Policies

Privacy Policy

Effective Date: 2/8/2021

Purpose Of Policy

We are committed to protecting your privacy as you use our service! We created this Privacy Policy (“Policy”) to give you confidence as you access and use our products and services, including but not limited to, UserLeap’s web platform (collectively, the “Service”). This Policy covers how we collect, use, store, and share your information when you use our Service. The provisions of our Terms of Use (https://userleap.com/terms-of-use.html) (the “Terms”) apply to this Policy as well. All references to “we”, “us”, “our”, or “UserLeap” refer to UserLeap Inc., a Delaware corporation. All references to “you”, “your”, or “user” relate to all persons who use or access the Services, in their company’s (the “Company”) capacity or in an individual capacity, including authorized users representing the company, its employees, or other persons using or accessing the Services. By clicking the applicable button or checkbox to indicate your acceptance to this Privacy Policy and our Terms, or otherwise by using the Service, you represent and agree that you have read, understand, and agree to be bound by both this Privacy Policy and our Terms as binding agreements. Further, you agree that this Privacy Policy and our Terms apply to your past use, if any, of the Service prior to the Effective Date.

Do not hesitate to contact us at security@userleap.com if you have any questions or want to discuss this Policy. Capitalized terms used but not defined shall have the respective meanings given to them in the Terms.

Information We Collect And How We Use It

Required Information You Voluntarily Provide Us.

In order to sign up for the Service, you must create an account which requires you to provide us with various information that is, or may be, considered personally identifiable information. In some instances, we will create the account on your behalf, and in those instances your Company would have provided such personally identifiable information to us on your behalf.

To create an account to access the Service, you will be required to provide us with your name and your email address, and you will be required to create a password.

We use this information for the purpose of providing you with the core aspects of the Service and to provide you with information and updates about the Service.

Optional Information You Voluntarily Provide Us.

In addition to the required information that you provide to UserLeap in order to create an account on the Service, there are various pieces of information you can, or may in the future be able to or choose to provide through the Service.

Further, now or in the future, we may allow you to provide us with access to additional information and data through integrations with third party goods and services.

We also may gain access to other personally identifiable information that you provide us through communications between us and you.

The various categories of information in this subsection is, or may be, considered personally identifiable information, and is used for the purpose of providing you with the Service’s functionality.

Information Collected Automatically As You Use The Service.

In addition to the information that you provide to us voluntarily, UserLeap may, now or in the future, automatically collect information through the Service in order to better understand our users and how they use the Service, and to improve the Service.

Cookies.

After you use or visit the Service, we may use cookies to remember you as a user of the Service and to streamline the functionality of the Service. The cookies are only used to track your activity on the Service, and not on third party sites or services.

Other Data We Collect.

When you use and visit the Service, we may also use third-party services, such as Intercom, Heap Analytics, and others, which use cookies to collect generic, anonymous information that does not identify you. We use this information to better understand how users interact with the Service and to improve your user experience while using the Service.

Do-Not-Track Signals.

We do not track you or collect your information across third party websites or online services. Thus, we do not receive Do-Not-Track signals, or other similar signals. To the extent that we do receive any such signals, we will not comply with them as it is not an aspect of the functionality of our Service.

How We Share Your Information

We also do not share your personally identifiable information with other third parties except to the extent that it is in furtherance of the Service, or when you choose to do so (as described below).

Information Shared By You Through The Service.

You may, now or in the future, be able to choose to voluntarily share information collected through the Service, by email, or by other means of communication. In addition, as described in this Policy, some aspects of the functionality of the Service will require us to share your personally identifiable information with third parties.

Our Personnel And Vendors.

To be able to effectively provide you with the Service, and to improve the functionality of the Service, we may disclose your information to our employees, contractors, agents, vendors, and other similar persons or entities, to the extent that such persons or entities have a need-to-know such information in furtherance of the Service.

Sale of Company or Assets.

In the event that we sell all or substantially all of our company or its assets, including the user information collected through our Service, we may transfer your information, upon reasonable notice to you, to the acquiring company.

Other Third Parties.

In addition to our practices described above, we may share your information if we have a good-faith belief that such action is necessary to (1) comply with the law (see the section below on “Government Requests”), (2) protect and defend the rights or property of UserLeap, or (3) prevent an emergency involving danger of death or serious physical or mental injury to any person.

Storing Your Information

Storage and Retention Of Your Information.

We use commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your personal information.

We cannot, however, ensure or warrant the security of any information you transmit to UserLeap or guarantee that your information on the Service may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. As such, we will not be liable for any loss or damage you incur as a result of a breach of our security systems. In the event that personal information is compromised as a result of a breach of our security systems, we will promptly notify those persons whose personal information has been compromised, in accordance with the notification procedures set forth in this Privacy Policy, or as otherwise required by applicable law. If you would like to review your information that we have access to, you may contact us via email at security@userleap.com.

Security.

We use reasonable efforts to secure your information and to attempt to prevent the loss, misuse, and alteration of the information that we obtain from you. For example, we will require our personnel to sign confidentiality agreements that extend to your personal information; we review the privacy practices of new products and services that we integrate into our Service; we train our personnel on privacy issues; we will have personnel to monitor privacy issues; and we restrict access to your personal information to individuals within and outside of UserLeap who need access to such information to provide the Service. In addition, we rely on the technical safeguards provided by the third-party vendors we use to host, store, and process your information. However, you acknowledge and agree that loss, misuse, and alteration may occur despite our efforts to protect your information. We are not responsible to our users or to any third party due to any such loss, misuse, or alteration.

Government Requests

From time to time, we may receive requests from government agencies to obtain information about our users. In handling such government requests, we greatly value the privacy of your information. While we may be required to turn over user information at times, we will strive to require a search warrant or subpoena, to the extent that we can reasonably demand such warrant or subpoena, before we turn over information about you and we will also strive to notify users when we receive government requests about their data.

Third Party Services And Practices Are Beyond Our Control

Our Service may utilize numerous third party services as part of the functionality of the Service, such as hosting services, analytics providers, communications services, and other vendors; and we may share your information with third parties to the extent explained in this Policy. Additionally, we use third party payment processing services, such that we do not receive any of your sensitive financial information. We have no control over such third parties. Thus, we make no guarantees about, and assume no responsibility for the information, services, or data/privacy practices of third parties, which may differ significantly from our practices described in this Policy. We encourage you to review the privacy practices of such third parties to the extent possible, and we encourage you to use caution in deciding the information you choose to make available on the Service.

Changes To This Policy

UserLeap reserves the right to change this Policy from time to time, with or without notice to you. Any changes to this Privacy Policy will become effective on the “Effective Date” indicated above. If you continue to use the Service after the Effective Date, you consent to the new Policy. UserLeap will always have the latest Policy posted on the Service.

California Privacy Statement

The following provision applies to users in the State of California. We do our best to keep your data accurate and up to date, to the extent that you provide us with the information we need to do so. If your data changes, then you are responsible for notifying us of those changes. Upon request, we will provide you with information about whether we hold, or process on behalf of a third party, any of your personally identifiable information.

We will retain your information for as long as needed to provide you with the Service and may retain your information in anonymized form perpetually for the purpose of improving the Service. We may also retain and use your information in order to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements.

As explained in this Policy, we share your personally identifiable information in order to provide and support our Services.

Privacy Shield

UserLeap will never transfer Data to a third-party without the written permission of the customer. In other words, there is no onward transfer.

Complaints and Inquiries

UserLeap is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC), and individuals have a right to contact the FTC regarding services provided by UserLeap.

If you are an EU or Swiss citizen, and have questions about your personal information that may have been collected in a UserLeap survey, please contact the entity that created or sent you the survey. UserLeap is not responsible for any Data collected and only processes Data as controlled by the customer. If the survey creator is unresponsive with your inquiry, please contact the UserLeap Concierge team.

General inquiries regarding this policy, or any complaints regarding surveys that are unresolved by the survey creator, may be sent to the UserLeap concierge team at privacy@userleap.com. There is no charge for this inquiry.

UserLeap has a team of legal and technical staff to maintain compliance with this policy. For legal inquiries, please contact: legal@userleap.com

Independent Recourse Mechanism: Any disputes are handled by the International Centre for Dispute Resolution (details below). Inquiries are free of charge.

Information Related to Privacy Shield

For details about the Privacy Shield program: https://www.privacyshield.gov/ UserLeap complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. UserLeap has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

The key goals of Privacy Shield are to inform individuals, both EU and Swiss individuals, about: the right of individuals to access their personal data the choices and means your organization offers individuals for limiting the use and disclosure of their personal data the requirement for your organization to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements UserLeap’s Privacy Shield self-certification does not cover human resources data.

In compliance with the Privacy Shield Principles, UserLeap commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact UserLeap at: privacy@userleap.com

UserLeap has further committed to refer unresolved Privacy Shield complaints to the American Arbitration Association (AAA), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the AAA for more information or to file a complaint (contact details below). The services of the AAA are provided at no cost to you.

During the normal provisioning of the UserLeap services, no data are transferred between geographical regions. All data are stored in a specific data center chosen by the customer/controller. If there is a case when personal data are transferred from the EU to the United States, it is solely for the purpose of processing as per instructions from the controller.

UserLeap provides appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alternation, unauthorized disclosure or access, and understands whether onward transfer is allowed.

Because adequate protection is provided by Privacy Shield participants, contracts with Privacy Shield participants for mere processing do not require prior authorization (or such authorization will be granted automatically by the EU Member States), as would be required for contracts with recipients not participating in the Privacy Shield or otherwise not providing adequate protection. UserLeap self-certifies with Privacy Shield. A self-assessment is signed by a company officer or other authorized representative of the organization at least once a year and made available upon request by individuals or in the context of an investigation or a complaint about non-compliance. UserLeap is required to respond promptly to EU or Swiss individual inquiries, and other requests for information from the Department of Commerce relating to its adherence to the Privacy Shield Principles.

Under Privacy Shield, an individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Under Privacy Shield, UserLeap must respond to individual complaints within 45 days. For additional information, visit: https://www.privacyshield.gov/article?id=ANNEX-I-introduction

UserLeap’s Independent Dispute Resolution (IDR) Provider is:

American Arbitration Association

International Centre for Dispute Resolution New York City, New York, USA

www.icdr.org

U.S. Department of Commerce:

https://www.commerce.gov/news/fact-sheets/2016/07/fact-sheet-overview-eu-us-privacy-shield-f ramework

Federal Trade Commission:

https://www.ftc.gov/news-events/press-releases/2016/02/statement-ftc-chairwoman-edith-ramire z-eu-us-privacy-shield-0

Choice

Data subjects have the right to opt out of (a) disclosures of their personal data to third parties not identified at the time of collection or subsequently authorized, and (b) uses of personal data for purposes materially different from those disclosed at the time of collection or subsequently authorized.

Please Reach Out To Us With Any Questions Or Feedback

If you have any questions about this Policy or our Service, please feel free to contact us by email at privacy@userleap.com.