Effective Date: November 12, 2020
Qualified.com, Inc. (“Qualified”, “us”, “we”, or “our”) operates https://www.qualified.com (the “Website”) and https://app.qualified.com (the “App”) (together, or individually, the “Sites”). Qualified provides certain services to its business customers - you can learn more about our “Services” here. This privacy policy (“Privacy Policy”) describes our collection, use, and disclosure of the following categories of information:
Information that we process as a “controller” (“Customer Data”). Our Sites and Services are designed for businesses and their representatives. We do not offer our Sites and Services for use by individuals for their personal, family or household purposes. Accordingly, we treat all personal information we collect from Customers as pertaining to individuals in their capacities as business representatives and not their individual capacities. If you visit our Website, use our App, or receive email communications from us, then this privacy policy (“Privacy Policy”) applies to you (as a “Customer”) and describes how we collect, use, and disclose your information. By using our Sites or Services, you agree to our processing of your information in accordance with this Privacy Policy and our Terms of Service.
Information that we process as a “processor” (“Service Data”). If you are a visitor to or user of a website, application, or service on which a Customer uses our Services (an “End-User”), then any information that we collect through our Services is subject to the Customer’s privacy policy and applicable terms. When we provide our Services to a Customer, we process such data as a “data processor” for or on behalf of our Customer, and the Customer is considered the “data controller”. If you are an End User of one of our Customer’s websites, applications, services, you should review that Customer’s privacy policy to learn more about that Customer’s privacy practices in relation to our Services, including its collection and use of your data, its legal bases for processing your data, its policies and options around marketing and its data retention policies.
If you are a Customer, we may ask you to provide us with certain information, such as your name, postal address, email address, and employer. You do not have a statutory or contractual obligation to provide us with your information; however, certain information may be required in order to enter into a contract with us or receive Services.
We may also collect information from third parties, such as other users of our Services (e.g., we may receive your email address from a Customer that provides it to us in order to invite you to our Services).
We also collect data about you automatically through your use of our Sites or Services, as described in the “Automatically Collected Data” section below.
Data we collect from or about you as a Customer, regardless of the source, is considered to be “Customer Data”. We may combine the information that we collect directly from you with information that we collect from third parties and/or automatically.
We use Customer Data as follows:
For Customers located in the European Economic Area (“EEA”), we process Customer Data when we have the legal basis to do so. That is, if you are a Customer in the EEA, we will only process your Personal Data (as that term is defined in the GDPR) when:
We retain Customer Data for as long as necessary to fulfill the purposes set forth in this Privacy Policy, provide our Site or Services, or as long as we are legally required or permitted to do so. For example, we retain our Customers’ account information for as long as their accounts are active and a reasonable period thereafter in case a Customer decides to re-activate our Services; we also retain Customer Data as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, and to continue to develop and improve our Services. Customer Data may persist in copies made for backup and business continuity purposes for additional time.
We receive Service Data from or on behalf of our Customers in conjunction with providing our Services to Customers. Because of the nature of our Services, this Service Data may contain any type of data, but typically includes name, IP address and device data, contact information and company information, such as email address, company name and number of employees.
Data we collect from or about End Users of our Customers’ websites, applications, or services, regardless of the source, is considered to be Service Data, and in conjunction with our Services, we may combine the information that we collect directly from End Users with information that we collect automatically or other information that a Customer provides or makes accessible to us through the Services.
Subject to our contractual obligations and depending on the particular Services a Customer uses, we use Service Data as follows:
We note that, depending on how a Customer uses our Services, they may be able to view End User activities on their websites, applications, or services in real time, such as seeing which webpages of Customer websites and End User scrolls through. Customers may also direct us to record conversations between End Users and them, including conversations that End Users have through online chat features of our Services, as well as any calls that may be made using our Services.
We retain Service Data consistent with our contractual obligations to our Customers.
We may disclose Customer Data and Service Data in the following ways:
We collect information about you when you provide it to us and automatically when you use our Sites or Services.
Log Data
We collect information that your browser sends whenever you visit our Sites, use our App, or engage with one of our Customers through our Services (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, location information derived from your IP address, browser type, browser version, the pages of our Sites or a Customer’s service that you visit, the time and date of your visit, the time spent on those pages and other statistics. When you access our Sites or Services, or engage with one of our Customers through our Services, by or through a mobile device, we also collect information such as the following: the type of mobile device you use, your mobile device’s unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, and your general location information, as described further below.
Cookies and Targeted Advertising
Some of our automatic data collection is facilitated by cookies and similar technologies. These technologies may facilitate targeted advertising, analytics and help operate our Sites and Services. We may allow third parties such as ad exchanges, web analytics vendors, and social networking platforms to use these technologies to collect certain data and information about our Customers’ and other users’ interaction with us on our Sites and elsewhere on the internet (e.g., search and click stream information, browser and device type, time and date, cookie and session ID, and the identity or type of advertisements clicked or scrolled over) and to use this information to display ads for Qualified and other entities when Customers or other users use our Services or other websites or applications. These third parties may tie the data collected using these technologies with other Customer Data in order to measure and target advertisements tailored to the Customer’s interests across the user’s devices. For more information, see our Cookie Policy.
Do Not Track (“DNT”) is a privacy preference that you can set in certain web browsers. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT. You can learn more about Do Not Track here.
If you are a Customer, we may use your information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send, or by emailing privacy@qualified.com.
If you are a Customer located in the EEA or another jurisdiction with similar individual data rights, you may have certain legal rights (subject to applicable exceptions and limitations) to obtain confirmation of whether we hold Personal Data about you, to access, and to correct, update, amend, or request deletion of the Personal Data we maintain about you in appropriate circumstances. You may also have rights to object to our handling of your Personal Data, restrict our processing of your Personal Data, and to withdraw any consent you have provided. To exercise these rights, please contact us as described in Section 14 below with the nature of your request, and we will endeavor to respond to your request as required by applicable law.
We may need to collect certain personal information to provide certain services. If you do not provide the information requested, we may not be able to provide those services. We will tell you what information you must provide to receive the Services by designating it as required at the time of collection or through other appropriate means.
The security of your information is important to us, and we strive to implement and maintain security procedures and practices designed to protect Personal Data from unauthorized access, destruction, use, modification, or disclosure. However, please be aware that no method of transmission over the internet, or method of electronic storage or transmission is 100% secure, and we are unable to guarantee the absolute security of the information we have collected about you.
Your Personal Data may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction. If you are located outside the United States and choose to provide Personal Data to us, please note that we transfer Personal Data to the United States or other locations and process it there, where privacy laws may differ from those in your state, province, or country.
Qualified complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data transferred from the EEA, the United Kingdom, and Switzerland to the United States. Qualified has certified to the Department of Commerce that it adheres to the Privacy Shield Principles and that it complies with the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. To learn more about the Privacy Shield program and to view our certification, please visit: https://www.privacyshield.gov/. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. While Qualified is certified under the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield Frameworks, we no longer rely on the EU-U.S. Privacy Shield Framework as a legal basis for transfers of personal data in light of the judgment of the Court of Justice of the EU in Case C-311/18. We also do not rely on the Swiss-U.S. Privacy Shield Framework as a legal basis for transfers of personal data in light of the policy paper of the Swiss Federal Data Protection and Information Commissioner of September 8, 2020. If we transfer personal data to countries such that we are required to apply appropriate safeguards to your personal data under European data protection laws, we rely on alternative cross-border transfer mechanisms and safeguards. Please contact us for further information about any such transfers or the specific safeguards applied using the contact details listed in Section 13, below.
Our Services may contain links to other websites or online locations that are not operated or controlled by us. If you click on a third-party link, you will be directed to that third party’s sites or services. We strongly advise you to review the privacy policy of every site or service you visit. We have no control over, and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
Our Services are not targeted to be used by anyone under the age of 18 (“Children”), and we do not knowingly collect personally identifiable information (as that term is defined in the Children’s Online Privacy Protection Act (“COPPA”)) or Personal Data from Children. If you are a parent or guardian and you learn that your Children have provided us with personally identifiable information or Personal Data, please contact us. If we become aware that we have collected such information from Children without verification of parental consent, we take steps to remove that information from our servers.
We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Sites or Services after we post any modifications to the Privacy Policy will constitute your acknowledgment of the modifications and your agreement to abide and be bound by the modified Privacy Policy. If we make any material changes to this Privacy Policy, we will notify you as required by law, such as by emailing you or by placing a prominent notice on our Website.
If you have any questions or concerns about this Privacy Policy or need additional information about our privacy practices, please contact us at: privacy@qualified.com or 450 Mission Street, Suite 204, San Francisco, CA 94105. Our Chief Privacy Officer can be reached at cpo@qualified.com.