PRIVACY, SECURITY AND TRANSPARENCY
Thank you for visiting the website and other online resources published by Understand.me LLC, an Idaho limited liability company. Our privacy statement, contained in the pages that follow, serves to give notice about the types of personal information we collect, how we use it, who we share it with and why, and what we do to try to protect it. We delve into those matters in a fair amount of detail in the pages that follow. We encourage you to read them carefully. In the meantime, we provide a quick overview below.
Understand.me Services and You
Understand.me acts as an online resource for personality and behavioral assessments for individual consumers both in the United States and internationally.
What do we collect?
There are two types of information that we obtain from you online and then store and use:
non-personal information that’s collected automatically from each visitor, such as your device operating system; and
personal information that you voluntarily provide to us or that is collected automatically.
The type of information collected by Understand.me depends on how you are using our services.
Why do we use it?
We use non-personal information to administer our online resources, make them better, and to make business decisions about what programs our customers might like.
We use voluntarily provided personal information to respond to your inquiries and provide you with the services you have requested, amongst other uses as further described below. We may sell or transfer your personal information to third party data vendors, affiliates, or marketing companies. As you might expect, we disclose your information when required by law.
When do we share it?
We share personal information when needed to fulfill our legal obligations and when our vendors and business partners need it to perform under the contracts we have with them. Although we are not currently selling your personal information, we may sell personal information to third party data brokers or marketing companies in the future.
Your Privacy Choices and Rights
You do not have to provide personal information to enjoy most of the features of our online and mobile resources. Moreover, you can opt out of certain activities like newsletters and announcements. You may have certain additional rights depending upon the jurisdiction in which you reside, or in which your personal data was collected from, pursuant to the applicable data protection laws.
Questions about this highlights page or our online privacy statement may be sent to Understand.me LLC, ATTN: Legal & Compliance Department, 3443 W. Bavaria Street, Eagle, Idaho 83616 or email@example.com.
The English language version of this privacy statement is the controlling version regardless of any translation you may attempt.
NAVIGATING THROUGH THIS STATEMENT
You can use the links below to navigate to areas of this statement that apply specifically to you, or which may otherwise be of interest:
Who Do We Collect Personal Information From?
What We Collect
When/With Whom Do We Share Personal Information?
Your Rights And Options
How Do We Protect Collected Personal Information?
The California Consumer Privacy Act
The EU General Data Protection Regulation
Rights of Data Subjects in Other Jurisdiction
Changes To This Privacy Statement
Understand.me LLC (“Understand.me,” “us,” “we,” or “our”) thanks you for visiting the online and mobile resources we publish. We use the words “you” and “your” to mean you, the reader, and other visitors to our online and mobile resources who are, in all cases, over the age of 13. Our privacy statement (“this statement,” “this privacy statement,” and “our statement”) informs you about from whom and the types of personal information we collect, how we use it, who we share it with and why, and what we do to try to protect it.
Online and mobile resources means the websites and other internet features we own that allow you to interact with our websites, as well apps we’ve created and distributed to let our customers and followers view our online and mobile resources or otherwise interact with the content we provide.
WHO WE COLLECT PERSONAL INFORMATION FROM
We may collect personal information from the following groups of data subjects: visitors to, and users of, our online and mobile resources; and third party vendors and business partners. The personal information we collect depends on how you are using our services.
Personal information generally means information that can be used to identify you or that can be easily linked to you (for example, your name, address, telephone number, email address, social security number and date of birth). The privacy laws in some jurisdictions include unique elements in what they consider to be the personal information of the consumers or data subjects they protect. If those laws apply to us, as in the case of the California Consumer Privacy Act (“CCPA”) or European General Data Protection Regulation (“GDPR”), our use of the phrase “personal information” includes the unique elements required by such laws.
The categories of information we collect from each of these groups, and the ways in which we use it, differs. As you may have noticed, it’s possible that the same person could fall into more than one group. Most of this statement addresses our processing and sharing of personal information collected from visitors to and users of our online and mobile resources.
WHAT WE COLLECT
There are two general types of information that we obtain from you online and then store and use: (i) non-personal information that’s collected automatically from each visitor, such as your device operating system; and (ii) personal information that you voluntarily provide to us or that is collected automatically.
By using our online and mobile resources or purchasing our products or services, you are signifying to us that you agree with this section of our privacy statement and that we may use and disclose your information as described.
Voluntarily Submitted Information.
If you participate in certain activities via our online and mobile resources, you may be asked to provide us with information about yourself. The types of personal information we collect in those situations includes identifiers (such as your name, email address, physical address, and phone number), professional information (such as the business you are in, job function, job title, department, and the name as size of your organization), and financial account information (such as your credit card information). We may share voluntarily submitted personal information with our affiliated third parties.
If you don’t want us to collect this type of personal information, please don’t provide it. This means you shouldn’t participate in the activities on our online and mobile resources that request or require it and you may want to communicate with us by phone or regular mail instead. Participation is strictly your choice. Not participating may limit your ability to take full advantage of the online and mobile resources, but it will not affect your ability to access certain information available to the general public on the online and mobile resources.
Some of the ways you voluntarily give us your personal information and how we use it:
As a Site Visitor: You may be asked to enter your personal details on an online form to receive additional information. Cookies may be used to track site usage to assist in product development or monitor behavior for marketing purposes. International visitors may be asked to expressly consent to cookie usage. Additionally, you will have an opportunity to provide us with voluntarily given information to use the products and services offered by us.
Automatically Collected Information.
When you visit our online and mobile resources, basic information is passively collected through your web browser via use of tracking technologies, such as a “cookie” which is a small text file that is downloaded onto your computer or mobile device when you access the online and mobile resources. It allows us to recognize your computer or mobile device and store some information about your preferences or past actions.
The internet activity information collected through cookies and other similar means includes such things as: the domain name and IP address from which you accessed our online and mobile resources; the type of browser and operating system you use; the date and time and length of your visit; the specific page visited, graphics viewed and any documents downloaded; the specific links to other sites you accessed from our online and mobile resources; and the specific links from other sites you used to access our online and mobile resources.
Additionally, if you access our online and mobile resources from a phone or other mobile device, the mobile services provider may transmit to us uniquely identifiable mobile device information which allows us to then collect mobile phone numbers and associate them with the mobile device identification information. Some mobile phone vendors also operate systems that pinpoint the physical location of devices and we may receive this information as well if location services are enabled on your device. If you do not want us to collect and use geolocation data, disable location services through your device settings.
Regardless, we use both automatically collected information and mobile device information to compile generic reports about popular pages on our online and mobile resources, and to see how our customers and followers are accessing our online and mobile resources. We then use that data to administer the online and mobile resources and make them better, make your activities more convenient and efficient and to enhance the functionality of our online and mobile resources, such as by remembering certain of your information in order to save you time.
We use and retain your personal information in accordance with applicable law and as long as necessary to carry out the purposes described above in accordance with our internal data retention procedures.
User Beware: External Sites, Apps, Links and Social Media.
We may maintain a presence on one or more external social media platforms such as Twitter, Facebook, YouTube and LinkedIn. We may further allow features of our online and mobile resources to connect with, or be viewable from, that external social media presence. Similarly, our online and mobile resources may contain links to other websites or apps controlled by third parties.
WHEN/WITH WHOM DO WE SHARE PERSONAL INFORMATION
We use non-personal information to administer our online and mobile resources, make them better, and to make business decisions about what programs our customers might like.
We use voluntarily provided personal information for our legitimate interests, including to respond to your inquiries and provide you with the services you have requested, amongst other uses as further described below. We do not sell or rent your personal information to third party data vendors or marketing companies. As you might expect, we disclose your information when required by law. We may use your personal information when we have your consent to do so, where required or permitted under applicable law.
In addition to those third parties set forth above, we may share your information, including personal information, within our family of companies. Those companies will use such information in generally the same manner as we do under this privacy statement which includes sending you information about their products, services, or initiatives that may be of interest to you.
Legally Compelled Disclosures.
We may disclose your information, including personal information, to government authorities, and to other third parties when compelled to do so by such government authorities, or at our discretion or otherwise as required or permitted by law, including but not limited to responding to court orders and subpoenas. We may do so without providing any notice to you.
To Prevent Harm.
We may disclose your information, including personal information, when we have reason to believe that someone is causing injury to or interference with our rights or property, other users of the online and mobile resources, or anyone else that could be harmed by such activities.
If we or any of our affiliates, or substantially all of its or their assets, are acquired by one or more third parties as a result of an acquisition, merger, sale, reorganization, consolidation, or liquidation, personal information may be one of the transferred assets.
Vendors and Business Partners.
We may share your information, including personal information, with our vendors and other third parties with whom we have a contractual relationship. We do our best to disclose only the information each of those parties need.
We have adopted standards for those vendors and business partners who receive personal information from us. We attempt to bind such vendors and business partners to those standards via written contracts. We further attempt to contractually restrict what our vendors and business partners can do with the personal information we provide to them such that it is used only to the extent necessary to carry out the business purpose for which it was provided; is not disclosed to anyone else without our consent or under our instruction; remains, as between us and the applicable vendor or business partner, our property; and is not transferred out of the United States without our consent.
Please note, however, that we cannot guarantee that all of our vendors and business partners will agree to these contractual requirements; nor can we ensure that, even when they do agree, they will always fully comply.
YOUR RIGHTS AND OPTIONS
You do not have to provide personal information to enjoy most of the features of our online and mobile resources. Moreover, you can opt out of certain activities like newsletters and announcements. Data subjects in certain locations, or whose personal data was obtained while they were in certain locations, may have additional rights pursuant to the applicable data protection laws.
GDPR Jurisdictions means the countries composed of the European Economic Area, the United Kingdom (which soon will leave the European Union), Switzerland and Japan which, having received an “adequacy decision” from the European Commission, adheres to the material terms of the GDPR.
With respect to data protection legislation in the EEA, UK, and Switzerland, we may act as a “Data Processor” concerning user/customer/shopper information of EU/EEA/UK/Swiss-based persons that is transmitted to Understand.me either through a merchant or directly in order to process a purchase transaction. There may be instances where we act as a “Data Controller”, such as when preserving transaction records in accordance with regulatory or industry requirements.
Individual users from the EU/EEA or other regions with laws governing data collection and use, should note that you are agreeing to the transfer of your personal information to the United States and other jurisdictions in which Understand.me may operate. By providing your personal information with respect to a transaction or express consent mechanism, you consent to any transfer and processing in accordance with this policy.
If we are using personal information you provided to us in order to enable us to send you materials, such as newsletters or product alerts via text or email, and you decide you don’t want to receive such materials, you may opt out by following the opt-out instructions in the email or other communication (e.g., by responding to the text with “STOP”), or by contacting us using the contact information below. When we receive your request, we will take reasonable steps to remove your name from our distribution lists. You need to understand it may take a period of time to remove your name from our lists after your request and due to such latency you may still receive materials for a period of time after you opt out. In addition to opting out, you have the ability to access, amend, and delete your personal information by contacting us using the contact information below.
Some browsers have a “do not track” feature that lets you tell websites that you do not want to have your online activities tracked. At this time, we do not specifically respond to browser “do not track” signals.
Our services are not intended for use by any person under the age of 18. Federal laws impose special restrictions and obligations on commercial website operators who direct their operations toward, and collect and use information from, children under the age of 13. We take those age-related requirements very seriously, and consistent with it do not intend for our online and mobile resources to be used by children under the age of 13 without first obtaining the verifiable consent of such child’s parent or legal guardian. Moreover, we do not knowingly collect personal information from minors under the age of 13, only a parent or legal guardian may provide such information after adhering to our verification process for submitting such information via the online and mobile resources. If we become aware that anyone under the age of 18 has submitted personal information to our online and mobile resources without such parental or legal guardian approval and that is not an integral part to accessing or using our Services, we will delete that information and will not use it for any purpose whatsoever. If you believe that someone under the age of 18 has submitted personal information to our online and mobile resources, please contact us at firstname.lastname@example.org. We encourage parents and legal guardians to talk with their children about the potential risks of providing personal information over the Internet.
HOW WE PROTECT COLLECTED PERSONAL INFORMATION
We will take all reasonable security precautions to protect your personal information provided to our online and mobile resources. We have adopted a security program that includes technical, organizational, administrative, and other security measures designed to protect, in a manner consistent with accepted industry standards and applicable law, against anticipated or actual threats to the security of personal information (the “Security Program”). We cannot, however, guarantee that your information, whether during transmission or while stored on our systems or otherwise in our care, will be free from unauthorized access or that loss, misuse, destruction, or alteration will not occur. Except for our duty to maintain the Security Program under applicable law, we disclaim any other liability for any such theft or loss of, unauthorized access or damage to, or interception of any data or communications including personal information. We have every reason to believe our Security Program is reasonable and appropriate for our business and the nature of foreseeable risks to the personal information we collect. We further periodically review and update our Security Program, including as required by applicable law.
Nonetheless, as part of our Security Program, we have specific incident response and management procedures that are activated whenever we become aware that your personal information was likely to have been compromised. We further require, as part of our vendor and business partner oversight procedures, that such parties notify us immediately if they have any reason to believe that an incident adversely affecting personal information we provided to them has occurred.
THE CALIFORNIA CONSUMER PRIVACY ACT
When we collect personal information from California residents we become subject to, and those residents have rights under, the California Consumer Privacy Act or “CCPA”. This section of our statement is used to allow us to fulfill our CCPA obligations and explain your CCPA rights. For purposes of this section, the words “you” and “your” mean only such California residents.
What did we collect from California Residents?
We collect the following categories of personal information: identifiers such as name, address, IP address, and other similar identifiers; personal information described in subdivision (e) of Section 1798.80 (California customer records statute) such as a name, address, telephone number, credit card number; commercial information such as products or services purchased; internet/electronic activity such as browsing history and search history; geolocation data including geographic coordinates/physical location; and audio, video, electronic or other similar information. We have disclosed these categories of personal information for a business purpose within the last 12 months. We do not sell, and within the last 12 months have not sold, personal information to third parties.
Rights of California Residents
You have the following rights under the CCPA, in summary disclosure, access and delete. More information can be found here. It’s important to us that you know that if you exercise these rights, we will not “discriminate” against you by treating you differently from other California residents who use our sites and mobile resources or purchase our services but do not exercise their rights.
You can exercise these rights up to two different times every twelve (12) months. To do so, just contact us at email@example.com or +1 (208) 584-1327. We may ask you to fill out a request form. The CCPA only allows us to act on your request if we can verify your identity or your authority to make the request so you will also need to follow our instructions for identity verification.
If you make a verifiable request per the above, we will confirm our receipt and respond in the time frames prescribed by the CCPA.
THE EU GENERAL DATA PROTECTION REGULATION
We do collect or otherwise obtain personal information from data subjects located in the GDPR Jurisdictions. We fulfill our GDPR obligations with respect to our workforce/job applicants, our customers (and their own end-clients), and our vendors and business partners through a series of separate notices, contracts or other terms provided to them at the time, and in the manner and form, GDPR and local law within each GDPR Jurisdiction requires.
We describe, in the immediately following section of this statement, how we comply with the GDPR for personal information collected from visitors to and users of our online and mobile resources while they were in a GDPR Jurisdiction. Thus for purposes of that section, the words “you” and “your” mean only such GDPR Jurisdiction-based visitors and users.
What do we collect from you in the GDPR Jurisdictions and how do we use it?
We collect from you the categories of personal information already described. The lawful basis on which we rely for such collection, later use and disclosure, is what the GDPR refers to as legitimate interest. As stated elsewhere in this statement, we do not sell any of your personal information to third parties nor do we use it for automated decision making.
Cross-border Data Transfers and Third Party Processors
If we transfer personal information from the GDPR Jurisdictions to a location that has not been deemed by the European Commission to have adequate privacy protections, we do so in the manner the GDPR permits.
Rights of Data Subjects in the GDPR Jurisdictions
While we attempt to allow all visitors and users of our online and mobile resources to exercise a degree of control over their personal information, under the GDPR we have a legal obligation to do so for you. More specifically, with respect to personal information collected from you while you were in a GDPR Jurisdiction, you have these rights: transparency, access, correction and deletion, portability, who, what, why and where, and restriction/objection (for more information click here).
If you would like to exercise any of these rights, please contact firstname.lastname@example.org. Your ability to exercise these rights is subject to certain conditions and exemptions that you can read about in Articles 12 through 23 of the GDPR. Among those conditions is our right to decline part or all of a request if we cannot satisfy our reasonable doubts and concerns about your identity in a manner that helps us minimize the risk that unauthorized persons might use a GDPR right to access your personal information. We will respond to all requests without undue delay, and in accordance with the time frames, if any, prescribed by the GDPR. If you are not satisfied with how we use your personal information or respond to your requests, you have the right to complain to your data protection regulator. Contact information for the EU data protection regulators can be found here.
Pursuant to Article 27 of the GDPR, you may contact our EU representative using the following contact information:
Attn: Legal & Compliance Department
3443 W. Bavaria St.
Eagle, Idaho 83616
RIGHTS OF DATA SUBJECTS IN OTHER JURISDICTIONS
In other jurisdictions, with similar data privacy regulations, we may collect from you the categories of personal information already described. We collect and manage (including disclose) such data in compliance with applicable local law(s). As noted, we do not sell any of your personal information to third parties nor do we use it for automated decision making.
CHANGES TO THIS PRIVACY STATEMENT
The English language version of this privacy statement is the controlling version regardless of any translation you may attempt.
We reserve the right to change or update this statement from time to time. Please check our online and mobile resources periodically for such changes since all information collected is subject to the statement in place at that time.
If you have questions about our privacy statement or privacy practices, please contact us at:
Attn: Legal & Compliance Department
3443 West Bavaria Street
Eagle, Idaho 83616