Privacy Policy

MODIFI, INC.

PRIVACY POLICY

Modifi, Inc. (“Modifi,” “we,” “our,” or “us”) is committed to providing management analytics and workflow building services, content, and related products to our customers (the “Services”). This Privacy Policy (“Privacy Policy”) applies to and governs any and all Personal Information (as defined below) you provide to us or we collect about you (“you,” “your,” or “user”) while visiting or using the https://www.modifi.io/ or https://apps.wemodifi.com websites or using our mobile application (the “Site & App”). This Privacy Policy applies whether you access the Site & App through a personal computer, mobile device, or other device.

 Together with our Terms and Conditions (the “Terms”), this Privacy Policy is a legally binding agreement between you and Modifi. By accessing or using the Site & App or by registering for a User Account (as defined in the below), you consent to the Terms and the Privacy Policy, including our collection, use, and disclosure of your Personal Information as provided below. Please read this Privacy Policy carefully.

Personal Information defined

 We define “Personal Information” as your first and last name, your e-mail address, your home or other physical address, including a street name and name of a city or town, your telephone number, your social security number, any payment or financial information, or any other identifier that permits Modifi to contact a natural human person, like you, and/or any information that Modifi maintains that could be used to identify you in combination with any of the identifying information described above.

Personal Information does not include “aggregate” information, which is data we collect automatically about the use of the Site & App (“Aggregate Information”). The Privacy Policy does not restrict or limit our collection and use of such Aggregate Information, and we reserve the right to share such Aggregate Information with potential partners or other third parties without restriction. Aggregate Information does not include data we collect automatically about the use of the Site & App when combined with any information capable of identifying a natural human person.

 Information That We Collect

·       Information You Give Us. We receive and store any Personal Information you post on or provide through the Site & App or through any other means, including when you register for a User Account, purchase or subscribe to our Services, or request information from us. You understand that it is your choice to provide us with this information. You can choose not to provide such Personal Information, in which case you will not be able to access or use portions of the Site & App or some of our Services features.

 

·       User Account Information. If you choose to create a user account (“User Account”), you will be required to provide your name, email address, and other information. We will collect and store your User Account information.

 

·       Automated Collection. We automatically receive and store certain types of information when you visit the Site & App, including the name of the domain and host from which you access the Internet; the IP address of the computer you are using and the browser and operating system you are using; the date and time you access the Site & App; any search terms you used to find the Site & App; the device identifiers and mobile and network information; your actions on the Site & App; among others. Note that this information will be treated as Personal Information only if we combine or link it to any of the identifying information above. Otherwise, this information constitutes Aggregate Information.

 ·       Purchases.  If you purchase or pay for Services via the Site & App, the transaction will be handled by our service vendor(s) responsible for processing your payment (“Payment Processor”).  These entities have their own privacy policy and those terms will apply to you.  Please be sure to review them at the links provided during payment processing. The policies of the Payment Processor are also considered a part of this Privacy Policy and part of your agreement with us.

 ·       Credit Card Information.  We may require your payment or credit card information in order for the Payment Processor to process purchases.  This includes your name, payment or credit card number, expiration date, billing address, and authentication codes or related information as needed to authorize the charge and complete the transaction.  Credit card data is transferred over a Secured Sockets Layer (“SSL”) line if you are using an SSL enabled browser such as Microsoft Internet Explorer, Firefox, Safari, or Google Chrome.  We also use SSL on other select pages where you enter Personal Information. This ensures that the Personal Information is encrypted as it travels over the Internet. This secure mode is enabled before any such information is transmitted from your computer. You will know you are in secure mode when the padlock or key icon in the upper right-hand or left-hand corner of the computer screen appears in the locked position. In addition, when accessing a secure server, the first characters of the site address will change from http to https.

 ·       Cookies and Web Beacons. We may also automatically receive and store certain types of information when you visit the Site & App through the use of cookies, web beacons, or similar programs to collect the information described above. A cookie is a small text file that is sent to your computer to collect information about your activities on the Site & App. The cookie transmits this information back to the applicable Site & App each time your browser requests a page from the Site & App. We may also use cookies to maintain session information you provide to us, so that when you leave the Site & App and return, the Site & App will recognize your device. Cookies do not generally contain any Personal Information and it is our policy not to track your Internet usage outside of the Site & App. “Web beacons” are small pieces of code placed on websites used to collect advertising metrics, such as counting page views, promotion views, or advertising responses. We may also use cookies or web beacons to measure aggregate web statistics, including the number of monthly visitors, number of repeat visitors, most popular webpages and other information.

 Please consult your browser instructions for information on how to modify your choices about cookies. Finally, you may delete any existing cookies manually from the hard drive of your device.

 ·       Log Data. The web servers hosting the Site & App may also collect “log data.” Log data provides Aggregate Information about the number of visits to different pages on the Site & App. We use log data for troubleshooting purposes and to track which pages people visit in order to improve the Site & App. We do not link log data collected to Personal Information.

 “Do Not Track”: Section 22575 of the California Business & Professions Code requires website and online service operators to disclose whether they honor web browser “Do Not Track” settings. Modifi supports and honors “Do Not Track” web browser settings. If you enable “Do Not Track” settings in the browser you are using, Modifi will, to the extent feasible, not collect, store, or use Personal Information about websites you visit using that browser other than https://www.modifi.io/. Other parties, however, may not honor “Do Not Track” signals.

 Use of Personal Information

 Modifi stores your Personal Information for as long as you maintain a User Account with us, use or purchase our Services, or post content that may contain Personal Information, on the Site & App. Personal Information provided by you or obtained through the Site & App may be used by us to, among other things:

Communicate with you by email, regular mail, telephone, or mobile devices, about Products or Services that may be of interest to you, either from us or from third parties;

·       Customize your user experience;

·       Manage our business;

·       Create and maintain your User Account;

·       Save your content under your User Account, or share your content (using your name or username), at your request, with other users of the Site & App;

·       Process or fulfill any Services you purchase;

·       Provide the Services to you; or

·       Perform functions as otherwise described to you at the time of collection.

 We generally store your Personal Information in the U.S. However, we may transfer your Personal Information from the U.S. to other countries or regions in connection with the above purposes. By providing any Personal Information to us, you consent to such transfer, storage, and processing.

 Disclosure of Personal Information

 Modifi does not share the Personal Information provided by you or obtained through the Site & App with third parties, except as described below and as otherwise specified in this Privacy Policy. Modifi may share Personal Information as follows:

 ·       With any third party or third parties that maintain and operate the Site & App on our behalf, or other parties that provide services to us related to the Site & App;

·       To comply with laws, statutes, or regulations;

·       To enforce this Privacy Policy and the Terms and/or to protect our rights and the rights of others;

·       As required by a court or government agency or to respond to a claim by you or a third party;

·       As part of a transfer of our assets; for example, in the event of a merger, acquisition, corporate change or, in the unlikely event of a bankruptcy involving Modifi; and

·       As you may otherwise request or agree.

 Children

 The Site & App are not directed at children, and we do not knowingly collect Personal Information directly from users under the age of 13 or from other websites or services directed at children. Consistent with the Federal Children’s Online Privacy Protection Act of 1998 (“COPPA”), we will not knowingly request or collect Personal Information from any child under age 13 without obtaining the required parental consent. Children can browse the Site & App without any Personal Information being collected.

 Please visit http://www.ftc.gov/privacy/privacyinitiatives/childrens.html for information from the Federal Trade Commission about protecting children’s privacy online.

 Updating or Correcting Your Information

 If you would like to view your Personal Information, or delete or modify incorrect parts thereof, you may do so by sending an email to info@modifi.io . We may be required to keep this information rather than delete it or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements. Please note that when we delete any Personal Information, it will be deleted from the active database, but may remain in our archives.

 Contact; Complaints

 We take your privacy seriously, and invite you to contact us at the address below with any questions or concerns you may have regarding this Privacy Policy or our collection, storage, and use of your Personal Information:

 Modifi, Inc.

c/o/ SURF

999 3rd Ave Suite 700

Seattle, WA 98104

 Should you so choose, however, you have the right to lodge a formal complaint regarding our use of Personal Information about you with the Federal Trade Commission (“FTC”), the supervisory authority for the United States, using the following contact information:

 Federal Trade Commission

600 Pennsylvania Avenue, Northwest

Washington, DC 20580

Tel. +1 202 326 2222

 Please note that alternate methods of lodging a complaint apply to EU residents, as provided below.

 Third Party Links

 The Site & App may contain links to other websites. We do not control, and make no representations whatsoever regarding such other websites or the products and services offered by or through websites accessed through links on the Site & App, even those with which Modifi may have an affiliation. If you decide to access third party websites linked through the Site & App you do so at your own risk, and subject to the policies and terms of such websites.

 Securing Your Information Online

 We take reasonable measures to protect your Personal Information in an effort to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction. However, please note that despite our efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other type of misuse. You should use secure usernames and passwords and carefully protect them from disclosure, and keep your security and virus protection tools current and up-to-date on your computer.

If we become aware of a security systems breach, we may attempt to notify you electronically so that you can take appropriate protective steps. For example, we may send you an email or post a notice to a public forum.

 You should also be aware of how to handle and disclose your Personal Information and should avoid sending Personal Information through insecure email. Please refer to the Federal Trade Commission’s website at http://www.business.ftc.gov/privacy-and-security/consumer-privacy for information about how to protect yourself against identity theft.

 Commercial Electronic Message Consent

 By providing your email address to Modifi through the Site & App, you affirmatively and expressly consent to receiving commercial emails from Modifi. You may unsubscribe from these commercial emails at any time by following the “unsubscribe” instructions included in any email or by contacting Modifi via email at info@modifi.io or at the mailing address provided herein.  Opting out of promotional communications does not affect our communications with you via telephone or email related to any business we may have with you as an owner or other transactional emails.

 Your California Privacy Rights

 Effective January 1, 2005, under California Civil Code Section 1798.83, if an individual who is a California resident has provided Personal Information to a business in connection with a business relationship that is primarily for personal, family, or household purposes, and if that business has within the immediately preceding calendar year disclosed such an individual’s Personal Information to a third party and knows or should have known that such third party used the information for its own direct marketing purposes, then that business is obligated to disclose in writing to such individual upon request, what Personal Information was shared and with whom it was shared.

 Any request for a disclosure required under this California law should be sent to us via email at info@modifi.io or via regular mail at the address set forth herein.

 Please note that under this law, we are not required to respond to a customer’s request more than once in a calendar year, nor are we required to respond to any request that is not sent to the email or mailing address designated above.

 Non-EU International Visitors

 The Site & App are hosted in and provided from the United States. If you use the Site & App from Canada or other regions with laws governing data collection and use that may differ from US law, please note that you are transferring your personal data to the United States. The United States does not have the same data protection laws as Canada and some other regions. By providing your Personal Information, you consent to the transfer of your Personal Information to the United States and the use of your Personal Information, in accordance with this Privacy Policy.

 Terms Applicable to Data from European Union (“EU”) Member Countries

 The Site & App are directed at consumers in the United States. In most cases, the Personal Information we collect is stored and used in the United States. While we do not direct our Products or Services to residents of the EU, it is possible that EU residents may access and use the Site & App. If we collect Personal Information from EU residents in a manner subject to the General Data Protection Regulation (“GDPR”) then, in addition to the above, the following terms shall also apply to our collection, use and retention of that information:

 Privacy Shield Principles[BF1] . We support the EU-US Privacy Shield Framework principles (Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability) regarding the collection, use and retention of Personal Information from EU Member Countries.  Although we are not registered under the Privacy Shield, we make every effort to comply with these principles when handling Personal Information from residents of the EU Member Countries. However, our compliance with these principles may be limited (a) to the extent necessary to meet applicable national security, public interest, or law enforcement requirements; or (b) by statute, governmental regulation, or case law.  If there is a conflict between the policies set forth below and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov/list.

 Basis for Collection.  As set out above, we collect and process Personal Information for which you have given your express consent at the time of collection.  For example, we collect and process Personal Information in order to improve our Services, to deliver services and perform obligations under contracts we have with you, and to comply with our own legal obligations.

 Sensitive Data.  We do not collect sensitive data (as defined in GDPR), for example, biometric data, health data, or data revealing racial or ethnic origin, from visitors to the Site & App.

 Onward Transfer. Except as otherwise provided in this Privacy Policy, we only disclose Personal Information to third parties who reasonably need to have access to it for the purpose of the transaction or activity for which it was originally collected or to provide services to perform tasks on our behalf or under our instruction. All such third parties must agree to use such Personal Information we provide to them only for the purposes for which we have engaged them and they must either: (a) comply with the EU-US Privacy Shield Principles or another mechanism permitted by the applicable EU & Swiss data protection law(s) for transfers and processing of Personal Information; or (b) agree to provide adequate protections for the Personal Information that are no less protective than those set out in this Privacy Policy.  Where we have knowledge that an entity to whom we have provided Personal Information is using or disclosing Personal Information in a manner contrary to this Privacy Policy, we will take reasonable and appropriate steps to prevent, remediate or stop the use or disclosure.

 Authorized Transfer.  We also may disclose Personal Information for other purposes or to other third parties when you have consented to or requested such disclosure. Please be aware that we will disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We are not liable for appropriate onward transfers of Personal Information to third parties.

 Data Processors.  We may retain third parties to process or analyze Personal Information we collect from the Site & App.  For example, a website may be maintained or hosted by a third party service provider.  These suppliers and other third parties who provide services for us are contractually obligated not to use Personal Information about you except as we authorize.  

 Profiling.  We may analyze Personal Information we have collected about you to create a profile of your interests and preferences so that we can contact you with information that is relevant to you.  We may make use of additional information about you when it is available from external sources to help us do this effectively.  We may also use Personal Information about you to detect and reduce fraud and credit risk.

 Your Rights.  Your rights include: (a) a right to withdraw your consent to the processing of Personal Information about you to which you have previously given consent; (b) a right to object to processing of Personal Information about you for the purpose of direct marketing; and (c) a right to have any incorrect part of the Personal Information about you corrected or removed. If you request to have incorrect Personal Information removed, we may retain some of your Personal Information as necessary for the purposes of our legitimate business interests or in furtherance of public interests in accordance with the Privacy Shield Principles. Any Personal Information you have shared publicly with others may continue to be publicly visible on the Site & App.

 You also have the right to obtain a copy of the Personal Information we have about you, although we reserve the right to charge a reasonable fee for this depending on the nature and frequency of your request(s) and our cost to provide the information.

 Questions and Complaints.  If you have questions or complaints regarding this Privacy Policy or our handling of Personal Information about you, please contact us at info@modifi.io. We will promptly investigate and attempt to resolve complaints and disputes in a manner that complies with the Privacy Shield Principles and this Privacy Policy.  Residents of Switzerland covered by the US Swiss Safe Harbor Principles should contact us with questions at the same address. 

 Enforcement and Disputes.  We commit to resolve complaints about your privacy and our collection or use of your Personal Information in a timely and reasonable manner.  If you do not receive timely acknowledgement of your request or have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our US-based third-party dispute resolution provider.

 In addition to the above, you may lodge a complaint with your home data protection authority and can invoke binding arbitration for residual claims not resolved by other redress mechanisms.  Contact details for the EU data protection authorities can be found at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.  

 The FTC has jurisdiction over our compliance with this Privacy Policy as well as the EU-US Privacy Shield Framework. As a last resort, privacy complaints that remain unresolved after pursuing these and other channels may be referred to the FTC for resolution.

 Changes to the Privacy Policy

 We reserve the right to change or modify this Privacy Policy as we deem necessary or appropriate due to changes in our business practices or changes in the law. If you have provided us with your email address, we will attempt to notify you by that address of any material changes to how we use your Personal Information.

 Last updated and effective as of:  10/12/2018

 GSB:9723926.1