Effective Date: December 16, 2019
Privacy Shield Framework
UserZoom Technologies, Inc. (including its parent/subsidiary company(ies), such as User Zoom, Inc., UserZoom Limited, UserZoom GmbH) participates in and has certified its compliance with the EU-U.S. and Swiss-US Privacy Shield Framework (“Privacy Shield Framework”). We are committed to processing all personal data received from European Union (EU) member countries and Switzerland, in reliance upon the Privacy Shield Framework, in accordance with the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list.
We are responsible for the processing of personal data we receive, under the Privacy Shield Framework, and may subsequently transfer such data to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions thereunder.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website [https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint], you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Information we collect
We collect the following personal information from our customers:
Information we collect directly from you
- Account information. When we create your account, we collect your username, password, email address, first and last name. When you add new users to your account, we collect the same information for all such additional users.
- Account settings. You can set default preferences in your account.
- Survey data. We store your study data (questions, responses and data) for you.
- Other data you intentionally share. We may collect your personal information or data if you submit it to us in other contexts (i.e., via a different channel or method).
Information we collect about you from other sources
- Usage data. We collect usage data about you whenever you interact with our services. This may include which webpages you visit, what you click on, when you performed those actions, and so on. Additionally, like most websites today, our web servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses.
- Device data. We collect data from the device and application you use to access our services, such as your IP address and browser type. When you download and use our Services, we automatically collect information on the type of device you use and operating system version. We may also infer your geographic location based on your IP address. We collect this location-based information for purposes of providing the services hereunder.
- Referral data. If you arrive at a UserZoom website from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.
- Information from page tags. We use third party tracking services that employ cookies and page tags (also known as web beacons) to collect data about visitors to our websites. This data includes usage and user statistics.
How we use your personal information
We treat your study questions, responses and data as information that is private to you. We do not sell your survey data to third parties.
We use the information we collect from you in connection with our provision of the services to you, including as follows:
- To provide you with our services.
- This includes providing you with customer support, which requires us to access your information in order to assist you (such as assistance with study design and creation, or technical troubleshooting).
- To manage our services. We internally use your information for the following limited purposes:
- To monitor and improve our services and features. We internally perform statistical and other analysis on information we collect (including usage data, device data, referral data, and information from page tags) to analyze and measure user behavior and trends, to understand how people use our services, and to monitor, troubleshoot and improve our services.
- To prevent or stop potentially illegal activities.
- To screen for undesirable or abusive activity.
- To create new services and features.
- To contact you about your subscription to our services or your account. We occasionally send you communications (e.g. service-related announcements, billing-related matters, changes to our services or policies, a welcome email when you first register). You can’t opt out of these basic communications since they are required in order for us to provide our services to you.
- To contact you for marketing purposes (if you opt in).
Communications you may receive - Newsletters
If you wish to subscribe to our newsletter(s), we will use your name and the email address provided to send the newsletter to you. If you wish to no longer receive these emails you may follow the unsubscribe instructions contained in each of the email communications you receive or contact us directly at firstname.lastname@example.org.
Communications you may receive - Service-related announcements
We will send you strictly service-related announcements on occasion when it is necessary to do so. For instance, if our services are temporarily suspended for maintenance, we might send you an email.
Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, you have the option of deactivating your account.
We use other third parties such as an email service provider to send out emails, provide audio and/or recording capabilities, and provide cloud-computing infrastructure (i.e., datacenter services) on our behalf. When you sign up for our services, we will share your personal information only as necessary for such third parties to provide the relevant services. We will also use such information to administer your account.
The third parties we currently rely on (as of the “effective date” set forth above) in our provision of the services, are:
|Provider name||Service description|
|Amazon Web Services||Datacenter service provider|
|Zoom||Video conferencing tool used in moderated studies|
|Marketo||Marketing tool used to send commercial emails|
|Auth0||Service provider used for Single Sign-On integrations|
|Use of tracking technologies to improve the website user’s experience (Google Analytics)|
|Skilljar||UserZoom Academy hosting provider|
|Salesforce||Customer relationship management (CRM) platform|
|Zendesk||Support ticketing management platform|
Access to your personal information and choice
UserZoom acknowledges that you have the right to access your personal information. Upon request UserZoom will provide you with information about whether we hold any of your personal information. If your personally identifiable information changes, or if you no longer desire our service, you may choose to correct, update, delete/deactivate or access it by emailing us directly at email@example.com. We will respond to your request within a reasonable timeframe, not to exceed 30 days.
We will retain your information for so long as your account is active or as needed to provide you with the services under the relevant service agreement. Please note that we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Data Protection Officer (DPO)
In compliance with 2016/679 of the European Parliament (General Data Protection Regulation - GDPR), we have appointed a Data Protection Officer (DPO) who is responsible for any privacy and data protection concerns related to UserZoom, and who can be reached at firstname.lastname@example.org.
Legal disclosures and business transfers
If UserZoom is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or via a prominent notice on our website at www.userzoom.com (“Website”) of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
Moderated studies – Specific provisions
In the event you are setting up a moderated study:
- In the event you include individuals who participate as observers (“Observers”) in the moderated study session, they must be muted during the whole study.
UserZoom disclaims any and all responsibility and liability that may derive from non-compliance with respect to the provisions above.
The security of your personal information is important to us. We follow industry best practices to protect the personal information submitted to us, both during transmission and once we receive it. We also comply with the security requirements of 2016/679 of the European Parliament (General Data Protection Regulation - GDPR), that regulates our processing of personal data. These security measures include:
- Data encryption both at rest and in transit
- Continuous infrastructure monitoring
- Periodic internal vulnerability scans
- Secure backup policy and Disaster Recovery Plan
- Internal risk assessments
- SOC2 certification
No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security.
In particular, we use Google Analytics in order to perform the aforementioned. In the event you do not wish to be tracked by the Google Analytics Tool, you can use the following link in order to install a browser extension that prevents this data collection: https://tools.google.com/dlpage/gaoptout/
As is true of most websites, we use a third party tracking-utility partner to gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.
Links to other websites