytics Data Transport Provider||United States|
|Sentry, Inc.||Product Failure Reporting Provider||United States|
|Slack, Inc.||Internal Communications Tool Provider||United States|
|Stripe, Inc.||Payments Gateway Processor||United States|
Transnational Transfer of Data
If you are providing your Personal Data to us directly to use our Services, we will transmit your data, including your Personal Data, to the United States in order to fulfill our service to you. To the extent we transfer and process any Personal Data of European Union or Swiss data subjects to the United States from processors or controllers in the European Union or Switzerland, we will take steps to enter into a Data Protection Addendum with the controller or processor to ensure that Personal Data is processed and transmitted in compliance with the GDPR.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Minors Under 16 Years of Age
Parabol does not knowingly collect or store any personal information from or about children under the age of 16.
If you believe a child under the age of 16 has under any circumstances provided us with personal information and data, a parent or legal guardian can email us at firstname.lastname@example.org to request that their child’s information be deleted from our records.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We do not specifically market to children under the age of 13 years old.
How does our site handle Do Not Track signals?
We do not honor Do Not Track signals. We don't honor them because they would degrade our application experience.
Does our site allow third-party behavioral tracking?
We do allow third-party behavioral tracking.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States, and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
To be in accordance with CAN-SPAM, we agree to the following:
2900 West Shorb Street
Alhambra, California 91803
Last Updated on December 4th, 2019
See also: Parabol Terms of Service