Last Updated: February 12, 2021
What personal information we collect depends largely on the interaction that takes place between you and INBOXR, most of which can be categorized under the following:
Using INBOXR Software as a Service. When you use any INBOXR Software as a Service (the “Services”), we store all the content you provide, including but not limited to accounts created for team members, files, pictures, project information, and any other information that you provide to the Services.
In and through the Services, we also collect data about usage of the Services. This may include, but is not limited to, numbers of users, flows, broadcasts etc.
Using the Site: When you use the Site, we collect certain information, as described in more detail below that may, alone or in combination with other information, constitute personal information.
Types of Personal Information:
(i) INBOXR Customers (“Customers”): Name, address, company name, identification, publicly available social media profile information, e-mail, financial information (payment information). We use a third-party service provider to process your payment transactions. These third parties are governed by their own agreements.
(ii) Purchasing a subscription. When you sign up for a additional Subscription for the Services, we collect information to process your payment and create your customer account. This information includes name, email address, physical address, telephone number, and company name where applicable. We use a third-party service provider to process your credit card transactions. These third parties are governed by their own agreements.
(iv) Data collected for and by our Customers. As you use our Services, you may import into our system personal information you have collected from your users, customers, prospective customers, and social media and messaging platform contacts (collectively “Subscribers”) or other individuals. We have no direct relationship with your Subscribers or any person other than you, and for that reason, you are responsible for making sure you have the appropriate permission and legal basis for us to collect and process information about those individuals. As part of our Services, we may use and incorporate into features information you have provided, we have collected from you, or we have collected about Subscribers.
(vi) Sensitive personal information. Subject to the following paragraph, we ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Services or otherwise.
For service operations (i) To operate, maintain, administer and improve the Services; (ii) to manage and communicate with you regarding your Services account, if you have one, including by sending you Services announcements, technical notices, updates, security alerts, and support and administrative messages; (iii) to process payments you make through the Services; (iv) to better understand your needs and interests, and personalize your experience with the Services; (v) to send you information about the Services by email (vi) to respond to your Services-related requests, questions and feedback.
To communicate with you. If you request information from us, register for the Services or participate in our surveys, promotions or events, we may send you INBOXR-related marketing communications if permitted by law but will provide you with the ability to opt out.
Administration and analysis: We use automatically collected information to administer the Service and the Site and we analyze (and may engage third parties to analyze) this information to improve and enhance the Site and the Services by expanding their features and functionality and tailoring it to our Users’ needs and preferences.
To analyze trends, administer the Site, track users’ movements around the Site, serve targeted advertisements, and gather demographic information about our user base as a whole.
To comply with law. We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.
With your consent. We may use or share your personal information with your consent, such as when you consent to let us post your testimonials or endorsements on our Site, you instruct us to take a specific action with respect to your personal information or you opt into third party marketing communications.
To create de-identified data for analytics. We may de-identify personal information. We de-identify personal information by excluding information that makes the data personally identifiable to you, and use that de-identified data for our lawful business purposes.
For compliance, fraud prevention and safety. We use your personal information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern the Services; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
You have the following rights:
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Access to Data Controlled by our Customers. INBOXR has no direct relationship with the individuals whose personal information is contained within the Custom User Fields processed by our Service. An individual who seeks access, or who seeks to correct, amend, or delete personal information provided by our users should direct their request to the Customer directly.
We will retain personal information we process on behalf of our Customers for as long as needed to provide our Services or for an indefinite time to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements. If required by law, we will delete personal information by erasing it from our database.
INBOXR operates in countries outside the EEA, the UK, and Switzerland, such as in the United States of America and the Russian Federation and may utilize data processors and sub-processors located in third countries. If you are located in the EEA, the UK, or Switzerland, this means that we may transfer personal information outside of your country. Such transfers are made using appropriate safeguards and supplementary measures, such as the EU Standard Contractual Clauses for Controller-to-Controller and Controller-to-Processor Transfers (“Safeguards”). If you would wish to view such Safeguards, contact us at firstname.lastname@example.org.
We believe it is important to provide added protection for children online. We encourage parents and guardians to spend time online with their children to observe, participate in and/or monitor and guide their online activity. The Site and/or the Services are not intended for use by anyone under the age of 16, nor does INBOXR knowingly collect or solicit personal information from anyone under the age of 16. If you are under 16, you may not attempt to register for the Services or send any information about yourself to us, including your name, address, telephone number, or email address. In the event that we confirm that we have collected personal information from someone under the age of 16 without verification of parental consent, we will delete that information promptly. If you are a parent or legal guardian of a child under 16 and believe that we might have any information from or about such child, please contact us.
Notice of Breach of Security
If a security breach causes an unauthorized intrusion into our system that materially affects you or your Subscribers, then INBOXR will notify you as soon as possible and later report the action we took in response.
Safeguarding Your Information
We take reasonable and appropriate measures to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information. Despite these efforts to store personal information collected on and through the Site and/or the Services and otherwise by us in a secure operating environment that is not available to the public, we cannot guarantee the security of personal information during its transmission or its storage on our systems. Further, while we attempt to ensure the integrity and security of personal information, we cannot guarantee that our security measures will prevent third-parties such as so-called hackers from illegally obtaining access to personal information. We do not warrant or represent that personal information about you will be protected against, loss, misuse, or alteration by third parties.
If you are a person located in the European Economic Area, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. We will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate business interests. In some cases, we may also have a legal obligation to collect personal information from you.
If we ask you to provide personal information to comply with a legal requirement or to enter into a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our legitimate business interests, we will make clear to you at the relevant time what those legitimate business interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “How To Contact Us” heading below.
Under California’s Shine the Light law, Cal. Civ. Code § 1798.83, California residents have the right to request in writing from businesses with whom they have an established business relationship, (a) a list of the categories of personal information, such as name, e-mail and mailing address including billing ZIP code and the type of services provided to the customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties' direct marketing purposes and (b) the names and addresses of all such third parties. To request the above information, please contact us at email@example.com. We will respond to such requests for information access within 30 days following receipt at the e-mail or mailing address stated below. Please note that we are only required to respond to an individual once per calendar year.
Additionally, California law requires that we indicate whether we honor “Do Not Track” settings in your browser concerning targeted advertising. We do not currently alter our practices when a Do Not Track signal is received. To learn about Do Not Track and for information about how to opt out of receiving targeted advertising, please click www.aboutads.info/choices.
Furthermore, subject to certain exemptions, California residents have the following rights with respect to personal information we may have collected about them:
(i) Requests to Know
You have the right to request that we disclose:
You may submit a request to know via this "Manage my Data Link". The delivery of our response may take place electronically or by mail. We are not required to respond to requests to know more than twice in a 12-month period.
(ii) Requests to Delete
You have the right to request that we delete any personal information about you that we have collected. Upon receiving a verified request to delete personal information, we will do so unless otherwise required or authorized by law. You may submit a request to delete personal information via this "Manage my Data Link".
(iii) Authorized Agents
You may designate an authorized agent to make requests on your behalf. You must provide an authorized agent written permission to submit a request on your behalf, and we may require that you verify your identity directly with us. Alternatively, an authorized agent that has been provided power of attorney pursuant to Probate Code sections 4000-4465 may submit a request on your behalf.
(iv) Methods for Submitting Consumer Requests and Our Response to Requests
You may submit a request for access and requests to delete personal information about you via: "Manage my Data Link" or via email at firstname.lastname@example.org.
Upon receipt of a request, we may ask you for additional information to verify your identity. Any additional information you provide will be used only to verify your identity and not for any other purpose.
We will acknowledge the receipt of your request within ten (10) business days of receipt. Subject to our ability to verify your identity, we will respond to your request within 45 calendar days of receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. In order to protect your privacy and the security of personal information about you, we verify your request by via email.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
(v) The Right to Non-Discrimination
You have the right not to be discriminated against for the exercise of your California privacy rights described above. Unless permitted by the California Consumer Privacy Act, we will not: