Privacy & Security
Your privacy and personal information is very important to Us. We will not disclose any of your personal information to anyone unless it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, and in order to establish, exercise or defends its legal rights.
How We Collect and Use Information:
Email Addresses, Postal Addresses, and Telephone Numbers
The Company is primarily in the business of aggregating publicly-available business contact information. We only collect this information using lawful means and our collection and use of such information is a legitimate business interest within the meaning of the General Data Protection Regulation of the European Union and the analogous laws of the United Kingdom (all together, the “GDPR”). We will only retain personal information as long as necessary for the fulfillment of those purposes.
Before or at the time of collecting personal information, we will identify the purposes for which information is being collected. We will collect and use of personal information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.
We will collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.
Personal data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.
We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
We will make readily available to customers information about our policies and practices relating to the management of personal information.
Aggregate Site Statistics
We collect, in aggregate form only, the domain names of visitors to our site, as well as statistics about our sales, traffic patterns and related site information. These statistics include no personally identifying information and are used for marketing, sales reporting or improving the design of our website. This information is “pseudonymous” within the meaning of the GDPR.
Security & Encryption
Every request placed on he Website is protected by a standard SSL (Secure Socket Layer). This means that the pages you view in your shopping cart or any other place on our website that should be kept private are and protected from outside intrusions.
We collect two types of information through various avenues, as further explained below: Personally Identifiable Information and Non-Personally Identifiable Information.
Personally Identifiable Information.
Personally Identifiable Information means any information that identifies you or can be used to identify or contact you (“Personally Identifiable Information”). Such Personally Identifiable Information may include, but is not limited to, your name, address, email address, telephone number, date of birth, and billing and credit/debit card information. We may request Personally Identifiable Information from you when you register for an Account, sign up for one of our Service Plans or contact us.
Non-Personally Identifiable Information. When you access the Service or become a registered user of the Service by creating an account, we may collect information that by itself cannot be used to identify or contact you, such as demographic information (such as age, profession, or gender) (“Non-Personally Identifiable Information”). Non-Personally Identifiable Information may also include user IP addresses, browser types, operating system, a time-stamp, and other browser or device information, part of the Service a user accesses, domain names, and other anonymous statistical data involving the use of the Service. Non-Personally Identifiable Information is used to help us understand who uses the Service and to improve the Service.
Many of the Services require you to sign up with the Site and/or create an account. When you sign up with the Site or create an account, we collect the information you submit and other information you provide, which will include both Personally Identifiable Information and Non-Personally Identifiable Information.
a. Public Data
UpLead aggregates and compiles data and information from the census, data suppliers and compliers, news outlets, public directories, web forms and from publicly available information and sources. Some of our services involve using and making available to our users Personally Indefinable Information.
Our lawful basis for processing this data we gather from public sources is our legitimate interest.
We reserve the right to collect information from or about the computers, phones, or other devices where you install or access our Site and/or Services. We may associate the information we collect from your different devices, which helps us provide consistent Services across your devices. Here are some examples of the device information we collect:
Attributes such as the operating system, hardware version, device settings, file and software names and types, and device identifiers.
Device locations, including specific geographic locations, such as through GPS, Bluetooth, or WiFi signals.
Connection information such as the name of your mobile operator or ISP, browser type, language and time zone, mobile phone number and IP address.
When you use a mobile device like a tablet or phone to access our Service or Site, we may access, collect, monitor, store on your device, and/or remotely store one or more “device identifiers.” Device identifiers are small data files or similar data structures stored on or associated with your mobile device, which uniquely identify your mobile device. A device identifier may be data stored in connection with the device hardware, data stored in connection with the device’s operating system or other software, or data sent to the device by Company.
c. Information From Third-Party Business Partners.
For Site visitors and others who access or use the Services: may we receive information about you and your activities on and off the Site from third-party business partners and Service Providers, such as information from a partner when we jointly offer services or from an advertiser about your experiences or interactions with them.
d. Information About Payments.
If you use our Services for purchases (such as buying one of our plans), we may utilize a Service Provider in some cases to process that payment and will collect information about the purchase or transaction. This includes your payment information, such as your credit or debit card number and other card information, and other account and authentication information, as well as billing, shipping and contact details.
e. Cookies And Other Device Identifiers
Your Internet browser has the in-built facility for storing small files – cookies. “Cookies” are tiny text files that identify your mobile device or computer to our server as a unique user when you visit certain pages of the Service and they are stored by your Internet browser on your mobile device’s or computer’s hard drive. Cookies can be used to (i) recognize your Internet Protocol (IP) address, and/or (ii) help you save you time (a) while you are accessing/using the Service, or (b) when you want to enter the Service.
Our Service takes advantage of the cookies and other device identifying technologies to enhance your experience. When you browse the Internet using your computer or your mobile device, we may also use such cookies, device identifiers, or similar technologies in order to target or re-target advertisements to you. Your browser can be set to not accept cookies, but if you elect to do so, some parts of the Service may not work properly function on your mobile or desktop device.
In addition to cookies, we may use tracking pixels or web beacons, which are clear graphic images that can be placed in websites or emails to convey information about whether a page has been visited or whether an email has been opened. We may also utilize web beacons and similar technologies as part of Service performance monitoring.
The Website is not directed at children. In accordance with federal law, we do not solicit or knowingly collect information from children under age 13 without the verifiable permission of a parent or guardian. If the Company learns that a child under the age of 13 has submitted information online without parental consent, it will not use such information for any purpose (except where necessary to protect the safety of the child or others as required or allowed by law) and will take all reasonable measures to delete such information from its databases by identifying such information for a purge process. If you become aware of any information we have collected from children under 13, please contact us as provided below.
RIGHT TO REMOVAL OF POSTED INFORMATION – CALIFORNIA MINORS
If you are under 18 years of age, reside in California, and have a registered account with the Company, you have the right to request removal of unwanted information that you publicly post on the Website or that you submit to Us. To request removal of such information, you can contact email@example.com.
YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA
By using the Site, you can exercise the following rights:
I. Refusing To Provide Your Personal Data
The voluntary personal data and Personally Identifiable Information you provide to us is an integral part of your use of the Site. You can choose to forego the provision of that data, but you will be restricted from using our Services.
II. Accessing, Obtaining, Modifying, And Deleting Your Personal Data
If you’d like to remove any information about you that we are storing or that you have provided, or delete your account, you can email us at firstname.lastname@example.org. After we receive a request to delete any information or your account, we will delete all of your personal data from you systems as quickly as possible. At that point, it will be deleted from our system but kept in encrypted backups for an additional 30 days. After that, you will be scrubbed from our system and backups.
III. Submitting A Complaint
If you would like to submit a complaint to us about the way in which your personal data is handled, please contact us at email@example.com. After you submit such a complaint, we will contact you within three (3) business days confirming that we have received your complaint. Afterwards, we will investigate your complaint and provide you with our response within a reasonable timeframe but in no event later than two (2) weeks.
IV. Launching A Complaint With A Data Protection Authority
You can reach out to us anytime you are unhappy with the processing of your Personal Data. You can also undertake the following:
U.S. Residents: If you’re located in the United States, the collection of your Personally Identifiable Information, is subject to investigation and enforcement by the Federal Trade Commission (“FTC”). We’re committed to resolving any complaints about the handling of your personal data as quickly and efficiently as we can, but if you’re not happy, you can lodge a complaint with the FTC.
E.U. Residents: If you are a resident of the European Union and you are not satisfied with the outcome of your complaint as you submitted it to us, you have the right to lodge a complaint with your local data protection authority.
YOUR CALIFORNIA PRIVACY RIGHTS
NOTICE TO RESIDENTS OF THE EUROPEAN UNION AND THE UNITED KINGDOM
This notice is intended to provide you with information about how the Company collects, uses, and distributes information that we collect from you. Nothing in this notice should be construed as amending, modifying, replacing, or otherwise affecting the terms and conditions of any transactions between you and the Company, except that to the extent any such terms and conditions are inconsistent with the General Data Privacy Regulations of the European Union and the equivalent rules of the United Kingdom and any other applicable jurisdiction (altogether, the “GDPR”) those terms and conditions are VOID.
The Company complies with the provisions of the GDPR to the fullest extent of its ability as to any information regarding any person subject to the GDPR. Your use of the Company’s website or any of its products or services makes you such a person to the extent that the Company receives any data from you. The Company only processes such data where it has a lawful reason to do so, including your consent, a requirement under a valid contract, compliance with a legal obligation, or the legitimate interest of the data controller (us) or a third party. We provide notices under GDPR Article 13 and GDPR Article 14 as appropriate. We honor the rights of data subjects, including the “right to be forgotten.” For any requests under any provision of GDPR, please find our contact information below.
Nothing in this GDPR COMPLIANCE NOTICE SECTION shall apply to any person not subject to the jurisdiction of any member nation of the European Union or of the United Kingdom.
The Company collects certain information from and about you. This notice will explain what this information is, how it is used, what third parties receive it, and how you may instruct the Company not to collect, retain, or use certain of that information, and how to instruct us to delete this information from the Company’s own records. Please see below for: What Personal Information We Collect From You, What Non-Personal Information We Collect About You, a List of Third Parties Who Receive Information You Provide Us With Their Contact Information, and Instructions For Exercising Your Right To Instruct Us To Forget Your Information.
- What Personal Information We Collect from You.
- Any information that you enter into any text field on any wepbage on this or any associated webpage will be collected by the Company for internal use except where noted otherwise in this notice.
- The Company uses Facebook and Google for advertisement. Pursuant to the normal operating procedures of Facebook and Google, our advertisements may be based upon data used or supplied by those companies, which may or may not include your information depending on your usage of and agreements with Facebook and Google. Facebook and Google are not third parties for purposes of this section; the Company does not transmit personal information of any person to Facebook or Google, though it may make use of information provided to the Company by those companies.
- The Company will use your email address to send out regular newsletters and other contacts through its email marketing platforms, Intercom and SendGrid (the “Contact Tools”). The Company does not send unsolicited emails through the Contact Tools; to the extent that you have provided the Company with your email address, you agree that you wish to receive emails from the Company unless you opt out either through a link available in such emails or by contacting us directly.
- Your payment information is collected by our payment platform, Braintree, in an encrypted form and is passed on to the Company’s merchant services provider, Braintree (the “Merchant Services Provider”), for purposes of securing payment between yourself and the Company. The Company does not collect payment information from you except to the extent that the Company forwards your “BUY” request directly to the Merchant Services Provider with neither the ability nor the intent to intercept or collect any such payment data. The Merchant Services Provider only receives information necessary to verify that any payments between yourself and the Company are authorized. The Merchant Services Provider will use encrypted tools to communicate with your bank, your credit card provider, PayPal, or whatever other account you use to pay for products and services from the Company. Your credit card information or other payment information is not retained by the Company except as provided below. The Company does not maintain records of your credit card number or other payment information. The Merchant Services Provider is the merchant of record of the Company. The Company will also receive information from its Merchant Services Provider such as the fact that a transaction was placed, the amount paid, and the amount actually received. This information is “pseudonymous” within the meaning of the GDPR, meaning that the Company cannot identify a specific person by that information.The Merchant Services Provider is a third party for purposes of the GDPR.
- The Company uses “cookies.” Cookies are small files that are you communicated to your web browser so that the Website can remember the selections and inputs you have made from one webpage to another within the Website. For example, if you create an account and make an offer to pay for a product or service and then proceed to checkout, the Website will use a cookie to ensure that information from catalog webpages is accurately received by the checkout webpage. If you do not wish to receive cookies from the Website, please contact us at the information below and discontinue using the Website.Cookies are provided by Amazon, and are also installed from time to time by Google and by Facebook, our web support tools and other partners (the “Web Host”). The Web Host is a third party for purposes of the GDPR.
Other digital support is provided by Intercom (the “Support Platform”). The Support Platform does not collect any information from you unless a technical support record is made, at which time the Support Platform will receive and become aware of any information that you send to the Support Platform according to their own protocol. This will include your email address. The Company does not send personal information to the Support Platform.
- What Non-Personal Information We Collect About You
- The Company collects certain non-personal information about you. By “non-personal information,” we mean information about you that cannot be used, and is not stored, in a way that can identify you. This information is “pseudonymous” within the meaning of the GDPR.
- The Website will collect information about your location based on your IP address. An IP address is a non-static identifier that allows the Company to know, in general terms, where its users are located. An IP address is not the same as a physical address, and is not the same as either your shipping address or your billing address.The Company uses your IP address for internal purposes such as knowing which countries provide certain percentages of its users. The Company does not verify your IP address or connect it to your shipping or billing address for purposes of checkout. Your IP is not and cannot be used by the Company to identify you personally. The Web Host will also know your IP address for purposes of logging visits to the Website from your IP address and for preventing distributed denial-of-service attacks, which are disruptive attacks on websites caused by very large numbers (hundreds of thousands or more) of near-simultaneous visits to the Website.
- The Company collects information such as the number of users visiting the website at any given time, the times during which visitors visit the Website, the length of time that users use the website, which pages they visit, and what other actions they take while on the website. This information is collected by the Website and is provided in an anonymized form to the Company’s data analytics provider, which is Google Analytics (the “Data Analytics Provider”). This information is used by the Company to track the engagement, general geographic origin, and headcount of its users. This information is combined together to provide general demographic information on the Website’s users. This information is not and cannot be used to identify you specifically.The Data Analytics Provider is a third party for purposes of the GDPR.
- Sharing Your Information
We may share your Personally Identifiable Information as well as information from tools like cookies, log files, and device identifiers and location data, with third-party organizations that help us provide the Service to you, the “Service Providers”. Our Service Providers, as identified below, will be given access to your information as is reasonably necessary to provide the Service under reasonable confidentiality terms.
The Service Providers we currently use help us with our Services, payment processing, advertising, analytics, disaster recovery, information technology, storage, image processing and content delivery, among others. For the Service Providers that we utilize who also process your Personal Information, we have appropriate security and contractual measures (like encryption and data processing agreements) to ensure that your Personal Information always gets treated in compliance with the policies laid out here as well as applicable law.
Our third party Service Providers currently include the following:
- Streak CRM
- Other Disclosures
We may disclose depersonalized data (such as aggregated statistics) about the users of our Site in order to describe our sales, customers, traffic patterns and other site information to prospective partners, advertisers, investors and other reputable third parties and for other lawful purposes, but these statistics will include no personally identifying information.
To generally cooperate with any lawful investigation about our users; or
If we suspect any fraudulent activity on the Site.
Otherwise, if we you get your explicit, unambiguous, and prior consent to share your personal data with anyone, we’ll do so.
- Anonymous Data And Aggregate Data
We may derive and create data and information about the use of the Site’s and the Company’s services by our users (“Use Data”) that is then aggregated and made anonymous, meaning the personal data is removed from the Use Data so that the resulting information cannot be used to identify any single user or individual.
We may then use that resulting anonymous and aggregated data for the purposes of creating statistics and analytics data, which will be used by the Company for its own business purposes, including maintaining and improving our services.
- Business Transfers
We may sell, transfer or otherwise share some or all of our assets, including your Personally Identifiable Information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.
- Instructions For Exercising Your Right To Instruct Us To Forget Your Information
- The GDPR provides a generalized “right to be forgotten,” meaning that you have the right to instruct us to delete any and all information that the Company, the Website, or any of the third parties collects about you. Please contact us at firstname.lastname@example.org in order to instruct us to forget any or all of the information that the Company, the Website, or any of the third parties collects about you.