Effective May 24, 2018
1.3 Third Party Websites or Services. The Service contains links to third party websites or services, including third party applications or software that you may choose to integrate with the Service through Whistic’s website (“Third Party Services”). Please be aware that this policy does not apply to, and we are not responsible for, the content or privacy practices of such Third Party Services. We encourage our users to be aware when they leave Whistic’s Service and to read the privacy statements of any other site, application or software that you use, which may collect information about you.
2. Information Collection. We may collect and receive information that identifies you ("Personal Information") and other information and data related to you and your use of the Service (“Other Information” and together with Personal Information, “Information”):
2.1 Personal Information About You.
2.1.1 Information that you provide to us when you register for an account, such as your name, address, profile image, title, phone number, and email address;
2.1.2 Information that you provide to us when you purchase a product or service, including, without limitation, payment, billing, contact, physical address, and related information;
2.1.3 Information that you provide if you email, phone, contact or communicate with us or our third party service providers, such as your name, title, email address or phone number.
2.2 Other Information You Provide.
2.2.1 Information that you provide to us if you participate in a promotion;
2.2.2 Information that you provide or upload while using the Service, including company information related to a security review request or for use in a security profile or for internal assessment purposes. You may also upload Personal Information about your company or vendor contacts (such as their names, titles, and other contact information);
2.2.3 Information from public databases and third parties;
2.3 Usage Information.
2.3.1 Traffic and usage information generated from your visit to the Service, for example: traffic data, pages you visit, features you use, browser information, operating system, IP address, cookie information, and the type of device that you use to access the Service;
2.3.3 De-identified, aggregate data related to the security reviews conducted using Whistic, such as the average length of time it takes to complete a security review, the average number of users involved in a security review, and other related data;
2.3.4 Information regarding the videos you view on the Service.
2.4 Children Under the Age of 13. The Service and its content are not intended for children under the age of 13. We do not knowingly collect or solicit any information from anyone under the age of 13 or allow people under the age of 13 to register for the Service or provide any Information to or on our websites. In the event that we learn that we have collected Personal Information from a child under age 13 without parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org.
3. Tracking Technologies We Use. We may use one or more of the following tracking technologies, and similar future tracking technologies, to automatically collect Information: cookies, local shared objects, web beacons, unique telephone numbers, general log information and referral information from third-party services.
3.2 "Web beacons," also known as an Internet tags, pixel tags or clear GIFs, link web pages to web servers and their cookies. Web beacons can be embedded in web pages, videos, or emails, to collect certain types of information from your browser, check whether you have viewed a particular web page or email message, and determine, among other things, the time and date on which you viewed the content, the IP address of your computer, and the URL of the web page from which the content was viewed.
3.3 "Local shared objects," sometimes known as Flash cookies, may be used to store your preferences or display content based upon what you have viewed on various websites to personalize your visit.
4. How We Use Your Information. We may use the Information that we collect or receive about you for any of the following purposes:
4.1 To provide, operate, maintain, troubleshoot, improve, and promote the Service;
4.2 To enable you to access and use the Service, including uploading, downloading, collaborating and sharing content and information with other users or third parties;
4.3 To contact you for account management, customer service, billing and support reasons, and to process and complete transactions, including sending billing, invoice, and related account information;
4.4 To send transactional messages, including responding to your comments, questions, and requests;
4.5 To send you technical notices, product or service updates, security alerts, and support and administrative messages;
4.6 To send promotional communications, such as providing you with information about products, services, features, newsletters, offers, promotions, events and updates;
4.7 To monitor and analyze trends, usage, and activities in connection with the Service and for marketing, advertising, administrative, account management, analytical, research, optimization, and other purposes. For example, we may use statistical analyses of usage data in order to measure interest in the various areas of the Service, for research and development purposes, or to inform business prospects or partners about the use of the Service and our website;
4.8 To investigate and prevent fraudulent transactions, unauthorized access to the Service, and other illegal activities;
4.9 To personalize the Service’s content, features or advertisements;
5. Third Party Services. You have the ability to determine whether to access certain Third Party Services through Whistic’s Service. For example, we may include links to third party websites, which you may choose to click through or not. We may also offer you the opportunity to install software that integrates with Whistic’s Service. If you decide to enable these integrations, the Third Party Service provider may collect certain information from you, such as your name and email address or other information you provide directly through the Third Party Service. The Third Party Service provider may share this information with Whistic to facilitate the integration, but Whistic does not control the use of any information that you provide through Third Party Services. We recommend that you review the privacy policies of these Third Party Services to understand what information the provider may collect and how that information may be used.
6. Information Sharing.
6.1 How Long We Retain Your Information. We may retain your Information as long as you are a registered user, or to meet our legal obligations, resolve disputes, or enforce our agreements. When we no longer have a business need to process your Information, we may either delete it or aggregate it for anonymous use. You may also request that we delete your Personal Information at any time. If we cannot delete or aggregate some of your Information, such as when it is archived in our backup systems, then we will store, but not otherwise further process, that Information until it is deleted pursuant to our data retention policies.
6.3 Payment Processors. If you utilize any paid Whistic Service, we will share your payment information with our bank to process payments made by check.
6.4 Authorized Personnel. Our employees, agents, consultants, and contractors may have access to user Information on a need-to-know basis only. Such authorized personnel are bound by strict confidentiality obligations and our other security measures and policies.
6.6 Government, Law Enforcement or Third Parties. We may disclose any Information, including, without limitation, Personal Information, that we deem necessary, in our sole discretion and without your prior permission, to comply with any applicable law, regulation, legal process or governmental request. We also may exchange Information, including, without limitation, Personal Information, with other companies and organizations to protect the rights, property, or safety of Whistic and its affiliates, personnel, users, third parties, or others. We reserve the right to disclose a user’s Information, including, without limitation, Personal Information, to law enforcement and regulatory agencies if we believe, in good faith, that the user is in violation of the Terms of Service (https://www.whistic.com/terms), even without a subpoena, warrant or other court order.
7. Rights to Choose and Opt-Out. We provide you the ability to exercise certain controls and choices regarding our collection, use and sharing of your Information.
7.1 In accordance with local law:
7.1.1 You can choose not to provide information to us, although your use of our site will be limited.
7.1.2 You may correct, update and delete your account information, as described below.
7.1.3 You may change your choices for email subscriptions and newsletters through your user account settings, by contacting us as described below, or by following the unsubscribe instructions included in the email.
7.2 If you are from certain territories (such as the European Economic Area), you may have the right to exercise additional rights available to you under applicable laws, including, in certain circumstances:
7.2.1 Right to erasure: You may have the right to require us to erase your Personal Information (the “right to be forgotten”).
7.2.2 Right to object: You may have the right to object to the processing of your Personal Information, including for direct marketing purposes.
7.2.3 Right to restriction of processing: You may have the right to restrict the processing (other than storage) of your Personal Information, such as to verify the accuracy of your Personal Information or if the information is being unlawfully processed.
7.2.4 Right to data portability: You may have the right to be provided with your Personal Information in a commonly used format or to require that we transmit your Personal Information directly to others.
In each case, however, we may have a right to retain certain Personal Information for legal and administrative purposes. If you would like to exercise your rights, please email us at email@example.com. We may require that verify your identity before we process your request.
7.3 Accessing and Correcting Your Information. If you have a Whistic account, you can help ensure that your contact information and preferences are accurate, complete, and up to date by logging in to your Whistic account or by emailing us at firstname.lastname@example.org. For other Personal Information we hold, we will provide you with access for any purpose including requesting that we correct the data if it is inaccurate or delete the data if we are not required or permitted to retain it by law. You can contact as provided below to request such information. We cannot delete your Personal Information except by deleting your user account. We may not accommodate a request to change or delete your Personal Information if we believe that the change would violate any law or legal requirement, if the information is necessary for the establishment, exercise or defense of legal claims, or to protect others’ rights. We may also not remove Personal Information from our backup systems. If you have made comments via the Services and shared those comments in collaboration with others, then copies of your comments may remain viewable in cached and archived pages, or might have been copied or stored by other website users.
8. Security of Your Information.
8.1 Security Measures. We have put in place physical, electronic, and managerial procedures designed to help prevent unauthorized access, to maintain data security, and to use correctly the Information we collect and receive. These safeguards vary based on the sensitivity of the Information.
8.2 Your Responsibilities. The safety and security of your Information also depends on you. Where we have given you a password for access to certain parts of our website, you are responsible for keeping this password confidential. Where you have chosen a password, you are responsible for ensuring that it is regularly changed and sufficiently strong. We also encourage you to use additional security measures that may be available to you via the Services, including Single Sign On (SSO) and two-factor authentication.
10. California Privacy Rights and Do Not Track Disclosures.
10.1 Privacy Rights. California residents have the right to request information regarding the disclosure of your Information by us to third parties for the third parties’ direct marketing purposes. California law also permits registered users who are minors to request and obtain deletion of certain posted content. To make any such requests, please email us at email@example.com or contact us at the address below.
10.2 Do Not Track Disclosures. Some web browsers include "Do Not Track" settings. We do not currently take action to respond to Do Not Track signals because a uniform technological standard has not yet been developed. We continue to review new technologies and may adopt a standard once one is created.
1982 W. Pleasant Grove Blvd, Suite H
Pleasant Grove, UT 84062