APPTEGY PRIVACY POLICY

Last updated on February 07, 2020

Thank you for choosing Apptegy. Protecting your privacy and securing the information we collect is very important to us, and we continuously work to do that well and to improve our privacy practices.

We also want you to understand what information we collect about you, how we collect that information, how we use it, and what your rights are with respect to what we do. This policy explains those things.

Please note that we offer multiple websites, software platforms, mobile applications, blogs, and other digital and print resources, including, but not limited to, our product Thrillshare®. We also provide services and support for those products. These policies apply to all of our products and services. We may also develop or offer new or additional products and services. These policies apply to all new and additional products and services.

We may change these policies at any time without prior notice. For example, we recently added a California Privacy Notice for California consumers who visit or use our products and services. That is available in Section 5. We also added policies for individuals in the European Union who visit or use the Services. That is available in Section 6.

If you have questions or concerns about our policies, please contact us at any of the following:

  • By email at privacy@apptegy.com;
  • By telephone at 1-888-501-0024; or
  • By mail at Apptegy Inc., c/o Data Protection Officer, 425 W. Capitol Ave., Suite 800, Little Rock, AR 72201.

PLEASE REVIEW THESE POLICIES CAREFULLY. BY USING ANY OF OUR PRODUCTS AND SERVICES, YOU ARE AGREEING TO BE BOUND BY OUR POLICIES. Please note that using our products and services is your choice. If you do not agree with our policies, you should not use products or services.

1. SUMMARY OF KEY POINTS

This section summarizes the key points of our privacy policies. Please review the full policy to find additional information and to better understand our policies and your rights related to the same.

Summary of key points:

  • What we collect about you, how we collect it, and how we use it depends on your relationship with us;
  • We collect and use personal information so we can provide and improve our products and services;
  • We do not attempt to monetize your personal information with third parties; and
  • You have rights and choices that govern how we will handle personal information about you.
2. WHAT We Collect and How We Collect It

What information we collect about you and how we collect it depends on our relationship with you. Specifically:

  • If your personal information is provided to us by your educational institution or organization (and not you directly), then an explanation of what information we collect about you and how we collect it can be found below in the section 2.A titled “Personal Information from Institutions”; or
  • If you visit or use our products and services under the account of your educational institution or organization, then an explanation of what information we collect about you and how we collect it can be found below in the section 2.A titled “Personal Information from Institutions”; or
  • If you visit or use our products and services as an individual user or through an individual account with us (i.e., not under an account of an educational institution or organization), then an explanation of what information we collect about you and how we collect it can be found below in the section 2.B titled “Personal Information from Individual Users.”

Please note that our customers are substantially educational institutions and organizations. This means that nearly all of the personal information that we collect and/or use is provided either (1) by educational institutions and organizations on behalf of the individuals associated with those accounts (i.e., not directly from the individuals), or (2) by individuals using our products and services under an educational institution and organization account (i.e., not under an individual account). In other words, we collect very little personal information directly from individual users under individual accounts.

2.A Personal Information from Institutions

As stated above, nearly all of the personal information that we collect and store is provided to us either by an educational institution or organization on behalf of the individuals associated with that institution’s or organization’s account, or by individuals visiting and using our products and services under an educational institution or organization account.

A few examples of how and when this may happen include:

  • an educational institution or organization accesses, downloads, logs in, uses, views content on, and/or otherwise interacts with one of our websites, software platforms, or mobile applications;
  • an educational institution or organization submits personal information about individuals on one of our websites, software platforms, or mobile applications by uploading and publishing content, or by sending communications;
  • an educational institution or organization interacts with us with respect to account maintenance or service (for example: billing or technical support, and product updates); or
  • an individual does any of the foregoing actions under that person’s educational institution’s or organization’s account.

In these instances, your educational institution or organization determines what personal information is provided to us, and what can be collected by us, under the institution’s or organization’s account. In other words, your educational institution or organization is the data controller for your personal information that is provided and collected in connection with its account with us.

Because of that, your educational institution or organization is the party that is primarily responsible for the personal information about you that we collect in connection with your educational institution’s or organization’s account. And your educational institution or organization is the party that is primarily responsible for protecting the privacy of that personal information about you.

In these circumstances, we are only a data processor. This means that we only carry out and process, via our products and services, the activities of and instructions from your educational institution or organization (and/or the individuals using our products and services under your educational institution’s or organization’s account).

Simply put: when we process personal information about you that is provided by your educational institution or organization (or by you or another individual under your educational institution’s or organization’s account), we are not responsible for the disclosures made by your educational institution or organization (or those individuals under the institution or organization account). It is your educational institution or organization that has the responsibility to protect your privacy.

Please note that the privacy and security policies of your educational institution or organization may differ from our policies. In those cases, our policies will not overrule or change the separate policies of your educational institution or organization, and our policies will not impact or change your educational institution’s or organization’s separate agreements with and obligations to you. Instead, the privacy and security policies of your educational institution or organization govern your personal information and your rights, and not our policies. As such, you are required to work with your educational institution or organization directly with respect to your personal information.

Even though we are not primarily responsible for your personal information in these circumstances, we still want you to understand what personal information we might collect about you under these circumstances and how we collect that information.

Educational institutions and organizations (and/or individuals using our products and services under educational institution and organization accounts) use our products and services to store, process, publish, and distribute communications, messages, videos, and other information about or relevant to the educational institution or organization. Depending on what products or services are used, and how they are used, some of that information may be viewable by the public, and some of that information may be restricted to limited recipients and/or viewers. Some of that information may include personal information about you. As explained above, the educational institutions and organizations (and/or the individuals using our products and services under educational institution and organization accounts) make those choices and are responsible for them.

Specifically, the following personal information may be collected under or in connection with educational institution and organization accounts:

Type of Information Collected

How We Collect It

Personal information uploaded by an educational institution and organization (and/or individuals using products and services under institution or organization accounts)

We collect personal information that educational institutions and organizations (and/or individuals using products and services under institution or organization accounts) include in the communications, messages, videos, and other information stored, processed, published, and/or distributed via our products and services (for example: in content that is included in communications, messages, or videos, or uploaded for storage). Some of this information may contain personal information, like personal identifiers; and some of that personal information may be about you.

Personal information related to activities under an institution or organization account

We collect information about how our products and services are used under educational institution and organization accounts. For example, we collect information about the individual pages on our websites and software platforms that are viewed, the features and functions on our software platforms and mobile applications that are used, and other information about how the users under the account interact with our products and services. We also collect information about what web browsers and IP addresses are used to access our products and services, and the geographic location of that access. We may also collect information connected with our support and technical help for our products and services. Some of this information may contain personal information, and some of that personal information may be about you.

Account information

We collect information that is provided for the creation, administration, and management of the educational institution and organization accounts. For example, we collect contact details, User IDs and profiles, addresses, phone numbers, email addresses, log-in information, passwords, billing and payment information, and other information necessary or helpful to provide our products and services to the account holder. Some of this information is voluntary. However, please note that certain information is required to use and enjoy our products and services. Some of this information may contain personal information, and some of that personal information may be about you.

Personal information from third parties

We collect certain information from third parties to measure and improve our products and services, and to improve the experience of our account holders and users. For example, we collect information about how our marketing and promotional campaigns have performed. Some of this information may contain personal information, and some of that personal information may be about you.

Please note that except as set out in these policies, we do not collect or scrape additional information from the computers, contacts, email accounts, or other personal sources of account holders and individuals accessing or using our products and services.

If you have questions or requests about your personal information or rights under your educational institution’s or organization’s account, you should address those questions and requests directly to your educational institution or organization. If you contact us regarding these questions and requests, we may forward your questions and requests to your educational institution or organization.

Please note this section does not apply to personal information collected or stored from individual users or through an individual account (i.e., not under an account of an educational institution or organization). Our policies under those circumstances are addressed in the section 2.B immediately below.

2.B Personal Information from Individual Users

We collect several types of information from and about individual users, including information by which you might be personally identified. A few examples of how and when this may happen include:

  • you access, download, log in, use, view content on, and/or otherwise interact with one of our websites, software platforms, or mobile applications;
  • you submit personal information on one of our websites, software platforms, or mobile applications by uploading and publishing content, or by sending communications;
  • you interact with us with respect to account maintenance or service (for example: billing or technical support, and product updates).

Specifically, the following personal information may be collected:

Type of Information Collected

How We Collect It

Personal information uploaded by you

We collect personal information that you include in the communications, messages, videos, and other information stored, processed, published, and/or distributed via our products and services (for example: in content that is included in communications, messages, or videos, or uploaded for storage).

Personal information related to activities under your account

We collect information about how our products and services are used under your account. For example, we collect information about the individual pages on our websites and software platforms that are viewed, the features and functions on our software platforms and mobile applications that are used, and other information about how you interact with our products and services. We also collect information about what web browsers and IP addresses are used to access our products and services, and the geographic location of that access. We may also collect information connected with our support and technical help for our products and services. Some of this information may contain personal information, and some of that personal information may be about you.

Account information

We collect information that is provided for the creation, administration, and management of your account. For example, we collect contact details, User IDs and profiles, addresses, phone numbers, email addresses, log-in information, passwords, billing and payment information, and other information necessary or helpful to provide our products and services to the account holder. Some of this information is voluntary. However, please note that certain information is required to use and enjoy our products and services. Some of this information may contain personal information, and some of that personal information may be about you.

Personal information from third parties

We collect certain information from third parties to measure and improve our products and services, and to improve the experience of our account holders and users. For example, we collect information about how our marketing and promotional campaigns have performed. Some of this information may contain personal information, and some of that personal information may be about you.

Please note that except as set out in these policies, we do not collect or scrape additional information from the computers, contacts, email accounts, or other personal sources of account holders and individuals accessing or using our products and services.

If you have questions or requests about your personal information or rights in connection with our product and services, please contact us by any of the methods set out above in the introduction to these policies or below in the section 9 titled “Contact Us”.

Please note this section does not apply to personal information collected or stored from educational institutions and organizations (and/or individuals using products and services under institution or organization accounts) (i.e., not directly from individuals under individual accounts). Our policies under those circumstances are addressed in the section 2.A immediately above.

2.C Generalized and Anonymous Information about All Users

We may collect and use generalized, anonymous information about all visitors and users of products and services. This information cannot be used to identify or isolate your personal information. If you have questions or requests about your personal information or rights in connection with our collection of generalized, anonymous information, please contact us by any of the methods set out above in the introduction to these policies or below in the section 9 titled “Contact Us”.

3. How We Use and Disclose Your Information

We use and/or disclose personal information solely for the purpose of providing and improving our products and services to and for our users. We do not attempt to monetize personal information by selling or sharing it with third parties. Specifically, we use and/or disclose personal information in the following ways:

  • To operate our products and services: We may use and/or disclose personal information when we store, process, publish, and/or distribute content that is included in communications, messages, or videos, or uploaded for storage, by our users via our products and services;
  • As you direct or consent: We may use and/or disclose personal information when you direct us, or consent to us, using or disclosing your information via our products or services, or for the creation, administration, and management of user accounts;
  • For legal purposes: We may use and/or disclose personal information (i) to comply with applicable laws, regulations, court orders, legal processes, or to respond to any government, agency, or regulatory request, (ii) to detect or otherwise manage fraud, security, or technical issues, (iii) to protect the safety, rights, or property of any person, the public, or Apptegy, or (iv) to enforce our rights arising from our contracts with educational institutions and organization, or individual users, including the Terms of Use and for billing and collection purposes;
  • With third party vendors to provide, promote, or improve our products and services: We may use and/or disclose personal information with third parties to provide, promote, and improve our products and services (for example: to help us process and publish communications, messages, videos, and other information on our products, to help us process payments, to help us conduct campaigns and events, or to help us ensure compliance with appropriate security standards);
  • To enable and transmit SMS/MMS/Mobile messages: We may use and/or disclose personal information to enable and transmit SMS/MMS and other mobile messages via our products and services (for example: we may share personal information with messaging platform providers, phone companies, and other vendors who enable the delivery of mobile messages);
  • To contact you about products and services: We may use and/or disclose personal information to contact you about products and services that may be of interest to you;
  • To contact you about events and other resources: We may use and/or disclose personal information to contact you about events and other resources that may be of interest to you (like webinars and the publication of new educational materials);
  • For account servicing and maintenance: We may use and/or disclose personal information to help us with respect to account servicing and maintenance (for example: billing or technical support, and product updates);
  • To measure and improve client engagement: We may use and/or disclose personal information to help us measure and improve our engagement with our users (for example: we use Google Analytics to help us understand how our users use our products and services – you can read more about how Google uses our information here: https://www.google.com/intl/en/policies/privacy and you can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout); and
  • For corporate business purposes: We may use and/or disclose personal information (a) to our current or future parents, affiliates, subsidiaries, and other companies under common control and ownership, or (b) to a buyer or other successor in connection with, or during negotiations for, a merger, acquisition, reorganization, or other sale or transfer of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding.

When we use and/or disclose personal information with third party vendors, those vendors must abide by our privacy and security instructions and requirements. Third party vendors are not allowed to access or use information from us, except only as needed to do their particular work with us.

When we use and/or disclose personal information for legal purposes or in connection with our corporate business purposes, we will try to limit the information we provide as much as possible, and we will condition our sharing of that information on strict confidentiality restrictions as often as possible.

Please note that we will not use or disclose information (whether personal or otherwise) about individual students that is collected through educational institution and organization accounts for the purpose of targeted advertising.

We may also use and/or disclose anonymized or generalized aggregated information with third parties for various reasons, including to promote and improve our products and services. In these circumstances, we will take appropriate measures to de-identify (and prevent any party from re-identifying) any information used or disclosed in this way.

4. ADVERTISING AND MARKETING; TRACKING; OPT-OUT

As explained above, we may use your information for limited advertising and marketing purposes, including to contact you about products and services that we believe may be of interest to you, and to promote events and other resources that you may be interested in.

Our marketing communications will include instructions for how to opt-out of all or a portion of these communications, or change your preferences. You may also contact us by email at privacy@apptegy.com to manage your marketing communication preferences at any time.

We may use cookies, beacons, and other similar tracking technologies. For example, we use cookies to help us measure and improve our engagement with our users by analyzing the usage trends and patterns for our websites, platforms, and mobile applications, and to promote products and services that we believe may be of interest to you. In some cases, you may manage the use of cookies for our products and services by adjusting your individual browser settings. You may learn more about managing cookies here: https://www.aboutcookies.org. Please note that our products and services do not currently process “do not track” features offered by some browsers and devices.

5. CALIFORNIA PRIVACY NOTICE

This California Privacy Notice applies only to individual users of our products and services who are residents of the State of California, and only where we act as a “business” with or for that individual. For example, this section applies for California residents who use our products and services as an individual user or through an individual account with us (i.e., not under an account of an educational institution or organization). For these users, this section is a supplement to the other parts of our policies.

However, this section does not apply when we provide our products and services to individual users under an account of an educational institution or organization. In these instances, as explained in more detail in section 2 above, the privacy and security policies of your educational institution or organization govern your personal information and your rights, and not our policies.

This California Privacy Notice describes how we as a business collect, use, disclose, and otherwise process personal information of individual residents of the State of California within the scope of the California Consumer Privacy Act of 2018 (“CCPA”).

The categories of personal information that we collect and the sources from which we collect that information are:

Please also see section 2 above for more information about the personal information we collect. We may in some instances collect personal information other than what is set out in the table above (for example: for legal purposes).

As also discussed in section 3 above, we may disclose personal information to the following categories of third parties for a business purpose:

Category of third party

Category of disclosures

Our third party vendors to provide, promote, or improve our products and services

We may use and/or disclose personal information with third parties to provide, promote, and improve our products and services (for example: to help us process and publish communications, messages, videos, and other information on our products, to help us process payments, to help us conduct campaigns and events, or to help us ensure compliance with appropriate security standards)

Mobile messaging platforms, phone companies, and other vendors who enable the delivery of mobile messages

We may use and/or disclose personal information with third parties to enable and transmit SMS/MMS/Mobile messages via our products and services

Third parties at your direction

We may use and/or disclose personal information with third parties at your direction or with your consent (for example: third parties you choose to interact with via our products and services)

Third party business partners

We may use and/or disclose personal information with third parties that we do business with to provide, promote, and improve other products, services, events and other resources that may be of interest to you (like webinars and the publication of new educational materials)

Third party analytics and performance providers

We may use and/or disclose personal information with third parties to measure and improve client engagement (for example: we use Google Analytics to help us understand how our users use our products and services)

Third party security and technology providers

We may use and/or disclose personal information with third parties for servicing and maintaining our products and services (for example: to help us with security measures, billing, or technical support)

Please also see section 3 above for more information about how we may disclosure personal information. We may in some instances disclose personal information with third parties for other purposes than what is set out in the table above (for example: in connection with our corporate business purposes or for legal purposes).

Please note that we do not attempt to monetize your personal information with third parties. However, under the CCPA language, some of our activities could possibly be considered “sales” of information under the CCPA even though we are not actually selling any information. For example, we may disclose “identifiers” (see above) with our third party business partners to help us provide, promote, or improve our products and services to you.

If you are a qualifying California resident under CCPA, we provide the following rights with respect to your personal information when we act as a “business” with or for you (subject to certain limitations in the CCPA):

Your rights

Additional information

Right to know

Upon verifiable request we will provide you with the following information about your personal information over the prior 12 months: (1) the specific pieces and categories of personal information we have collected about you; (2) the categories of sources from which we have collected your personal information; (3) our business purposes for collecting and selling your personal information; (4) the categories of third parties with which we have shared your personal information; (5) the categories of personal information we have disclosed about you for a business purpose; and (6) if applicable, categories of personal information we have sold about you and the categories of third parties to which the personal information was sold

Right to delete

Upon verifiable request we will delete personal information we have collected about you, subject to certain exceptions in the CCPA.

Right to opt out of sales to third parties

We do not sell your personal information to third parties. Notwithstanding that, you have the right to direct us to not sell your personal information to third parties. In addition, we have provided our users with a link to submit this request, found here: www.apptegy.com/DoNotSellMyPersonalInformation

Right to not be subject to discrimination for enforcing your CCPA rights

You will not be discriminated against by us for your exercise of CCPA rights. However, please note that in some instances, exercising certain CCPA rights may cause us to be unable to provide you with our products and services.

Please note, as explained above at the beginning of this section 5 and in section 2.A, this section does not apply to you if you use our products and services under an account of an educational institution or organization. In these instances, please contact your educational institution or organization about your personal information and your rights.

Please note that we will need to verify your identity before processing CCPA and other California requests, which may require us to request and obtain additional information from you. We will use that information only to review and address your requests. We reserve the right to decline or limit requests in certain circumstances – for example, when we are unable to verify your identity or locate information in our systems, when you have previously made two CCPA requests in the prior 12 months, or as otherwise permitted by applicable law.

You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your CCPA and other California rights. Before accepting such a request from an agent, we will require the agent to provide us with proof that you have authorized it to act on your behalf, and we may also need you to verify your identity directly with us.

Please note that we will also comply with valid requests from California residents that have an established business relationship with us under California’s “Shine the Light” law.

If you have questions or concerns, or would like to exercise any of your rights under the CCPA, please contact us at any of the following:

  • By email at privacy@apptegy.com;
  • By telephone at 1-888-501-0024; or
  • By mail at Apptegy Inc., c/o Data Protection Officer, 425 W. Capitol Ave., Suite 800, Little Rock, AR 72201.
6. EUROPEAN UNION PRIVACY NOTICE

If you are an individual resident of the European Union, you have certain rights with respect to your personal information, including under the General Data Protection Regulation (“GDPR”). This includes, among other rights, the right to be informed and request access to the personal information about you that we have collected via our products and services. You may also have the right to ask that your personal information be corrected, updated, or deleted.

Please note that we will comply with valid requests from residents of the European Union subject to relevant legal exemptions. Please also note that we will need to verify your identity before processing any such requests, which may require us to request and obtain additional information from you. We will use that information only to review and address your requests. We reserve the right to decline or limit requests in certain circumstances – for example, when we are unable to verify your identity or locate information in our systems, or as otherwise permitted by applicable law.

You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under this section. Before accepting such a request from an agent, we will require the agent to provide us with proof that you have authorized it to act on your behalf, and we may also need you to verify your identity directly with us.

If you use our products and services under an account of an educational institution or organization, please contact your educational institution or organization about your personal information and your rights. Otherwise, if you have questions or concerns, or would like to exercise any of your rights under the GDPR or any similar right, as an individual user under an individual account, please contact us, care of our Data Protection Officer, at any of the following:

  • By email at privacy@apptegy.com;
  • By telephone at 1-888-501-0024; or
  • By mail at Apptegy Inc., c/o Data Protection Officer, 425 W. Capitol Ave., Suite 800, Little Rock, AR 72201.

You may also contact the data protection authority of your jurisdiction.

7. CHILDREN’S PRIVACY AND OTHER REGULATORY NOTICES

As explained above, our customers are substantially educational institutions and organizations. By using our products and services, these educational institutions and organizations (or individuals using our products and services under an institution or organization account) may provide us with educational records and other personally identifiable information about students. Protecting and securing student information is very important to us, and we continuously work to do that well and to improve our practices. We also understand that this information is regulated by the Family Educational Rights and Privacy Act (FERPA), the Children’s Online Privacy Protection Act (COPPA), and other applicable laws that relate to the collection and use of personal information of students. We continuously work to comply with all such laws. If you have any questions or concerns about the personal information of a student, please contact your educational institution or organization directly.

We do not permit individual users or individual accounts for individuals under the age of 13. In addition, we do not knowingly collect any information about or from children under the age of 13, except when an educational institution or organization (or an individual under an institution or organization account) provides information about or from a student under the age of 13 via our goods and services. We collect, use, process, and store the information solely to provide our goods and services to or on behalf of the educational institution or organization that is our client. If you have any questions or concerns about the personal information of a student under the age of 13, please contact your educational institution or organization directly.

8. SECURITY OF INFORMATION; DATA RETENTION AND TRANSFERS

The security of personal information is very important to us, and we continuously work to protect that information well and to improve our practices. We have taken steps that we believe are reasonable to safeguard against the unauthorized access and use of personal information. However, we cannot and do not guarantee the total security of your information in all circumstances.

Please note that we are based in the United States, and your information will be transferred, processed, and stored in the United States and may be transferred, processed, and stored outside of the United States, including Mexico (for example: for support and maintenance of our products and services). Protecting your privacy and securing the information we store and transfer is very important to us, and we continuously work to do that well and to improve our data storage and transfer practices. By using our goods and services, or providing us with any information, you are consenting to the transfer, processing, usage, sharing, and storage of your information, including personal information, in the United States and in the other jurisdictions where we do business.

We may retain your information, including personal information, for as long as permitted under applicable law.

9. CONTACT US

If you have questions about our policies or any related matter, please contact us at any of the following:

  • By email at privacy@apptegy.com;
  • By telephone at 1-888-501-0024; or
  • By mail at Apptegy Inc., c/o Data Protection Officer, 425 W. Capitol Ave., Suite 800, Little Rock, AR 72201.
10. MISCELLANEOUS

We use or may use third party providers for various aspects of our goods and services (for example: video functionality and processing of payments and fees). By using our products and services, you will also be subject to the third party policies for those third party services. Those third party policies may be materially different than our policies, especially with regard to information privacy and security

There may be links or references on our products and services to other products and services that are offered by third parties. Please note that we are not responsible for the privacy and security practices and policies of any third party. If you choose to access or use any such third party product or service, you do so at your own risk.

We may change these policies from time to time in our discretion. Any changes will be effective immediately upon us posting the updated policy. New policies will be posted at this page, and we encourage you to review it regularly. If we make updates or changes, we will give notice of that by updating the posted date for this policy and, in some cases and in our sole discretion, we may provide you with additional notice (for example: by notice on our websites, platforms, and/or mobile applications, or by sending you a notification).

Last updated on February 07, 2020