FRESHPAINT PRIVACY POLICY

Last Update: January 3, 2020

This Website Privacy Policy (“Privacy Policy”) provides information regarding how Perfalytics, Inc. doing business as Freshpaint (“Freshpaint” or “we”) collects, uses and transfers personally identifiable information (“Personal Data”) from you through Freshpaint’s publicly accessible website (http://www.Freshpaint.io) (the “Website” or “Site”). For convenience, the Site and our services are collectively referred to as the “Service.” By using this Website, you consent to the collection and use of your Personal Data as described herein. If you do not agree with the terms set out herein, please do not use this website. If Freshpaint decides to make changes to this Privacy Policy, Freshpaint will post the changes on this website so that you will know what Personal Data we collect, and how we use it. We therefore encourage you to periodically look for updates to this Privacy Policy.This Privacy Policy describes how Freshpaint makes use of your Personal Data and your rights regarding the same. The following information is included in this Privacy Policy:

THE FRESHPAINT SERVICE
COLLECTION OF PERSONAL DATA
USE AND PURPOSE OF COLLECTED PERSONAL DATA
LEGAL BASIS OF PROCESSING PERSONAL DATA
KEEPING YOUR PERSONAL DATA SECURE
PERSONAL DATA SHARED WITH THIRD PARTIES
RETENTION OF PERSONAL DATA
YOUR RIGHTS WITH RESPECT TO PERSONAL DATA
CROSS-BORDER DATA TRANSFER
PRIVACY SHIELD NOTICE
‍HOW TO CONTACT FRESHPAINT REGARDING PERSONAL DATA


1. THE FRESHPAINT SERVICE
Registered customers of the Service (“Clients“) use it to collect information about how their own users use Client websites, applications, services (“Client Services”) and related third-party applications (“Client Services Data”). Clients also use the Service to more efficiently route Client Services Data to their own third party applications/services and control how their own third party applications/services exchange Client Services Data.Freshpaint does this by collecting data on what users are doing, including but not limited to what webpages they visit, what users click on, where those users are located, what browser or platform those users are using, and many other forms of behavioral or personal data. Client Services Data may include, without limitation, information about the identity of Client users (such as name, postal address, e-mail address, IP address, and phone number), as well as information about the pages users visit, the features they use, and the actions they take while using the Client Services. This Privacy Policy does not apply to Client Services Data or to Client Services, and we are not responsible for our Clients’ handling of Client Services Data. Our Clients have their own policies regarding the collection, use, and disclosure of your personal information. To learn about how a particular Client handles your personal information, we encourage you to read the Client’s privacy statement. Our use of Client Services Data provided by our Clients in connection with our Service is subject to the written agreement between Freshpaint and Client.

2. COLLECTION OF PERSONAL DATA
When you request information on the Website, subscribe to a mailing list or for a service, respond to an online survey or otherwise actively send us data, we usually collect data such as:

If you receive services from us and advertently disclose personal health information to us, we may collect and store such personal health information also. This is limited only to customers who work with personal health information and collect personal health information. It is your responsibility to not disclose personal health information to Freshpaint.

You may opt out of providing information by not entering it when asked and, if such information is required in order to allow us to respond to your inquiry, you will receive a notice advising you of this.

When you visit the Website, we also track information on your computer and your internet connection, such as but not limited to:
the IP address of your computer and internet service provider, when you access the site, the IP address of websites from which you connect to our Website, and the computer systems you are using and your use or and preferences on our Site. We may also automatically record certain information from your device by using various types of technology, including:

We also may use these technologies to collect information regarding your interaction with email messages, such as whether you opened, clicked on, or forwarded a message. This information is gathered from all users and may be connected with other information about you.

When you use our Website, we may send one or more cookies (small text files containing a string of alphanumeric characters) to your device. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our Sites. Your web browser may provide you with some options regarding cookies. Please note that if you delete, or choose not to accept, cookies from our Websites, you may not be able to utilize the features to their fullest potential. We may use third party cookies in connection with our Website.

3. USE AND PURPOSE OF COLLECTED PERSONAL DATA
We use the information that we collect on or through our Website to:

4. LEGAL BASIS OF PROCESSING PERSONAL DATA
If you are visiting our Website from the European Economic Area, we typically collect and/or process your Personal Data when we have a legitimate business interest or your specific consent.

5. KEEPING YOUR PERSONAL DATA SECURE
To protect your Personal Data we use appropriate technical measures corresponding to the type of Personal Data and the risks associated with processing such Personal Data.  In the event of a data breach we will contact those affected and to the extent required the required regulator as required by applicable law.

6. PERSONAL DATA SHARED WITH THIRD PARTIES
Unless you have opted out from receiving commercial communications from Freshpaint, we also may share contact information (that we collect through various marketing efforts) with trusted business partners, such as system integrators, distributors and referral partners.  We may share personal information for legal, protection, and safety purposes; to comply with laws; to respond to lawful requests and legal processes; to protect our rights and property including but not limited to enforcing our agreements, policies, and terms of service. We may also share information in an emergency.

We may share or transfer your information in connection with a prospective or actual sale, merger, transfer or other reorganization of all or parts of our business. Also, we reserve the right to fully use and disclose any information that is not in personally identifiable form (such as statistics and survey results that do not identify you individually by name). We may also share aggregated and/or anonymized data with others for their own uses. We may also share any information that you voluntarily choose to include in a publicly accessible area of the Sites will be available to anyone who has access to that content, including other users.

7. RETENTION OF PERSONAL DATA
We may retain your Personal Data in connection with our ongoing legitimate business interest. When an ongoing legitimate business interest with respect to your Personal Data no longer exists we will delete such Personal Data.

8. YOUR RIGHTS WITH RESPECT TO PERSONAL DATA
Object to processing and opt-out.In connection with promotions or other projects, we may ask you specifically whether you have objections against a certain kind of data use or sharing. If you opt-out under such circumstances, we will respect your decision. To opt out of receiving commercial communications from Freshpaint please click on the “opt-out” link in the communication or, please contact us at privacy@Freshpaint.io. Please note that our affiliates and other data recipients have their own data privacy policies, which may differ from ours and you would have to contact them separately with respect to opt-out requests. In connection with promotions or other projects, we may ask you specifically whether you have objections against a certain kind of data use or sharing. If you opt out, we may still send you non-marketing emails. Non-marketing emails include emails about your accounts and our business dealings with you.

Correct or Update. You may send requests about personal information to our Contact Information below. You can request to change contact choices, opt-out of our sharing with others, and update your personal information.If personal information you have submitted through the site is no longer accurate, current, or complete, and you wish to update it, please send an e-mail to privacy@Freshpaint.io. Upon appropriate request we will usually update or amend your information, but we reserve the right to use information obtained previously to verify your identity or take other actions that we believe are appropriate.

You may request that we delete your personal information as well as request that we make your personal information available for porting.
Withdraw consent.You may withdraw your consent at any time, but such withdrawal shall only apply with respect to any processing after such withdrawal and you may request that Freshpaint make your Personal Data portable and make such Personal Data available to you. Right to complain.You may complain to a data protection authority regarding the use or collection of your personal information. Please contact you local data protection authority for more information regarding how to file such a complaint.

9. CROSS-BORDER DATA TRANSFER
If we transfer your personal information out of the European Economic Area or Switzerland and are required to apply additional safeguards to your personal information under European data protection legislation, we will do so. Such safeguards may include applying the European Commission Model contracts for the transfer of personal data to third countries described here, or for transfers to third parties in the United States, ensuring they participate in the EU-U.S. Privacy Shield Framework or Swiss-U.S. Privacy Shield Framework. Please contact us for further information about any such transfers or the specific safeguards applied.

Freshpaint itself has self-certified to the EU-U.S. and Swiss-U.S. Privacy Shield. For more information, see our Privacy Shield Notice.

10. PRIVACY SHIELD NOTICE
Prefalytics, Inc. doing business as Freshpaint (“Freshpaint” or “we”, “us” or “our”) complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred to it in the United States from the European Economic Area (“EEA”) or Switzerland, respectively. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. To learn more about the Privacy Shield program, the Privacy Shield Principles and to view our certification, please visit www.privacyshield.gov.

Scope. Our certification of adherence to the Privacy Shield Principles applies to the personal data that (a) we collect from our customers and other visitors to our website for account management, billing or marketing purposes (“Freshpaint User Data”) and (b) that we process on behalf of our customers in providing online services to them under a service agreement (“Services Data”).

Data processed. The Freshpaint User Data that we collect, use and share is described in our Privacy Policy. While our customers decide what Services Data to submit, it typically includes information about their own users and how they use the customer’s sites, applications and services and third-party applications. We process Services Data as instructed by our customers and do not own or control Services Data.

Purposes of data processing. We collect, use, and share Freshpaint User Data for the purposes described in our Privacy Policy. We process Services Data for the purpose of providing our online services to our customers, which may include accessing and processing the data to provide the services, to correct and address technical or service problems, to follow instructions of the customer who submitted the data, or in response to contractual requirements.

Inquiries and complaints. If you believe Freshpaint maintains your personal data within the scope of our Privacy Shield certification, you may direct any inquiries or complaints concerning our Privacy Shield compliance to privacy@freshpaint.io. If you are located in the EEA or Switzerland and have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider at https://go.adr.org/privacyshield.html.

Arbitration. If you are located in the EEA or Switzerland and neither Freshpaint nor our dispute resolution provider resolves your complaint, you may be entitled to invoke binding arbitration under certain conditions more fully described on the Privacy Shield website.

Third parties who may receive personal data. We share Freshpaint User Data with third parties as described in our Privacy Policy. We may share Services Data with third parties under the following circumstances and only in accordance with the applicable customer agreements:

Affiliates.
We may disclose Services Data to our subsidiaries and corporate affiliates for use consistent with this Privacy Policy.
Service Providers. We may employ third party companies and individuals to administer and provide the Service on our behalf (such as customer support, hosting, website analytics, email delivery, database management services). Freshpaint maintains contracts with these service providers restricting their access, use, and disclosure of personal data in compliance with our Privacy Shield obligations, including the onward transfer provisions, and we may be liable if they fail to meet those obligations and we are responsible for the event giving rise to damage.
Legal requirements. We may disclose Services Data if required to do so by law in order to (for example) respond to a subpoena or request from law enforcement, a court or a government agency, or in the good faith belief that such action is necessary (a) to comply with a legal obligation, (b) to protect or defend our rights, interests or property or that of third parties, (c) to prevent or investigate possible wrongdoing in connection with the services, (d) to act in urgent circumstances to protect the personal safety of customers, their users or the public; or (e) to protect against legal liability.
Business Transfers. As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Services Data may be part of the transferred assets.

In addition, we may be required to disclose any personal data that we process in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Your rights to access, to limit use, and to limit disclosure. Individuals in the EEA and Switzerland have rights to access personal data about them, and to limit use and disclosure of their personal data. With our Privacy Shield self-certification, we have committed to respect those rights. We process Services Data only on behalf of our customers in accordance with their instructions. This means that if you wish to access Services Data and request that we correct, amend, or delete it if it is inaccurate or processed in violation of Privacy Shield, you should contact that customer with your request. We will then help them to fulfill that request in accordance with their instructions.

If your personal data includes Freshpaint Personal Data, you can request access to that data and request that we correct, amend, or delete it if it is inaccurate or processed in violation of Privacy Shield by emailing your request to privacy@freshpaint.io. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.

U.S. Federal Trade Commission Enforcement. Freshpaint’s commitments under the Privacy Shield are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. If there is any conflict between the terms in this Privacy Shield Notice and the Privacy Shield Principles, the Privacy Shield Principles shall take precedence.

11. HOW TO CONTACT FRESHPAINT REGARDING PERSONAL DATA
We welcome your comments or questions about this privacy policy. You may also contact us as follows:
Email address: privacy@Freshpaint.io
Mailing Address: 602 Mason Street, Suite 403 San Francisco, CA 94102