(Last Updated December 31, 2019)
1. What Information Do We Collect?
- Personally-Identifiable Information: We may collect personally identifiable information when you specifically and knowingly provide it to us, for example when you register and provide personal information such as your e-mail address, name, phone number, or other information. Where applicable, personally identifiable information includes “personal data”, “personal information” and/or “sensitive personal information” each as defined in applicable law. We ask that you not send us, and you do not disclose, any sensitive personal data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through Services or otherwise. If you do send or disclose any sensitive personal data to us, you consent to our processing and use of such sensitive personal data in accordance with this policy.
LeanTaaS does not consider personally identifiable information to include information that has been anonymized so that it does not allow a third party to identify a specific individual or household. We collect and use your personally-identifiable information to: provide the Services; operate and improve our Service; provide customer service; and perform research and analysis aimed at improving our products, Service and technology.
You may always choose not to provide personally identifiable information, but if you so choose, certain parts of the Service may not be available to you. If you have registered an account with us, you will have agreed to provide your personally identifiable information in order to access the Services. This consent provides us with the legal basis we require under applicable law to process your data. You maintain the right to withdraw such consent at any time. If you do not agree to our use of your personal data in line with this Policy, please do not use our Services.
- Non-Personally-Identifiable Information: We may collect and aggregate non-personally identifiable information which is information which does not permit you to be identified or identifiable either by itself or in combination with other information available to a third party. This information may include information such as a website that referred you to us, your IP address, browser type and language, hardware types, geographic location, log data and access times and durations. We also may collect navigational information, including information about the Service content or pages you view, the links you click, and other actions taken in connection with the Service. We use this information to analyze usage patterns as part of making improvements to the Service.
- Cookies, Pixels and Local Storage: We may collect information using “cookies”, which are small data files stored on the hard drive of your computer or mobile device by a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them) to provide you with a more personal and interactive experience when using the Services.
Cookies we use
The Services use the following types of cookies for the purposes set out below:
|Type of cookie||Purpose|
|Essential Cookies||These cookies are essential to provide you with services available through the Services and to enable you to use some of its features. These include:
■ Metadata. When an Authorized User interacts with the Services, metadata is generated that provides additional context about the way Authorized Users work. For example, LeanTaaS iQueue logs the actions you perform – including login and logout; and other actions; for various reasons.
■ Log data. As with most websites and technology services delivered over the Internet, our servers automatically collect information when you access or use our Services and record it in log files. This log data may include the Internet Protocol (IP) address, the address of the web page visited before using the Website or Services, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data.
■ Device information. LeanTaaS iQueue collects information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data. Whether we collect some or all of this Other Information often depends on the type of device used and its settings.
■ Location information. We may receive information from you and other third-parties that helps us approximate your location. We may, for example, use a business address submitted by your employer, or an IP address received from your browser or device to determine approximate location. We may also collect location information from devices in accordance with the consent process provided by your device.
These cookies allow you, for example, to log in to secure areas of the sites or applications and help the content of the pages you request load quickly. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
|Functionality Cookies||These cookies allow the Services to remember choices you make when you use a site or application, such as remembering your language preferences, remembering your login details and remembering the changes you make to other parts of your account, or preferences. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you use the Services.|
|Analytics and Performance Cookies||These cookies are used to collect information about traffic to the Services and how users use the Services. The information gathered does not identify any individual user. The information is aggregated and anonymous. It includes the number of users to, the websites that referred them, the pages visited, what time of day they visited, whether they have visited before, and other similar information. We use this information to help operate the Services more efficiently, to gather broad demographic information and to monitor the level of activity on our Services.
We use Google Analytics for this purpose. Google Analytics uses its own cookies. It is only used to improve how the Services work. You can find out more information about Google Analytics cookies here: https://developers.google.com/analytics/resources/concepts/gaConceptsCookies
You can find out more about how Google protects your data here: www.google.com/analytics/learn/privacy.html.
You can prevent the use of Google Analytics relating to your use of the Services by downloading and installing the browser plugin available via this link: http://tools.google.com/dlpage/gaoptout?hl=en-GB
You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” facility). Many browsers are set to accept cookies until you change your settings. If you do not accept our cookies, you may experience some inconvenience in your use of the Services. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you use the Services
We may also use pixel tags (which are also known as web beacons and clear GIFs) on the Services to track the actions of users on our sites and applications. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages. Pixel tags measure the success of our marketing campaigns and compile statistics about usage of the Services, so that we can manage our content more effectively. The information we collect using pixel tags is not linked to our users’ personal data.
Do Not Track Signals
Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to do not track signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
2. What Do We Do With The Information That We Collect?
Except as disclosed in this policy, LeanTaaS does not share or sell your personal information with any outside parties.
- LeanTaaS will use the personally identifiable information directly provided by you solely for the purpose for which you have provided it, which may include:
- to operate, maintain, and improve the Services;
- to manage your account, including to communicate with you regarding your account;
- to operate and administer any promotions you participate in on any site or application;
- to respond to your comments and questions and to provide customer service;
- to send information including technical notices, updates, security alerts, and support and administrative messages;
- with your consent, to send you marketing e-mails about upcoming promotions, and other news, including information about products and services offered by us and our affiliates. You may opt-out of receiving such information at any time: such marketing emails tell you how to “opt-out.” Please note, even if you opt out of receiving marketing emails, we may still send you non-marketing emails. Non-marketing emails include emails about your account with us (if you have one) and our business dealings with you;
- to process payments you make via the Services; and
We may share this information with service providers who perform services on our behalf, such as processing information requests, providing security services, displaying stored data you access, to assist us in marketing, to conduct audits, etc. Those companies will be permitted to obtain only the personal information they need to provide the service they provide, will be required to maintain the confidentiality of the information, and will be prohibited from using it for any other purpose.
We may also use information you provide to better serve you, and, if you have given your consent for us to do so, to send you email or text messages concerning offers from our partners and other third parties that we think may be of interest to you. If you do not wish to receive marketing emails, you may adjust your “Personal Information Preferences” as described below or follow the “unsubscribe” or “stop” instructions included within each communication.
We will only retain your personally identifiable information as long as reasonably required to provide you with the Services unless a longer retention period is required or permitted by law (for example, for regulatory purposes).
- Disclosure: As a general rule, LeanTaaS will not disclose any of your personally identifiable information except under one of the following circumstances: we have your permission; we determine in good faith that it is legally required to be revealed by any relevant statute, regulation, ordinance, rule, administrative or court order, decree, or subpoena; it is information that we determine must be disclosed to correct what we believe to be false or misleading information or to address activities that we believe to be manipulative, deceptive or otherwise a violation of law; where you are otherwise notified at the time we collect the data; where we need to share your information to provide the product or service you have requested; when such disclosure is made subject to confidentiality restrictions in connection with a sale, merger, transfer, exchange, or other disposition (whether of assets, stock, or otherwise) of all or a portion of the business conducted by LeanTaaS. LeanTaaS may share the non-personally identifiable information that LeanTaaS gathers, in aggregate form only, with advertisers and other partners.
3. Your Rights
Consistent with applicable law, you may exercise any of the rights described in this section. See below in this Section 3 and in the “Contact Us” section for information on personal data rights requests and how to submit a request. Please note that we may ask you to verify your identity and request before taking action on your request.
- Managing Your Information.
If you have an Account, you may access and update some of your information through your Account settings. You are responsible for keeping your personal information up-to-date.
- Rectification of Inaccurate or Incomplete Information.
You have the right to ask us to correct inaccurate or incomplete personal information about you (and which you cannot update yourself within your Account, if any).
- Data Access and Portability.
In some jurisdictions, applicable law may entitle you to request certain copies of your personal information held by us. You may also be entitled to request copies of personal information that you have provided to us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible).
- Data Retention and Erasure.
We generally retain your personal information only for as long as is necessary for the performance of the contract between you (or your employer) and us, and to comply with our legal obligations. In certain jurisdictions, you can request to have all your personal information deleted entirely. Please note that if you request the erasure of your personal information:
- We may retain some of your personal information as necessary for our legitimate business interests, such as fraud detection and prevention and enhancing safety. For example, if we suspend an Account for fraud or safety reasons, we may retain certain information from that Account to prevent that user from opening a new Account in the future.
- We may retain and use your personal information to the extent necessary to comply with our legal obligations. For example, for tax, legal reporting and auditing obligations.
- Some copies of your information (e.g., log records) may remain in our database, but are disassociated from personal identifiers.
- Because we maintain the Service to protect from accidental or malicious loss and destruction, residual copies of your personal information may not be removed from our backup systems for a limited period of time.
- Withdrawing Consent and Restriction of Processing.
If we are processing your personal information based on your consent, you may withdraw your consent at any time by contacting us specifying which consent you are withdrawing. Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal. Additionally, in some jurisdictions, applicable law may give you the right to limit the ways in which we use your personal information, in particular where (i) you contest the accuracy of your personal information; (ii) the processing is unlawful and you oppose the erasure of your personal information; (iii) we no longer need your personal information for the purposes of the processing, but you require the information for the establishment, exercise or defense of legal claims; or (iv) you have objected to the processing pursuant to the next section and pending the verification whether our legitimate grounds override your own.
- Objection to Processing.
In some jurisdictions, applicable law may entitle you to require us not to process your personal information for certain specific purposes (including profiling) where such processing is based on legitimate interest. If you object to such processing we will no longer process your personal information for these purposes unless we can demonstrate compelling legitimate grounds for such processing or such processing is required for the establishment, exercise or defense of legal claims.
Where your personal information is processed for direct marketing purposes, you may, at any time ask us to cease processing your data for these direct marketing purposes by sending an e-mail to firstname.lastname@example.org.
- Lodging Complaints.
You have the right to lodge complaints about our data processing activities by filing a complaint with us via the “Contact Us” section below or with a supervisory authority.
4. Children’s Policy
LeanTaaS does not knowingly collect personally identifiable information from users under 13. In the event that we learn that we have collected any personal information from a user under the age of 13, we will attempt to identify and delete that information from our database.
5. International Usage
The Service is owned by LeanTaaS and may be accessed in the United States and abroad. Information collected may be retained, and may be stored, processed, accessed, and used in jurisdictions whose privacy laws may be different and less protective than those of your home jurisdiction. If you are located outside of the United States, please note that the information you provide to us may be transferred to the United States in accordance with applicable law. We will take reasonable steps to ensure that your data is treated securely and in accordance with this policy.
6. California Privacy Rights
California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those third parties. See the “Contact Us” section below for where to send such requests.
7. Security and Encryption
We follow generally accepted industry standards to help protect your personal 7. information. No method of transmission over the internet, mobile technology, or method of electronic storage, is completely secure. Therefore, while we endeavor to maintain physical, electronic, and procedural safeguards to protect the confidentiality of the information that we collect online, we cannot guarantee its absolute security. Our Service has security measures in place designed to protect against the loss, misuse and alteration of the information under our control. We use standard Secure Socket Layer (SSL) encryption that encodes information for such transmissions. All Service information is maintained on secure servers. Access to stored data is protected by multi-layered security controls including firewalls, role-based access controls and passwords. You are responsible to keep your password secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by contacting us at email@example.com.
8. Changes to This Policy
9. Contact Us
For general inquires or to lodge a complaint, email us at firstname.lastname@example.org, or by mail to: LeanTaaS Security Inquiries, 471 El Camino Real, Suite 230, Santa Clara, CA 95050.
To opt-out of use of your data for direct marketing, email us at email@example.com.
To deactivate your account, go to your Account, click Settings, and then click Deactivate my account.
Deactivating an Account and an Account deletion request are two different things. When you choose to deactivate your account, you can reactivate it at a later date if you wish; when you delete your Account, no deleted information can thereafter be recovered. You can request permanent deletion of your personal data and closure of your Account at any point by submitting a deletion request to firstname.lastname@example.org. We may ask you to verify your identity before taking action on your request. Please include the subject line “Personal Data Right Request – Deletion Request”, and your country of residence.
To access your data, you can visit the Dashboard of your Account. If you would like to get a copy of some or all of the personal data we hold about you pursuant to applicable law, email us at email@example.com. Please note that we may ask you to verify your identity before taking further action on your request. Please include the subject line “Personal Data Right Request – Access Request”, provide us your country of residence, and provide as much information as you have regarding the data you would like a copy of.
To exercise a right to portability under applicable law, please email us at firstname.lastname@example.org and include the subject line “Personal Data Right Request – Portability Request” and your country of residence.
To object to our processing of some of your personal data where allowed under the laws of the jurisdiction where you reside, you may request that we not process your personal information for certain specific purposes (including profiling) where such processing is based on legitimate interest. If you object to such processing, we will no longer process your personal information for these purposes unless we can demonstrate compelling legitimate grounds for such processing, or such processing is required for the establishment, exercise, or defense of legal claims. You may exercise your rights to object to processing by sending us an email to email@example.com. Please include the subject line “Personal Data Right Request – Processing Objection” and your country of residence.
© 2020 LeanTaaS, Inc. All rights reserved.