<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1360553&amp;fmt=gif">

Privacy Policy

LAST UPDATED: DECEMBER 20, 2019

This Privacy Policy (this “Policy”) was last updated on and is effective as of December 20th, 2019.

This website, www.privy.com and any subdomains (the “Site”) is operated by Privy, LLC. (“Privy”, “we”, “us” and/or “our”) and has been created to provide our Site visitors (“you”, “your”) with information about Privy’s information practices. This Privacy Policy (this “Policy”) sets forth Privy’s policy with respect to information that identifies you or can be used to identify or contact you (“Personal Information”), that is collected from you through the Site or through our other service offerings (collectively, including the Site, the “Services”). This Policy is incorporated into, is part of, and is governed by the Privy Terms and Conditions (the “Terms & Conditions”).

The Services and our business may change from time to time. As a result, at times it may be necessary for Privy to make changes to this Policy. We will not make changes that result in significant additional uses or disclosures of your Personal Information without allowing you to “opt in” to such changes. We may also make non-significant changes to this Policy that generally will not significantly affect our use of your Personal Information, for which your opt-in is not required. We encourage you to check this page periodically for any changes. If any non-significant changes to this Policy are unacceptable to you, you must immediately contact us and, until the issue is resolved, stop using the Services. Your continued use of the Services following the posting of non-significant changes to this Policy constitutes your acceptance of those changes.

To the extent that the Services are available to individuals located in the European Economic Area and the United Kingdom, this Policy sets out our practices and obligations under the General Data Protection Regulation 2016/679 (the “GDPR”). If an organization with which you are associated (our “End Customer”) signs up to use our Services, we may receive Personal Information about you in connection with our provision of the Services to the End Customer. To the extent we process (as defined in the GDPR) that Personal Information solely in order to provide the Services to the End Customer, under the GDPR, to the extent applicable, we will act as a processor (as defined in the GDPR) on behalf of the End Customer in respect of that Personal Information; this Policy will not apply to the processing of that Personal Information and the End Customer will act as a controller (as defined in the GDPR) in respect of that Personal Information and is responsible for obtaining all necessary consents and providing you with all requisite information as required by applicable law.  To the extent we process your Personal Information for any other lawful business purpose of ours, under the GDPR, to the extent applicable, we will act as a controller of such Personal Information and this Policy will apply to the processing of such Personal Information.

For the avoidance of doubt, this Policy does not apply to information collected from you through tools in the Services that are embedded within the websites of Privy’s End Customers (“Tools”), such as information you may provide to complete forms, or to the use of information submitted via a Tool on an End Customer’s website by the applicable End Customer or its service providers.   

1. Information Collected
When you interact with us through the Site or other Services, we may collect Personal Information and other information from you, as further described below:

Personal Information That You Provide:
We collect Personal Information from you when you voluntarily provide such information, such as when you contact us with inquiries, subscribe to our e-mail newsletter, submit comments to our blog, register for access to the Services or use certain Services. For instance, Privy may collect the following information about you: name, address, zip code, telephone number, e-mail address, and access credentials for the Services. Wherever Privy collects Personal Information we make an effort to provide a link to this Policy.

By voluntarily providing us with Personal Information, you are consenting to our use of it in accordance with this Policy. If you provide Personal Information to the Site or through the other Services, you acknowledge, agree, and expressly consent that such Personal Information may be transferred from your current location to the offices and servers of Privy and the authorized third parties referred to herein located in the United States.  For clarification, your Personal Information may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and the Services may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such information. By using the Services and submitting such information on it, you voluntarily consent to the trans-border transfer and hosting of such information. Without limitation of the foregoing, you hereby expressly grant consent to Privy to: (a) process and disclose such information in accordance with this Privacy Policy; (b) transfer such information throughout the world, including to the United States or other countries that do not ensure adequate protection for personally identifiable information (as determined by the European Commission); and (c) disclose such information to comply with lawful requests by public authorities, including to meet national security or law enforcement requirements. If you are a user accessing the Services from a jurisdiction with laws or regulations governing personal data collection, use, and disclosure that differ from those of the United States, please be advised that all aspects of the Services are governed by the internal laws of the United States and the Commonwealth of Massachusetts, USA, regardless of your location.

Other Information:
Non-Identifiable Data
When you interact with Privy through the Services, we receive and store certain personally non-identifiable information. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify you, unless it is combined with Personal Information. Privy may store such information itself or such information may be included in databases owned and maintained by Privy affiliates, agents or service providers. We may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of visitors to each page of our Site, and the domain names of our visitors' Internet service providers. It is important to note that Privy uses no Personal Information in this process.

Cookies: In providing the Services, we may use a technology called “cookies.” A cookie is a piece of information that the computer that hosts our Site gives to your browser when you access the Site. Our cookies help provide additional functionality to the Services and help us analyze the Services usage more accurately.  You can generally inform the web services with which our Services integrate (such as social buttons, widgets, and other embedded features or content) that you do not want certain information about your webpage visits to be collected. Enabling “Do Not Track” in your web browser settings may be an easy way to accomplish this. Please consult http://donottrack.us on how to enable this privacy setting on your browser. You can also change the way your browser handles cookies. Already existing cookies can be deleted. Please consult www.allaboutcookies.org on how to manage or delete cookies in your browser. This Policy covers the use of cookies and similar files by Privy only and does not cover the use of cookies, flash cookies, and similar files by any third-party advertisers or websites that may be linked to the Site.

In addition to the above, when users use our Services, third parties (including without limitation third-party analytics service providers) may directly collect information about our users’ online activities over time and across different websites. Please note in particular that we may use Google Analytics and other similar services. Google Analytics uses cookies to help analyze how users use the Site. The information generated by the cookie about your use of the Site (including your IP address) will be transmitted to and stored by Google, Inc. (“Google”). Google may use this information for the purpose of evaluating your use of the Site, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. For information on how Google Analytics collects and processes data, please see the site “How Google uses data when you use our partners' sites or apps”, currently located at www.google.com/policies/privacy/partners/. For information on opting out of Google Analytics, we encourage you to visit Google’s website, including its list of currently available opt-out options. 

For the avoidance of doubt, the Site may use third-party service platforms (including to help analyze how users use the Site).  These third-party service platforms may place cookies on your computer or mobile device.  If you would like to disable "third party" cookies, you may be able to turn them off by going to the third party's website.

Here are links to the main third-party platform we use:

https://www.google.com/policies/privacy/ 

https://www.hubspot.com/

Aggregated Personal InformationIn an ongoing effort to better understand and serve the users of the Services, Privy often conducts research on its customer demographics, interests and behavior based on the Personal Information and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and Privy may share this aggregate data with its affiliates, agents and business partners. This aggregate information does not identify you personally. Privy may also disclose aggregated user statistics in order to describe our Services to current and prospective business partners, and to other third parties for other lawful purposes.

Public Areas:  The Services may feature community areas and other public forums, including but not limited to a blog (the “Public Areas”). These Public Areas are open to the public and should not be considered private. We cannot prevent such information from being used in a manner that may violate this Policy, the law, or your personal privacy. We are not responsible for the results of such postings or for the accuracy of any information contained in those postings.

Any information you share in a Public Area (including Personal Information) is by design open to the public and is not private. You should think carefully before posting any information in any Public Area. What you post can be seen, disclosed to or collected by others and may be used by others in ways we cannot regulate or predict. As with any public forum on any website, the information you post may also show up in third-party search engines like Google, Yahoo, MSN, and Bing. If you mistakenly post personal information in a Public Area you can send us an e-mail to request that we remove it by contacting us at privacy@privy.com. You should understand that in some cases, we may not be able to remove your information.

2. Use of Information:
Privy uses the Personal Information you provide in a manner that is consistent with this Policy and to the extent that the law allows. Pursuant to the GDPR, legal bases for our processing your Personal Information may include (without limitation):

(a) where you have given consent to the processing, which consent may be withdrawn at any time without affecting the lawfulness of processing based on consent prior to withdrawal;

(b) where it is necessary to perform the contract we have entered into or are about to enter into with you (whether in relation to the provision of the Services or otherwise); and/or

(c) where it is necessary for the purposes of our legitimate interests (or those of a third party) in providing the Services and your interests or fundamental rights and freedoms do not override those legitimate interests.

If you provide Personal Information for a certain reason, we may use the Personal Information in connection with the reason for which it was provided. For instance, if you contact us by e-mail, we will use the Personal Information you provide to answer your question or resolve your problem. In addition to the foregoing purposes, we and our affiliates may use your information to: (a) improve the content and functionality of the Services and provide the Services; (b) better understand our users; (c) improve our marketing and promotional efforts and customize the Services content, layout, and Services to better suit your needs; and (d) resolve disputes, troubleshoot problems and enforce the Terms & Conditions or any other agreement we may have with you.

In addition, Privy and its affiliates may use your information to contact you in the future to tell you about services we believe will be of interest to you. If we do so, each communication we send you will contain instructions permitting you to “opt-out” of receiving future communications. In addition, if at any time you wish not to receive any future communications or you wish to have your name deleted from our mailing lists, please contact us at privacy@privy.com.

3. Disclosure of Information
There are certain circumstances in which we may share your Personal Information or other information with third parties without further notice to you, as set forth below:

Business Transfers: As we develop our business, we might sell or buy businesses or assets or receive funding. In the event of a corporate sale, merger, reorganization, dissolution, strategic investment by a third party in Privy, or similar event, Personal Information may be shared in connection with any of the foregoing and/or as part of the transferred assets.

Related Companies: We may also share your Personal Information with our affiliates for purposes consistent with this Policy.

Agents, Consultants and Related Third Parties: Privy, like many businesses, sometimes hires other companies or individuals to perform certain business-related functions. When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function.

Legal Requirements: Privy may disclose your Personal Information if required to do so by law or in the good faith belief that such action is necessary to (a) comply with a legal obligation, including lawful requests by public authorities, including to meet national security or law enforcement requirements, (b) protect and defend the rights or property of Privy, (c) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (d) identify, contact or bring legal action against someone who may be violating the Terms & Conditions or other agreement with us, to detect fraud, or for assistance with a delinquent account.

4. Security
Privy takes reasonable steps to protect the Personal Information provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from the Site may not be secure. Therefore, you should take special care in deciding what information you send to us via e-mail. Please keep this in mind when disclosing any Personal Information to Privy via the Internet.

5. Third Party Sites
This Policy applies only to the Services. The Site and other Services may contain links to other websites not operated or controlled by Privy, including those operated by End Customers (the “Third Party Sites”). The policies and procedures described here do not apply to the Third Party Sites or services. The links from the Site or placement of Tools on certain Third Party Sites does not imply that Privy endorses or has reviewed the Third Party Sites. We suggest contacting those sites, services, entities or persons directly for information on their privacy policies.

6. Children’s Online Privacy Protection
The Services are not designed for or directed to children under the age of 13. Privy does not knowingly collect Personal Information from children under the age of 13.  In fact, as currently operated persons under the age of 18 may not use the Services.  By providing information to Privy, you represent that you are 18 years of age or older.    

7. Exclusions
This Policy does not apply to any Personal Information collected by Privy other than Personal Information collected through the Services. This Policy shall not apply to any unsolicited information you provide to Privy through the Services, to the Public Areas, or through any other means. This includes any ideas for new products or modifications to existing products, submissions made to the Public Areas, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and Privy shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution.

8. Access to Information; Contacting Privy
We generally use Personal Information as described in this Policy or the Terms & Conditions or as authorized by you or as otherwise disclosed at the time we request such information from you. You generally must "opt in" and give us permission to use your Personal Information for any other purpose. You may also change your preference and "opt out" of receiving certain marketing communications from us by following the directions provided in association with the communication or such other directions we may provide or by contacting 
privacy@privy.com.

Under certain circumstances and in compliance with the GDPR, you may have the right to:

Request access to your Personal Information (commonly known as ‘subject access request’). This enables you to receive a copy of the Personal Information we hold about you and to check that we are lawfully processing it;

Request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;

Request erasure of your Personal Information. This enables you to ask us to delete or remove your Personal Information where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove all of your Personal Information in certain circumstances;

Object to processing of your Personal Information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;

Request the restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of your Personal Information, for example, if you want us to establish its accuracy or the reason for processing it;

Request the transfer of your Personal Information to another party; and

Lodge a complaint with the relevant supervisory authority (as defined in the GDPR). If you have any complaints about the way we process your Personal Information, please do contact us. Alternatively, you may lodge a complaint with the supervisory authority which is established in your country.

If you want to review, verify, correct or request erasure of your Personal Information, object to the processing of your Personal Information, or request that we transfer a copy of your Personal Information to another party, please contact privacy@privy.com.

Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Policy prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.

You should be aware that it may not be technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your Personal Information may exist in a non-erasable form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, change, or delete, as appropriate, all Personal Information stored in databases we actively use and other readily searchable media as appropriate, as soon as and to the extent reasonably practicable.

To keep your Personal Information accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct Personal Information in our possession that you have previously submitted via the Services. Please also feel free to contact us if you have any questions about this Policy or the information practices of this Site. You may contact us as follows:

By email:

privacy@privy.com

By postal mail or courier:

Attn: Privacy Agent

Privy, LLC.

201 South St, 2nd Floor

Boston, MA 02111

 

We will retain your personal information for as long as necessary to fulfill the purposes for which we collected it. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of that information, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.