Privacy Policy

GLASSBOX DIGITAL

Privacy Policy

 

Glassbox Ltd. and its wholly owned subsidiaries, including Glassbox US, Inc. and Glassbox Digital UK Ltd. (collectively “GLASSBOX,” “we,” “us,” and “our”) respect your privacy. This privacy policy (this “Privacy Policy”) explains the accepted privacy practices for our Site, https://www.glassboxdigital.com/ (the “Site”) and our proprietary customer experience solutions and services, which include, without limitation, all associated software, updates, upgrades, content and documentation, and any changes, enhancements, extensions, adaptations, components, additions, improvements and applications thereto, whether now existing or hereafter devised (collectively, the “Services”). This Privacy Policy describes the ways in which your personal information is collected and used, and the rights and options available to you with respect to such information. This Privacy Policy incorporates by reference the most current version of our Terms of Use (our “Terms of Use”). If you have questions or complaints regarding this Privacy Policy and/or our privacy practices in general, please contact us as described in this Privacy Policy.

IF YOU DO NOT WISH TO PROVIDE OR OTHERWISE MAKE AVAILABLE TO GLASSBOX, WHETHER DIRECTLY OR INDIRECTLY, THE INFORMATION DESCRIBED BELOW THAT WE COLLECT VIA THE USABILITY AND FUNCTIONALITY OF OUR SERVICES, PLEASE DO NOT VISIT OUR WEBSITE.

INFORMATION WE COLLECT

GLASSBOX collects information from end users (“End Users”) at several different points throughout our Services. This may include traffic data including an End User’s IP address, domain server, type of computer, type of web browser, geo-location, browsing and click-stream activity, session heatmaps and scrolls and more.  Our GLASSBOX Solutions (as defined below) are also designed to automatically collect information about your website visits, referring and exit pages and URLs, amount of time spent on particular pages, and the sections/features of our Services you visit/utilize. We’ve designed our Services so that the information collected from End Users is anonymous information that does not personally identify an End User but may be helpful for improving an End User’s experience in connection with our Services and/or for marketing purposes.

In general, when you visit our Site or otherwise utilize our Services you remain anonymous. That said, certain aspects of our Services, whether deployed by others or by us, may require that you register or log in before you are permitted to access certain areas, tools, features and the like.  In such cases, the information you will likely be asked to provide (and that is collected by us) may be more personal in nature. In those cases, personal information, such as an End User’s name, address, contact information and other personally-identifiable information (“Personal Information” or “Personal Data”) may be collected from you and stored in our databases, typically when you register to the Site, request support enter into a sales promotion or otherwise interact with us (for example through the “contact us” option). It should be made clear that you have no legal obligation to provide us with any Personal Data and the submission of such information is entirely subject to your sole discretion and consent. However, if you will not provide us with the required information, we may not be able to provide you with the information/services requested by you.

We may also collect statistical and other data related to your use of our Services as well as information on Services usage patterns. This information is collected and used as anonymous, aggregated, non-individually identifiable information.

ENTERPRISE CLIENTS

From time to time, GLASSBOX grants certain of its enterprise clients (“Enterprise Clients” or “Clients”) a license or other rights to GLASSBOX’s proprietary software products and solutions (the “GLASSBOX Solutions”).  Through their use of these GLASSBOX Solutions and/or through other means, enterprise clients of GLASSBOX may get access to, collect and use: (i) End User non-personally identifiable information; and (ii) End User Personal Data.

The GLASSBOX Solutions enable our enterprise clients to keep their Legal security Obligations, help in fulfillment of Contractual Necessity and also to deliver more relevant content to consumers across digital channels, including desktop and mobile channels, by gathering data about those End Users’ visits to, and use of, our enterprise clients’ digital properties. These clients have their own policies that govern how they collect, use, and share data, even when such collection and use may be carried out, directly or indirectly, by using our Services from time to time. Please consult the privacy policies of the websites you visit and apps you use to become familiar with their privacy practices.

Our Enterprise Clients who use our cloud Services to collect End User information upload such information to one of GLASSBOX’s secured cloud servers and will analyze such information via our Services.

We enter into binding agreements with each Enterprise Client that uses our Services, which agreements are intended to comply with all applicable laws and regulations for the processing of their End User data.

HOW WE/OUR CLIENTS USE INFORMATION

Our Services allows us and our Clients to use information which does not identify individual End Users for purposes of analyzing trends, administering and improving ours and our Clients Services, and to gather demographic information about our End User base as a whole. There are also times when we and our Clients will combine such information with additional non-personal or de-identified information we and our Clients obtain from other companies in order for us and our Clients to gain broader market insights. We typically analyze this information and organize it into user groups and audiences, based on factors such as age, gender, geography, interests and online actions. This is often referred to as Interest-Based Advertising. To enable the foregoing, the GLASSBOX Solutions use technology including browser cookies, device identifiers, and other similar technologies to recognize a particular browser or device over time, to predict possible relationships among different browsers and devices and to then relay this information to our servers.

We also compile and store data and information and generate reports related to our End Users’ access to and use of our Services.

To the extent required under applicable data processing laws and regulations, any Personal Data that we collect will be stored in our database and will be used in accordance with such applicable laws and regulations.

Any data processing performed by any third party with whom we have provided End User information (either Personal Data or non-Personal Data) will, if and when required by law, be governed by a binding  agreement in the form mandated by applicable by law, preserving your statutory data protection rights.

GLASSBOX retains the End User data described above which is collected through our GLASSBOX Solutions for up to twenty-four (24) months from the date of its collection (except for when required to hold such data for a longer period due to compliance and/or regulatory purposes) and solely for the uses expressly provided hereunder.

GLASSBOX may share information internally within our family of companies or with third parties for the purposes described in this policy. Without limiting the foregoing, some of the reason we might share your information are:

Information collected within the European Economic Area (“EEA”) may, for example, be transferred to countries outside of the EEA for the purposes as described in this policy. We utilize standard contract clauses approved by the European Commission, adopt other means under European Union law and obtain End User consents, where such is required, to legitimize such data transfers.

For the purpose of providing and operating the Services, we may share Personal Data with trusted third-party service providers that require access to such data. In these instances, we will require that these third parties comply with this Privacy Policy or with privacy policies at least as protective as this Privacy Policy.  We may also share your Personal Data if we and/or our enterprise clients have your permission to do so.

In addition to the foregoing, we expressly reserve the right to disclose or otherwise allow access to your Personal Data pursuant to a legal requirement or a request, such as a subpoena, search warrant or court order, or in compliance with applicable laws and regulations.  Such disclosure or access may occur with or without notice to you.

Bottom line, we do not share, distribute, sell or rent any of your Personal Data with/to third parties, including our Enterprise Clients, except in circumstances expressly described above as well as those other limited situations which are set forth in this Privacy Policy.

WHERE WE STORE END USER INFORMATION

End User Information that is collected via our Services (both Personal Data and non-Personal Data) in accordance with the terms set forth in this Privacy Policy, whether such information is collected directly by GLASSBOX or by any of our Enterprise Clients, may be maintained, processed and stored by GLASSBOX and our authorized affiliates and service providers in the United States, in the EU and in any other jurisdiction as deemed strictly necessary for the proper delivery of our Services and/or as may be required by applicable law.  While data protection laws differ from jurisdiction to jurisdiction, please know that GLASSBOX is fully committed to keeping and protecting your information in a safe and secure manner based on this Privacy Policy and industry standards.

SOCIAL MEDIA WIDGETS

Our Services incorporate Social Media features, such as the Facebook Like button. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social Media features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it.

BUSINESS TRANSFERS

Information collected from End Users of the GLASSBOX Services, including End User Personal Data, may be transferred as part of or in connection with a corporate merger, consolidation, restructuring, the sale of substantially all of our shares or stock and/or assets or other corporate change, including, during the course of any due diligence process.  By making available your data through the Services in any manner, you agree that your information may be transferred to third parties under such or similar circumstances.

In addition to the foregoing, we reserve the right, at our sole discretion, to assign this Privacy Policy and/or any rights hereunder, to any third party without providing any prior notice thereof. In the event of any such assignment, the provisions set forth in this Privacy Policy shall fully apply to any successor or assignee, mutatis mutandis.

COOKIES

We use session identifiers, web beacons, cookies, JavaScript tags, and other tracking technologies.  A cookie is a piece of data stored on an End User’s hard drive containing information about the End User.  We use these technologies to enhance the End User experience of our Services, and as a result, these technologies may be deployed by GLASSBOX in any portion of the GLASSBOX Services. Usually an Internet browser is set by default to accept cookies. If an End User rejects the cookie, he/she may still use our Services, though certain features, tools and applications may be disabled or otherwise unavailable. We may also use cookies to track and monitor usage of the Services by End Users for the marketing and quality improvement purposes. Most browsers will allow you to erase cookies from your computer/device hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. We may use JavaScript tags to trigger a sequence of events that includes viewing a first-party cookie (or setting that cookie if it does not already exist) and to help us tailor and optimize our GLASSBOX Services for both our End Users and enterprise clients.

In addition to the foregoing, GLASSBOX reserves the right to use the Google AdWords Remarketing Service (the “Google Service”) for advertising purposes. By using the Google Service, visitors of those sites, apps and other digital properties belonging to GLASSBOX’s enterprise clients may see advertisements in third parties’ websites (including, without limitation on Google’s search results page or a site in the Google Display Network). Any data collected by GLASSBOX using the Google Service will be subject to both this Privacy Policy as well as Google’s Privacy Policy.

E-MAIL COMMUNICATIONS

At any time, you have the ability to opt out of receiving marketing communications from GLASSBOX, but you may not opt out of administrative emails. You can opt out by either changing your e-mail preferences or using the link provided at the bottom of each email message or through any other means that is made available to you.

We do not send emails to anyone without a legitimate legal basis such as to address contractual necessity and legal obligation or permission (which permission may have been given to us and/or one of our enterprise clients), and we do not sell or rent email addresses to any unauthorized third party. This does not mean that we can prevent spam from happening on the Internet. If you believe that you have received an unsolicited email from us, please contact us at the e-mail below and we will investigate.

LINKS

Our Site may have links to the sites of other companies, including those of our enterprise clients. We are not responsible for their privacy practices. We encourage you to learn about the privacy policies of those companies by visiting their respective websites, apps, etc.

POLICY TOWARDS CHILDREN

GLASSBOX does not knowingly collect personal information from minors who are under the age of 16 through its Website and/or the Services. If a parent or guardian becomes aware that his or her child has provided us with Personal Data without the parent’s/guardian’s consent, then he or she should contact GLASSBOX at described below. If we become aware that a child under the age of 16 has provided us with Personal Data, we will delete such information from our files. Further, the Children’s Online Privacy Protection Act (“COPPA”) requires parental consent for collection of data from children younger than the age of 13 years old. For tips on protecting children’s privacy online, generally, please view the U.S. Federal Trade Commission (“FTC”) website at http://www.ftc.gov/privacy/privacyinitiatives/childrens.html.

SECURITY

We follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and once we receive it. However, due to the nature of Internet communications and evolving technologies, unauthorized entry or use, hardware or software failure, and other factors, the security of End User information may be compromised at any time. No method of transmission over the Internet, or method of electronic storage, is 100% secure.

Therefore, we cannot guarantee the absolute security of Personal Data and disclaim any assurance that such information will remain free from loss, misuse, or alteration by third parties who, despite our efforts, obtain unauthorized access.

CALIFORNIA PRIVACY RIGHTS

If an End User is a California resident, California Civil Code Section 1798.83(c)(2) permits such individual to request information regarding the disclosure of his/her information by GLASSBOX to third parties for such third parties’ direct marketing purposes. To make such a request, please send us an email to info@glassboxdigital.com.

LAW ENFORCEMENT & HARM

GLASSBOX may preserve or disclose an End User’s information if we believe that such preservation or disclosure is reasonably necessary to comply with the law, a regulation, or a legal request by law enforcement or the government. We may also preserve or disclose your information to protect the safety of any person or the public, to prevent or address fraud, to handle security within the Services, to handle a technical issue, to protect our rights or property, to protect the rights or property of a third party, or to prevent or stop any illegal or unethical activity.

CHANGES AND CONSENT TO PRIVACY POLICY

BY USING OUR SERVICES, WHETHER KNOWINGLY OR OTHERWISE, AND IN ANY MANNER OR CAPACITY, YOU AGREE TO THE TERMS OF THIS PRIVACY POLICY. WE RESERVE THE RIGHT TO CHANGE THE PROVISIONS OF THE PRIVACY POLICY FROM TIME TO TIME, AND THEREFORE, YOU ARE ADVISED TO CHECK BACK REGULARLY. YOUR CONTINUED USE OF THE SERVICES, WHETHER IN WHOLE OR IN PART, AFTER ANY CHANGE TO THE POLICY HAS BEEN POSTED CONSTITUTES YOUR ACCEPTANCE OF THIS PRIVACY POLICY. IF THE REVISED VERSION OF THIS PRIVACY POLICY INCLUDES SUBSTANTIAL AND MATERIAL CHANGES, WE WILL PROVIDE YOU WITH 30 DAYS PRIOR NOTICE VIA ANY OF THE COMMUNICATION MEANS AVAILABLE TO US, OR BY POSTING NOTICE OF THE CHANGE ON OUR SITE.  AFTER THIS 30-DAY NOTICE PERIOD EXPIRES, ALL AMENDMENTS TO THIS PRIVACY POLICY SHALL BE DEEMED ACCEPTED AND EFFECTIVE ON BOTH YOU AND GLASSBOX.

UPDATE/DELETE USER INFORMATION; OPTING-OUT

You can write to us at any time to obtain a copy of the available Personal Data we’ve collected about you as a result of your use of the Services.  We will also endeavor to correct any inaccuracies that you discover and bring to our attention.  If you no longer desire to use any of GLASSBOX’s Services and you no longer want GLASSBOX to hold any of your Personal Data, then please send us an email requesting the removal and deletion of your Personal Data from our systems and databases, in which case we will endeavor to promptly comply with your request unless such data was collected by one of our Enterprise Clients, as in that case the final decision will be theirs and not GLASSBOX. By way of clarification, we have no direct relationship with any of our Enterprise Clients’ individual End Users.  Therefore, any such end user of an Enterprise Client who seeks to correct, amend, delete inaccurate Personal Data, or withdraw consent for further use of his/her Personal Data, should direct all queries to the applicable Enterprise Client that he/she deals with directly.  In order to contact us regarding any of the foregoing, please send an e-mail to info@glassboxdigital.com. GLASSBOX shall also make available to its End Users other opt-out mechanisms relating to its collection and use of your Personal Data as it is required to do in accordance with applicable laws and regulations.  Finally, if your request has not been addressed in a timely manner after sending an email to the above-referenced email address, you may send an email directly to our Chief Privacy Officer and Director of Compliance at the following address: oran.biran@glassboxdigital.com.

 

Last updated: June 2019