Privacy Shield Policy

Effective Date 1 June, 2020

Whispir Americas, Inc. (Whispir or we) complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (together, Privacy Shield) as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data (also known as personal information), which means data about an identified or identifiable individual recorded in any form, that is received by Whispir in the United States from the European Union (EU), Switzerland or, after December 31, 2020, United Kingdom (UK) in reliance on Privacy Shield.

If this Privacy Shield Policy and data subject rights under the Privacy Shield Principles conflict, then the Privacy Shield Principles shall govern.

With respect to personal data received or transferred pursuant to Privacy Shield, Whispir is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

Please also see the Whispir Privacy Policy for more information about how we process your information. If the Whispir Privacy Policy and this Privacy Shield Policy conflict, then this Privacy Shield Policy controls with respect to the subject matter described below.


DEFINITIONS

In this Whispir Privacy Shield Policy:

  • Authorized Users - EU means any individual who resides in the EU, UK or Switzerland and
    1. receives SMS, email, voice, social media, push notifications and other communications through the Services but does not have a direct relationship with Whispir;
    2. is an employee, consultant, contractor, agent or other representative authorized by our Customer to access and use our Services under our agreement with the Customer; or
    3. who accesses the Sites to learn about our products and services, sign up for an online demo, attend one of our webinars or otherwise access content from our Sites
  • Customer means a legal or natural person who or that accesses or uses the Services pursuant to a reseller, VAR, distributor, channel partner or similar authorized agreement.
  • Services means Whispir’s cloud-based communications workflow platform.
  • Sites means www.whispir.com and its affiliated domains, including whispir.net, whispir.org, whispir.com.au, whispir.co.nz, whispir.co.uk and whs.pr.


SCOPE

Whispir commits to comply with the Privacy Shield Principles with respect to personal data collected from or about Authorized Users – EU. This Whispir Privacy Shield Policy does not apply to personal data transferred under Standard Contractual Clauses or any approved derogation under EU data protection law.


PRIVACY SHIELD PRINCIPLES

If you are an Authorized User – EU, then Whispir commits to processing your personal data in accordance with the Privacy Shield Principles as follows:

1. Notice

The Whispir Privacy Policy notifies individuals covered by this Whispir Privacy Shield Policy about the categories of personal data that Whispir collects and the purposes for collection and use of their personal data. Whispir will only process personal data in ways that are compatible with the purpose for which Whispir collected it or for purposes later authorized.

The types of personal data that Whispir collects depends on how the Sites and/or Services are used.

1.1 We collect the information that you provide to us.

When you use our Services or Sites, we may ask you to provide certain information.

Personal data that Whispir Collects from Authorized Users - EU
Why Whispir Collects the personal data

Business contact details, including:

  • name
  • telephone number(s)
  • email address
  • postal address (current and previous)
  • To complete your subscription for the Services
  • To respond to your correspondence and requests.
  • To obtain your feedback regarding our Sites or Services.
  • To send you information and updates about our Sites or Services that we think will interest you.
  • To confirm a Customer’s identity and associate an Authorized User-EU with a Customer’s account.
  • To monitor and enforce compliance with our Terms of Service, Acceptable Use Policy or other agreement.

Authorized User-EU credentials, including:

  • name
  • email address
  • job title
  • To set up and maintain an account.
  • To confirm identity and age of majority.
  • For customer support and to troubleshoot problems.
  • To customize the experience of our Services and Sites.
  • To communicate with you.
  • To promote our Services and Sites, such as through targeted advertising.
  • To monitor and enforce compliance with our Terms of Service, Acceptable Use Policy or other agreement.
  • To learn how Authorized Users-EU interact with our Sites and Services so that we can improve them and develop new features.

Other personal data that you choose to provide or the relevant Customer provides to us, such as device type, date of birth and gender, driver’s license number and personal interests

  • To confirm identity and age of majority.
  • For customer support for our Services and Sites and to troubleshoot problems.
  • To communicate with you.
  • To monitor and enforce compliance with our Terms of Service, Acceptable Use Policy or other agreement.
  • To learn how Authorized Users-EU interact with our Services and Sites so that we can improve them and develop new features.

Ordering information

  • To complete your purchase of our Services.
  • To register you for a webinar or free trial.

Whispir does not process credit card transactions. Credit card transactions are processed by a third-party credit card processing service.

Information you give us when you fill out our forms or send us emails

  • To respond to your request in the form or email.
  • To learn more about your products or services if you are a prospective or current vendor.
  • To process your application if you apply for a job with us.


1.2 We collect personal data about you

Whispir collects information about you from your use of the Services and Sites. Whispir and its vendors collect this information in order to detect fraud and block fraudsters from disrupting the Services and Sites and as described in the table above.

(a) We automatically collect information about use of the Sites or Services.
We automatically collect certain information about use of the Sites and Services from your computer or mobile device. The information, some of which is personal data includes:

  • Information about how your computer or device interacts with our Sites and Services, including the date, time, search requests and results, webpages accessed and links clicked.
  • Information from and about the communications sent through the Services.
  • IP address, broad geographic location (e.g., country or city-level location which Whispir derives from other data), device type and identification number, browser type, internet service provider, operating system and other technical information.

We use this automatically collected information:

  • To provide our Services.
  • For billing purposes.
  • To better understand how our Sites and Services are used so that we can improve them and develop new features.
  • For our analytics purposes, such as to track usage of our Sites and Services, to measure the number of individuals who use different sections of our Sites and Services, to understand how people find our Sites and to help us make our Sites, Services and marketing more useful.
  • To detect and block fraudulent use of the Sites and Services.
  • To deliver advertising about our Services.

Some of this information is automatically collected using cookies and similar tracking technology. See the OUR USE OF COOKIES AND SIMILAR TRACKING TECHNOLOGY section in the Whispir Privacy Policy.

(b) We collect information about use of our Apps

When you download, access or otherwise use our mobile applications (“Apps”), the information that we collect depends on your operating system and permissions. Our Apps need to use certain features and data from your mobile device in order to function. For example, we automatically collect usage statistics and crash logs to help us identify and fix problems.

To learn more about the specific information collected by our Apps, please check your device settings or review the information available on the particular platform from which you downloaded an App, such as in Google Play or the App Store. Our Apps also allow you to check or change your status for certain data collection in the preferences or settings. If you change your settings, certain features may be unavailable or not function properly. To stop collection of all information through an App, please uninstall the App.

1.1 We collect information from third party sources

From time to time, we may receive personal data about you from third-party sources, which include:

  • A Customer or reseller that may provide us with your business contact information in connection with use of our Services.
  • From trade show operators, such as when we receive a list of attendees.
  • Marketing services vendors that help us identify individuals who may be interested in learning more about our Services and to supplement personal data we already have, such as when we acquire a contact list from data aggregators.
  • From publicly available sources so that we can better understand our customer base.
  • If you apply for a job or other position with us, from recruitment agencies.

All personal data is collected to operate, manage and improve the Sites and Services and ensure the technical functionality and security of the Sites and Services as well as for the reasons set forth in the Whispir Privacy Policy. Before Whispir uses personal data for a purpose that is materially different from the purpose for which Whispir collected it or that was later authorized, Whispir will provide you with the opportunity to opt out.

PLEASE SEE THE WHISPIR PRIVACY POLICY FOR MORE INFORMATION.

2. Choice

Whispir will obtain your opt-in consent whenever Privacy Shield requires, including if we disclose personal data to third parties or before personal data is used for a different purpose than the purpose for which it was collected or later authorized by you.

Please send requests to limit the uses or disclosures of personal data to privacy@whispir.com (with “Privacy Shield” in the subject line).

3. Accountability for Onward Transfer

Whispir may share personal data collected through the Sites and Services to the following categories of recipients:

  • Network operators (e.g., telecommunication providers) for security, spam and fraud protection or to provide telecommunications network access;
  • Other vendors that help us provide the Services and Sites, such as payment card processors, auditors, data security services and cloud services providers;
  • Resellers with which Whispir may share order information, business contact information and other information that a reseller may require to help you access the Services;
  • Marketing vendors that help us target individuals who may be interested in learning more about the Services and who help us supplement personal data that we already have about you;
  • Our Customer through which you access the Services;
  • Our professional advisors, including our accountants, auditors and lawyers;
  • Competent law enforcement, government regulators, courts or other third parties when we believe disclosure is necessary (i) as a matter of law, (ii) to exercise, establish or defend our legal rights or (iii) to protect the vital interests of any person;
  • Potential acquirers and their professional advisers in connection with any proposed purchase, merger or acquisition of all or any part of our business. We will inform the buyer that the terms of this Privacy Shield Policy and our Privacy Policy apply to personal data; and
  • Any other person with consent to the disclosure.

PLEASE SEE THE WHISPIR PRIVACY POLICY FOR MORE INFORMATION.

If Whispir transfers personal data covered by this Whispir Privacy Shield Policy to a third party, Whispir takes reasonable and appropriate steps to ensure that each third party transferee processes personal data transferred in a manner consistent with Whispir’s obligations under the Privacy Shield Principles. Whispir will ensure that each transfer is consistent with any notice provided to you and any consent you have given. Whispir requires a written contract with any third party receiving personal data that ensures that the third party (i) processes the personal data for limited and specified purposes consistent with any consent you provided, (ii) provides at least the same level of protection as is required by the Privacy Shield Principles, (iii) notifies Whispir if it cannot comply with Privacy Shield; and (iv) ceases processing personal data or takes other reasonable and appropriate steps to remediate.

Under certain circumstances, Whispir may be required to disclose personal data in response to valid requests by public authorities, including for national security or law enforcement requirements.

Whispir remains liable under the Privacy Shield Principles if an agent processes personal data covered by this Whispir Privacy Shield Policy in a manner inconsistent with the Privacy Shield Principles unless Whispir is not responsible for the event giving rise to the damage.

4. Security

Whispir takes appropriate measures to protect personal data covered by this Whispir Privacy Shield Policy from loss, misuse and unauthorized access, disclosure, alteration, unavailability and destruction. In determining these measures, Whispir takes into account the risks involved in the processing and the nature of the personal data.

5. Data Integrity and Purpose Limitation

Whispir takes reasonable steps to ensure that such personal data is reliable for its intended use, accurate, complete and current. Whispir adheres to the Privacy Shield Principles for as long as it retains personal data in identifiable form. Whispir takes reasonable and appropriate measures to comply with the requirement under Privacy Shield to retain personal data in identifiable form only for as long as it serves a purpose of processing.

Whispir limits the collection of personal data covered by this Whispir Privacy Shield Policy to information that is relevant for processing. Whispir does not process personal data in a way that is incompatible with the purpose for which it was collected or subsequently authorized.

6. Access

You have the right to access your personal data and to correct, amend, limit use of or delete the personal data if the personal data is inaccurate or processed in violation of the Privacy Shield Principles. Whispir is not required to grant the rights to access, correct, amend and delete personal data if the burden or expense of providing access, correction, amendment or deletion is disproportionate to the risks to your privacy or if the rights of persons are or could be violated.

You may request access to the personal data that we hold about you and/or or to correct, amend, limit use of or delete your personal data by contacting us at privacy@whispir.com (with “Privacy Shield” in the subject line). We will respond to all requests within a reasonable time, and in accordance with applicable legal requirements.

7. Recourse, Enforcement, and Liability

In compliance with the Privacy Shield Principles, Whispir commits to resolve complaints about your privacy and our collection or use of your personal data transferred to the United States pursuant to Privacy Shield. European Union and Swiss or UK, individuals with Privacy Shield inquiries or complaints should first contact Whispir at privacy@whispir.com (with “Privacy Shield” in the subject line).

Whispir has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the JAMS EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Frameworks Dispute Resolution operated by JAMS. If you do not receive timely acknowledgment of your complaint or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information and to file a complaint. This independent dispute resolution mechanism is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Whispir commits to periodically review and verify its compliance with the Privacy Shield Principles and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. Whispir acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.

CHANGES TO THIS WHISPIR PRIVACY SHIELD POLICY

Whispir may amend this Whispir Privacy Shield Policy consistent with the requirements of Privacy Shield, including notice about any amendment.

HOW TO CONTACT WHISPIR

If you are an Authorized User – EU and have questions about this Whispir Privacy Shield Policy or would like to request access to your personal data, please contact us as follows:

Whispir Americas, Inc.
1201 3rd Avenue, Ste 2200,
Seattle, Washington 98107, USA
Attention: Privacy Shield
Email: privacy@whispir.com (with “Privacy Shield” in the subject line)