Effective Date: May 25, 2018
Information Collection and Use; Personal Information
We may ask you to provide us, or third parties may provide us, with certain Personal Information that can be used to contact or identify you. Personal Information may include, but is not limited to, your name, postal address, email address, and employer. We collect Personal Information for the purpose of providing the Services, identifying and communicating with you about the Services, responding to your requests/inquiries, servicing your purchase orders, improving our Services, and communicating with you about our Services, discounts, and promotions.
How Long We Keep Your Personal Information
How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, it will be anonymized and used to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.
If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by your employer under our agreement with your employer as required by the administrator of your account. If your account is deactivated, your information and conversations you may have had and actions you may have taken on the Services will remain in order to allow your team members to make full use of the Services.
If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services. Every marketing email we send will provide you with the option to opt out of receiving future emails.
Accessing and Correcting Your Personal Information
Information Collected Directly from You
We collect information about you when you provide it to us and automatically when you use the Services.
We collect information that your browser sends whenever you visit our website or use our Services (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Services that you visit, the time and date of your visit, the time spent on those pages and other statistics. In addition, we use third party services such as Google Analytics that collect, monitor and analyze this type of information in order to increase our Services’ functionality. These third-party service providers have their own privacy policies addressing how they use such information. When you access the Services by or through a mobile device, we collect certain information automatically, including the type of mobile device you use, your mobile device’s unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, and your general location information as described further below.
We use and store information about your general location. We use this information to provide features of our Services and to improve and customize our Services.
Do Not Track Disclosure
We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the “Preferences” or “Settings” page of your web browser.
Information Collected from Other Sources
We will enrich your Personal Information with additional Personal Information received from publicly accessible sources. We may also receive your information from services you integrate with Drift, from other users of Drift, or from our partners.
Other Users of the Services
Other users of our Services may provide information about you when they use the Services. For example, we receive your email address from other Service users when they provide it in order to invite you to the Services.
We work with partners who may market, sell, or support our Services. These partners may provide us your Personal Information so that we can contact you. We also may receive your Personal Information from advertising, market research, or data enrichment partners with whom we engage to identify prospective customers.
Service Providers who may Receive Your Personal Information
Notwithstanding such legal and contractual obligations between us and such service providers, we remain potentially liable for any misuse of your Personal Information. We will only disclose Personal Information when we are required to do so in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Communications; Your Options
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send, or by emailing firstname.lastname@example.org.
Security of Personal Information
The security of your Personal Information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the Personal Information we have collected from you.
International Transfer of Personal Information
Your Personal Information may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States and choose to provide Personal Information to us, please note that we transfer Personal Information to the United States and process it there pursuant to our Privacy Shield Certification.
Links To Other Sites
Only persons who are age 18 or older have permission to access our Services. Our Services are not intended to be used by anyone under the age of 13 (“Children”). We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you learn that your Children have provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from a child under age 13 without verification of parental consent, we take steps to remove that information from our servers.
EU-US and Swiss-US Privacy Shield
As a last resort and under certain limited and prescribed circumstances and conditions, you have the right to invoke a “last resort” binding arbitration process between you and us to resolve a dispute related to our collection, use or disclosure of your Personal Information.
Accountability for Onward Transfer
If we transfer your Personal Information to another country, we may remain liable and will take appropriate measures to protect your privacy and the Personal Information we transfer.
We’ll take appropriate physical, technical, and organizational measures to protect your Personal Information from loss, misuse, unauthorized access or disclosure, alteration, and destruction.
Data Integrity and Purpose Limitation
We’ll collect only as much Personal Information as we need for specific, identified purposes, and we won’t use it for other purposes without obtaining your consent. We’ll take appropriate steps to make sure the Personal Information in our records is accurate.
Recourse, Enforcement and Liability
For EU Users
This section applies only to Users located in the European Union.
Contact Information for the Data Controller
This paragraph pertains only to individuals for whom Drift is a “controller” within the meaning of Regulation (EU) 2016/679 of the German Parliament and of the Council of 27 April 2016 (“GDPR”):
Controller of your Personal Information:
Legal Bases for Processing EU Users’ Personal Information
We only process your information when we have the legal basis to do so. That is, we will only process your Personal Information when:
Transfer of EU Users’ Personal Information Outside the EU
We may transfer your Personal Information to Drift-affiliated entities in third parties in the United States or other countries that may not have equivalent privacy and data protection laws to the country in which you reside. When we transfer Personal Information of customers in the European Economic Area or Switzerland to any such country, we make use of the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, European Commission-approved standard contractual data protection clauses, binding corporate rules, or other appropriate legal mechanisms to safeguard the transfer. Please refer to the Section “EU-US and Swiss-US Privacy Shield” below.
EU Users’ Rights to Control Personal Information
You have control over your Personal Information. Below are the rights you have and the steps you can take to exercise them. Please note that your rights may be limited in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your employer are permitted by law or have compelling legitimate interests to keep, and it may take time for us to investigate your request. If you believe that we are not respecting your rights with regard to your Personal Information, you may lodge a complaint with your local supervisory authority.
Right to Access
You have a right to request a copy of the Personal Information that Drift holds. To request this information, please email us at email@example.com.
Right to Rectification
If you believe that any Personal Information that Drift holds is incorrect, you have the right to correct that information. You can change your Drift account information on the “Settings” page, and if you have any further concerns regarding the accuracy of your information, please email us at firstname.lastname@example.org.
Right to Erasure, Restriction, or Objection to Processing
If you believe we do not have the right to process your information or you object to our processing for a particular purpose, or if you want us to erase your Personal Information altogether, please email us at email@example.com.
Right to Withdraw Consent
If you gave us consent to process your Personal Information for a particular purpose, you have the right to withdraw that consent by emailing us at firstname.lastname@example.org. Your withdrawal of consent does not affect the lawfulness of our processing of your Personal Information prior to the withdrawal.
You have the right to obtain the Personal Information that you have directly submitted to Drift in a format you can transfer to another service provider. If you want to exercise this right, please email us at email@example.com.
How to Contact Us
By entering your email below, you agree that we may send you emails about Drift's upcoming services and promotions. Is this okay with you? You may unsubscribe at any time.