You are not legally required to provide us with any personal data, and may do so at your own free will. If you do not wish to provide us with your personal data, or to have it processed by us or any of our Service Providers (defined below), please avoid any interaction with us or the use of our Services.
- Accountability for Onward Transfer
- Data Integrity and Purpose Limitation
- Recourse, Enforcement, and Liability
What Information We Collect & Why
Account Information. We collect various forms of information from visitors of our Site and/or App and users of our Services like name, title, company, email address, location, phone number, payment information, account and Site activity, IP addresses, cookies identifiers, and other information you provide that will or may identify you (collectively, the “Personal Data”). Some of our Services let you access your accounts and related information with other service providers. We may use, process and transmit your Personal Data to render our Services, to contact you and allow others on your team to contact you through the Services, to tell you about new products and features, to respond to customer care and other inquiries, and to process and fulfill your transactions and other requests.
Collection from Minors. Substrata Ltd. does not knowingly collect personal information from minors who are under the age of 16 through the Services. If a parent or guardian becomes aware that his or her child has provided us with personally identifiable information without his/her consent, then he or she should contact Substrata Ltd. as described below. If we become aware that a child under the age of 16 has provided us with personally identifiable information, we will delete such information from our files. Further, the Children’s Online Privacy Protection Act (“COPPA”) requires parental consent for collection of data from children younger than the age of 13 years old. For tips on protecting children’s privacy online, generally, please view the U.S. Federal Trade Commission (“FTC”) website at http://www.ftc.gov/privacy/privacyinitiatives/childrens.html.
Services Information. Our data analytics tools and capabilities enable our enterprise customers who use our Services, Site and/or App, to collect, store, analyze and share the contents of audio, video, image and text-based communications such as phone calls, video calls, emails, chats, webinars and meetings, along with associated data and documentation. These recordings and analysis thereof may also contain personal information, such as names, titles, and contact information. We may reproduce, analyze, summarize and disclose these files, recordings and any results of our Services with such customers and their relevant personnel and other team members, and customers may share this information with their personnel and others. You may choose to give us access to additional user contacts to make it easy for you to do things like share and collaborate, send messages, and invite others to use the Services. If you do, we may store those contacts within our systems for you to use.
Usage Information. We collect information related to how you use the Services, Site and/or App including actions you take in your account, such as accessing and sharing files and reports. This helps us provide you with additional features, and to personalize, monitor and improve the Services. We also collect information from and about the devices you use to access the Services, such as IP addresses, the type of browser and device you use, the web page you visited before coming to our sites, and identifiers associated with your devices. Your devices (depending on their settings) may also transmit location information to the Services.
Cookies and other technologies. As part of our Site and/or App we use technologies like cookies and pixels to provide, improve, protect and promote our Services (as further detailed in the Cookies Section below). You may set your browser to not accept cookies, but this may limit your ability to use the Services. In addition, please note that only as part of our Site’s operation (and not as part of our Apps’ operation), we may use targeting cookies to collect information about your activities on our Site and other websites, thus enabling us to advertise our products and services, directly to you, on third party platforms (such as, Google, Facebook and LinkedIn), including across browsers and devices. If you would like to opt out of receiving targeted advertising, please email firstname.lastname@example.org.
Choice. You can always opt not to disclose information to us, but keep in mind that some information may be needed to create an account or take advantage of some of our features. You may also be precluded from using certain features, tools and aspects of our Services if you elect not to provide us with certain information that we may request.
With Whom We Share Your Information
Other users. Our App displays information contained within your Personal Data like your name, team name, and email address to other users from your organization in places like your user profile and sharing notifications. When you register your account with an email address on a domain owned by your employer or organization, we may help your team members find you and your team by making some of your basic information—like your name, team name, and email address—visible to other users on the same domain. This helps us show your teams you can join, and helps other users share files and folders with you.
Team Admins and Team Members. (Relevant only for our App) If you are a member of a team, your administrator may have the ability to access and control your team account, and your Personal Data may be shared with your other team members and others. Please refer to your organization’s internal policies if you have questions about this. If you are not a team member but interact with a team member (e.g., by joining a shared folder or accessing reports shared by that user), members of that organization may be able to view the name, email address, IP address, and other information that was associated with your account at the time of that interaction.
Processing of Your Personal Data
Substrata Q use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements
We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity (i.e. processing that is necessary for the performance of a contract with you, such as your user agreement with us that allows us to provide you with the Products) and our “legitimate interests” or the legitimate interest of others (e.g. our users),
We process Personal Data when you use our Services for purposes such as:
- Account configuration
- Account maintenance
- Enabling meetings, conference calls, presentations and webinars between users and third-party participants
- Hosting and storing personal data from meetings, conference calls, emails, webinars and other audio, video, image or text-based communications (designed to facilitate the provisioning of the Services)
- Personalizing, improving or operating our Service and business
- Fulfilling requests you make related to the Services
- Protecting, investigating and deterring against fraudulent, harmful, unauthorized or illegal activity
- Providing reports based on information collected from use of our Services
- Providing support and assistance for our Services
- Providing the ability to create personal profile areas and view protected content
- Providing the ability to contact you
- Providing customer feedback and support
- Complying with our contractual and legal obligations, resolving disputes with users, enforcing our agreements
- keeping you up to date on the latest Services announcements, software updates, software upgrades, system enhancements, special offers, and other information
Data Subject Rights
You have certain rights with respect to your Personal Data as set forth below. Please note that in some circumstances, Substrata Ltd. may not be able to fully comply with your requests, or we may ask you to provide us with additional information in connection with your request, which may include providing us with more Personal Data if we need to verify your identity or the nature of your request. In such situations, however, we will still respond to let you know of our decision. To make any of the following requests, contact us using the contact details referred to in the “Contact Us” section of this policy. Your rights consist of the following:
- Access: You can request more information about the Personal Data we hold about you. You can also request a copy of the Personal Data.
- Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by logging into your service account. Please contact us as soon as possible upon noticing any such inaccuracy or incompleteness.
- Objection: You can contact us to let us know that you object to the collection or use of your Personal Data for certain purposes.
- Erasure: You can request that we erase some or all of your Personal Data from our systems.
- Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
- Portability: You have the right to ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another entity where technically feasible.
- Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Products.
- Right to File Complaint: You have the right to lodge a complaint about video call suppliers’ (e.g Zoom) practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
As noted above, under certain circumstances we will not be able to fulfill your request, such as if it interferes with our regulatory obligations, affects legal matters, we cannot verify your identity, or it involves disproportionate cost or effort, but in any event we will respond to your request within a reasonable timeframe and provide you an explanation. In order to make such a request of us, please contact our Privacy Team at email@example.com.
We may access, preserve and disclose your information to third parties if we determine that such disclosure is reasonably necessary to (a) comply with the law, legal requests or court orders; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse or address security or technical issues relating to our Services or our users; or (d) protect and enforce our rights and the rights, property and safety of our users and others.
How We Store Your Information
Security. We have personnel and third parties dedicated to keeping your information secure and testing for vulnerabilities. We also continue to work on features to keep your information safe in addition to things like Single Sign-On user authentication, and encryption of data in transit and at rest. However, no means of transmission over the internet or electronic storage is 100% secure, and while we endeavor to use commercially reasonable means to protect personal information, we cannot guarantee its absolute security. If you access our Services via a third-party CRM platform or Cloud calendar (GSuite, Outlook 365), you should also protect your account with secure account credentials and prevent unauthorized access to your account and personal information.
International Transfers; Standard Contractual Clauses
We are a global company, with offices and operations in numerous countries. We may store personal information about you in the European Economic Area (the “EEA”) and in other countries and territories. To facilitate our global operations, we may transfer and access such personal information from around the world, including from other countries in which Substrata Ltd. has operations. Please note that these data transfer practices may vary based on customer location and the applicable Service being used.
Accountability for Onward Transfers.
Substrata Ltd. is not required to identify the sources of personal data when such identification is not possible through reasonable efforts, or where the rights of persons other than the affected data subject would be violated. If there are compelling grounds to doubt the legitimacy of a data subject’s request for rectification, amendment or deletion of his or her Personal Data, we may require further justifications before performing the Data Subject’s request. We are not required to notify third parties to whom the Personal Data has been disclosed of any rectification, amendment or deletion when such notification involves a disproportionate effort or unreasonable burden.
Substrata Ltd. undertakes reasonable and appropriate administrative, technical and physical measures to protect the confidentiality, integrity and availability of Personal Data, whether in electronic or tangible, hard copy form. We shall also take reasonable steps to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration and destruction.
Links to Third Party Websites
Through our Services, you may connect to third party websites via hyperlinks, and the connections may or may not be obvious. We are not responsible for the collection, use, maintenance, sharing or disclosure of data and information by such third parties. We encourage you to be aware of the varied privacy policies of Web sites that you visit.
Social Media Widgets
Change of Entity Form
If we are involved in a reorganization, merger, acquisition or sale of our assets, bankruptcy or similar event, your information may be transferred as part of the evaluation of and consummation of that deal. We will notify you (for example, via a message to the email address associated with your account) of any such deal where we are not the surviving entity of such transaction, and outline your choices.
Right to Modify
For California Visitors
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of personal information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to: firstname.lastname@example.org
For Australia Visitors
In addition to complying with all other applicable laws, Substrata Ltd. has adopted the Australian Privacy Principles (the “APPs”) contained in the Privacy Act 1988 (Cth) (the “Privacy Act”). The APPs govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Data. A copy of the APPs may be obtained from the website of The Office of the Australian Information Commissioner. It is worth noting that sensitive information is defined in the Privacy Act to include a variety of information, including “Biometric information that is to be used for the purpose of automated biometric identification or verification” — in other words, your voice recordings collected when you utilize the Services are Sensitive Information under the Privacy Act. Sensitive information will be used by us only: (1) for the primary purpose for which it was obtained, which is to monitor your usage and enable various search tools in connection with your usage of the Services; (2) for a secondary purpose that is directly related to the primary purpose; and (3) with your consent; or where required or authorized by law.
Access and Contact
Through your account settings, you may access, and in some cases, edit or delete certain information you provide to us. The information you may view, update or delete may change as the Services change.
If your Personal Data has been provided to us by one of our customers, please contact that customer to request any access to, correction of, or removal of your information.
Inquires or Concerns
You may always request access to the data you submit to Substrata Ltd. and/or a summary of the data that we’ve collected about you. Please direct those requests to either the ‘contact us’ feature on our Site or by sending an email to email@example.com, and we will do our best to provide a prompt response to your question.
Substrata Ltd. commits to the resolution of complaints about your privacy and our collection or use of your Information.
- What is a cookie? A cookie is a small text file that is stored in your web browser that allows Substrata Ltd. or a third party to recognize you. Cookies might be used for the following purposes: (1) to enable certain functions; (2) to provide analytics; (3) to store your preferences; and (4) to enable ad delivery and behavioral advertising. Cookies can either be session cookies or persistent cookies. A session cookie expires automatically when you close your browser. A persistent cookie will remain until it expires or you delete your cookies. Expiration dates are set in the cookies themselves; some may expire after a few minutes while others may expire after multiple years. Cookies placed by the website you’re visiting are sometimes called “first party cookies,” while cookies placed by other companies are sometimes called “third party cookies.”
- What cookies are used when I use the Services? When you access and/or use any of the Services, Substrata Ltd. or a third party may place a number of cookies in your browser. Some of the cookies will only be used if you use certain features or select certain preferences, and some cookies will always be used. Each cookie serves one of four different purposes:
- Essential Cookies: These first party cookies allow users to use a feature of the Services such as: (i) staying logged in, or (ii) making purchases.
- Analytics Cookies: These cookies track information about how the Services are being used so that we can make improvements and report on our performance. We may also use analytics cookies as part of the Site, to test new ads, pages or features to see how users react to them. Analytics cookies may either be first party or third-party cookies.
- Preference Cookies: These first party cookies store your Services preferences.
- Ad Targeting Cookies (used only as part of the Site and not as part of the App): These third-party cookies (also known as “behavioral” or “targeted” advertising) are placed by advertising platforms or networks in order to: (i) deliver ads and tracks ad performance, and (ii) enable advertising networks to deliver ads that may be relevant based upon your activities.
Finally, we may set cookies within emails we send to you (if you have consented to receiving emails from us). These cookies are used to track how often our emails are opened and clicked on by our customers. You can manage email cookies in the same way as website cookies, as explained above.
Other tracking technologies
We may use additional technologies to help track user activities and preferences. For example, web beacons (also known as clear gifs, pixel tags or web bugs). Web beacons are tiny graphics (about the size of period) with a unique identifier that are embedded invisibly on web pages or emails. They are used to track user activities and communicate with cookies. You cannot opt out of web beacons used in webpages, but you can limit their use by opting out of the cookies they interact with. You can opt out of web beacons used in emails by setting your email client to render emails in text mode only. Finally, we use local storage to facilitate certain functions, but we do not retain the data captured via local storage.