European Economic Area Privacy Policy

This Privacy Policy applies to Appfire’s processing of personal data in the context of our offering of products and services or monitoring the behavior of individuals in the European Economic Area (“EEA”). It describes how and why Appfire, collects and processes personal data that we collect from or that is provided to us by you, our customers, and/or prospective customers when using our software or hosted services (collectively the “Services”), communicating with us, and using our websites. “Appfire”, “we”, “us”, or “our” means Appfire Technologies, Inc., a United States corporation, including its Bob Swift and Wittified brands.

For the uses of personal data of individuals outside of the EEA, please see our general Privacy Statement. When Appfire’s Services are provided under a contract with a customer, the customer controls the information processed by the Services and our processing is performed only at the customer’s direction. That processing is governed by the contract with our customer, not this Privacy Policy. If your personal data is processed by our customer using an Appfire Service, please direct your data privacy question to that entity.

A. HOW WE COLLECT AND USE PERSONAL DATA

1. Information You Provide to Us

If you communicate with us, register an account for an Appfire Service (directly with Appfire or through the Atlassian marketplace), sign up to receive materials from us, attend an Appfire event, or participate in an Appfire online community, you may provide us with Business Contact Information such as your name, employer, postal address, telephone number, and email address. Another person or entity, such as your employer, may also provide us with your contact information so that we can communicate with you as part of providing our Services or about the possibility of providing Services. We use this information to create and maintain your account for the Services, bill and receive payment for the Services, provide you with information about existing and new products and services, and to facilitate your participation at our events and online communities. We do not sell personal data to anyone and only share it with third parties who facilitate the delivery of our Services or to communicate about our Services. Therefore, our use of these data is for the fulfillment of a contract or to fulfill a compelling legitimate interest of Appfire as provided for under Article 6 of the European Union General Data Privacy Regulation (“GDPR”). For certain communications about new Appfire products and services, we may rely on your consent as the lawful basis for processing personal data.

2. Information We Collect Automatically

As is the case with most websites, Appfire’s websites collect certain information automatically and stores the information in log files. The information may include internet protocol (“IP”) addresses, the region or general location where your computer or devices is accessing the internet, browser type, operating system and other information about the use of our website. We may use this information to help design our websites to better suit our users’ needs.We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences. The lawful basis for processing these data is that Appfire has a legitimate interest in understanding how customers and potential customers use our website. These data may also assist in identifying and responding to data security incidents.

We may use cookies on our websites, which are small text files that are stored on your computer or equipment when you visit certain online pages that record your preferences (“Cookies”). We use Cookies to track your use of our websites and their features. We may also use Cookies to monitor traffic, improve the websites and make them easier and/or more relevant for your use. You may occasionally get Cookies from companies with links on our website. We do not control these Cookies, and these Cookies are not subject to our Privacy Policy. You have the ability to accept or decline Cookies. Most web browsers automatically accept Cookies, but, if you prefer, you can usually modify your browser setting to decline Cookies. For more information on Cookies and how to disable them, you can consult the information provided by the Interactive Advertising Bureau at www.allaboutcookies.org.

Our websites may also use Google Analytics, a web analysis service of Google Inc. Google Analytics uses cookies to make it possible to analyze your use of a website. The information regarding website use (including IP addresses) generated by the cookies are transferred to a Google server in the United States and stored there. Google will use this information to analyze your use of the website, compile reports regarding website activities for the website operator and provide further services associates with the use of the website and the Internet. Google may also transfer this information to third parties where required to do so bylaw, or where such third parties process the information on Google’s behalf.

B. CHILDREN'S PRIVACY

Our Services are not directed to or intended for use by children. Consistent with the requirements of the US Children’s Online Privacy Protection Act, the GDPR, and all other applicable laws and regulations, if we learn that we have received information directly from a child under age 16 without his or her parent’s or legal guardian’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use our Services. Subsequently, we will delete such information.

C. HOW WE SHARE PERSONAL DATA

The personal data we collect is stored in one or more databases hosted by third parties. These third parties do not use or have access to this personal data for any purpose other than cloud storage and retrieval. Occasionally, Appfire engages a third party to perform bulk emailing services, and the third party’s use of personal information is restricted to the provision of that service. A list of third party service providers used by Appfire is listed at http://appfire.com/gdpr/third-party-processors.

If we determine it to be necessary, we may also disclose your personal data to a third party: (i) to respond to an emergency or act of God; (ii) to comply with a legal requirement such as a court order, search warrant, or subpoena; (iii) to protect the legitimate rights, privacy, property, interest or safety of Appfire, our personnel, customers, business partners or the general public; (iv) to address disputes, claims or to persons demonstrating legal authority to act on your behalf; (v) in relation to a change in ownership or control of Appfire such as a merger, sale, acquisition, or insolvency; or (vi) to prevent, detect actual or potential fraud or other illegal activities.

D. LINKS TO OTHER WEBSITES

Our websites may contain links to third party websites that we do not operate or control. If you provide your personal data to that third party through its website, it will be subject to the third party’s privacy practices and policies, not Appfire’s Privacy Policy. A link or reference to a third-party website does not meant that we endorse that third party or the quality or accuracy of the information presented on its website or services. We encourage you to carefully review the privacy policy of any third-party websites.

E. INTERNATIONAL TRANSFER OF YOUR PERSONAL DATA

Appfire is a global company and our Services are used by companies around the world. Information we collect from you may be processed or stored in United States where no adequacy decision of the European Commission exists under GDPR Art. 45. Appfire relies on derogations for specific situations as set forth in GDPR Art. 49 when we undertake transfers of personal data from the EEA to countries without European Commission adequacy findings, specifically: (i) based on your consent; (ii) to perform a contract with you; (iii) or to fulfill a compelling legitimate interest of Appfire in a manner that does not outweigh your rights or freedoms. For vendors outside of the EEA, whenever feasible, we either use a vendor subject to a jurisdiction for which an adequacy decision of the European Commission exists (including the EU-US Privacy Shield where the recipient is a participant), or there are adequate safeguards such as the Standard Contract Clauses or Binding Corporate Rules.

F. YOUR RIGHTS

Under the GDPR, residents of the EEA have important rights regarding access to and control of your personal data, including:

  • Right of Access: You have the right to ascertain what type of personal data Appfire holds about you and to a copy of this personal data.
  • Right to Complain: You have the right to file a complaint regarding the processing of your personal data to the Supervisory Authority of your Member State.
  • Right of Erasure: In certain circumstances you may request that we delete the personal data that we hold about you.
  • Right to Object: When we rely on our legitimate interests to process personal data, you have a right to object to this use. We will stop processing your personal information unless we can demonstrate an overriding legitimate interest in continued processing.
  • Right to Portability: You may request that we provide you with certain personal data which you have given us in a structured, commonly used and machine-readable format and you may request that we transmit your personal data directly to another data controller where this is technically feasible.
  • Right to Rectification: You have the right to have any inaccurate personal data which we hold about you updated or corrected.
  • Right to Restriction: You have the right to request that we stop using your personal data in certain circumstances including if you believe that the personal data we hold about you is inaccurate or that our use of your personal data is unlawful. If you validly exercise this right, we will store your personal data and will not carry out any other processing until the issue is resolved.

Please bear in mind that your rights in relation to your personal data are not absolute and that we must be cognizant of our legal obligations. If you choose to exercise some of your rights, we may not be able to perform the actions necessary to provide the Services or otherwise achieve the purposes set forth above.

You can exercise these rights by contacting us using the information in the Contact Us section below. We may request that you provide proof of your identity for security reasons and in order to prevent the unauthorized disclosure or misuse of personal data. We will only charge you for requests to access your personal data where they are unreasonable, unfounded or excessive. If we are unable to honor your request, or before we charge a fee, we will let you know why.

G. RETENTION OF PERSONAL DATA

We will keep your personal data for the time necessary to fulfill the purposes for which it was collected, including any legal, accounting or reporting requirements. To determine the appropriate retention period, we consider the categories, amount, nature and sensitivity of personal data, the potential risk of harm from unauthorized use of disclosure of the personal data, the purposes for which we process the personal data, if we can achieve the purposes through other means, and the applicable legal requirements.

H. SECURITY OF PERSONAL DATA

Appfire will maintain appropriate security measures to minimize the risk that personal data will be lost, used without authorization, or accessed without authorization. We limit access to your personal information to those who have a legitimate business need to use it. Those who process your information will do so only in an authorized manner and are subject to a duty of confidentiality. We have implemented procedures to deal with suspected security incidents involving personal data and will notify the applicable regulator(s) and you of such incidents as required by applicable law.

I. CHANGES TO THE PRIVACY POLICY

This Privacy Policy became effective on May 25, 2018 and was last updated.

We may amend this Privacy Policy on occasion, at our sole discretion. Any change will be effective immediately. You should check this page from time to time to note any changes we make, as they will be binding on you. We will notify you of changes to this Privacy Policy by updating the version date. We may also notify you of changes in other ways, including by email.

J. CONTACT US, MANAGE YOUR PERSONAL DATA

You may contact Appfire if you have questions about this Privacy Policy, do not see your concerns addressed here, or wish to make changes to any personal information we have collected. You may also opt-out of receiving future email and postal mail marketing and other messages and newsletters from us, request that your personal data be deleted or corrected, or otherwise exercise your rights under the GDPR by contacting us here, or at Privacy Group, Appfire Technologies, Inc., 1500 District Avenue, Burlington,MA 01803, U.S.A.

Individuals in the EEA also have the right to file a complaint with the Supervisory Authority of their Member State.

Last updated: May 1, 2018