Effective Date: March 27, 2018
Helpshift, Inc. (“Helpshift”, “we”, “us” or “our”) knows that you care about how your personal information is used and shared, and we take your privacy seriously. Accordingly, we have implemented this Privacy Statement to inform you of the information that we collect from you when you visit our website www.helpshift.com and its sub-domains (the “Website”) or use the Helpshift services and/or their related features (the “Services”), what we do with it and how you can exercise your privacy rights.
This Privacy Statement covers Helpshift’s treatment of personal information (“Personal Information”) that Helpshift gathers when you access/use the Website or Services.
1. What Personal Information does Helpshift collect and what does it use it for?
(i) Information you provide to us
Helpshift collects information you voluntarily submit to the Website or Services. For example, when you register for or use an account, request a demo, trial or further information about our Services, subscribe to marketing communications, provide your feedback, seek customer support, post comments on our blog, or sign up to our events or webinars, you may provide certain information to us such as your name, email address, contact details, company name, job role, payment related information (e.g. credit card number, physical address, etc.) and the nature of your request or communication.
We may also collect personal information from you offline, such as when you attend one of our events, during phone calls with sales representatives or support staff.
The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you for it. Examples of how we may use this information include:
- To provide you with our Website and Services, and to process transactions and orders;
- To respond to your online enquiries and requests, and to provide you with information and access to resources or services that you have requested from us;
- Set up your online account and send you administrative or account related information;
- Manage your account, customer relationship management, provide support and other related services;
- Where it is in accordance with your preferences send you marketing communications we think you’ll find valuable;
- To maintain and enhance our security and combat fraud, malware and other malicious activity or security risks;
- To obtain your feedback or user experience; or
- To carry out other legitimate business purposes, such as to improve our Website and Services, internal analytics, record-keeping, business planning and management.
(ii) Information that we collect automatically
In addition, we automatically receive and store certain device-related information whenever you interact with our Website or Services. Such information does not necessarily reveal your identity but may include information about the specific device you are using, such as your IP address, domain server, type of Internet browser, device model, device ID, operating system, network type, carrier, language, country and user location (where permitted).
We will use this information for a number of purposes, including:
- To provide, operate, optimize and maintain our Website and Services;
- To personalize content and improve the layout, navigation and content of our Website and Services;
- Produce analytics, identify trends and address Service issues;
- Maintain security and identify any server problems or other IT or network issues; or
- For other legitimate business purposes such as audits, for marketing and customer relationships, record keeping, business planning and management.
We may also use “cookies” to track your experience and use of the Website and Services as explained further under the heading “Cookies and similar tracking technology” below.
(iii) Information we process on behalf of our customers.
In the course of using our Services, our customers and their end-users may submit or upload certain content, communications, data, attachments or files to our Services for hosting and processing by us. For example, if an end-user communicates with our customer’s support staff using Helpshift’s In-App Chat features, then we will process the end-user’s name, email address and support request on behalf of our customers (as a data processor) and in accordance with their instructions. Our privacy practices in such cases will be governed by the contract that we have in place with them.
If you have any questions or concerns about how such information is handled, you should in the first instance, contact the relevant customer. We will provide assistance to our customers to address any concerns you may have, in accordance with the terms of our contract with them.
2. Will Helpshift share any of the Personal Information it receives?
We take care to allow your Personal Information to be accessed only by those who really need to in order to perform their tasks and duties, and to third parties who have a legitimate purpose for accessing it. We may share your Personal Information with third parties in the following circumstances:
Service Providers and Agents: We employ other companies and people to perform tasks on our behalf. For example, we may decide to use a third-party payment processing company to process payments you make through the Service. In addition, parts of the Service may be hosted by a third party on our behalf. Your Personal Information may be accessed by such providers/agents, in the event that we need to share your information with them to provide our Service to you. Unless we tell you differently, Helpshift’s agents do not have any right to use Personal Information we share with them beyond what is necessary to assist us. A list of our current third-party and affiliate sub-processors is available at https://www.helpshift.com/legal/subprocessors
Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, dissolution, corporate reorganization or other similar event.
Protection of Helpshift and Others: We may release Personal Information when we believe in good faith that release is necessary to establish or defend our legal rights; enforce or apply our conditions of use and other agreements; or protect the rights, property, or safety of Helpshift, our employees, our users, or others.
Compliance with laws: We may disclose information where necessary or required by law, in order to comply with legal process or government requests (including in response to lawful requests by public authorities to meet national security or law enforcement requirements).
With Your Consent: Except as set forth above, you will be notified when your Personal Information may be shared with third parties and will be able to prevent the sharing of this information.
3. Legal basis for processing personal information (EEA visitors only)
If you are a visitor from the European Economic Area (EEA), our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
If we ask you to provide personal information to comply with a legal requirement or to perform a contact with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “How to contact us” heading below.
4. Cookies and similar tracking technology
“Cookies” include commonly used pieces of information in the form of small files that are placed on an individual’s device to enable the individual to more easily communicate and interact with the Website and our Services. When you visit our Website, we may send one or more cookies to your browser. They enable us to store information about your device that is then used for matching certain other device-related information that we collect via the browser. This helps us, amongst other things, to provide you with a good experience when you browse our Website and enhance the level of services and functions provided.
“Web beacons” (also known as “single-pixel” or “clear” GIFs) include electronic images embedded in the Website which are invisible to users. Web beacons collect information, such as identifiers, time and date of access, and descriptions of the pages or communications in which the web beacons are embedded.
- Saving user preferences;
- Storing agent login information of the agents so that they don’t need to login every time they visit the dashboard
- Provide CSRF Protection
- Giving agents convenient access to be able to reply to a single issue by directly clicking on the link
- Customizing content of the Website and Services for individual users;
- Recording session information;
- Saving certain information about users of the Website and Services;
- Deliver advertising (including targeted ads) to you on the Website and on other websites; or
- Facilitating and enhancing interaction with the Website and Services.
Most browsers will allow you to erase cookies from your computer hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. You may also be able to refuse certain web beacons by adjusting the settings on your browser or device. Please refer to your browser help menu or device or operating system instructions to learn more about these functions. If you choose to block cookies, you may still use our Website and Services, though your access to some functionality and areas may be restricted.
5. Does Helpshift transfer Personal Information internationally?
Your Personal Information may be stored and processed by us in any country where we have facilities (e.g. India) or where we engage service providers (e.g. the U.S.). It may therefore be processed outside of your country of residence, which may have different data protection rules to those of your country. Where we do so, our collection, storage and use of your Personal Information will at all times be in accordance with this Privacy Statement and applicable laws.
Specifically, we may transfer your Personal Information to Helpshift, Inc. for processing in the U.S.
EU-U.S. and Swiss-US Privacy Shield
When transferring any Personal Information from the EEA (including UK) and Switzerland to the U.S., we adhere to the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks, as set forth by the U.S. Department of Commerce. Helpshift Inc. has certified adherence to and commits to apply the Privacy Shield Principles to all Personal Information it processes in reliance on the Privacy Shield.
For the purposes of enforcing compliance with the Privacy Shield, we are subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission.
For more information about the Privacy Shield, and to view our certification, see the U.S. Department of Commerce’s Privacy Shield website located at: https://www.privacyshield.gov
If we have received your Personal Information in the U.S. and subsequently transfer it to a third-party agent or service provider for processing, and such third party agent or service provider processes your Personal Information in a manner inconsistent with the Privacy Shield Principles, we remain responsible under the Privacy Shield unless we can prove we are not responsible for the event giving rise to the damage.
You can direct any questions or complaints about the use or disclosure of your Personal Information to us at email@example.com. We will investigate and resolve any complaints or disputes regarding the use of Personal Information within forty-five (45) days of receiving your complaint.
If you have an unresolved Privacy Shield complaint that we have not addressed satisfactorily, we commit to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner, as applicable, and to comply with the advice given by them in respect of the complaint. Click here for a list of EU DPAs.
You may have the option to select binding arbitration for the resolution of your complaint under certain circumstances. To find out more about the Privacy Shield’s binding arbitration scheme please see https://www.privacyshield.gov/article?id=ANNEX-I-introduction.
For information on how to request access, rectify or deletion of your Personal Information if it is inaccurate or processed in violation of the Privacy Shield, see “Questions or Concerns” below. Furthermore, we commit to giving you an opportunity to opt out if Personal Information we control about you is to be disclosed to any independent third parties, or is to be used for a materially different purpose from the purposes set out in this Privacy Statement. If you otherwise wish to limit the use or disclosure of your Personal Information, please write to us at the contact details further below.
6. How does Helpshift protect your Personal Information?
The security of your Personal Information is very important to us and we go to great lengths to ensure data are kept secure. We use appropriate technical and organizational security measures to protect your Personal Information from loss, misuse, and unauthorized access, disclosure, alteration and destruction, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore we cannot guarantee its absolute security.
7. Third party website/services
The Website may permit you to link to other websites on the Internet, and other websites may contain links to the Website. These other websites are not under Helpshift control, and such links do not constitute an endorsement by Helpshift of those other websites or the services offered through them. The privacy and security practices of websites linked to or from the Service are not covered by this Privacy Statement, and Helpshift is not responsible for the privacy or security practices or the content of such websites.
8. Data retention
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to fulfil your orders or to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible
Upon termination or expiry of the Agreement, Helpshift shall delete or return to Customer the Personal Data (including copies) in Helpshift’s possession. This requirement shall not apply to the extent that Helpshift is required by applicable law to retain some or all of the Personal Data or to Personal Data archived on backup systems.
9. Your data protection rights
- If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting us using the contact details provided under the “How to contact us” heading below.
- In addition, if you are a resident of the EEA, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided under the “How to contact us” heading below.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided under the “How to contact us” heading below.
- Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the EEA, Switzerland and certain non-European countries (including the US and Canada) are available here.)
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Please note that, as stated above, if you are an individual whose personal information has been collected through the Helpshift services (e.g. you have submitted a support request to a company that uses the our customer support technology) then we are acting as a data processor on behalf of those companies. You will need to contact the company (our customer) directly to exercise the rights above and they will respond to you accordingly. We will provide assistance to our customers to respond to your requests where required, in accordance with their instructions and the terms of our agreement with them.
10. Changes to this Privacy Statement
Helpshift may amend this Privacy Statement from time to time. Use of information we collect now is subject to the Privacy Statement in effect at the time such information is used. If we make changes in the way we use Personal Information, we will notify you by posting an announcement on our website, or via the Service, or sending you an email.
11. Questions or Concerns
If you have any questions or concerns regarding privacy, please send us a detailed message at firstname.lastname@example.org. We will make every effort to resolve your concerns.
For the purposes of European Data Protection Law, the Data Controller of EEA individual’s personal information Helpshift, Inc.