Updated: August 5th, 2020
What Information does Spiro collect?
Information You Provide:
By downloading and enabling the Service, or by using the Service in your web browser, you are authorizing Spiro to access and store all of the foregoing types of Information:
- Information you submit as part of the registration process such as your name, email address and phone number.
- Information you elect to submit to any areas of the Service that are accessible by other Service users within your organization (“User Submissions”).
- Information that Spiro may obtain from third-party services (both Personal and Enterprise Information, such as CRM data, files, email/calendar information, and contacts) that Spiro requires for the operation of the Service.
You acknowledge and agree that you will not (i) provide us with any information that you do not have the right to provide, or (ii) share, via the Service, any information you do not have the right to share (such as information that is confidential to any third party and that you are not authorized to share with your intended recipients).
You further acknowledge that Spiro will be acting as the Data Processor as defined and governed by the European Union’s General Data Protection Regulation also known as GDPR.
If you register for a paid subscription to the Service, then you may be required to provide a valid credit card number and associated information needed to charge the card, which will be collected and used by our payment processor, not Spiro.
Information You Authorize Us to Collect:
Certain features of the Service may allow you to import information from third party services (“Third Party Services”). By requesting that Spiro import such information – you authorize Spiro to use your Third Party Service username and password to access the applicable Third Party Service Account. This authentication process is managed by the applicable Third Party Service provider. Spiro will not use your Third Party Service account credentials for any other purpose.
Spiro’s use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
Automatically Collected Information:
We may automatically receive and store certain, anonymous types of information whenever you interact with the Service. Such information may include the your IP address, domain server, and type of Internet browser. This information helps us, among other things, analyze trends and administer the Service. This information is anonymous and contains no personally identifiable data.
How does Spiro use the information it collects?
Spiro uses your Information as follows:
- To operate and maintain the Service (such as, for the purposes of fixing malfunctions, testing our security systems, etc.).
- To provide you with the features, functions and benefits of the Service.
- To enhance, improve and further develop the Service (such as, creating new features or functions, refining the user experience, increasing Service technical performance, etc.).
- We will use your contact information to provide you with notices related to your use of the Service.
- We will use your contact information (such as, your email address) to provide you with promotional and marketing emails. You can opt-out of receiving certain types of promotional and marketing emails – but in such case you may not receive the full benefit of the Service.
- Our payment processor will use your credit card information to process charges in accordance with your paid subscription to the Service.
- To help personalize the Service experience for you (such as, remembering your information so you will not have to enter it each time you use the Service).
- And for the other purposes referenced in the “Will Spiro Share Any of the Information it Receives” section below (such as, for the purposes of legal compliance).
Will Spiro Share Any of the Information it Receives?
To the limited extent we collect Information – we neither rent nor sell your Information to anyone. We share your Information only as described below.
Within Your Organization:
As mentioned above – certain of your Enterprise Information may be shared internally with other members of your organization.
We employ other companies and people to perform tasks on our behalf. Your information may be accessed by these partners/employees, in the event that we need to share your Information with them to provide our services or customer support to you. Unless we tell you differently, Spiro’s agents do not have any right to use Information we share with them beyond what is necessary to assist us.
In some cases, we may choose to buy or sell assets. In these types of transactions, customer information is typically one of the business assets that are transferred. Moreover, if Spiro, or substantially all of its assets were acquired, or in the unlikely event that Spiro goes out of business or enters bankruptcy, customer information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Spiro (or any acquirer of Spiro’s assets related to the Service) may continue to use your Information as set forth in this policy. If personal data is part of an onward transfer as part of a business transaction, Spiro is not liable for how your personal information is handled by the acquiring company.
Protection of Spiro and Others:
We may release Information when we believe in good faith that release is necessary to comply with the law; enforce or apply our Terms of Service and other agreements; or protect the rights, property, or safety of Spiro, our employees, our users, or others.
With Your Consent:
There are no other instances where Spiro will share your personal information with third parties without your consent. Except as set forth above, you will be notified when your Information may be shared with third parties, and will be able to prevent the sharing of this information. If you wish to prevent the sharing of your personal information with a third party, please send an email to firstname.lastname@example.org.
What You can Do to Your Personal Information.
Accessing your information:
You have the right to access any of your personal data stored by Spiro. You can access your personal information by logging into your Spiro account on the web or via the mobile app.
Deleting your account:
You can delete your account by sending an email to email@example.com. When you request us to delete your account for the Service, your data will be permanently deleted from our servers and access to your account will be disabled. For clarity, the Service and your account will not be terminated simply by deleting our mobile application from your device.
Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to ask us for a notice that, with respect to the immediately preceding calendar year, identifies the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, including contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please mail a written request to the Spiro (contact info below).
What about third-party services Spiro connects to?
Spiro links to other services, such as Zapier. Spiro does not access any information from these third-party services without your authorization. Except for Microsoft Exchange connectivity, the authentication process for 3rd party services is entirely managed by the third party. Spiro never sees or stores your password to these services. In the case of Microsoft Exchange, Spiro stores an encrypted version of your password which is never accessible in its original form, even to Spiro personnel.
How We Protect Your Information
Spiro takes certain precautions to protect your Information and to limit the risk that it will be accessed without authorization, including use of certain industry standard technologies and practices. That said, we cannot guarantee the security of such Information. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time. No security system is perfect – so your use of the Service is at your own risk.
If we learn of a security systems breach, then we may attempt to notify you via email, phone, physical mail, or by a posting on your Service account page – so that you can take appropriate protective steps. Pursuant to our Terms of Service you have consented to receive such notice by electronic means (provided that such consent is void where prohibited by applicable law). To receive a free written notice of a security breach, or if you have any questions about the security of the Service, please contact us at firstname.lastname@example.org.
Privacy Shield Policy
Spiro commits to subject to the Privacy Shields’ Principles all Personal Data received by Spiro in the U.S. from European Union member countries, United Kingdom, and Switzerland in reliance on the respective Privacy Shield framework.
Full details on the EU-US Privacy Shield Principals can found here: privacyshield.gov
Spiro’s participation in the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework is subject to investigation and enforcement by the Federal Trade Commission.
In compliance with the Privacy Shield Principles, Spiro commits to resolve complaints about your privacy and our collection or use of your Personal Data. Data Subjects with inquiries or complaints regarding this Privacy Shield Policy should first contact Spiro at: email@example.com.
Spiro has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to an independent dispute resolution mechanism, the EU data protection authorities (DPAs) under the EU-U.S. Privacy Shield Framework.
Under certain conditions detailed in the Privacy Shield, Data Subjects may be able to invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission.
Spiro agrees to periodically review and verify its compliance with the Privacy Shield Principles, and to remedy any issues arising out of failure to comply with the Privacy Shield Principles. Spiro acknowledges that its failure to provide an annual self-certification to the U.S. Department of Commerce will remove it from the Department’s list of Privacy Shield participants.
If you have any questions or concerns regarding our privacy practices, please send us a detailed message to firstname.lastname@example.org or: Spiro Technologies Inc., 334 Boylston St, Boston, MA 02116.