As of March 27, 2019
1. This Policy
Townsend Labs, Inc. (“Townsend Labs”) is fully committed to the responsible use of your personal data and the protection of your privacy. This policy explains how Townsend Labs collects, stores, uses and shares Personal Data. This policy is addressed to individuals outside our organization with whom we interact, including visitors to our websites, www.townsendlabs.com and associated sub-domains (together, our “Site”) and other users of our products and services (together, “you”).
Defined terms used in this Policy are explained in Section (18) below.
Contact details are provided in Section (17) below.
2. Changes to this Policy
This Policy may be amended or updated from time to time to reflect changes in our practices with respect to the Processing of Personal Data, or changes in applicable law. We encourage you to read this Policy carefully, and to regularly check this page to review any changes we might make in accordance with the terms of this Policy. In the event of a material change to our privacy practices, we will give you notice by emailing you at your email address on record and your continued use constitutes acceptance of our updated privacy practices.
3. Processing Personal Data
Collection of Personal Data: We may collect Personal Data about you, such as your name, address, and contact details. Examples of sources from which we may collect Personal Data include the following:
- We may obtain your Personal Data when you provide it to us (e.g., where you create an account with us, sign up to our newsletter, contact us via email or telephone, or by any other means).
- We may collect your Personal Data in the ordinary course of our relationship with you (e.g., in the course of administering your Townsend Labs account or in providing you our services).
- We may collect Personal Data that you manifestly choose to make public, including via our Site.
- We may receive your Personal Data from third parties who provide it to us (e.g., social media platforms via plugins).
- We may collect or obtain Personal Data when you visit our Site, or use any features or resources available on or through our Site. When you visit our Site, your device and browser will automatically disclose certain information, some of which may constitute Personal Data (see below).
Creation of Personal Data: We may also create Personal Data about you, such as records of your interactions using our Site, and details of your account history.
Categories of Personal Data: The categories of Personal Data about you that we may Process include:
- Personal details: first and last name; password; and account settings.
- Contact details: telephone number; email address; and address.
- Professional details: company name; professional profile details; association memberships; and qualifications.
- Device details: device type, operating system, browser type, browser settings, IP address, geolocation, language settings, dates and times of connecting to our Site and other technical communications information.
- Usage details: records of your use of our Site and other services, including: registration details; details of content with which you interact; questions; downloads; purchases; ratings; feedback; search queries; anonymous viewings; page views; metadata related to product usage.
- Views, opinions and interests: any comments, ratings, views or opinions that you choose to send to us, post via our Site, via a survey, or publicly post via social media platforms; your community interests and solution interests. When you post comments or questions on our blog, the information contained in your posting will be stored on our servers and other users will be able to see it. We also may wish to post your testimonials, which may contain personally identifiable information, on our website or through social media. In such a scenario, we will obtain your consent via email prior to posting your testimonial along with your name. If you want your testimonial removed, please contact us at email@example.com.
Lawful basis for Processing Personal Data:
In Processing your Personal Data in connection with the purposes set out in this Policy, we may rely on one or more of the following legal bases, depending on the circumstances:
- we have obtained your prior express consent to the Processing (this legal basis is only used in relation to Processing that is entirely voluntary – it is not used for Processing that is necessary or obligatory in any way);
- the Processing is necessary in connection with any contract that you may enter into with us;
- the Processing is required by applicable law;
- the Processing is necessary to protect the vital interests of any individual; or
- we have a legitimate interest in carrying out the Processing for the purpose of managing, operating or promoting our business, and that legitimate interest is not overridden by your interests, fundamental rights, or freedoms.
Processing your Sensitive Personal Data:
We do not seek to collect or otherwise Process your Sensitive Personal Data, except where:
- the Processing is required or permitted by applicable law (e.g., to comply with our diversity reporting obligations);
- the Processing is necessary for the detection or prevention of crime (including the prevention of fraud);
- the Processing is necessary for the establishment, exercise or defense of legal rights; or
- we have, in accordance with applicable law, obtained your prior explicit consent prior to Processing your Sensitive Personal Data (as above, this legal basis is only used in relation to Processing that is entirely voluntary – it is not used for Processing that is necessary or obligatory in any way).
Purposes for which we may Process your Personal Data:
The purposes for which we may Process Personal Data, subject to applicable law, include:
- Our Site: operating and managing our Site; providing content to you; displaying advertising and other information to you; and communicating and interacting with you via our Site.
- Provision of services to you: providing our Site and products and services to you; communicating with you in relation to those services (for example, for customer support); recommending content that may be of interest to you.
- Marketing communications: communicating with you via email, telephone, text message, social media, post or in person news, products and services items and other information in which you may be interested.
- Communications and IT operations: management of our communications systems; operation of IT security; and IT security audits.
- Safety: safety assessments and record keeping; and compliance with related legal obligations.
- Financial management: sales; finance; corporate audit; and vendor management.
- Surveys: engaging with you for the purposes of obtaining your views on our Site or our services.
Improving our Site and our services: identifying issues with existing Site and our services; planning improvements to existing Site and our services; creating new Site and our services.
4. Disclosure of Personal Data to third parties
We may disclose your Personal Data to:
- legal and regulatory authorities, upon request, or for the purposes of reporting any actual or suspected breach of applicable law or regulation;
- accountants, auditors, lawyers and other outside professional advisors to Townsend Labs, subject to obligations of confidentiality;
- third party Processors (such as IT service providers; payment processors; marketing service providers; social media plugin providers; etc.), located anywhere in the world, subject to the requirements noted below in this Section (4);
- any relevant party, law enforcement agency or court, to the extent necessary for the establishment, exercise or defense of legal rights;
- any relevant party for the purposes of prevention, investigation, detection or prosecution of criminal offenses or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security;
- any relevant third party acquirer(s), in the event that we sell or transfer all or any relevant portion of our business or assets (including in the event of a reorganization, dissolution or liquidation); and
- our Site may use third-party plugins or content (e.g., social media plugins). If you choose to interact with any such plugins or content, your Personal Data may be collected by the third party provider of the relevant social media platform (such as Facebook).
If we engage a third-party Processor to Process your Personal Data, the Processor will be subject to binding contractual obligations to: (i) only Process the Personal Data in accordance with our prior written instructions; and (ii) use measures to protect the confidentiality and security of the Personal Data; together with any additional requirements under applicable law.
5. Other Non-Personal Data We May Process
We may create anonymous data records from Personal Data by excluding Personal Data (such as your name) that make the data personally identifiable to you. We use this anonymous data to analyze usage patterns so that we may enhance the content of our products and services and improve site navigation. Townsend Labs reserves the right to use for other purposes and to disclose anonymous data to third parties at its discretion.
Furthermore, when you use a Townsend Labs software product, it may collect data about the errors and exceptions in your application, system data (such as version data, names of plug-ins, etc.) about the environment in which your application is operating, data about transactions in your application, stack traces and source code snippets, variable data, and other similar data related to your application.
6. Cookies and Automatically Collected Data
We also use navigational data like Uniform Resource Locators (URL) to gather information regarding the date and time of your visit and the solutions and information for which you searched and which you viewed. Like most Internet services, we automatically gather this Personal Data and store it in log files each time you visit our website or access your account on our network.
7. International transfer of Personal Data
Because of the international nature of our business, we may need to transfer your Personal Data to third parties as noted in Section (4) above, subject to binding contractual obligations, solely in connection with the purposes set out in this Policy. For this reason, we may transfer your Personal Data to other countries that may have different laws and data protection compliance requirements to those that apply in the country in which you are located.
8. Third Party Websites and Tools
Our provision of a link to any other website or location is for your convenience and does not signify our endorsement of such other website or location or its contents, products or services. When you click on such a link, you will leave our Site and go to another site. During this process, a third party may collect Personal Data from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content.
Similarly, some parts of our Site may include social media integrations (such as the Facebook “like” button or, widgets, such as the “share this” button) or other third-party features (such as the embedded Soundcloud audio tracks).
9. California Disclosure
Townsend Labs does not track its customers over time and across third party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals.
Note that some third-party sites do keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. If you are visiting such sites, certain sites and browsers enable you to set the DNT signal so that third parties (particularly advertisers) know you do not want to be tracked.
10. Data Security
We have implemented appropriate technical and organizational security measures designed to protect your Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, and other unlawful or unauthorized forms of Processing, in accordance with applicable law.
You are responsible for ensuring that any Personal Data that you send to us are sent securely.
11. Data Accuracy
We take every reasonable step to ensure that:
- your Personal Data that we Process is accurate and, where necessary, kept up to date; and
- any of your Personal Data that we Process that is inaccurate (having regard to the purposes for which they are Processed) are erased or rectified promptly.
From time to time we may ask you to confirm the accuracy of your Personal Data.
12. Data Minimisation
We take every reasonable step to ensure that your Personal Data that we Process is limited to the Personal Data reasonably required in connection with the purposes set out in this Policy.
13. Data Retention
We will only retain your Personal Data for as long as is necessary to fulfill our legitimate purposes, including for the purposes of providing our products and services to you and satisfying any legal, accounting or reporting requirements. The criteria that we use to determine retention periods will be determined by the nature of the data and the purposes for which it is kept and the potential risk of harm from unauthorized use or disclosure.
14. Your legal rights: Accessing, Updating and Deleting Your Personal Data
Subject to applicable law, you may have a number of rights regarding the Processing of your Personal Data, including:
- the right to request access to, or copies of, your Personal Data that we Process or control;
- the right to request rectification of any inaccuracies in your Personal Data that we Process or control;
- the right to request, on legitimate grounds:
- erasure of your Personal Data that we Process or control; or
- restriction of Processing of your Personal Data that we Process or control;
- the right to object, on legitimate grounds, to the Processing of your Personal Data by us or on our behalf;
- the right to have your Personal Data that we Process or control transferred to another Controller, to the extent applicable;
- where we Process your Personal Data on the basis of your express consent, the right to withdraw that consent; and
- the right to lodge complaints with a Data Protection Authority regarding the Processing of your Personal Data by us or on our behalf.
This does not affect your statutory rights.
To exercise one or more of these rights, or to ask a question about these rights or any other provision of this Policy, or about our Processing of your Personal Data, please use the contact details provided in Section (17) below or, when appropriate, edit your account profile at https://townsendlabs.com/my-account/.
Our Site is not directed toward minors and we do not knowingly collect Personal Information from minors. Minors under the age of eighteen years old are not eligible to use our Site and we therefore ask that minors do not submit any Personal Data to us, or use any of the services provided on, through or via our Site. If you are a parent and are aware that your minor has provided us Personal Information, please contact us at firstname.lastname@example.org.
16. Software License Agreement
All use of our Products are subject to our Software License Agreement.
17. Contact details
If you have any comments, questions or concerns about any of the information in this Policy, or any other issues relating to the Processing of Personal Data by Townsend Labs, please contact:
Townsend Labs Inc., 1610 Dell Ave., Suite P, Campbell, CA 95008, USA
- ‘Controller’ means the entity that decides how and why Personal Data is Processed. In many jurisdictions, the Controller has primary responsibility for complying with applicable data protection laws.
- ‘Data Protection Authority’ means an independent public authority that is legally tasked with overseeing compliance with applicable data protection laws.
- ‘Personal Data’ means information that is about any individual, or from which any individual is identifiable. Examples of Personal Data that we may Process are provided in Section (3).
- ‘Process’, ‘Processing’ or ‘Processed’ means anything that is done with any Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- ‘Processor’ means any person or entity that Processes Personal Data on behalf of the Controller (other than employees of the Controller).
- ‘Sensitive Personal Data’ means Personal Data about race or ethnicity, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sexual life, any actual or alleged criminal offences or penalties, national identification number, or any other information that may be deemed to be sensitive under applicable law.