Effective May 30, 2018
What this policy covers
- What information we collect about you
- How we use the information we collect about you
- How we store and secure information we collect
- How to access and control your information
- How we transfer information we collect internationally
- Other important privacy information
What information we collect about you
While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include, but is not limited to your name (“Personal Information”).
Information you provide to us
We collect information about you when you input it into the Site, Services or otherwise provide it directly to us.
Account and Profile Information: We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up or make changes to Services. For example, you provide your contact information, billing information, and carrier information when you register for certain Services. We keep track of your preferences when you select settings within your account profile.
Content you provide through our products: The Services include the Share a Refund products you use, where we collect and store content that you post, send, receive and share.
Content you provide through our websites: The Services also include our websites owned or operated by us.
Information you provide through our support channels: The Services also include our customer support, where you may choose to share information about a problem you are experiencing with a service. When you engage with our support team or staff, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation that would be helpful in resolving the issue.
Payment Information: We collect certain payment and billing information when you create an account and signup for our Services. You might also provide payment information, such as payment card details, which we collect via secure payment processing services.
Information we collect automatically when you use the Services
We collect information about you when you use our Services, including browsing our websites.
Your use of the Services: We keep track of certain information when you use any of our Services. This information includes the shipping information shared with Site to perform its operations.
Device and Connection Information: Like many site operators, we collect information that your browser sends whenever you visit our Site (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
Cookies and Other Tracking Technologies: Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive. Like many sites, we use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.
Information we receive from other sources
We receive information about you from other Service users, from third-party services.
Other users of the Services: Other users of our Services may provide information about you. For example an administrator may provide your contact information when they assign you as the admin on your company’s account.
Share a Refund Partners: We work with a variety of Resellers and Affiliates. We receive information from these partners, such as billing information, billing and admin contact information, and company name.
How we use information we collect
Below are the specific purposes for which we use the information we collect about you.
To provide the Services: Our Site and software will make use of information about your shipping activities, such as data about packages and data from your carrier invoices to provide the Services.
For research and troubleshooting: We use feedback provided directly to us to troubleshoot and to identify ways to improve the Services. We also test new features with some users before rolling the feature out to all users.
To communicate with you about the Services: We use your contact information to send transactional communications including confirming payments, sending invoices, reminding you due dates, providing customer support, and sending you technical updates. We also send you onboarding communications. These communications are part of the Services and, in most situations, you cannot opt out of them. If an opt out is available, you will find the unsubscribe option within the email.
To market, promote and drive engagement with the Services: We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email and by displaying Share a Refund ads on other companies’ websites and applications, as well as on platforms like Facebook and Google.
For customer support: We use your information to resolve technical issues and improve the Services.
For safety and security: We use information to verify accounts, to monitor suspicious account activity and to identify violations of Service policies.
With your consent: We use information about you where you have given us consent to do so. For example, we may share product testimonials or publish case studies to promote our Site and Services. These always require your permission.
Legal bases for processing (for EEA users): If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. If you have consented to us using your information, you can revoke that consent at any time and for any reason. There are times we need to process your data for legal obligations.
How we share information we collect
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties, like Stripe, who assist us in operating our services.
Sharing information with third-party services
We share information with third parties that help us operate and market our Services.
Service Providers: We work with third-party service providers to provide website and application hosting, maintenance, payment processing, and other services for us, which may require them to use information about you. If a service provider needs to access billing or other information about you to perform services on our behalf, they do so under our strict instruction.
How we store and secure information we collect
Information storage and security
Services are managed within Amazon Web Services (AWS). All credit card numbers are encrypted and stored within Stripe using AES-256 encryption. Stripe is certified to PCI Service Provider Level 1, the highest level of certification available. All information managed by Stripe is protected within the Stripe privacy and security policies and adheres to federal regulations.
While we implement safeguards specifically architected to protect your information, no security system is impenetrable and we cannot guarantee that your data is absolutely safe from attacks.
How long we keep information
Account information: We hold your account information while your account is active and up to six months thereafter in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, to support business operations or to resolve disputes.
Information you share on the Services: If your account is deleted, some of your information and the content you have provided will remain in order to allow your team members or other users to make full use of the Services.
Marketing information: If you have chosen to receive marketing emails from us, we retain information about your preferences. We keep information gathered from cookies and other tracking technologies for a reasonable period of time from the date the information was originally created.
How to access and control your information
It’s important to know how to access and control your information. Here are the choices available to you.
Managing your information
You have the right to ask that we stop using your information (including for marketing purposes), to request the deletion of your information, or to request your information in a structured, electronic format. The process for making these requests is outlined in detail below.
Your request may be restricted. For example, if fulfilling your request would reveal information about another person or if you ask to delete information which we are permitted to keep by law. If you have unresolved concerns, you may have the right to speak to a data protection authority in the where you feel your rights were infringed.
Update your information: You can update your profile information within your account settings.
Delete your account: If you no longer wish to use our Services, you or your administrator can delete your Services account. You may also contact Share a Refund support (firstname.lastname@example.org) to request your account be deleted.
Delete your information: Our Services give you the ability to delete certain information about you from within the Service. For example, you can remove certain profile and billing information within your account settings. However, may need to keep specific information for record keeping purposes, to complete transactions or to fulfill legal obligations.
Request that we stop using your information: You may request that we stop accessing, storing, using and otherwise processing your information where you believe we don’t have the appropriate rights to do so. For example, if you believe an account was created for you without your permission or you are no longer an active user, you can ask to delete your account as provided in this policy. If you object to information about you being shared with a third-party integration, please disable the integration or contact your administrator to do so.
Opt out of email communications: You can opt out of receiving marketing email communications at anytime. You can do this by selecting the unsubscribe link listed in each email, or by contacting us directly with your request. Even after you opt out from receiving marketing emails, you will still see transactional messages from us regarding payment, receipt and weekly digests of data.
How we share information we collect globally
International transfers of data and information we collect
We gather information worldwide and primarily store that information in the United States. We transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers operate. Share a Refund holds security to the highest regards and has strict security policies.
International transfers within Share a Refund: To continue our global operations, we transfer information to the United States and allow access to that information from countries in which Share a Refund has operations for the reasons described in this policy. These countries may not have equivalent privacy and data protection laws to the laws of many of the countries where our customers and users are based.
Other important privacy information
Notice to End Users
Our services are used by organizations. Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services and is responsible for the accounts over which it manages. If this is the case, please direct your privacy questions to your administrator. We do not manage the privacy practices of an administrator’s organization, which may differ from this policy.
Even if the Services are not currently administered to you by an organization, if you use an email address provided by an organization, like your work email address, to access the Site, then the owner of the domain associated with your email address may place administrative control over your account. You will be notified if this happens. If you do not want an administrator to be able to have control over your account, use your personal email address to register for or access the Services.
Please contact your organization for more information.
California Online Privacy Protection Act Compliance
Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.
Our policy towards children
We are in compliance with the requirements of EU’s General Data Protection Regulation (“GDPR”) and the Childrens Online Privacy Protection Act Compliance (“COPPA”). Our website, products and services are all directed to people who are at least 16 years old or older.