MindTouch® (“MindTouch”, “we”) is a business to business (B2B) service provider that allows companies to utilize customer self-service software that delivers timely content across every support channel. To this end we directly engage with businesses and individuals representing those entities, not the general public at large.
Note for users of MindTouch’s Cloud-Based Services
Users of MindTouch’s cloud-based services (“Services”) are subject to an additional set of conditions which are necessary in order to provide product-related duties. These policies are detailed in the Master Subscription Agreement (MSA). The current version of the Master Subscription Agreement is published here https://mindtouch.com/msa.
Please note that Subscribers to the Services are solely responsible for establishing policies to ensure compliance with all applicable laws and regulations—as well as any and all privacy policies, agreements, or other obligations that relate to the collection of Personal Identifiable Information in connection with the use of the Services by Individuals (also referred to as “data subjects”) with whom the Subscribers interact. If the Individual interacts with a Subscriber using the Services, then the Individual will be directed to contact the Subscriber for assistance with any requests or questions relating to the Individual’s Personally Identifiable Information, or if the Individual wishes to amend how that information is being used.
In order to provide Services, MindTouch may transfer Personally Identifiable Information to companies that help provide Services. We currently utilize cloud service providers and payment processors. Such transfers of Personally Identifiable Information are governed by the Service Agreements for the Subscribers.
What information does MindTouch collect, how is it collected, and how is it used?
Personally Identifying Information
MindTouch does not collect any unique personally identifying information about the Individual such as the Individual’s name, email address, or any other contact information—except when the Individual specifically and knowingly provides such information.
MindTouch does not require the Individual to provide their personally identifying information in order for the Individual to access, open, or browse the Website. However, certain Services and parts of the Website require that the Individual provides personally identifying information about the Individual themself. Under those circumstances, the range of data we collect may consist of individual name, company name, job title, email address, physical address, phone number.
If the Individual is using a Service that requires a fee, or in circumstances in which the Individual is to make a payment, MindTouch may collect financial information—such as payment information. MindTouch may record the Individual’s service confirmations, usage statistics, and payment history for accounting purposes.
MindTouch may use the Individual’s email address or other contact information to notify the Individual of any changes to the Services, to correspond with the Individual about any questions or concerns that has been brought to attention, and to notify the Individual of any financial obligations they have to MindTouch. The Individual may also opt-in to receive automated email messages regarding the Services.
If the Individual contacts MindTouch to provide feedback, comments, or input, a record may be kept of that correspondence, and a collection the Individual’s Personally Identifiable Information will be sought to process the inquiries, respond to requests, and improve the services.
Principles of how MindTouch Treats the Individual’s data
Links to other websites
The Website may contain links to other websites. For example: partner websites and other blog sites that are referenced in the MindTouch blog. In such cases, the information practices, data collection policies, and the content of such other websites are governed by the privacy statements of those websites. It is advised that the Individual reviews the privacy statements of any other websites when visited to understand their information policies and practices.
MindTouch’s duty to inform the Individual
MindTouch shall inform an Individual of the purpose for which it collects and uses the Personal Identifiable Information, and the types of non-agent third parties to which MindTouch may or may not disclose Information.
MindTouch shall provide the Individual with the choice and means for limiting the use and disclosure of their Personal Identifiable Information. Notice will be provided in clear and conspicuous language when Individuals are first asked to provide Personal Identifiable Information to MindTouch, or as soon as practicable thereafter—and, in any event, before MindTouch uses or discloses the Information for a purpose other than for which it was originally collected.
The Individual’s ability to choose
MindTouch will provide an Individual choices before use for a purpose other than which it was originally collected or subsequently authorized.
The Individual will receive service notifications by email to the email address then on record. If the Individual chooses not to receive MindTouch email communications, the Individual can opt-out or unsubscribe by visiting http://info.mindtouch.com/preferences, by emailing [email protected], by following the opt-out instructions in the email or newsletter, or by sending mail to MindTouch, Inc. (Attn: Legal Department). 101 West Broadway, Suite 1500, San Diego, CA 92101.
Accountability for Onward Transfers
Currently, MindTouch does not share or sell any personal data with non-agent third parties. Upon updates to this policy, we will identify those parties and provide individuals with opt-out choice prior to sharing their data.
MindTouch shall take reasonable steps to protect the Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. MindTouch has put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the Information. This includes: loss, misuse, unauthorized access, disclosure, alteration, and destruction. MindTouch cannot guarantee the security of Information on or transmitted via the Internet.
Data Integrity and Purpose Limitation
MindTouch shall only process Personal Identifiable Information in a way that is compatible with—and relevant for—the purpose for which it was collected or authorized by the Individual. To the extent necessary for those purposes, MindTouch shall take reasonable steps to ensure that Personal Identifiable Information is accurate, complete, current, and reliable for its intended use.
Right to Access
MindTouch allows all Individuals—no matter their country of residence—rights to access the Personal Identifiable Information maintained about them. MindTouch shall allow an Individual access to their Personal Identifiable Information, and allow the Individual to correct or amend inaccurate information—in exception of when the burden or expense of providing access would be disproportionate to the risks to the privacy of the Individual in question, or where the rights of persons other than the Individual would be violated. This, notwithstanding, an Individual can opt to delete all data that MindTouch would hold at any time. Prior to doing so, MindTouch need to take steps to adequately verify the identity of the Individual making the request.
An Individual who seeks access or correct, amend, or delete data, should direct their query to [email protected]ch.com.
With Whom Does MindTouch Share Information and What is Shared?
If the Individual orders any Services that require the payment of a fee, MindTouch transmits the Individual’s financial information to financial service providers and banks for processing. If a problem is ever encountered with the Individual’s payments, MindTouch may review the information with the Individual, financial service providers, and the bank to resolve the issue.
MindTouch may share aggregated general information about the Website and Services with corporate partners, investors, advertisers, or others. Aggregated general information includes, without limitation: (1) the number of users of the Website or any Service, (2) revenue including payments—by, or to—the users, and (3) usage statistics. Aggregated general information does not include any personally identifying information that could be used to contact or identify the Individual.
MindTouch may only share personally identifying information with third parties in the following limited circumstances:
- With the Individual’s prior consent and where the processing is in MindTouch’s or a third party’s legitimate interests. This will not be used to override the Individual’s data protection interests or fundamental rights and freedoms.
- When MindTouch has a good-faith belief such action is reasonably necessary to: (a) satisfy any applicable law, regulation, court order, legal process or enforceable government request, or (b) ensure compliance with applicable terms of service or agreements including investigation of any potential violations, or (c) to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person.
- MindTouch may store and process Personal Identifiable Information collected on the site in the United States, Canada, or any other country in which MindTouch or MindTouch agents maintain facilities. By using these services, the Individual consents to the transfer of the Individual’s information among these facilities, including those located outside the Individual’s country.
- MindTouch may use third party service providers to serve ads and emails. These companies may use technologies to measure the effectiveness of ads and emails and use information about the Individual’s to the Website so that a better experience may be provided to the Individual. If the Individual chooses not to receive MindTouch email communications, the Individual can opt-out or unsubscribe by: (1) visit http://info.mindtouch.com/preferences; (2) email [email protected], (3) follow the opt-out instructions in the email or newsletter; (4) send mail to MindTouch, Inc. (Attn: Legal Department). 101 West Broadway, Suite 1500, San Diego, CA 92101.
Updating the Individual’s Contact Information
MindTouch provides the Individual with the ability to review and update user contact information that user provides to MindTouch by: (1) accessing and modifying this information in the Individual’s account; (2) submitting a request to MindTouch at [email protected] MindTouch will respond to requests for access to update or delete the Individual’s account information within 30 days.
If the Individual chooses not to receive MindTouch email communications, the Individual can opt-out or unsubscribe by: (1) visit http://info.mindtouch.com/preferences; (2) email [email protected], (3) follow the opt-out instructions in the email or newsletter; (4) send mail to MindTouch, Inc. (Attn: Legal Department). 101 West Broadway, Suite 1500, San Diego, CA 92101.
MindTouch takes appropriate security measures to protect against: unauthorized access,unauthorized alteration, and disclosure or destruction of the Individual’s information. MindTouch restricts access to Individual’s personally identifying information to employees who need to know that information in order to operate, develop, or improve the Services. The Individual’s financial information and passwords are stored in encrypted format for increased security. MindTouch’s servers are protected by firewalls and are physically located in secure data facilities to further increase security. While no computer is 100% safe from outside attacks, it is believed that the steps that have been taken to protect Personal Identifiable Information has drastically reduced the likelihood security problems to a level appropriate to the type of information involved.
Third Party Information Gathering
The Website and Services are not intended for children under the age of 13. If the Individual is a child under the age of 13, please do not submit any information to the Website. MindTouch does not knowingly request Personal Identifiable Information online or offline—from users under 13 years of age; nor does MindTouch knowingly use or share Personal Identifiable Information from users under 13 years of age with third parties.
Change of Control
In the event that another company acquires all, or substantially all, of the assets related to the Website or Service—or if MindTouch experiences some other change of control event— MindTouch reserves the right to include any or all stored Personal Identifiable Information among the assets transferred to the acquiring company.
Users Outside the United States (GDPR for EU Individuals)
Privacy Shield for EU and Swiss Individuals Whose Data is Transferred into the United States
MindTouch is subject to the regulatory and enforcement authority of the United States Federal Trade Commission (FTC).
Pursuant to the Privacy Shield MindTouch is liable for the onward transfer of EU and Swiss personal data to agent third parties unless we can prove we were not a party to the actions resulting in the damages.
Please note that we are obliged by the Privacy Shield to inform EU and Swiss individuals that we may be required to release their personal data in response to lawful requests from public authorities including to meet national security and law enforcement requirements.
We acknowledge the right of EU and Swiss individuals to access their personal data. Individuals wishing to exercise this right may learn how to do this by referring to “The Individual’s Ability To Choose” section above.
In compliance with the Privacy Shield Principles, MindTouch commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact MindTouch at:
101 West Broadway Suite 1500
San Diego, CA 92101
MindTouch has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Effective date: September 14, 2018