OpenLegacy Privacy Policy
OPENLEGACY PRIVACY POLICY ("PRIVACY POLICY")
IMPORTANT: BY USING OPENLEGACY TECHNOLOGIES LTD’S (“OPENLEGACY”, “COMPANY”, “WE”, “US”, “OUR”) PROPRIETARY SOLUTIONS OFFERED BY COMPANY OR ITS SUBSIDIARIES OR AFFILIATED COMPANIES (“SOLUTIONS”) AND/OR BY VISITING OPENLEGACY’S WEBSITES AT: OPENLEGACY.COM AND/OR SERVERLESS.OPENLEGACY.COM, OL-SERVERLESS. COM, AND ANY OTHER WEBSITES WE OPERATE THAT LINK TO THIS PRIVACY POLICY (THE “WEBSITES” AND TOGETHER WITH THE SOLUTIONS, THE “SERVICES”). YOU (“YOU”) GIVE YOUR CONSENT TO THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY AND OUR TERMS OF USE, AND CONSENT THAT ALL PII (DEFINED BELOW) THAT YOU SUBMIT OR THAT IS PROCESSED OR COLLECTED THROUGH OR IN CONNECTION WITH YOUR USE OF THE SERVICES WILL BE PROCESSED BY OPENLEGACY AND ITS AFFILIATES IN THE MANNER AND FOR THE PURPOSES DESCRIBED IN THIS PRIVACY POLICY.
Company is a controller of the PII we process in relation to Website visitors and the personnel of our customers, vendors, service providers or partners. When Company processes PII on behalf of our customers, Company is a “data processor” under the Regulation (EU) 2016/679 (“GDPR”) (or may be deemed as a “Service Provider” under the California Consumer Privacy Act (“CCPA”)), to the extent applicable. In that case, Company’s customer will be a “data controller” under the GDPR (or a “business” under the CCPA), and will be responsible to obtain the data subject’s consent or establish any other applicable lawful basis for processing and to ensure that data subjects can exercise their rights under applicable law. THIS PRIVACY POLICY DOES NOT APPLY TO PII WE MAY HAVE ACCESS TO AS A DATA PROCESSOR OR SERVICE PROVIDER (I.E., OUR CUSTOMER’S PII THAT WE MAY HAVE ACCESS TO VIA OUR SOLUTIONS).
YOU ARE NOT LEGALLY REQUIRED TO PROVIDE US WITH PII, HOWEVER USE OF THE SERVICES REQUIRES THAT YOU PROVIDE PII. IF YOU CHOOSE TO WITHHOLD ANY PII REQUIRED IN RESPECT THEREOF IT WILL NOT BE POSSIBLE FOR YOU TO USE THE SERVICES. IF YOU DO NOT AGREE TO THE TERMS AND CONDITIONS SET FORTH HEREIN PLEASE DO NOT USE THE SERVICES.
“PII” means any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.
We recognize that privacy is important. This Privacy Policy applies to all of the services, information, tools, features and functionality available on the Services offered by Company and covers how PII that Company collects, including in respect of any use of the Services, is treated. Again, this Privacy Policy does not apply to PII that we may have access to as a data processor or service provider (i.e., our customer’s PII that we may have access to via our Solutions). If you have any questions about this Privacy Policy, please feel free to contact us at: privacy@openlegacy.com.
Information We Collect
We collect PII about our customers and their representatives via the Services and visitors of our Websites. We also collect PII included in publicly available sources and business contact information from our partners to reach out to companies that may be interested in our products and services. We collect and process the following types of information:
- Your Contact Information. For activation of the Services or when you contact us via the Websites, we ask you to provide PII, including: full name, email address, address, country of residence, company name of employer, job title, and phone number.
- Account Information. If you register to maintain an account with us, we will collect the information that you voluntarily provide when registering, which will include your username.
- Order Information. When you place an order for our Solutions, we collect information we need to complete your transaction. This may include full name, billing address, telephone number, email address, and payment card number. We may also retain details of your specific orders and transactions with us. All payment information is collected and held by credit card gateways and third-party payment processors and in accordance with their own privacy policies.
- Information Received from Third Parties. We sometimes supplement the PII with information that is received from third parties. If you interact with any social media or other third party platform (such as Facebook, LinkedIn, Gmail, etc.) we may receive information from the respective platforms.
- Usage information. When you use the Services, we automatically receive and record information from your browser, including without limitation information such as cookie information and statistics about your online/offline status, your IP address, browser identifiers, internet service provider, connection speed, date and duration of the visit, type of browser, your regional and language settings and software and hardware attributes. Our systems automatically record and store technical information regarding the method and nature of your use of the Services. An IP address is a numeric code that identifies your browser on a network, or in this case, the Internet. Your IP address is also used to gather broad demographic information. Company uses all of the PII identified in this Section in order to understand the usage trends and preferences of our users, including recent visits to our Services and how you move around different sections of our Services for analytics purposes and in order to make our Services more intuitive.
- User Communications. When you send emails or other communications to Company, we retain your email and those communications in order to process your inquiries, respond to your requests and improve our Services. When you subscribe to Company’s mailing lists on our Websites we collect your e-mail address and country of your residence to send you news and updates about the Services and to send you newsletters, promotional communications and provide you with information about products and services that we may provide that we think may be of interest to you.
- Aggregate and Analytical Data. In an ongoing effort to better understand and serve the customers of the Services, we often conduct research on customer demographics, interests and behavior based on the PII and other information provided to us. This research is compiled and analyzed on an aggregate basis, and we share this aggregate data with our affiliates, agents and business partners. This aggregate information does not identify you personally. We also disclose aggregated user statistics in order to describe our Services to current and prospective business partners, and to other third parties for other lawful purposes.
- Job Applicants Data. We collect PII from applicants seeking employment with Company and submitting details through our Websites, including CV and all information therein, contact details (e.g. phone number, e-mail address, address), professional qualifications and previous employment history.
Cookies
We use cookies and similar technologies on our Services. You can disable cookies but then your online experience on our Services will be limited.
In order to collect the data described herein we use temporary cookies that remain on your browser for a limited period of time. We also use persistent cookies that remain on your browser until Company's Services are removed, in order to manage and maintain the Services and record your use of the Services. Cookies by themselves cannot be used to discover the identity of the user. A cookie is a small piece of information which is sent to and stored on your browser. Cookies do not damage your browser. Most browsers allow you to block cookies but you may not be able to use some features on the Services if you block them. You may set most browsers to notify you if you receive a cookie (this enables you to decide if you want to accept it or not). We also use web beacons via the Services to collect information. Web beacons or "gifs", are electronic images that are used in our Services or in our emails. We use Web beacons to deliver cookies, count visits and to tell if an email has been opened and acted upon.
We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device's IP address (processed during your session and stored in a deidentified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf. For further details, please see the ‘about Hotjar’ section of Hotjar’s support site located at: https://help.hotjar.com/hc/en-us/categories/115001323967-About-Hotjar.
We may use remarketing services to inform you of new programs, blogs and opportunities by placing banner ads on third party web sites to you. We and our third party vendors, use cookies to inform, optimize and serve ads based on your past visits to our Services.
Google - Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads. Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information about the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/.
Facebook - Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950. To opt-out from Facebook’s interestbased ads follow these instructions from Facebook: https://www.facebook.com/about/ads/#568137493302217. Facebook adheres to the SelfRegulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA https://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada https://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe https://www.youronlinechoices.eu/, or opt-out using your mobile device settings. For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation.
How We Use the Information We Collect
We use the information we collect:
- To provide, operate and improve our Services and provide services in connection therewith, and to give each Website visitor a more consistent and personalized experience when interacting with us;
- To complete and fulfill your purchase, for example, to process your payments, have your order delivered to you, communicate with you regarding your purchase, and provide you with related customer service;
- To carry out our obligations arising from any contracts entered into between you and us;
- To create and manage your account with us;
- To provide you with information about products and services that we may provide that we think may be of interest to you;
- To communicate with you and respond to your inquiries;
- If you sign up for our email list, to send you news and updates in respect of the Services. We may also send you newsletters and promotional communications, which you may opt-out of, including participation in our mailing list, at any time by submitting a request at the following link https://www.openlegacy.com/company/contact. Please note that even if you opt-out of receiving the foregoing communications, we may still send you a response to any “Contact Us” request as well as administrative e-mails (e.g. in connection with password reset request) necessary to facilitate your use of the Services;
- If you are a job applicant, to evaluate your application, e.g. to assess applicants’ personal abilities, knowledge and skills prior to entering into the contract of employment or another contract of Company and for HR management;
- For customer service, security, to detect fraud or illegal activities, and for archival and backup purposes in connection with the provision of the Websites; and
- For research and analysis purposes.
Information Sharing
- With Third Party Service Providers Performing Services on Our Behalf. We share your PII to third parties who assist us in providing the Services, including for hosting the Website, helping provide functionality on the Website, providing data analysis and research on the Website, sending out email updates about our Services, and processing payments. Data obtained from you via Website forms and campaigns with third party organizations and other sources of information is stored by third party processors and sub-processors of Company, such as Hubspot CRM and Salesforce. We have a contract with our third-party service providers to govern their processing on our behalf and require such service providers to process such information in compliance with this Privacy Policy and subject to security and other appropriate confidentiality safeguards.
- With Our Business Partners. We share your information with other businesses with whom we have a relationship so that they can provide you with information about products and services that may be of interest to you.
- For Legal Purposes. We also may share information that we collect from users as needed to enforce our rights, protect our property or protect the rights, property or safety of others, or as needed to support external auditing, compliance and corporate governance functions. We will disclose personal information as we deem necessary to respond to a subpoena, regulation, binding order of a data protection agency, legal process, governmental request or other legal or regulatory process. We may also share personal information as required to pursue available remedies or limit damages we may sustain.
- Changes of Control. We may transfer or assign information, including your personal information, in connection with a merger, acquisition, reorganization, liquidation, change in control or other sale by or of us or any affiliated entity (in each case whether in whole or in part).
If you choose to post a comment on any of our social media pages, please note that any information you post will be visible to any other visitors to that social media page. We are not responsible for any PII you include in such posts or for any use of such information by any other visitor to the social media page.
Links
Links to other services, sites and applications are provided by Company as a convenience to our users. Company is not responsible for the privacy practices or the content of other sites and applications and you visit them at your own risk. This Privacy Policy applies solely to PII collected by us.
Minors
Company does not knowingly collect or maintain PII from children under the age of 13. If you have reason to believe that a child has provided us with their PII, please contact us at the address given above and we will endeavor to delete that PII from our databases.
Data Security
We follow generally accepted industry standards to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of PII. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your PII, we cannot guarantee its absolute security.
Data Retention
We retain your PII only for as long as reasonably necessary for the purposes for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements, which for different types of PII may be different periods.
- PII with respect to which Company is the processor will be deleted only on instruction of the controller, except where such data must be retained by us, in our judgment, as above.
- PII that is no longer retained will be anonymized or deleted. Non-personal, nonidentifiable, metadata and statistical information concerning the use of our Services are retained by Company perpetually. Some PII may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policy and their retention policy.
Data Integrity
Company processes PII only for the purposes for which it was collected and in accordance with this Privacy Policy or any applicable service agreements. We review our data collection, storage and processing practices so that we only collect, store and process the PII needed for the purposes described in the “How We Use the Information We Collect” Section above. We take reasonable steps to ensure that the PII we process is accurate, complete, and current, but we depend on our users to update or correct their PII whenever necessary. Nothing in this Privacy Policy is interpreted as an obligation to store information, and we may, at our own discretion, delete or avoid from recording and storing any and all information.
Your EU Privacy Rights
Rights of Data Subjects. If you are a EU resident, you have the following rights which you may exercise by sending a request to privacy@openlegacy.com:
- Right of Access and Rectification. You have the right to know what PII we collect about you and to ensure that such data is accurate and relevant for the purposes for which we collected it. We allow data subjects the option to access and obtain a copy of their PII and to rectify such PII if it is not accurate, complete or updated. However we may first ask data subjects to provide us certain credentials to permit us to identify their PII.
- Right to Delete PII or Restrict Processing. You have the right to delete your PII or restrict its processing. We may postpone or deny such requests if the PII is in current use for the purposes for which it was collected or for other legitimate purposes such as compliance with legal obligations.
- Right to Withdraw Consent. You have the right to withdraw your consent to the processing of their PII. Exercising this right will not affect the lawfulness of processing the PII based on consent obtained before its withdrawal.
- Right of Data Portability. Where technically feasible, you have the right to ask to transfer their PII in accordance with your right to data portability, if required pursuant to applicable law.
- Right to Lodge Complaint. You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of their PII.
Cross Border Transfers, Legal Justification and Consent to Processing.
- By providing any PII to us pursuant to this Privacy Policy, all users, including, without limitation, users in the United States, Israel and member states of the EU, fully understand and unambiguously consent to this Privacy Policy and to the collection and processing of such PII abroad. The server on which the Services are hosted and/or through which the Services are processed may be outside the country from which you access the Services and may be outside your country of residence. Some of the uses and disclosures mentioned in this Privacy Policy involve the transfer of your PII to various countries around the world that may have different levels of privacy protection than your country and will be transferred outside of the European Economic Area. If there is a transfer of your PII outside the EEA we will, in the absence of a European Commission Adequacy decision relevant to the destination country or to the transfer, seek to rely on appropriate safeguards such as entering into appropriate European Commission approved standard contractual clauses. By submitting your PII through the Services, you consent, acknowledge, and agree that we will collect, use, transfer, and disclose your PII as described in this Privacy Policy.
- We process PII to pursue our legitimate business interest to provide the Services and as described in the “How We Use the Information We Collect” Section above. To learn more about with whom we share your PII please refer to the section titled “Information Sharing” above.
- We will retain your PII for as long as necessary to fulfill the purpose for which it was collected, or as required by applicable laws or regulation. Copies of information that you have updated, modified, or deleted will remain in our systems if applicable law requires us to retain it.
- When Company processes PII on behalf of its customers, Company is a data processor. In that case, Company’s customer will be a data controller, and will be responsible to obtain the data subject’s consent or establish any other applicable lawful basis for processing and we rely on our contractual relationship with the controller (i.e. our customer).
Your California Privacy Rights
California Civil Code Section 1798.83, also known as California’s “Shine the Light” law, permits customers of Company who are California residents to request and receive, free of charge, certain information regarding its disclosure of PII to third parties for their direct marketing purposes. To make such a request, please send an email to info@openlegacy.com. Please note that we are only required to respond to one request per customer each year
Your Nevada Privacy Rights
Under Nevada law, Company does not sell your PII. However, if you are a Nevada resident, you may submit a request that we not sell any PII we have collected about you by contacting us at privacy@openlegacy.com.
Do Not Track
Our Websites do not currently take any action when they receive a Do Not Track request. Do Not Track is a privacy preference that you can set in your web browser to indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. For details, including how to turn on Do Not Track, visit www.donottrack.us.
Enforcement
Company regularly reviews its compliance with this Privacy Policy. Please feel free to direct any questions or concerns regarding this Privacy Policy or our treatment of PII by contacting us at privacy@openlegacy.com. When we receive formal written complaints it is Company's policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of PII that cannot be resolved between Company and an individual.
Changes to This Privacy Policy
Company may update this Privacy Policy. Any changes to our Privacy Policy will be posted to this page so users are always aware of the information we collect and how we use it. Accordingly, please refer back to this Privacy Policy frequently as it may change.
Last Updated: February 16th, 2022.