Information Gathering & Usage
Traffic Data Collected
We automatically track and collect the following categories of information when you visit our Platform: (1) IP addresses; (2) domain servers; (3) types of computers, smartphones, or tablets accessing the Platform; (4) types of web browsers used to access the Platform; and (5) analytics data related to mobile application use, including, but not limited to, length of time on the application, activities on the application, and features accessed on the application (collectively “Traffic Data”). Traffic Data is anonymous information that does not personally identify you but is helpful for marketing purposes or for improving your experience on the Platform. We also use “cookies” to customize content specific to your interests, to ensure that you do not see the same advertisement repeatedly, and to store your password so you do not have to re-enter it each time you visit the Platform.
Personal Information Collected
In order for you to access certain services and products that we offer via the Platform, we require you to provide us with certain information that personally identifies you (“Personal Information”). Personal Information may include the following categories of information: (1) Contact Data (such as your name, mailing address, and e-mail address, or other optional information you may provide via an application); (2) Financial Data (such as your account or credit card number); and (3) Demographic Data (such as your zip code, age, and income). If you communicate with us by e-mail, post messages to any of our chat groups, bulletin boards, or forums, or otherwise complete online forms, surveys, or contest entries, any information provided in such communication may be collected as Personal Information. This shall include the e-mail addresses of those who communicate with us via e-mail, aggregate information on what pages consumers access or visit, and information volunteered by the consumer (such as survey information and/or site registrations).
Potential for Location Data to be Collected
Certain applications provided via the Platform and service may provide you the choice of allowing access to your location data, particularly if you give such application access to your social media account(s) such as Facebook, Twitter, or Instagram. This means that the application provider may know the exact physical location of an end user and contact an end user to provide product offerings in a given area. If you wish to disable this functionality, you may do so in the given application.
Potential for Other Users to Contact You
To the extent that a given application supports personal messaging functionality between and among end users, you may receive personal messages from other end users. You can disable this functionality by using the unsubscribe and other disabling instructions in the given application.
Potential for Advertisement Links to Other Sites and Applications
Uses of Information Collected
Company Use of Information
We use Contact Data to send you information about our company or our products or services, or promotional material from some of our partners, or to contact you when necessary. We use your Financial Data to verify your qualifications for certain products or services and to bill you for products and services. We use your Demographic Data to customize and tailor your experience on the Platform, displaying content that we think you might be interested in and according to your preferences. We and the applications available on the Platform may use Personal Information to contact you regarding information that may interest you or to otherwise offer you coupons, services, advice, information, or other redeemable promotions. If you wish to unsubscribe from such communications, please follow the unsubscribe instructions provided via the given application or the as provided in any such communication.
Sharing of Personal Information
1) It is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Terms of Service, or as otherwise required by law.
Users choice regarding collection, use, and distribution of Personal Information
You may choose not to provide us with any Personal Information. In such an event, you can still access and use certain parts of the Platform; however you will not be able to access and use those portions of the Platform, including our core services, which require your Personal Information.
What is the GDPR?
GDPR is short for the General Data Protection Regulation that goes into effect on May 25, 2018. It was passed by the European Parliament to create a harmonized data privacy law across member states of the European Union (EU). Its purpose is to support privacy as a fundamental human right and therefore give EU residents rights over how their personal data is processed or otherwise used.
What is considered personal data?
The GDPR defines personal data as ‘… any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person’.
Additionally, the GDPR notes that online identifiers can constitute personal data. The GDPR explains, ‘… natural persons may be identified with online identifiers which are provided by:
- Protocols, such as IP (Internet Protocol) addresses
- Cookie identifiers (and similar web tracking technologies)
- Radio Frequency Identification (RFID) tags (the Internet of Things)
How does this affect me?
Individuals, companies or businesses providing services to EU residents need to comply with this law. To the extent you collect EU residents’ personal data (including the collection, processing, storage or transmittal of such data), GDPR requires you to comply with its terms by May 25, 2018. If you are an EU resident, this law will apply to your personal data in your Ratoon account.
What rights does the GDPR provide to the Users?
The rights of an EU resident under the GDPR, and how you can exercise those rights with respect to Ratoon , are:
- Right of access: You, or your customer, can ask us what personal data is being processed (used), why and where.
- Right to rectification: If you, or your customer, want to correct, revise or remove any of the data we retain on you – you may do so at any time.
- Right to be forgotten: If you, or your customer, need to cancel your Ratoon account at any time, we will permanently remove your account and all information associated with it.
- Right to restrict processing: If you, or your customer, believe your personal data is inaccurate or collected unlawfully, you may request limited use of your personal data.
- Right of portability: We provide you with the ability to move any of your account data to a third party at any time.
- Right to object: If you, or your customer, decide that you no longer wish to allow your data to be included in our analytics or for us to provide personalized (targeted) marketing content at any time, you may contact us to request removal of this data.
Ratoon will provide the necessary mechanism to comply with requests from you, and support you in fulfilling GDPR requests from your customers.
What Ratoon is doing to comply with the GDPR?
Ratoon is compliant with the GDPR as of May 2018. This will include work “behind the scenes,” such as reviewing and updating (as necessary) our agreements, policies, internal processes, features and templates to assure our compliance.
What do I need to do differently to be compliant with the GDPR?
There are two parties that have accountability for dealing with personal data, the “controller” and the “processor.” The “controller” defines the means and purpose of the use of personal data and the “processor” only acts on the behalf of what the “controller” has instructed and processes personal data for them.
Please understand that both you and Ratoon have obligations and requirements for GDPR compliance.
As a business owner that may have EU customer data?
In certain circumstances, you are acting as the controller, for example, when you decide what information from your contacts or subscribers is uploaded or transferred into your Ratoon account. This means you will have some additional obligations around such things as data subject rights. We urge you to understand this and seek legal advice where you think necessary.
Our Terms of Service require you to lawfully obtain and process all personal data appropriately. You will need to continue to do this to be compliant with the GDPR.
What if I have additional questions?
If you, or your customers, have any additional questions, please do not hesitate to contact us at firstname.lastname@example.org