Loomly

Effective Date: March 24, 2021

Loomly, Inc. ("us", "we", "our" or “Loomly.com”) operates the Loomly.com website (the "Service").

This page informs you of our policies regarding the collection, use and disclosure of Personal Information, Account Information and Log Information when you use our Service. We will not use or share your information with anyone except as described in this Privacy Policy.

We use your Personal Information for providing and improving the Service, and when you agree, to contact you with additional information and offers related to the Service. By signing up to use our Service, and opting-in to our uses of your information, you agree to the collection and use of information in accordance with this policy (the “Privacy Policy”). Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible at https://www.loomly.com/terms

Information Collection

Personal Information

When you sign-up for our Service, and while using our Service, you may provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information includes your name, your company or business’s name, a description of your company, your email address, and your postal address ("Personal Information").

Account Information

When you sign-up for our Service, and while using our Service, you may also provide us with information about the subscription you choose, such as the plan, billing method and the effective dates of your subscription (“Plan Information”) and information connected with the use of our Service, such as the name of the calendars you create, the names and emails of the other users you invite to collaborate with you, any information you have made available by linking your social media accounts (ID, URL, name, profile picture of the account, and all analytics Loomly.com is able to collect pursuant to each social media company’s terms of use), any content you input (whether media or copy), any criteria you select (i.e. audience targeting, budget, etc.), and any dates you schedule (“Content Information,” and collectively with Plan Information the “Account Information”).

Log Data

We may also collect information that your browser sends whenever you visit our Service ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other data generated from cookies (see the Cookies section below for more information).

Legal Basis, Use, and Retention of Information

We may process your Personal Information for the purposes identified in this Privacy Policy, with your consent, for compliance with a legal obligation to which Loomly is subject, for the performance of a contract to which you are party, in order to protect your vital interests, or when we have assessed it is necessary for the purposes of the legitimate interests pursued by Loomly or a third party to whom it may be necessary to disclose information and are not overridden by your rights and freedoms, including your right to have your personal data protected. Our legitimate interests include responding to requests and enquiries from you or a third party, optimizing our website and customer experience, informing you about our Services and ensuring that our operations are conducted in an appropriate and efficient manner.

We collect Personal Information and Plan Information for the purpose of providing the Service, identifying and communicating with you, responding to your requests and inquiries, servicing your account, providing you with instructional on-boarding content, and providing you with information about our Services, new features, and offers, improving our Services. To the extent you have opted-in and not opted-out of our newsletter, we also collect Personal Information for the purpose of providing you with editorial content.

We collect Content Information and Log Information for the purpose of providing and improving the Service, and to advertise to you through remarketers.

We may link or combine the Personal Information we collect and/or receive about you and the Log Data and Account Data we collect automatically during your visit to our website. This allows us to provide you with a personalized experience that improves our Service.

We will only retain your personally identifiable data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of our legitimate business interests that have been assessed and satisfy any legal or reporting requirements. For clarity, we retain all information collected for so long as you have an account with us, so that we can answer your questions about your account and orders and so you do not need to provide your information each time you log in to your account to place an order. Should you request to deactivate your account or for us to erase your personally identifiable data, subject to our retention period for back-ups, we will cease to retain all personally identifiable information you have provided. However, retention periods may be extended if we are required to preserve your information or data because of litigation, investigations and other similar proceedings, or if a longer retention period is required or permitted by applicable law.

Third Party Data Processors and Service Providers

Loomly.com engages certain third parties that may process data submitted to Loomly.com to perform certain business-related functions and to increase our Service's functionality. These companies assist with processing your payment, monitoring and analyzing how our Service is used and other services. When we engage another company to perform such functions, we may provide them with information, including Personal Information, Log Data and Account Information, in connection with their performance of such functions. Loomly currently engages the following subprocessors and service providers:

Amazon Web Services, Inc.
Android, Inc.
Apple, Inc.
Attribution, LLC
Bugsnag, Inc.
Calendly, LLC
ChartMogul CMTDE GmbH & Co.
Circle Internet Services, Inc.
Dropbox, Inc.
Facebook, Inc.
G2 Crowd, Inc.
Giphy, Inc.
GitHub, Inc.
Google, LLC
Img.ly GmbH
Intercom, Inc.
LinkedIn Corporation
Mailgun Technologies, Inc.
Microsoft Corporation
Mixpanel, Inc.
New Relic, Inc.
OneSignal, Inc.
Osano, Inc.
Pinterest, Inc.
Quora, Inc.
Slack Technologies, Inc.
Snap, Inc.
Stripe, Inc.
The Rocket Science Group, LLC DBA MailChimp.
TikTok Inc.
Twitter, Inc.
Typeform SL
Unsplash, Inc.
WPEngine, Inc.
Yahoo!, Inc.
Zapier, Inc.
Zoom Video Communications, Inc.

For customers who have entered into a Data Processing Agreement (“DPA”) with us, we will provide notice of any changes to the above list of subprocessors and service providers pursuant to the DPA.

Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and transferred to your device. We use cookies to collect information in order to improve our services for you. The third-parties we work with may also use cookies to help us analyze how our users are using the Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help feature on most browsers provide information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. Please note, however, that if you do not accept any cookies, you may not be able to use some features of our Service.

For your convenience, Loomly has integrated a third party cookie management tool to allow you to control the use of cookies while using Loomly.com. You may use this tool to restrict the use of various types of cookies, including advertising cookies that allow third parties to advertise to you on third-party web sites after you have visited our Service. You can also customize settings for Google AdWords’ remarketing service as follows:

You can customize the Google Display Network ads by visiting the Google Ads Settings page: https://adssettings.google.com/authenticated

Google also recommends installing the Google Analytics Opt-out Browser Add-on - https://tools.google.com/dlpage/gaoptout - for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.

For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://www.google.com/intl/en/policies/privacy/

Our site integrates with your social media accounts. These integration features may set a cookie to enable the feature to function properly. Social media features are hosted on our site or by a third party, and your interactions with these features are governed by the privacy policy of the company providing it.

Communications

We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. If you do not want to receive such messages from us, you will be able to inform us when we first collect your contact details or opt out at a later date by updating your preferences from your account page, following the unsubscribe link or instructions provided in any email we send, or by contacting us.

Publicly Accessible Posts and Blogs

Our Website facilitates the publishing of your posts on various social media account and may include publicly accessible blogs or community forums. Any information you post onto your social media accounts or provide in our blog/forum areas may be read, collected and used by others who access them. To request removal of your personal information from our blog or community forum, please contact us. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. In the event you wish to remove information from your social media account, you acknowledge and agree that you may only do so pursuant to each site’s terms and policies.

Data Processing by Loomly.com

If you are based in the European Economic Area (“EEA”) or California, and primarily use our Services to assist third parties with their social media management projects, you are categorized as a data controller (under GDPR) or business (under CCPA), and Loomly.com acts as the data processor (under GDPR) or service provider (under CCPA) with respect to the personal data processed by us in connection with your use of the Services. Our DPA supplements our Terms of Service and Privacy Policy insofar as they relate to our processing of data subject to the GDPR and the CCPA. Please have an authorized representative execute the DPA using the link above.

Clients of Data Controllers

If you have hired an individual or business to assist you with your social media management projects, and that individual or business uses Loomly.com as a tool, we may be processing your personal data on behalf of our customers and must do so in accordance with their instructions. This means that if you wish to access any personal data we process on behalf of a Loomly.com customer and request that we correct, amend, or delete such information, you should contact that Loomly.com customer with your request. We will then help them to fulfill that request in accordance with their instructions.

Compliance With Laws

We will disclose your Personal Information where required to do so by law or subpoena or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service.

Your Rights Under the General Data Protection Regulation (“GDPR”)

For your information, in accordance with certain, possibly applicable, privacy laws, you may have the following rights in respect of your Personal Information that we hold:

Right of access. You have the right at any time to ask us for a copy of the personally identifiable information about you that we hold. Where we have good reason, and if the GDPR permits, we can refuse your request for a copy of your personally identifiable information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reasons for doing so.
Right of portability. In certain instances, you have a right to receive any personally identifiable information that we hold about you in a structured, commonly used and machine-readable format. You can ask us to transmit that information to you or directly to a third party organization. The above right exists only in respect of personally identifiable information that: (i) you have provided to us previously; and, (ii) is processed by us using automated means. While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third party organization's systems. We are also unable to comply with requests that relate to personally identifiable information of others without their consent.
Right to rectification. The right to obtain rectification of your personally identifiable information without undue delay where that personally identifiable information is inaccurate or incomplete.
Right to erasure. The right to obtain the erasure of your Personal Information without undue delay in certain circumstances, such as where the Personal Information is no longer necessary in relation to the purposes for which it was collected or processed.
Right to restriction. The right to obtain the restriction of the processing undertaken by us on your Personal Information in certain circumstances, such as where the accuracy of the Personal Information is contested by you, for a period enabling us to verify the accuracy of that Personal Information.
Right to object. The right to object, on grounds relating to your particular situation, to the processing of your Personal Information, and to object to processing of your Personal Information for direct marketing purposes, to the extent it is related to such direct marketing.

If you wish to exercise one of these rights, please submit your request here or contact us as provided in the Contact Us section below. Upon request, we will provide you with information about whether we hold any of your personal information. You may access, correct or request deletion of your personal information by logging into your account, or by contacting us. We will respond to your request within 30 days.

Representative Information for Data Subjects in the EU

We have appointed Osano International Compliance Services Limited as representative according to Art 27 GDPR.

Contact: Osano International Compliance Services Limited ATTN : AQG9 25/28 North Wall Quay Dublin 1, D01 H104 IRELAND

If you live or work in the EEA, you are also entitled to lodge a complaint with your applicable supervisory authority. A list of relevant authorities in the EEA and the European Free Trade Area can be accessed here: https://edpb.europa.eu/about-edpb/board/members_en.

Business Transaction

If Loomly, Inc. is involved in a merger, acquisition or asset sale, your Personal Information may be transferred as a business asset. In such cases, we will provide notice before your Personal Information is transferred and/or becomes subject to a different Privacy Policy.

Security

The security of your Personal Information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure.

However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the Personal Information we have collected from you.

For any questions and concerns regarding our data security practices, please contact us as described in the Contact Us section below.

International Transfer

Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United States and choose to provide information to us, please note that we transfer the information, including Personal Information, to United States and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

If you are located in the EEA, we will comply with applicable legal requirements providing adequate protection for the transfer of personally identifiable information to recipients in countries outside of the EEA, including the USA. In all such cases, we will only transfer your personally identifiable information if:

The country to which the personally identifiable information will be transferred has been granted a European Commission adequacy decision;
The recipient of the personally identifiable information is located in the U.S. and has certified to the EU-U.S. Privacy Shield Framework; or
We have put in place appropriate safeguards with respect to the transfer, for example the EU Model Clauses.

You may request a copy of the safeguards that we have put in place in respect of any applicable transfers of personally identifiable information by contacting us as described in the Contact Us section below.

Your California Rights

The California Consumer Privacy Act (“CCPA”) provides California residents with the following rights:

Right to Know. The right to know the Personal Information that we collect from you, the purposes for which we use it, the sources from which we collect it, the limited circumstances under which we share it, with whom we share it, and your rights regarding it.
Right to Request Access and Data Portability Rights. The right to request we disclose certain information to you about your collection and use of your Personal Information (as used in this section “Personal Information” has the definition set forth in CCPA) over the past 12 months, upon verifiable consumer request. Once we receive and confirm your verifiable consumer request, we will disclose to you: (i) the categories of Personal Information we collected about you, (ii) the categories of sources for the Personal Information we collected about you, (iii) our business or commercial purpose for collecting or selling that Personal Information, (iv) the categories of third parties with whom we disclosed or sold that Personal Information, (v) and/or the specific pieces of Personal Information we collected about you (also called a data portability request). You may make a “request to know” up to two times in a 12-month period free of charge, subject to limitations described in the law. A general description of the categories of information that we collect, the purpose for collecting, using and sharing such information, and types of service providers we share information with is set forth above in the “Information and Collection,” “Legal Basis, Use and Retention of Information” and “Third Party Data Processors and Services Providers” sections.
Right to Request Deletion. The right to request we delete your Personal Information that we collected from you and retained. Once we receive and confirm your verifiable consumer request, we will delete your Personal Information from our records, subject to certain exceptions under applicable law.
Right to Opt Out of Sale. The right to opt out of the “sale” of your personal information to “third parties.” Although we do not believe we sell personal information, we do engage third parties to perform specific tasks on our behalf. These third parties may analyze the data we provide, combine that data with publicly available data, and provide us with access to their analysis and reports. Such activities may qualify as a “sale” under CCPA’s broad definition of the term. You may restrict such third party from accessing or using your personally identifiable data by clicking “Do Not Sell My Personal Information.” Please note that if you use a different browser or device to access the Service, you will need to opt out separately on each browser and device.
Authorized Representatives. You may also designate an authorized representative to make consumer rights requests on your behalf. We will require verification that you did in fact authorize the representative.
No Discrimination. We will not discriminate against any consumer for exercising their rights under the CCPA. We will not deny you goods or services, charge you different rates, or give you different discounts because you used one of these rights.

If you wish to exercise these rights, please submit your request here or contact us as provided in the Contact Us section below. Please note that certain rights may be limited or unavailable depending on the type of data requested or exception under applicable law.

Links To And Integrations With Other Sites and Services

Our Service may contain links to and integrations with other sites and services that are not operated by us. If you click on a third-party link, you will be directed to that third-party's site. It is your responsibility to review the privacy policy of every site you visit and service you use.

We have no control over, and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Should you wish to revoke access to any service you have linked, you can access and alter the applicable security settings through the following links:

Children's Privacy

Our Service is not directed at anyone under the age of thirteen (13); and we do not knowingly collect personally identifiable information from anyone under the age of thirteen (13). Additionally, you must be over the minimum age to consent to the processing of your personal data as required by the laws of your jurisdiction to use our Service.

Changes To This Privacy Policy

This Privacy Policy is effective as of the date set forth above and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

If you have any questions about this Privacy Policy, please contact us.