Last Updated: May 25, 2018
Certain, Inc. through its Touchpoint division (“Touchpoint,” “we” or “us”) respects the privacy of its users and has developed this Privacy Policy to demonstrate its commitment to protecting your privacy. This Privacy Policy is intended to describe for you, as an individual who is a user of our iOS app, Android app and mobile site or our website, www.gatherdigital.com, or any other web-based or mobile service we offer (the “Service” or the “Touchpoint Service”), the information we collect, how that information may be used, with whom it may be shared, and your choices about such uses and disclosures.
We encourage you to read this Privacy Policy carefully when using our Service. By using our Service, you are accepting the practices described in this Privacy Policy.
Touchpoint complies with and commits to continue complying with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries. Touchpoint has certified that it adheres to the EU-U.S. Privacy Shield Principles of notice; choice; accountability for onward transfer; security; data integrity and purpose limitation; access; and recourse, enforcement and liability. To learn more about the EU-U.S. Privacy Shield Program please visit https://www.privacyshield.gov. Please also reference our commitments to the Privacy Shield Principles toward the end of this Privacy Policy.
Touchpoint complies with the General Data Protection Regulation (“GDPR”). More information about your rights under GDPR can be found below.
If you have any questions about our privacy practices, please refer to the end of this Privacy Policy for information on how to contact us.
When providing our Service, our clients (usually a conference or program organizer) choose the types of personal information we process and the purposes of the processing. As a result, Touchpoint encourages consumers to first address any inquiries or complaints to the conference or program organizer. We welcome any unresolved questions or issues at [email protected]. If Touchpoint cannot resolve the complaint, Touchpoint is committed to:
1. Use the International Centre for Dispute Resolution (ICDR), a division of the American Arbitration Association (AAA), to resolve disputes (information about ICDR can be found at https://www.icdr.org/privacyshield )
or,
2. Cooperate and comply with the EU Data Protection Authorities (DPAs) to investigate unresolved complaints.
We obtain and process personal information in different capacities:
In General. We may collect personal information that can identify you, such as your name and e-mail address and other information that you or our client provides to us. We may also collect information that does not identify you. When you provide personal information through our Service or through our website, the information may be sent to servers located in the United States and other countries around the world. We collect information and retain data about you solely for the purpose of enabling your use of the Service and for enabling our client to provide you with offers and capabilities relevant to your use of the Service.
Use of cookies and other technologies to collect information. We use various technologies to collect information from your mobile device and about your activities on our Service.
Push notifications
In general. We may use information that we collect about you to:
We want you to understand when and with whom we may share personal or other information we have collected about you or your activities on our web site, while using our Service or through our conference-planning clients.
Personal information. We do not share your personal information with others except as indicated below or when we inform you and give you an opportunity to opt out of having your personal information shared. We may share personal information with:
Other Situations. We also may disclose your information:
Our clients who are hosting a conference, event or program in which you are participating from whom we may be given personal information about you and to whom we may disclose personal information may have their own privacy policies which describe how they use and disclose personal information. Those policies will govern use, handling and disclosure of your personal information as described in this Privacy Policy. If you want to learn more about their privacy practices, we encourage you to visit the websites of those clients.
Aggregated and non-personal information. We may share aggregated and non-personal information we collect under any of the above circumstances. We may also share it with third parties to develop and deliver targeted advertising on our Service. We may combine non-personal information we collect with additional non-personal information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our clients the number of visitors to our Service and the most popular features or services accessed. This information does not contain any personal information and may be used to develop Service content and features that we hope you and other users will find of interest and to target content and advertising.
There are a number of places on our Service where you may click on a link to access other websites that do not operate under this Privacy Policy. For example, if you click on an advertisement or a link on our Service, you may be taken to a website that we do not control. These third-party websites may independently solicit and collect information, including personal information, from you and, in some instances, provide us with information about your activities on those websites. We recommend that you consult the privacy statements of all third-party websites you visit by clicking on the "privacy" link typically located at the bottom of the webpage you are visiting.
You have the right to access your personal information. If you have not been asked by us or our clients to fill out an information profile nor have you expressed permission to include personal information on the Service, there will either be no personal information about you displayed or the personal information about you that will be viewable by other users, attendees, sponsors and exhibitors will typically be limited to your name, professional affiliation and title, and if the conference is a reunion, your class year, and/or other defining group chosen by our conference-planning clients. We will not publish your email address or other specific contact information on the Service without your consent, which may be obtained directly by us or through our conference-planning clients. If you have been asked to fill out a profile and you have elected to provide personal information, you will be given contact and other information at that time as to how you may change any profile information or opt-out of providing profile information. You can also opt out of the display of information about you directly in our Service. You can choose not to provide us with certain information, but that may result in you being unable to use certain features of our Service.
We take appropriate security measures (including physical, electronic and procedural measures) to help safeguard your personal information from unauthorized access and disclosure. For example, only authorized employees are permitted to access personal information, and they may do so only for permitted business functions. In addition, we use encryption in the transmission of your sensitive personal information between your system and ours, and we use firewalls to help prevent unauthorized persons from gaining access to your personal information.
We want you to feel confident using our Service. However, no system can be completely secure. Therefore, although we take steps to secure your information, we do not promise, and you should not expect, that your personal information, searches, or other communications will always remain secure. Users should also take care with how they handle and disclose their personal information and should avoid sending personal information through insecure e-mail. Please refer to the Federal Trade Commission’s website for information about how to protect yourself against identity theft.
We may provide areas on our Service where you can post information about yourself and others and communicate with others or upload content (e.g., pictures). Such postings are governed by our Terms of Service. You should be aware that whenever you voluntarily disclose personal information on a publicly-viewable service, that information will be publicly available and can be collected and used by others. For example, if you post your e-mail address, you may receive unsolicited messages. We cannot control who reads your posting or what other users may do with the information you voluntarily post, so we encourage you to exercise discretion and caution with respect to your personal information.
Our website is a general audience site, and we do not knowingly collect personal information from children under the age of 13.
The Touchpoint Service provides a means for our clients to publish information in a format optimized for mobile devices. As such, we request that should you desire to opt-out of the display of your personally-identifiable information in the Touchpoint Service, you first contact our client, the conference planner or program organizer. You may also contact Touchpoint directly at [email protected] [email protected] with the subject “privacy policy”. Please include the name of the app you are using. Or you may call us at 919-932-4266.
If you are visiting our Service from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where many of our third-party hosted servers are located and our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country. Please be assured that we seek to take reasonable steps to ensure that your privacy is protected. By using our services, you understand that your information may be transferred to our facilities and those third parties with whom we share it as described in this privacy policy.
If you are visiting the Site from the EU or where applicable EU data protection laws so provide, subject to certain limitation and exceptions, you may exercise the following rights regarding your personal data:
Access
You have the right to obtain from us confirmation if your personal data is being processed and certain information in this regard.
Rectification
You have the right the request the rectification of inaccurate personal data and to have incomplete data completed.
Objection
You have the right to object to the use of your personal data in certain circumstances, such as the use of your personal data for direct marketing.
Portability
You have the right to transfer your personal data to a third party in a structured, commonly used and machine-readable format, in circumstances where the personal data is processed with your consent or by automated means.
Restriction
You may request to restrict processing of your personal data if (i) you contest the accuracy of it; (ii) the processing is unlawful and you oppose the erasure of it and request restriction instead; (iii) we no longer need it, but you tell us you need it to establish, exercise or defend a legal claim; or (iv) you object to processing based on public or legitimate interest. Please be aware that we may need a period of time to verify your request and determine if we have overriding legitimate grounds to use it.
Erasure
You have the right to request that we delete your personal data in certain circumstances, such as when it is no longer necessary for the purpose for which it was originally collected.
Right to lodge a complaint
You also have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your residence, or the location where the issue that is the subject of the complaint occurred.
Right to refuse or withdraw consent
Please note that in the case where we ask for your consent to certain processing, you are free to refuse to give consent and you can withdraw your consent at any time without any adverse negative consequences, except that you may no longer be able to use some or all of the features of the Service. The lawfulness of any processing of your personal data that occurred prior to the withdrawal of your consent will not be affected.
If you have questions about exercising any of those rights or their applicability to any of our particular processing activities or have questions about any data transfer mechanism or want a copy thereof, you may contact us at [email protected] or at the address provided in the Contact Us section below.
California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits California residents to request and obtain once a year, free of charge, information about the personal information (if any) that Touchpoint disclosed to third parties for the third parties’ direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please email your request to [email protected].
This Privacy Policy does not create rights enforceable by third parties or require disclosure of any personal information relating to users of the Service.
We will occasionally update this Privacy Policy to reflect changes in our practices and services. When we post changes to this Privacy Policy, we will revise the "last updated" date at the top of this Privacy Policy. We recommend that you check our website, www.gatherdigital.com, from time to time to inform yourself of any changes in this Privacy Policy or any of our other policies.
Data Integrity and Purpose Limitation Any personal information we receive may be used by Touchpoint for the purposes indicated in our above Privacy Policy or as otherwise notified to you. We will not process personal information in a way that is incompatible with these purposes unless subsequently authorized by you.
We take reasonable steps to limit the collection and usage of personal information to that which is relevant for the purposes for which it was collected, and to ensure that such personal information is reliable, accurate, complete and current. Individuals are encouraged to keep their personal information with our client and with Touchpoint up to date and may contact Touchpoint as indicated below to request that their personal information be updated or corrected.
We will retain your personal information in an identifiable form only for the period necessary to fulfill the purposes outlined in the this Privacy Policy unless a longer retention period is required or permitted by law or by the Principles. We will adhere to the Principles for as long as we retain the personal information collected under the Privacy Shield.
When providing our Service, we process and retain personal information as necessary to provide our Service as permitted in our agreement with clients, or as required or permitted under applicable law.
Accountability for Onward Transfer of personal information Touchpoint may transfer personal information for the purposes described in the Privacy Policy to a third party acting as a data controller or as an agent. If we intend to disclose personal data to a third party acting as a data controller or as an agent we will comply with, and protect, personal information as provided in the Accountability for Onward Transfer Principle. When providing our Service we disclose personal information as provided in our agreement with clients.
We remain responsible for the processing of personal information received under the Privacy Shield and subsequently transferred to a third party acting as an agent if the agent processes such personal information in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the damage.
Access Where appropriate, individuals have reasonable access to their personal information and may request corrections, deletions, or additions where the personal information is inaccurate or has been processed in violation of the Principles. We may limit or deny access to personal information where providing such access is unreasonably burdensome or expensive under the circumstances, or as otherwise permitted by the Principles. You may request access to your personal information by contacting us as described below.
When providing our Service, we only process and disclose the personal information as specified in our agreements with clients. Our client controls how personal information is disclosed to us and processed, and how it can be modified. Accordingly, if you want to request access, or to limit use or disclosure of your personal information, please contact the company to which you submitted your personal information and that uses our Service. If you contact us with the name of our client to which you provided your personal information, we will refer your request to that client and support them in responding to your request.
Recourse, Enforcement and Liability Touchpoint has established procedures to periodically verify implementation of and compliance with the Principles. Touchpoint conducts an annual self-assessment of its practices regarding personal information, regularly engages in external verification of its data security, and also undertakes a SOC 2 audit, all intended to verify that the assertions Touchpoint makes about its practices are true and that such practices have been implemented as represented.
In case of disputes, individuals are able to seek resolution of their questions or complaints regarding the processing of their personal information in accordance with the Principles. If an individual feels that Touchpoint is not abiding by this Notice or is not in compliance with the Principles, he or she should first contact Touchpoint at the contact information provided below.
If an issue cannot be resolved through Touchpoint’s internal dispute resolution mechanism, you may submit a complaint to the International Centre for Dispute Resolution (ICDR), a division of the American Arbitration Association (AAA). (Information about ICDR can be found at (https://www.icdr.org/icdr/faces/icdrservices/safeharbor), which provides an independent third-party dispute resolution option based in the U.S. For residual complaints not fully or partially resolved by other means, you may be able to invoke binding arbitration as detailed in the Principles available here.
Touchpoint is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (“FTC”).
If you have any questions about this Privacy Policy or our information-handling practices, or if you would like to request information about our disclosure of personal information to third parties for their direct marketing purposes, please contact us by e-mail at [email protected]