Effective starting: May 25, 2018
What this Policy Covers
Your privacy is important to us, and so is being transparent about how we collect information about you and why, what we do with that information, and how we handle that information. This policy is intended to help you understand:
- What this Policy Covers
- What Information We Collect
- How We Use Your Information
- How We Share Information
- Data Retention
- International Data Transfers
- Your Data Protection Rights Under the GDPR
- Third Party Links and Services
- Our Policy Toward Children
- International Users
- Contact Us
What Information We Collect
We collect information about you when you provide it to us, when you use our Services, and when other sources provide it to us, as further described below.
Information You Provide
We collect information about you when you input it into the Services or otherwise provide it directly to us.
Account and Profile Information
- Account Registration. When you register to use our Services by establishing an Account, we will collect Personal Data as necessary to offer and fulfill the Services you request. Depending on the Services you choose, we may require you to provide us with your name, postal address, telephone number, email address and identification information to establish an Account. We may require you to provide us with additional Personal Data as you use our Services.
Data You Provide Through Our Services
We process Your Data that you or your Authorized Users create, input, transmit in the process of using our Services.
Such Your Data includes any Personal Data or other sensitive information that you or Authorized users choose to include (“Incidentally-collected Personal Data”).
In the case of our Services, all personal user dictionaries and words inside these dictionaries that are created by your Authorized Users will be stored on our servers. All these dictionaries will be tied to a specific service ID without any reference to a particular user who created it. Only the Authorized User who created a dictionary and knows the exact name of the dictionary will be able to use it. Moreover, an Authorized User can choose not to save a personal dictionary on our server. In this case, all the words added by this particular user will be stored in his/her browser local storage (not on our servers). However, if they decide to switch to another browser or device, they won’t have access to the words already saved in the browser.
Information You Provide Through Our Support Channels
The Services also include our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service. Whether you designate yourself as a technical contact, open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.
We collect other data that you submit to our Website or as you participate in any interactive features of the Services, participate in a survey, promotion, request customer support, communicate with us via third party social media sites or otherwise communicate with us. For example, information regarding a problem you are experiencing with a WebSpellChecker product could be submitted to our Support Services.
Information We Collect When You Use Our Services
We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Services.
As is true with most websites and services delivered over the Internet, we gather certain information and store it in log files when you interact with our Services.
In case of your use of our Websites, the information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your devices, and system configuration information.
In the case of our Services, for the purpose of improving and monitoring usage of our Services, we log the following information below into our database. None of this information can be used to identify you or your Authorized Users.
- date and time, type of the request (spell check, grammar check, get suggestions), length of submitted text, text language, processing time on server, number of detected errors (but not the actual errors unless you have agreed to that), used type of the product;
- the page on which you submitted the request (referrer), user agent, and associated with the page service ID which authorized access to our Services;
- internal errors that occur (e.g. the text hasn’t been processed due to access restrictions, or certain limitations that are present for the Free Services).
- statistics of words added to dictionaries, ignored problems and replaced problems containing the original problem and selected suggestion.
We collect analytics information when you use our Websites and Services to help us improve our products and services. In the Services, this analytics information consists of the feature and function of the Service being used, the associated service ID (SID) and domain name.
Cookies and Similar Technologies
We also collect information using web beacons (also known as “tracking pixels”). Web beacons are electronic images that may be used in our Websites or Services or in emails that help us to deliver cookies, count visits, understand usage and campaign effectiveness and determine whether an email has been opened and acted upon.
How We Use Your Information
How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.
- Provision of the Services . We use information about you to provide the Services to you, including to process transactions with you, authenticate you when you log in, provide customer support, and operate and maintain the Services.
- Research and development. We are always looking for ways to make our Services smarter, faster, secure, integrated, and useful to you. We use collective learnings about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns and areas for integration and improvement of the Services.
- Communicating with you about the Services. We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages. We also send you communications as you onboard to a particular Service to help you become more proficient in using that Service. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings.
- Marketing, promoting and driving engagement with the Services. We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you. These communications are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new product offers, promotions and contests. You can control whether you receive these communications as described below under “Opt-out of communications.”
- Customer support. We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyze crash information, and to repair and improve the Services.
- For safety and security. We use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.
- Protecting our legitimate business interests and legal rights. Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
- With your consent. We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.
Legal bases for processing (for EEA users):
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:
- We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services;
- It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests;
- You give us consent to do so for a specific purpose; or
- We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
How We Share Information
We will not share or disclose any of your Personal Data or User Content with third parties except as described in this Policy. We do not sell your Personal Data or User Content.
We may provide access to or share your information with select third parties who perform services on our behalf. These third parties provide a variety of services to us, including without limitation billing, sales, marketing, provision of content and features, advertising, analytics, research, customer service, shipping and fulfillment, data storage, security, fraud prevention, payment processing, and legal services.
Service Providers: We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including policies and procedures designed to protect your information.
Compliance with Laws and Law Enforcement Requests; Protection of Our Rights
We may disclose your Information (including your Personal Data) to a third party if (a) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request, (b) to enforce our agreements, policies and terms of service, (c) to protect the security or integrity of our products and services, (d) to protect us, our customers or the public from harm or illegal activities, or (e) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
We may share or transfer your Information (including your Personal Data) in connection with, or during negotiations of, any merger, a sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the Services of any change in ownership or uses of your Personal Data, as well as any choices you may have regarding your Personal Data.
Aggregated or Anonymized Data
We may also share aggregated or anonymized Information that does not directly identify you with the third parties described above.
With Your Consent
We will share your Personal Data with third parties when we have your consent to do so.
Information We Do Not Share
We do not share Personal Data about you with third parties for their marketing purposes (including direct marketing purposes) without your permission.
We are committed to protecting the security of your Personal Data and take reasonable precautions to protect it. However, Internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure, and as a result, we cannot ensure the security of information you transmit to us, including Personal Data and User Content; accordingly, you acknowledge that you do so at your own risk.
We use industry-standard encryption to protect your data in transit. This is commonly referred to as transport layer security (“TLS”) or secure socket layer (“SSL”) technology. Once we receive your Personal Data, we protect it on our servers using a combination of technical, physical, and logical security safeguards.
If you use our Server Products, responsibility for securing storage and access to the information you put into the Services rests with you and not us. We strongly recommend that Server Products’ customers configure SSL to prevent interception of data transmitted over networks and to restrict access to the databases and other storage points used.
We retain Personal Data we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a Service you have requested or to comply with applicable legal, tax, or accounting requirements).
When we have no ongoing legitimate business need to process your Personal Data, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
International Data Transfers
We offer European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and other international transfers of Your Data. A copy of our Standard Data Processing Addendum (DPA), incorporating Model Clauses, is available here.
For the purpose of provision of Services, we host and process Your Data with Amazon Web Services (AWS) hosting service provider in the United States. AWS is certified under the EU-US Privacy Shield which enables the compliant transfer of personal data from the EU to the US.
AWS customers can already transfer personal data from the EU to the US in a compliant way; The EU-US Privacy Shield aims to enable the compliant transfer of personal data from data controllers in the EU to data controllers (or processors) in the US. AWS offers customers a Data Processing Addendum, including Model Clauses (Data Processing Addendum) that was approved in 2015 by the EU data protection authorities, known as the Article 29 Working Party. This Data Processing Addendum enables our customers, when using AWS to transfer personal data outside the European Economic Area (EEA), to any country, including to the US. For this reason, the EU-US Privacy Shield does not affect the way customers use, or work, with AWS. Customers can continue transferring their content from AWS’ EU regions to the US regions with the knowledge that AWS is compliant with EU data protection requirements.
Read more here …
The servers on which Personal Data is stored are kept in a controlled environment. While we take reasonable efforts to guard your Personal Data, no security system is impenetrable and due to the inherent nature of the Internet as an open global communications vehicle, we can’t guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers.
In addition, we can’t guarantee that any incidentally-collected Personal Data you choose to store in Websites or Services are maintained at levels of protection to meet specific needs or obligations you may have relating to that information.
Where data is transferred over the Internet as part of a Website or Services, the data is encrypted using industry standard SSL (HTTPS).
Where Server Products are used, the responsibility of securing access to the data you store in the Server Products rests with you and not us. We strongly recommend that administrators of Server Products configure SSL to prevent interception of data transmitted over networks and to restrict access to the databases and other storage used to hold data.
Your Data Protection Rights Under the GDPR
If you are a resident of the EEA, you have the following data protection rights:
- If you wish to access, correct, update, or request deletion of your Personal Data, you can do so at any time by emailing firstname.lastname@example.org.
- In addition, you can object to the processing of your Personal Data, ask us to restrict the processing of your Personal Data, or request portability of your Personal Data. You can exercise these rights by emailing email@example.com.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing, please contact us by emailing firstname.lastname@example.org.
- Similarly, if we have collected and process your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
- Access and update your information. Our Services and related documentation give you the ability to access and update certain information about you from within the Service. You can update your profile information within your profile settings.
- Deactivate your account. If you no longer wish to use our Services, you may be able to deactivate your Services account.
- Opt out of communications. You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, updating your email preferences within your Service account settings menu, or by contacting us as provided below to have your contact information removed from our promotional email list or registration database. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our Services. You can opt out of some notification messages in your account settings.
- Turn off Cookie Controls. Relevant browser-based cookie controls are described in our Cookies Policy.
- Send “Do Not Track” Signals. Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our Services do not currently respond to browser DNT signals. You can use the range of other tools we provide to control data collection and use, including the ability to opt out of receiving marketing from us as described above.
- Depending on whether you are using our Free services or are a user of a paid subscription that belongs to a Customer, you will have certain choices regarding how to store words added to a personal user dictionary on you side (in a browser local storage).
Third Party Links and Services
Our Websites and Services contain links to third party websites such as social media websites, and also contain third party integrations. If you choose to use these websites or integrations, you may disclose your information not just to those third-parties, but also to their users and the public more generally depending on how their services function. Because these third party websites and services are not operated by WebSpellChecker, we are not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your personal and other information will be subject to the privacy policies of the third party websites or services, and not this Policy. We urge you to read the privacy and security policies of these third-parties.
Our Policy Toward Children
We understand the importance of protecting children’s privacy, especially in an online environment. Our Websites and Services are not designed for or directed at children and children under 13 are not permitted to use the Services. We do not knowingly collect Personal Data from children under 13. If we become aware that we have unknowingly collected Personal Data from a child under the age of 13, we will make commercially reasonable efforts to delete such information from our database. If a parent or guardian becomes aware that his or her child has provided us with Personal Data without their consent, he or she should contact us at email@example.com.
- Our servers are based in the United States, so your personal data will be primarily processed by us in the United States. You consent to the transfer and processing of your personal data in the United States by WebSpellChecker.
- You consent and agree that we may transfer your data to data processors located in countries, including the United States, which do not have data protection laws that provide the same level of protection that exists in countries in the European Economic Area. Your consent is voluntary, and you may revoke your consent by opting out at any time. Please note that if you opt-out, we may no longer be able to provide you our Services.
- You consent to us sharing your personal data with relevant persons working for service providers who assist us to provide our Services.
- WebSpellChecker LLC
- 38 Nauky Ave.
- Kharkiv, 61166
- Tel.: +1 (917) 259-1071