Smyte, Inc. Privacy Policy

Last updated May 24, 2018

This Privacy Policy (“Policy”) describes how Smyte, Inc. (the “Company,” “Smyte,” “we,” “our,” or “us”) treats information about an end user (“you,” “your,” or “User”) in connection with your use of the Smyte website located at https://www.smyte.com (the “Site”) and/or a customer’s use of the SaaS service and API located at https://api.smyte.com/ (the “Service”). Please note that your use of the Site or the Service constitutes your acceptance of this Policy as set forth below. When we make any changes to our practices under this Policy, we will change the Effective Date. We will treat your continued use of the Site and/or the Service following such change as your acceptance of the changes.

This Policy is incorporated by reference into the Company’s Website Terms of Service, available at https://www.smyte.com/terms.

As used in this Policy, “Personal Information” means information such as a name, username, e-mail address, or phone number that we can directly associate with a specific person or entity without additional information.

Collected Information. The information collected during your use of the Site and/or transferred to Smyte by means of the Service includes the following:

Submitted Information. As part of using the Site or as an applicant for employment with Smyte, you may submit certain information to us. For example, when you fill out contact forms, register for a demo on the Site, or participate in our employment recruiting process we will collect information from you, including Personal Information such as your first and last name and email address. To the extent you decline to share certain information with us, we may not be able to provide some or all of the features and functionalities found on the Site.

Automatically Collected Information. When you use the Site, we gather certain non-personally identifiable information from you. This includes usage information, such as information on when, how often and for how long you use the Site, as well as server log data such as a computer’s IP address, browser type or the webpage you were visiting before you came to the Site.

Tracking and Cookies. The Site and our direct marketing communications may use both web beacons and cookies, or similar technologies, to collect information. Beacons (also often referred to as “pixels”) are tiny graphics on a web page designed to track when a page is viewed. Cookies are small text files containing a string of alphanumeric characters that are downloaded by your web browser or mobile device when you visit a website. We may use both session cookies and persistent cookies when you access and use the Site or open a link from our direct marketing communications. Cookies may be used, for example, to remember your user account information and your preferences, to customize the interface of the Site for you and to assist us in measuring and analyzing Site traffic. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Site. Persistent cookies can be removed. Please review your browser’s documentation to learn the best way to modify your cookie settings. Like many websites, the Site does not currently respond to “do not track” browser headers. However, you can take steps to limit tracking by erasing cookies from your computer’s hard drive and by setting your browser to block all cookies or warn you before a cookie is stored.

Analytics. We use certain third-party services to assist us in analysis, auditing, research, and reporting regarding the Site. These third parties may use web logs or web beacons, and they may set and access cookies on your computer or other device.

Service Data. When using the Service, customers transfer various types of information, including Personal Information, to our servers (“Service Data”), including by means of an API and as a result of the account creation and management processes. Service Data may include Personal Information of our customers’ end users and of the individual representatives of our customers who use the Service. We have designed the Service to require transfer of only the minimum amount of data to Smyte servers necessary to provide the Service to our customers.

Use of Information. We use the information we collect as follows:

Providing and Maintaining the Site and Service. We may use collected information for the purposes for which you provided the information including, for example, registering for a demo or responding to a question that you email to us. We also use the collected information - and information derived from that collected information - as necessary to provide the features and functionality of the Site to you, to develop risk assessments and identify abuse from your customers’ accounts to benefit you and each of our customers,  and as reasonably necessary for our business operations.

Updates and Troubleshooting. We may also use the collected information to contact you regarding updates or modifications to the Site or to help troubleshoot problems you experience with the Service, or alert you to changes in our policies or agreements that may affect your use of the Site and/or Service.

Analytics and Improvements. We may analyze collected information relating to your use of the Site or Service in order to help us identify your country of origin, improve the Site and Service and to develop and improve other products and services.

Promotional Offers. We may use the collected information to provide you with promotional materials and offers. To unsubscribe from promotional emails click the “unsubscribe” link in the email. We will not provide your personally identifiable information to third parties for their own marketing purposes without your consent.

Service Data. Notwithstanding anything else in this section, we use Service Data exclusively for the purpose of providing the Service to customers.

Disclosure of Information. We share and disclose the information we collect about you as follows:

Third-Party Service Providers. We use contractors and third-party service providers to assist us in making the Site and Service available. Such third-party contractors or service providers act as processors or sub-processors, as those terms are defined by the European Union General Data Protection Regulation, and may obtain access to the information you provide, including Personal Information, such as the Personal Data of Europeans.

Aggregated Data. We may report aggregated, anonymous data relating to activity on the Site to third parties or the general public. For example, this may include the provision or publication of reports regarding the geographical distribution of our customer base or which of our products are the most popular.

Transfer as Corporate Asset. In the event of a merger, sale of capital stock or assets, reorganization, consolidation or similar transaction involving Company, the information we possess, including personally identifiable information, may be transferred as a corporate asset to the acquiring entity.

Legal Requirement. We will use and disclose information where we, in good faith, believe that the law or legal process (such as a court order, search warrant or subpoena) requires us to do so or in other circumstances where we believe it is necessary to protect the rights or property of Company, or the health and safety of our users and/or third parties.

Affiliates. We may disclose this information to our affiliates for use as described in this Policy, however as of the ‘Last Updated’ date above, Smyte does not maintain any affiliated entities.

Service Data. Notwithstanding anything else in this section, we do not disclose any Service Data to third parties except to the limited extent necessary to provide the Service, in which case Smyte remains responsible for use of the Service Data by the third parties.

Security. The Personal Information we collect is stored on distributed servers as part of either our public cloud architecture or other cloud-based storage services. We maintain industry standard safeguards to protect the security of these servers and your personally identifiable information. A partial list of of our current security practices is available at:  https://smyte.com/security. We will continue to update our security practices and those we publicly disclose as new technologies are developed that may advance our data security.  However, no security measures are 100% effective, and we cannot guarantee the security of Personal Information. We expressly disclaim any representation or warranty, whether express or implied, with respect to ensuring, guaranteeing or otherwise offering any definitive promise of security in connection with information transferred to us.

Transfer to the U.S. or Other Countries. We use facilities in the United States. Your information will be stored and processed in the United States. By using the Site and/or the Service, you consent to the transfer of information outside of your country, even if your country has more rigorous data protection standards. For any information that may be transferred from the European Economic Area, please see below regarding our participation in the EU-US and Swiss-US Privacy Shield Frameworks.

 

EU-US and Swiss-US Privacy Shields.

As described in our Privacy Shield certification (available at https://www.privacyshield.gov/list, search for “Smyte”), Smyte complies with the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the US Department of Commerce regarding the collection, use, and retention of Personal Information from individuals from European Union member countries and Switzerland, respectively. Smyte remains responsible for any of your personal information that it shares under the Onward Transfer Principle with third parties for external processing on our behalf (as described above in the “Disclosure of Information” section of this Privacy Policy). In certain situations, Smyte may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Smyte is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. Please contact us with any questions or concerns regarding our privacy practices in relation to our Privacy Shield certification. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. Under certain conditions more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

 

EU General Data Protection Regulation

Smyte complies with the European Union's General Data Protection Regulation. Smyte may lawfully transfer, as a controller, or receive lawful transfers of, as a processor, the Personal Information of Europeans, (defined as "Personal Data" within the GDPR). Any transfers of Personal Data to Smyte are undertaken with the affirmative consent of you or that of other end users engaging directly with Smyte, of the individuals who utilize the services of Smyte customers as obtained by those customers, or from our customers who have a legitimate basis for transferring your Personal Data to Smyte. Typically, those transfers of your Personal Data from our customers are necessary as a condition of you utilizing those services provided by our customers. Smyte's customers transfer all types and categories of Personal Data of their end users to Smyte. You may withdraw your consent at any time by contacting our Data Protection Officer at gdpr@smyte.com.

Processing of Personal Data is undertaken to provide the various Services to our customers. Smyte employs automated data processing as directed by our customers to provide Services such as, but not limited to, fraud protection, content moderation, and data and account security. Europeans wishing to exercise their rights pursuant to the GDPR may contact Smyte at gdpr@smyte.com. If Personal Data pertaining to you has been submitted to us by a Smyte customer and you wish to exercise any rights you may have to access, correct, amend, or delete such data, please inquire with our customer directly. Because Smyte personnel have limited ability to access Personal Data our customers submit to our Services, if you wish to make your request directly to Smyte, please provide the name of the Smyte customer who submitted your data to our Services.  We will refer your request to that Customer, and will support them as needed in responding to your request within a reasonable timeframe. Europeans wishing to inquire about Smyte’s efforts concerning GDPR may contact Smyte's GDPR Article 27 representative, Achieved Compliance Advocacy, Ltd., at: smyte@GDPRrepresentative.eu. Europeans wishing to lodge a complaint may contact Smyte’s EU Supervisory Authority, the Data Protection Authority of Ireland at: info@dataprotection.ie.

Third Parties. The Site may contain offers from third parties or links to third-party websites. This Policy does not apply to information that you may provide to or that may be collected by third parties in such cases. We encourage you to request such third parties to provide you with their applicable privacy policies and other terms and conditions before engaging with or making a purchase from such third parties.

Data Collection From Children. We do not knowingly collect information from children younger than  the lawful age of consent as determined by the laws of their country, and neither the Site nor the Service is directed at children under 18. If you are a parent and believe your child has provided personally identifiable information to us through the Site without your consent, please contact us at support@smyte.com, and we will work to delete that Service account and any such personally identifiable information.

Viewing, Amending and Deleting Information on our Site. If you are a User of the Site you may view, amend, obtain an electronic copy of, or delete information we have collected from you by emailing support@smyte.com.

Viewing, Amending and Deleting Information stored with our Customers. If you are an end user of one of our customers, you may directly contact the customer to request to view, amend or obtain an electronic copy of, or delete information that the customer has transferred to us for processing on their behalf..

Contacting Us. If you have any questions about this Policy, please contact us at support@smyte.com.