Effective Date: April 14, 2017
This privacy policy (the "Privacy Policy") describes how Chartbeat, Inc. ("Chartbeat", "We" or "Us") collects and uses personal information relating to: (i) users of our websites, including chartbeat.com (collectively, the âSiteâ); (ii) registered users of the Chartbeat service ("Customers"); and (iii) end-users of our Customers' websites on which the Chartbeat service is implemented ("Customer Websites"). Certain sections of this Privacy Policy are only relevant if you are a user of our Site; others are only relevant if you are a Customer, or an end-user of Customer Websites.
If you have any questions or comments regarding this privacy policy or its enforcement, please contact Us at privacy@chartbeat.com.
By visiting the Site and using the Chartbeat service (the "Service"), you agree to our use and processing of your personal information as set out in this Privacy Policy.
If you are a Customer using the Service, this Privacy Policy is a part of Our Terms of Service. "Terms of Service" as used herein shall refer to Our online terms of use as well as the terms of any master service agreement or other agreement governing your use of the Service. You agree to be bound by the Terms of Service and this Privacy Policy. Capitalized terms used here and defined in the Terms of Service shall have the meanings set forth in the Terms of Service. Any order forms or additional agreements to which you agree governing the provision of optional Chartbeat features shall take precedence over the terms of this Privacy Policy to the extent of any differences, so please read such order forms or additional agreements carefully.
This Privacy Policy only addresses activities on our Site and Service.
If We change this Privacy Policy and seek to use personal information which has already been collected and stored by Us in a manner which is different from that stated at the time of collection, We will either notify the relevant users and/or Customers via e-mail or otherwise in some manner through the Site or Service.
If We make any material changes in Our privacy practices that do not affect personal information already collected and stored by Us, We will post a notice on Our Site notifying users and/or Customers of the change.
We generally use the information We collect from users of Our Site, Customers of our Service, and end users of Our Customer Websites to create a secure and personalized service.
For users of our Site, We collect and store account information, such as user email addresses, names, billing information, as well as Site use data, which includes how users interact with Our Website. We use that data to allow Us to identify users, administer the Service, make product decisions and notify users of changes or updates to the Site.
If a users decides to provide it, We also collect and store the Customerâs phone number, which We use to assist Us in providing the Service, including to contact them in account recovery and other scenarios.
We also collect other information from users, such as IP address and browser type. We use the IP addresses to assist in login and other uses related to use of the Service. User's sessions on Our Site are also tracked for systems administration purposes and to track user trends. We may link IP address and other information to a user's account.
We also collect user ID and password information to enable them to log into and use the Service.
Finally, Customers are automatically opted-in to receive marketing emails from us when they register for the Service. Customers can opt-out of marketing emails by adjusting their account settings, but we may still need to send Customers e-mails relating to their accounts.
For Customers specifically, We collect and store personal information that our Customers submit to Us, such as their names and e-mail addresses, to allow Us to identify Customers, provide the Service and notify Customers of changes or updates to the Service.
If a Customer elects to provide it, We also collect and store the Customerâs phone number, which We use to assist Us in providing the Service, including to contact them in account recovery and other scenarios.
We also collect other information from Customers, such as IP address and browser type. We use the IP addresses of Customers to assist in login and other uses related to Customersâ use of the Service. Customersâ sessions on Our Site are also tracked for systems administration purposes and to track user trends. We may link IP address and other information to a Customer's account.
We also collect Customersâ user ID and password information to enable them to log into and use the Service.
Finally, Customers are automatically opted-in to receive marketing emails from us when they register for the Service. Customers can opt-out of marketing emails by adjusting their account settings, but we may still need to send Customers e-mails relating to their accounts.
For end users of Customer Websites, when an end user visits a Customer Website, We collect certain information regarding their use of the Customer Website, such as their IP address and browser type. Their session on the Customer Website will be tracked, but each user will remain anonymous. We may use their IP address to identify the general geographic area from which they are accessing the Customer Website. We do not link IP addresses to any personal information. We also use this information for systems administration purposes, abuse prevention and to track user trends.
As part of the Service, We collect information relating to traffic on the Customer Websites ("Traffic Data") on which Customers choose to activate the Service. In connection with the collection of this Traffic Data, Chartbeat does not collect any personal information from users of Customer Websites, provided that (i) Chartbeat does collect IP addresses from visitors to Customer Websites in order to show geolocation information, and (ii) the Customer configures the Chartbeat code on the Customer Website in accordance with the instructions and documentation provided by Chartbeat, so that URLs containing personal information of end users are not captured by the Service.
Traffic Data is used to provide Customers with real-time analytics and uptime monitoring. We may aggregate and anonymize Traffic Data with that from other sites to provide benchmarking data and other functionality, but Chartbeat will not use or disclose aggregated Traffic Data in a manner that reveals the identity of a Customer or Customer Website without the Customerâs express prior consent.
We also collect and use browser header information to help Us understand from which websites a user navigates to a Customer Website.
Chartbeat is not and shall not be liable for any collection or use of personal information of end users of a Customer Website due to a Customerâs placement of the Chartbeat code on the Customer website not in accordance with Chartbeatâs instructions or the documentation.
Except as expressly provided otherwise herein, we will not sell, lease or exchange the personal information relating to: (i) users of our Site; (ii) our Customers; or (iii) any end user of our Customers' websites (to the extent that we obtain personal information), to third parties without first obtaining their express consent, unless required by law.
For Customers and end users of Customer Websites, We may aggregate and anonymize Traffic Data with that from our other Customers to provide benchmarking data and other functionality, but we will not disclose aggregated Traffic Data in a manner that reveals the identity of a Customer or a Customer Website without the Customerâs express prior consent.
For all types of personal information (from users of our Site, Customers and end users of Customer Websites), We employ other companies and people to perform tasks on our behalf and may need to share personal information with them to provide our products and services. Examples include billing, technical assistance, and customer service. Our agents subscribe to the same level of privacy protection as we do. Unless we tell you differently, Chartbeatâs agents do not have any right to use the personal information we share with them beyond what is necessary to assist us. Any agent that we share your personal information with must agree, via contract, to provide adequate protections for the personal information that are no less protective than those set out in this policy.
In some cases, Chartbeat may choose to buy or sell assets. In these types of transactions, information about Customers as well as aggregated and anonymized data is typically one of the business assets that is transferred. Moreover, if Chartbeat, or substantially all of its assets, were acquired, user information would be one of the assets that is reviewed and transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Chartbeat may continue to use your personal information as set forth in this Privacy Policy.
In some cases, Chartbeat may be required to disclose personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
In cases of onward transfer to third parties of data of EU or Swiss individuals received pursuant to the EU-US and Swiss-US Privacy Shield, Chartbeat remains potentially liable if third party processing personal information received from the European Union or Switzerland on its behalf processes that personal information in a manner which is inconsistent with the Privacy Shield Principles (unless Chartbeat can prove that it is not responsible for the event giving rise to the damage).
Whether you are a user of our Site, a Customer or an end user of a Customer Website, We will not use or share your personal information other than as set forth in this Privacy Policy, or as you have explicitly authorized, without obtaining your consent.
If at any time We would like to disclose your personal information to a third party in a manner not described above, We will provide you with an affirmative or explicit (opt in) choice. To limit the use and disclosure of your personal information, you may also submit a written opt-out request to privacy@chartbeat.com.
Except as set out above and below specifically in relation to our Customers, personal information will not be used to directly market the Service unless that possible use of the information has been disclosed to you and you have authorized us to permit such disclosure.
As noted above in relation to our Customers specifically, Customers are automatically opted-in to receive marketing emails from us when they register for the Service. Customers may choose not to receive marketing emails from Us and can opt out of such e-mails through their account settings.
Users of the Site, Chartbeat's Customers and end users of our Customers' Websites, may request access to personal information which is collected and used by Chartbeat in accordance with this Privacy Policy, so that they can correct it.
Note that We do not retain IP addresses, browser information or header information relating to users of our Customers' Websites for more than a temporary period of time in order to provide the Service, and as such, that information cannot be accessed or modified once deleted.
Chartbeat acknowledges that EU and Swiss individuals have the right to access the personal information/data that we maintain about them. An EU or Swiss individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his query to privacy@chartbeat.com. If requested to remove data, we will respond within a reasonable timeframe.
Customers who discontinue use of the Service may choose to have their personal information deleted from the Service by contacting legal@chartbeat.com.
Like many other websites, We use a standard technology called "cookies."
Cookies are small pieces of information stored on your hard drive. They can help make the Internet experience quicker and more convenient.
We may use cookies in connection with third party services to run analytics on Our Site; these cookies do not collect or use any personal information about users of Our Site or Service.
Cookies allow Customers to login without entering their user ID and password each time they use the Service.
We also use cookies on Customer Websites; these cookies help Us understand how users interact with those Customer Websites. Cookies also allow Us to improve the Service.
If a Customer does not allow the placement of Chartbeat cookies on its Customer Website, the ânew vs. returning userâ data point in its Chartbeat dashboard will not be accurately reported. If you choose to remove Chartbeat cookies, please refer to the documentation for your browser.
Most browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new cookie in a variety of ways. If you disable cookies, you will not be able to use the Service.
Chartbeat uses two cookies. One cookie (_chartbeat2) is used to register whether a user has visited the Customer Website before (to calculate ânew vs returningâ users). The other (_SUPERFLY_nosample) is used only if a Customer exceeds its planâs traffic limit. When the traffic limit is reached the cookie is set and will disable the beacon from that Customer for one hour. The chartbeat2 cookie will remain valid as to any given website visitor or user, until the user elects to disable it. The SUPERFLY_nosample cookie is valid for one hour.
Our Site may contain links to third party websites. Please be aware that We are not responsible for the privacy practices of third party websites you choose to visit. If you provide any personal information directly to parties other than Us, different rules may apply to the use or disclosure of that personal information. We encourage you to investigate and ask questions before disclosing your personal information to third parties.
We may choose to deploy advertising on the Site and Service that is delivered to users through a third party's advertising server. Information about users' visits to Our Site or use of our Service, such as the number of times a user has viewed an ad (but no personal information of the user), would be used in such a scenario to serve ads to users of Our Site and Service.
Please be aware that whenever one voluntarily discloses personal information online - e.g., on message boards, in chat areas, in file uploads, through events, etc. - that information becomes public and can be collected and used by others and indexed in search engines. We have no control over, and take no responsibility for, the use, storage or dissemination of such publicly disclosed personal information. By posting personal information online in public forums, users may receive unsolicited messages from other parties.
If you log on to our Site or Service through a social networking site (e.g., Facebook or Twitter), we may receive personal or anonymous data about you from that site, in accordance with the terms of use and privacy policy of that site. We may add this information to the information we have already collected from you via the Site or Service.
In compliance with the Children's Online Privacy Protection Act (COPPA), We do not knowingly provide access to the Service to persons under the age of thirteen (13). If We learn that any user of the Service is under the age of thirteen (13), We will take appropriate steps to remove that user's information from our records and We will restrict that individual from future access to the Service.
We have implemented security measures to protect user information from loss, misuse and alteration. We use industry-standard practices such as encrypted storage, firewalls and password protection systems to safeguard the confidentiality of personal information which is collected and used in accordance with this Privacy Policy. Each of Our employees and agents are aware of Our security policies; personal information is only available to those employees and agents who need it to perform their jobs.
We process all personal information in facilities in the United States. Personal information is either collected in the United States, obtained through websites which are hosted in the United States, or transferred to the United States from websites which are hosted outside of the United States.
Regardless of where the personal information comes from, it is subject to this Privacy Policy and receives the same level of privacy protection as described herein.
Chartbeat complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. Chartbeat has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
Chartbeat is subject to the investigatory and enforcement powers of the Federal Trade Commission in respect of any failure to comply with the Privacy Shield.
If you have any questions or complaints about how we use your personal information, or if you would like to request access to your information in accordance with this Privacy Policy, please contact Chartbeat's Chief Technology Officer at privacy@chartbeat.com, or Chartbeat, Inc. at 826 Broadway, 6th Floor, New York, New York 10003.
We follow internal procedures for verifying that Our commitments under this Privacy Policy have been implemented, and will remedy problems arising out of a failure to comply with this Privacy Policy, and (if applicable) the Privacy Shield Principles.
In compliance with the US-EU and Swiss-US Privacy Shield Principles, Chartbeat commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact Chartbeat at privacy@chartbeat.com.
Chartbeat has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint.
Provided certain conditions are met, you may also be entitled to invoke binding arbitration before a Privacy Shield Panel for residual claims about whether Chartbeat has violated its obligations to you under the Privacy Shield, and if that violation remains fully or partially unremedied.