Version 2.0 - Effective January 1st, 2022
First things first
At Conveyor our mission is to help build trust on the internet. As a result, our goal is to set a high standard for protecting the privacy of your information. This Privacy Statement transparently describes what you can expect Conveyor to do with your personal data, including how we collect, use, protect and share your information.
If you would like to learn how Conveyor uses information about your business, such as your customers and your trust posture, to provide the network, please see our FAQ.
This privacy statement applies to the information we collect, receive, or use on or in connection with websites owned or controlled by Conveyor, Inc., a Delaware corporation ("Conveyor" or "we" or "our" or "us"), including www.conveyor.com, applications, products, features, services, marketing, email or other site-related electronic communications, whether online or offline, or any portion thereof (collectively, the "Service").
This Privacy Statement does not apply to personal information arising from Coveyor’s employment-related activities. Except to the extent that a third party provides services on our behalf (such as a SaaS vendor), this Privacy Statement also does not apply to the practices of third parties to which we may link or otherwise refer you, such as consultants, pen testing firms, audit firms, and other vendors.
Personal data we collect
For purposes of this Privacy Statement, "Personal Information" means information from or about you that identifies you directly and information that is associated with you and thus could potentially identify you, including when combined with other information from or about you.
"Sensitive Personal Information" includes data about racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union memberships, genetic and biometric data when used for identification purposes, and data about health, sex life, and sexual orientation.
We only collect the minimum personal data necessary and we don’t use automated decision making or profiling techniques.
The personal data we collect could generally cover these categories under the California Consumer Privacy Act:
- Identifiers (e.g. real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers)
- Categories of personal data from s. 1798.80 (e) California Consumer Privacy Act (e.g. name, address, telephone number)
- Commercial information (e.g. information regarding products or services purchased, obtained, or considered)
- Electronic network activity information
- Geolocation data
- Professional or employment-related information
Why We Collect Information from and about you
In addition to the purposes and uses described above, we use information in the following ways:
To establish and maintain contractual relationships with our customers:
- To establish relationships with new customers
- To fulfill our obligations to current customers
- To contact customers regarding account-related issues and business communications relating to the Services, including technical notices, updates, security alerts, and administrative messages
- To enable individuals to access and use our Services
To comply with our legal obligations:
- To comply with legal obligations, including but not limited to complying with tax and financial reporting requirements
- To demonstrate compliance with applicable privacy and data security laws and regulations, such as CCPA and GDPR
- To comply with incident monitoring, reporting, assessment, and notification requirements
- To comply with other applicable criminal and civil law and regulatory requirements under federal, state, and international law
To provide services and information that you request and consent to receive:
- To provide customer service and support
- To communicate with you, including responding to your comments, questions, and requests regarding our Services
- To process and complete transactions, and send you related information, including purchase confirmations and invoices
- To provide direct marketing, email, and other distributed information distribution
To fulfill our other legitimate interests to the extent that they are not overridden by individual interests, fundamental rights, or freedoms:
- To administer, operate, maintain, and secure our website and Services
- To monitor and analyze trends, usage, and activities in connection with our Services
- To investigate and prevent fraudulent transactions, unauthorized access to our Services, and other illegal activities
- To verify compliance with our internal policies and procedures
- For accounting, recordkeeping, backup, and administrative purposes
- To customize and improve the content of our communications, websites, and social media accounts
- To educate and train our workforce in data protection and customer support
- To provide, operate, maintain, improve, personalize, and promote our Services
- To develop new products, services, features, and functionality
- To market our products and services (first-party marketing only; we do not provide personal information for use in marketing any non-Conveyor, third-party goods or services)
When possible, we will use anonymized data for these purposes, but if we do not, or if we combine it with Personal Information we will treat it in accordance with this Privacy Statement.
Sharing of Information
Except to the extent necessary to fulfill our business obligations, to accomplish one of the lawful purposes described in this Privacy Statement, or pursuant to your express instructions, we do not sell, transfer, or otherwise disclose personal information that we collect from or about you. We may share your information in the following ways:
- Affiliates and Acquisitions: We may share information with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If another company acquires, or plans to acquire, our company, business, or our assets, we will also share information with that company, including at the negotiation stage.
- With other vendors listed on the Conveyor Network: We may share your personal information with companies, organizations, or individuals outside of Conveyor when we have your consent to do so.
- When you choose to directly share your information while using our Services: When you use our Services, certain features allow you to make some of your content accessible to the public or other users of the Services (eg. sharing a security document in your Conveyor Room) . We urge you to consider the sensitivity of any information prior to sharing it publicly or with other users.
- With our vendors and business partners, to accomplish our business purposes: We may share your information with our service providers and other third parties who perform services on our behalf, listed in our Subprocessor Directory.
- When necessary to comply with laws and law enforcement requests, or otherwise to protect our rights or those of individuals: We may disclose your information (including your personal information) to a third party.
- We believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request:
- To enforce our agreements, policies and terms of service;
- To protect the security or integrity of Coveyor’s products and services;
- To respond to an incident involving personal data for which Conveyor has direct or indirect responsibility;
- To protect the property, rights, and safety of Conveyor, our customers or the public from harm or illegal activities;
- To respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person; or
- To investigate and defend ourselves against any third-party claims or allegations.
Depending on your location, you may have some rights around your personal information based on applicable laws. The following are the rights accessible to you.
- Right to information: You may ask us how we use your personal data. We inform and communicate this through our Privacy Statement and privacy notices.
- Right to access: You may request information about, and access to, the personal data that we collect from you.
- Right to rectification: You may update or correct your personal information at any time by accessing the account settings page on the website or within our platform.
- Right to be forgotten (right to deletion): You may request that we delete information that we have collected about you.
- Right to restriction of processing: You may request us to temporarily refrain from processing your personal data.
- Right to portability: You may ask for a copy of your personal data in a way that can be shared somewhere else.
- Right to withdraw consent: You may withdraw the consent you previously gave us. When you change your mind, you can let us know.
- Right to object: You may opt out or unsubscribe from any direct marketing of any form at any time by following the opt-out link attached to each communication..
Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. That said, we certainly try very hard, employing a variety of organizational, technical and administrative measures to provide a level of security appropriate to the risk associated with the personal information you trust us with. For more information, please see our Security Policy.
We retain your personal information only as long as necessary to accomplish the business purpose for which it was collected or to comply with our legal and contractual obligations. We will security dispose of customer information upon termination of contracts.
Our Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact us at firstname.lastname@example.org.
Changes to Privacy Statement
As our business evolves, Conveyor may update this privacy statement from time to time with the changes to our Service and our business, and laws applicable to us and you. When this occurs, we will notify you by revising the version and date at the top of this Privacy Statement and, in some cases, where appropriate we may provide you with additional notice (such as adding a statement to the log-in screen or sending you an email notification).
If you’d also like to be notified of material changes by email, you can sign up by emailing email@example.com with the subject “Subscribe to Privacy Statement Notifications” and telling us the email address where we should send these notifications. If you continue to use the Services after those changes are in effect, you agree to the revised statement. If you disagree, you’ll have to stop using the Service and delete your data.
Please contact us with any questions or comments about this Statement, your personal information, our use and disclosure practices, or your consent choices by email at firstname.lastname@example.org.