Last Updated: June 11, 2020
Loopio is a software as a service platform (“Platform“) to assist companies in curating, reviewing, maintaining and accessing a library of content for responding to Requests forProposals (RFPs), Request for information (RFIs), Due Diligence Questionnaires(DDQs), and Security Questionnaires (the “Services“). A company would become our customer when they contract with Loopio to use our Services. The customer would be the data controller who control the personal information when using our Services and Loopio would be the data processor acting on behalf of the customer. To the extent the California Consumer Privacy Act (“CCPA”) applies to such information, the customer would be the “business” and Loopio would be the “service provider” acting on behalf of the customer.
COLLECTION AND USE OF PERSONAL INFORMATION
Information we Process on behalf of our Clients:
In the course of providing the Platform and Services to our customers, we may process personal information about our (current, past, present and prospective) customers’ employees or other authorized users of the Services provided by the customer asset out below:
Platform: In order to provide the Platform and Services, we collect business contact information of authorized users or other individuals, as well as personal information that may be contained in RFPs, RFIs, security questionnaires or similar documents which uploaded to and processed on our Platform by our customers. We obtain this information from you or your employer, where they area customer of ours or are otherwise a corporate user of our service.
Support Services: We may collect certain information from you (such as name, email address, your phone number and query) when we provide user support services by phone, email or within the Platform.
Use of the Services: We may monitor use of the Platform by our customers’ employees or other authorized users in order to detect, investigate or prevent any actual or potential violation of our terms and conditions. This information is automatically collected from you when you use the Platform.
We may also generate aggregated, non-identifiable data and use such information to monitor the performance, use and stability of the Platform and to improve the Services.
We require our customers to ensure that they have obtained all authority to provide personal information to us in accordance with applicable privacy laws and to not provide us with any sensitive personal information. Except as set out herein, we do not collect or use personal information from our customers for any purpose other than to provide Services on behalf of our customers.
Information we Collect from you through our Website and other interactions:
Inquiries: If you contact us with an inquiry, you maybe asked for information that identifies you, such as your name, address and a telephone number, along with additional information we need to help us promptly answer your inquiry. We may retain this information to assist you in the future and to improve our customer service and service offerings.
Communications/Publications: We may offer you the ability to sign-up to receive Loopio marketing and promotional communications or download a report, publication or other resources, in which case we collect certain information (such as first and last name, company name, email address or phone number). We use this information to send you the communications you have requested to receive. You can opt-out of receiving promotional email from us by following the opt-out or”unsubscribe” instructions provided in your email or other message, or by contacting firstname.lastname@example.org. Please note that you will continue to receive transactional and account-related electronic messages from us.
Job Applications: If you apply for a job at Loopio, you may provide us with certain personal information about yourself, such as information contained in a resume/CV, cover letter, or similar employment-related materials. We may also collect personal information from third-party social networking websites including but not limited to, your LinkedIn profile, blog, website or similar portfolio. We may use this information when considering and responding to your application and assessing your suitability for current and future career opportunities.
Feedback & Reviews: We may collect and use customer feedback and/or reviews about our Services to better understand our customers and enhance our product and service offerings. With your consent, we may publish your feedback and/or reviews on our Website or other promotional materials.
Surveys and Customer Research: From time to time, we may offer individuals an opportunity to participate in one of our surveys or other customer research. The information obtained is used in an aggregated, non-personally identifiable form. We use this information to help us understand our customers and to enhance our product and service offerings.
DISCLOSURE OF PERSONAL INFORMATION
As a matter of practice, Loopio does not disclose, trade, rent, sell or otherwise transfer our customers’ personal information, except as set out in this policy. For clarity, in CCPA terms, we do not “sell” the personal information we handle on behalf of our customers.
We may transfer or disclose personal information as follows:
Service Providers: In connection with our Website, Platform or Services, we may transfer(or otherwise make available) personal information to third parties (including cloud-based service providers) who provide services on our behalf. For example, we may use service providers to host our website, store data and provide back-up services, provide customer support software as a service, process customer payments, provide data analytics services, conduct surveys or obtain customer feedback.
Our list of trusted Service Providers (also known as sub-processors) is available upon written request, please contact us at email@example.com.
Sale of Business: Loopio may transfer personal information as an asset in connection with a prospective or completed merger or sale (including transfers made as part of insolvency or bankruptcy proceeding) involving all or part of Loopio or as part of a corporate reorganization or other change in corporate control.
Legal: Loopio and our Canadian, US (as defined below) and other service providers and affiliates may disclose your personal information in response to a search warrant or other legally valid inquiry or order (which may include lawful access by Canadian, US (as defined below), EEA (as defined below), United Kingdom or other foreign governmental authorities, courts or law enforcement agencies), to other organizations in the case of investigating a breach of an agreement or contravention of law or detecting, suppressing or preventing fraud, or as otherwise required or permitted by applicable Canadian, US or other law. Where a disclosure of our customers’ information is required by applicable law, we promptly notify our customer prior to complying with such requirements (to the extent we are not prohibited from doing so) and fully co-operate with our customer’s instructions with respect to our response.
Personal information may be maintained and processed by Loopio or its third-party service providers at a destination outside the European Economic Area (“EEA“)or outside the jurisdiction in which you reside, including the United States of America (“US”) and Canada.
We may transfer your personal information outside the EEA:
· to store it.
· to enable us to provide our Services, or to fulfil our contract with you or your employer. This includes the provision of the Platform, and of support services.
· Where we are legally required to do so.
· In order to facilitate the operation of our group of businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights.
INFORMATION ABOUT OUR WEBSITE
Visiting our Website: We collect the IP (Internet protocol) addresses of all visitors to our Website and other related information such as page requests, browser type, operating system and average time spent on our Website. We use this information to help us understand our Website activity, and to monitor and improve our Website.
Cookies: Our Website uses technology called “cookies” (and/or other similar technologies such as device-IDs, in-App codes, pixel tags and web beacons). A cookie is a tiny element of data that our Website sends to a user’s browser, which may then be stored on the user’s hard drive so that we can recognize the user’s computer or device when they return. Cookies may provide us and our service providers with information that we will use to personalize our Website in accordance with a user’s preferences. You may set your browser to notify you when you receive a cookie or to not accept certain cookies. However, if you decide not to accept cookies from our Website, you may not be able to take advantage of all of the Website features. We may also use a third party to help us gather and analyze information about the areas that users visit on the Website to evaluate and improve the customer experience and the convenience of the Website.
You can also obtain additional information on Google Analytics’ data privacy and security at the following links: https://policies.google.com/technologies/partner-sites and https://support.google.com/analytics/topic/2919631.
To learn more about interest-based advertising practice and to understand your options, including how you can opt-out of having your information used for online behavioural advertising purposes by participating companies, please visit the Digital Advertising Alliance of Canada (DAAC) at http://youradchoices.ca/choices.
Please note that if you opt-out, you may still receive online advertising from us, but it will not be tailored to your interests based on online behavioural information about you. To successfully opt-out, you must have cookies enabled in your web browser (see your browser’s instructions for information on cookies and how to enable them). Your opt-out only applies to the web browser you use so you must opt-out of each web browser on each device you use. Once you opt-out, if you delete your browser’s saved cookies, you will need to opt-out again.
Social Media: When you engage with Loopio’s content on or through third-party social networking websites, plug-ins and applications, we may have access to certain information associated with your social media account (e.g., name, username, email address, profile picture, gender). We may use this information to personalize your experience on the Website and on the third-party social networking websites, plug-ins and applications, and to provide you with other information you may request.
SECURITY OF PERSONAL INFORMATION
We understand that data security is a critical issue for our customers, and we are committed to safeguarding the personal information in our custody and under our control. We have implemented reasonable administrative, technical and physical safeguards in an effort to protect against unauthorized access, use, modification and disclosure of personal information in our custody and control. Our service providers are given the information they need to perform their designated functions, and we do not authorize them to use or disclose personal information for their own marketing or other purposes.
RETENTION OF PERSONAL INFORMATION
We may also retain aggregate information beyond this time for research purposes and to help us develop and improve our services. You cannot be identified from aggregate information retained or used for these purposes.
ACCESS TO PERSONAL INFORMATION
If we receive a request from an individual to access, update or delete personal information we have collected on behalf of a particular customer in the course of providing the Services, we will direct that individual to the relevant customer. We will assist our customers wherever possible in responding to individual access requests.
If you submit personal information via our Website or otherwise provide us with your personal information, you have the right under certain circumstances to request access, deletion or correction of your personal information, as well as to object to further processing, or request your data be moved to a third party (subject to limited exceptions prescribed by law) by submitting a written request to our Privacy Officer at firstname.lastname@example.org. We may request certain personal information for the purposes of verifying your identity.
Where the processing of your personal information by us is based on consent, you have the right to withdraw that consent without detriment at anytime by contacting us. You can also change your marketing preferences at any time as described in the Communications/Publications section.
If your request or concern is not satisfactorily resolved by us, you may approach your local data protection authority, (for example, see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html), who can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.
This policy was last updated on June 11, 2020.