WHAT PERSONALLY IDENTIFIABLE INFORMATION DO WE COLLECT, AND WHEN DO WE COLLECT IT?
Information We Collect When You Register and Create An Account. Visitors to our website (www.convert.com) (the "Site") may read information about us and our products and services without revealing any personally identifiable information. However, in order to become a client, you must create an account and set up a profile. When you to this, we ask for your name, your organization's name, its street address and your e-mail address. We also require you to select a password. Once you are a registered user you can update your profile and you may elect to provide additional information (e.g. a nickname and certain user preferences).
Information We Collect From Your Websites. The Services we provide consists of tracking visits to your website and collecting information about the behavior of those visitors. The data we collect helps you optimize your website and to use it strategically. This data may include the web addresses (URLs) of pages visited, the URLs of web pages that referred your visitors to your website, details about the web browsers that visitors to your website use to browse your website, the operating systems used by those visitors, the number of screen colors and the screen resolution used by the visitors to view your websites, and external geodata elements connected to your visitors' ip address, including country, city, region, etc. Our Service is organized so that our clients can specify the categories of data they wish to receive. The foregoing categories of information do not necessarily enable us or others to identify you or the visitors to your website. However, if the URLs we collect contain information that in themselves identify personally identifiable information, such as a name or phone number, or if they link to pages that contain personally identifiable information, then we may collect that information as well.
Other Information We Collect. Our Service allows our clients to transmit and store additional information on our servers. This additional information can be anything, including personally identifiable information, except that we don't permit URLs or internet addresses to be stored. We have no control over what information is transmitted by our clients to our servers. Our clients may also request that we receive personally identifiable information that has been rightfully obtained by those clients, such as the email addresses of those who visit their websites and the information that visitors to their websites choose to post.
WHO OWNS THE INFORMATION WE COLLECT?
HOW DO WE USE THE PERSONALLY IDENTIFIABLE INFORMATION WE RECEIVE OR COLLECT?
WITH WHOM DO WE SHARE THE PERSONALLY IDENTIFIABLE INFORMATION WE COLLECT?
HOW LONG DO WE RETAIN THE PERSONALLY IDENTIFIABLE INFORMATION WE COLLECT?
SAFE HARBOR DATA PRIVACY NOTICE
We comply with the US, EU, and US Swiss Safe Harbor and EU-US Privacy Shield Frameworks for protecting the privacy of data flowing from the EU and Switzerland to the United States, as set forth by the US Department of Commerce.
We frequently enter agreements with our EU customers to provide them access to our Service, which includes the processing of information relating their customers. In providing our Service, we do not own, control or direct the use of the information stored or processed on our platform at the direction of our customers, our client’s website visitor data is stored in Frankfurt Germany, our client data (logins, marketing and email data as well as our CRM are stored in the US. We are largely unaware of what information is being stored on our platform and only access such information as reasonably necessary to provide the Service (including to respond to support requests), as otherwise authorized by our customers or as required by law. We are the data processors and not the data controllers of the information on our platform for purposes of the EU Directive on Data Protection (Directive 95/46/EC) and the Swiss Federal Act on Data Protection. Our EU or Swiss based customers, who control their customer data and send it to Convert Insights Inc. products for processing, are the controllers of that data and are responsible for compliance with the Directive. In particular, our customers are responsible for complying with the Directive and relevant data protection legislation in the relevant EU member state before sending personal information to Convert Insights Inc. for processing. We work with our customers to help them provide notice to their customers concerning the purpose for which personal information is collected.
As the processors of personal information on behalf of our customers, we follow their instructions with respect to the information they control to the extent consistent with the functionality of our Service. In doing so, we implement technical, physical and administrative measures against unauthorized processing of such information and against loss, destruction of, or damage to, personal information as more fully described above under Protection of Information.
To learn more about the Safe Harbor program, and to view Convert Insight’s certification, please visit Export.gov
While the validity of the U.S. – E.U. Safe Harbor framework has been recently rejected by the EU Court of Justice and EU-US Privacy Shield yet to be implemented and tested, Convert Insights continues to adhere to its core principles, solely as a supplementary measure for further protecting and enhancing our Visitors’ and Users’ privacy (and without derogating from our commitment to follow all applicable legal requirements). If you have any questions about our Safe Harbor participation, please contact us using the information below.We Self-Certify Compliance with:
WHAT ARE THE OPTIONS TO CONTROL THE USE OF THE PERSONALLY IDENTIFIABLE INFORMATION THAT IS SUBMITTED TO US?
HOW CAN OUR CLIENTS UPDATE THEIR PROFILES?
Security. The data we collect from our clients and their websites in the course of providing the Services is stored on servers operated by third parties under contract with us. The user names and passwords our clients use to access their accounts and the Services are stored on servers operated by different third parties, also under contract with us. No electronic information is ever absolutely secure. However, the third parties we use have instituted reasonable commercial measures to ensure the security of our clients' information, and we rely on the effectiveness of those measures to keep our clients' information secure. These security measures include physical security of the facilities where the servers are located; redundant storage of data in multiple physical locations; access to data based on established privilege levels; firewalls to prevent unauthorized access; and SSL-encrypted API calls. We do not collect, store or transmit any credit card or banking account data from sites installing our code. Data that our clients submit to us regarding visitors to their websites do not contain any personally identifiable information unless the visitors themselves have included such personally identifiable information in their submissions to our clients' websites. We have no control over this, and we disclaim any responsibility for the unauthorized use or disclosure of such information. However, such data is retained in the servers in anonymous form, ip address are not stored.