Last updated: November 27, 2019
Welcome, and thank you for your interest in Preefi and/or Bita. (“Preefi,” “we,” or “us”) and our web site at www.preefi.com (the “Site”), as well as all related web sites, networks, embeddable widgets, downloadable software, mobile applications (including tablet applications), and other services provided by us and on or through which a link to this Privacy Policy (this “Policy”) is displayed (collectively, together with the Site, our “Service”).
This Policy describes how Preefi may collect, use, process, disclose, and safeguard information we obtain through the Service and in connection with our customer, partner and vendor relationships. It also tells you about your rights and choices with respect to your information, and how you can contact us if you have any questions or concerns.
In addition to the activities described in this Policy, we may process Personal Information provided by our customers that we process as a data processor on behalf and on the instructions of these customers, which are the entities responsible for the data processing. To understand how a customer processes your Personal Information, please refer to that customer’s privacy policy.
This Policy is incorporated into and is subject to the Preefi Terms of Service. Capitalized terms used but not defined in this Policy have the meaning given to them in the Preefi Terms of Service.
We Collect For the purpose of this Privacy Policy, “Personal Information” means any information relating to an identified or identifiable individual. We obtain Personal Information relating to you from various sources described below. Where applicable, we indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so. If you do not provide Personal Information when requested, you may not be able to benefit from our Service if that information is necessary to provide you with the service or if we are legally required to collect it.
Account Registration. If you register to use the Service, then you must provide us with your name, company name, email address and a password in order to create an account and user profile. You may also optionally add your job title, company name and company address.
User Content. We will collect any information you post through the Service. For example, when you interact with other users by sending them messages, the Service will process the information you provide in such submissions, to the extent permitted under applicable law.
Purchases. If you make a purchase on the Service, we will ask you to provide your payment information, such as your credit card number, so our service providers can process your payments. Communications. We will collect any information which you provide to us through your communications e.g., when you communicate with our customer support team.
Personal Information Collected via Automated Means
In addition to information that you provide to us, we may collect information about you and your use of the Service via automated means, such as cookies, web beacons and similar technologies:
Cookies and Similar Technologies. When you use the Service, we may send one or more cookies – small text files containing a string of alphanumeric characters – to your device. We may use both session cookies and persistent cookies to automatically collect certain information. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Service. When you use the Service, we may also automatically collect certain information from your device by using similar technologies, including “clear gifs” or “web beacons.” Please review your web browser “Help” file to learn the proper way to modify your settings with regard to such automated data collection. Please note that if you delete, or choose not to accept, such technologies from the Service, you may not be able to utilize the features of the Service to their fullest potential.
The automatically collected information may include your IP address or other device address or ID, web browser and/or device type, the web pages or sites that you visit just before or just after you use the Service, the pages or other content you view or otherwise interact with on the Service, and the dates and times that you visit, access, or use the Service.
We also may use these technologies to collect information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message. This information is gathered from all users. We use this information to assess how many users access or use our Service, which content, products, and features of our Service most interest our visitors, what types of offers our customers like to see, and how our service performs from a technical point of view.
Google Analytics. We work with Google Analytics, which uses cookies and similar technologies to collect and analyze information about use of the website and report on activities and trends. You can learn about Google’s practices by going to https://www.google.com/policies/privacy/partners/, and opt out of them by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.
Third Party Web Beacons and Third Party Buttons. We may also implement third-party content or advertising on the Service that may use clear gifs or other forms of web beacons, which allow the third-party content provider to read and write cookies to your browser in connection with your viewing of the third party content on the Service. Additionally, we may implement third party buttons (such as Facebook “like” or “share” buttons) that may allow third parties to collect information about you through such third parties’ browser cookies, even when you do not interact with the button. Information collected through web beacons and buttons is collected directly by these third parties, and Preefi does not participate in that data transmission. Information collected by a third party in this manner is subject to that third party’s own data collection, use, and disclosure policies.
Personal Information Obtained from Third Parties Integrated Services.
You may be given the option to access or register for the Service through the use of your user name and passwords for certain services provided by third parties (each, an “Integrated Service”), such as through the use of your Facebook credentials (through Facebook Connect), or otherwise have the option to authorize an Integrated Service to provide Personal Information or other information to us. We collect your Personal Information from such Integrated Service when you use your credentials for
an Integrated Service to log into the Service. For example, when you log in with your Facebook credentials, we collect the information you have authorized Facebook to share with us, such as your name, email address, gender, date of birth, current city and profile picture. We may also obtain other nonpublic information with your permission. You should check your privacy settings on each Integrated Service to understand and change the information sent to us through each Integrated Service. Please review each Integrated Service’s terms of use and privacy policies carefully before using their services and connecting to our Service.
We may use Personal Information we collect for the following purposes:
Internal and Service-Related Usage. We use your Personal Information to operate, maintain, enhance and provide all features of the Service, to provide services and information that you request, to respond to comments and questions and otherwise to provide support to users.
Analytics and Improving the Service. We use your Personal Information to understand and analyze the usage trends and preferences of our users, to improve the Service, and to develop new products, services, feature, and functionality.
Communications. We may use your email address or other Personal Information (i) to contact you for administrative purposes such as customer service, to address intellectual property infringement, privacy violations or defamation issues related to your User Content posted on the Service or (ii) to send communications, including updates on promotions, relating to products and services offered by us2 and by third parties we work with. Generally, you have the ability to opt-out of receiving any promotional communications as described below under “Your Choices.”
Tailored Content. We may use your Personal Information to: (i) personalize our services, such as remembering your information so that you will not have to re-enter it during your visit or the next time you visit the Service; (ii) provide customized advertisements, content, and information.
Advertising. We and our advertising partners may use your Personal Information, including your activities on the Service, to facilitate the delivery of advertisements.
Aggregate Data. We may de-identify and aggregate information to monitor and analyze the effectiveness of Service and third-party marketing activities and to monitor aggregate site usage metrics such as total number of visitors and pages viewed.
Partners and Vendors. We use Personal Information collected from our business partners and vendors to manage those relationships.
Job Applications. If you apply for a job at Preefi, we may process your Personal Information to evaluate your application.
Legal. We may use your Personal Information to enforce our End User License Agreement and Terms of Service, to defend our legal rights, to comply with our legal obligations and internal policies.
Other Purposes. We also may use your Personal Information as may be described in a notice to you at the time the information is collected, or in any other manner to which you consent.
If you are located in the European Economic Area, we only process your Personal Information based on a valid legal ground, including when:
You have consented to the use of your Personal Information;
We need your Personal Information to provide you with the Services, including for account registration and to respond to your inquiries;
We have a legal obligation to use your Personal Information;
We or a third party, have a legitimate interest in using your Personal Information. In particular, we have a legitimate interest in using your Personal Information to conduct business analytics, and otherwise improve the safety, security, and performance of our Services. We only rely on our or a third party’s legitimate interests to process your Personal Information when these interests are not overridden by your rights and interests.
Except as described in this Policy or otherwise disclosed to you at the time of the collection, we will not disclose your Personal Information to third parties without your consent. We may disclose information to third parties in the following circumstances:
Preefi affiliates and subsidiaries. We may disclose Personal Information about you with our affiliates and subsidiaries.
Other users. Any Personal Information that you voluntarily choose to include on or through the Service, including information in a publicly accessible area of the Service (such as a public profile page) or information you share with or allow to be shared with other users, will be available to anyone who has access to that content, including other users.
Vendors and Service Providers. We work with third party service providers to provide website or application development, hosting, maintenance, and other services for us. These third parties may have access to or process your Personal Information as part of providing those services for us. We limit the information provided to these service providers to that which is necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such information.
Advertising Partners. We may share your Personal Information with our third party advertising partners to provide ads that we think may interest you. For more information about our advertising and marketing practices and those of the third party advertising partners, please see the Personal Information Collected by Automated Means section above.
Other Third Parties. We may also share Personal Information about you with other third parties in the following circumstances:
In Aggregated Form. We may make certain automatically-collected, aggregated, or otherwise deidentified information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, promotions, and/or functionality available through the Service.
To Comply with Legal Obligations. We may disclose your information if required to do so by law or in the good-faith belief that such action is necessary to comply with state and federal laws (such as U.S. copyright law), in response to a court order, judicial or other government
subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.
To Protect and Enforce Our Rights. We also reserve the right to disclose your information that we believe, in good faith, is appropriate or necessary to (i) take precautions against liability,
(ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend ourselves against any third-party claims or allegations, (iv) protect the security or integrity of the Service and any facilities or equipment used to make the Service available, or (v) -5- protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights, property, or safety of others.
In case of Merger, Sale, or Other Asset Transfer. Information about our users, including Personal Information, may be disclosed and otherwise transferred to an acquirer, or successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
With Your Consent. We also may disclose your Personal Information as may be described in a notice to you at the time the information is collected, or in any other manner to which you consent.
You may, of course, decline to share certain Personal Information with us, in which case we may not be able to provide to you some of the features and functionality of the Service. You may update, correct, or delete your profile information and preferences at any time by accessing your account settings page on the Service. If you wish to access or amend any other Personal Information we hold about you, or to request that we delete any information about you that we have obtained from an Integrated Service, you may contact us at support@preefi.com. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so, to the extent permitted under applicable law.
Opt-Out. If you receive commercial email from us, you may unsubscribe at any time by following the instructions contained within the email. You may also opt-out from receiving commercial email from us, and any other promotional communications that we may send to you from time to time, by sending your request to us by email at privacy@preefi.com or by writing to us at the address given at the end of this policy. We may allow you to view and modify settings relating to the nature and frequency of promotional communications that you receive from us in user account functionality on the Service.
Please be aware that if you opt-out of receiving commercial email from us or otherwise modify the nature or frequency of promotional communications you receive from us, it may take up to ten business days for us to process your request, and you may receive promotional communications from us that you have opted-out from during that period, unless we are required by applicable law to process your request within a shorter period of time. Additionally, even after you opt-out from receiving commercial messages from us, you will continue to receive administrative messages from us regarding the Service.
Privacy Settings. Although we may allow you to adjust your privacy settings to limit access to certain Personal Information, please be aware that no security measures are perfect or impenetrable. To the
fullest extent permitted under applicable law, we are not responsible for circumvention of any privacy settings or security measures on the Service. Additionally, we cannot control the actions of other users with whom you may choose to share your information. Further, even after information posted on the Service is removed, caching and archiving services may have saved that information, and other users or third parties may have copied or stored the information available on the Service. To the fullest extent permitted under applicable law, we cannot and do not guarantee that information you post on or transmit to the Service will not be viewed by unauthorized persons.
Do Not Track. Some web browsers incorporate a “Do Not Track” feature. Because there is not yet an accepted standard for how to respond to Do Not Track signals, our website does not currently respond to such signals.
Other Rights. If you are located in the European Economic Area, you may have the following additional rights:
Request access to and receive information about the Personal Information we maintain about you, to update and correct inaccuracies in your Personal Information, to restrict or to object to the processing of your Personal Information, to have the information anonymized or deleted, as appropriate, or to exercise your right to data portability to easily transfer your Personal Information to another company. In addition, you may also have the right to lodge a complaint with a supervisory authority, including in your country of residence, place of work or where an incident took place.
Withdraw any consent you previously provided to us regarding the processing of your Personal Information, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before your consent withdrawal.
Those rights may be limited in some circumstances by local law requirements. You may exercise these rights by using the How to Contact Us below.
This Privacy Policy applies only to the processing of your Personal Information by Preefi. The Service may contain features or links to Web sites and services provided by third parties. The policies and procedures described in this Privacy Policy do not apply to Third Party Sites. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through the Service. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through the Service. We encourage you to learn about third parties’ privacy and security policies before providing them with information.
Protecting the privacy of young children is especially important. Our Service is not directed to children under the age of 16, and we do not knowingly collect Personal Information from children under the age of 16 without obtaining parental consent. If you are under 16 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Information has been collected on the Service from persons under 16 years of age and without verifiable parental consent,
then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 16 years of age has obtained an account on the Service, then you may alert us at privacy@preefi.com and request that we delete that child’s Personal Information from our systems.
We use certain physical, managerial, and technical safeguards that are designed to appropriately protect Personal Information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Information in our possession. we cannot, however, ensure or warrant the security of any information you transmit to us or store on the service, and you do so at your own risk. we also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. The foregoing is subject to requirements under applicable law to ensure or warrant information security.
We take measures to delete your Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period. When determining the retention period, we take into account various criteria, such as the type of products and services requested by or provided to you, the nature and length of our relationship with you, possible re- enrolment with our products or services, the impact on the services we provide to you if we delete some information from or about you, mandatory retention periods provided by law and the statute of limitations.
The Service is hosted in the United States and is intended for visitors located within the United States. If you choose to use the Service from the European Union or other regions of the world with laws governing data collection and use that may differ from U.S. law, then please note that you are transferring your Personal Information outside of those regions to the United States for storage and processing. Also, we may transfer your data from the U.S. to other countries or regions in connection with storage and processing of data, fulfilling your requests, and operating the Service. By providing any information, including Personal Information, on or to the Service, you consent to such transfer, storage, and processing.
When we transfer Personal Information outside of the European Economic Area, we will comply with applicable EU data protection laws. We may transfer your Personal Information to countries which provide an adequate level of protection under EU law, we may use contractual protections for the
transfer of Personal Information, or rely on a certification to the Privacy Shield framework. You may contact us as specified below to obtain a copy of the safeguards we use to transfer Personal Information outside of the European Economic Area (“EEA”).
How We Obtain Personal Information. We obtain and process Personal Information in different capacities. As a data controller, we collect and process Personal Information from the EEA directly from individuals as set forth in this Policy. In addition, we may process Personal Information provided by our customers that we process as a data processor on behalf and on the instructions of these customers, which are the entities responsible for the data processing. Accordingly, those customers are responsible for providing notice to individuals and you should review their privacy policies for more information regarding their data processing practices. For all types of data collection and processing, we commit to the Principles with respect to all Personal Information received from the EEA in reliance on the Framework.
Data Integrity and Purpose Limitation. We may use the Personal Information we receive from the EEA for the purposes set forth in this Policy or as you may otherwise be notified. We take reasonable steps to ensure that the Personal Information we process is relevant and reliable for its intended use, accurate, complete, and current to the extent necessary for the purposes for which we use the Personal Information. We will not process Personal Information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by you. We will adhere to the Principles for as long as we retain the Personal Information collected under the Frameworks.
Onward Transfer. Our accountability for Personal Information we receive under the Framework and subsequently transfer to a third party is described in the Principles. In particular, we may use third parties to process Personal Information on our behalf as described in this Policy, and we remain liable if they do so in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the damage. We may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Access. You have the right to access the Personal Information that we maintain about you and to correct, amend or delete that information when it is inaccurate or has been processed in violation of the Principles, by sending a written request using the contact details provided in Section 12 “Our Contact Information” below. We will review your request in accordance with the Principles, and may limit or deny access to Personal Information where providing such access is unreasonably burdensome or expensive under the circumstances, where it would violate the rights of someone other than the individual requesting access or as otherwise permitted by the Principles. We may request specific information from you to confirm your identity. In some circumstances we may charge a reasonable fee for access to your information.
Data Security. We use reasonable and appropriate measures to protect your Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into due account the risks involved in the processing and the nature of the Personal Information.
When we process Personal Information as a data processor on behalf of our customers, our customers control the type of information we obtain, how that information is used and disclosed, and how it can be modified. Accordingly, if you wish to request access, limit use or disclosure of your Personal Information, please contact the customer(s) that submitted your data to us. If you provide us with the name(s) of the customer(s), we will refer your request to those customer(s), and will support them as needed in responding to your request.
Please revisit this page periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through the Service, and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of the change. For example, we may send a message to your email address, if we have one on file, or generate a pop-up or similar notification when you access the Service for the first time after such material changes are made. Your continued use of the Service after the revised Policy has become effective indicates that you have read, understood and agreed to the current version of the Policy.
Preefi is the entity responsible for the processing of your Personal Information as described in this Policy. If you have any questions or comments about this Policy, your Personal Information, our use and disclosure practices, your consent choices, or if would like to exercise your rights, please contact us by email at privacy@preefi.com.