I. COLLECTING INFORMATION
HOW WE COLLECT PERSONAL INFORMATION:
What personal information we collect depends largely on the interaction that takes place between you and ChatLux, most of which can be categorized under the following:
Using ChatLux Software as a Service. When you use any ChatLux Software as a Service (the “Services”), we store all the content you provide, including but not limited to accounts created for team members, files, pictures, project information, and any other information that you provide to the Services.
In and through the Services, we also collect data about usage of the Services. This may include, but is not limited to, numbers of users, flows, broadcasts etc.
Using the Site: When you use the Site, we collect certain information, as described in more detail below that may, alone or in combination with other information, constitute personal information.
Types of Personal Information:
(i) ChatLux Customers (“Customers”): Name, address, company name, identification, publicly available social media profile information, e-mail, IT information (IP addresses, usage data, cookie data, browser data); financial information (credit card details, account details, payment information). We use a third-party service provider to process your credit card transactions. These third parties are governed by their own agreements.
(ii) Purchasing a subscription. When you sign up for a Subscription for the Services, we collect information to process your payment and create your customer account. This information includes name, email address, physical address, telephone number, and company name where applicable. We retain the last four digits of your credit card to allow you to identify the card used for future purchases. We use a third-party service provider to process your credit card transactions. These third parties are governed by their own agreements.
(iv) Data collected for and by our Customers. As you use our Services, you may import into our system personal information you have collected from your users, customers, prospective customers, and social media and messaging platform contacts (collectively “Subscribers”) or other individuals. We have no direct relationship with your Subscribers or any person other than you, and for that reason, you are responsible for making sure you have the appropriate permission and legal basis for us to collect and process information about those individuals. As part of our Services, we may use and incorporate into features information you have provided, we have collected from you, or we have collected about Subscribers. For information relating to how we use personal information relating to Subscribers, please review this Privacy Statement.
(vi) Sensitive personal information. Subject to the following paragraph, we ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Services or otherwise.
II. PURPOSE OF DATA COLLECTION
For service operations (i) To operate, maintain, administer and improve the Services; (ii) to manage and communicate with you regarding your Services account, if you have one, including by sending you Services announcements, technical notices, updates, security alerts, and support and administrative messages; (iii) to process payments you make through the Services; (iv) to better understand your needs and interests, and personalize your experience with the Services; (v) to send you information about the Services by email (vi) to respond to your Services-related requests, questions and feedback.
To communicate with you. If you request information from us, register for the Services or participate in our surveys, promotions or events, we may send you ChatLux related marketing communications if permitted by law but will provide you with the ability to opt out.
Administration and analysis: We use automatically collected information to administer the Service and the Site and we analyze (and may engage third parties to analyze) this information to improve and enhance the Site and the Services by expanding their features and functionality and tailoring it to our Users’ needs and preferences.
To analyze trends, administer the Site, track users’ movements around the Site, serve targeted advertisements, and gather demographic information about our user base as a whole.
To comply with law. We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.
With your consent. We may use or share your personal information with your consent, such as when you consent to let us post your testimonials or endorsements on our Site, you instruct us to take a specific action with respect to your personal information or you opt into third party marketing communications.
To create de-identified data for analytics. We may de-identify personal information. We de-identify personal information by excluding information that makes the data personally identifiable to you, and use that de-identified data for our lawful business purposes.
For compliance, fraud prevention and safety. We use your personal information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern the Services; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
III. HOW WE SHARE YOUR PERSONAL INFORMATION
Service Providers. We may employ third party companies and individuals to administer and provide the Services on our behalf (such as bill and credit card payment processing, customer support, hosting, email delivery and database management services). These third parties are permitted to use personal information about you only to perform these tasks only for lawful business purposes in accordance with the terms of the agreement(s) we have in place with such service providers and for no other purpose.
Professional Advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
Compliance with Laws and Law Enforcement; Protection and Safety. ChatLux may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern the Services; (d) protect our rights, privacy, safety or property, and/or that of you or others; and (e) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
IV. YOUR DATA PROTECTION RIGHTS & CHOICES
You have the following rights:
If you wish to access your personal information that 1. ChatLux collects, you can do so at any time by contacting us using the contact details provided under “How to Contact Us” heading below.
2. ChatLux account holders may review, update, correct or delete the personal information in their registration profile by logging into their account. ChatLux account holders may also contact us to accomplish the foregoing or if you have additional requests or questions.
3. If you are a resident of the European Economic Area (“EEA”), you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information where it is technically possible. Again, you can exercise these rights by contacting us using the contact details below.
4. Similarly, if you are a resident of the EEA, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
5. You have the right to complain to a data protection authority about our collection and use of your personal information. Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the U.S. and Canada) are available here.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Access to Data Controlled by our Customers. ChatLux has no direct relationship with the individuals whose personal information is contained within the Custom User Fields processed by our Service. An individual who seeks access, or who seeks to correct, amend, or delete personal information provided by our users should direct their request to the Customer directly.
V. RETENTION OF INFORMATION
We will retain personal information we process on behalf of our Customers for as long as needed to provide our Services or for an indefinite time to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements. If required by law, we will delete personal information by erasing it from our database.
VI. DATA TRANSFERS
VII. PERSONAL INFORMATION TRANSFERRED FROM THE EA, THE UK OR SWITZERLAND TO THE UNITED STATES
ChatLux operates in countries outside the EEA, the UK, and Switzerland, such as in the United States of America and the Russian Federation and may utilize data processors and sub-processors located in third countries. If you are located in the EEA, the UK, or Switzerland, this means that we may transfer personal information outside of your country. Such transfers are made using appropriate safeguards and supplementary measures, such as the EU Standard Contractual Clauses for Controller-to-Controller and Controller-to-Processor Transfers (“Safeguards”). If you would wish to view such Safeguards, contact us at firstname.lastname@example.org.
VIII. CHILDREN’S INFORMATION
We believe it is important to provide added protection for children online. We encourage parents and guardians to spend time online with their children to observe, participate in and/or monitor and guide their online activity. The Site and/or the Services are not intended for use by anyone under the age of 16, nor does ChatLux knowingly collect or solicit personal information from anyone under the age of 16. If you are under 16, you may not attempt to register for the Services or send any information about yourself to us, including your name, address, telephone number, or email address. In the event that we confirm that we have collected personal information from someone under the age of 16 without verification of parental consent, we will delete that information promptly. If you are a parent or legal guardian of a child under 16 and believe that we might have any information from or about such a child, please contact us.
Notice of Breach of Security
If a security breach causes an unauthorized intrusion into our system that materially affects you or your Subscribers, then ChatLux will notify you as soon as possible and later report the action we took in response.
Safeguarding Your Information
We take reasonable and appropriate measures to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information. Despite these efforts to store personal information collected on and through the Site and/or the Services and otherwise by us in a secure operating environment that is not available to the public, we cannot guarantee the security of personal information during its transmission or its storage on our systems. Further, while we attempt to ensure the integrity and security of personal information, we cannot guarantee that our security measures will prevent third-parties such as so-called hackers from illegally obtaining access to personal information. We do not warrant or represent that personal information about you will be protected against, loss, misuse, or alteration by third parties.
LEGAL BASIS FOR PROCESSING YOUR PERSONAL INFORMATION (EEA VISITORS/CUSTOMERS ONLY)
If you are a person located in the European Economic Area, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. We will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate business interests. In some cases, we may also have a legal obligation to collect personal information from you.
If we ask you to provide personal information to comply with a legal requirement or to enter into a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our legitimate business interests, we will make clear to you at the relevant time what those legitimate business interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “How To Contact Us” heading below.
FOR CALIFORNIA RESIDENTS
Under California’s Shine the Light law, Cal. Civ. Code § 1798.83, California residents have the right to request in writing from businesses with whom they have an established business relationship, (a) a list of the categories of personal information, such as name, e-mail and mailing address including billing ZIP code and the type of services provided to the customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes and (b) the names and addresses of all such third parties. To request the above information, please contact us at email@example.com. We will respond to such requests for information access within 30 days following receipt at the e-mail or mailing address stated below. Please note that we are only required to respond to an individual once per calendar year.
Additionally, California law requires that we indicate whether we honor “Do Not Track” settings in your browser concerning targeted advertising. We do not currently alter our practices when a Do Not Track signal is received. To learn about Do Not Track and for information about how to opt out of receiving targeted advertising, please click www.aboutads.info/choices.
Furthermore, subject to certain exemptions, California residents have the following rights with respect to personal information we may have collected about them:
(i) Requests to Know
You have the right to request that we disclose:
The categories of personal information we have collected about you;
The categories of personal information about you we have sold or disclosed for a business purpose;
The categories of sources from which we have collected personal information about you;
The business or commercial purposes for selling or collecting personal information about you;
The categories of personal information sold or shared, if any, about you, as well as the categories of third parties to whom the personal information was sold, by category of personal information for each party to whom personal information was sold; and
The specific pieces of personal information collected.
You may submit a request to know via this “Manage my Data Link”. The delivery of our response may take place electronically or by mail. We are not required to respond to requests to know more than twice in a 12-month period.
(ii) Requests to Delete
You have the right to request that we delete any personal information about you that we have collected. Upon receiving a verified request to delete personal information, we will do so unless otherwise required or authorized by law. You may submit a request to delete personal information via this “Manage my Data Link”.
(iii) Authorized Agents
You may designate an authorized agent to make requests on your behalf. You must provide an authorized agent written permission to submit a request on your behalf, and we may require that you verify your identity directly with us. Alternatively, an authorized agent that has been provided power of attorney pursuant to Probate Code sections 4000-4465 may submit a request on your behalf.
(iv) Methods for Submitting Consumer Requests and Our Response to Requests
You may submit a request for access and requests to delete personal information about you via: “Manage my Data Link” or via email at firstname.lastname@example.org.
Upon receipt of a request, we may ask you for additional information to verify your identity. Any additional information you provide will be used only to verify your identity and not for any other purpose.
We will acknowledge the receipt of your request within ten (10) business days of receipt. Subject to our ability to verify your identity, we will respond to your request within 45 calendar days of receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. In order to protect your privacy and the security of personal information about you, we verify your request via email.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
(v) The Right to Non-Discrimination
You have the right not to be discriminated against for the exercise of your California privacy rights described above. Unless permitted by the California Consumer Privacy Act, we will not:
Deny you goods or services.
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
HOW TO CONTACT US