Revised: March 23, 2021
The term, “Affiliate(s)” means an independent third party with whom we do business, which may include Atlassian, hosting providers, developers, as well as any entity that we directly or indirectly, control, or are controlled by, or are under common control with.
When we use the term, “Personal Information,” we mean information or data that directly or indirectly identifies, describes, relates to or is reasonably capable of being associated with or can reasonably link to a particular individual, consumer or household.
- The provision of our commercially available software products made available for download by or on behalf of Appfire and/or its Affiliates, whether licensed for a fee or made available at no charge as specified in an Order (“Software”); (b) any software functionality provided by us for access or use in a hosted or cloud-based environment made available by us or on our behalf as specified in an Order (“Cloud Services”); and (c) any support and maintenance services provided by us relating to the Software or Cloud Services. Software and Cloud Services, together with related Documentation, are referred to herein as “Products”.
- the information provided through the Sites;
- our marketing and business development activities, including any social media properties we create, and emails that we send (“Marketing Activities”), and
- all other online services, publications, and call centers owned or controlled by us.
Appfire may receive Personal Information about you through various means necessary to provide our Services. Depending on the context, “You” may be:
- A visitor to Appfire’s Sites,
- A user who has purchased access to Appfire’s products or Services, (“Customer”) or a partner, member, employee, temporary employee, or independent contractor of a Customer who has paid for the Services who has been added to the account as a user with access credentials (“Administrator”), or
- An individual who is legally authorized to access and use the Products under a User License and for whom you have paid the required License Fees, and any Secondary Users that you permit to use the Products, subject to Appfire’s EULA (“Authorized User”).
2. INFORMATION WE COLLECT AND RECEIVE
We collect the following categories of information, which may be considered Personal Information when maintained in an identifiable format:
- Account registration information: When a Customer purchases Appfire Products or Services, we may collect your and/or your Administrator’s full name, email address, phone numbers, and account log-in credentials, if applicable.
- Content and information that you submit through the Sites: Information submitted through the Sites may include, for example, the information you provide when you participate in any interactive features or surveys, and any information you submit when filing a customer support ticket or as part of any other form submissions on the Sites.
- Content and information voluntarily provided through the Services: We collect any information you provide to us voluntarily via the Services. Annex 1 outlines the categories of Personal Information in greater detail that we collect and that may be submitted through the Sites and/or Services.
- Technical product usage data, logs, metrics, metadata, and device information: We automatically generate and retain records of how users interact with our Sites and Services. This may include information such as your Internet Protocol (“IP”) address, device identifiers, device information (such as OS type or browser type), cookie IDs, referring / exit pages and URLs, interaction information (such as clickstream data), domain names, pages viewed, crash data, and other similar technical data. We may use technologies such as cookies and/or scripts to collect this information. Please see COOKIES NOTICE for further information.
- Location information: We may use the IP address received from your browser or mobile device to determine your approximate physical location, such as city and country.
- Cellular Phone Numbers: By providing a cellular telephone number to us, you expressly consent to, and authorize us or a third party on our behalf to deliver autodialed or prerecorded telemarketing calls and/or text messages to the number you provide. You are not required to consent to these calls as a condition to purchasing any goods or services, but withholding your consent may prevent us from providing certain services to you. This consent encompasses all future autodialed or prerecorded telemarketing calls and text messages from us or a third party placing these calls on our behalf. You may revoke consent to receive text messages at any time by contacting us. See HOW TO CONTACT US below. We may also collect certain location information such as your mobile device’s GPS signal, or information about nearby WiFi access points and cell towers.
- Information collected from third party or public sources: Appfire may receive information from third-party sources, such as business partners, the Atlassian Marketplace, Affiliates, marketing service providers, third-party data aggregators, or publicly available sources, that we use to make our own information better or more useful. We may collect an Authorized User’s name, email address, and phone number.
- Direct marketing. In the future we may send out marketing communications (such as a newsletter) to our customers, who do not opt-out of receiving such communications, to explain developments with our business or to offer special promotions on our products and Storefront. We will only use your personal data for such direct marketing if you expressly give us consent to do so. You can always choose to stop receiving newsletters or other communications from us by clicking the “unsubscribe” link at the bottom of a marketing message. Please understand that if you choose not to receive promotional correspondence from us, we may still contact you in connection with your relationship, activities, transactions and/or communications with us.
We may also collect non-personally identifiable information that we combine with Personal Information to create aggregate information.
3. HOW AND WHY WE USE YOUR INFORMATION
We only collect the information reasonably necessary to respond to inquiries about our Services, to provide you the Services, to carry out our operations, as required by law, and for the other legitimate business purposes, under applicable laws, as provided below:
- To inform you about the Services in which you have indicated an interest or to which you’ve subscribed; Respond to your questions and requests and improve customer service; To provide you with notices about your account and/or subscription, including expiration and renewal notices;
- To assist in business development and general marketing and building relationships; to create a list of actual and prospective users and Companies; to compile statistics regarding how the Sites are used in order to improve our products and Services;
- To record your name and contact information, and other Personal Information for legitimate business purposes, so that we can provide our Services;
- To authorize and manage access to the Sites;
- To perform our contract with a Customer or Administrator; satisfy contractual necessity to conduct our operations and provide you with the services and products we offer; to perform essential business operations and to manage your account; to contact you with information that may be of interest to you;
- To improve the Sites and Services to provide you with better services, for example, we may use your personal data to improve the layout of our Sites based on the click path you utilized to access certain information within the Sites;
- To comply with legal obligations and professional responsibilities;
- To verify your identity; and
- To detect or prevent security incidents or other illegal activity; debug; verify or maintain quality or safety or improve or upgrade a service or device owned or controlled by us.
We do not profile visitors to our Sites or collect, in any automated manner, any special categories of sensitive Personal Information about you. No automated decision-making, including profiling, is used when processing your Personal Information.
Additional Uses of Personal Information:
In addition to the uses described above, we may use your Personal Information for the following purposes related to a Customer, Administrator or Authorized User. Some of these uses, under certain circumstances may be based on your consent, may be necessary to fulfill our contractual commitments to you, or are necessary to serve our legitimate interests in the following business operations:
- Providing you with blogs, newsletters, articles, alerts and announcements, and other information that we believe may be of interest to you;
- Providing you with marketing information about our Services;
- Conducting surveys and similar inquiries to help us understand the needs of Companies, Administrators and Authorized Users;
- Analyzing your interactions with us and our Sites, and improving our products, services, programs, and other offerings;
- Preventing, investigating, or providing notice of fraud, unlawful or criminal activity, or unauthorized access to or use of Personal Information, our Sites, Services or data systems; or to meet legal obligations; and
- Enforcing our Terms of Service and other agreements.
4. HOW WE SHARE AND DISCLOSE PERSONAL INFORMATION
We may disclose aggregated information that does not identify any individual (and therefore, is not deemed to be Personal Information) without restriction. We share Personal Information with the following categories of recipients:
- Corporate Affiliates: We may share your information with our corporate Affiliates that are subject to this policy.
- Google Analytics: We share anonymized, aggregated information with Google Analytics.
- Business Transfers: When applicable, we may share your information in connection with a substantial corporate transaction, such as the sale of a Site, a merger, consolidation, asset sale, or in the unlikely event of bankruptcy.
- Third-Party Advertising: We do not disclose your Personal Information to third parties for purposes of their own advertising. We share information with third parties that manage only our advertising on other sites and applications.
- With Your Consent or at Your Direction: We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction.
- Other Legal Reasons: In addition, we may use or disclose your Personal Information as we deem necessary or appropriate: (1) under applicable law; (2) to respond to requests from public and government authorities (3) to pursue available remedies or limit damages we may sustain; (5) to protect our operations or those of any of our Affiliates; (6) to protect the rights, privacy, safety or property of Appfire, our Affiliates, you and others; and (7) to enforce our terms and conditions.
Appfire keeps Personal Information on file, but does not share, sell, license or transmit this information to third parties or external vendors unless required to do so by legal, judicial or governmental proceedings, or to provide the services requested.
5. DATA SECURITY
We have implemented privacy and security measures reasonably adequate to preserve Your Data from loss, misuse, unauthorized access, disclosure, alteration and destruction including, without limitation, compliance with Atlassian Marketplace privacy and security requirements (presently available here). We use a self-assessment approach to ensure compliance with our privacy statements and verify periodically that our statements regarding our handling and use of personally identifiable information are accurate and reasonably complete in regard to the information covered. Although we work hard to protect your Personal Information, Appfire cannot guarantee the security of any information you transmit to us through online forms and applications, or chat rooms, and you do so at your own risk. Please note that email is considered a non-encrypted (and therefore nonsecure) form of communication, and it can be accessed and viewed by others without your knowledge and permission. For that reason, to protect your privacy, please do not use email to communicate information that you consider confidential. Unfortunately, no data transmission or storage system can be guaranteed to be secure at all times. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the HOW TO CONTACT US section below. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
We are not responsible for any outcome if you circumvent any privacy settings or security measures. When applicable, you are responsible for choosing a password of appropriate strength, not reusing passwords used on other websites, and keeping your password confidential. Appfire employees will never ask for your password.
6. RETENTION OF PERSONAL INFORMATION
7. CAPACITY / CHILDREN
Our Sites are only intended for individuals who are at least 16 years of age. We do not knowingly encourage or solicit visitors to our Sites who are under the age of 16 or knowingly collect Personal Information from anyone under the age of 16 without parental fiduciary consent. If we learn we have collected or received Personal Information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us in accordance with the “How to Contact Us” section below.
We are committed to complying with the Children’s Online Privacy Protection Act (COPPA). Our Service is not directed to children under the age of 13 and children under the age of 13 are not to use the Sites or provide any information to our Service without express parental consent. We do not knowingly collect Personal Information from children under the age of 13. If we receive Personal Information that we discover was provided by a child under the age of 13 without parental consent, we will promptly destroy such information.
California residents under 16 years of age may have additional rights regarding the collection and sale of their Personal Information. Please see YOUR CALIFORNIA PRIVACY RIGHTS for more information.
8. FINANCIAL INFORMATION
Appfire receives payment through Atlassian or our Affiliates and we do not retain any personally identifiable information or any financial information such as credit card numbers. Rather, all payments are submitted directly via check or wire transfer.
9. EMAIL MARKETING
We may periodically send you relevant alerts and newsletters by email, including for the following purposes:
- To share relevant Appfire information,
- For our Marketing Activities,
- To provide the Services and Products,
- To notify you of changes to our Services, and
- To notify of outages or other impacts to hosted Services.
Instructions on how to unsubscribe from relevant alerts and newsletters are included in each e-mail. See also the COOKIES NOTICE below regarding our use of Pixel Tags.
10. YOUR PERSONAL INFORMATION CHOICES
You have choices in how your Personal Information is used and shared. You have the right to:
- Update, access, and delete your account information; and
- Choose whether you wish to receive promotional and newsletter communications.
Account Information: You may update or correct your profile at any time by using the following form: https://appf.re/unsubscribe.
We may retain certain information, including cached or archived copies, as required by law or for legitimate business purposes.
Cookies: Please see our COOKIES NOTICE below.
Blogs: Our Site offers publicly accessible blogs. Any comments you provide in the comments sections of these blogs may be read, collected, and used by others. To request removal of any Personal Information you post to our blogs, please contact us at https://appf.re/eula. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why.
Certain Exceptions to Deletion Request Rights: You have the right to request that we delete any of your Personal Information that we have collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the Personal Information, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Choice and Opt-Out:
- We provide you the opportunity to “opt-out” of having your Personal Information used for certain purposes and instances. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in each newsletter or communication or by contacting us as provided in HOW TO CONTACT US. We offer an opportunity to opt-out of certain communications on our member profile page, or you may contact us using the information below.
- You will be notified when we share your Personal Information with any third party that is not our agent/service provider, so you can make an informed choice as to whether or not to share your information with that party.
- You may opt out of personalized ads anytime by deleting your browser’s cookies. For more information, please review our COOKIE NOTICE.
Exercising Access, Data Portability and Deletion Rights: To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us as provided in HOW TO CONTACT US.
Verification of Your Identity: Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may make a verifiable consumer request for access or data portability twice within a 12-month period. You must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
Making a verifiable consumer request does not require you to create an account with us.
11. WITHDRAWAL OF YOUR CONSENT
Where you have provided consent to process Personal Information, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. You may do this by contacting us as set forth in the HOW TO CONTACT US section below.
12. RESPONSE TIMING AND FORMAT
We endeavor to respond to a verifiable consumer request within thirty (30) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your Personal Information that is readily useable and should allow you to transmit the Personal Information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
13. COOKIES NOTICE
What are cookies and why are cookies used: Cookies are small text files containing a unique string of characters that are stored in your web browser’s memory when you visit a website. When you return to a website that has placed a cookie in your browser, the cookie allows a website provider to recognize that you have visited the site before.
While cookies are often only used to measure website usage (such as number of visitors and duration of visit) and effectiveness (such as topics visitors are most interested in) and to allow for ease of navigation or use and, as such, are not associated with any Personal Information, they are also used at times to personalize a known visitor’s experience of a website by being associated with profile information or user preferences. Over time this information provides valuable insight to help improve the user experience.
Cookies on our Sites are generally divided into the following categories:
- Necessary Cookies: These cookies are necessary to provide you with our Services and to use some of their features, such as access to secure areas. Because these cookies are strictly necessary to deliver the Services, you cannot refuse them without impacting how our Services function. These cookies do not collect identifying information about you, and they do not monitor or remember any of your internet browsing on sites other than Appfire Sites.
- Helpful Cookies: These cookies allow us to provide you with a better experience when you use our Sites. These cookies do not collect identifying information about you, and they do not monitor or remember any of your internet browsing on sites other than Appfire Sites.
- Analytics and Customization Cookies: These cookies collect information that is used to help us understand how our Services are being used or how effective our marketing campaigns are, or to help us customize our Services for you to enhance your experience. This data is anonymous and only used for statistical purposes, analytics cookies do not collect or share any personally identifiable information. These cookies qualify as “third-party” cookies as they are not sent directly by Appfire.
- Pixel Tags: Pages of our Sites and our emails may contain small electronic files known as pixel tags (also referred to as clear gifs, web beacons, and single-pixel gifs) that permit Appfire, for example, to count users who have visited those pages (or opened an email) and for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity). Pixel Tags have a similar function as Cookies. However, Pixel Tags differ from Cookies in that they are embedded directly on Web Pages or in HTML-based emails, instead of being stored on a user’s local storage drive. Appfire may utilize Pixel Tags in our email marketing activities to allow us to track which emails have been opened by recipients, and through that, understand the efficacy of our email marketing activities.
- Targeting Cookies: These record your visit to our Sites, the pages you have visited and the links you have followed to recognize you as a previous visitor and to track your activity on the Sites and other sites you visit. These Cookies qualify as persistent cookies, because they remain on your device for us to use during a subsequent visit to our Sites. You can delete these cookies via your browser settings. See below for further details on how you can control third-party targeting cookies.
14. YOUR CALIFORNIA PRIVACY RIGHTS
Starting on January 1, 2020, under the California Consumer Privacy Act (CCPA), California Residents have the right to request the following information from Appfire by contacting us through the form at https://appf.re/ccpa and Appfire will provide the following information to you upon verification of your identity:
- The categories of Personal Information Appfire collects about you;
- The categories of sources from which your Personal Information is collected;
- The business purpose for collecting your Personal Information;
- The categories of third parties with whom Appfire shares your Personal Information; and
- The specific pieces of Personal Information Appfire has collected about you.
You may opt out of any marketing by us and from the disclosure of your Personal Information to third parties.
Personal Information Sales Opt-Out and Opt-In Rights: If you are 16 years of age or older, you have the right to direct us to not sell your Personal Information at any time (the “right to opt-out”). We do not sell the Personal Information of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is at least 13 but not yet 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to Personal Information sales may opt-out of future sales at any time.
Non-Discrimination: If you elect to exercise any of your rights under CCPA, Appfire will not discriminate against you for exercising any of your CCPA rights. Unless otherwise permitted by the CCPA, we will not: deny you goods or services, charge you a different price or rate for our goods or services, or provide you a different level or quality of goods or services because you exercised such rights. Under the current definition of CCPA, Appfire does not sell your Personal Information.
Other than as provided above, we may offer you certain financial incentives, as permitted by the CCPA, in exchange for your giving us certain information, which incentives may result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your Personal Information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
Types of Information We Collect: Please see Section 2, INFORMATION WE COLLECT AND RECEIVE and Annex 1.
15. RESIDENTS OF THE EUROPEAN ECONOMIC AREA THE UNITED KINGDOM AND SWITZERLAND
Your personal information will be treated in a secure and confidential manner in compliance with all applicable laws and regulations, including the European General Data Protection Regulation (GDPR), the UK General Data Protection Regulation (UK GDPR), and the Swiss Federal Act on Data Protection. Depending on the context in which personal information is provided, we may be a data processor (“processor”) or a data controller (“controller”) of your personal information. The Data Subject owns the data submitted to us. If you are a resident of the European Union, you can object to processing of your Personal Data, request that we restrict processing of your Personal Data, or request portability of your Personal Data, as outlined by the GDPR. If you request that we remove your personal information, we will respond to the request within 30 days.
16. LINKS TO OTHER SITES
17. UPDATES TO THIS PRIVACY NOTICE
18. HOW TO CONTACT US
Types of Information We Collect: In particular, we collect (and have collected in the past twelve months) the following categories of Personal Information from Customers, Authorized Users, and visitors to our Sites:
|A. Identifiers.||A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name.|
|B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).||A name, signature, address, telephone number. Some personal information included in this category may overlap with other categories.|
|D. Commercial information.||Records of purchasing Appfire Products|
|F. Internet or other similar network activity.||Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement.|
|G. Geolocation data.||Physical location or movements.|