EFFECTIVE JUNE 30TH, 2021
- We collect information from you when you subscribe to our newsletter, and when you sign up for, or log in to the Parabol software application
- We will never give or sell this information to any third-party without advance notice to users
- You can unsubscribe from email communications at any time by using the unsubscribe link at the bottom of any email
- We use localStorage on your browser to store Parabol application data and enhance your experience
- All financial transactions and credit card data are processed through a gateway provider and are not stored or processed on our own servers
- We adhere to the California Online Privacy Protection Act (CalOPPA), United States Federal Trade Commission’s fair information practice principles (FIPPs), and the EU General Data Protection Regulation (GDPR).
- We do not specifically market to children under the age of 13 years old, or knowingly store information of children under the age of 16
- You can contact a real human at any time from our contact page
What personal information do we collect from folks that visit our blog, website or app?
When ordering or registering on our site, where appropriate, you may be asked to enter your name, email address, credit card information, or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, subscribe to a newsletter, request support, enter information on our site, or provide us with feedback on our products or services.
How do we process your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, access the website, or use certain other site features in the following ways:
- To personalize your experience and allow us to deliver the content and product offerings which are most relevant
- To improve our website or application in order to better serve you
- To allow us to better service you in responding to your customer service requests
- To administer a contest, promotion, survey or other site feature
- To quickly process your transactions
- To send periodic emails regarding critical product and service updates
We do send your information to a number of third-party data processing services. For a list of these services, please see the section “Third-party disclosure and processing providers”, below.
How do we protect your information?
We conduct regular assessments of our site and application for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We do not use Malware Scanning.
Your personal information is stored behind secured networks and is only accessible by a limited number of persons who have special access rights to these systems. All employees with such access are required–as an obligation of their employment–to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Transport Layer Security (TLS) technology.
We implement a variety of security measures when a user places an order; or enters, submits, or accesses their information, in order to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers. Our servers never see your credit card data. Your credit card information is sent directly from your web client, using bank-level security, to our payment provider, which is PCI DSS certified.
What choices do you provide me to control my personal information?
Right to Review and Rectify Your Personal Data
You can update most of your Personal Data by logging in to your account. However, if additional assistance is required to change or delete inaccuracies within your Personal Data or would like to know what information about you was collected, please contact us at email@example.com.
Right to Remove or Withdraw Consent
You have the right to withdraw consent where such consent is required to share or use data, and you may request that we delete your Personal Data contacting us at firstname.lastname@example.org. However, as your Personal Data is required for us to provide the Services to you, asking us to terminate your account or remove your data will also terminate your access to the services.
We take steps to delete Personal Data that is no longer necessary in relation to providing the Services by deleting it within 90 days of your terminating your account. We may be required by law to retain data to exercise or defend legal claims, or to comply with contractual obligations with our customers to retain some information in connection with our obligation to provide the Services.
If you would like us to transmit your Personal Data to another company providing similar services, we will work with them to do so upon request and verification of such request with both the requestor and the company receiving the Personal Data.
Right of Redress
European Economic Area residents residing in Europe, may, if they wish to, file a complaint regarding our practices by contacting the Data Commissioner’s office in the country in which they reside.
Do we use ‘cookies’?
- Understand and save user’s preferences for future visits
- Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future
- We may also use trusted third-party services that track this information on our behalf
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your personal browser settings. As each browser is a little different, please reference your own browser’s Help Menu to learn the correct way to modify your cookies.
If users disable cookies in their browser, some of the features that make your site experience more efficient may not function properly.
Third-party disclosure and processing providers
We do not sell, trade, or otherwise transfer your Personally Identifiable Information to any outside parties unless we first provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when its release is appropriate, to comply with the law, enforce our site policies, or to protect ours or others’ rights, property, or safety.
Below is a table of third-party data processors currently used by Parabol:
|Processor Name:||Processing Activities:||Data Location(s):|
|Amazon Web Services, Inc.||Cloud Service Provider||United States|
|Amplitude, Inc.||Product Analytics Provider||United States|
|Datadog, Inc.||Cloud Infrastructure Monitoring Provider||United States|
|Digital Ocean, Inc.||Cloud Service Provider||United States|
|GitHub, Inc.||Opt-in User Integration Provider||United States|
|Google, Inc.||Digital Advertising Provider||United States|
|Google Calendar||Opt-in User Integration Provider||United States|
|HubSpot, Inc.||Marketing Cloud Service Provider||United States|
|LogRocket, Inc.||Product Analytics||United States|
|MailGun, Inc.||Bulk Email Provider||United States|
|Mixpanel, Inc.||Product Analytics Provider||United States|
|Quickbooks, Inc.||Accounting Software Provider||United States|
|Segment, Inc.||Usage Analytics Data Transport Provider||United States|
|Sentry, Inc.||Product Failure Reporting Provider||United States|
|Slack, Inc.||Internal Communications Tool Provider||United States|
|Stripe, Inc.||Payments Gateway Processor||United States|
|OpenAI||AI Analysis Provider||United States|
Transnational Transfer of Data
If you are providing your Personal Data to us directly to use our Services, we will transmit your data, including your Personal Data, to the United States in order to fulfill our service to you. To the extent we transfer and process any Personal Data of European Union or Swiss data subjects to the United States from processors or controllers in the European Union or Switzerland, we will take steps to enter into a Data Protection Addendum with the controller or processor to ensure that Personal Data is processed and transmitted in compliance with the GDPR.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
- Users can visit our website anonymously
- Users can change their personal information by logging into their account
Minors Under 16 Years of Age
Parabol does not knowingly collect or store any personal information from or about children under the age of 16.
If you believe a child under the age of 16 has under any circumstances provided us with personal information and data, a parent or legal guardian can email us at email@example.com to request that their child’s information be deleted from our records.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
How does our site handle Do Not Track signals?
We do not honor Do Not Track signals. We don’t honor them because they would degrade our application experience.
Does our site allow third-party behavioral tracking?
We do allow third-party behavioral tracking.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States, and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
- We will notify you via email within 7 business days.
- We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions
- Process orders and to send information and updates pertaining to orders
- Send you additional information related to your product and/or service
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred
To be in accordance with CAN-SPAM, we agree to the following:
- Not use false or misleading subjects or email addresses
- Identify the message as an advertisement in some reasonable way
- Include the physical address of our business or site headquarters in emails
- Monitor third-party email marketing services for compliance, if one is used
- Honor opt-out/unsubscribe requests quickly
- Allow users to unsubscribe by using the link at the bottom of each email
- If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email and we will promptly remove you from all correspondence
8605 Santa Monica Blvd
West Hollywood, CA 90069-4109
Last Updated on December 4th, 2019
See also: Parabol Terms of Service