As used in this policy:
“personally identifiable information” means information that can be directly associated with an individual and includes user-generated content, names, addresses, telephone numbers, email addresses, and other contact information. To the extent non-personally identifiable information is combined with personally identifiable information, we treat the combination as personally identifiable information.
“personal information” means personally identifiable information, together with information indirectly associated with an individual, such as IP addresses, pseudonymous identifiers, etc. and other information associated with that individual that is indexed to any of the foregoing.
“user-generated content” means materials or content created by a user in the Services or uploaded to the Services by a user.
- Visitors to our Website or people who correspond with us through our Website outside of our Services
- Users of our Services
We gather different personally identifiable information and personal information from each of those groups of people, and may handle that personally identifiable information and personal information differently for each group, as we explain below.
Organization Use of our Services.
Users of our Services should be aware that: (1) your organization may provide personal information about you to us, and (2) most organizations require that legal notifications affecting you (for example, regarding legal requests to access your personal information) are provided to the organization.
Any questions about the specific terms of our agreement with your organization should be directed to the administrator identified for your organization or an appropriate person in authority in that organization.
Information You Knowingly Provide to Us
If you correspond with us outside of the use of the Services through a web form, email or otherwise, we will collect and retain your correspondence like any other ordinary business correspondence, subject to the information retention policies and legal requirements applicable to us and standard in our business.
Users of the Services
In order to provide the Services, we receive and store the personally identifiable information you knowingly provide to us.
As part of the registration and account setup process, we require your name, organization-owned email address and your organization affiliation. We do not accept public email domains (e.g., gmail.com, outlook.com, etc.). If your organization uses a third-party single sign-on (“SSO”) we will also have access to the personally identifiable information we describe below under “Third Party SSO Information”. Some of this information may be provided to us by your organization, so we may not ask you for it directly, but we will still have it.
We will also receive any user-generated content that you provide to the Services.
Third Party SSO Information
If your organization chooses to use third party single sign-on (e.g., using a Google or Octa account) for access to the Services, you may have to provide us with your username (or user ID) so that your identity can be authenticated through the third party account (the “SSO Account”). When the authentication is complete, we’ll be able to link your account with the SSO Account. That linking may allow us to access and collect certain personal information, such as your name and email address, your user ID for the SSO Account, data tokens used to implement single sign-on and connect with your SSO Account profile, and other personal information that your privacy settings on the SSO Account permit us to access, in connection with creating your Services account. We encourage you and all organizations to carefully choose privacy settings in SSO Accounts to limit the exchange of information to what you (or the organization) want to share with us and want us to share. However, we don’t try to access any information in the SSO Account that we don’t have to access in order to allow you to use it to sign onto the Services. And we never receive or store passwords for any of your SSO Accounts.
Information Collected Automatically
Our Services automatically receive and record some information from your browser or device (“Log Data”), just like all web services and mobile and desktop applications connected to web services have to collect in order to function. The Log Data our Services automatically collect may include some personal information, but does not include personally identifiable information. Log Data includes information like your IP address, the type of browser and/or device you're using to access our Services, the capabilities of that browser or device, and the page or feature you requested. Log Data, together with the information that we collect through the Tracking Mechanisms, comprise “Analytics Data”. As described below under “Use and Sharing of Personal Information: Analytics Data,” we do share the collected Analytics Data (but no personally identifiable information) in a de-identified and aggregated form with third parties for analytics and tracking purposes.
If Tracking Mechanisms are used, they may be used to collect information about you and your use of our Services, such as your browser type, and the date and time of your use. Tracking Mechanisms may also be used in order to help us learn more about how users engage with the Services, enable Services features and processes (like enabling you to return to password-protected areas of the Services without having to re-enter your password), provide authentication and security for your use of the Services, or store your preferences.
Specific Service Providers
Our third-party analytics service providers include Google Analytics. For Google’s privacy practices see www.google.com/analytics/learn/privacy.html. To opt out of data recording and analysis by Google Analytics, see tools.google.com/dlpage/gaoptout.
We may place on our Website, but never within the Services, cookies or other tracking mechanisms which allow us to target advertising on third party platforms to individuals who have visited our website. These cookies or other tracking mechanisms on the Website (but again, never within the Services) may collect behavioral data directly from you. Information regarding opting out of targeted advertising can be found here: optout.aboutads.info.
Disabling Cookies or Web Beacons
It may be possible to disable cookies through your device settings. Most browsers allow disabling either third party cookies or all cookies. The method for disabling cookies may vary by device, but can usually be found in preferences or security settings. However, doing so may cause portions of the Services to not function, or to function improperly, or otherwise affect your ability to use the Services. You may also disable web beacons by disabling HTML images in your email program, which may also affect other images in emails you receive.
Do Not Track
Use and Sharing of Personal Information
This section explains how we use and share personal information. We do not and will not sell your personal information.
To Provide, Maintain, and Improve the Services
We use the information we collect to provide, maintain and improve the Services. Uses of personally identifiable information for those purposes are:
- To deliver the Services, including diagnosing and correcting any errors in the Services.
- Enabling communications among the users of the Services within the same organization.
- Only after we have removed any identifying information, we may use collected information for development, research, and/or improvement of the Services or other offerings. We may also share aggregated information based on such de-identified (or never-identifiable) information with third parties working with us for development, research, and/or improvement of the Services or other offerings. We don’t share any personally identifiable information or information other than in an aggregated format, with third parties for those purposes.
Only after we have removed any identifying information, we may use collected information for development, research, and/or improvement of the Services or other offerings. We may also share aggregated information based on such de-identified (or never-identifiable) information with third parties working with us for development, research, and/or improvement of the Services or other offerings. We don’t share any personally identifiable information or information other than in an aggregated format, with third parties for those purposes.
In order to provide the Services, we have to allow the organizations we work with to have access to your personally identifiable information. So you should know that the administrators of your organization’s Services account can access your Services account and the personally identifiable information in that account. You should also be aware that other users, including the administrators of your organization’s Services account, can access the user-generated content you have submitted to or created in the Services, and any personally-identifiable information you have shared within the Services.
If you have questions about how your organization or any of their personnel handle your personal information, you should direct your questions to the appropriate person in your organization.
To Communicate with You
We may communicate with you if you've provided us the means and permission to do so. For example if you've given us your email address:
- For correspondents who have provided their contact information to us through the Website or otherwise outside the Services, we may email you about the Services including new features or options in which you may be interested. We may also offer you the opportunity to participate in surveys or similar activities.
- For users of the Services, we may email you about updates to the Services including new features or options in which you may be interested and opportunities to learn more about the using the Services, to respond to your inquiries, or to provide operational or legal notices. We may also offer you the opportunity to participate in surveys or similar activities.
If you do not want to receive communications from us, please indicate your preference by emailing , using an opt-out link in the email or changing your preferences in your Services account. We also send users of the Services administrative and operational notices which we believe are necessary for their effective use of the Services; we do not presently allow opt-out from those notices.
We engage trusted third party service providers to work for us in connection with the operation of our Services and our business, in the following roles: hosting of our Website and Services, error and bug tracking, data storage and analysis, technical and user support, and email delivery. We may provide those service providers with, or authorize those service providers to access, your personal information, including personally identifiable information. In certain cases, third party service providers may collect information from you directly on our behalf (for example, web data analytics providers or support desk system providers).
All third party service providers we engage will use the information only to provide services to us and will keep the information confidential. Our third party service providers are not allowed to augment, extend, or combine personal information shared with them with information from third party sources. If we learn that any third party service provider has misused personal information which we have provided to them or to which we have allowed them access, we will delete that personal information (and potentially all of the personal information) held for us by that third party service provider.
Wisq uses the Analytics Data to enable us to figure out how often users use parts of the Services, so that we can improve those Services. As part of our use of such information, we may provide such Analytics Data to our partners (only in a de-identified and aggregated format) about how our users use the Services. We may link Analytics Data to personal information that we collect through the Services, but we will only use the information in this form internally (for example, to improve your experience), and will not disclose it in linked format to third parties.
Business Transfers and Delegation
In the event of our acquisition, merger, the sale of our assets, or if we go out of business, enter bankruptcy, or go through some other change of control, we can and will transfer your personal information to the successor to the business or assets.
Protection of Wisq and Others
Always subject to our obligations under “Legal Compliance” above, we reserve the right to access, read, preserve, and disclose any information that we reasonably believe is necessary to comply with law or court order; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of Wisq, our employees, our users, or others. If we are required to disclose your personal information by a government or legal request, we will notify you of that request if we are permitted to do so by the law governing that request.
Your Services account is protected by a password for your privacy and security, and you select that password, so we encourage you to select a strong password. If you use an SSO Account to access your Services account, you may have additional or different sign-on protections via that third party site or service. You should prevent unauthorized access to your Services account and the personally identifiable information in that Services Account by selecting and protecting your password and/or other sign-on mechanism appropriately, not sharing those sign-on credentials with anyone, and limiting access to your computer or device and browser by signing off after you have finished accessing your account.
We endeavor to protect the privacy of your account and other personal information we hold in our records, and we use industry standard data security measures to protect your personal information. This includes: (1) only storing your personal information under our control, (2) using two-factor authentication for our personnel to access your personal information, (3) implementing physical access controls to those areas where personal information is stored, (4) limiting access to your personal information to only those of our personnel who need to have that access to do their jobs, and (5) encrypting all of your personal information both in transit and at rest. We also regularly conduct audits of our security practices to make sure that they are up to date. Unfortunately, we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information.
In the event of an unauthorized disclosure of your personal information, we will provide notice as required by applicable law.
As noted above, you should also be aware that the administrators of your organization’s Services account can access your Services account and the personally identifiable information in that account. You should also be aware that other users, including the administrators of your organization’s account can access the user-generated content you have submitted to or created in the Services, and any personally-identifiable information you have shared within the Services.
This means that your Services account security is only as good as the security precautions of the administrators who can access your Services account, and you should check with them about those precautions and their information handling policies.
Retrieving, Changing and Deleting Information
We store Analytics Data and information collected through the Website separately from the information stored in the Services. We have no meaningful ability to provide you with information concerning Analytics Data. For personally identifiable information collected through the Website (e.g., by signing up for a mailing list), please contact us at if you would like us to delete that information, or if you would like to know which personal information of yours we have or have shared with third parties.
Through your Services account settings, you may access, and, in some cases, update or delete the personally identifiable information in your Services account. Please note that in some cases, the information in your Services account can only be changed by your organization’s administrator, and you cannot change it yourself. In that case, you will need to contact the relevant person in your organization.
Generally speaking, the organization with which a user is affiliated determines whether and when to delete a user’s personally identifiable information, and we retain and delete personally identifiable information in Services accounts as instructed by that organization. If an organization terminates its agreement with us, we will generally delete all information in the Services accounts associated with that organization within a reasonable period after termination unless we have received a legal request for the information. We may use aggregated or de-identified information derived from your personally identifiable information after you update or delete it, but not in a manner that would identify you personally.
The information you can view, update, and delete may change as the Services change. If you have any questions about viewing, updating or deleting information we have on file about you, please contact us at .
United States Operation
As a matter of our practices and policies, we adhere to the principles set out the European Union General Privacy Directive, however our Services are operated from the United States, and the privacy laws of the United States may not be as protective as those in your jurisdiction. If you are located outside of the United States and choose to use the Services or provide your information to us, you agree that your information will be transferred, processed, and stored in the United States. Your use of the Services represents your agreement to this practice. For the purposes of the GDPR, we act as a data controller for the personal data which we collect directly from individuals who interact with us outside of the Services, but we act as a data processor for the personal data which we collect and process as part of the Services. The organization to which we provide the Services is the data controller for your personal data within the Services. We have established an individual within our executive team as our data protection officer, who can be reached at .
Questions; Contacting Us
Address: 835 Main Street, Redwood City, CA 94063, USA