Last updated: June 19th, 2019
Effecive Date: June 19th, 2019
Personal information is information that we hold about you, and which identifies, or together with other information may identify, you and/or your End Users.
We collect information from you when you visit our website, when you engage with our platform as a subscriber, and from your End Users who use your mobile application on which our services operate.
We set out below examples of the different ways in which we use personal information and where this personal information comes from.
2.1 Information about you, as a user of our services or Website:
2.1.1 Information you provide to us:
When you sign up for the Services, we ask you for information such as your username, password, email address, website, Skype ID, phone number, job role and country of residence. This information is necessary for us to provide you the Services. If you do not provide this information we would not be able to provide the Services to you.
If you choose to connect to the Services using credentials from a third party service like Google will need to collect authentication information and encrypted access credentials. For Google we ask for information such as your Google account email address, and access to your public profile data including your user name and profile photo.
We use this information to identify you in your use of the Platform. For example, we may take your Third Party Service profile photo and present it alongside your Third Party Service email address.
Any feedback, questions, comments, suggestions, ideas, or the like that you send to us. These will be treated as non-confidential and non-proprietary and we may use them and share them with third parties. This is described more fully in Terms and Conditions.
2.1.2 Information we collect passively from you - Usage, Log, Cookies:
What are Cookies?
Cookies are text information files that your web browser places on your computer, mobile phone, or other device when you visit a website. The cookie will help website providers recognize your device the next time you visit their website. Similar technologies include pixel tags (transparent graphic images placed on a web page or in an email, that indicate whether it had been viewed), web bugs (similar to pixel tags), and local storage objects (using mechanisms such as browser web storage (including HTML 5) and application data caches), which are used in desktop software or mobile devices
For End Users only: to collect information from the End Users, we also use Software Development Kits (SDKs) or Advanced Programming Interfaces (APIs) to collect information of the types described above. For more information about what personal information we collect from End Users and for what purposes, see Section 2.2 below.
What do we use them for?
We and our third party providers use both session cookies (that expire once you close your web browser) and persistent cookies (which stay on the device for a set period of time or until you delete them) in order to operate our services, and in order to optimize them through the performance of analytics.
These cookies are required for making use of the Services. These cookies include security cookies to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorized parties as well as session cookies that remember your log-in session so you can move easily within the Services.
These cookies record some of your activity on the Services as well as information about your device, such as what browser you are running, and what pages you access. This information helps us and our third party service providers diagnose server and software errors, and in cases of abuse, track and mitigate the abuse.
What information do the cookies and other technologies collect:
We collect the following information from users of the Website (but not from your End Users):
Information about your estimated location which may be deduced by various technologies including: IP address.
The unique identifier assigned to your application by the relevant app store, information about the app meta data of your application, your application’s marketing materials publicly available on the different app stores and different attributes regarding the gameplay and structure of your Application.
This includes information, such as the time of an event, how you came to the Services, what search engine and search keywords you may have used to get to the Service, pages you visit on the Service, your activity on the forum. Your actions with respect to emails we send you such as when you open them and what you click in them.
Information about the device you are using such as, hardware model, operating system, application version number and browser, mobile network information, IP addresses, user names, real names, email addresses and other custom properties.
Server logs regarding how you use the Services or view content provided by Google, which may include: Google search queries, telephony log information like phone number, calling party number, forward number, time and date of calls, duration of calls SMS routing information and types of calls, IP address, device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL, cookies that may uniquely identify your browser or your Google Account.
Information received from third parties
We also use Linkedin Sales Navigator to locate and connect with individuals that may find our services interesting. You may decline such requests or remove the connection at any time. You can control which messages you receive by adjusting your communication preferences on your LinkedIn Privacy Settings page or using the unsubscribe options in the footer of messages as applicable (e.g., Sales Navigator InMails).
2.2 Information about your End Users:
With the permission of the mobile application developers, we use technologies such as Software Development Kits (SDKs) or Advanced Programming Interfaces (APIs) to collect information about the mobile application’s End Users' technical data, mobile devices, use of the mobile application, interaction with social media websites and interaction with advertising as described below.
We use these technologies to recognize the End User's device and to track the End User's activities in your application in order to provide our Services to you and in accordance with your instructions. These technologies work by storing a line of code in your application that resides in the End User's mobile device and synchronizes information back and forth between the End User's mobile device and our servers. When an End User removes the application from his or her mobile device this line of code will also be removed.
We collect and store the following End User information:
This includes information, such as URL information, cookie data, IP address, network connection type (e.g., WiFi, 3G, LTE), browser type, language, operating system, and Soomla application version.
The types of devices the End User uses to access the Application, their mobile provider, network and device performance the unique device identifier assigned to that device by phone makers, carriers, or makers of the operating system (to the extent allowed by such phone makers, carriers, or makers of the operating system) identifiers for advertising Google Advertising ID or IDFA and geographic or geolocation information.
Information about how the End User uses and interacts with the applications whose developers are users of our Services. This includes: how the End User uses the different Application functions, the amount of time the End User spends in the Application.
We collect data about how End Users interact with ads inside the application. This includes viewing, clicking on the ads as well as whether or not an End User performed post-click action like installing the advertised.
Information about the country in which the End User might reside as deduced by various technologies including: IP address.
To the extent EU data protection law applies to our processing of personal data about you as user of our Services, we act as the "data controller". To the extent EU data protection law applies to our processing of personal data about users of your mobile applications ("End Users") we serve as the "data processor".
We use your information in order to:
To do this we also use your information to: Provide you with technical support and assistance in the development of the modules in your Application; ensure that the Services function well and communicate with you about the Services by email, forums, notifications within the Services (transactional messages). For example we will contact you to notify you of any issues with the Services or any suspicious activity in your account or use what we learn about your End Users' interactions with your application and with advertising to provide you with information you can use to improve your application. The legal basis for these uses is the performance of the contract with you.
In some cases, your use of information provided to you by us may require the End User's consent. It is your responsibility to disclose clearly, and obtain consent if and as required by applicable data protection law.
We use information about you, collected through cookies and other technologies - see here. We use this information about you, but not about your End Users (i) identify you as a prospect for our services; (ii) deliver advertisements that are more relevant to you and your interests; (iii) limit the number of times you see an advertisement as well as (iv) help measure the effectiveness of the advertising campaign. The advertising services we use for this do not collect IP addresses identified as originating in the EU.
This means that after you are done browsing our website you may see some advertisements about our Services elsewhere on the Internet. Click here to learn how to opt out of this collection of your information for the purpose of advertising.
We use your information, but not your End Users’ information, for analytics and measurement to understand how our Services are used in order to make improvements to our services or develop new components to the Services through understanding how you, but not your End Users use and interact with them, including how you interact with applications, advertising, products, and services that are made available, linked to, or offered through the Services. For example: we use what we learn about volume usages by mobile devices of the users of our Services (but not End Users) to help optimize the layout of the Services, and use Hubspot email tracking to improve our newletters and services.
The legal basis for these uses is our legitimate interest in the improvement and optimization of our service offerings and in ensuring the security of our services and we apply appropriate safeguards to protect your information (see Section 6 below).
The legal basis for these uses is our legitimate interest in the performance of our contractual obligations; protection of our legal rights, compliance with legal obligations and protection of the rights of users and other individuals.
If you agree, we will contact you by email to inform you of new products and Services that might be of interest to you. The legal basis for this is your consent. You can revoke your consent and opt out of such email communications at any time by clicking the "unsubscribe" link at the bottom of each email or by contacting us at firstname.lastname@example.org. Even if you unsubscribe from these emails you will continue to receive service related correspondence
Soomla representatives may send you connection requests or messages on social media. You may decline such requests or remove the connection at any time.
We share information collected about you and your End Users with service providers that assist use with the provision of our Services, as well as in connection with a business transaction or as necessary to comply with our legal obligations. We share your information with marketing and advertising providers to optimize our services and present you with targeted advertising. The advertising services we use to this end do not collect IP addresses identified as originating in the EU.
We share your information and that of your End Users with our parent company, subsidiaries, joint ventures, or other companies under common control with Soomla in the ordinary operation of our business. In addition, we would share your information, or that of your End Users, if we are involved in a merger, acquisition, consolidation, change of control or sale of all or a portion of our assets or if we undergo bankruptcy or liquidation. The legal basis for this sharing is our legitimate interest in carrying out our business operations.
We share your information and that of your End Users, per your instructions, in order to prevent fraud or abuse to our services, to protect your rights, to comply with our legal obligations and to protect our rights, as explained below.
When requested, we will share or facilitate the sharing of End User information with third parties pursuant to your instructions. We do not have any legal relationship with such parties. You are responsible for entering into separate contractual arrangements with such third parties binding them to comply with data protection obligations. These third party data processors are not sub-processors and we shall not bear any responsibility or liability for sharing information with such parties. The legal basis for this sharing is necessary for the performance of our contract with you.
We will share information to prevent or detect fraud or to address technical issues and if we believe it is necessary to investigate, prevent, or take action regarding situations that involve abuse of the Services infrastructure or the Internet in general (such as voluminous spamming, denial of service attacks, or attempts to compromise the security of the website infrastructure or the Services generally). The legal basis for this sharing is our legitimate interest in the prevention of fraud.
We will share information in an emergency or to protect the safety of any person and if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person. The legal basis for this sharing is our legitimate interest in the protection of the rights of others.
We also process and share information in an aggregated, de-identified manner, where the information is shared as part of a statistical report and does not contain personal information.
We allow our advertising partners to collect personal information about you, but not your End Users, for the purpose of advertising - see above for more information.
Please see the section “Cookies and Other technologies” below for information about the technologies that we and third parties use to collect information and to learn about options in connection with these.
The Services may contain links to third party sites that are not owned or controlled by Soomla. We have no control over the content, privacy policies, or practices of any third party site. You are subject to the policies of those third party sites where applicable. We encourage you to ask questions before you disclose your Personal Information.
We take reasonable precautions to protect your personal information. For example, all personal information collected by us is transferred over https and all personal information stored by us or for us is kept on a server in a secure environment. Only employees, our partners and any sub-contractors who need the information to perform a specific service are granted access to the information. All of our employees that have access to personal information are bound by confidentiality obligations. Please keep in mind that the Internet is not a 100% secure medium for communication, and we cannot guarantee that your personal information will always remain private when using the Services.
If you are a user of the Services: The Services are not directed to children under the age of 16. We do not knowingly collect Personal Information from children under 16. If you are under 16, please do not use the Services and do not provide any personal information to us. If you become aware that a child under 16 is a user of the Services and has provided us with personal information without parental consent, please contact us at email@example.com.
If you are an End User: We have no direct relationship with our users’ customers or end users whose personal data we process. Our users are responsible for acquiring any parental consent necessary from End Users who are under 16 as may be required by applicable law. If you are an End User who is under 16 and wish your information to be deleted or to have any other action be taken with respect to your information, please contact our user (the “data controller) as set forth in Section 8 of this notice. If you are a California resident under the age of 18 and you wish to remove publicly available content, please contact us at firstname.lastname@example.org with the subject line “California Eraser”.
If you are a user or an End User of our services, and reside in the EU you may be entitled by law as well as under the Privacy Shield principles (see below) to access, correct, amend, or delete personal information about you that we hold. A list of these rights is below. For specific things you can do to control how we use your information please see Section 9 below.
If you are an End User: We have no direct relationship with our user’s customers or end users whose personal data we process. If you are an End User, and you would like to access, amend or delete your data or otherwise exercise your data subject rights under applicable EU data protection law, then you need to contact our user (the “data controller”) directly and we will respond within a reasonable period of time to any such request by our user.
If you are a user of our services: You may access your Soomla account to access, correct or delete the information you provided to us, or information we hold about your End Users, and which is associated with your account. For instructions on accessing your information or otherwise for assistance with these rights please write us at email@example.com.
In the event that we refuse a request, we will provide the individual with a reason as to why. Individuals in the EU have the right to complain as outlined in Section 14 below.
A list of your rights is below:
The right to request a copy of the information that we hold about the individual.
The right to correct data that we hold about the individual that is inaccurate or incomplete.
in certain circumstances the individual can ask for the data we hold about him or her to be erased from our records.
where certain conditions apply to have a right to restrict the processing.
the right to have the data we hold about the individual transferred to another organization.
you have the right to object to certain types of processing such as direct marketing (to the extent applicable). We do not engage in any marketing to the End Users of the Services.
the right to not be subject to the legal effects of automated processing or profiling.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here. If you need further assistance regarding your rights, please contact us using the contact information provided below and we will consider your request in accordance with applicable law. In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
Email communication: Users may opt out of receiving promotional email communication from Soomla by clicking the “unsubscribe” link provided with each email. We will continue to send you notifications necessary for the Services to this email address.
Email tracking via Hubspot: You can disable the email tracking by disabling the display of images by default in your e-mail program. In this case the newsletter will not be displayed completely and you may not be able to use all the features. If you display the images manually, the tracking described above will be done.
Deleting your account: You may request that we delete your account or delete information pertaining to your End Users by writing us at firstname.lastname@example.org.
Cookies and other technologies:
Facebook Pixel: You can control your Facebook ad preferences by visiting https://www.facebook.com/about/ads.
Interest based advertising generally:
Google Analytics: You can control the information provided to Google and opt out of certain ad provided by Google by using of the of the methods set forth http://www.google.com/policies/privacy/partners/ or downloading the Google Analytics opt-out browser add-on for Google Analytics which can be found here.
LinkedIn: You can opt-out of the LinkedIn Insight Tag by clicking here.
Mixpanel: You can opt-out of Mixpanel’s automatic retention of data collected through your browsers by clicking here. To track opt-outs Mixpanel uses a persistent opt-out cookie placed on your devices. Mixpanel opt-out cookies will not prevent any other data collection methods. If you get a new computer, install a new browser, erase or otherwise alter your browser’s cookie file (including upgrading certain browsers) they may also clear the Mixpanel opt-out cookies.
All Cookies: You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help feature on most browsers provide information on how to accept cookies, disable cookies, or to notify you when receiving a new cookie. If you do not accept cookies, you may not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly. Turning off the browser’s cookies will prevent web beacons from tracking your specific activity. The web beacon may still record an anonymous visit from your IP address, but unique information will not be recorded. If you do not want to receive tracking pixels, you will need to disable HTML images in your email client, and that may affect your ability to view images in other emails that you receive. You can find more information about cookies at http://www.allaboutcookies.org/.
We retain your End User information in accordance with the provisions of the agreement between us or the applicable data processing addendum.
We retain your information for as long as necessary for the purpose for which it was provided and to the extent that we are obliged to do so in accordance with applicable laws and regulations and/or as necessary to protect our legal rights or for certain business requirements. For example, when we process your payments, we will retain this data for longer periods of time as required for tax or accounting purposes. To read more about specific reasons we would retain some data for longer periods of time see below:
I.e. to protect you, other people, and Soomla from fraud, abuse, and unauthorized access.
When you make a payment to us we are often required to retain this information for long period of time for purposes of accounting, dispute resolution and compliance with tax, anti-money laundering, and other financial regulations
To meet any applicable law, regulation, legal process or enforceable governmental request, as required to enforce our terms of service, including investigation of potential violations.
For example, when you share information with other users, deleting it from your account will not eliminate copies maintained by the recipients
If you have directly communicated with us , through a customer support channel, feedback form, or a bug report, we may retain reasonable records of those communications.
Even if you delete your account, keep in mind that the deletion by our third party providers may not be immediate and that the deleted information may persist in backup copies for a reasonable period of time. Also, information that had already been shared with third parties may not be deleted by them. For any privacy or data-protection-related questions, please write to email@example.com.
Soomla transfers, processes and stores information about you on servers located in a number of countries, including the United States. We also subcontract processing to, or share your information with, third parties located in countries other than your home country.
Transfers of Information from the EEA and Switzerland:
For EU and Swiss Individuals:
As the Court of Justice of the EU has invalidated the EU-US Privacy Shield Framework, Soomla no longer relies on this mechanism for the transfer of personal data from the European Economic Area (“EEA”) to the US.
For any transfers of personal information from the EEA and the United Kingdom to the US, Soomla will move to reliance on Standard Contractual Clauses executed with each of our clients and subcontractors. Soomla will conduct any transfers of personal information from Switzerland to the US in compliance with the Swiss-US Privacy Shield Framework, for as long as such mechanism is a recognized method of transfer (EU-US Privacy Shield Framework and Swiss-US Privacy Shield Framework referred to collectively as “Privacy Shield”).
Transfers of information not from the EEA, UK, or Switzerland
However, in connection with these transfers of personal information, your personal information may be subject to privacy laws that may not provide the same protection as your country of residence. For example, government entities in such other countries may have certain rights to access your personal information. By using this Site or using our products or services to which this privacy notice relates, you are consenting to this transfer of your personal information.
Data Protection Governance (Privacy Shield Certification)
With respect to personal data received or processed pursuant to Privacy Shield, when such transfers were permissible, Soomla is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
If we become subject to an FTC or court order based on non-compliance, Soomla shall make public any relevant Privacy Shield-related sections of any compliance or assessment report submitted to the FTC, to the extent consistent with confidentiality requirements.
Pursuant to the Privacy Shield Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to firstname.lastname@example.org. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to email@example.com.
In certain situations, Soomla may be required to disclose personal information in response to lawful requests by public authorities, including in order to meet national security or law enforcement requirements. For more information, please see Section 4 above headed "What do we do with the information collected?"
Soomla’s accountability for personal data that it received in the United States under Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Soomla remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Soomla proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, Soomla commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and United Kingdom, and Swiss individuals with Privacy Shield inquiries or complaints should first contact us at firstname.lastname@example.org.
Soomla has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
The Services do not support Do Not Track at this time. Do Not Track (DNT) is a privacy preference you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For all the details, including how to turn on Do Not Track, visit donottrack.us.
260 MADISON AVE, SUITE 204
NEW YORK, NY 10016 United States
Last Updated: Aug 25th, 2020
Effective Date: Aug 25th, 2020