Effective as of June 12, 2020
User Types and Applicability
User Types. This Policy applies to users of the Services. Such users include 1) visitors to our Websites, 2) users of our applications, technology, products or other Services who are not associated with an OpenFin Enterprise Customer account (“Free Users”), and 3) end users of OpenFin Enterprise Customer accounts (“Enterprise Users”).
Applicability. Except as noted herein, this Policy applies to all of these types of users. This Policy does not apply to corporate entities that have entered into separate agreements (each a “Customer Agreement”) with OpenFin. Notwithstanding the above, to the extent that the application of this Policy to Enterprise Users conflicts with special provisions of a Customer Agreement, the Customer Agreement shall govern.
Non-Applicability to Third-Party Services. These Terms govern only the Services operated by OpenFin listed above. We do not operate the third-party applications or services accessible through OpenFin or that utilize OpenFin OS, and such third-party services are subject to those entities’ own Privacy Policies.
Information We Collect
Information Collected Directly from You. We collect information that you choose to provide us through the Services, including:
- Registration information. To register for an OpenFin ID, you are required to provide your name, business email address, and name of the business you work for. You will also be asked to create a password for your account.
- Profile Information. After you register for an OpenFin ID, you may provide certain information in your profile, including name, business name, title, a profile picture, or other information you choose to provide in your profile.
- Preferences. OpenFin may allow you to set preferences within the Services, such as which applications to display on your dashboard. We will collect this information so that we can save your preferences in future sessions.
- Other Information. You may also give us information to allow us to contact you or use certain features available through our Services without signing up for an Account, such as when you fill out a request form, provide feedback, email us, or engage in communications with our team.
- Inquiries and technical support. You may provide us with information when you interact with us in other ways, such as when you submit requests or questions to us, or when you contact us for technical support.
Information Collected from Your Employer. If you are an Enterprise User, the company associated with the domain you used to register for OpenFin (your “Employer”) may provide us with certain information about you to facilitate account registration and management, such as your name, business email address, title, and dates of employment. If you are a Free User, your Employer may verify your employment with that company and may inform us if your employment status changes.
Information Collected Through Automated Means. We and our service providers use a variety of technologies to collect information about how you use and interact with the Services. Such information includes:
- Log files. As you use our Services, we automatically record information in log files. These log files may include information such as your web or content requests, IP address, browser type and settings, referring/exit pages and URLs, number of clicks, date and time stamp information, language preferences, data from cookies and similar technologies, and other such information.
- Services metadata. We collect metadata that provides high-level information about how you interact with the Services, such as the names of apps you access, frequency and duration of use, and other information.
Information from cookies and similar technology. A cookie is a small text file that is placed on your computer when you visit a site. Cookies enable site operators to (i) recognize your computer and login session; (ii) store your preferences and settings; (iii) understand which pages of the websites you have visited; (iv), enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests; (v) perform analytics; and (vi) assist with security and administrative functions. As you use the Services and/or browse the OpenFin website, we and our services providers use a variety of technologies, including cookies and similar technology, to assist in collecting information about how you access and use the Services. Such information may include your operating system, your IP address, browser type and language, referring pages and URLs, keywords, date and time, what sections of our Websites you visit or use, device identifiers such as MAC address and UUID, carrier and country location, hardware and processor information, network type, and similar data (collectively, the “usage information”).
Google Analytics: http://tools.google.com/dlpage/gaoptout
Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari).
- Information from third-party sources. We may enhance the information we collected about you with information from third-party sources, including social media, information available to us through add-ons or plug-ins, public websites, and employer directories.
Aggregate/De-Identified Information. We may aggregate and/or de-identify information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with third parties without restriction.
How We Use Your Information
General. We may use your information to:
- Provide, maintain, and operate the Services;
- Improve the Services and develop new features;
- Respond to your inquiries;
- Provide technical support and assistance;
- Communicate with you about the Services, including to provide you with service-related communications or inform you of new products or features;
- Communicate with your employer about employee usage and determining appropriate account charges;
- Send you marketing communications about products and services that we think may be of interest to you, as permitted by local law and consistent with your preferences.
- Engage in analysis, research, and reports regarding use of the Services;
- Protect and secure the Services and our users;
- Comply with applicable laws, regulations, subpoenas, governmental requests or legal process, or in connection with a legal investigation.
Special Terms for Enterprise Users. If you are an Enterprise User, your Employer’s Customer Agreement governs how we may use your Registration Information, Profile Information, and Information Collected from Your Employer, as those terms are described in Section 2.1 (“Enterprise User Information”), and we will use such information only as permitted by the Customer Agreement or as otherwise directed in writing by your Employer. In the absence of Customer Agreement terms governing the use of Enterprise User Information or written instructions from your Employer, we may use Enterprise User Information for any of the purposes set forth in Section 3.1 above.
How We Share Information
We share the information described in Section 2 as follows:
- Service Providers. We may share or provide access to your information with third-party service providers that use such information only to perform services on our behalf, such as supporting the operation of our site, advertising and marketing our Services, analytics, research, data storage, security, and others.
- Business Transfers. If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner. In such case, your information would remain subject to the promises and commitments contained in this Policy until such time as this Policy is updated or amended by the acquiring party upon notice to you. If such transfer is subject to additional mandatory restrictions under applicable laws, OpenFin will comply with such restrictions.
- Consent. If you are a Free User, we may disclose your information to third parties when you provide us your consent to do so.
- With Your Employer. If you are an Enterprise User, we will share your Enterprise User Information with your Employer, or with others as directed by your Employer. If you are a Free User, we may share the email address you used to register for the Services with your Employer for the purposes of verifying your eligibility to register for OpenFin and terminating your account upon termination of your employment.
- Entities for Legal Purposes. We will disclose the information we collect where we have a good faith belief that such disclosure is: (a) required by law (or to respond to subpoenas, warrants, government requests, or similar process served on us); (b) pursuant to our DMCA notice and take-down policy and procedures; and/or (c) necessary to protect or defend our legal rights or property, the Services, you, or other third parties, or ensure the safety and security of our Services, systems, and of our customers or the general public.
We will retain your information for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law, or for Enterprise Users, where the Customer Agreement requires or permits specific retention or deletion periods.
Data Controller and Processor Disclosure. Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information about you (“personal data”). For Free Users, OpenFin is the data controller of all categories of personal data collected through the Services, which are set forth in Section 2 of this Policy. For Enterprise Users, OpenFin acts as a data processor on behalf of its Enterprise customers with respect to Enterprise User Information (as that term is defined in Section 3.2), and as a data controller with respect to other information described in Section 2, including but not limited to Information Collected through Automated Means.
Cross-Border Data Transfers. The Services are operated from the United States. If you are located outside of the United States, please be aware that any information you provide to us and/or that we collect from you, including personal data, will be transferred from your country of origin to the United States, which may have different data protection laws than your jurisdiction. We may also transfer information that we collect about you to third party processors across borders and from your country or jurisdiction to other countries or jurisdictions around the world. In such cases, where required by law, OpenFin has put into place safeguards to ensure adequate protection of your data, such as European Commission-approved standard contractual clauses. Where permitted by law, we may also transfer data to other jurisdictions with your consent.
Legal Bases for Use of Your Personal Data. OpenFin processes personal data for which it is the data controller pursuant to the following legal bases under the EU General Data Protection Regulation (“GDPR”):
- Where use of your information is necessary to perform our obligations under a contract with you (for example, to comply with our Terms of Service which you accept by using the Services);
- Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security for our Services; operate our Services; prevent fraud, analyze use of and improve our Services, and for similar purposes);
- Where use of your information is necessary to comply with a legal obligation; or
- Where we have your consent to process data in a certain way.
Data Processing Addendum. OpenFin offers a Data Processing Addendum to its Enterprise Customers that supplements the Customer Agreement or any master subscription agreement. This addendum reflects our requirements as a processor of Enterprise User Information. You may access a copy of our standard Data Processing Addendum and instructions for signing and submitting the Addendum here by sending an email to email@example.com with the subject "Enterprise Data Processing Addendum Request."
EU Representative. Our representative in the EU is Adam Toms 14 New Street London EC2M 4HE UK.
We maintain appropriate security measures to protect your information from loss, misuse and unauthorized access, disclosure, alteration and destruction, and comply with applicable laws and regulations relating to the security of personal information. Not all methods of accessing our Services are equally secure. If you are an Enterprise User, it is your responsibility to check beforehand on the privacy and/or security policy of your Employer prior to accessing the Services.
We do not knowingly collect any personal information from children under the age of 13. If you are under the age of 13, please do not give us any personal information. If you have reason to believe that a child under the age of 13 has provided personal information to us, please contact us at firstname.lastname@example.org, and we will endeavor to delete that information from our databases.
Your Rights and Choices
- You may manage your receipt of marketing and non-transactional communications by clicking on the “Manage Email Preferences” link located on the bottom of any OpenFin marketing email and following the instructions found on the page to which the link takes you. You cannot opt out of receiving transactional emails related to the Services.
Requests Regarding Your Personal Information
- Depending on your jurisdiction of residence, you may have certain rights with respect to your personal information, including the right to correct, amend or delete your personal information. If you would like to exercise your rights under applicable law, please email us at email@example.com with your name, OpenFin ID, and a description of your request. We may request additional information to verify your identity, and will respond to your request as required by applicable law in your jurisdiction. Where permissible by law, we may require payment of a non-excessive fee to defray our expenses in this regard. Please allow us a reasonable time to respond to your inquiries and requests.
- If you are an Enterprise User, please note that you must contact your Employer for more information about your rights with respect to Enterprise User Information.
Do Not Track
OpenFin does not monitor, recognize or honor any opt-out or do not track mechanisms including general web browser, “Do Not Track” settings and/or signals.
Shine the Light Disclosure.
- The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes.
Changes to the Policy