IF YOU DO NOT WISH TO PROVIDE OR OTHERWISE MAKE AVAILABLE TO GLASSBOX, WHETHER DIRECTLY OR INDIRECTLY, THE INFORMATION DESCRIBED BELOW THAT WE COLLECT VIA THE USABILITY AND FUNCTIONALITY OF OUR SERVICES, PLEASE DO NOT VISIT OUR WEBSITE.
INFORMATION WE COLLECT
GLASSBOX collects information from end users (“End Users”) at several different points throughout our Services. This may include traffic data including an End User’s IP address, domain server, type of computer, type of web browser, geo-location, browsing and click-stream activity, session heatmaps and scrolls and more. Our GLASSBOX Solutions (as defined below) are also designed to automatically collect information about your website visits, referring and exit pages and URLs, amount of time spent on particular pages, and the sections/features of our Services you visit/utilize. We’ve designed our Services so that the information collected from End Users is anonymous information that does not personally identify an End User but may be helpful for improving an End User’s experience in connection with our Services and/or for marketing purposes.
In general, when you visit our Site or otherwise utilize our Services you remain anonymous. That said, certain aspects of our Services, whether deployed by others or by us, may require that you register or log in before you are permitted to access certain areas, tools, features and the like. In such cases, the information you will likely be asked to provide (and that is collected by us) may be more personal in nature. In those cases, personal information, such as an End User’s name, address, contact information and other personally-identifiable information (“Personal Information” or “Personal Data”) may be collected from you and stored in our databases, typically when you register to the Site, request support enter into a sales promotion or otherwise interact with us (for example through the “contact us” option). It should be made clear that you have no legal obligation to provide us with any Personal Data and the submission of such information is entirely subject to your sole discretion and consent. However, if you will not provide us with the required information, we may not be able to provide you with the information/services requested by you.
We may also collect statistical and other data related to your use of our Services as well as information on Services usage patterns. This information is collected and used as anonymous, aggregated, non-individually identifiable information.
From time to time, GLASSBOX grants certain of its enterprise clients (“Enterprise Clients” or “Clients”) a license or other rights to GLASSBOX’s proprietary software products and solutions (the “GLASSBOX Solutions”). Through their use of these GLASSBOX Solutions and/or through other means, enterprise clients of GLASSBOX may get access to, collect and use: (i) End User non-personally identifiable information; and (ii) End User Personal Data.
The GLASSBOX Solutions enable our enterprise clients to keep their Legal security Obligations, help in fulfillment of Contractual Necessity and also to deliver more relevant content to consumers across digital channels, including desktop and mobile channels, by gathering data about those End Users’ visits to, and use of, our enterprise clients’ digital properties. These clients have their own policies that govern how they collect, use, and share data, even when such collection and use may be carried out, directly or indirectly, by using our Services from time to time. Please consult the privacy policies of the websites you visit and apps you use to become familiar with their privacy practices.
Our Enterprise Clients who use our cloud Services to collect End User information upload such information to one of GLASSBOX’s secured cloud servers and will analyze such information via our Services.
We enter into binding agreements with each Enterprise Client that uses our Services, which agreements are intended to comply with all applicable laws and regulations for the processing of their End User data.
HOW WE/OUR CLIENTS USE INFORMATION
Our Services allows us and our Clients to use information which does not identify individual End Users for purposes of analyzing trends, administering and improving ours and our Clients Services, and to gather demographic information about our End User base as a whole. There are also times when we and our Clients will combine such information with additional non-personal or de-identified information we and our Clients obtain from other companies in order for us and our Clients to gain broader market insights. We typically analyze this information and organize it into user groups and audiences, based on factors such as age, gender, geography, interests and online actions. This is often referred to as Interest-Based Advertising. To enable the foregoing, the GLASSBOX Solutions use technology including browser cookies, device identifiers, and other similar technologies to recognize a particular browser or device over time, to predict possible relationships among different browsers and devices and to then relay this information to our servers.
We also compile and store data and information and generate reports related to our End Users’ access to and use of our Services.
To the extent required under applicable data processing laws and regulations, any Personal Data that we collect will be stored in our database and will be used in accordance with such applicable laws and regulations.
Any data processing performed by any third party with whom we have provided End User information (either Personal Data or non-Personal Data) will, if and when required by law, be governed by a binding agreement in the form mandated by applicable by law, preserving your statutory data protection rights.
GLASSBOX retains the End User data described above which is collected through our GLASSBOX Solutions for up to twenty-four (24) months from the date of its collection (except for when required to hold such data for a longer period due to compliance and/or regulatory purposes) and solely for the uses expressly provided hereunder.
GLASSBOX may share information internally within our family of companies or with third parties for the purposes described in this policy. Without limiting the foregoing, some of the reason we might share your information are:
- To enable you to use our Services, to register and establish an account, and to receive ongoing customer service and technical support;
- To support and enhance our data security measures, including for the purposes of preventing fraud or abusive behavior;
- To protect and support the legitimate interests of GLASSBOX and any of its affiliates;
- To protect the safety and well-being and interests of End Users of our Services and any members of the general public; and
- To comply with any applicable laws and regulations.
Information collected within the European Economic Area (“EEA”) may, for example, be transferred to countries outside of the EEA for the purposes as described in this policy. We utilize standard contract clauses approved by the European Commission, adopt other means under European Union law and obtain End User consents, where such is required, to legitimize such data transfers.
In addition to the foregoing, we expressly reserve the right to disclose or otherwise allow access to your Personal Data pursuant to a legal requirement or a request, such as a subpoena, search warrant or court order, or in compliance with applicable laws and regulations. Such disclosure or access may occur with or without notice to you.
WHERE WE STORE END USER INFORMATION
SOCIAL MEDIA WIDGETS
Information collected from End Users of the GLASSBOX Services, including End User Personal Data, may be transferred as part of or in connection with a corporate merger, consolidation, restructuring, the sale of substantially all of our shares or stock and/or assets or other corporate change, including, during the course of any due diligence process. By making available your data through the Services in any manner, you agree that your information may be transferred to third parties under such or similar circumstances.
At any time, you have the ability to opt out of receiving marketing communications from GLASSBOX, but you may not opt out of administrative emails. You can opt out by either changing your e-mail preferences or using the link provided at the bottom of each email message or through any other means that is made available to you.
We do not send emails to anyone without a legitimate legal basis such as to address contractual necessity and legal obligation or permission (which permission may have been given to us and/or one of our enterprise clients), and we do not sell or rent email addresses to any unauthorized third party. This does not mean that we can prevent spam from happening on the Internet. If you believe that you have received an unsolicited email from us, please contact us at the e-mail below and we will investigate.
Our Site may have links to the sites of other companies, including those of our enterprise clients. We are not responsible for their privacy practices. We encourage you to learn about the privacy policies of those companies by visiting their respective websites, apps, etc.
POLICY TOWARDS CHILDREN
GLASSBOX does not knowingly collect personal information from minors who are under the age of 16 through its Website and/or the Services. If a parent or guardian becomes aware that his or her child has provided us with Personal Data without the parent’s/guardian’s consent, then he or she should contact GLASSBOX at described below. If we become aware that a child under the age of 16 has provided us with Personal Data, we will delete such information from our files. Further, the Children’s Online Privacy Protection Act (“COPPA”) requires parental consent for collection of data from children younger than the age of 13 years old. For tips on protecting children’s privacy online, generally, please view the U.S. Federal Trade Commission (“FTC”) website at http://www.ftc.gov/privacy/privacyinitiatives/childrens.html.
We follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and once we receive it. However, due to the nature of Internet communications and evolving technologies, unauthorized entry or use, hardware or software failure, and other factors, the security of End User information may be compromised at any time. No method of transmission over the Internet, or method of electronic storage, is 100% secure.
Therefore, we cannot guarantee the absolute security of Personal Data and disclaim any assurance that such information will remain free from loss, misuse, or alteration by third parties who, despite our efforts, obtain unauthorized access.
CALIFORNIA PRIVACY RIGHTS
If an End User is a California resident, California Civil Code Section 1798.83(c)(2) permits such individual to request information regarding the disclosure of his/her information by GLASSBOX to third parties for such third parties’ direct marketing purposes. To make such a request, please send us an email to firstname.lastname@example.org.
LAW ENFORCEMENT & HARM
GLASSBOX may preserve or disclose an End User’s information if we believe that such preservation or disclosure is reasonably necessary to comply with the law, a regulation, or a legal request by law enforcement or the government. We may also preserve or disclose your information to protect the safety of any person or the public, to prevent or address fraud, to handle security within the Services, to handle a technical issue, to protect our rights or property, to protect the rights or property of a third party, or to prevent or stop any illegal or unethical activity.
UPDATE/DELETE USER INFORMATION; OPTING-OUT
You can write to us at any time to obtain a copy of the available Personal Data we’ve collected about you as a result of your use of the Services. We will also endeavor to correct any inaccuracies that you discover and bring to our attention. If you no longer desire to use any of GLASSBOX’s Services and you no longer want GLASSBOX to hold any of your Personal Data, then please send us an email requesting the removal and deletion of your Personal Data from our systems and databases, in which case we will endeavor to promptly comply with your request unless such data was collected by one of our Enterprise Clients, as in that case the final decision will be theirs and not GLASSBOX. By way of clarification, we have no direct relationship with any of our Enterprise Clients’ individual End Users. Therefore, any such end user of an Enterprise Client who seeks to correct, amend, delete inaccurate Personal Data, or withdraw consent for further use of his/her Personal Data, should direct all queries to the applicable Enterprise Client that he/she deals with directly. In order to contact us regarding any of the foregoing, please send an e-mail to email@example.com. GLASSBOX shall also make available to its End Users other opt-out mechanisms relating to its collection and use of your Personal Data as it is required to do in accordance with applicable laws and regulations. Finally, if your request has not been addressed in a timely manner after sending an email to the above-referenced email address, you may send an email directly to our Chief Privacy Officer and Director of Compliance at the following address: firstname.lastname@example.org.
Last updated: June 2019