Information you provide to us. Personal information you may provide to us through the Service or otherwise includes:
In most cases, providing your data is voluntary (e.g. providing user-generated content, contact information to receive marketing communications, invitee data). In other cases providing the information is required in order for CTD to provide our Service, complete our contract or comply with our legal obligations. (e.g. contact data, transaction data, financial data).
Third-party sources. We may combine personal information we receive from you with personal information we obtain from other sources, such as:
Automatic data collection. We, our service providers, and our business partners may automatically log information about you, your computer or mobile device, and your interaction over time with the Service, our communications and other online services, such as:
Cookies and similar technologies. Like many online services, we use the following technologies:
These cookies and other technologies may be employed for the following purposes:
If you connect the Service to a Gmail account, this Privacy Statement will apply to Google user data collected as well as to other categories of personal information. Notwithstanding anything else in this Privacy Statement, if you provide the Service access to the following types of your Google data, the Service’s use of that data will be subject to these additional restrictions:
We may use your personal information for the following purposes or as otherwise described at the time of collection:
Service delivery. We may use your personal information to:
Research and development. We may use your personal information for research and development purposes, including to analyze and improve the Service and our business. As part of these activities, we may create aggregated or de-identified data from personal information we collect. We de-identify personal information by removing information that makes the data personally identifiable to you. We may use this data and share it with third parties for our lawful business purposes, including to analyze, improve and promote the Service and our business.
Marketing. We may collect and use your personal information for marketing purposes:
Compliance and protection. We may use your personal information to:
We will only process your personal information if and to the extent we have a legal basis for doing so. The following are the legal bases that we rely upon to justify our processing:
Performance of a contract – We will process your personal information where necessary to enter into, or for the performance of a contract. For example we process your personal information to:
Legitimate interests – We will process your personal information for the purposes of our legitimate interests, or the legitimate interests of third parties we work with, as long as these interests are not overridden by your interest or fundamental rights and freedoms. For example, we may process your personal information for the following legitimate interests:
In all of the above cases, we carefully strike a balance between our legitimate business interests and your interests or fundamental rights. For more information in the individual case, you can contact our Privacy Officer.
Compliance with legal obligations – We will process your personal information if it is necessary to comply with legal obligations. For example we may process your personal information to:
We do not share your personal information, unless this is necessary for the performance of our Service, for the compliance with a legal obligation, for the purpose of our legitimate interest or if you have given your consent. We may share your personal information with the following recipients:
Service providers. Third parties that provide services on our behalf or help us operate the Service or our business (such as hosting, information technology, customer support, email delivery, marketing, payment processing, consumer research and website analytics).
Payment processors. Any payment card information you use to make a purchase on the Service is collected and processed directly by our payment processors. Payment processors will use your personal information as described in their own privacy policies, so we encourage you to read them.
Third-party platforms and social media networks. If you have enabled features or functionality that connect the Service to a third-party platform (such as by logging in to the Service using your account with the third-party, providing your API key or similar access token for the Service to a third party, or otherwise linking your account with the Service to a third party’s services), we may disclose the personal information that you authorized us to share. We do not control the third party’s use of your personal information.
Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
Business transferees. Acquirers and other relevant participants in business transactions (or negotiations and due diligence for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in CTD (including in connection with a bankruptcy or similar proceedings).
Other users. You can choose to give other users of the Service access to your profile, contact network, strength and existence of your relationships, communication history and other user-generated content. We are not responsible for other users’ use of this information.
We employ a number of technical, organizational and physical safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of your personal information.
When CTD processes your personal data and such processing is subject to European Union (EU GDPR) or United Kingdom (UK GDPR, UK Data Protection Act 2018) data protection law, depending on the applicable law, you may have certain rights with respect to that data, namely:
To exercise any of these rights (if they are available to you under the applicable law), please contact us at email@example.com. When another entity is the data controller (such as your employer when you use the Platform), CTD will refer your request to the third-party data controller and/or provide you with the information you need to contact the data controller directly.
You can also lodge a complaint with a competent data protection supervisory authority if you consider that the processing of your personal data infringes the applicable data protection law.
To the extent permitted by applicable law, we reserve the right to charge a fee or decline requests: (i) that are unreasonable or excessive; (ii) where providing the data would be prohibited by law or could adversely affect the privacy or other rights of another person; or (iii) where we are unable to authenticate you as the person to whom the data relates. Also, please note that we often need to retain certain data for reasons such as recordkeeping and/or to complete any transaction that you began prior to requesting a change or deletion of your data.
When you contact CTD about exercising any of the rights available to you under the applicable data protection law, CTD will ask you for information to verify your identity. In your request, please clearly identify the personal data that is the subject of your inquiry. We will comply with your request as soon as reasonably practicable and within any time frames prescribed by law.
We are headquartered in the United States and may use service providers that also operate in the US or in other countries outside the country in which you reside. Therefore, your personal information may be transferred to countries which may not provide for the same level of data protection as guaranteed under the applicable data protection laws of the country in which you reside (e.g. the EU GDPR). For all such transfers we ensure that these countries are either considered adequate according to the applicable data protection law (e.g. by way of an adequacy decision of the EU commission) or that appropriate safeguards are in place such as standard contractual clauses. If you want to obtain a copy of these safeguards, you can contact us at firstname.lastname@example.org.
We generally only store your personal information for the time necessary to fulfill the purpose for which they were collected or processed. We may retain the data for a longer period, if required for compliance with a legal obligation according to applicable law (e.g. to meet tax or commercial law retention obligations), or to the extent it is required for establishment, exercise, or defense of legal claims.
Access or update your information. If you have registered for an account with us through the Service, you may review and update certain account information by logging into the account.
Opt-out of marketing communications. You may opt-out of marketing-related emails by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us. Please note that if you choose to opt-out of marketing-related emails, you may continue to receive service-related and other non-marketing emails.
Cookies. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. Please note that if you set your browser to disable cookies, the Service may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.
Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
Linked third-party platforms. If you choose to connect to the Service through your social media account or other third-party platform, you may be able to use your settings in your account with that platform to limit the information we receive from it. If you revoke our ability to access information from a third-party platform, that choice will not apply to information that we have already received from that third party.
The Service may contain links to websites and other online services operated by third parties and our content may be integrated into other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control any online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other online services you use.
The Service is not intended for use by anyone under 18 years of age. If you are a parent or guardian of a child from whom you believe we have collected personal information in a manner prohibited by law, please contact us. If we learn that we have collected personal information through the Service from a child without the consent of the child’s parent or guardian as required by law, we will delete it.
We reserve the right to modify this Privacy Statement at any time. If we make material changes to this Privacy Statement, we will notify you by updating the date of this Privacy Statement and posting it on the Service. If required by law we will also provide notification of changes in another way that we believe is reasonably likely to reach you, such as via email or another manner through the Service. Any modifications to this Privacy Statement will be effective upon our posting the modified version (or as otherwise indicated at the time of posting).
Individuals and data protection supervisory authorities in the EU and the UK may contact our data protection representatives according to Article 27, GDPR
Name and contact details of the controller
Connect The Dots, Inc.
548 Market Street, PMB 77624
San Francisco CA 94104-5401
Name and contact details of our legal representative
EU: DP-Dock GmbH, Attn: Connect The Dots, Ballindamm 39, 20095 Hamburg, Germany
UK: DP Data Protection Services UK Ltd., Attn: Connect The Dots, 16 Great Queen Street, Covent Garden, London, WC2B 5AH, United Kingdom
Name and contact details of the data protection officer
Attention: Data Protection Officer
548 Market Street, PMB 77624
San Francisco CA 94104-5401
This section of the Privacy Statement applies only to California residents. It describes how we collect, use, and share Personal Information of California residents in our capacity as a “business” under the California Consumer Privacy Act (“CCPA”) and their rights with respect to that Personal Information. For purposes of this section, the term “Personal Information” has the meaning given in the CCPA but does not include information exempted from the CCPA’s scope. In some cases, we may provide a different privacy notice to certain categories of California residents, such as job applicants, in which case that notice will apply instead of this section.
Your California privacy rights. California residents have the rights listed below under the CCPA. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law.
Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months:
Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months.
Deletion. You can ask us to delete the Personal Information that we have collected from you.
Opt-out of sales. You have the right to opt-out of our sales of Personal Information. Nondiscrimination. You are entitled to exercise the rights described above free from discrimination as prohibited by the CCPA.
Exercising your right to information, access and deletion. You may submit requests to exercise your right to information, access or deletion via email to email@example.com.
We will need to verify your identity to process your information, access and deletion requests and reserve the right to confirm your California residency. To verify your identity, we may require government identification, a declaration under penalty of perjury or other information. We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.
Your authorized agent may make a request on your behalf upon our verification of the agent’s identity and our receipt of a copy of a valid power of attorney given to your authorized agent pursuant to California Probate Code Sections 4000-4465. If you have not provided your agent with such a power of attorney, you must provide your agent with written and signed permission to exercise your CCPA rights on your behalf, provide the information we request to verify your identity, and provide us with confirmation that you have given the authorized agent permission to submit the request.
Notice of right to opt-out of the “sale” of your Personal Information. CTD does not “sell” data as defined by the CCPA. Thus, we do not provide any ability to “opt-out” of such sales.
Personal information that we collect, use and disclose. The chart below summarizes the Personal Information we collect by reference to the categories of Personal Information specified in the CCPA, and describes our practices currently and during the 12 months preceding the effective date of this Privacy Statement. The terms in the chart refer to the categories of information, sources, purposes and third parties described above in this Privacy Statement in more detail. Information you voluntarily provide to us, such as in free-form webforms, may contain other categories of personal information not described below. In addition to the disclosures described in the chart below, we disclose Personal Information as described in the How we share your personal information section above.