Privacy Policy

Effective as of June 12, 2020

OpenFin Privacy Policy

This Privacy Policy (“Policy”) governs how OpenFin Inc. (“OpenFin,” “we,” “us,” or “our”) collects, uses, processes, discloses and retains your information, and what choices you have with respect to such information. This Policy applies to information collected when you visit our Websites (www.openfin.co, developers.openfin.co), or otherwise use any OpenFin-developed applications, technology or products (collectively, the “Services”). The first section below explains which terms are applicable to you depending on what type of user you are.

By visiting our Websites and/or using our Services, you are agreeing to the terms of this Policy and the accompanying Terms of Use. Capitalized terms not defined in this Policy have the meaning set forth in the Terms of Use. If you do not agree to this Policy, please do not access or use the Services.

Navigation

  • 1

    User Types and Applicability

    • 1.1

      User Types. This Policy applies to users of the Services. Such users include 1) visitors to our Websites, 2) users of our applications, technology, products or other Services who are not associated with an OpenFin Enterprise Customer account (“Free Users”), and 3) end users of OpenFin Enterprise Customer accounts (“Enterprise Users”).

    • 1.2

      Applicability. Except as noted herein, this Policy applies to all of these types of users. This Policy does not apply to corporate entities that have entered into separate agreements (each a “Customer Agreement”) with OpenFin. Notwithstanding the above, to the extent that the application of this Policy to Enterprise Users conflicts with special provisions of a Customer Agreement, the Customer Agreement shall govern.

    • 1.3

      Non-Applicability to Third-Party Services. These Terms govern only the Services operated by OpenFin listed above. We do not operate the third-party applications or services accessible through OpenFin or that utilize OpenFin OS, and such third-party services are subject to those entities’ own Privacy Policies.

  • 2

    Information We Collect

    • 2.1

      Information Collected Directly from You. We collect information that you choose to provide us through the Services, including:

      • Registration information. To register for an OpenFin ID, you are required to provide your name, business email address, and name of the business you work for. You will also be asked to create a password for your account.
      • Profile Information. After you register for an OpenFin ID, you may provide certain information in your profile, including name, business name, title, a profile picture, or other information you choose to provide in your profile.
      • Preferences. OpenFin may allow you to set preferences within the Services, such as which applications to display on your dashboard. We will collect this information so that we can save your preferences in future sessions.
      • Other Information. You may also give us information to allow us to contact you or use certain features available through our Services without signing up for an Account, such as when you fill out a request form, provide feedback, email us, or engage in communications with our team.
      • Inquiries and technical support. You may provide us with information when you interact with us in other ways, such as when you submit requests or questions to us, or when you contact us for technical support.
    • 2.2

      Information Collected from Your Employer. If you are an Enterprise User, the company associated with the domain you used to register for OpenFin (your “Employer”) may provide us with certain information about you to facilitate account registration and management, such as your name, business email address, title, and dates of employment. If you are a Free User, your Employer may verify your employment with that company and may inform us if your employment status changes.

    • 2.3

      Information Collected Through Automated Means. We and our service providers use a variety of technologies to collect information about how you use and interact with the Services. Such information includes:

      • Log files. As you use our Services, we automatically record information in log files. These log files may include information such as your web or content requests, IP address, browser type and settings, referring/exit pages and URLs, number of clicks, date and time stamp information, language preferences, data from cookies and similar technologies, and other such information.
      • Services metadata. We collect metadata that provides high-level information about how you interact with the Services, such as the names of apps you access, frequency and duration of use, and other information.
      • Information from cookies and similar technology. A cookie is a small text file that is placed on your computer when you visit a site. Cookies enable site operators to (i) recognize your computer and login session; (ii) store your preferences and settings; (iii) understand which pages of the websites you have visited; (iv), enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests; (v) perform analytics; and (vi) assist with security and administrative functions. As you use the Services and/or browse the OpenFin website, we and our services providers use a variety of technologies, including cookies and similar technology, to assist in collecting information about how you access and use the Services. Such information may include your operating system, your IP address, browser type and language, referring pages and URLs, keywords, date and time, what sections of our Websites you visit or use, device identifiers such as MAC address and UUID, carrier and country location, hardware and processor information, network type, and similar data (collectively, the “usage information”).

        We also work with third-party partners that use cookies to collect usage information about how visitors use our Website and our Services. The trusted third parties we currently work with include the following; please click on each link to learn more about their privacy practices and your choices with respect to managing these cookies:

        Google Analytics: http://tools.google.com/dlpage/gaoptout

        AdRoll: https://www.adrollgroup.com/privacy

        Heap: https://heap.io/privacy

        We may share usage information with these third parties for the purpose of tailoring, analyzing, managing, reporting, and optimizing advertising you see elsewhere. These third parties may use cookies, pixel tags (also called web beacons or clear gifs), and/or other technologies to collect such usage information for such purposes. Pixel tags enable us, and these third-party advertisers, to recognize a browser’s cookie when a browser visits the site on which the pixel tag is located in order to learn which advertisement brings a user to a given site.

        Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari).

      • Information from third-party sources. We may enhance the information we collected about you with information from third-party sources, including social media, information available to us through add-ons or plug-ins, public websites, and employer directories.
    • 2.4

      Aggregate/De-Identified Information. We may aggregate and/or de-identify information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/De-Identified Information”). We may use Aggregate/De-Identified Information for any purpose, including without limitation for research and marketing purposes, and may also share such data with third parties without restriction.

  • 3

    How We Use Your Information

    • 3.1

      General. We may use your information to:

      • Provide, maintain, and operate the Services;
      • Improve the Services and develop new features;
      • Respond to your inquiries;
      • Provide technical support and assistance;
      • Communicate with you about the Services, including to provide you with service-related communications or inform you of new products or features;
      • Communicate with your employer about employee usage and determining appropriate account charges;
      • Send you marketing communications about products and services that we think may be of interest to you, as permitted by local law and consistent with your preferences.
      • Engage in analysis, research, and reports regarding use of the Services;
      • Protect and secure the Services and our users;
      • Establish, exercise, or defend our legal rights, including to enforce compliance with our Terms of Service and Privacy Policy; and
      • Comply with applicable laws, regulations, subpoenas, governmental requests or legal process, or in connection with a legal investigation.
    • 3.2

      Special Terms for Enterprise Users. If you are an Enterprise User, your Employer’s Customer Agreement governs how we may use your Registration Information, Profile Information, and Information Collected from Your Employer, as those terms are described in Section 2.1 (“Enterprise User Information”), and we will use such information only as permitted by the Customer Agreement or as otherwise directed in writing by your Employer. In the absence of Customer Agreement terms governing the use of Enterprise User Information or written instructions from your Employer, we may use Enterprise User Information for any of the purposes set forth in Section 3.1 above.

  • 4

    How We Share Information

    We share the information described in Section 2 as follows:

    • Service Providers. We may share or provide access to your information with third-party service providers that use such information only to perform services on our behalf, such as supporting the operation of our site, advertising and marketing our Services, analytics, research, data storage, security, and others.
    • Business Transfers. If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner. In such case, your information would remain subject to the promises and commitments contained in this Policy until such time as this Policy is updated or amended by the acquiring party upon notice to you. If such transfer is subject to additional mandatory restrictions under applicable laws, OpenFin will comply with such restrictions.
    • Consent. If you are a Free User, we may disclose your information to third parties when you provide us your consent to do so.
    • With Your Employer. If you are an Enterprise User, we will share your Enterprise User Information with your Employer, or with others as directed by your Employer. If you are a Free User, we may share the email address you used to register for the Services with your Employer for the purposes of verifying your eligibility to register for OpenFin and terminating your account upon termination of your employment.
    • Entities for Legal Purposes. We will disclose the information we collect where we have a good faith belief that such disclosure is: (a) required by law (or to respond to subpoenas, warrants, government requests, or similar process served on us); (b) pursuant to our DMCA notice and take-down policy and procedures; and/or (c) necessary to protect or defend our legal rights or property, the Services, you, or other third parties, or ensure the safety and security of our Services, systems, and of our customers or the general public.
  • 5

    Data Retention

    We will retain your information for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law, or for Enterprise Users, where the Customer Agreement requires or permits specific retention or deletion periods.

  • 6

    International Users

    • 6.1

      Data Controller and Processor Disclosure. Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information about you (“personal data”). For Free Users, OpenFin is the data controller of all categories of personal data collected through the Services, which are set forth in Section 2 of this Policy. For Enterprise Users, OpenFin acts as a data processor on behalf of its Enterprise customers with respect to Enterprise User Information (as that term is defined in Section 3.2), and as a data controller with respect to other information described in Section 2, including but not limited to Information Collected through Automated Means.

    • 6.2

      Cross-Border Data Transfers. The Services are operated from the United States. If you are located outside of the United States, please be aware that any information you provide to us and/or that we collect from you, including personal data, will be transferred from your country of origin to the United States, which may have different data protection laws than your jurisdiction. We may also transfer information that we collect about you to third party processors across borders and from your country or jurisdiction to other countries or jurisdictions around the world. In such cases, where required by law, OpenFin has put into place safeguards to ensure adequate protection of your data, such as European Commission-approved standard contractual clauses. Where permitted by law, we may also transfer data to other jurisdictions with your consent.

    • 6.3

      Legal Bases for Use of Your Personal Data. OpenFin processes personal data for which it is the data controller pursuant to the following legal bases under the EU General Data Protection Regulation (“GDPR”):

      • Where use of your information is necessary to perform our obligations under a contract with you (for example, to comply with our Terms of Service which you accept by using the Services);
      • Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security for our Services; operate our Services; prevent fraud, analyze use of and improve our Services, and for similar purposes);
      • Where use of your information is necessary to comply with a legal obligation; or
      • Where we have your consent to process data in a certain way.
    • 6.4

      Data Processing Addendum. OpenFin offers a Data Processing Addendum to its Enterprise Customers that supplements the Customer Agreement or any master subscription agreement. This addendum reflects our requirements as a processor of Enterprise User Information. You may access a copy of our standard Data Processing Addendum and instructions for signing and submitting the Addendum here by sending an email to legal@openfin.co with the subject “Enterprise Data Processing Addendum Request.”

    • 6.5

      EU Representative. Our representative in the EU is Adam Toms 14 New Street London EC2M 4HE UK.

  • 7

    Security

    We maintain appropriate security measures to protect your information from loss, misuse and unauthorized access, disclosure, alteration and destruction, and comply with applicable laws and regulations relating to the security of personal information. Not all methods of accessing our Services are equally secure. If you are an Enterprise User, it is your responsibility to check beforehand on the privacy and/or security policy of your Employer prior to accessing the Services.

  • 8

    Children’s Information

    We do not knowingly collect any personal information from children under the age of 13. If you are under the age of 13, please do not give us any personal information. If you have reason to believe that a child under the age of 13 has provided personal information to us, please contact us at privacy@openfin.co, and we will endeavor to delete that information from our databases.

  • 9

    Third-Party Services

    The Services may contain links or provide access to Third-Party Services, as further described in our Terms of Service. We have no control over these Third-Party Services, including their privacy practices. As such, we are not responsible for the privacy policies of those Third-Party Services. You should check the applicable third-party privacy policy and terms of use when visiting any Third-Party Services and before providing them with your information.

  • 10

    Your Rights and Choices

    • 10.1

      Email Marketing

      • You may manage your receipt of marketing and non-transactional communications by clicking on the “Manage Email Preferences” link located on the bottom of any OpenFin marketing email and following the instructions found on the page to which the link takes you. You cannot opt out of receiving transactional emails related to the Services.
    • 10.2

      Requests Regarding Your Personal Information

      • Depending on your jurisdiction of residence, you may have certain rights with respect to your personal information, including the right to correct, amend or delete your personal information. If you would like to exercise your rights under applicable law, please email us at privacy@openfin.co with your name, OpenFin ID, and a description of your request. We may request additional information to verify your identity, and will respond to your request as required by applicable law in your jurisdiction. Where permissible by law, we may require payment of a non-excessive fee to defray our expenses in this regard. Please allow us a reasonable time to respond to your inquiries and requests.
      • If you are an Enterprise User, please note that you must contact your Employer for more information about your rights with respect to Enterprise User Information.
    • 10.3

      Do Not Track

      OpenFin does not monitor, recognize or honor any opt-out or do not track mechanisms including general web browser, “Do Not Track” settings and/or signals.

    • 10.3

      Shine the Light Disclosure.

      • The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes.
  • 11

    Changes to the Policy

    This Policy is effective as of the “Last Updated” date posted at the top of this page. We may change this Policy from time to time and will post any changes on this page as soon as they go into effect, and/or provide additional notice as required by applicable law. By accessing the Services after we make any such changes, you are deemed to have accepted such changes. Please refer back to this Privacy Policy on a regular basis.

  • 12

    Contact Us

    If you have questions about this Privacy Policy, please email us at privacy@openfin.co, or write to us at OpenFin, Inc., 80 Broad, 35th Floor, New York, New York 10004.