Last updated: August, 2017
In the course of operating the Site, the Platform and/or interacting with you, Validately will collect (and/or receive) the following types of information. You authorize us to collect and/or receive such information and assume contractual responsibility for obtaining all consents as required under applicable laws and regulations.
1. Contact Information
When you sign up to use the Platform as a Customer or a Tester, you will be asked to provide us with certain information, such as your name, email address, and PayPal email address (for Testers) (collectively, the “Contact Information”). We will use your Contact Information to respond to contact you about changes to the Platform, respond to your requests and inquiries, send you notices (for example, in the form of e-mails, mailings, and the like) regarding products or services you are receiving, and for purposes of direct marketing.
2. Tester Information
If you sign-up as a Tester, we will also collect your personal information, including audio recordings of your voice and images of your face (collectively, “Tester Information”). We will use the Tester Information to provide our Platform to you and our Customers.
3. Billing Information
If you would like to purchase a paid Subscription to the Platform, you will be asked to provide us with your credit card, billing address, and other payment related information (“Billing Information”). Billing Information is collected and processed by our third-party payment processor operating as our agent (see, Onward Transfers to Third Parties). Validately does not directly obtain or process any Billing Information.
4. Other Information
In addition to the Contact Information, and the Tester Information, we may collect or receive the following information:
For Intercom, please visit: https://www.intercom.com/privacy
For Salesforce, please visit: https://www.salesforce.com/company/privacy/
For Mailchimp, please visit: https://mailchimp.com/legal/privacy/
For Sendgrid, please visit: https://sendgrid.com/policies/privacy/
Aggregate Data: In an ongoing effort to better understand our users, we might analyze your information in aggregate form to operate, maintain, manage, and improve the Site and the Platform. This aggregate information will not identify you personally. We may share this aggregate data with our affiliates, agents, and business partners. We may also disclose aggregated user statistics in order to describe our Platform and the Site to current and prospective business partners and to other third parties for other lawful purposes.
If you are a Tester, we may share your personal information, in de-identifiable form (e.g., without your name), with the Customer who has recruited you to run the Test(s).
With regard to the principle of Accountability for Onward Transfer, for example, we remain liable if our agent processes such personal information in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.
We will not transfer your personal information to a third party acting as a controller without first providing you with information regarding the identity of such controller or the nature of such controller’s business, and obtaining your opt-in consent.
We will not disclose your sensitive personal information to any third party without first obtaining your opt-in consent. You may grant such consent by contacting us at firstname.lastname@example.org. In each instance, please allow us a reasonable time to process your response.
Disclosure to Public Authorities. We are required to disclose personal information in response to lawful requests by public authorities, including for the purpose of meeting national security or law enforcement requirements. We may also disclose personal information to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
We take commercially reasonable steps to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, taking into account the risks involved in processing and the nature of such data, and compliance with applicable laws and regulations. Please understand, however, that no security system is impenetrable. We cannot guarantee the security of our databases, nor can we guarantee that the information you supply will not be intercepted while being transmitted to and from us over the Internet. In particular, e-mail sent to or from us may not be secure, and you should therefore take special care in deciding what information you send to us via e-mail.
Without limiting the generality of the foregoing, we keep your communications secure using industry-standard HTTPS, with 256-bit encryption on every request. This means that every request passes from your computer to our servers without any third party tampering. Aside from information that you explicitly choose to send out, your data can only be accessed using the secure login and password you use to sign up. We use many industry-standard best practices to prevent hacking, like irreversible passwords, prepared statements to avoid SQL injection, and filtered output and CSRF tokens to avoid cross-site style attacks. Users (and any teammates you invite) must authenticate with a secure login and password in order to view your sensitive data, and users can only view data for the products in which they've been explicitly granted access by the account owner.
Validately takes security and security researchers very seriously. If you have any security concerns or believe that you've detected a security vulnerability, please contact us immediately at email@example.com and we will respond within 24 hours.
Our security team makes the following commitments:
Investigation of Validately's security must follow these guidelines:
You may opt out at any time from the use of your personal information for direct marketing purposes by emailing us at firstname.lastname@example.org. Please allow us a reasonable time to process your request.
You may also choose to unsubscribe from our emails by following the instructions in the bottom of the email.
The Site and the Platform are operated in the United States. If you are located outside of the United States, please be aware that any information you provide to us, including personal information, will be transferred to the United States from your country of origin. Except in the case of data transfers under the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield Framework, your decision to provide such data to us, or allow us to collect such data through our Site and/or the Platform, constitutes your consent to this data transfer.
Validately is subject to the investigatory and enforcement powers of the Federal Trade Commission.
Validately has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to BBB PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Validately, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. If these processes do not result in a resolution, you may also contact your local data protection authority, the U.S. Department of Commerce, and/or the Federal Trade Commission for assistance. If your complaint still remains unresolved, then you have the right to invoke binding arbitration by the Privacy Shield Panel upon written notice to Validately at email@example.com.
B601 V2, Inc.
315 Fifth Avenue
New York, NY 10036
In addition, Validately does not monitor, recognize, or honor any opt-out or do not track mechanisms, including general web browser “Do Not Track” settings and/or signals.