REV. 133C579, STATE OF FLORIDA
VERSION DATE: AUGUST 27, 2019
Lymion Group, Inc. (“Lymion Group”, “Overproof”, “Spirted Partners”, “Our”, or “We”) respect your privacy and are committed to protecting it through our compliance with this policy.
This policy applies to information we collect:
- on our Websites;
- in email, text, and other electronic messages between you and our support team;
- through mobile and desktop applications you download from our Websites or other application stores (such as the Apple App Store® and the Google Play® Store), which provide you access to the Overproof Services; and
- when you use the Overproof Services.
It does not apply to information collected by:
- us offline or through any other means, including on any other website operated by Lymion Group or any third-party; or
- any 3rd party, including through any application or content (including advertising) that may link to or be accessible from, on, or through the Overproof Services.
Lymion Group is the data Processor of your Personal Data.
Lymion Group is the data Processor of your Personal Data that you provide on and through Overproof.
CHILDREN UNDER THE AGE OF 18
Overproof’s Apps and Services are not intended for children under the age of 18, and children under the age of 18 are not permitted to use our Websites or directly use the Overproof Services. We will remove any information about a child under the age of 18 if we become aware of it.
Our Websites are not intended for children under 18 years of age. No one under age 18 may provide any information to or on the Websites, directly use the Overproof Services, or install the Overproof Apps. We do not knowingly collect Personal Data from children under 18. If you are under 18, do not use or provide any information on our Websites or on or through any of its features, install the Overproof Apps, or directly use the Overproof Services, including providing your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received Personal Data directly from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at [email protected]
INFORMATION WE COLLECT ABOUT YOU AND HOW WE COLLECT IT
We collect different types of information about you, including information that may directly identify you, information that is about you but individually does not personally identify you, and information that we combine with information from our other users. This includes information that we collect directly from you or through automated collection technologies, or through your use of the Service.
When you register to use the Overproof Services or use our Websites, we collect several types of information from and about users of the Overproof Services, specifically information:
- by which you may be personally identified, such as name, e-mail address, telephone number any other identifier by which you may be contacted online or offline (“Personal Data”);
- that is about you but individually does not identify you, such as traffic data, location data, logs, referring/exit pages, date and time of your visit to our Websites, error information, clickstream data, and other communication data and the resources that you access and use on the Websites; and/or
- about your internet connection, the equipment you use to access our Websites and usage details.
We collect this information:
- directly from you when you provide it to us; and
- automatically as you navigate through the Websites. Information collected automatically may include usage details, IP addresses, and information collected through cookies, web beacons, and other tracking technologies.
When you use the Overproof Service, we may also collect and process these types of information when you log into an Overproof Service, complete an action using an Overproof Service, or otherwise use features provided by the Service. You and the other parties you communicate with are in complete control over the specific type of information contained in these actions.
Information You Provide to Us
The information we collect on or through our Websites are:
- information that you provide by filling in forms on our Websites. This includes information provided at the time of subscribing to our service or requesting further services.
- information that you provide as part of the process of authenticating Overproof and granting it access to your data on other services, such as 3rd party email providers. This information always includes your email address, and may include additional information such as your name, password, and a profile picture.
- information that you provide as part of initial sign up, completion of actions, contact importing, or calendar invitations when you use the Overproof Service, or when you otherwise interact with features in the Overproof service.
- records and copies of your correspondence (including email addresses), if you contact us, including when you report a problem with the Overproof Services or the Websites;
- details of transactions you carry out through our Websites or the Overproof Apps and of the fulfillment of your orders.
The Personal Data we collect from you is required to enter into a contract with Lymion Group, for Lymion Group to perform our obligations under the contract, and to provide you with our products and services. If you refuse to provide such Personal Data or withdraw your consent to our processing of Personal Data, then in some cases we may not be able to enter into the contract or fulfill our obligations to you under it.
You also may provide information to be transmitted to third parties (collectively, “Communications”). Your Communications are transmitted to others at your own risk. Although we use technology to protect your Communications, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of the recipients of your Communications, who may forward them to other third parties or otherwise disclose them. Therefore, we cannot and do not guarantee that your Communications will not be viewed by unauthorized persons.
Information We Collect Through Automatic Data Collection Technologies
As you navigate through and interact with our Websites or use the Overproof Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns. We collect:
- details of your visits to our Websites or use of the Overproof Apps, specifically traffic data, location data, logs, referring/exit pages, date and time of your visit to our Websites or use of the Overproof Apps, error information, clickstream data, and other communication data and the resources that you access and use on the Websites;
- Information about your computer, mobile device, and internet connection, email or calendar client, specifically your IP address, mobile device make and model, operating system, and browser type.
The information we collect automatically may include Personal Data or we may maintain it or associate it with Personal Data we collect in other ways or receive from you or other third parties. It helps us to provide you with the Overproof Services, improve the Overproof Services, and to deliver a better and more personalized service by enabling us to:
- estimate our audience size and usage patterns;
- store information about your preferences, allowing us to customize our Websites and the Overproof Apps according to your individual interests;
- recognize you when you return to our Websites or use our Overproof Apps.
Information We Collect Through Providing You With the Overproof Service
As you use the Overproof Services, we may collect certain information about your Communications. We collect:
- the contents and header information from the Communications you send and receive through the service. This may vary by the systems used to send and receive information, but header information will generally include at least the senders and recipient’s email address, subject line, message size, the date and time the Communications was sent and received by each server used in the delivery, the system name and IP address of each system used in the delivery, and other similar metadata;
- geolocation data from your mobile device, if you have enabled this feature.
- information about events in your calendar, such as event titles, attendees, locations, and meeting times.
The information we collect as a result of your use of the Overproof Service includes any information that may be in the subject line or in the contents of your Communications, which may include Personal Data that you include in it. This information is used to provide you with the Overproof Service and allows us to help you manage the day to day processes of mobile sales as well as sales management, communicate with distributors, integrate third party sales data, integrate 3rd party scheduling data, map out routes and accounts by location, store the information of sales contacts and orders, report on relevant sales data, get notifications of relevant activities, and enhance your productivity in various other ways. The Overproof Services include, but are not limited to, Overproof Web App, Overproof Sales for Android, Overproof Sales for iPhone, and all of the functions available through each of these. We also use your geolocation data to help you navigate on your mobile device and various reporting feautres. This geolocation data is stored locally on your mobile device, processed locally by the Overproof App, and then used across the Overproof Web App.
LAWFUL BASIS FOR PROCESSING YOUR PERSONAL DATA
We have a lawful basis for our processing of your Personal Data, including processing for our legitimate interests (when balanced against your rights and freedoms), to fulfill our obligations to you under a contract with you, and required by law, and with your consent.
If you are in the European Union, the processing of your Personal Data is lawful only if it is permitted under the applicable data protection laws. We have a lawful basis for each of our processing activities (except when an exception applies as described below):
- Legitimate Interests. We will process your Personal Data as necessary for our legitimate interests. Our legitimate interests are balanced against your rights and freedoms and we do not process your Personal Data if your rights and freedoms outweigh our legitimate interests. Specifically, our legitimate interests are to: facilitate communication between Lymion Group and you; detect and correct bugs and to improve our Websites, Overproof Apps, and Overproof Service; safeguard our IT infrastructure and intellectual property; detect and prevent fraud and other crime; promote and market our business; check your credit and perform risk assessments; aggregate non-identifiable data in order to provide new features of the Service, and improve our product and services;
- To Fulfill Our Obligations to You under our Contract. We process your Personal Data in order to fulfill our obligations to you pursuant to our Contract with you to deliver our goods and services to you. Specifically, we process your Personal Data to provide you with the features and functionality of the Overproof Service that you subscribe to; and
- As Required by Law. We may also process your Personal Data when we are required or permitted to by law; to comply with government inspection, audits, and other valid requests from government or other public authorities; to respond to legal process such as subpoenas; or as necessary for us to protect our interests or otherwise pursue our legal rights and remedies (for instance, when necessary to prevent or detect fraud, attacks against our network, or other criminal and tortuous activities), defend litigation, and manage complaints or claims.
SPECIAL CATEGORIES OF INFORMATION
HOW WE USE YOUR INFORMATION
We use your Personal Data for various purposes described below, mostly involved in providing the service and collecting payment. With your consent, we’ll send you occasional promotional emails, such as announcements of new features and information we’ve learned about how to use email more effectively. We also occasionally collect non-personal, aggregated data as you use Overproof, so we can build useful new things. For example, we might identify frequently occurring errors so we can improve stability.
We use information that we collect about you or that you provide to us, including any Personal Data:
- to present our Websites and their contents to you;
- to provide you with information about the Overproof Services that you request from us;
- to provide you with the Overproof Services that you subscribe to;
- to fulfill any other purpose for which you provide it;
- to provide you with notices about your subscription, including expiration and renewal notices;
- to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection;
- to notify you about changes to our Websites or the Overproof Services;
- in any other way we may describe when you provide the information; and
- for any other purpose with your consent.
We also use aggregated, anonymized records of non-personal information that we collect about you or that you provide to us as part of your usage of the Service in order to develop and train algorithms that allow us build new features of the Service.
With your consent, we may also use your information to contact you about our own services that may be of interest to you, such as newsletters and other promotional material. If you wish to change your choice, you may do so at any time by sending us an email stating your request at hello [at] overproof.com.
DISCLOSURE OF YOUR INFORMATION
- to our subsidiaries and affiliates;
- to contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep Personal Data confidential and use it only for the purposes for which we disclose it to them. Specifically, these entities provide IT and infrastructure support services, and payment processing services.
- to your email and calendar service provider;
- to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Lymion Group, Inc.’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Lymion Group, Inc. about the Overproof Services’ users is among the assets transferred;
- to fulfill the purpose for which you provide it;
- for any other purpose disclosed by us when you provide the information;
- to the recipients of your Communications that you specify; and
- with your consent.
We may also disclose your Personal Data:
- to comply with any court order, law, or legal process, including to respond to any government or regulatory request;
- if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Lymion Group, Inc., our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION
We offer you choices on how you can opt out of our use of tracking technology, disclosure of your Personal Data for third-parties to advertise to you, our advertising to you, and other targeted advertising. We don’t currently have any advertising in the Services (or any plans to add it), but we want to cover our bases in case that has to change some day.
We do not control the collection and use of your information collected by third parties described above in Disclosure of Your Information. When possible, these organizations are under contractual obligations to use this data only for providing the services to us and to maintain this information strictly confidential. These third parties may, however, aggregate the information they collect with information from their other customers for their own purposes. Additionally, we cannot control the actions of the recipients of your Communications, who may forward them to other third parties or otherwise disclose them.
In addition, we strive to provide you with choices regarding the Personal Data you provide to us. We have created mechanisms to provide you with control over your Personal Data:
- Promotional Offers from Lymion Group. We will only use your contact information to promote our own products and services with your express consent. If you wish to consent to such use, you can check the relevant box located on the form on which we collect your Personal Data, authenticate, or otherwise seek such consent. If you wish to change your choice, you may do so at any time by changing your subscription preferences by sending us an email stating your request to [email protected] If we have sent you a promotional email, you may click on the unsubscribe link at the bottom of the email to be omitted from future email distributions. This opt out does not apply to information provided to the Lymion Group as a result of a subscription to the Overproof Services, a download of the Overproof Apps, a product service experience, or other transactions.
- Targeted Advertising. We will only use information that we collect or you provide to deliver advertisements according to our advertisers’ target-audience preferences with your express consent. If you wish to consent to such use, you can check the relevant box located on the form on which we collect your Personal Data or otherwise seek such consent. If you wish to change your choice, you may do so at any time by sending us an email stating your request to [email protected]
YOUR RIGHTS REGARDING YOUR INFORMATION
Your rights regarding your information and accessing and correcting your information:
You may have certain rights under applicable data protection laws, including the right to access and update your Personal Data, restrict how it is used, transfer certain Personal Data to another controller, withdraw your consent at any time, and the right to have us erase certain Personal Data about you. You also have the right to complain to a supervisory authority about our processing of your Personal Data.
Applicable data protection laws may provide you with certain rights with regards to our processing of your Personal Data.
- Access and Update. You can review and change your Personal Data by notifying us through the contact information below of any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible. We may not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
- You have the right to restrict our processing of your Personal Data under certain circumstances. In particular, you can request we restrict our use of it if you contest its accuracy, if the processing of your Personal Data is determined to be unlawful, or if we no longer need your Personal Data for processing, but we have retained it as permitted by law.
- To the extent the Personal Data you provide Lymion Group is processed based on your consent or that we process it through automated means, you have the right to request that we provide you a copy of, or access to, all or part of such Personal Data in structured, commonly used and machine-readable format. You also have the right to request that we transmit this Personal Data to another controller, when technically feasible.
- Withdrawal of Consent. To the extent that our processing of your Personal Data is based on your consent, you may withdraw your consent at any time by closing your account. Withdrawing your consent will not, however, affect the lawfulness of the processing based on your consent before its withdrawal, and will not affect the lawfulness of our continued processing that is based on any other lawful basis for processing your Personal Data.
- Right to be Forgotten. You have the right to request that we delete all of your Personal Data. We cannot delete your Personal Data except by also deleting your user account, and we will only delete your account when we no longer have a lawful basis for processing your Personal Data or after a final determination that your Personal Data was unlawfully processed. We may not accommodate a request to erase information if we believe the deletion would violate any law or legal requirement or cause the information to be incorrect. In all other cases, we will retain your Personal Data as set forth in this policy. In addition, we cannot completely delete your Personal Data as some data may rest in previous backups. These will be retained for the periods set forth in our disaster recovery policies. If you delete your Communications from the your email or calendar service or client, copies of your Communications may remain viewable in cached and archived pages on websites used to access your calendar or email, or might have been copied or stored by recipients of your Communications.
- You have the right to lodge a complaint with the applicable supervisory authority in the country you live in, the country you work in, or the country where you believe your rights under applicable data protection laws have been violated. However, before doing so, we request that you contact us directly in order to give us an opportunity to work directly with you to resolve any concerns about your privacy.
- How You May Exercise Your Rights. You may exercise any of the above rights by contacting us through any of the methods below. If you contact us to exercise any of the foregoing rights, we may ask you for additional information to verify your identity. We reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or to satisfy our legal and business requirements.
DO NOT TRACK SIGNALS
We may use automated data collection technologies to track you across websites. We currently do not honor do-not-track signals that may be sent by some browsers.
We also may use automated data collection technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not honor such signals and we do not modify what information we collect or how we use that information based upon whether such signal is broadcast or received.
Information transmitted over the Internet is never completely secure, but we do our best to protect your Personal Data. You can help protect your Personal Data and other information by making sure you don’t remain logged in on shared devices and making sure you have good passwords on personal devices.
We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. Any payment transactions and Communications processed by the Overproof Services is encrypted both in transit and at rest.
The safety and security of your information also depends on you. Please be careful to log out of the Service on any shared computers and use passcode protection on any device where you remain logged into the Service. Where we have given you (or where you have chosen) a password for access to certain parts of our Websites or Overproof Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to the Overproof Services. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures used in the Overproof Services.
CONSENT TO PROCESSING OF PERSONAL DATA IN THE UNITED STATES
We may process your Personal Data outside of your home country, including to the United States. We only do this when we are legally permitted to do so and when we have appropriate safeguards in place to protect your Personal Data.
If you are a resident of the European Economic Area (“EEA”), in order to provide our Websites, products, and services to you, we may send and store your Personal Data outside of the EEA, including to the United States. Accordingly, your Personal Data may be transferred outside the country where you reside or are located, including to countries that may not or do not provide an adequate level of protection for your Personal Data.
Your Personal Data is transferred by Lymion Group to another country only if it is required or permitted under applicable data protection law and provided that there are appropriate safeguards in place to protect your Personal Data. By using the Overproof Services, you represent that you have read and understood the above and hereby consent to the storage and processing of Personal Data that you provide to us on our Websites or through the Overproof Services.
DATA RETENTION PERIODS
We retain your Personal Data for as long as you keep your account open. In some instances, we may keep it after you close your account, for example we may keep it:
– on our backup and disaster recovery systems;
– for as long as necessary to protect our legal interests; and
– and to comply with other legal requirements.
Lymion Group will retain your Communications for only as long as necessary to provide you with the Services and we will retain your Personal Data for the entire time that you keep your account open. After retention of your Communications is no longer necessary and after you close your account, we may retain your Communications or Personal Data, as applicable:
- for as long as necessary to comply with any legal requirement;
- on our backup and disaster recovery systems in accordance with our backup and disaster recovery policies and procedures;
- for as long as necessary to protect our legal interests or otherwise pursue our legal rights and remedies; and
- for data that has been aggregated or otherwise rendered anonymous in such a manner that you are no longer identifiable, indefinitely.
If you wish to contact us about any of the information in this policy, or about anything else, our information is below.
TO CONTACT LYMION GROUP (PROCESSOR)
Lymion Group, Inc.
360 NW 27th Street
hello [at] overproof.com