Effective as of May 1, 2020.
• our website at www.Advice.io (the “Website”);
• about users of the Advice services (the “Services”);
• through use of the Advice application at app.advice.io (the “App”);
TYPES OF INDIVIDUALS
• Site Visitors – those who visit the Sites or individuals who request us to contact them via our online web forms or email;
• Registered Users – those who are users of the Services via their employer’s (our customer) subscription to the Services or visit the App;
• Identifiable Individuals – those whose information is collected for the purpose of providing our data management services to our customers, which is described further, below;
• Attendees – those who attend or register to attend events sponsored by Advice.io or in which Advice.io participates.
Collectively, we refer to the individuals, above, as collectively as “Users.” An individual may fall into more than one category of individual. For example, an individual may attend one of our sponsored events and be classified as an Attendee, and then a Site Visitor when visiting the Sites. The terms “Advice.io,” “we,” “us,” and “our” refer to Advice.io, Inc.
WHAT DATA WE COLLECT
Information you provide to us
When you visit our Sites or contact us, we might collect Personal Information that you voluntarily submit to us, such as through a web form, in an email, in a chat message, or other form of electronic communication. Personal Information collected in this way includes identifiers, such as your name, business address, email address, similar identifiers, commercial information, and professional or employment-related information relevant to you as an agent of your business.
Information for web technologies
When Site Visitors and Registered Users visit our Sites or use our Services various web technologies may collect information in relation to your use of the Sites. For example, we may collect browser information, device data, logs, IP addresses, the page of the Sites you request, the date and time of the request, and the time spent on the Sites or page.
Some of the pages on the Sites may contain “cookies.” A cookie is a small data file that may be sent to your web browser and stored on your computer. This allows our server to recognize a computer when it revisits the Sites. The cookies also help Advice.io analyze trends, track user movement in the site, and gather demographic information about our users as a whole.
Most web browsers can be configured to not accept cookies, or to notify you if a cookie is sent to you. You may also consider visiting aboutcookies.org, which provides helpful information about cookies. You can choose to disable cookies for the Sites but, blocking cookies may prevent or reduce the extent to which the Sites or Services can be used or customized by you. Please note that opting out of receiving cookies may not exercise your other data rights.
Information from services
Advice.io collects information and data for the purpose of creating our graph database and providing the Services. We collect information and data to help us compile, organize, and verify this information. The collected information can include:
Customer Activity Data – activity data (e.g., email, calendar, phone, customer relationship management (“CRM”) data, etc.) of Customer activity collected through access to the Customer’s third party services on behalf of the Customer. Advice.io never receives or stores user credentials (i.e., passwords) for these third party services. Advice.io relies on federated authentication protocols and tokens.
Personal Information (“PI”) – any information which can reasonably be used to identify an individual, and may include, but is not limited to, name, email address, telephone number, postal or other physical address, title, or occupation. It may also include IP addresses or other telemetry data necessary to run the Website or App. Customer Activity Data may include Personal Information of Identifiable Individuals, Registered Users, and Attendees. We endeavor to limit our requests for and collection of Personal Information to information we believe is reasonably necessary to achieve our purposes, or is necessary for the providing the Services.
Publicly Available PI – we may collect, directly or indirectly, Personal Information from publicly accessible online sources. Publicly Available PI may be collected by a third party and then provided to Advice.io.
Licensed PI – we may collect Personal Information through licensing agreements directly with data brokers or other Companies, pursuant to their privacy policies and terms and conditions.
HOW WE USE YOUR INFORMATION
General use of your information
DATA SHARING & DISCLOSURE
Sub-processors (Third-Party Service Providers)
We may transfer information, including Personal Information, to our sub-processors such as Amazon AWS, which we use to provide our services. These sub-processors may have access to or process your Personal Information for the purpose of providing these services for us (and in turn, you). We prohibit our sub-processors to use any Personal Information for their marketing purposes or for any other purpose than in connection with the services they provide to us.
Compliance and protection.
We may disclose your personal information as we believe appropriate to government or law enforcement officials or private parties (a) for the compliance and protection purposes described above; (b) as required by law, lawful requests or legal process, such as to respond to subpoenas or requests from government authorities; (c) where permitted by law in connection with any legal investigation; and (d) to prosecute or defend legal claims.
CHILDREN’S PERSONAL INFORMATION
Our Services are not intended for or directed to persons under the age of 13. Accordingly, we do not knowingly collect Personal Information from children under the age of 13. If you are under the age of 13, do not submit any Personal Information to us via email, the Sites, through our Services, or through other channels. Any person who provides information to us through registration or in any other manner on the Sites or through the Services represents to Advice.io that they are 13 years of age or older. If you believe that we have mistakenly collected such information, please notify us at email@example.com so that we may immediately delete the information.
ADDITIONAL INFORMATION PER USER TYPE
We may collect data on how you use the Sites, to improve the Sites and the Services. This may include the ability to reproduce your actions on the Sites, your IP address, your browser and device characteristics, and other such data, for the purpose of Sites and Service improvement. We may collect Personal Information from you if you choose to contact us through the Sites.
We ask for and may collect personal information such as your name, address, phone number, commercial information, and email address when you register for or attend a sponsored event or other events at which any member of the Advice.io participates. We collect this information to facilitate your registration or attendance of the event and to send you related or followup communications.
YOUR DATA RIGHTS
Cookies and Similar Technologies
Your browser or device can allow you to opt-out of data collection from cookies or similar technologies by setting your browser to refuse all or some of the web technologies (e.g., cookies) employed on the Sites. Please note that your experience using the Sites or the Services might be degraded, or certain functionalities may not work, if you opt-out to such collection.
If you wish to opt-out of our use of your contact information for our direct marketing purposes, you can click the “Unsubscribe” button located within the most recent marketing email you received from us, or contact us at privacy@Advice.io.
Depending on where you are located, you may have additional rights to opt-out of certain uses of Personal Information, know what Personal Information we’ve collected, or request that we delete your Personal Information. Please review the JURISDICTION SPECIFIC NOTICES, below, to determine if these rights apply to you.
JURISDICTION SPECIFIC NOTICES
Advice.io is based in the United States. The Sites and Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States. Your Personal Information may be collected, transferred to, stored and otherwise processed in any country where we have facilities or in which we engage service providers, and by using the Sites and/or Services you consent to the transfer of information to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.You may be entitled to additional privacy notices depending on where you are located. Please see the appropriate subsection below that may apply to you.
The California Consumer Privacy Act (“CCPA”), which is effective as of January 1, 2020, regulates how we handle personal information of California residents and gives California residents certain rights with respect to their personal information.Under the CCPA, Advice.io is both a “business” and a “service provider.” This subsection applies to information we collect in our role as a business. When we act as a service provider for our Customers (for example, by providing our services to another company that you interact with), we follow the processing instructions of our Customer with respect to how we process your personal information. For each of the categories of information, above, we collect the information from a variety of sources, including directly from you, from your devices, from your social media profiles, from our Customers, and/or from third party providers.
Use of Personal Information
We collect this Personal Information to provide the Services; to protect the rights, privacy, and safety of the Users and Services; and to improve the Services. For example, in the last 12 months, Advice.io used Personal Information for one or more of the following purposes:To provide our Services to our Customers; To build and maintain your network of contacts;To improve or modify the Services or develop new products;To send you administrative information about your account, such as upgrade notifications, billing notices, etc.;To communicate with you and provide you with any relevant customer service;To present products and offers, which we believe you would enhance your use of the Sites. (You may unsubscribe from these types of communications at any time;)To conduct research about Advice.io or our products and services;For billing and account services;For data analysis such as audits and fraud prevention;As required by applicable law;To enforce our terms and conditions;To protect the rights, privacy, or safety of Advice.io or others; orTo otherwise operate and support the Sites.
Your Rights Under the CCPA
The CCPA provides individual California consumers with several individual rights with respect to Personal Information. Under the CCPA, a California consumer has the right to request:The disclosure of the categories of personal information we collected about you.The disclosure of the categories of sources for the personal information we collected about you.The disclosure of the specific pieces of personal information we collected about you. The disclosure of the personal information categories that each category of recipient received for valuable consideration; The disclosure of the personal information categories that each category of recipient obtained for a business purpose;The deletion of your Personal Information, subject to certain limitations under the CCPA; andThe right not to be discriminated against for exercising certain rights under California law.
DATA AND APP SECURITY
To ensure appropriate levels of security Advice.io applies technical, administrative and organizational security measures to prevent against accidental or unlawful destruction and loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against other unlawful forms of processing.
Our service is built on Amazon Web Services (AWS) which maintains multiple certifications for its data centers, including SOC reports, PCI Certification, and ISO 27001 compliance. They provide strong security measures to protect our infrastructure and are compliant with most certifications. You can read more about their practices here.
Furthermore, we've implemented additional security measures using Sqreen (https://www.sqreen.com/) which allows us to:
• Monitor and protect our infrastructure from automated scanners, bots and targeted attacks. It blocks attacks and alerts in case of critical threats. It also brings additional features like IP blocking etc
• .Monitor our applications. Security events are logged and notifications are sent in case of critical attacks to allow for fast remediation.
• Integrate security in our applications and protect our users from data breaches. It integrates protections against the most critical attack categories like SQL injections, cross-site scripting and adds security headers to our application. It blocks attacks in real-time and warns us when attackers start stressing our applications.
• Monitor suspicious behaviors and react fast in case of account takeovers. It also protects customers against data theft by blocking credential stuffing or brute force attacks.
Our strict internal procedure prevents any employee or administrator from gaining access to user data. Limited exceptions can be made for customer support. Our employees sign a Non-Disclosure and Confidentiality Agreement to protect our customers sensitive information.