This Policy also describes how we may share information we obtain about you, your choices regarding our use of your information, the ways in which we safeguard such information, and how you may contact us regarding our privacy practices.
Such information may include personally identifiable information that may be used to readily identify or contact you as an individual person, such as: name, address, email address, or phone number (“Personal Information”). Personal Information does not include information that has been anonymized such that it does not allow for the ready identification of specific individuals.
In addition to obtaining information from the visitors to and commercial users of the Sites, Zoomforth obtains, processes and hosts personal information through its commercial hosted or cloud platforms and software applications (collectively, “Services”) provided to its business customers who subscribe to such services pursuant to a Master Services Agreement, Subscription Agreement or other contracts with us (“Subscribers”).
When providing Services, Zoomforth is a “data processor” or “sub-processor” and only processes Personal Information on behalf of and in accordance with the instructions of its Subscribers, which are “data controllers” and/or “data processors,” depending on the context.
Many of our Services contain automated processes and workflows and other software that generally allow Subscribers to control how they process the data and content they choose to input into Services, and we do not typically control these processes or store such data or content other than as may be necessary to provide Services.
Information You Provide to Us
We may collect and store any Personal Information you enter on our Sites or provide directly to us through the Sites in some other manner, including personal information that may be contained in any video, message or other submission you upload or post to the Sites. For example, we collect information when you complete our online forms or if you register and create a profile on the Sites. This includes Personal Information, such as your name, address, e-mail address, and telephone number; your likeness; and, if you transact business with us, financial information such as your payment method. We also may request information about your interests and activities, your gender and age, and other demographic information.
Information About You From Other Sources
We also collect information when we process Subscriber’s data which may contain Personal Information of various individuals under direction of our Subscribers to provide Services to such Subscribers. In providing Services, we have no direct relationship with the individuals (“End Users”) whose Personal Information may be included in the data we process for Subscribers and typically do not control how data is processed.
End Users may transmit or make available their Personal Information to our Subscribers in a number of different contexts, such as Subscribers’ employees, customers, potential customers or in some other capacity. If you are an End User whose Personal Information was collected by a Subscriber using our Services and would like to correct your Personal Information, please contact that Subscriber directly.
We may also periodically obtain both Personal Information and non-personal information about you from other business partners, contractors and other third parties. Examples of information that we may receive include: updated delivery and address information, purchase history, and additional demographic information.
Information About Others
We may also collect and store personal information about other people that you provide to us. If you use our Sites to send others (friends, relatives, colleagues, etc.) a product as a gift, information that may interest them or messages (such as invitations) through our system, we may store your Personal Information, and the Personal Information of each such recipient.
Similarly, if you use our Sites to upload, share and/or distribute content (including videos, comments, messages or other submissions), and such content contains Personal Information about others, such information may be stored in order to allow for such uploading, sharing and/or distribution.
Information We Collect Automatically
In addition to the information you submit to us, we and our service providers and subcontractors automatically collect certain information about your use of the Sites. This information may include unique device identifiers, Internet Protocol (“IP”) addresses, browser characteristics, language preferences, operating system details, referring URLs, length of visits, and pages viewed. We may use tools such as cookies, web beacons, embedded scripts, web server logs, or other similar technologies to collect details about the services and devices you use to access the Sites.
Cookies. A cookie is a unique identifier that is placed and stored on a computer when it is used to visit a website. Cookies may be used for various purposes, including to track user preferences or web pages visited while using a website, to identify the number of unique visitors to a website, and to verify whether or not a visitor is a repeat visitor.
Web Beacons (“Tracking Pixels”). Web beacons are small graphic images, also known as “Internet tags” or “clear gifs” that may be embedded in web pages and email messages. Web beacons may be used to monitor the number of visitors to a website, to track how users navigate a website, or to count how many emails were actually opened or specific pages or links were actually viewed. Our third party advertising partners may employ clear gifs that help us better manage content on our site by informing us what content is effective. Clear gifs are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of online users. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on website pages and. We do not tie the information gathered by clear gifs to our customers’ Personal Information. To learn more about our advertising company’s use of clear gifs, please go to Google Marketing
Embedded Scripts. An embedded script is programming code designed to collect information about a user’s interactions with a website. Typically, the script is temporarily downloaded onto a computer from the host website’s server (or the server of a third party service provider), and is active only while the visitor is connected to the website, then deleted or deactivated thereafter.
Online Advertising. We may allow third-parties, including our authorized service providers, advertising companies, and ad networks, to display advertisements on our Sites. These companies may use tracking technologies, such as cookies, to collect information about users who view or interact with their advertisements. Unless expressly stated otherwise, our Sites do not provide any Personal Information to these third parties. This information allows them to deliver targeted advertisements and gauge their effectiveness. Some of these third-party advertising companies may be advertising networks that are members of the Network Advertising Initiative, which offers a single location to opt out of ad targeting from member companies Network Advertising.
The Sites may use third-party web analytics services, such as Google Analytics, to help us analyze how visitors use the Sites. These services track information about visitors including IP addresses, browser types, referring pages, pages visited, and time spent on particular pages, which we use to improve our products and tailor the user experience on our Sites. To learn more about how Google may use information collected through the Sites, go to Google Privacy Policies.
For information on how to opt out of data collection through Google Analytics, go to Google Analytics Opt-Out. Your web browser may have settings that allow you to transmit a “Do Not Track” signal when you visit various websites or use online services. Like many websites, the Sites are not designed to respond to “Do Not Track” signals received from browsers. To learn more about “Do Not Track” signals, you may wish to visit All About DNT.
Third parties may collect personally identifiable information about your online activities over time and across different websites when you visit the Sites.
How we use your information
We may use information we obtain through the Sites for a number of purposes, including:
- To improve the Sites and to personalize our visitors’ experiences on the Sites;
- To respond to emails or other requests, comments, or questions;
- To provide customer support;
- To provide you with information that we believe may be useful to you, such as information about products or services we offer;
- To comply with applicable laws, regulations, or legal process as well as industry standards and our company policies;
- To prevent fraud or other misuse, including by protecting our rights and the rights of affiliates or related third parties;
- To enforce our Terms of Service and other policies of Zoomforth;
- To maintain records of our transactions and communications;
- To monitor and analyze trends, usage, and activities of visitors to the Sites; or
- For any other purpose, with your consent.
- We may use financial information or payment method to process payment for any purchases, subscriptions or sales made on our Sites or in connection with our Services, to protect against or identify possible fraudulent transactions, and otherwise as needed to manage our business.
In addition, we may use the Personal Information we obtain about you in other ways for which we provide notice at the time of collection.
Our Services include interactive web page and site creation software platforms and design, customization, tracking, analytical and optimization applications which automate various business processes and are intended for enterprise business customers and not for individuals.
Depending on the specific Service, we process different types of data uploaded to our online platforms and hosted software applications by Subscribers. The exact data elements to be transferred and data retention are controlled and defined by each Subscriber or the owner of the domain associated with your email address if the Service is used by your organization, employer or the company which originally collected your data.
Consequently, while we process the data the End Users originally transferred to our Subscriber that can include Personal Information about such End Users, we cannot take responsibility for the information or content you transferred to the Subscriber.
Zoomforth has no direct relationship with the individuals whose Personal Information it processes as part of Subscriber’s Data. Each Subscriber is responsible for providing notice to its End Users and third persons concerning the purpose for which a Subscriber collects their Personal Information and how this Personal Information is processed in or through the Service.
How we share your information
We may share the information we collect with our agents, vendors, sub-contractors, consultants, and other third parties performing services on our behalf, for example, to help us develop, operate, maintain, improve, and protect our products and services. These third parties may only use your information to carry out the services for which they have been engaged and in accordance with this Policy.
We may also disclose your information (1) if we reasonably believe that we are required to do so to comply with applicable law, regulation, or legal process (such as in response to a court order or subpoena); (2) to fulfill requests by government agencies, such as law enforcement authorities; (3) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity; or (4) to enforce our site policies, or protect ours or others’ rights, property, or safety.
We reserve the right to transfer any data we obtain through the Sites in the event we sell or transfer all or a portion of our business or assets (including in the event of a merger, reorganization, or liquidation).
We share information with third party companies working on our behalf for the purposes described in this Policy. We may transfer information to our vendors, service providers and partners who help us provide and maintain our Services, such as providing technical infrastructure services, providing servers for our email communications and customer service. Our vendors are contractually obligated to use your Personal Information only at our direction and in accordance with this Policy. Except as otherwise stated in this Policy, we do not sell, trade, rent or otherwise share for marketing purposes your Personal Information with third parties without your consent.
Manage your cookies
If you wish to view or change settings, you can manage cookie settings here.
Zoomforth may use the following sub-processors to host Customer Data or provide other infrastructure that helps with the delivery of our Services:
Amazon Web Services (US): Cloud Service Provider
Services used for the infrastructure of our service, including advanced database management (RDS) and horizontally scalable file storage (S3). View AWS policy
Sentry.io (US): Software Error Tracking Service
Service used to maintain and improve our software by tracking errors. Client data that is stored in sentry includes user email addresses and non-sensitive input fields, when those data are a part of an error. View Sentry.io policy
Intercom: Customer Messaging System
Service used by customers to communicate service requests to Support Team. View Intercom policy
Postmark (US): Transactional Email Service
Service used to send email on our behalf. Client data that is sent through this service includes user email addresses. View Postmark policy
Keen: Customer-Facing Metrics
Service enables us to deliver better data analytics reports. This software processes clickstream data which can be anonymized. View Keen policy
Twilio: Two-factor authentication (SMS)
Service enables us to offer a 2FA solution for site security. A site visitor can request a security code to be sent to their mobile phone. View Twilio policy
Datadog: Server and Database Monitoring
Service used to streamline logging of infrastructure and core systems. It provides a way to analyze logs, trigger security alerts, and monitor critical events in a timely and predictable manner. View Datadog policy
A small number of our team are employed as contractors. We only grant access to the platform to those contractors who need this for the delivery of their duties. All contractors are subject to the same background checks and data security training as our employed staff. For a list of these individuals, please contact us at firstname.lastname@example.org.
You can choose not to provide us with certain Personal Information. To the extent you make such election, your choice may result in you being unable to use certain features of our Sites because such information may be required in order for you to register as a user; purchase services or products; ask a question; or initiate other transactions on our Sites.
If you want to review, delete, or change your Personal Information and you are a registered user, you can log in to the Sites and visit your account profile page or dashboard or similar functionality where you can you review and update your Personal Information and adjust settings or preferences related to your Personal Information.
If you are not a registered user and do not have an online account with us, you may request that we update, correct, or delete your information collected through the Sites by emailing email@example.com. To help protect your privacy and security, we may take reasonable steps to verify your identity prior to honoring any such requests.
For the information collected by our Subscriber and processed by us as part of Services, your request should be addressed to such Subscriber.
Many web browsers provide options to allow you to stop accepting new cookies, or to disable existing cookies. Go to the HELP function of your browser to learn how. You can also go to www.aboutcookies.org for information about how to disable and control cookies on most browsers. Please be aware that if you disable the cookies on your computer you may not be able to use certain features of this Site or other websites, and disabling cookies may invalidate opt outs that rely on cookies to function. Also, these options may not be effective in all cases, or may be effective with respect to one type of browser or service, but not another.
You may unsubscribe from receiving promotional emails from us by following the instructions provided in those email communications. Please note that even if you opt out of receiving promotional communications from us, we may continue to send you non-promotional emails, such as emails concerning our ongoing business relationship with you.
Data storage and processing
We currently use the Amazon AWS infrastructure to store, process, and transfer your information collected through the Sites and Services. You can read more about Amazon data privacy on the Amazon website.
We primarily store Personal Information about the visitors to and users of the Sites, End Users and our Subscribers. Typically, the primary storage location is in the customer’s region in the United States, often with a backup to a data center in another region.
By providing your Personal Information to us or to a Subscriber who uses our Services, you consent to any transfer and processing in accordance with this Policy and, if you are a resident of the EEA and had your Personal Information collected by our Subscriber, in accordance with the Privacy Shield Policy.
We are committed to protecting the security of your information. We maintain appropriate physical, electronic, and administrative safeguards designed to protect Personal Information that we obtain in accordance with this Policy from unauthorized access, disclosure or destruction. Generally, Personal Information you provide to us through the Sites is stored on our secure servers behind firewalls and sensitive information is encrypted using Transport Layer Security (TLS) (sometimes referred to as Secure Sockets Layer or SSL). Although we use reasonable efforts to secure such information, transmission via the Internet is not completely secure, and we cannot guarantee the confidentiality of information transmitted to us over the Internet.
Your account is protected by your account password and we urge you to take steps to keep your Personal Information safe by not disclosing your password and by logging out of your account after each use. We further protect your information from potential security breaches by implementing certain technological security measures including only authorized access, role- based access control models, two-factor authentication for server access, encryption, firewalls and transport layer security technology.
Although we maintain physical, administrative, and technological safeguards to preserve the integrity and security of all information collected through our Services, these measures do not guarantee that your information will not be accessed, disclosed, altered or destroyed by breach of such firewalls and secure server software. In the event of a data breach we will use commercially reasonable efforts to report to any and all relevant persons and authorities promptly following our discovery of the breach if it is apparent that Personal Information stored in an identifiable manner has been stolen or otherwise compromised.
Link to other websites
The Sites may contain hyperlinks to other websites or online locations for your convenience and information. Those linked websites may be operated by unaffiliated entities, such as our Subscribers, and may have their own privacy policies, statements or notices. This Policy does not apply to those websites, so please review the privacy policies posted on those sites to understand how they may collect and use your personal information. We are not responsible for the content or privacy practices of the websites that we do not control.
The Sites may include features that are designed to permit interactions that you initiate between the Sites and third party websites or services, including third party social networks (“Social Features”). Examples of Social Features include enabling you to “like” or “share” our content on other websites or services; or to transmit content to our Sites from your account on a third party website or service.
If you choose to use Social Features on the Sites, both Zoomforth and the third party website or services may have access to certain information about you and your use of both the Sites and the third party site or service. In addition, we may receive information about you if other users of a third party website allow us to access their profiles and you are one of their “connections,” or if information about you is otherwise accessible through those individuals’ profiles or pages on a social networking or other third party website or interactive service.
The information we collect in connection with Social Features is subject to this Policy. The information collected and stored by the third parties remains subject to those third parties’ privacy practices, including whether the third parties continue to share information with us, the types of information shared, and your choices with regard to what is visible to others on those third party websites or services.
The Sites are not intended for children, nor is it targeted to children under the age of thirteen. We do not knowingly collect personal information from children under the age of 13 through the Sites, and if we learn that we have received information from a visitor under the age of 13, we will delete such information in accordance with applicable law.
California privacy rights California law permits customers in California to request certain details about how their information is shared with third parties and, in some cases, affiliates for direct marketing purposes. Under the law, a business must either provide this information or permit California customers to opt in to, or opt out of, this type of sharing. We do not share personal information with third parties or affiliates for those third parties’ or affiliates’ own direct marketing purposes. California customers may request information about our compliance with this law by contacting us at firstname.lastname@example.org, or by postal mail at 100 Pine Street, Ste 1250, San Francisco, CA 94111. Any such inquiry must include “California Privacy Rights Request” in the first line of the description and include your name, street address, city, state, and ZIP code.
Any California residents under the age of eighteen (18) who have registered to use the Sites, and who have posted content or information on the Sites, can request that such information be removed from the site by contacting us at email@example.com, stating that they personally posted such content or information and detailing where the content or information is posted. We will make reasonable good faith efforts to remove the post from prospective public view or anonymize it so the minor cannot be individually identified. This removal process cannot ensure complete or comprehensive removal.
EEA-US data transfers
Your Personal Data may be collected, transferred to and stored by us in the United States and by our affiliates and third-parties disclosed in the section below, entitled “How we share your information”, that are based in other countries. Therefore, your Personal Data may be processed outside your jurisdiction, and in countries that are not subject to an adequacy decision by the European Commission or your local legislature and/or regulator, and that may not provide for the same level of data protection as your jurisdiction, such as the European Economic Area.
We ensure that the recipient of your Personal Data offers an adequate level of protection, by entering into the appropriate back-to-back agreements and, if required, standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 of the GDPR). Where we wish to engage a new third party sub-processor, we will ask you for your prior consent to such international data transfers. Zoomforth remains registered with the US-EU Privacy Shield, with dispute resolution being handled by BBB EU National Programs.
Swiss-U.S Privacy Shield Statement
Zoomforth complies with the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information transferred by and to its Subscribers from Switzerland to the United States, respectively. Zoomforth has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles with respect to such Personal Information. If there is any conflict between the terms in the Privacy Shield Policy and the Privacy Shield Principles with respect to Personal Information obtained from our Subscribers, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit Privacy Shield.
International site visitors
We are based in the United States and the information we collect is governed by U.S. law. If you are visiting the Sites from outside the United States, please be aware that information we collect through the Sites will be transferred to, and processed in, the United States. By using the Sites, you acknowledge and consent to the transfer and processing of your Personal Information in the United States as described in this Policy and, for those of you who are located in the EEA and had your Personal Information collected by our Subscriber, the Privacy Shield Policy. The data protection laws and regulations applicable to your Personal Information transferred to the United States may be different from the laws in your country of residence.
Legal Basis for Processing (EEA only)
If you are an individual from the EEA, our legal basis for collecting and using the Personal Information will depend on the Personal Information concerned and the specific context in which we collect and use it. As explained above, we process Personal Information in various ways depending upon your use of the Sites and the Subscribers’ use of our Services. We process Personal Information on the following legal bases: (1) with your consent; (2) as necessary to perform a contract when you request services or products; and (3) as necessary for our legitimate interests in enhancing our services and products and providing you with marketing materials and other information. We also collect Personal Information where we need to provide Services to a Subscriber under an agreement with such Subscriber, in which case we may be acting as a data processor or sub-processor.
Your Rights under the EU Privacy Law
If you are an individual in a European Union member state or in a EEA country, you have the following rights:
Right to Lodge a Complaint. You have the right to lodge a complaint about our data collection and processing actions with respect to the Personal Information you provided to us directly through the Sites with the data protection authority in the jurisdiction where you reside.
Right to Erasure. You have the right to request that Personal Information you provided to us directly through the Sites about you be deleted or erased. If deletion of your Personal Information should not be possible for technical or legal reasons, we may block the respective data instead. To request deletion or blocking of Personal Information, or revoke previously granted consent, please contact us at firstname.lastname@example.org.
Right to Revoke Consent for Processing of Personal Data. If you consented to Zoomforth’s processing of your Personal Information you have provided to us directly through the Sites, you have the right to revoke the consent you previously provided. To revoke previously granted consent, please contact us at email@example.com.
Right to Data Portability. You have the right to request that the Personal Information you have provided directly to us through the Sites, which we process by automated means, be provided to you or another controller in a structured, commonly used and machine-readable format.
Transfers. We are headquartered in the United States of America. Personal Information may be accessed by us or transferred to us in the United States. By providing us with Personal Information, you consent to this transfer. We will protect the privacy and security of personal information according to this Policy, regardless of where it is processed or stored. By providing us with Personal Information, you consent to the storage or processing of Personal Information in the United States and acknowledge that the Personal Information will be subject to the laws of the United States, including the ability of governments, courts or law enforcement or regulatory agencies of the United States to obtain disclosure of your Personal Information.
English language controls
This Policy is executed in English and may be translated into other languages. In the event of any conflict or discrepancy between the English language and a translated version, the English language version shall control to the fullest extent permitted by applicable law.
Changes to this policy
We may change this Policy from time to time. If we make changes, we will notify you by revising the date at the top of this Policy. We encourage you to review this Policy whenever you visit the Sites to stay informed about our information practices.
To contact us regarding this Policy or with questions about our privacy practices, you may email us at firstname.lastname@example.org (please include “Privacy Inquiry” in the subject line of your email), or send postal mail to:
100 Pine St, Suite 1250
San Francisco, CA 94111