1. WHAT PERSONAL INFORMATION WE COLLECT ABOUT YOU
We collect Personal Information about you when you provide it to us, when you use our Services, and when other sources provide it to us, as further described below.
Personal Information you provide to us
We collect Personal Information about you when you register for an account, create or modify your profile, set preferences, connect with other third-party services, sign-up for or make purchases through the Services. For example, you provide your contact information and, in some cases, billing information, when you register for the Services. We may also collect other content that you submit to the Site.
Your use of the Services, for which we may collect information about You (or your business) also include our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service. Whether you designate yourself as a technical contact, open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.
We collect payment and billing information when you register for certain paid Services. For example, we ask you to designate a billing representative, including name and contact information, upon registration. You might also provide payment information, such as payment card details, which we collect via secure payment processing services.
Personal Information we collect automatically when you use the Services
We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Site and/or the Services. We keep track of certain information about you when you visit and interact with any of our Services. This information includes all of your interactions with the Services; the features you use; the query or queries submitted and used in connection with the Services; users, inside or outside your organization, you may add to provide access to the Services; the links you click on; the type, size, content, and filenames of attachments you upload to the Services; any information you provide as part of the Services provided by Rupert; any requests or questions you submit to Rupert via online forms, email, messaging (including Slack), or otherwise; and license credentials to ensure that usage is in compliance with the customer's licensing terms. This information includes metadata about users, roles, database connections, server settings, features used, API usage, and Platform version.
We, or any third-party we use as necessary to provide the Services, may collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience. How much of this information we collect depends on the type and settings of the device you use to access the Services. Server and data center Service administrators can disable collection of this information via the administrator settings or prevent this information from being shared with us by blocking transmission at the local network level.
To collect information contemplated in this section, may use Internet server logs, cookies, tracking pixels, and other similar tracking technologies. We use these technologies in order to offer you a more tailored experience in the future, by understanding and remembering your particular browsing preferences. Cookies are small text files that are placed on your computer or mobile device when you visit a site, that enables us to: (i) recognize your computer; (ii) store your preferences and settings; (iii) understand the web pages of the Services you have visited; (iv) enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests; (v) perform searches and analytics; and (vi) assist with security and administrative functions.
2. HOW WE USE PERSONAL INFORMATION ABOUT YOU
We use Personal Information for various purposes depending on the types of information we have collected from and about you, in order to:
• Provide the Services to you
• Respond to your request for information and provide you with more effective and efficient service
• Contact you by email, postal mail, or phone regarding Rupert and its products, services, surveys, research studies
• Customize the content you see on the Services
• Secure our Services and resolve technical issues being reported
• Help us better understand your interests and needs, and improve the Services, including through research and reports, and test, improve, and create new products, features, and services. We automatically analyze and aggregate frequently used search terms and queries, including any users requests through any form of communication, including third-party messaging services, for Services residing in our repository, to improve the accuracy and relevance of suggested topics and/or Services that auto-populate when you use the search feature. In some cases, we apply these learnings across our Services to improve and develop similar features, to better integrate the Services you use, to improve the Services similarity functionalities for purposes of providing solutions to users, or to provide you with insights based on how others use our Services. We also test and analyze certain new features with some users before rolling the feature out to all users.
• For our business purposes we have a legitimate interest, when we:
o Operate the Service or the Site
o Apply information security policies and controls on the Service or the Site, including overall integrity, identity management and account authentication
o For research and development to improve the Services
• Investigate and prevent fraudulent transactions, unauthorized access to the Site and the Services
• Comply with any procedures, laws, and regulations which apply to us where it is necessary for our legitimate interests or the legitimate interests of others
• Establish, exercise, or defend our legal rights where it is necessary for our legitimate interests or the legitimate interests of others
• For other purposes for which we obtain your consent
We may aggregate and/or anonymize Personal Information collected through the Services and/or the Site so that such information does not identify you as the source of the information. We may use such information to improve the Services, by and through any third-party we use to integrate Services with the users’ database, for research.
3. LEGAL BASES FOR PROCESSING (FOR EEA USERS)
If you are an individual in the European Economic Area (EEA), we collect and process Personal Information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:
• We need it to provide you the Services pursuant to Service Terms and Conditions, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services;
• It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests;
• You give us consent to do so for a specific purpose; or
• We need to process your data to comply with a legal obligation.
If you have consented to our use of Personal Information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
4. DATA SUBJECT RIGHTS AND YOUR CHOICES
You have certain rights with respect to Personal Information about you as further described in this section.
a. Your Legal Rights
If you would like further information in relation to your legal rights under applicable law or would like to exercise any of them, please contact us using the information in the “Contact Information” section below at any time. Your local laws (e.g., in the EU or, for example, in California) may permit you to request that we:
• provide access to and/or a copy of certain Personal Information we hold about you
• prevent the processing of Personal Information for direct-marketing purposes (including any direct marketing processing based on profiling)
• update Personal Information which is out of date or incorrect
• delete certain Personal Information which we are holding about you
• restrict the way that we process and disclose certain Personal Information about you
• transfer Personal Information about you to a third-party provider of services
• revoke your consent for the processing of Personal Information about you
We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing Personal Information about you for our legitimate interests or to comply with a legal obligation. We may request you provide us with information necessary to confirm your identity before responding to your request.
5. THIRD PARTY LINKS
6. DATA SECURITY
Rupert cares deeply about data security. To the effect, Rupert protects Personal Information with industry standard technical and organizational measures to secure the information we store. We have implemented a range of controls and technical measures to protect the confidentiality, integrity, and availability of our systems. These include:
• Force HTTPS on all connections, so data in-transit is encrypted with TLS.
• Encrypt all database data at-rest with AES-256.
• Host all servers on Google Cloud in the US, in data centers that are SOC 1, SOC 2 and ISO 27001 certified, protected with strong passwords and two-factor authentication
• Regularly conduct external penetration tests from third-party vendors.
• Regularly conduct security awareness training sessions with all employees.
• Maintain detailed audit logs of all internal systems.
• Access control protocols to restrict data availability to those parties who need it.
While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that Personal Information, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others.
7. DATA RETENTION
8. DISCLOSURE OF PERSONAL INFORMATION
In certain situations, we may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may disclose Personal Information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or act regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Service Terms and Conditions, or as otherwise required by law.
9. CALIFORNIA REQUIREMENTS
If you are a California resident, there are some additional rights that may be available to you under the California Consumer Protection Act (“CCPA”). This policy explains the tools that we have made available to you to exercise your data rights under the CCPA, such as the right to deletion and the right to request access to the categories of information we have collected about you. We encourage you to manage your information, and to make use of the privacy controls we have included in our Services. You will not be discriminated against for exercising any of your privacy rights under the CCPA. In order to protect your information from unauthorized access or deletion, we may require you to provide additional information for verification. If we cannot verify your identity, we will not provide or delete Personal Information about you.
This policy describes the categories of Personal Information we may collect, the sources of that Personal Information, and our deletion and retention policies. We’ve also included information about how we may process your information, which includes for "business purposes" under the CCPA - such as to protect against illegal activities, and for the development of new products, features, and technologies.
10. CONTACT INFORMATION
If you have questions or complaints regarding this Policy,
please contact us by email at email@example.com, or at:
The Corporation Trust Company
c/o Rupert, Inc.
1209 Orange St.,
Wilmington, DE 19801
12. DO NOT TRACK (‘DNT’) SETTINGS
California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals. Because there currently isn’t an industry or legal standard for recognizing or honoring DNT signals, we don’t respond to them at this time.