Privacy

Appinium Privacy Statement, effective as of December 7, 2022

Appinium, Inc. (“Appinium”) offers software as a service (“SAAS”) to enterprise clients for use on the Salesforce.com platform (“Salesforce platform” or “SFDC”). Appinium’s 100% native enterprise-wide video, content, sales enablement, and learning engagement solution is designed to drive business clients’ outcomes for their entire internal population of team members as well as for their customers, partners, donors and all non-internal team member who interact with their brand. As a Native Salesforce product, 100% of the computing and 100% of the Personal Data, if any, is in Salesforce and never leaves our customers Salesforce org.

Appinium is committed to protecting the private information of all persons who utilize Appinium’s suite of applications on the Salesforce platform. To that end, Appinium does not collect or store any private information belonging to any end user, i.e., employees or customers of Appinium’s clients who access and use Appinium’s suite of applications to drive video, content and learning across the Salesforce platform.

 

General Information about Appinium Users and Visitors:

Appinium does not collect personal or private information that can be used to identify any specific user or visitor to its website. Appinium also does not sell any personal information of any kind to anyone.

If Appinium’s customer has chosen to use Appinium for storage using Microsoft Azure (“Azure”) when the user launches a video. Content, eLearning, and/or learning application on the Salesforce platform using the Appinium Applications, Appinium passes the user’s object ID, Salesforce Organization ID (“Org ID”) and IP address to the Appinium back-end server hosted in Azure. The user ID and the org ID are then used to confirm that the user is authorized to launch the content file and then such information is discarded (at the end of the session) without being stored anywhere by Appinium or its back-end server hosted by Azure. This process allows Appinium to ensure the user is authorized by Appinium’s business client to launch a content file from the Salesforce platform using Appinium’s media player application, and for no other purposes.

If a user is utilizing Appinium’s Applications without using Appinium’s storage option in Azure, then when the user launches a media file on the Salesforce platform using Appinium, Appinium does not collect and/or pass on the user’s object ID, org ID and IP address to the Appinium back-end server hosted on Azure.

Appinium will process users’ IP addresses in order to extract the geo location (city/country/region) of the user. The IP address is then discarded without being stored anywhere by Appinium or its back-end server hosted by Azure. The geo information is stored in Azure and is then associated with the content file being launched.

Appinium uses its commercially reasonable best efforts to maintain any information users submit privately and use it only for the purposes and in the manner as set forth herein.

By using Appinium, Appinium’s website, Salesforce or Salesforce Experience Cloud platform, each user hereby consents to the collection and use of data as described above in this Privacy Notice.

This Appinium Privacy Statement (“Privacy Statement”) explains our privacy practices for the activities described herein. Please read this Privacy Statement carefully to learn how we collect, use, share, and otherwise process information relating to individual users (“Personal Data”), and to learn about your rights and choices regarding your Personal Data.

A reference to “Appinium,” “we,” “us” or the “Company” is a reference to Appinium, Inc. and its relevant subsidiary involved in the collection, use, sharing, or other processing of Personal Data.

This Privacy Statement also factors in, or references to, all Privacy Policies of Salesforce, which do not apply to the extent Salesforce processes Personal Data in the role of a processor or service provider on behalf of Appinium or Salesforce customers, including where they offer to Salesforce customers various products and services through which Salesforce customers (or their affiliates): (i) create their own websites and applications running on Salesforce platforms; (ii) sell or offer their own products and services; (iii) send electronic communications to others; or (iv) otherwise collect, use, share or process Personal Data via Salesforce products and services.

We are not responsible for the privacy or data security practices of our customers, which may differ from those explained in this Privacy Statement. For more information, please also see Section 9.3 below.

 

1. Processing activities covered

This Privacy Statement applies to the processing of Personal Data collected by us when you:

  • Visit our websites that display or link to this Privacy Statement;
  • Visit our branded social media pages;
  • Receive communications from us or otherwise communicate with us, including but not limited to emails, phone calls, texts or faxes;
  • Use our products and services as an authorized user (for example, as an employee of one of our customers who provided you with access to our services) where Salesforce acts as a controller of your Personal Data;
  • Use of our Appinium Experience portal

Our websites and services may contain links to other websites, applications, platforms and services maintained by third parties. The information practices of these third parties, including the social media platforms that host our branded social media pages, are governed by their privacy statements, which you should review to better understand their privacy practices.

Please note Processing of Personal Data is required for receiving certain products or services.

 

2. What Personal Data do we collect?

2.1 Personal Data we collect directly from you

The Personal Data we collect directly from you includes identifiers, professional or employment-related information, account information, visual information, and internet activity information, among others. We collect such information in the following situations:

  • If you express an interest in obtaining additional information about our services; request customer support (including accessing the Appinium Experience Portal) ; use our “Contact Us” or similar features; register to use our websites or to receive communications; sign up for an event, webinar; participate in a program; act as an authorized user for our products and services; or download certain content, we may require that you provide to us your contact information, such as your name, job title, company name, address, phone number, email address or username and password;
  • If you register with Salesforce for a variety of purposes, including joining an online community that we host or participating in a program, Salesforce may ask you to provide a username, photo or other biographical information, such as your occupation, location, social media profiles or usernames, company name, areas of expertise and interests;
  • If you interact with our websites or emails, we automatically collect information about your device and your usage of our websites or emails (such as Internet Protocol (IP) addresses or other identifiers), which may qualify as Personal Data (please see Section 4 below) using cookies or similar technologies;
  • If you use and interact with our products and services, we collect information about your device and your usage of our services through log files and other technologies, some of which may qualify as Personal Data (please see Section 3 below);

If you provide us, our service providers or our affiliates with any Personal Data relating to other individuals, you represent that you have the authority to do so, and where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Privacy Statement. If you believe that your Personal Data has been provided to us improperly or want to exercise your rights relating to your Personal Data, please contact us by using the information in Section 12 below.

2.2 Personal Data we collect from other sources

We also collect information about you from other sources including third parties from whom we purchase Personal Data and from publicly available information. We may combine this information with Personal Data provided by you. This helps us update, expand, and analyze our records, identify new customers, and create more tailored advertising to provide services. The Personal Data we collect from other sources includes identifiers, professional or employment-related information, education information, commercial information, visual information, internet activity information, and inferences about preferences and behaviors. In particular, we collect such Personal Data from the following sources:

  • Third party providers of business contact information, including mailing addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), IP addresses, social media profiles, LinkedIn URLs and custom profiles, for purposes of targeted advertising, delivering relevant email content, event promotion and profiling, determining eligibility and verifying contact information;
  • Another individual at your organization who may provide us with your personal information, which may include Personal Data and special categories of Personal Data, to the extent you consent to providing it and sharing it, for the purposes of obtaining services and assessing our goals related to encouraging diversity within our vendors; and
  • Platforms such as GitHub to manage code check-ins and pull requests. If you participate in an open source or community development project, we may associate your code repository username with your community account so we can inform you of program changes that are important to your participation or relate to additional security requirements.

 

3. What device and usage data do we process?

We use common information-gathering tools, such as tools for collecting usage data, cookies, web beacons, pixels, and similar technologies to automatically collect information that may contain Personal Data as you navigate our websites, our services, or interact with emails we have sent to you.

3.1 Device and usage data

As is true of most websites, we gather certain information automatically when individual users visit our websites. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server information), device and application information, identification numbers and features, location, browser type, plug-ins, integrations, Internet service provider, mobile carrier, the pages and files viewed, searches, referring website, app or ad, operating system, system configuration information, advertising and language preferences, date and time stamps associated with your usage, and frequency of visits to the websites. This information is used to analyze overall trends, help us provide and improve our websites, offer a tailored experience for website users, and secure and maintain our websites.

In addition, we gather certain information automatically as part of your use of our products and services. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server), mobile device number, device and application identification numbers, location, browser type, Internet service provider or mobile carrier, the pages and files viewed, website and webpage interactions including searches and other actions you take, operating system type and version, system configuration information, date and time stamps associated with your usage and details of which of our products and product versions you are using. This information is used to maintain the security of the services, to provide necessary functionality, to improve performance of the services, to assess and improve customer and user experience of the services, to validate that you are a licensed user, to review compliance with applicable usage terms, to identify future opportunities for development of the services, to assess capacity requirements, to identify customer opportunities, and for the security of Appinium generally (in addition to the security of our products and services). Some of the device and usage data collected by the services, whether alone or in conjunction with other data, could identify you. Please note that this device and usage data is primarily used to identify the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the services to our customers.

3.2 Cookies

A cookie is a small piece of data that a website asks the browser of a person accessing Appinium’s website to store on that person’s computer or mobile device. “Cookies” refer to cookies and other similar technologies covered by the EU Directive on privacy in electronic communications. Appinium may use cookies on its website. Such cookies are, however, blocked until the party accessing Appinium’s website expressly opts-in and provide consent to Appinium to use any such cookies.

We use both session-based and persistent cookies on our websites. Session-based cookies exist only during a single session and disappear from your device when you close your browser or turn off the device. Persistent cookies remain on your device after you close your browser or turn your device off. To change your cookie settings and preferences for one of our websites, click the Cookie Preferences link in the footer of the page. You can also control the use of cookies on your device, but choosing to disable cookies on your device may limit your ability to use some features on our websites and services.

3.3 Notices on behavioral advertising and opt-out for website visitors

As described above, we or one of our authorized partners may place or read cookies on your device when you visit our websites for the purpose of serving you targeted advertising (also referred to as “online behavioral advertising” or “interest-based advertising”). To learn more about targeted advertising and advertising networks, please visit the opt-out pages of the Network Advertising Initiative, here, and the Digital Advertising Alliance, here.

To manage the use of targeting and advertising cookies, consult your individual browser settings for cookies. To learn how to manage privacy and storage settings for Flash cookies, click here. Various browsers may also offer their own management tools for removing HTML5 local storage.

3.4 Opt-Out from the setting of cookies on your individual browser

In addition to using the user preference center, in many cases you may opt-out from the collection of non-essential device and usage data on your web browser (see Section 4.1 above) by managing your cookies at the browser or device level. In addition, if you wish to opt-out of interest-based advertising, click here (or, if located in the European Union or United Kingdom, click here). Please note, however, that by blocking or deleting cookies and similar technologies used on our websites, you may not be able to take full advantage of the websites.

While some internet browsers offer a “do not track” or “DNT” option that lets you tell websites that you do not want to have your online activities tracked, these features are not yet uniform and there is no common standard adopted by industry groups, technology companies, or regulators. Therefore, we do not currently commit to responding to browsers’ DNT signals with respect to our websites. Appinium takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

3.5 Social Media Features

Our websites may use social media features, such as the “Tweet” button and other sharing widgets (“Social Media Features”). Social Media Features may allow you to post information about your activities on our website to outside platforms and social networks. Social Media Features may also allow you to like or highlight information we have posted on our website or our branded social media pages. Social Media Features are either hosted by each respective platform or hosted directly on our website. To the extent the Social Media Features are hosted by the platforms themselves, and you click through to these from our websites, the platform may receive information showing that you have visited our websites. If you are logged in to your social media account, it is possible that the respective social media network can link your visit to our websites with your social media profile.

 

4. Purposes for which we process Personal Data and the legal bases on which we rely

We collect and process your Personal Data (including, where legally permissible, special categories of Personal Data) for the following purposes. Where required by law, we obtain your consent to use and process your Personal Data for the below purposes. Otherwise, we rely on another authorized legal basis (including but not limited to the (a) performance of a contract or (b) legitimate interest) to collect and process your Personal Data, as further detailed below.

  • Providing and promoting our websites and services (including necessary functionality): We process your Personal Data to perform our contract with you for the use of our websites and services and to fulfill our obligations under the applicable terms of use and service; if we have not entered into a contract with you, we base the processing of your Personal Data on our legitimate interest to operate and administer our websites and services and to provide you with content you access and request (e.g., to download content from our websites);
  • Promoting the security of our websites and services: We process your Personal Data by tracking use of our websites and services, creating aggregated non-personal data, verifying accounts and activity, investigating suspicious activity, and enforcing our terms and policies to the extent it is necessary for our legitimate interest in promoting the safety and security of the services, websites, systems and applications and the security of Appinium generally, and in protecting our rights and the rights of others;
  • Managing user registrations: If you have registered for an account with us, we process your Personal Data by managing your user account for the purpose of performing our contract with you according to applicable terms of service;
  • Handling contact and user support requests: If you fill out a “Contact Me” web form or request user support, or if you contact us by other means including but not limited to via phone, we process your Personal Data to perform our contract with you and to the extent it is necessary for our legitimate interest in fulfilling your requests and communicating with you;
  • Managing payments: If you have provided financial information to us, we process your Personal Data to verify that information and to collect payments to the extent that doing so is necessary to complete a transaction and perform our contract with you;
  • Contract fulfilment: We may process your Personal Data for the purposes of fulfilling our contract with you or your employer (e.g. if you are an authorized user of our products and services or work for a service provider or supplier to Appinium). We do this where it is necessary for the performance of the relevant contract;
  • Developing and improving our websites and services: We process your Personal Data to analyze trends and to track your usage of and interactions with our websites and services to the extent it is necessary for our legitimate interest in developing and improving our websites and services and providing our users with more relevant content and service offerings, or where we seek your consent;
  • Assessing and improving user experience: We process device and usage data as described in Section 3.1 above, which in some cases may be associated with your Personal Data, to analyze trends and assess and improve the overall user experience to the extent it is necessary for our legitimate interest in developing and improving the service offering or website, or where we seek your consent;
  • Reviewing compliance with applicable usage terms: We process your Personal Data to validate that you are a licensed user and to review compliance with the applicable usage terms in our customer’s or user’s contract to the extent that it is in our legitimate interest to ensure adherence to the relevant terms;
  • Assessing capacity requirements: We process your Personal Data to assess the capacity requirements of our services to the extent that it is in our legitimate interest to ensure that we are meeting the necessary capacity requirements of our service offering;
  • Identifying customer opportunities: We process your Personal Data to assess new potential customer opportunities to the extent that it is in our legitimate interest to ensure that we are meeting the demands of our customers and their users’ experiences;
  • Recording phone calls and video calls: We may record phone calls and video calls for training, quality assurance, sales, and administration purposes. If required under applicable law, we will obtain your prior consent or give you the option to object to a phone or video call being recorded;
  • Sending communications: We will process your Personal Data or device and usage data, which in some cases may be associated with your Personal Data, to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, telemarketing calls, SMS, or push notifications) about us and our affiliates and partners, including information about our products, promotions, news or events as necessary for our legitimate interest in conducting direct marketing or to the extent you have provided your prior consent (please see Section 9 below to learn how you can control the processing of your Personal Data by Appinium for marketing purposes);
  • Collection of diversity information: We may process your Personal Data (including special categories of Personal Data) to the extent you voluntarily consent to provide it to meet our broader community-minded goals related to diversity and equality of opportunity. If required under applicable law, we will obtain your consent or explicit consent; and
  • Compliance with legal obligations: We process your Personal Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Data to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of our websites or services, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, respond to lawful requests, or for auditing purposes.

If we need to collect and process Personal Data by law, or under a contract we have entered into with you, and you fail to provide the required Personal Data when requested, we may not be able to perform our contract with you.

 

5. Who do we share Personal Data with?

  • We may share your Personal Data as follows:
    Service providers: With our contracted service providers, who provide services such as IT and system administration and hosting, credit card processing, research and analytics, marketing, customer support and data enrichment for the purposes and pursuant to the legal bases described above in Section 4;
  • Affiliates: If you use our websites to register for an event or webinar organized by one of our affiliates, we may share your Personal Data with the affiliate to the extent this is required on the basis of the affiliate’s contract with you to process your registration and ensure your participation in the event; in such instances, our affiliate will process the relevant Personal Data as a separate controller and will provide you with further information on the processing of your Personal Data, where required.
  • Customers with whom you are affiliated: If you use our services as an authorized user, we may share your Personal Data with your affiliated customer responsible for your access to the services to the extent this is necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies;
  • Third party networks and websites: With third-party social media networks, advertising networks and websites, so that Appinium can market and advertise on third party platforms and websites;
  • Third parties involved in a corporate transaction: If we are involved in a merger, reorganization, dissolution or other fundamental corporate change, or sell a website or business unit, or if all or a portion of our business, assets or stock are acquired by a third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party; and

We may also share anonymous or de-identified usage data with Appinium’s service providers for the purpose of helping Appinium in such analysis and improvements. Additionally, Appinium may share such anonymous or de-identified usage data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our services.

For more information on the recipients of your Personal Data, please contact us by using the information in Section 12 below.

 

6. International Transfer of Personal Data

Your Personal Data may be collected, transferred to and stored by us in the United States and by our affiliates and third-parties as mentioned in Section 5, above, that are based in other countries.

Therefore, your Personal Data may be processed outside your jurisdiction, including in countries and jurisdictions that are not subject to an adequacy decision by the European Commission or your local legislature or regulator, and that may not provide for the same level of data protection as your jurisdiction. SFDC ensures that the recipient of your Personal Data offers an adequate level of protection and security, for instance by entering into the appropriate back-to-back agreements and, if required, standard contractual clauses or an alternative mechanism for the transfer of data as approved by the European Commission (Art. 46 GDPR) or other applicable regulators or legislators.

SFDC complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union, and Switzerland, as applicable, to the United States in reliance on Privacy Shield. SFDC complies with the E.U.’s Data Transfer Mechanisms, which can be found here.

Where required by applicable law, we will only share, transfer or store your Personal Data outside of your jurisdiction with your prior consent.

 

7. Children

Our websites and services are not directed at children. We do not knowingly collect Personal Data from children under the age of 16, or such other applicable age of consent for privacy purposes in relevant individual jurisdictions, unless (a) we have obtained consent from a parent or guardian, (b) such collection is subject to a separate agreement with us or (c) the visit by a child is unsolicited or incidental. If you are a parent or guardian and believe your child has provided us with Personal Data without your consent, please contact us by using the information in Section 12 below and we will take steps to delete their Personal Data from our systems.

 

8. How long do we keep your Personal Data?

We may retain your Personal Data for a period of time consistent with the original purpose of collection (see Section 4 above) or as long as required to fulfill our legal obligations. We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation).
After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of such data.
For more information on data retention periods, please contact us by using the information in the Section 12 below.

 

9. Your rights relating to your Personal Data

9.1 Your rights

You may have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws these rights may include the right to:

  • Access your Personal Data held by us;
  • Know more about how we process your Personal Data;
  • Rectify inaccurate Personal Data and, taking into account the purpose of processing the Personal Data, ensure it is complete;
  • Erase or delete your Personal Data;
  • Restrict our processing of your Personal Data;
  • Transfer your Personal Data to another controller, to the extent possible;
  • Object to any processing of your Personal Data;
  • Opt-out of certain disclosures of your Personal Data to third parties;
  • If you’re under the age of 16, or such other applicable age of consent for privacy purposes in relevant individual jurisdictions, opt in to certain disclosures of your Personal Data to third parties;
  • Not be discriminated against for exercising your rights described above;
  • Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects (“Automated Decision-Making”); and
  • Withdraw your consent at any time (to the extent we base processing on consent), without affecting the lawfulness of the processing based on such consent before its withdrawal.

Please note that Automated Decision-Making currently does not take place on our websites or in our services.

9.2 How to exercise your rights

To exercise your rights, please contact us by using the information in Section 12 below. Your Personal Data may be processed in responding to these rights. We try to respond to all legitimate requests within one month unless otherwise required by law, and will contact you if we need additional information from you in order to honor your request or verify your identity. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive. If you are an employee of a Appinium customer, we recommend you contact your employer’s system administrator for assistance in correcting or updating your information.

Some registered users may update their user settings, profiles, organization settings and event registrations by logging into their accounts and editing their settings or profiles.

To update your billing information, discontinue your account or request return or deletion of your Personal Data and other information associated with your account, please contact us by using the information in Section 12 below.

9.3 Your rights relating to customer data

As described above, we may also process Personal Data submitted by or for a customer to our products and services. To this end, if not stated otherwise in this Privacy Statement or in a separate disclosure, we process such Personal Data as a processor on behalf of our customer (and its affiliates) who is the controller of the Personal Data (either Appinium or SFDC). We are not responsible for and have no control over the privacy and data security practices of our customers, which may differ from those explained in this Privacy Statement. If your data has been submitted to us by or on behalf of a Appinium customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with them directly. Because we may only access a customer’s data upon their instructions, if you wish to make your request directly to us, please provide us the name of the Appinium customer who submitted your data to us. We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.

9.4 Your preferences for email and SMS marketing communications

If we process your Personal Data for the purpose of sending you marketing communications, you may manage your receipt of marketing and non-transactional communications from Appinium by clicking on the “unsubscribe” link located on the bottom of Appinium marketing emails, by replying or texting ‘STOP’ if you receive Appinium SMS communications, or by unsubscribing via e-mail.

You may also turn off push notifications on Appinium apps on your device, or unsubscribe by contacting us using the information in the “Contacting us” section, below.

Please note that opting out of marketing communications does not opt you out of receiving important business communications related to your current relationship with us, such as communications about your subscriptions or event registrations, service announcements or security information.

 

10. How we secure your Personal Data

Both Appinium and SFDC take appropriate precautions including organizational, technical, and physical measures to help safeguard against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of, or access to, the Personal Data we process or use.

While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions. If you have any questions about the security of our websites, please contact us by using the information in Section 13 below.

 

11. Changes to this Privacy Statement

We will update this Privacy Statement from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. If we do, we will update the “effective date” at the top. If we make a material update, we may provide you with notice prior to the update taking effect, such as by posting a notice on our website or by contacting you directly, or where required under applicable law and feasible, seek your consent to these changes.

We encourage you to periodically review this Privacy Statement to stay informed about our collection, processing and sharing of your Personal Data.

 

12. Contacting us

To exercise your rights regarding your Personal Data, or if you have questions regarding this Privacy Statement or our privacy practices, please email us at inquiries@Appinium.com or write to us at:

Appinium (Appinium Privacy)
268 Bush St. #3836
San Francisco, CA 94104, USA

When you contact us, please indicate in which country and/or state you reside.

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, and you are located in the European Economic Area, the United Kingdom or Australia New Zealand, you have the right to lodge a complaint with the competent supervisory authority.

 

13. SFDC’S Adherence to APEC Privacy Recognition for Processors (PRP) System

Salesforce participates in the APEC PRP system as per Salesforce’s APEC PRP Notice. If you have an unresolved privacy or data use concern that Salesforce has not addressed to your satisfaction, please contact SDFC’s third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

 

14. Additional Components for California

The California Consumer Privacy Act and the California Privacy Rights Act of requires businesses to disclose whether they sell Personal Data. As a business operating in California covered by the CCPA and CPRA, we do not sell any individual’s Personal Data, nor do we share an individual’s Personal Data, other than to process such data pursuant to the SaaS contract by which we are bound with our Customers, to us any personal information only for the contractual purposes stated in that specific contract. Stated otherwise, we do not have any individuals as Customers, since we only sell to businesses, some of which may obtain and store Personal Data for their Customers, but never in the custody or control of Appinium.

More specifically, Appinium is a Service Provider as defined Section under the CPRA. As the CPRA states, a “service provider” is an entity that receives personal information from or on behalf of a business and processes that personal information on behalf of a business pursuant to a written contract that prohibits any retention, use, or disclose of the personal information other than a specified in that contract.

As a Service Provider, Appinium:

  • Only uses personal information to perform services on behalf of our Customers (each a business), and only as necessary to comply with the services specified in our contract with that Customer;
  • Includes certification language in contracts with Appinium customers (as needed) that states:
    • “Appinium hereby certifies that we understand and will comply with the restrictions on our use, retention, disclosure, and selling (as defined by California law) Customer’s Data specifically personal information.”
    • “Appinium does not sell any personal information obtained from any Customer or person, for any reason.”
  • Has implemented organizational structure to comply with the terms of each Customer contract
  • Has implemented security safeguards to protect the security of ALL data, including any Personal Data the Appinium  Customers may collect through the use of Appinium software, and is stored in our servers.
  • Has placed contractual obligations on any Third-Party service providers, under contract with Appinium, that store any of Appinium Customer Data on their servers.

We only share Personal Data with third parties or allow them to collect Personal Data from our sites or services if those third parties are authorized service providers or business partners who have agreed to our contractual limitations as to their retention, use, and disclosure of such Personal Data, or if you use Appinium sites or services to interact with third parties or direct us to disclose your Personal Data to third parties.
California law requires that we detail the categories of Personal Data that we disclose for certain “business purposes,” such as to service providers that assist us with securing our services or marketing our products, and to such other entities as described in Sections 4 and 5 of this Privacy Statement. We disclose the following categories of Personal Data for our business purposes:

  • Identifiers;
  • Commercial information;
  • Internet activity information;
  • Inferences drawn from any of the above information categories.

California law grants state residents certain rights, including the rights to access specific types of Personal Data, to learn how we process Personal Data, to request deletion of Personal Data, and not to be denied goods or services for exercising these rights.

If you are a California resident under the age of 18 and have registered for an account with us, you may ask us to remove content or information that you have posted to our website(s).

For information on how to exercise your rights, please refer to Section 9.2 of this Privacy Statement. If you are an authorized agent wishing to exercise rights on behalf of a California resident, please contact us using the information in the “Contacting Us” section above and provide us with a copy of the consumer’s written authorization designating you as their agent.

We may need to verify your identity and place of residence before completing your rights request.