Privacy Policy

Please read this Privacy Policy carefully. By using or accessing the Service, you acknowledge that you have read, understood, and agree to be bound to all the terms and conditions of this Privacy Policy, and the "Terms and Conditions” or other customer agreement between you and Sympli that is applicable to the particular Service you are using or accessing (collectively, "User Agreements”).

If you do not agree to this Privacy Policy and the applicable User Agreement, please exit and do not use or access the Service.

Your privacy is important to us, so please review the information below regarding our practices and policies.

Introduction

This Privacy Policy ("Privacy Policy") sets forth the privacy practices of Sympli, LLC and its current and future Sympli Affiliates (collectively, “Sympli”) for all Sympli software and applications (including, without limitation, mobile software and applications) (collectively, the “Software”); the Sympli websites located at sympli.io and any other Sympli websites or services that link to this Privacy Policy, (collectively, the “Websites”); and all other Sympli products or services provided or otherwise made accessible on or through the Software or the Websites or that otherwise link to or reference this Privacy Policy. The Software, the Websites, and any other Sympli products or services that link or refer to this Privacy Policy are collectively referred to as the “Service.” This Privacy Policy describes how Sympli collects, discloses, stores, transfers, and uses information that could individually identify our users (“Personal Data”) in connection with our Service.

This Privacy Policy does not apply to the practices of third parties, as explained in more detail below. In this Privacy Policy, "we," “us,” “our,” and other similar references mean Sympli, “you” and “your” and other similar references mean any user of the Service, and “Sympli Affiliates” means any parent, subsidiary, member, officer, director, employee, agent, or contractor of Sympli or any entity under common control with Sympli.

This policy applies (i) immediately to new users who use or access the Service on or after the Effective Date and (ii) on the Effective Date to users who use or access the Service before the Effective Date.

Please contact us if you have any questions or comments about our privacy practices. You can reach us online at privacy@sympli.io or by mail at the address listed in the "Questions Regarding Your Personal Data" section below.

Personal Data Storage

The Service is hosted and operated in the United States (“U.S.”), with development, support and maintenance operations in other countries through both Sympli and its service providers. If you do not reside in the U.S., laws in the U.S. may differ from the laws where you reside. By using the Service, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Sympli in the U.S. and will be hosted on U.S. servers, and you authorize Sympli to transfer, store, host and process your information to and in the U.S., and possibly other countries. You hereby consent to transfer of your data to the U.S. pursuant to, at Sympli’s discretion, the standard data protection clauses promulgated by the EC, a copy of which can be obtained at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32010D0087.

EU Personal Data

If you are located in the EU, United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the "GDPR") related to your Personal Data, as further described below. Sympli will be the controller of your Personal Data processed in connection with the Service, unless you access the Service through an enterprise account, or other Sympli account that is controlled by a third party (e.g. your employer).

Types of Personal Data We Collect

Sympli collects Personal Data about you when you provide it directly to us, when third parties such as our business partners (e.g. companies with whom we integrate our Service), service providers (such as our advertising service providers) provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Service. We collect the following Personal Data from you in connection with the Service:

  1. Contact Information: information used to identify or contact you, which may include first name, last name, title, physical address, telephone number, email address, and Twitter handle.

  2. Financial Account Information: information you provide in connection with your purchase of the Service (or a purchase made through the Service), including credit card number, credit card expiration date, credit card verification code, bank account number, bank account title, bank name, branch location, and routing number. You must only provide us with Financial Account Information for accounts and credit cards that you have the lawful right to access.

  3. Transaction Information: information related to transactions you conduct on the Service, including interactions with the Service, registrations for special events or webinars, customer support interactions, and other similar transactions.

  4. User Account Information: information that identifies you to the Service, such as your user name, email address, password, and IP address.

  5. User Content: Personal Data included in content, images, comments, and other content, information, and materials that you post to or through the Service.

  6. Important Note: Users of our Services should not use actual or "live" Personal Data or other sensitive data (e.g. real health information, financial information, or other information) when sharing, reviewing, and using designs through our Services. Sympli recommends following industry best practices of using “dummy data” that does not refer to actual people, financial accounts, etc. while sharing, reviewing, and using your designs and prototypes.

  7. Partner Information: information that our business partners share with us.

  8. Log Data: information automatically recorded regarding usages of the Service, such as IP addresses, device and browser type, operating system, the pages or features of our Website or Service to which a user browsed, the time spent on those pages or features, the frequency with which the Service is used by a user, search terms used by a user, the links on the Service that a user clicked on or used, and other statistics.

We also collect usage and performance information that is not Personal Data or that we aggregate or de-identify so that it no longer personally identifies an individual. We also associate some data that is not Personal Data with Personal Data.

How we Collect Personal Data

We collect Personal Data when a user (i) creates an account (a "User Account"); (ii) logs into the Service; (iii) interacts with the Service; (iv) uploads or generates User Content; (v) communicates with us; and (vi) responds to a communication or interaction from us. Some of the methods and tools we use to collect Personal Data are:

Use of Personal Data

Sympli uses Personal Data to: (i) provide, administer, and improve our Service; (ii) better understand your needs and interests; (iii) fulfill requests you make; (iv) personalize your experience; (v) provide Service announcements; (vi) provide you with information and offers from Sympli, Sympli Affiliates, and our business partners; (vii) protect, investigate, and deter against fraudulent, harmful, unauthorized, or illegal activity and (viii) comply with legal obligations.

For example, we use Personal Data to:

Processing Basis

We will only use your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity, and our "legitimate interests" or the legitimate interest of others, as further described below.

Examples of these legitimate interests include:

* Operation and improvement of our business, products, and services

* Marketing of our products and services

* Provision of customer support

* Protection from fraud or security threats

* Compliance with legal obligations

* Completion of corporate transactions

Sharing of Personal Data

We may share Personal Data with third parties who work on our behalf and provide us with services related to or in support of the Service, including vendors, third party service providers, and other agents. These third parties may include, but are not limited to:

We also may share Personal Data with third party service providers and agents when necessary to complete a transaction initiated or authorized by you or provide you with a product or service you have requested. In addition to those set forth above, these parties also include:

We share Personal Data with presenters, sponsors, or other conference participants or organizers if you register for or attend a conference in which we are involved. We also share Personal Data when we believe we are required to do so, such as to:

We also share information with third parties when you have given us consent to do so.

Third Party Enterprise Accounts

If you register for the Service using an email address that we recognize to be either a part of a third-party enterprise account for the Service (an "Enterprise Account") or a potential enterprise Service purchaser (for example, your employer’s) (each, an “Organization”), we may provide your name and email address to the Organization and their administrator. In some cases, we will also consolidate your account(s) with the accounts of the Organization and we provide your Organization and their administrator with access to your User Account information and User Content. This may happen when the Organization’s account is established after you register for your individual User Account. We make these transfers to allow users who are part of a larger organization to take advantage of the special features and security enjoyed by our enterprise Account holders, and in order to help you and your organization comply with its internal security and email usage obligations. Please note that all accounts for the Service, and all applicable sub-accounts (which may include your User Account), are controlled by the account administrator. In certain cases (e.g. when we are aggregating all of the accounts under a current or potential Enterprise Account), we will provide you with the ability to opt-out of consolidation with an Organization’s Account (typically by changing the email address on your account to a non-Organization email address).

Additionally, when an Organization creates an Account, we may notify any individuals already using the Services under an email address with the same company domain as yours so that they can be migrated to your enterprise Account.

Data Transfers

Sympli may sell, transfer, or otherwise share some or all of its business or assets, including your Personal Data, in connection with a business deal (or the evaluation of a potential business deal) such as a merger, consolidation, acquisition, reorganization, or sale of assets or in the event of bankruptcy. You acknowledge that such transfers may occur and that any acquirer or successor of Sympli or its assets may continue to use your Personal Data as set forth in this Privacy Policy. You will be notified via email and/or a prominent notice on our Website or Service of any change in ownership or resulting change in uses of your Personal Data, as well as any choices you may have regarding your Personal Data. Similarly, if you access the Service as part of a third party Enterprise Account, the individual or entity controlling the Enterprise Account may transfer or otherwise share the account (including your User Account, User Content, and Personal Data) to an acquirer of some or all of its assets in connection with the migration to an Organization’s account, or a business deal (or the evaluation of a potential business deal) such as a merger, consolidation, acquisition, reorganization, or sale of assets, or in the event of bankruptcy.

Privacy Options

Opting Out of Behavioral Advertising and Tracking Tools

You can opt-out of certain Behavioral Advertising activities by doing one or more of the following. Please note that you will need to opt-out of each browser and device for which you desire to apply these opt-out features.

Security

The security of your information is a serious issue and we are committed to protecting the information we receive from you. We use commercially reasonable security measures to protect against the loss, misuse, and alteration of your information under our control based on the type of Personal Data and applicable processing activity, such as data encryption in transit, data encryption at rest (for customers that elect to purchase our "private cloud" solution), pseudonymization, and enforcement of least privilege and need-to-know principles.

To the extent the Service requires you to provide any Financial Account Information, such as when you purchase subscriptions to the Service, that information will be collected and processed by third-party PCI-compliant service providers. We do not store Financial Account Information transmitted through the Service, provided that we do store (or our payment processor on our behalf will store) just the last four digits of your credit card number, if you provide this to us, to comply with credit card processing requirements of authorizations, charges and chargebacks.

Data Retention

We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you with the Service, and thereafter as set forth in our Service agreement with you (typically 30 days after termination of the Service, or sooner upon request (except as required by law)). In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule, or regulation. Upon disposal, we will destroy or render unreadable any such Personal Data. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.

Third Party Sites

This Privacy Policy applies only to the Service. It does not apply to products, services, or sites that are provided by or operated by third parties, even if such products, services or sites are linked or redirected to or from the Service ("Third Party Sites"), regardless of whether or not such link or redirection is authorized by Sympli. Third Party Sites may have their own policies regarding privacy, or no policy at all. The fact that we link to a Third Party Site is not an endorsement, authorization, or representation that we are affiliated with that third party. Sympli is not responsible for Third Party Sites, and you use them at your own risk. We encourage you to read the privacy policies and the Third Party Sites that you visit or use.

The Service contains areas where you may be able to publicly post information, communicate with others, submit media content, and/or review goods, services, or vendors, such as discussion boards or blogs. Any information, including Personal Data that you post there, will be public and can be viewed by the public at large, and therefore anyone who accesses such postings will have the ability to read, collect, and further disseminate such information. We have no control over, and take no responsibility for, the use, storage, or dissemination of information posted or otherwise made available on such portions of the Service. By posting Personal Data online in public forums, you may receive unsolicited messages from other parties.

Your Rights Regarding Personal Data

Accessing, Correcting, and Deleting Your Personal Data and Other Data Subject Rights

You have certain rights with respect to your Personal Data, and we want to help you review and update your information to ensure it is accurate and up-to-date. We may limit or reject your request in certain cases, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, if it is not required by law, or if the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question. In some cases, we may also need you to provide us with additional information, which may include Personal Data, to verify your identity and the nature of your request. We will take reasonable steps to respond to all requests within 30 days.

If you are an Sympli Account holder, you can accomplish most of the following by logging into your User Account or, for those using Enterprise Accounts, by contacting your account administrator. You can also contact us directly at privacy@sympli.io if you have any additional requests or questions regarding:

You also have the right to lodge a complaint about Sympli’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.

Closing Your Account

You may close an account, and upon termination of your User Account, we will take reasonable steps to provide, modify, or delete your Personal Data as soon as is practicable. However, Sympli may nevertheless retain your Personal Data to protect the business interests of Sympli, Sympli Affiliates, vendors, and other users, and some information may remain in archived/backup copies for our records or as otherwise required by law. Those interests include without limitation the completion of transactions, maintaining records for financial reporting purposes, complying with our legal obligations, resolving disputes, and enforcing agreements.

California Privacy Rights

Pursuant to Section 1798.83 of the California Civil Code, residents of California can obtain certain information about the types of Personal Data that companies with whom they have an established business relationship have shared with third parties for direct marketing purposes during the preceding calendar year. In particular, the law provides that companies must inform consumers about the categories of Personal Data that have been shared with third parties, the names and addresses of those third parties, and examples of the types of services or products marketed by those third parties. To request a copy of the information disclosure provided by Sympli pursuant to Section 1798.83 of the California Civil Code, please contact as set forth above.

Enforcement & Recourse

We take our privacy commitments very seriously. We will conduct internal audits of our compliance with this Privacy Policy, and work to ensure that our employees and service providers also adhere to the Privacy Policy. If you have any questions or concerns regarding privacy related to the Service, please send us a detailed message to privacy@sympli.io, and we will try to resolve your concerns. We also commit to resolve complaints about your privacy and our collection or use of Personal Data transferred from the EU to the U.S. in compliance with the privacy best practices, where applicable.

Privacy Policy Changes

We reserve the right to modify this Privacy Policy at any time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make material changes to this Privacy Policy, you will be notified via email (if you have an account where we have your contact information) or otherwise in some manner through the Service that we deem reasonably likely to reach you (which may include posting a new privacy policy on our Website—or a specific announcement on this page or on our blog). Any modifications to this Privacy Policy will be effective upon our posting of the new terms and/or upon implementation of the new changes on the Service (or as otherwise indicated at the time of posting) or on the Effective Date set forth in the modified Privacy Policy. In all cases, your continued use of the Service or Website after the posting of any modified Privacy Policy indicates your acceptance of the the modified Privacy Policy.

Children

Our Service is not intended for children under the age of 13 (16 in the EU), and therefore, Sympli does not knowingly acquire or receive Personal Data from children under the age of 13 (16 in the EU). If we later learn that any user of our Service is under the age of 13 (16 in the EU), we will take appropriate steps to remove that user’s information from our account database and will restrict that individual from future access to the Service.

Questions Regarding Personal Data

Please contact us if you have any questions or comments about our privacy practices or this Privacy Policy. You can reach us online at privacy@sympli.io, or by mail at:

Sympli, LLC

Attention: Privacy Officer

1211 31st Street, NW

Washington, DC 20007

USA