Effective Date: March 24, 2021
Loomly, Inc. ("us", "we", "our" or “Loomly.com”) operates the Loomly.com website (the "Service").
When you sign-up for our Service, and while using our Service, you may provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information includes your name, your company or business’s name, a description of your company, your email address, and your postal address ("Personal Information").
We may also collect information that your browser sends whenever you visit our Service ("Log Data"). This Log Data may include information such as your computer's Internet Protocol ("IP") address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other data generated from cookies (see the Cookies section below for more information).
Legal Basis, Use, and Retention of Information
We collect Personal Information and Plan Information for the purpose of providing the Service, identifying and communicating with you, responding to your requests and inquiries, servicing your account, providing you with instructional on-boarding content, and providing you with information about our Services, new features, and offers, improving our Services. To the extent you have opted-in and not opted-out of our newsletter, we also collect Personal Information for the purpose of providing you with editorial content.
We collect Content Information and Log Information for the purpose of providing and improving the Service, and to advertise to you through remarketers.
We may link or combine the Personal Information we collect and/or receive about you and the Log Data and Account Data we collect automatically during your visit to our website. This allows us to provide you with a personalized experience that improves our Service.
We will only retain your personally identifiable data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of our legitimate business interests that have been assessed and satisfy any legal or reporting requirements. For clarity, we retain all information collected for so long as you have an account with us, so that we can answer your questions about your account and orders and so you do not need to provide your information each time you log in to your account to place an order. Should you request to deactivate your account or for us to erase your personally identifiable data, subject to our retention period for back-ups, we will cease to retain all personally identifiable information you have provided. However, retention periods may be extended if we are required to preserve your information or data because of litigation, investigations and other similar proceedings, or if a longer retention period is required or permitted by applicable law.
Third Party Data Processors and Service Providers
Loomly.com engages certain third parties that may process data submitted to Loomly.com to perform certain business-related functions and to increase our Service's functionality. These companies assist with processing your payment, monitoring and analyzing how our Service is used and other services. When we engage another company to perform such functions, we may provide them with information, including Personal Information, Log Data and Account Information, in connection with their performance of such functions. Loomly currently engages the following subprocessors and service providers:
- Amazon Web Services, Inc.
- Android, Inc.
- Apple, Inc.
- Attribution, LLC
- Bugsnag, Inc.
- Calendly, LLC
- ChartMogul CMTDE GmbH & Co.
- Circle Internet Services, Inc.
- Dropbox, Inc.
- Meta Platforms, Inc.
- G2 Crowd, Inc.
- Giphy, Inc.
- GitHub, Inc.
- Google, LLC
- Img.ly GmbH
- Intercom, Inc.
- LinkedIn Corporation
- Mailgun Technologies, Inc.
- Microsoft Corporation
- Mixpanel, Inc.
- New Relic, Inc.
- OneSignal, Inc.
- Osano, Inc.
- Pinterest, Inc.
- PartnerStack, Inc.
- Quora, Inc.
- Zimuth, Inc ('Scout')
- Slack Technologies, Inc.
- Snap, Inc.
- Stripe, Inc.
- The Rocket Science Group, LLC DBA MailChimp.
- TikTok Inc.
- Twitter, Inc.
- Typeform SL
- Unsplash, Inc.
- WPEngine, Inc.
- Yahoo!, Inc.
- Zapier, Inc.
- Zoom Video Communications, Inc.
For customers who have entered into a Data Processing Agreement (“DPA”) with us, we will provide notice of any changes to the above list of subprocessors and service providers pursuant to the DPA. For users who have linked to our Service via a referral link, we use PartnerStack to track visits and purchases.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The Help feature on most browsers provide information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. Please note, however, that if you do not accept any cookies, you may not be able to use some features of our Service.
You can customize the Google Display Network ads by visiting the Google Ads Settings page: https://adssettings.google.com/authenticated
Google also recommends installing the Google Analytics Opt-out Browser Add-on - https://tools.google.com/dlpage/gaoptout - for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://www.google.com/intl/en/policies/privacy/
We may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. If you do not want to receive such messages from us, you will be able to inform us when we first collect your contact details or opt out at a later date by updating your preferences from your account page, following the unsubscribe link or instructions provided in any email we send, or by contacting us.
Publicly Accessible Posts and Blogs
Our Website facilitates the publishing of your posts on various social media account and may include publicly accessible blogs or community forums. Any information you post onto your social media accounts or provide in our blog/forum areas may be read, collected and used by others who access them. To request removal of your personal information from our blog or community forum, please contact us. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. In the event you wish to remove information from your social media account, you acknowledge and agree that you may only do so pursuant to each site’s terms and policies.
Data Processing by Loomly.com
Clients of Data Controllers
If you have hired an individual or business to assist you with your social media management projects, and that individual or business uses Loomly.com as a tool, we may be processing your personal data on behalf of our customers and must do so in accordance with their instructions. This means that if you wish to access any personal data we process on behalf of a Loomly.com customer and request that we correct, amend, or delete such information, you should contact that Loomly.com customer with your request. We will then help them to fulfill that request in accordance with their instructions.
Compliance With Laws
We will disclose your Personal Information where required to do so by law or subpoena or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service.
Your Rights Under the General Data Protection Regulation (“GDPR”)
For your information, in accordance with certain, possibly applicable, privacy laws, you may have the following rights in respect of your Personal Information that we hold:
- Right of access. You have the right at any time to ask us for a copy of the personally identifiable information about you that we hold. Where we have good reason, and if the GDPR permits, we can refuse your request for a copy of your personally identifiable information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reasons for doing so.
- Right of portability. In certain instances, you have a right to receive any personally identifiable information that we hold about you in a structured, commonly used and machine-readable format. You can ask us to transmit that information to you or directly to a third party organization. The above right exists only in respect of personally identifiable information that: (i) you have provided to us previously; and, (ii) is processed by us using automated means. While we are happy for such requests to be made, we are not able to guarantee technical compatibility with a third party organization's systems. We are also unable to comply with requests that relate to personally identifiable information of others without their consent.
- Right to rectification. The right to obtain rectification of your personally identifiable information without undue delay where that personally identifiable information is inaccurate or incomplete.
- Right to erasure. The right to obtain the erasure of your Personal Information without undue delay in certain circumstances, such as where the Personal Information is no longer necessary in relation to the purposes for which it was collected or processed.
- Right to restriction. The right to obtain the restriction of the processing undertaken by us on your Personal Information in certain circumstances, such as where the accuracy of the Personal Information is contested by you, for a period enabling us to verify the accuracy of that Personal Information.
- Right to object. The right to object, on grounds relating to your particular situation, to the processing of your Personal Information, and to object to processing of your Personal Information for direct marketing purposes, to the extent it is related to such direct marketing.
If you wish to exercise one of these rights, please submit your request here or contact us as provided in the Contact Us section below. Upon request, we will provide you with information about whether we hold any of your personal information. You may access, correct or request deletion of your personal information by logging into your account, or by contacting us. We will respond to your request within 30 days.
Representative Information for Data Subjects in the EU
We have appointed Osano International Compliance Services Limited as representative according to Art 27 GDPR.
Contact: Osano International Compliance Services Limited ATTN : AQG9 25/28 North Wall Quay Dublin 1, D01 H104 IRELAND
If you live or work in the EEA, you are also entitled to lodge a complaint with your applicable supervisory authority. A list of relevant authorities in the EEA and the European Free Trade Area can be accessed here: https://edpb.europa.eu/about-edpb/board/members_en.
The security of your Personal Information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure.
However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the Personal Information we have collected from you.
For any questions and concerns regarding our data security practices, please contact us as described in the Contact Us section below.
Your information, including Personal Information, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the information, including Personal Information, to United States and process it there.
If you are located in the EEA, we will comply with applicable legal requirements providing adequate protection for the transfer of personally identifiable information to recipients in countries outside of the EEA, including the USA. In all such cases, we will only transfer your personally identifiable information if:
- The country to which the personally identifiable information will be transferred has been granted a European Commission adequacy decision;
- The recipient of the personally identifiable information is located in the U.S. and has certified to the EU-U.S. Privacy Shield Framework; or
- We have put in place appropriate safeguards with respect to the transfer, for example the EU Model Clauses.
You may request a copy of the safeguards that we have put in place in respect of any applicable transfers of personally identifiable information by contacting us as described in the Contact Us section below.
Your California Rights
The California Consumer Privacy Act (“CCPA”) provides California residents with the following rights:
- Right to Know. The right to know the Personal Information that we collect from you, the purposes for which we use it, the sources from which we collect it, the limited circumstances under which we share it, with whom we share it, and your rights regarding it.
- Right to Request Access and Data Portability Rights. The right to request we disclose certain information to you about your collection and use of your Personal Information (as used in this section “Personal Information” has the definition set forth in CCPA) over the past 12 months, upon verifiable consumer request. Once we receive and confirm your verifiable consumer request, we will disclose to you: (i) the categories of Personal Information we collected about you, (ii) the categories of sources for the Personal Information we collected about you, (iii) our business or commercial purpose for collecting or selling that Personal Information, (iv) the categories of third parties with whom we disclosed or sold that Personal Information, (v) and/or the specific pieces of Personal Information we collected about you (also called a data portability request). You may make a “request to know” up to two times in a 12-month period free of charge, subject to limitations described in the law. A general description of the categories of information that we collect, the purpose for collecting, using and sharing such information, and types of service providers we share information with is set forth above in the “Information and Collection,” “Legal Basis, Use and Retention of Information” and “Third Party Data Processors and Services Providers” sections.
- Right to Request Deletion. The right to request we delete your Personal Information that we collected from you and retained. Once we receive and confirm your verifiable consumer request, we will delete your Personal Information from our records, subject to certain exceptions under applicable law.
- Right to Opt Out of Sale. The right to opt out of the “sale” of your personal information to “third parties.” Although we do not believe we sell personal information, we do engage third parties to perform specific tasks on our behalf. These third parties may analyze the data we provide, combine that data with publicly available data, and provide us with access to their analysis and reports. Such activities may qualify as a “sale” under CCPA’s broad definition of the term. You may restrict such third party from accessing or using your personally identifiable data by clicking “Do Not Sell My Personal Information.” Please note that if you use a different browser or device to access the Service, you will need to opt out separately on each browser and device.
- Authorized Representatives. You may also designate an authorized representative to make consumer rights requests on your behalf. We will require verification that you did in fact authorize the representative.
- No Discrimination. We will not discriminate against any consumer for exercising their rights under the CCPA. We will not deny you goods or services, charge you different rates, or give you different discounts because you used one of these rights.
If you wish to exercise these rights, please submit your request here or contact us as provided in the Contact Us section below. Please note that certain rights may be limited or unavailable depending on the type of data requested or exception under applicable law.
Links To And Integrations With Other Sites and Services
We have no control over, and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
Should you wish to revoke access to any service you have linked, you can access and alter the applicable security settings through the following links:
- Google Business Profile
- Microsoft Teams
- Google Drive
Our Service is not directed at anyone under the age of thirteen (13); and we do not knowingly collect personally identifiable information from anyone under the age of thirteen (13). Additionally, you must be over the minimum age to consent to the processing of your personal data as required by the laws of your jurisdiction to use our Service.