Privacy Policy

Dated November 20, 2020

ClearOPS supports privacy by default. This Privacy Statement describes the actions we (“ClearOPS” or “we” or “us” or “our”) take as a business to use your private information and protect your privacy. This Privacy Statement also provides information that permits you to take actions to protect your own privacy. This Privacy Statement applies to submissions of your information to us through the website as well as when you use our services.

Some quick facts: We DO host our own email, so if you send us an email, it is not also accessible by a third party service provider on our side. However, we do use an email marketing service called Mailjet for our newsletters. We DO have a valid SSL certificate for our website, so that any information you send from the website to us is encrypted in transmission. Check out our rating (note, this link is to a third party) https://www.ssllabs.com/ssltest/analyze.html?d=clearops.io. We DO use a third party, called Webflow, to create and host this website and they link to some Google services. We know their code that they provided to us does link back to third party providers for things like fonts and display for this website (which you can see if you right click on the website and inspect it).

Consent

By using our website, you hereby consent to our Privacy Policy and agree to its terms.

What we collect

When you visit the website, we use a service called Webalizer that collects certain information about you, such as your IP address and the requests you made to our website. If you fill out a form on our website and the form requests your identifiable information and then you press submit, we are collecting that information through a third party service provider (Mailje). If you upload a questionnaire, policies, or other documents to our services, then we collect and store the information contained within those documents and we also analyze them for improvements and enhancements to our services. If you use our tools to respond to questions in documents uploaded to our services, then we collect and store that information and also analyze it for improvements and enhancements to our services.

How we use your information

Why we collect your personal data

We collect your personal data to sell or provide our services to you. If you fill out and then send us the completed web form, we use the data you provide to contact you to sell you our services or for whatever purpose you filled out the form. If you send us a login and password to access our application, then we collect that information to authenticate your access. We may need to use your personal data for other access and authentication, such as other dashboards and services we may provide in the future. If you are a business and you are concerned about the data we store on your behalf, you may request deletion of such data at any time (although deleting questionnaire responses may result in poor functioning of the service).

How we use your personal data

We sort of answered this in the prior section, but just to confirm, we use your personal data to deliver the services to you or to communicate with you or to try to sell you our services (which is part of communicating, but we want to make sure you get the point). If you want to opt out, you always have that right. If at any time you need to contact us, please use this email address privacy@clearops.io.

Log Files

ClearOPS follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.

Cookies and Web Beacons

Until recently, we were able to not use cookies. We are doing a Product Hunt upcoming launch and part of that means you add cookies to your website, which we did. We do host Twitter and Linkedin redirects to those accounts so if you click on the links, Twitter or Linkedin will likely record where you came from (this site) and once you are on their site, this privacy statement and its use of cookies no longer applies.

Who we share your personal information with and why

We do use service providers, such as AWS, so they have access to your data and you can read all about their security on their website. We use other service providers to help us with the operation of the business. Most importantly, we use Stripe for accounts receivable and so if you are a customer, your invoice information will be contained within our Stripe account. You also have the option to link your payment method to Stripe. We rely on Stripe for all payment data. If we take you out to dinner sometime in 2021 and beyond, your name may also appear in our accounting software as part of the receipt. We also use Linkedin for sales prospecting and Pipedrive for our sales CRM. Eventually, we may use other tools and we intend to update this statement when we do. We do comply with law and any valid legal requests, such as subpoenas etc. We will seek to contact you first if the subpoena or other legal request pertains to your personal data and we will also seek to limit the scope of any response. If we are unable to reach you by the deadline, then we may share your personal data without your knowledge. We are sorry about that, but you just need to check your email or listen to your voicemails or respond to the LinkedIn connection or whatever other method of contact we have for you. We may also disclose your personal information if we believe it is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of ClearOPS, our customers, users, employees, or others. We reserve the right to sell the company. In that case, we may sell, transfer or otherwise share some or all of our assets, including your information, whether personally identifiable or not, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.

Third Parties

Our website contains several links, including to Medium, who hosts our blogs, to Tag Cyber Law Jouranl, to the IAPP, to a radio show, to a podcast, to Calendly (a service provider) for demo appointments and to Mailjet (a service provider) for newsletter subscriptions. If you click on those links or submit your personal information to them through a contact page on our website, we cannot guarantee the safety of your personal information i.e. those sites likely use cookies and other trackers or third parties and we have no control over that.

Retention of Personal Data

If you are a customer, you have control over the information you provide to us and may delete it or transfer it to another provider at any time. However, we will still retain some information about you such as the original contracts between you and us, payment history, invoice history, performance metrics, emails, texts and case studies on your use of our services. We may also retain copies of your documents, questionnaires etc. in our backups until the backups are purged. Contact us at privacy@clearops.io for more information or to discuss options.

CCPA Privacy Policy

The California Consumer Privacy Act ("CCPA") is a comprehensive privacy law that took effect on January 1, 2020.  CCPA is a step forward in the United States for shaping data protection requirements.The CCPA creates several new rights so individuals may control access and use of their personal information. These include the right to access or delete personal information collected by a business and the right to opt out of a "sale" of their personal information.  However, transfers to "service providers" are not considered "sales." ClearOPS is a "service provider" as defined under the CCPA. ClearOPS does not sell personal information. ClearOPS does (a) engage other service providers as subcontractors, where the subcontractor also meets the requirements for a service provider under the CCPA; (b) use personal information for providing the services and for internal use by ClearOPS to build or improve the quality of our services, but that use does not include building or modifying household or consumer profiles, or cleaning or augmenting personal information acquired from another source; (c) use personal information to detect security incidents; and (d) use personal information to protect against fraudulent or illegal activity or for reasons specified in CCPA, subsections 1798.145(a)(1) – (a)(4) (e.g., to comply with laws).

GDPR Privacy Policy (Data Protection Rights)

The European Union (“EU”) privacy regulation, the General Data Protection Regulation (“GDPR”) went into effect on May 25, 2018. The GDPR impacts companies located in the EU or when they are processing data of EU residents, among other criteria. ClearOPS strives to meet global privacy regulations and is committed to GDPR compliance. The principles of GDPR include putting the data subject in control of their data, providing them with access and correction rights, minimizing data collection, securing the data and maintainin accuracy of the data. It is important to note, there is no certified compliance program for the GDPR, and there is no set checklist of required actions for GDPR compliance.  As a result, GDPR compliance is a continual process for ClearOPS.

As of the date written above, ClearOPS does not have any EU offices but it will enter into standard contractual clauses for the processing of contact information provided in questionnaires. As of July 16, 2020, the CJEU invalidated the Privacy Shield. ClearOPS did not seek self-certification and therefore did not rely on the EU-U.S. Privacy Shield prior to July 16, 2020, nor does it after such date.

Children, Others

Our website is not targeted at children and we don’t know why any child would be interested in our website or services.  We are aware that those outside of the United States may be interested in our services. Under GDPR, we are considered a controller since the information we collect is our customer’s business information. If you do reside outside of the United States, all our databases are located in the United States.

Changes

We are a young company and our services will be changing and, for that reason, so will this privacy statement. We will post changes on this website with a corresponding date of the change. To see a copy or comparison of past privacy policies, please sign up for our SPR services. If you have specific questions about a change, you may also email us at privacy@clearops.io.