EU-US Privacy Shield Framework
“Personal Information” or “Information” means information that (1) is transferred from the EU to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual.
“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.
MindTouch shall inform an individual of the purpose for which it collects and uses the Personal Information and the types of non-agent third parties to which the MindTouch discloses or may disclose that Information. MindTouch shall provide the individual with the choice and means for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to MindTouch, or as soon as practicable thereafter, and in any event before the MindTouch uses or discloses the Information for a purpose other than for which it was originally collected.
MindTouch will offer individuals the opportunity to choose (opt out) whether their Personal Information is (1) to be disclosed to a third party or (2) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For Sensitive Personal Information, MindTouch will give individuals the opportunity to affirmatively or explicitly (opt out) consent to the disclosure of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. MindTouch shall treat Sensitive Personal Information received from an individual the same as the individual would treat and identify it as Sensitive Personal Information.
Accountability for Onward Transfers
Prior to disclosing Personal Information to a third party, MindTouch shall notify the individual of such disclosure and allow the individual the choice (opt out) of such disclosure. MindTouch shall ensure that any third party for which Personal Information may be disclosed subscribes to the EU-US Privacy Shield Framework or are subject to law providing the same level of privacy protection as is required by the EU-US Privacy Shield Framework and agree in writing to provide an adequate level of privacy protection.
MindTouch shall take reasonable steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. MindTouch has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. MindTouch cannot guarantee the security of Information on or transmitted via the Internet.
Data Integrity and Purpose Limitation
MindTouch shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, MindTouch shall take reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use.
MindTouch shall allow an individual access to their Personal Information and allow the individual to correct, amend or delete inaccurate information, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the individual in the case in question or where the rights of persons other than the individual would be violated.
Recourse, Enforcement, and Liability
Attn: Legal Department
101 West Broadway, Suite 1500
San Diego CA 92101
Information Subject to Other Policies
U.S. Federal Trade Commission Enforcement
MindTouch’s commitments under the EU-US Privacy Shield Framework are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
US-Swiss Safe Harbor
Attn: Legal Department
101 West Broadway, Suite 1500
San Diego CA 92101
MindTouch has further committed to refer unresolved privacy complaints under the US-Swiss Safe Harbor to an independent dispute resolution mechanism operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/us/safe-harbor-complaints for more information and to file a complaint.
What Information Do We Collect and Why?
Anonymous User Information
Anonymous Information. We collect anonymous information about all our users each time they visit the Website so that we can understand how people are using the Website and/ or the Services and improve the overall quality of our users’ online experience. We record the date and time of your visit, the page you visited, track your path through the Website, your IP address, the Internet service provider you are using, referral data, the type of browser you are using and the type of operating system you are using. You do not have to register with us before we can collect this anonymous information.
Personally Identifying Information
Unique Information. We do not collect any unique personally identifying information about you such as your name, email address or any other contact information, except when you specifically and knowingly provide such information.
Account Information. We do not require you to provide your personally identifying information in order for you to access, open or browse the Website. However, certain Services and parts of our Website require that you provide personally identifying information about yourself. Under those circumstances, you will be fully notified of what information we will be collecting and for what purpose.
Financial Information. If you are using a Service that requires a fee, or in circumstances in which you are to receive a payment, we may collect your financial information such as your credit card or other payment information. We may record your service confirmations, usage statistics and payment history for accounting purposes.
Contact Information. We may use your email address or other contact information you provide to notify you of changes to the Services, to correspond with you about any questions or concerns you have brought to our attention and to notify you of any financial obligations you have to us. You may also receive automated messages regarding the Services.
Correspondence. If you contact us to provide feedback, comments or inputs or for any other reason, we may keep a record of that correspondence and collect your personal information to process your enquiries, respond to your requests and improve our services.
With Whom Do We Share Information and What Do We Share?
Financial Information. If you order any Services that require the payment of a fee, we transmit your financial information to our financial service providers and banks for processing. If we ever encounter a problem with your payments, we may review the information with you, our financial service providers and our bank to resolve the issue.
Aggregated General Information. We may share aggregated general information about our Website and Services with our corporate partners, investors, advertisers or others. Aggregate general information includes without limitation the number of users of the Website or any Service, revenue including payments by, or to, the users, and usage statistics. Aggregated general information does not include any personally identifying information that could be used to contact or identify you.
Personally Identifying Information. We may only share personally identifying information with third parties in the following limited circumstances:
- With your prior consent.
- When we have a good-faith belief that such action is reasonably necessary to: (a) satisfy any applicable law, regulation, court order, legal process or enforceable government request, or (b) ensure compliance with applicable terms of service or agreements including investigation of any potential violations, or (c) to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person.
- We may store and process personal information collected on our site in the United States or Canada or any other country in which we or our agents maintain facilities. By using our services, you consent to the transfer of your information among these facilities, including those located outside your country.
- We may use third party service providers to serve ads and emails on our behalf. These companies may use technologies to measure the effectiveness of ads and emails and use information about your visits to the Website so that we can provide a better experience to you.
We take appropriate security measures to protect against unauthorized access to, or unauthorized alteration, disclosure or destruction of, users’ information. We restrict access to your personally identifying information to employees who need to know that information in order to operate, develop or improve the Services. Your financial information and passwords are stored in encrypted format for increased security. Our servers are protected by firewalls and are physically located in secure data facilities to further increase security. While no computer is 100% safe from outside attacks, we believe that the steps we have taken to protect your personal information drastically reduce the likelihood security problems to a level appropriate to the type of information involved.
Third Party Information Gathering
The Website and Services are not intended for children under the age of 13. If you are a child under the age of 13 please do not submit any information to the Website. We do not knowingly request or collect personally identifiable information online or offline contact information from users under 13 years old nor do we knowingly use or share personal information from users under 13 years old with third parties.
Change of Control
In the event that another company acquires all or substantially all of the assets related to the Website or Service, or if we experience some other change of control event, we reserve the right to include any or all stored personal information among the assets transferred to the acquiring company.
Users Outside the United States
Updating Your Information
MindTouch provides You with the ability to review and update user contact information that user provides to MindTouch by accessing and modifying this information in Your account or by submitting a request to MindTouch at [email protected]. We will respond to requests for access to update or delete your account information within 30 days.
If you choose not to receive MindTouch sent emails or newsletters, you can opt-out or unsubscribe by emailing [email protected], by following the opt-out instructions in the email or newsletter, or by sending mail to MindTouch, Inc. (Attn: Legal Department). 101 West Broadway, Suite 1500 San Diego CA 92101.
Effective date: September 30, 2016