Last Updated: February 6, 2023
Collavate, Inc. respects your concerns about privacy. References in this Privacy Policy to “Collavate”, “we”, “us”, and “our” are references to the Collavate entity responsible for the processing of your personal information, which generally is the Collavate entity that collects your personal information.
This Privacy Policy describes the types of personal information we obtain, how we may use that personal information, with whom we may share it and how you may exercise your rights regarding our processing of that information. The Privacy Policy also describes the measures we take to safeguard the personal information we obtain and how you can contact us about our privacy practices.
This Privacy Policy applies to the personal information we obtain through Collavate properties, including websites, products, services, desktop and mobile apps, and other tools offered by Collavate that reference this Privacy Policy (“Online Services”); offline collection, including Collavate events, surveys, questionnaires, customer user research and evaluations (“Offline Channels”); and third-party sources, including business partners, ad networks and vendors (collectively, the “Offerings”). This Privacy Policy does not apply to other Collavate products and services that post separate privacy policies.
In connection with providing support, cloud and other services, Collavate processes certain data maintained in environments that Collavate may access to perform cloud, consulting and support services (“Customer Content”) on behalf of and at the direction of its customers and partners, as well as log data (e.g., regarding access and authentication requests) that we collect for analysis and security purposes across our services. Our use of such Customer Content and log data is subject to the terms of our customer agreements and is not governed by this Privacy Policy. In contrast, the information we collect through our customers’ and partners’ use of our websites (such as names, addresses, billing information and employee contact information) and through our offline interactions with customers and partners is subject to the terms of this Privacy Policy.
The Online Services may provide links to other third-party websites and features. Some of these third-party websites may be co-branded with a Collavate logo even though they are not owned, controlled, operated or maintained by Collavate. Collavate does not share your personal information with those websites and is not responsible for their privacy practices. These websites are subject to their respective privacy policies. In some cases, we may provide the Offerings jointly with other businesses. For these co-branded offerings in which a third party is involved in your transactions, we will sometimes share or jointly collect customer data related to those transactions with that third party.
The data we obtain varies based on the Offerings you use. We obtain personal information through your interaction with the Offerings, such as when you:
Please note that providing personal information to us is voluntary on your part. If you choose not to provide us certain information, we may not be able to offer you certain products and services, and you may not be able to access certain features of the Online Services.
We use the information we obtain to:
Depending on the purposes for which personal information is used, and the context in which the data is obtained, we may rely on one or more of the following legal bases:
We may combine data collected from you with other sources to help us improve the accuracy of our marketing and communications as well as to help expand or tailor our interactions with you. This includes combining personal information we obtain through Online Services with information we obtain through Offline Channels, as well as other information (such as referral programs), for the purposes described above. We may anonymize or aggregate personal information and use it for the purposes described above and for other purposes to the extent permitted by applicable law. We also may use personal information for additional purposes that we specify at the time of collection. We will obtain your consent for these additional uses to the extent required by applicable law.
Where required by applicable law, we will obtain your consent for the processing of your personal information for direct marketing purposes.
Collavate uses cookies, web beacons (including pixels and tags), and similar technologies on our Online Services that collect certain information about you by automated means. A “cookie” is a text file that websites send to a visitor’s computer or other Internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. A “web beacon,” also known as an Internet tag, pixel tag or clear GIF, links web pages to web servers and their cookies and may be used to transmit information collected through cookies back to a web server.
We use these automated technologies to collect information about your equipment, browsing actions, and usage patterns. The information we obtain in this manner includes IP address and other identifiers associated with your devices, types of devices connected to our Offerings, device characteristics (such as operating system), language preferences, referring/exit pages, navigation paths, access times, browser preferences and characteristics, installed plugins, local time zones, local storage preferences, clickstream data and other information about your online activities. We use on our Online Services both first-party cookies (served directly by our website domain when you visit our Online Services) and third-party cookies (served by a third-party website when you visit our Online Services and certain third-party websites with whom we have partnered). Some of these cookies are session cookies (which are automatically deleted when you close your browser) and others are persistent cookies (which remain on your computer or other Internet-connected device for a period of time after you end your browsing session, unless you delete them).
The cookies we use on our Online Services include (1) essential and functional cookies; (2) analytics cookies; and (3) targeting/advertising cookies, as described below.
We use cookies on our Online Services that are necessary for us to provide you with our products and services. This includes essential cookies (such as those used to authenticate you to our website and identify you after you have logged in), functional cookies (such as those that remember what you added to your shopping cart or the language preference you selected), and user-centric security cookies used to increase the security of the products and services we provide to you (such as to detect authentication abuses). Given the necessary functionality of these cookies, they typically may not be disabled on our Online Services.
We use analytics cookies to collect information on how users navigate and use our Online Services, such as how the users traverse our Online Services, the pages they view, how long they stay on a page and whether the page is displayed correctly or whether errors occur. Such cookies help us to improve the performance of our Online Services and make the Online Services more user-friendly. These cookies are provided by third-party analytics providers, including Google Analytics and Marketo. To learn more about Google Analytics and how to opt out, please visit Google Analytics. To learn more about these analytics services and how to opt out, please view our Cookie Consent Tool here.
We do not sell or otherwise disclose personal information about you except as described here or at the time of collection. Collavate may share personal data in the following ways:
We also may disclose personal information about you (1) if we are required or permitted to do so by applicable law, regulation or legal process (such as a court order or subpoena), (2) to law enforcement authorities or other government officials to comply with a legitimate legal request, (3) when we believe disclosure is necessary to prevent physical harm or financial loss to Collavate, its users or the public as required or permitted by law, (4) to establish, exercise or defend our legal rights, and (5) in connection with an investigation of suspected or actual fraud, illegal activity, security or technical issues.
In addition, we reserve the right to transfer to relevant third parties information we have about you in the event of a potential or actual sale or transfer of all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, divestiture, dissolution or liquidation) or other business transaction.
We also may share the information in other ways for which we provide specific notice at the time of collection and obtain your consent to the extent required by applicable law.
We transfer the personal information we collect through the Channels to, and store such data in, other countries in which Collavate and its service providers operate, including the U.S., which may have different data protection laws than the country in which the information was provided. If we do so, we will transfer the personal information only for the purposes described in this Privacy Policy. To the extent required by applicable law, when we transfer your personal information to recipients in other countries, we will take measures to protect that information including, as appropriate, by executing data transfer agreements based on the European Commission’s Standard Contractual Clauses pursuant to article 46 of the General Data Protection Regulation (GDPR), or by selecting data recipients that are certified to the EU-U.S. and Swiss-U.S. Privacy Shield frameworks described below.
Collavate is responsible for the processing of personal information it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Collavate complies with the Privacy Shield Principles for all onward transfers of personal information from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal information received or transferred pursuant to a Privacy Shield Framework, Collavate is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Collavate may be required to disclose personal information in response to lawful requests by public authorities, including to satisfy national security or law enforcement requirements.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
In compliance with the Privacy Shield Principles, Collavate commits to resolve complaints about our collection or use of your personal information. If you have questions or complaints regarding our Privacy Policy or practices, please contact us.
EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Collavate. If you have an unresolved compliant that has not been addressed to your satisfaction, please contact or visit https://feedback-form.truste.com/watchdog/request (a U.S.-based alternative dispute resolution provider) for more information or to file a complaint. The services are provided at no cost to you.
Collavate has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU and Switzerland in the context of the employment relationship.
We offer you certain choices in connection with the personal information we obtain about you, such as how we use the information and how we communicate with you. To update your preferences, limit the communications you receive from us or submit a request, please contact us as specified in the How to Contact Us section of this Privacy Policy. You can also unsubscribe from our mailing lists by following the “Unsubscribe” link in our emails.
To the extent provided by the law of your jurisdiction, you may request access to the personal information we maintain about you or request that we correct, update, amend or delete your information, or that we restrict the processing of such information by contacting us as indicated below or by accessing MyAccount. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. To the extent permitted by applicable law, a charge may apply before we provide you with a copy of any of your personal information that we maintain. Depending on your location, you may have the right to file a complaint with a government regulator if you are not satisfied with our response.
We support the Self-Regulatory Principles for Online Behavioral Advertising (“Principles”) of the Digital Advertising Alliance in the U.S., the Digital Advertising Alliance of Canada, and the European Digital Advertising Alliance in the EU. If you live in the United States, Canada, or the European Union, you can visit Ad Choices, Ad Choices Canada or Your Online Choices to find a convenient place to indicate your preferences, including the option to make one “universal” opt-out of interest-based advertising with participating entities. These websites also provide detailed information about interest-based advertising and tips for managing your privacy online and in applications. Opting out of interest-based advertising does not mean you will no longer see advertisements from us or on the Online Services; rather, opting out means that the online ads that you do see will not be based on your interests. When you opt-out of receiving interest-based advertisements through the links above, cookies and other technologies on the Online Services may still collect information about your use of the Online Services, including for analytics, fraud prevention and any other purpose permitted under the Self- Regulatory Principles.
When you use our Online Services, both we and certain third parties (such as our advertising networks, digital advertising partners and social media platforms) may collect personal information about your online activities, over time and across third-party websites. Certain web browsers allow you to instruct your browser to send Do Not Track (“DNT”) signals to websites you visit, informing those sites that you do not want your online activities to be tracked.
Where provided by law, you may withdraw any consent you previously provided to us or object at any time on legitimate grounds to the processing of your personal information, and we will apply your preferences going forward. This will not affect the lawfulness of our use of your information based on your consent before its withdrawal.
We maintain administrative, technical and physical safeguards, consistent with legal requirements where the personal information was obtained, designed to protect against unlawful or unauthorized destruction, loss, alteration, use or disclosure of, or access to, the personal information provided to us through the Channels.
To the extent permitted by applicable law, we typically retain personal information we obtain about you for as long as it is needed (1) for the purposes for which we obtained it, in accordance with the terms of this Privacy Policy, which generally means that we will keep your personal information for the duration of our relationship or as long as you keep your account open with us; or (2) to take into account applicable statute of limitation periods and comply with applicable laws, resolve disputes and enforce our agreements. As described in the “Your Rights and Choices” section above, to the extent provided by the law of your jurisdiction, you may request that we delete your information or restrict the processing of such information by contacting us as indicated below.
Subject to certain limits under California law, California residents may ask us to provide them with (1) a list of certain categories of personal information we have disclosed to third parties for their direct marketing purposes during the immediately preceding calendar year and (2) the identity of those third parties. To obtain this information, please send an email to privacy@collavate.com with “California Shine the Light Privacy Request” in the subject line and in the body of your message.
To see more details on your California Consumer Privacy Act(CCPA) Rights, please visit our CCPA policy page
The Online Services are designed for a general audience and are not directed to children under the age of 13. We do not knowingly collect or solicit personal information from children under the age of 13 through the Online Services. If we become aware that we have collected personal information from a child under the age of 13, we will promptly delete the information from our records. If you believe that a child under the age of 13 may have provided us with personal information, please contact us as specified in Contact Us section of this Privacy Policy.
This Privacy Policy may be updated periodically and without prior notice to you to reflect changes in our information practices. We will indicate at the top of this Privacy Policy when it was most recently updated. We encourage you to periodically review this Privacy Policy for the latest information on our privacy practices.
If you have any questions or comments about this Privacy Policy or if you would like us to update information we have about you or your preferences, please contact us by email at privacy@collavate.com or write to us at:
Collavate, Inc.
Attn: Chief Privacy & Digital Risk Officer / Data Protection Officer
3101 Park Blvd. Palo Alto, CA 95128-2541, United States