This policy was updated on May 14, 2018 and so does not match the version in The Tech Contracts Handbook.
WARNING: This policy has not yet been updated to address the California Consumer Privacy Act (CCPA). Please visit again soon for a revised draft.
Effective Date: _______________
A. Personal Data We Collect
We collect the following personal data from users who buy our products or services or contact us through the contact forms at our Website: first name, last name, and e-mail address, telephone, credit card number, ________________.
We also collect data on how our website is used: number of page visits and duration, type of browser, __________ (collectively, “Usage Data”). This Usage Data may include personal data, like your Internet Protocol (IP) address.
We also use “cookies” to collect certain information from all users, including Web visitors who don’t buy anything through our Website. Data collected through cookies may include Usage Data (whether or not personal) and Personal Data. A cookie is a string of data our system sends your computer and then uses to identify your computer when you return to our Website.
You can set up most browsers to refuse all cookies or to notify you of any cookies you receive. But if you don’t accept cookies, you won’t be able to make as efficient use of our Website, and you may not be able to use some features at all.
Our Website is not intended to collect data from children or from anyone under 18. If you are aware of children’s information collected through our Website, please contact us immediately at __________.
B. Our Use of Personal Data
We use your Personal Data to create your account, to communicate with you about products and services you’ve purchased, to offer you additional products and services, to bill you, and ______________. We also use that information to the extent necessary to enforce our Website terms of service and to prevent imminent harm to persons or property.
Do Not Track Notice
Do Not Track (“DNT”) is a setting in a web browser that directs websites not to track your behavior. You can activate the DNT settings through most browsers.
[We do not track users over time and across third party Websites, so we do not respond to DNT signals.]
[We track users over time and across third party Websites as follows: ________________________. We _______ (do / do not) respond to DNT signals.] [We use information collected through tracking as follows: __________________________.]
[We have not authorized any third party to track consumers or visitors while they are on our Website, and we are aware of no such tracking.] [We have authorized the following third party tracking of visitors to our Website, over time and across third party Websites: ________________________.]
C. Retention of Personal Data
D. Transfer of Personal Data
E. Contractor and Other Third Party Access to Personal Data
We give certain independent contractors access to Personal Data. Those contractors assist us with _____________________. All those contractors are required to sign contracts in which they promise to protect Personal Data using procedures reasonably similar to ours. (Users are not third party beneficiaries of those contracts.) We also may disclose Personal Data to attorneys, collection agencies, or law enforcement authorities to address potential AUP violations, other contract violations, or illegal behavior. And we disclose any information demanded in a court order or otherwise required by law or to prevent imminent harm to persons or property. Finally, we may share Personal Data in connection with a corporate transaction, like a merger or sale of our company, or a sale of all or substantially all of our assets or of the product or service line you received from us, or a bankruptcy.
As noted above, we compile Website usage statistics from data collected through cookies. We may publish those statistics or share them with third parties, but they don’t include Personal Data.
F. Protection of Personal Data
We employ the following data security tools to protect Personally Identifiable Information: ________________________________________________. And we take reasonable steps select vendors who make limited and legal use of your Personal Data. Unfortunately, even with these measures, we cannot guarantee the security of Personal Data. By using our Website, you acknowledge and agree that we make no such guarantee, and that you use our Website at your own risk.
G. Accessing and Correcting Your Personal Data
You can access and change any Personal Data we store by contacting us via e-mail, at _______________.
H. Special Terms related to the European Economic Area
If you are in the European Economic Area (“EEA”), the provisions of this Section H apply to you, effective May 25, 2018.
Legal Basis for Processing
We may process your Personal Data because you have given us permission to do so (e.g., by sending data through our contact or order forms), because the processing is in our legitimate interests and it’s not overridden by your rights, or because we need to process your Personal Data to comply with the law.
Your Rights Under the General Data Protection Regulation (“GDPR”)
If you wish to know what Personal Data we hold about you, to have us remove it, or otherwise to exercise your rights, please contact us at ______________. In some cases, you also have the following rights related to your Personal Data:
- The right to access, update, or delete your Personal Data.
- The right of rectification—to have your information altered if it is inaccurate or incomplete.
- The right to object to our processing of your Personal Data.
- The right of restriction—to request that we restrict how we process your Personal Data.
- The right to data portability—to receive a copy of the information we have on you in a structured, machine-readable, and commonly used format.
- The right to withdraw consent to our processing of your Personal Data.
- The right to complain to an EEA data protection authority (a government agency) about our management of your Personal Data.
J. Contacting Us