Privacy Policy

Current as of 30 June, 2023

 

This Privacy Policy describes the policies and procedures of Userback Pty Ltd on the collection, use and disclosure of your information on www.userback.io (the Site) and the services, features, content or applications we offer (collectively with the Site, the Services).

We receive information about you from various sources, including:

• if you visit our site and register for our services
• your use of our services in general
• from third party websites and services

When you use our services, you are consenting to the collection, transfer, manipulation, storage, disclosure and other uses of your information as described in this Privacy Policy. If you wish for your personal data to be permanently removed, please contact us at [email protected].

If you are located in the European Union (“EU”), United Kingdom, Lichtenstein, Norway, Iceland or Switzerland, you may have additional rights under the EU General Data Protection Regulation (“GDPR”) with respect to your Personal Data, as outlined below.

Userback Pty Ltd will be the controller of your Personal Data that is provided, collected and/or processed pursuant to this Privacy Policy. If you have any questions about whether any of the foregoing applies to you, please contact us at [email protected].

What information do we collect from you?

We collect Personal Data about you when you provide such information directly to us, when third parties such as our business partners or service providers provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Services.

Information We Collect From You Directly

We receive Personal Data directly from you when you provide us with such Personal Data, including without limitation the following:

Account Information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. Archived projects are stored for 30 days from when they are archived, after which they are automatically deleted. In some cases we may retain your account information, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation.

User Content: Some features of the Services allow users to provide content such as images and written comments. Such content is retained in your account for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services.

Financial Information: We do not currently collect financial information, such as your payment method (valid credit card number, type, expiration date or other financial information); that information is collected and stored by our third party payment processing company, Stripe, (the “Payment Processor”), and use and storage of that information is governed by the Payment Processor’s applicable terms of service and privacy policy, available at https://stripe.com/legal.

Information We Receive From Third Party Sources: Some third parties, such as our business partners and service providers, (including, but not limited to those who provide services related to customer messaging, surveying, advertising, marketing, social media, and analytics), provide us with Personal Data about you, such as the following:

• Platform activity data
• Survey responses
• Account information for third party services
• Information from our advertising partners
• Name and email address from participation in our referral and promotional codes programs

Information We Automatically Collect When You Use Our Services: Some Personal Data is automatically collected when you use the Services, such as the following:

IP Address Information and Other Information Collected Automatically: We automatically receive and record information from your web browser when you interact with the Services, including your IP address, device ID, and cookie information. This information is used for fighting spam/malware and also to facilitate the collection of data concerning your interaction with the Services (e.g., what links you have clicked on).

Generally, the Services automatically collect usage information, such as which parts of the Site you use and the number and frequency of visitors to the Site. We may use this data in a manner that would identify you personally. This type of data enables us and third parties authorized by us to figure out how often individuals use parts of the Services so that we can analyze and improve them.

Email Communications: We may receive a confirmation when you open an email from us. We use this confirmation to improve our customer service.

Cookies: Cookies are pieces of text that may be provided to your computer through your web browser when you access a website. Your browser stores cookies in a manner associated with each website you visit. We use cookies to enable our servers to recognize your web browser and tell us how and when you visit the Site and otherwise use the Services through the Internet. As noted, we use cookies to identify that your web browser has accessed aspects of the Services and may associate that information with your Account if you have one.

Most browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new cookie in a variety of ways.

This Privacy Policy covers our use of cookies only and does not cover the use of cookies by third parties. We do not control when or how third parties place cookies on your computer. For example, third party websites to which a link points may set cookies on your computer. Cookies can either be “session cookies” or “persistent cookies”. Session cookies are temporary cookies that are stored on your device while you are visiting our Website or using our Service, whereas “persistent cookies” are stored on your device for a period of time after you leave our website or Services. We’ve provided a quick summary of some of the cookie types we and our service providers use on the Service, but for more information about cookies, visit http://www.allaboutcookies.org/.

• Essential Cookies: Essential cookies are required for providing you with features or services that you have requested. For example, certain cookies enable you to log into secure areas of our Services. Disabling these cookies will make certain features and services unavailable.
• Functional Cookies: Functional cookies are used to record your choices and settings regarding our Services, maintain your preferences over time and recognize you when you return to our Services. These cookies help us to personalize our content for you, greet you by name, and remember your preferences (for example, your choice of language or region).
• Performance/Analytical Cookies: Performance/analytical cookies allow us to understand how visitors use our Services such as by collecting information about the number of visitors to the website, what pages visitors view on our website and how long visitors are viewing pages on the website. Performance/analytical cookies also help us measure the performance of our advertising campaigns in order to help us improve our campaigns and the Service’s content for those who engage with our advertising.
• Retargeting/Advertising Cookies: Retargeting/advertising cookies collect data about your online activity and identify your interests so that we can provide advertising that we believe is relevant to you.

Analytics Data: We collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for the Services. These tools collect information sent by your browser or mobile device, including the pages you visit, your use of third party applications, and other information that assists us in analyzing and improving the Services.

Aggregate Information: We collect statistical information about how both unregistered and registered users, collectively, use the Services (“Aggregate Information”). Some of this information is derived from Personal Data. While Aggregate Information is not Personal Data, it may be tied back to you, your Account or your web browser.

How do we use your information?

We process Personal Data to operate, improve, understand and personalize our Services. For example, we use Personal Data to:

• Operate, maintain and provide our features and services on the Services;
• Respond to user inquiries;
• Provide support and assistance for the Services;
• Personalize content and communications based on your preferences;
• Maintain interoperability with third party services;
• Conduct online behavioral advertising;
• Remember information so that you will not have to re-enter it during your visit or the next time you visit the Site;
• Comply with our legal or contractual obligations;
• Provide and monitor the effectiveness of our Services;
• Protect against or deter fraudulent, illegal or harmful actions;
• Serve relevant advertisements;
• Monitor aggregate metrics such as total number of visitors, traffic, usage, and demographic patterns on our website and our Services;
• Diagnose or fix technology problems;
• Complete corporate transactions such as mergers and acquisitions; and
• Enforce our Terms of Service.

We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests”, as further described below.

Contractual Necessity: We may process some Personal Data as a matter of “contractual necessity”, meaning that we need to process the data to perform under our Terms of Service with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.

Legitimate Interest: We may process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties. Examples of these legitimate interests include:

• Operation and improvement of our business, products and services
• Marketing of our products and services
• Provision of customer support
• Protection from fraud or security threats
• Compliance with legal obligations
• Completion of corporate transactions

Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.

Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.

How do we protect your information?

Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

We use regular Malware Scanning and your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.

In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when you place an order, enter, submit, or access your information to maintain the safety of your personal information.

All transactions are processed through our gateway provider Stripe who are a PCI Service Provider Level 1, with no transaction information being stored or processed on our servers.

For more information on how we protect your information, please refer to our Security Information page.

How long do we retain your personal data?

How long we keep the information we collect about you depends on the type of information.

After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

Account information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation..

Marketing information: If you have chosen to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our products, such as when you last opened an email from us or signed in to your Userback account.

Third-party links

We do not include or offer third-party products or services on our website.

Third-party disclosure

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information, unless otherwise disclosed in this Privacy Policy. If ever there is an exception to this, we will provide you with advanced notice. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.

We may also release your information as required to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Where we disclose your personal information to third parties, including data processors, we will request that the third party handle your personal information in accordance with this Privacy Policy. The third party will only process your personal information in accordance with written instructions from us and we require that the third party either complies with the privacy shield principles set out in the GDPR or another mechanism set out by applicable EU & Swiss data protection laws for the transfer and processing of personal information. When we refer to ‘processing’ in this clause and this Privacy Policy in general, we mean any operation or set of operations which is performed on personal information, whether or not by automated means, such as collecting, recording, organizing, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available personal information. Information about Subprocessors, including their functions and locations, is available at https://userback.io/subprocessors (as may be updated by Userback from time to time in accordance with the Data Processing Addendum).

Remarketing

We are using Google, Inc. (“Google”) remarketing features to display ads on the Google Display Network (GDN). That is, Google may deliver our ads on sites across the web which are related to a former visit of you to our site. This is done by creating visitors lists based on stored cookies in your browser. In no case we will link personal information to these ads. If you would like to opt out of Google’s use of cookies you might want to visit the Ads Preferences Manager.

European Union

If you are located in the EU, the United Kingdom, Lichtenstein, Norway, or Iceland, and use or access the Services, you may have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email [email protected]. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.

Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by logging into your account.

Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by logging into your account. Please contact us as soon as possible upon noticing any such inaccuracy or incompleteness.

Erasure: You can request that we erase some or all of your Personal Data from our systems.

Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.

Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.

Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes.

Restriction of Processing: You can ask us to restrict further processing of your Personal Data.

Right to File Complaint: You have the right to lodge a complaint about Userback.io’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.

California Online Privacy Protection Act Compliance

We value your privacy and have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We, therefore, will not distribute your personal information to outside parties without your consent. As part of the California Online Privacy Protection Act, all users of our site may make any changes to their information at any time by logging into their account and going to the ‘Edit Profile’ page.

Childrens Online Privacy Protection Act Compliance

In accordance with the Childrens Online Privacy Protection Act, we do not intentionally gather personal information from visitors who are under the age of 13. If you are under the age of 13, you are not permitted to submit any personal information to us. If we learn that a child under 13 submits personal information the Services we will delete the information as soon as possible. If you believe that we might have any personal information from a child under 13, please contact us at [email protected].

CAN-SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

• Send information, respond to inquiries, and/or other requests or questions
• Process orders and to send information and updates pertaining to orders.
• Send you additional information related to your product and/or service.
• Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

To be in accordance with CAN-SPAM, we agree to the following:

• Not use false or misleading subjects or email addresses.
• Identify the message as an advertisement in some reasonable way.
• Include the physical address of our business or site headquarters.
• Monitor third-party email marketing services for compliance, if one is used.
• Honor opt-out/unsubscribe requests quickly.
• Allow users to unsubscribe by using the link at the bottom of each marketing-related email.

If at any time you would like to unsubscribe from receiving future emails, you can email us at [email protected]. Further you can follow the instructions at the bottom of each email, and we will promptly remove you from email correspondence.

Changes to our Privacy Policy

We may amend this Privacy Policy from time to time. Use of information we collect now is subject to the Privacy Policy in effect at the time such information is used. If we make any material changes in the way we collect or use information, we will notify you by posting an announcement on the Services, sending you an email and/or by some other means. Each time you use the Services or provide us with information, you accept the practices described in this Privacy Policy as applicable at that time.

How to contact us

We’re always keen to hear from you.

If you’re curious about what personal data we hold about you or you have a question or feedback for us on this notice, our websites or services, please get in touch at [email protected].