Effective as of May 1, 2020.
• our website at www.Advice.io (the “Website”);
• about users of the Advice services (the “Services”);
• through use of the Advice application at app.advice.io (the “App”);
• Site Visitors – those who visit the Sites or individuals who request us to contact them via our online web forms or email;
• Registered Users – those who are users of the Services via their employer’s (our customer) subscription to the Services or visit the App;
• Identifiable Individuals – those whose information is collected for the purpose of providing our data management services to our customers, which is described further, below;
• Attendees – those who attend or register to attend in person or online events sponsored by Advice.io or in which Advice.io participates.
Collectively, we refer to the individuals, above, as collectively as “Users.” An individual may fall into more than one category of individual. For example, an individual may attend one of our sponsored events and be classified as an Attendee, and then a Site Visitor when visiting the Sites. The terms “Advice.io,” “we,” “us,” and “our” refer to Advice.io, Inc.
WHAT DATA WE COLLECT
Information you provide to us
When you visit our Sites or contact us, we might collect Personal Information that you voluntarily submit to us, such as through a web form, in an email, in a chat message, or other form of electronic communication. Personal Information collected in this way includes identifiers, such as your name, business address, email address, similar identifiers, commercial information, and professional or employment-related information relevant to you as an agent of your business.
Information for web technologies
When Site Visitors and Registered Users visit our Sites or use our Services various web technologies may collect information in relation to your use of the Sites. For example, we may collect browser information, device data, logs, IP addresses, the page of the Sites you request, the date and time of the request, and the time spent on the Sites or page.
Some of the pages on the Sites may contain “cookies.” A cookie is a small data file that may be sent to your web browser and stored on your computer. This allows our server to recognize a computer when it revisits the Sites. The cookies also help Advice.io analyze trends, track user movement in the site, and gather demographic information about our users as a whole.
Most web browsers can be configured to not accept cookies, or to notify you if a cookie is sent to you. You may also consider visiting aboutcookies.org, which provides helpful information about cookies. You can choose to disable cookies for the Sites but, blocking cookies may prevent or reduce the extent to which the Sites or Services can be used or customized by you. Please note that opting out of receiving cookies may not exercise your other data rights.
Information from services
Advice.io collects information and data for the purpose of allowing Customers to measure their performance. We collect information and data to help us compile, organize, and verify this information. The collected information can include:
Performance Data – data (e.g., email, calendar, phone, customer relationship management (“CRM”) data, etc.) from activity collected through access to the Customer’s third party services or within Advice.io on behalf of the Customer. Advice.io never receives or stores user credentials (i.e., passwords) for these third party services. Advice.io relies on federated authentication protocols and tokens.
Personal Information (“PI”) – any information which can reasonably be used to identify an individual, and may include, but is not limited to, name, email address, telephone number, postal or other physical address, title, or occupation. It may also include IP addresses or other telemetry data necessary to run the Website or App. Customer Activity Data may include Personal Information of Identifiable Individuals, Registered Users, and Attendees. We endeavor to limit our requests for and collection of Personal Information to information we believe is reasonably necessary to achieve our purposes, or is necessary for the providing the Services.
Publicly Available PI – we may collect, directly or indirectly, Personal Information from publicly accessible online sources. Publicly Available PI may be collected by a third party and then provided to Advice.io.
Licensed PI – we may collect Personal Information through licensing agreements directly with data brokers or other Companies, pursuant to their privacy policies and terms and conditions.
HOW WE USE YOUR INFORMATION
General use of your information
DATA SHARING & DISCLOSURE
Sub-processors (Third-Party Service Providers)
We may transfer information, including Personal Information, to our sub-processors such as Amazon AWS, which we use to provide our services. These sub-processors may have access to or process your Personal Information for the purpose of providing these services for us (and in turn, you). We prohibit our sub-processors to use any Personal Information for their marketing purposes or for any other purpose than in connection with the services they provide to us.
Compliance and protection.
We may disclose your personal information as we believe appropriate to government or law enforcement officials or private parties (a) for the compliance and protection purposes described above; (b) as required by law, lawful requests or legal process, such as to respond to subpoenas or requests from government authorities; (c) where permitted by law in connection with any legal investigation; and (d) to prosecute or defend legal claims.
CHILDREN’S PERSONAL INFORMATION
Our Services are not intended for or directed to persons under the age of 13. Accordingly, we do not knowingly collect Personal Information from children under the age of 13. If you are under the age of 13, do not submit any Personal Information to us via email, the Sites, through our Services, or through other channels. Any person who provides information to us through registration or in any other manner on the Sites or through the Services represents to Advice.io that they are 13 years of age or older. If you believe that we have mistakenly collected such information, please notify us at email@example.com so that we may immediately delete the information.
ADDITIONAL INFORMATION PER USER TYPE
We may collect data on how you use the Sites, to improve the Sites and the Services. This may include the ability to reproduce your actions on the Sites, your IP address, your browser and device characteristics, and other such data, for the purpose of Sites and Service improvement. We may collect Personal Information from you if you choose to contact us through the Sites.
We ask for and may collect personal information such as your name, address, phone number, commercial information, and email address when you register for or attend a sponsored event or other events at which any member of the Advice.io participates. We collect this information to facilitate your registration or attendance of the event and to send you related or followup communications.
YOUR DATA RIGHTS
Cookies and Similar Technologies
Your browser or device can allow you to opt-out of data collection from cookies or similar technologies by setting your browser to refuse all or some of the web technologies (e.g., cookies) employed on the Sites. Please note that your experience using the Sites or the Services might be degraded, or certain functionalities may not work, if you opt-out to such collection.
If you wish to opt-out of our use of your contact information for our direct marketing purposes, you can click the “Unsubscribe” button located within the most recent marketing email you received from us, or contact us at privacy@Advice.io.
Depending on where you are located, you may have additional rights to opt-out of certain uses of Personal Information, know what Personal Information we’ve collected, or request that we delete your Personal Information. Please review the JURISDICTION SPECIFIC NOTICES, below, to determine if these rights apply to you.
JURISDICTION SPECIFIC NOTICES
Advice.io is based in the United States. The Sites and Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States.
Your Personal Information may be collected, transferred to, stored and otherwise processed in any country where we have facilities or in which we engage service providers, and by using the Sites and/or Services you consent to the transfer of information to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.You may be entitled to additional privacy notices depending on where you are located. Please see the appropriate subsection below that may apply to you.
Advice offers a Data Protection Agreement as a means of meeting the adequacy and security requirements of the European Parliament and Council of the European Union’s Data Protection Directive and the General Data Protection Regulation (GDPR) as well as addressing the requirements of the California Consumer Privacy Act (CCPA).
To ensure appropriate levels of security Advice.io applies technical, administrative and organizational security measures to prevent against accidental or unlawful destruction and loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against other unlawful forms of processing.
Our service is built on Amazon Web Services (AWS) which maintains multiple certifications for its data centers, including SOC reports, PCI Certification, and ISO 27001 compliance. They provide strong security measures to protect our infrastructure and are compliant with most certifications. You can read more about their practices here.
Furthermore, Advice has implemented additional security measures using Sqreen which allows us to:
• Monitor and protect our infrastructure from automated scanners, bots and targeted attacks. It blocks attacks and alerts in case of critical threats. It also brings additional features like IP blocking etc
• Monitor our applications. Security events are logged and notifications are sent in case of critical attacks to allow for fast remediation.
• Integrate security in our applications and protect our users from data breaches. It integrates protections against the most critical attack categories like SQL injections, cross-site scripting and adds security headers to our application. It blocks attacks in real-time and warns us when attackers start stressing our applications.
• Monitor suspicious behaviors and react fast in case of account takeovers. It also protects customers against data theft by blocking credential stuffing or brute force attacks.
Our strict internal procedure prevents any employee or administrator from gaining access to user data. Limited exceptions can be made for customer support. Our employees sign a Non-Disclosure and Confidentiality Agreement to protect our customers sensitive information.