Boardable Privacy Policy
Last Updated: October 1, 2023
Board Management Software, Inc. dba Boardable, an Indiana corporation (together with its subsidiaries and affiliates, the “Company”, “our,” “we”, or “us”) is committed to respecting your privacy. This Privacy Policy describes how we may collect, use, and disclose your personal information, and the choices you have with respect to your personal information, in connection with our online proprietary board management platform, which is available through our mobile app (the “App”) and our website located at boardable.com and any other websites operated by Company that link to this Privacy Policy (collectively, the “Sites”), and our related online services, events, social media pages, and email and other electronic communications (for purposes of this Privacy Policy, collectively and together with the Sites and App, the “Services”). In some cases, region-specific terms may apply to you, which are indicated in the section headings below. This Privacy Policy does not apply to personal information that we may store or maintain on behalf of our Customers, where applicable. We urge you to read this Privacy Policy periodically so that you understand our most current policies and practices.
This Privacy Policy covers the following topics:
- TYPES OF PERSONAL INFORMATION COLLECTED.
- USES OF COLLECTED PERSONAL INFORMATION.
- DISCLOSURE OF PERSONAL INFORMATION.
- PROTECTION OF PERSONAL INFORMATION.
- DATA RETENTION.
- YOUR CHOICES.
- COLLECTION OF INFORMATION FROM CHILDREN.
- OTHER SITES AND SERVICES.
- LOCATION OF DATA PROCESSING AND STORAGE.
- NOTICE TO EUROPEAN USERS.
- NOTICE TO CALIFORNIA RESIDENTS (SHINE THE LIGHT).
- NOTICE TO NEVADA RESIDENTS.
- QUESTIONS; UPDATES TO PRIVACY POLICY.
1. TYPES OF PERSONAL INFORMATION COLLECTED.
We may collect the following categories of personal information about you. We may also collect other personal information that is not specifically listed here, which we will use as described in this Privacy Policy or as otherwise disclosed at the time of collection.
- Contact information, such as first and last name, email address, phone number, mailing address, account name or username, and social media handle and profile URL.
- Professional information, such as your organization’s name, location, email, and phone, your role, and other details we may collect about your organization.
- Demographic information, such as sex/gender, age, marital status, military or veteran status, education, occupation, and employment history.
- Payment information, such as payment amounts and payment methods used to complete transactions. All payment processing services connected with your use of the Services are provided to you by third-party payment processors. The Company does not access or keep information related to credit cards, banking information, or other sensitive financial information.
- Account information, such as your log-in details, information that you store in your account, and other details about your use of the Services.
- Order history, such as records of products and services you have purchased from us.
- Preferences, such as any preferences you set in your account and any marketing or communications preferences.
- Survey responses, such as the information you provide in response to our surveys or questionnaires.
- Communications, such as the information associated with your requests or inquiries, including for support, assistance, or order information, and any feedback you provide when you communicate with us. We and our service provider may record or monitor any call or web chat you have with us for quality control or training purposes, to enforce our rights, or as otherwise permitted by law.
Unless we specifically request it, we ask that you not provide us with any sensitive personal information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services, or otherwise to us.
We obtain personal information from a variety of sources, including the sources described below.
A. Information Collected Automatically. The Company, our service providers, and advertising partners may also automatically log information about you and your device when you visit our Sites or App, for example, (i) “online activity information,” such as the website you visited before browsing to the Services, pages or screens you viewed, how long you spent on a page or screen, navigation paths between pages or screens, information about your activity on a page or screen, access times, and duration of access; and (ii) “device information,” such as your computer or mobile device operating system type and version number, wireless carrier, manufacturer and model, browser type, screen resolution, IP address, unique identifiers, and general location information such as city, state, or geographic area. Gathering this type of information helps us ensure our Services work correctly and supports analytic efforts.
EXAMPLES
Like many online services, we use cookies and similar technologies to facilitate some of the automatic data collection described above.
A “cookie” is a unique numeric code that we transfer to your computer so that we can keep track of your interests and/or preferences and recognize you as a return visitor to the Sites. We may use these technologies to understand the ways visitors use our Sites, to support the features and functionality of our Services, and to personalize your experience when you use our Sites. For more information, please visit our Cookie Policy.
We use pixel tags and cookies in our marketing efforts so that we can track your interaction with our messages, such as when you open the email or click a URL link embedded within them. When recipients click on one of those URLs, they pass through a separate web server before arriving at the destination page on a Company website. We use tools like pixel tags and cookies so that we can determine interest in particular topics and measure and improve the effectiveness of our communications.
We may use flash cookies, or locally-stored objects, which are used on websites for purposes similar to cookies but allow storage of a larger amount of data.
We may use local storage, which is used to save data on a visitor’s device. We use data from local storage to turn on web navigation, store multimedia preferences, customize what we show you based on your past interactions with our services, remember your preferences, and measure ad effectiveness.
We may use session-replay technologies, which are third-party software used to record a video replay of users’ interactions with the Sites and App. The video replay may include users’ clicks, mouse movements, scrolls, mobile app touches, typing, and other activity taken during the session. We use these replays for research and development purposes, such as to help us troubleshoot problems with the Sites and App, understand how users interact with same, and identify areas for improvement.
When you download or use our App, or access one of our mobile-optimized websites, we may receive the device information described above, including a unique identifier for your device.
We also use software development kits, or SDKs, are third-party computer codes used in connection with our App for a variety of purposes, including to provide us with analytics regarding the use of our App, to add features or functionality to our App, or to facilitate online advertising. SDKs may enable third parties to collect information directly via our App.
B. Information Collected from Social Media. Our services include social media features, which may collect your personal information. Social media features are either hosted by a third party or hosted directly on our Sites. Your interactions with these features are governed by the privacy policy of the organization providing it. For example, if you create or log into your Company account through a third-party social networking site, we may have access to certain information from that site, such as your name, account information, picture, and friends, in accordance with the authorization procedures determined by such third-party social networking site.
C. Information Collected from Other Sources. The Company may also collect information about you from other sources to, for example, help the Company correct or supplement our records, improve the quality or personalization of our services, prevent or detect fraud, and to otherwise provide the Company’s services. We work closely with third parties (for example, business partners, service providers, subcontractors, advertising networks, analytics providers, operating systems and platforms, fraud protection services and payment processors, event sponsors, publicly available sources, or data licensors/providers) and may receive information about you from them.D. Referrals. Users of the Services may have the opportunity to add or refer colleagues or other contacts to us and share their contact information. Please do not provide us with someone’s contact information unless you have their permission to do so.
2. USES OF COLLECTED PERSONAL INFORMATION.
We use personal information for the purposes set forth below and as otherwise described in this Privacy Policy or at the time of collection.
A. Provide the Services. The Company uses your personal information to provide you with the Company’s products and services. For example, the Company may use personal information for the following: (i) to fulfill your requests for products and services and communicate with you about those requests; (ii) to help us personalize our Services; (iii) to establish, manage, monitor, and maintain your account; (iv) to verify your identity or determine your eligibility for offers and promotions; (v) credit card information may be used to check the financial qualifications or collect payment from customers regarding orders of products and services; (vi) to respond to reviews, comments, or other feedback you provide us; (vii) to provide any surveys, questionnaires, or other promotions you participate in; (viii) to provide maintenance and support; and (ix) to fulfill any other purpose for which you provide personal information.
B. Research and Development. The Company uses personal information for research and development purposes, including to study and improve the Services and our business, understand and analyze the usage trends and preferences of our users, and develop new features, functionality, products, and services. As part of these activities, we may create aggregated, de-identified, or other anonymous data from personal information we collect. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. We may use this anonymous data and share it with third parties for our lawful business purposes, for example, for industry benchmarking and analysis consistent with the Company’s business purposes.
C. Promotional Messaging or Advertising. The Company uses your personal information to recommend products and services that might be of interest to you, to send you marketing and advertising messages such as newsletters, announcements, or offers for the Company’s services or promotional material from our business partners. You may opt-out of our marketing communications as described in the “YOUR CHOICES” section below.
D. Interest-Based Advertising. We work with third-party advertising companies and social media companies to help us advertise our business and to display ads for our products and services. These companies may use cookies and similar technologies to collect information about you (including the online activity information and device information described above) over time across our Services and other websites and services or your interaction with our emails, and use that information to serve ads that they think will interest you. In addition, some of these companies may use hashed customer lists that we share with them to deliver ads to you and to similar users on their platforms. You can learn more about your choices for limiting interest-based advertising in the “YOUR CHOICES” section below.
E. To Comply with Laws and Regulations. We will use personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
F. For Compliance, Fraud Prevention, and Safety. We may use personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) maintain the safety, security, and integrity of our products and services, business, databases, and other technology assets; (b) protect our, your, or others’ rights, privacy, safety or property (including by making and defending legal claims); (c) audit our internal processes for compliance with legal and contractual requirements and internal policies; (d) enforce the terms and conditions that govern the Services; and (e) prevent, identify, investigate, and deter fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft.
G. With Your Consent. We will disclose your personal information in accordance with your prior direction or, in some cases, we may specifically ask you for your consent to collect, use, or share your personal information, such as when required by law.
3. DISCLOSURE OF PERSONAL INFORMATION.
In addition to the specific situations discussed elsewhere in this Privacy Policy or at the point of collection, the Company may disclose personal information with the following entities or persons.
A. Related Companies. We may share your personal information with our affiliates, subsidiaries, and other related companies.
B. Service Providers. The Company shares personal information with vendors to help us provide our services. Examples of third parties with which the Company engages are information processors, payment processors, financial institutions, customer relationship management service providers, fraud protection providers, marketing providers, and electronic signature (“e-signature”) service providers.
C. Advertising Partners. We may also share personal information with third parties who we partner with for advertising campaigns or that collect information about your activity on the Services for the purposes described in the “Interest-Based Advertising” section above.
D. Other Users of the Services and the Public. We may provide functionality that enables you to disclose personal information to other users of the Services or the public. For instance, you are able to maintain a user profile with information about yourself or your use of the Services that you can make available to other users of your organization/board. You may also be able to submit content to the Services (such as comments, questions, reviews, surveys and the like to boards, blogs or forums), and we will identify you by displaying information such as your name, username, social media handle, or a link to your user profile along with the content you submit. Any personal information that you choose to submit via such a forum may be read, collected, or used by others who visit such boards, blogs or forums. We do not control how other users or third parties use any personal information that you make available to other users or the public.
E. Professional Advisors. We may share personal information with persons, companies, or professional firms providing the Company with advice and consulting in accounting, administrative, legal, tax, financial, debt collection, and other matters.
F. Business Transaction Participants. In the course of corporate divestitures, mergers, acquisitions, bankruptcies, dissolutions, reorganizations, liquidations, financing, or general business transactions or proceedings, the Company may buy or sell/divest/transfer, or otherwise disclose your personal information to third party participants.
G. Law Enforcement, Government Authorities, and Private Parties. The Company may be required to disclose personal information to the government authorities or law enforcement agencies. We may disclose such information by law, litigation, or as a matter of national security to comply with valid legal process including subpoenas, court orders or search warrants, and as otherwise authorized by law. We may also need to disclose personal information in the event of an emergency that threatens an individual’s life, health, or security. The Company may disclose personal information to the extent permitted by applicable law in special cases in which we believe it is reasonably necessary to investigate, identify, or take preventive measures or bring legal action against someone who may commit or cause harm, fraud, abuse, or illegal conduct, such as a threat of harm to you or anyone else, interference with our rights or property, or interference with U.S. homeland or national security or public safety anywhere in the world, or for the purposes described above in the section titled “Compliance, Fraud Prevention, and Safety.”
4. PROTECTION OF PERSONAL INFORMATION.
The security of personal information is of the utmost importance to the Company. The Company uses commercially reasonable technical and physical safeguards to protect the security of personal information from unauthorized disclosure. For example, the Company uses encrypted connections (HTTPS, SSL) to keep personal information secure. The Company also makes attempts to ensure that only necessary people and third parties have access to personal information. Nevertheless, no method of transmission over the internet, or method of electronic storage, is fully secure and the Company cannot guarantee the security of your personal information. Where required under law, we will notify you electronically, in writing, or by telephone, if permitted to do so by law, of any such loss, misuse or alteration of personal information that may affect you so that you can take the appropriate actions for the due protection of your rights.
5. DATA RETENTION.
The Company retains your personal information for business purposes, for as long as your account is active, and/or as long as is reasonably necessary to provide you with our products and services. The Company will also retain your personal information as reasonably necessary to comply with our legal obligations, resolve disputes and enforce our agreements. We may also retain cached or archived copies of your personal information for a reasonable period of time.
6. YOUR CHOICES.
The Company provides some choices about your personal information. If you are a Customer, you can contact the Company in order to delete or export Personal Information on an organizational level. If you choose not to provide certain details, some of your experiences with the Services may be affected.
A. Review and Request Changes to Your Personal Information. If at any point in time you wish to know what personal information the Company has retained about you, or to delete or export your account information as mentioned above, then you can request the same by contacting info@boardable.com. The Company will respond to any such request within a reasonable amount of time or as required by applicable law.
B. Manage Social Network Logins. If you use the social networking connection functions offered through the Services, you may manage the information that is shared with us through your social network accounts.
C. Marketing Emails. You may opt-out of marketing-related emails by clicking the “unsubscribe” link at the bottom of the email or by contacting us as described at the end of this Privacy Policy. You may still receive service-related communications, such as those about your account, to fulfill orders for offers you have requested, or deliver notifications directly to you through the Services.
D. Text Messages. We may offer communications via text messages sent by Company or any of our service providers, such as for customer service, account-related, or marketing purposes. To stop receiving text messages from us, reply STOP to any text message you receive from us, or send your request and mobile telephone number to the email address listed at the end of this Privacy Policy. Note that we may send you a message to confirm receipt of your STOP request.
E. App Push Notifications. Upon download of the App, you were provided the option to opt-in to receiving notifications that may include alerts, sounds, and icon badges. Push notifications can be configured in settings on your mobile device.
F. Cookies. Most browsers let you remove and/or stop accepting cookies from the websites you visit. To do this, follow the instructions in your browser’s settings. Many browsers accept cookies by default until you change your settings. If you do not accept cookies, however, you may not be able to use all functionality of the Services and our Sites may not work properly. For more information about cookies, including how to see what cookies have been set on your browser and how to manage and delete them, visit www.allaboutcookies.org.
G. Analytics. The Sites use Google Analytics to help us analyze how the Sites are being accessed and used. You can learn more about Google Analytics cookies by clicking here and about how Google protects your data by clicking here. To opt-out of Google Analytics, you can download and install the Google Analytics Opt-out Browser Add-on, available here.
H. Advertising Choices. You can limit the use of your information for interest-based advertising by blocking third-party cookies in your browser settings, using browser plug-ins/extensions, and/or using your mobile device settings to limit the use of the advertising ID associated with your mobile device. You can also opt out of interest-based ads from companies participating in the following industry opt-out programs by visiting the linked websites: the Network Advertising Initiative (http://www.networkadvertising.org/managing/opt_out.asp), the Digital Advertising Alliance (https://optout.aboutads.info), or the European Interactive Digital Advertising Alliance (http://www.youronlinechoices.eu/). Users of our App may opt out of receiving targeted advertising in mobile apps through participating members of the Digital Advertising Alliance by installing the AppChoices mobile app, available here, and selecting the user’s choices. Some of the companies we work with may offer their own opt-out mechanisms. For example, you can learn more about how Google uses cookies for advertising purposes by clicking here and opt-out of ad personalization by Google by clicking here.
Many of the opt-out preferences described in this section must be set on each device and/or browser for which you want them to apply. Please note that some of the advertising companies we work with may not participate in the opt-out mechanisms described above, so even after opting-out, you may still receive interest-based advertisements from other companies. If you opt-out of interest-based advertisements, you will still see advertisements online but they may be less relevant to you.
I. Do Not Track. Some browsers may be configured to send “Do Not Track” signals to the online services that you visit. The Services currently do not respond to “Do Not Track” or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
7. COLLECTION OF INFORMATION FROM CHILDREN.
The Company recognizes the importance of protecting the privacy and safety of children. The Company’s Services are not directed towards, and we do not knowingly collect information from, children under the age of 16.
8. OTHER SITES AND SERVICES.
The Company’s Sites, App and Services may link to third party websites, services, and applications. The Company shall not be responsible for any personal information collected through these means. Any such collected information is governed through such third party’s privacy policy. Any interactions you have with such third parties, including, but not in any way limited to, the use of a third party for the provision of an e-signature, are beyond the Company’s control. The Company urges you to read the privacy and security policies of any third party websites, services and applications before providing any personal information to or through them.
9. LOCATION OF DATA PROCESSING AND STORAGE.
Any personal information collected by Company is processed and stored in the United States and potentially other countries by the Company or by a third party acting on the Company’s behalf. Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country. When you provide personal information to the Company, where applicable law permits, you specifically and expressly consent to such transfer and the processing of your personal information as described herein.
Users located in Europe can view more information about cross-border transfers in the section titled, “NOTICE TO EUROPEAN USERS.”
10. NOTICE TO EUROPEAN USERS.
The information provided in this section applies only to individuals in the European Economic Area and the United Kingdom (collectively, “Europe”). Except as otherwise specified, references to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.
A. Controller. The controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation is Board Management Software, Inc. dba Boardable, 880 Monon Green Blvd., Ste. 101, Carmel, Indiana 46032, US.
B. Legal Bases for Processing. The legal bases of our processing of your personal information as described in this Privacy Policy will depend on the type of personal information and the specific context in which we process it. However, the legal bases we typically rely on are set out in the table below. We rely on our legitimate interests as our legal basis only where those interests are not overridden by the impact on you (unless we have your consent or our processing is otherwise required or permitted by law). If you have questions about the legal basis of how we process your personal information, contact us as provided at the end of this Privacy Policy.
| Processing Purpose (as described above in the section titled, “USES OF COLLECTED PERSONAL INFORMATION”) | Legal Basis |
|---|---|
| Provide the Services | Processing is necessary to perform the contract governing our operation of the Services, or to take steps that you request prior to engaging our services. Where we cannot process your personal information as required to operate the Services on the grounds of contractual necessity, we process your personal information for this purpose based on our legitimate interests as further described in this Privacy Policy. |
| Research and Development | Processing is based on our legitimate interests in performing research and development as described in this Privacy Policy. |
| Promotional Messaging or Advertising Interest-Based Advertising | Processing is based on your consent where that consent is required by applicable law. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consented or via the relevant Services. Where such consent is not required by applicable law, we process your personal information for this purpose based on our legitimate interests in promoting our business and providing you with tailored, relevant content. |
| To Comply with Laws and Regulations | Processing is necessary to comply with our legal obligations. |
| For Compliance, Fraud Prevention, and Safety | Processing is necessary to comply with our legal obligations or based on our legitimate interests in protecting our or others’ rights, privacy, safety, or property. |
| With Your Consent | Processing is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consent or via the relevant Services. |
C. Use for New Purposes. We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.
D. Your Rights. European data protection laws may give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete. Delete your personal information.
- Port. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. Restrict the processing of your personal information.
- Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You may submit these requests by contacting us at the email address provided at the end of this Privacy Policy. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. In the European Economic Area, you can find your data protection regulator here. In the United Kingdom, you can find your data protection regulator here.
E. Cross-Border Data Transfer. If we transfer your personal information to a country outside of Europe such that we are required to apply additional safeguards to your personal information under European data protection laws, we will do so. Please contact us as provided at the end of this Privacy Policy for further information about any such transfers or the specific safeguards applied.
11. NOTICE TO CALIFORNIA RESIDENTS (SHINE THE LIGHT).
Under California Civil Code sections 1798.83-1798.84, California residents who have an established business relationship with the Company are entitled to ask us for a notice describing what categories of personal information we share with third parties for the third parties’ direct marketing purposes. If you are a California resident and would like a copy of this notice, please submit your request to the email address listed at the end of this Privacy Policy with “Shine the Light” in the subject line.
12. NOTICE TO NEVADA RESIDENTS.
Nevada Revised Statutes Chapter 603A allows Nevada residents to opt-out of the “sale” of certain types of personal information. Subject to several exceptions, Nevada law defines “sale” to mean the exchange of certain types of personal information for monetary consideration to another person. If you are a Nevada resident who wishes to exercise your “sale” opt-out rights, you may submit a request to the email address listed at the end of this Privacy Policy with the subject line “Nevada Opt-Out” in the subject line.
13. QUESTIONS; UPDATES TO PRIVACY POLICY.
A. Questions. If you have any questions or concerns about our Privacy Policy or any other privacy or security issue, please contact us at legal@boardable.com.
B. Changes to this Privacy Policy. The Company may review and update this Privacy Policy periodically. If we modify how we collect, use, or share personal information, we will post the updated Privacy Policy on this page. In some cases, we may post a notice on the Services, email you, or other means as may be required by applicable law to inform you of changes to our Privacy Policy.
