Appfire Privacy Policy

Appfire Privacy Policy

Appfire Technologies, LLC and its Affiliates (“Appfire,” “we,” “us” or “our”) is committed to protecting your privacy. This Privacy Policy applies to information gathered through this website, as well as any other websites maintained by Appfire or its Affiliates, and any of our mobile applications (individually, a "Site," collectively, the "Sites"). This Privacy Policy also applies to our software applications, which we may offer directly or through any online marketplace operated by third parties (each a “Marketplace Partner”) and, unless otherwise set forth in Annex 1, a Sites’ or Services’ product documentation.

This Privacy Policy describes how we use Personal Information, how we secure that data, our data retention policies, information about your rights and choices, and how you can contact Appfire regarding our privacy practices.

This Privacy Policy constitutes also a commitment of Appfire Technologies, LLC, and its U.S. Affiliates (please, see the full list in the Annex 3 hereto), with regard to the adherence to the rules of the EU-U.S. Data Privacy Framework Principles, the UK Extension to the EU-U.S. Data Privacy Framework Principles and the Swiss - U.S. Data Privacy Framework Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, as well as Access, Recourse, Enforcement and Liability (collectively, the “Principles”). The aforementioned Principles have been reflected in this Privacy Policy, which is a global Policy for Appfire.

Please, see the section “DATA PRIVACY FRAMEWORK” to find more information on our participation in the EU-U.S. Data Privacy Framework, including our adherence to the Swiss-U.S. Data Privacy Framework Principles and the UK Extension to the EU-U.S. Data Privacy Framework.

Please read this Privacy Policy carefully to understand our policies and practices regarding our treatment of your information. If you do not agree with the terms or our practices as described in this Privacy Policy, do not access or use our Sites, Services, or any other aspect of Appfire’s business.

This Privacy Policy may change from time to time (see “Updates to This Privacy Policy”). Your continued use of our Sites and Services after we make changes is deemed to be acceptance of those changes, so please check the Privacy Policy periodically for updates.

1. DATA PRIVACY FRAMEWORK
2. OVERVIEW
3. INFORMATION WE COLLECT AND RECEIVE
4. HOW AND WHY WE USE YOUR INFORMATION
5. HOW WE SHARE AND DISCLOSE PERSONAL INFORMATION
6. DATA SECURITY
7. RETENTION OF PERSONAL INFORMATION
8. CAPACITY / CHILDREN
9. FINANCIAL INFORMATION
10. EMAIL MARKETING
11. YOUR PERSONAL INFORMATION CHOICES
12. WITHDRAWAL OF YOUR CONSENT
13. RESPONSE TIMING AND FORMAT
14. COOKIES NOTICE
15. YOUR CALIFORNIA PRIVACY RIGHTS
16. RESIDENTS OF THE EUROPEAN ECONOMIC AREA THE UNITED KINGDOM AND SWITZERLAND - additional information
17. LINKS TO OTHER SITES
18. UPDATES TO THIS PRIVACY POLICY
19. HOW TO CONTACT US
20. DATA PRIVACY FRAMEWORK - ADDITIONAL INFORMATION

Appfire is a global organization, with its headquarters in the U.S. Depending on which Appfire Affiliate is a party to the EULA, or owner of the Site, the controller of your personal data may be either one of our EU Affiliates (please, see Annex 2 hereto), or other Affiliate, including our Affiliates located in the U.S. (for example, Appfire Technologies, LLC). Moreover, in order to provide you with our Services and as set forth in this Privacy Policy, we may also share your data between our Affiliates, including those located in the U.S. Therefore, in order to protect personal data that our U.S. entities may receive from the EU/EEA while rendering the Services - as well as to protect data that it may receive from the UK and Switzerland, Appfire complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce.

Appfire Technologies, LLC,  together with its U.S. Affiliates listed in the Annex 3 hereto, have certified to the U.S. Department of Commerce that they adhere to the EU-U.S. DPF Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.

Appfire Technologies, LLC, together with its U.S. Affiliates listed in the Annex 3 hereto, have certified to the U.S. Department of Commerce that they adhere to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.

If there is any conflict between the terms in this Privacy Policy and the Principles, the Principles shall govern.

To learn more about the Data Privacy Framework (“DPF”) program, please visit the Data Privacy Framework website. In order to view our certification, please visit the Data Privacy Framework List.

The term, “Partner(s)” means an independent third party with whom we do business, which may include Marketplace Partners, hosting providers, developers, or any other entity that we do business with or that serves on our behalf as our processor.

The term “Affiliate(s)” means any entity that we directly or indirectly control, or are controlled by, or are under common control with Appfire.

When we use the term, “Personal Information” or “personal data”, we mean information that directly or indirectly identifies, describes, relates to or is reasonably capable of being associated with or can reasonably link to a particular individual, consumer or household, including, in particular, data about an identified or identifiable individual that are within the scope of the (i) Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”), (ii) the Swiss Federal Data Protection Act of 19 June 1992 and its Ordinance (“Swiss DPA”) or (iii) the UK Data Protection Act of 2018 and any applicable national legislation that replaces or converts to domestic law of the UK, the GDPR, or any other law related to data privacy as a consequence of the UK leaving the EU (“UK GDPR”).

“Processing”,  “Processing of personal data” or “Processing of Personal Information” shall mean any operation or set of operations which is performed upon personal data, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.

“Controller” shall mean a person or organization which, alone or jointly with others, determines the purposes and means of the processing of personal data.

When we use the term “Services”, we mean:

• The provision of our commercially available software products made available for download by or on behalf of Appfire and/or Partners, whether licensed for a fee or made available at no charge as specified in an Order (“Software”); (b) any software functionality provided by us for access or use in a hosted or cloud-based environment made available by us or on our behalf as specified in an Order (“Cloud Services”); and (c) any support and maintenance services provided by us relating to the Software or Cloud Services. Software and Cloud Services, together with related Documentation, are referred to herein as “Products”.
• the information provided through the Sites;
• our marketing and business development activities, including any social media properties we create, and emails that we send (“Marketing Activities”), and
• all other online services, publications, and call centers owned or controlled by us.

Appfire may receive Personal Information about you through various means necessary to provide our Services. Depending on the context, “You” may be:

• A visitor to the Sites,

• A user who has access to Appfire’s products or Services (“Customer”) or a partner, member, employee, temporary employee, or independent contractor of a Customer who has been added to the account as a user with access credentials to the Services (“Administrator”), or

• An individual who is legally authorized to access and use the Products under a user license, and any Secondary Users that you permit to use the Products, subject to Appfire’s EULA (“Authorized User”), or

• Customer’s or partner’s representative and/or a contact person, whose data we process for purposes related to the conclusion and performance of the contractual relationship with the Customer/ Partner, based on the EULA, as well as

• an individual whose personal data is processed through the use of our products or Services by our Customers or other entities who are using our products and Services based on the EULA. In such a case, we are bound by the provisions of the Data Processing Addendum which we conclude as an integral part of the EULA.

We collect the following categories of information, which may be considered Personal Information when maintained in an identifiable format:

• Account registration information:  When you register or purchase Products or Services, we may collect your and/or your Administrator's full name, email address, phone numbers, and account log-in credentials, if applicable.

• Content and information that you submit through the Sites: Information submitted through the Sites may include, for example, the information you provide when you participate in any interactive features, research studies, or surveys, and any information you submit when filing a customer support ticket or as part of any other form submissions on the Sites.

• Content and information voluntarily provided through the Services: We collect any information you provide to us voluntarily via the Services. Annex 1 outlines the categories of Personal Information in greater detail that we may collect and that may be submitted through the Sites and/or Services.

• Technical product usage data, logs, metrics, metadata, and device information: We automatically generate and retain records of how users interact with our Sites and Services. This may include information such as your Internet Protocol (“IP”) address, device identifiers, device information (such as OS type or browser type), cookie IDs, referring / exit pages and URLs, interaction information (such as clickstream data), domain names, pages viewed, crash data, and other similar technical data. We may use technologies such as cookies and/or scripts to collect this information. Please see COOKIES NOTICE for further information.

• Location information: We may use the IP address received from your browser or mobile device to determine your approximate physical location, such as city and country.

• Mobile Phone Numbers: By providing a mobile telephone number to us, you expressly consent to, and authorize us or a third party on our behalf to deliver autodialed or prerecorded telemarketing calls and/or text messages to the number you provide. You are not required to consent to these calls as a condition to purchasing any Products, but withholding your consent may prevent us from providing certain services to you. This consent encompasses all future autodialed or prerecorded telemarketing calls and text messages from us or a third party placing these calls on our behalf. You may revoke consent to receive text messages at any time by contacting us.  See HOW TO CONTACT US below. We may also collect certain location information such as your mobile device’s GPS signal, or information about nearby WiFi access points and mobile towers.

• Information collected from third party or public sources: Appfire may receive information from third-party sources, such as business partners, Marketplace Partners, Affiliates, marketing service providers, third-party data aggregators, or publicly available sources, that we use to make our own information better or more useful. We may collect an Authorized User's name, email address, and phone number.   

• Direct marketing. We may send out marketing communications (such as a newsletter) to our customers to explain developments with our business or to offer special promotions on our Products. We will only use your personal data for such direct marketing if you expressly give us consent to do so. You can always choose to stop receiving newsletters or other communications from us by clicking the “unsubscribe” link at the bottom of a marketing message. Please understand that if you choose not to receive promotional correspondence from us, we may still contact you in connection with your relationship, activities, transactions and/or communications with us.

We may also collect non-personally identifiable information that we combine with Personal Information to create aggregate information.

If you submit any Personal Information to us relating to other people, you represent that you have the authority to do so and permit us to use the information in accordance with this Privacy Policy. By submitting Personal Information, you grant Appfire the right to transmit, monitor, retrieve, store and use your information in connection with the operation of the Sites.

We only collect the information reasonably necessary to respond to inquiries about our Services, to provide you the Services, to carry out our operations, as required by law, and for the other legitimate business purposes, under applicable laws, as provided below:

• To inform you about the Services in which you have indicated an interest or to which you've subscribed, including to fulfill transactions with you, provide customer support, and operate, maintain and improve the Services; To provide you with notices about your account and/or subscription, including expiration and renewal notices;
• To assist in business development and general marketing and building relationships; to create a list of actual and prospective users and companies; to compile statistics regarding how the Sites are used in order to improve our Services;

• To record your name and contact information, and other Personal Information for legitimate business purposes, so that we can provide our Services;

• To authorize and manage access to the Sites/Products;

• To perform our contract with a Customer or Administrator; satisfy contractual necessity to conduct our operations and provide you with the Services; to respond to your support-related requests, and repair and resolve technical issues you encounter; to perform essential business operations; to manage your account; to contact you with information that may be of interest to you;

• To improve the Sites and Services to provide you with better services, for example, we may use your personal data to improve the layout of our Sites based on the click path you utilized to access certain information within the Sites;

• To comply with legal obligations and professional responsibilities;

• To verify accounts and activity; and

• To detect, prevent, and respond to potential or actual security incidents and to monitor and protect against other malicious, deceptive, fraudulent or illegal activity, including violations of Service policies; debug; verify or maintain quality or safety or improve or upgrade a service or device owned or controlled by us.

We do not profile visitors to our Sites or collect, in any automated manner, any special categories of sensitive Personal Information about you. No automated decision-making, including profiling, is used when processing your Personal Information.

Additional Uses of Personal Information:

In addition to the uses described above, we may use your Personal Information for the following purposes. Some of these uses, under certain circumstances may be based on your consent, may be necessary to fulfill our contractual commitments to you, or are necessary to serve our legitimate interests in the following business operations: 

• Providing you with blogs, newsletters, articles, alerts and announcements, and other information that we believe may be of interest to you;

• Providing you with marketing information about our Services;

• Conducting surveys and similar inquiries to help us understand the needs of Companies, Administrators and Authorized Users;

• Analyzing your interactions with us and our Sites, and improving our Services, programs, and other offerings;

• Preventing, investigating, or providing notice of fraud, unlawful or criminal activity, or unauthorized access to or use of Personal Information, our Sites, Services or data systems; or to meet legal obligations; and

• Enforcing our Terms of Service and other agreements.

Legal bases for processing (for EEA users)

If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws.  The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:

• We need it to provide you the Services, including to operate the Sites, provide customer support and personalized features and to protect the safety and security of the Services (contract performance);
• It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests (legitimate interests);
• You give us consent to do so for a specific purpose (consent); or
• We need to process your data to comply with a legal obligation (legal obligation).

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect the lawfulness of the processing that has already taken place. 

Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services. You can object to the processing of your Personal Information based on a legitimate interest any time, for reasons related to your specific situation. In order to object to the processing based on a legitimate interest, please contact us as set forth in the HOW TO CONTACT US section below.

We may disclose aggregated information that does not identify any individual (and therefore, is not deemed to be Personal Information/ personal data) without restriction. We share Personal Information with the following categories of recipients:

• Third-party Vendors: Your Personal Information will only be shared with and processed by our Affiliates and non-affiliated third-party service providers (Partners) as permitted by law and for the purposes described in this Privacy Policy.  We may disclose Personal Information to certain non-affiliated specialized service providers, including professional advisors, consultants, technical service providers, and other third parties, who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them.  We may disclose your Personal Information to third-party service providers to provide us with services such as hosting of the Sites, including information technology and telephony services, and related infrastructure, customer service, email delivery, auditing and other similar services. You can always familiarize with a current list of our third-party service providers by visiting our Trust Center available here.

• Affiliates:  We may share your information with our corporate Affiliates that are subject to this policy.

• Business Transfers:  When applicable, we may share your information in connection with a substantial corporate transaction, such as the sale of a Site, a merger, consolidation, asset sale, or in the unlikely event of bankruptcy.

• Third-Party Advertising:  We do not disclose your Personal Information to third parties for purposes of their own advertising. We share information with third parties that manage only our advertising on other sites and applications.

• With Your Consent or at Your Direction: We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction. You can always opt-out from sharing your data based on your consent. In order to withdraw the consent given us for a specific purpose, please contact us as set forth in the HOW TO CONTACT US section below.

• Public authorities: We may disclose your personal data in response to lawful requests by public and government authorities, including to meet national security or law enforcement requirements.

• Other Legal Reasons: In addition, we may use or disclose your Personal Information as we deem necessary or appropriate: (1) under applicable law; (2) to pursue available remedies or limit damages we may sustain; (3) to protect our operations or those of any of our Affiliates; (4) to protect the rights, privacy, safety or property of Appfire, our Affiliates, you and others; and (5) to enforce our terms and conditions.

Appfire keeps Personal Information on file, but does not share, sell, license or transmit this information to third parties or external vendors unless required to do so by legal, judicial or governmental proceedings, or to provide the services requested.

We have implemented reasonable and adequate privacy and security measures to protect Your Personal Information (“personal data”) from loss, misuse, unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal data processed, including, without limitation, compliance with Marketplace Partner privacy and security requirements. We use a self-assessment approach to ensure compliance with our privacy statements and verify periodically that our statements regarding our handling and use of Personal Information are accurate and reasonably complete in regard to the information covered (for more information, we encourage you to visit our Trust Center). Although we work hard to protect your Personal Information, Appfire cannot guarantee the security of any information you transmit to us through online forms and applications, or chat rooms, and you do so at your own risk. Please note that email is considered a non-encrypted (and therefore nonsecure) form of communication, and it can be accessed and viewed by others without your knowledge and permission. For that reason, to protect your privacy, please do not use email to communicate information that you consider confidential. Unfortunately, no data transmission or storage system can be guaranteed to be secure at all times. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the HOW TO CONTACT US section below. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.

We are not responsible for any outcome if you circumvent any privacy settings or security measures. When applicable, you are responsible for choosing a password of appropriate strength, not reusing passwords used on other websites, and keeping your password confidential. Appfire employees will never ask for your password.

We will always retain your Personal Information only for the period necessary to fulfill the purposes for the performance of which your data has been collected or as long as needed to fulfill and comply with legal obligations.

Our Sites/Services/Products are only intended for individuals who are at least 16 years of age. We do not knowingly encourage or solicit visitors to our Sites who are under the age of 16 or knowingly collect Personal Information from anyone under the age of 16 without parental fiduciary consent. If we learn we have collected or received Personal Information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us in accordance with the "How to Contact Us" section below.

We are committed to complying with the Children’s Online Privacy Protection Act (COPPA). Our Services/Products/Sites are not directed to children under the age of 13 and children under the age of 13 are not to use them or provide any information to our Services without express parental consent. We do not knowingly collect Personal Information from children under the age of 13. If we receive Personal Information that we discover was provided by a child under the age of 13 without parental consent, we will promptly destroy such information.

California residents under 16 years of age may have additional rights regarding the collection and sale of their Personal Information. Please see YOUR CALIFORNIA PRIVACY RIGHTS for more information.

For Products purchased via a Marketplace Partner, Appfire receives payment through the Marketplace Partners, so we do not retain any personally identifiable information or any financial information such as credit card numbers. For Products, purchased directly from Appfire, we use third party payment processors to facilitate the transaction. These processors are listed on our Subprocessor List. When you purchase our Products through such payment processor, we may receive some of your  transaction data, including personal data, such as: your name, email address and bank account information; for more information on what data we may receive from Stripe when you use this platform, please visit the privacy policy of the relevant subprocessor.

We may periodically send you relevant alerts and newsletters by email, including for the following purposes:

• To share relevant Appfire information,
• For our Marketing Activities,
• To provide the Services and Products,
• To notify you of changes to our Services, and
• To notify of outages or other impacts to hosted Services.

Instructions on how to unsubscribe from relevant alerts and newsletters are included in each email. Please note, note that you may not be able to opt out to some alerts related to the Service that areas are strictly related to the Services (e.g. outage notices) and are not of a commercial/ marketing nature. See also the COOKIES NOTICE below regarding our use of Pixel Tags.

You have choices in how your Personal Information is used and shared. You have the right to:

• Update, access, and delete your account information; and

• Choose whether you wish to receive promotional and newsletter communications.

Account Information: You may update or correct your profile at any time by using this form. You may also use this form for any type of request, which is not covered by the form mentioned in the preceding line.

We may retain certain information, including cached or archived copies, as required by law or for legitimate business purposes.

Cookies: Please see our COOKIES NOTICE below.

Blogs: Our Site offers publicly accessible blogs. Any comments you provide in the comments sections of these blogs may be read, collected, and used by others. To request removal of any Personal Information you post to our blogs, please contact us by using this form. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why.

Certain Exceptions to Deletion Request Rights: You have the right to request that we delete any of your Personal Information that we have collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.  We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

• Complete the transaction for which we collected the Personal Information, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.

• Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

• Debug products to identify and repair errors that impair existing intended functionality.

• Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

• Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).

• Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest.

• Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

• Comply with a legal obligation.

• Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

Choice and Opt-Out:

• We provide you the opportunity to “opt-out” of having your Personal Information used for certain purposes and instances. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in each newsletter or communication or by contacting us as provided in HOW TO CONTACT US or simply use this form.   We offer an opportunity to opt-out of certain communications on our member profile page, or you may contact us using the information below.

• You will be notified when we share your Personal Information with any third party that is not our agent/service provider, so you can make an informed choice as to whether or not to share your information with that party.

• You may opt out of personalized ads anytime by deleting your browser's cookies. For more information, please review our COOKIE NOTICE.

Exercising Access, Data Portability and Deletion Rights: To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us as provided in HOW TO CONTACT US or simply use this form.

Verification of Your Identity:  Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. In order to make a request, You should:

• Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.

• Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

Making a verifiable consumer request does not require you to create an account with us.

Where you have provided consent to process Personal Information, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.  You may do this by contacting us as set forth in the HOW TO CONTACT US section below or simply use this form.

At Appfire, we endeavor to respond to a verifiable consumer request within 30 days since receipt. For additional information relating to handling of complaints and requests under the Principles, please see DATA PRIVACY FRAMEWORK - ADDITIONAL INFORMATION.

If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.

For data portability requests, we will select a format to provide your Personal Information that is readily usable and should allow you to transmit the Personal Information from one entity to another entity without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

What are cookies and why are cookies used: Cookies are small text files containing a unique string of characters that are stored in your web browser’s memory when you visit a website. When you return to a website that has placed a cookie in your browser, the cookie allows a website provider to recognize that you have visited the site before.

While cookies are often only used to measure website usage (such as number of visitors and duration of visit) and effectiveness (such as topics visitors are most interested in) and to allow for ease of navigation or use and, as such, are not associated with any Personal Information, they are also used at times to personalize a known visitor's experience of a website by being associated with profile information or user preferences. Over time this information provides valuable insight to help improve the user experience.

How we use Cookies:  We use cookies and related technologies (“Cookies”) to provide Services, gather information when users navigate through the Sites to enhance and personalize the experience, to understand usage patterns, and to improve our Sites, products, and Services. 

Cookies in each of the categories below may be session or persistent cookies. Session cookies exist only during one session. They disappear when you close your browser, restart, or turn off your device. Persistent cookies remain on your device after you close your browser, restart, or turn off your device.

Cookies on our Sites are generally divided into the following categories:

• Strictly Necessary Cookies:  These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

• Functional and Performance Cookies. These cookies enable the website to provide enhanced functionality and personalization or allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous.  These cookies may be set by us or by third party providers whose services we have added to our pages. an example being Google Analytics, which is further explained below.  If you do not allow these cookies then some or all of these services may not function properly. Additionally, if you do not allow these cookies we may not be able to monitor the performance of our website.
• Google Analytics and Opt-out: Google Analytics uses first-party cookies to collect information about how users use our Sites. This information is used to compile reports and to help us improve our Site. The reports disclose website trends without identifying individual visitors. For more information on Google Analytics, please visit: https://policies.google.com/technologies/partner-sites. You can opt out of Google Analytics without affecting how you visit our Sites.

• Marketing and Advertising (Targeting) Cookies. These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Pixel Tags: Pages of our Sites and our emails may contain small electronic files known as pixel tags (also referred to as clear gifs, web beacons, and single-pixel gifs) that permit Appfire, for example, to count users who have visited those pages (or opened an email) and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). Pixel Tags have a similar function as Cookies. However, Pixel Tags differ from Cookies in that they are embedded directly on Web Pages or in HTML-based emails, instead of being stored on a user’s local storage drive. Appfire may utilize Pixel Tags in our email marketing activities to allow us to track which emails have been opened by recipients, and through that, understand the efficacy of our email marketing activities.

How to Control Cookies:  You can review your Internet browser settings, typically under the sections "Help" or "Internet Options," to exercise choices you have for certain Cookies. If you choose to block all cookies, you may not have access to our Sites, our Services will not function as intended, and you will not be able to log in. If you have blocked all cookies and wish to make full use of the features and Services we offer, we recommend enabling at least first-party cookies. Rather than blocking all cookies, you can choose to block only third-party cookies. This will allow Appfire Services to function as intended.  To learn more about the use of Cookies by Google for analytics see https://policies.google.com/technologies/cookies. To exercise choice regarding those Cookies, please see the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout. The opt-outs described above are device- and browser-specific and may not work on all devices.

Our Sites provide you with the option to customize Cookie activity. In order to easily manage the cookie settings, please use Cookie Management Tools available on our Sites.

Starting on January 1, 2020, under the California Consumer Privacy Act (CCPA), California Residents have the right to request the following information from Appfire by   contacting us through the form at HOW TO CONTACT US   and Appfire will provide the following information to you upon verification of your identity:

• The categories of Personal Information Appfire collects about you;

• The categories of sources from which your Personal Information is collected;

• The business purpose for collecting your Personal Information;

• The categories of third parties with whom Appfire shares your Personal Information; and

• The specific pieces of Personal Information Appfire has collected about you.

In addition, please check the following section of this Privacy Policy: TYPES OF PERSONAL INFORMATION WE COLLECT, HOW AND WHY WE USE YOUR INFORMATION, and HOW WE SHARE AND DISCLOSE PERSONAL INFORMATION.

You may opt out of any marketing by us and from the disclosure of your Personal Information to third parties.

Personal Information Sales Opt-Out and Opt-In Rights: If you are 16 years of age or older, you have the right to direct us to not sell your Personal Information at any time (the “right to opt-out”). We do not sell the Personal Information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is at least 13 but not yet 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to Personal Information sales may opt-out of future sales at any time.

Non-Discrimination: If you elect to exercise any of your rights under CCPA, Appfire will not discriminate against you for exercising any of your CCPA rights.  Unless otherwise permitted by the CCPA, we will not: deny you goods or services, charge you a different price or rate for our goods or services, or provide you a different level or quality of goods or services because you exercised such rights. Under the current definition of CCPA, Appfire does not sell your Personal Information.

Other than as provided above, we may offer you certain financial incentives, as permitted by the CCPA, in exchange for your giving us certain information, which incentives may result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.

Types of Information We Collect: Please see Section 2, INFORMATION WE COLLECT AND RECEIVE and Annex 1.

Your personal information will be treated in a secure and confidential manner in compliance with all applicable laws and regulations, including the European General Data Protection Regulation (GDPR), the UK General Data Protection Regulation (UK GDPR), and the Swiss Federal Act on Data Protection. Depending on the context in which personal information is provided, we may be a data processor (“processor”) or a Data Controller (“controller”) of your personal information. The Data Subject owns the data submitted to us. If you are a resident of the European Union, you may have specific rights related to the processing of your Personal Information (i.e., personal data as defined by the applicable, European data protection legislation) - for more information please see Annex 2 hereto.

To find more about your Data Controller, please see Annex 2 hereto.

In addition, please check the following sections of this Privacy Policy: TYPES OF PERSONAL INFORMATION WE COLLECT, HOW AND WHY WE USE YOUR PERSONAL INFORMATION, HOW WE SHARE AND DISCLOSE PERSONAL INFORMATION, YOUR PERSONAL INFORMATION CHOICES, and WITHDRAWAL OF YOUR CONSENT.

If you have any questions or concerns regarding this Privacy Policy or our privacy practices, including the processing of your personal information, if you would like to exercise your data rights under applicable laws, or if you believe your privacy rights have been violated, please contact us as provide in the section titled, HOW TO CONTACT US, below.

If you are based in the EU/EEA member states, and if you are of the opinion that we haven’t complied with applicable data protection laws, you have a right to lodge a complaint with the competent data protection supervisory authority. For more information, please see Annex 2 hereto.

Occasionally we may provide links to other sites for your convenience and information. These sites operate independently from our Sites and are not under our control. These sites may have their own privacy notices or terms of use, which you should review if you visit any sites linked through our Sites. We are not responsible for the content or use of these unrelated sites. 

We may change this Privacy Policy from time to time, and at our sole discretion. Appfire encourages visitors to frequently check this page for any changes to its Privacy Policy.

If you have any questions or concerns about this Privacy Policy or our Personal Information / personal data handling practices, please contact us at:

Appfire Technologies, LLC

1500 District Avenue, Burlington, MA 01803

Attn.: Group Privacy Officer

If you are located in the EU/ EEA, Switzerland or the UK, you can also contact us by reaching out directly to your data controller - for more information, please see the Annex 2 hereto.

Direct contact to our Group Privacy Officer is available at:

Małgorzata Duszynska:  malgorzata.duszynska@appfire.com

To unsubscribe from marketing emails, request can be submitted through this form.

To revoke Publicity Rights, contact us through this form.

For GDPR, Swiss DPA, UK GDPR or CCPA data subject requests please contact us through this  form.

COMPLAINTS AND DISPUTE RESOLUTION

You have the right to lodge a complaint with regard to the processing of your personal data under this Privacy Policy by Appfire Technologies, LLC and/or its U.S. Affiliates. Should you need to lodge a complaint, please contact us at:

Appfire Technologies, LLC

1500 District Avenue, Burlington, MA 01803

Attn.: Group Privacy Officer

or contact our Group Privacy Officer directly at:

Małgorzata Duszynska:  malgorzata.duszynska@appfire.com

Appfire Technologies, LLC (including its U.S. Affiliates) is committed to respond to your complaints within 45 days of receiving a complaint. If you have not received a timely or satisfactory response to your question or complaint, please contact the independent recourse mechanism provided by JAMS.

RIGHT TO INVOKE BINDING ARBITRATION

You have the right, under certain conditions, to invoke binding arbitration for complaints regarding Data Privacy Framework compliance not resolved by any of the above mechanisms. For additional information, please refer to the Annex I of the Data Privacy Framework.

SUPERVISORY AUTHORITY

Appfire Technologies, LLC together with its U.S. Affiliates are subjected to the investigatory and enforcement powers of the Federal Trade Commission that has jurisdiction to hear any claims against them regarding possible unfair or deceptive practices and violations of laws or regulations governing privacy.

LIABILITY IN TERMS OF ONWARD TRANSFERS

Whenever personal data is received by Appfire Technologies, LLC and/or any of its U.S. Affiliates,  in reliance on the Data Privacy Framework, and is further transferred by this/ these entity(-ies) to a third party acting as an agent on its/their behalf (processor), Appfire Technologies, LLC (or, its U.S. Affiliates, whichever is applicable to the case) shall remain liable under the Data Privacy Framework Principles if the data recipient processes such personal information in a manner inconsistent with the Principles, unless it proves that it is not responsible for the event giving rise to the damage.

ENFORCEMENT AND LIABILITY

Appfire commits to periodically reviewing and verifying the accuracy of this Privacy Policy and our compliance with the Principles, and remedying issues identified. All our workers that have access to personal data covered by this Privacy Policy in the U.S. are responsible for conducting themselves in accordance with this Privacy Policy. Failure of an Appfire employee to comply with this Privacy Policy may result in disciplinary action up to and including termination.

We assure our compliance with the Principles by utilizing the self-assessment approach, as specified in the Principles. The assessment is conducted on an annual basis to ensure that all our privacy practices are in line with the Data Privacy Framework Principles to which we have adhered to.

Annex 1

Types of Information We Collect: In particular, we collect (and have collected in the past twelve months) the following categories of Personal Information from Customers, Authorized Users, and visitors to our Sites:

Supplemental privacy terms for the following Products can be accessed at the embedded links below:

Annex 2

Supplement to the Privacy Policy for customers located in the EU/EEA member states, the UK and Switzerland

This information is addressed to you, if you are located outside the United States, including, in particular, the European Economic Area (EEA)/ European Union (EU), United Kingdom (UK) and Switzerland.

• Controller of your Personal Information

The controller of your Personal Information (hereinafter referred to as “personal data”, as this term is defined by the applicable European data protection legislation), is the entity who is the Licensor under the EULA / owner of the Site you are visiting. Please, see the below table to find more information regarding the controller of your personal data, as well as contact details to the competent Data Protection Authority, located in your country of residence.

• Your rights related to the processing of your personal data

You may have certain rights regarding your personal data, which may include:

• the right to request access to and/or a copy of the personal data we keep about you,
• the right to object to or restrict our processing of your personal data,
• the right to request that your personal data be erased from further use,
• the right to correct, amend, or update personal data you have given us,
• the right to a data portability, which allows you to request that we share your personal data with other data controllers,
• the right to to be subject to automated decision making process, i.e. a decision made solely by automated processing, and
• If we have relied on consent as a ground for the processing of your personal data, you have the right to withdraw your consent anytime - withdrawal of your consent will not affect the lawfulness of the processing carried out based on the consent prior to its withdrawal.

In order to execute your rights listed above, please see HOW TO CONTACT US section below or simply use this form.

• International data transfers

Appfire is a global organization, operating worldwide. Therefore, in connection with our business, administrative, operations, management and legal purposes, we may - where necessary, transfer your personal data outside of your country of residence. Such a transfer will always be carried out in accordance with applicable law, including the Principles. The transfers may concern transfers between our affiliated companies and to our third-party service providers, including those located in the US and other jurisdictions in which we may be established. We will always make sure that any transfer is lawful, including putting in place legal safeguards and ensuring that there are appropriate confidentiality and security arrangements in place.

Annex 3

List of Appfire’s U.S. entities adhering to the EU-U.S. Data Privacy Framework Principles, the UK Extension to the EU-U.S. Data Privacy Framework Principles and the Swiss - U.S. Data Privacy Framework Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, as well as Access, Recourse, Enforcement and Liability (“DPF Principles”)

Appfire Technologies, LLC and its Affiliates, i.e.:

Appfire International Holdings, LLC

Appfire Intermediate, LLC

Appfire Parent, LLC

Appfire Management Holdings, LLC

Artemis Software, LLC

Appfire Canada Holdings, LLC

Mohami, LLC

• and any other U.S. subsidiary or affiliate of Appfire Technologies, LLC.

This Annex 3 can be updated from time to time in order to always reflect the current list of our U.S. Affiliates adhering to the DPF Principles.