Last Updated: May 10th, 2019
Paper Interactive, Inc. ("Athennian", "we" or "us") offers legal entity management and governance software, and hosts and attends events globally. We also own and operate several websites (e.g. athennian.com and secure.athennian.com) (individually, "Website" and collectively the "Websites"). This privacy notice aims to inform you about how we collect, use, disclose and store information about you when you:
- Interact with or use our Websites, including downloading materials from our resources page or requesting a demo,
- Register for and/or attend any of our events, webinars, or the conferences we attend (collectively "Events"), and
- If you use any of our products, services or applications (including any trial) (collectively the "Services") in any manner.
1. Definitions
Information we Collect: We do not ask you for personal information unless we truly need it. We collect personal information necessary to provide, you with a secure, fast and efficient online legal entity management platform. In order to do so, Athennian must collect information to identify users, and to allow our users to identify each other.
Information You Provide to Us
- From Websites or Events: We may collect any Personal Information that you choose to send to us or provide to us, for example, on our "Request a Demo" (or similar) online form or if you register for an Athennian webinar. If you contact us through the Websites, we will keep a record of our correspondence.
- From the Services: We receive and store information you provide directly to us. For example, when setting up new users, we collect Personal Information, such as name and e-mail address, to provide them with the Services. The types of information we may collect directly from our customers and their users include: names, usernames, email addresses, postal addresses, phone numbers, job titles, stock transactional and ownership information, directorships, officerships, passport numbers, birth dates as well as any other contact or other information they choose to provide us or upload to our systems in connection with the Services.
Information We Automatically Collect:
- When you use the Websites: When you visit the Websites, we collect certain information related to your device, such as your device's Internet Protocol ("IP") address, referring website, what pages your device visited, and the time that your device visited our Website.
- When you use the Services
- Usage information - we keep track of user activity in relation to the types of Services our customers and their users use, the configuration of their computers, and performance metrics related to their use of the Services.
- Log information - we log information about our customers and their users when you use one of the Services including IP address.
- Information collected by cookies and other similar technologies - we use various technologies to collect information which may include saving cookies to users' computers.
- Customer Feedback - While using the Services, you may be asked to provide feedback (e.g. in the software directly or after receiving help from our support team). Providing this feedback is entirely optional.
For further information, please read the section below headed "Cookies and other Tracking Technologies".
2. How do we use the information?
Websites or Events: We will use the information we collect via our Websites:
- To administer our Websites, our events and for internal operations, including troubleshooting, data analysis, testing, statistical and survey purposes;
- To improve our Websites to ensure that content is presented in the most effective manner for you and for your computer;
- For trend monitoring, marketing and advertising;
- For purposes made clear to you at the time you submit your information - for example, to fulfill your request for a demo, to provide you with access to one of our webinars or whitepapers or to provide you with information you have requested about our Services; and
- As part of our efforts to keep our Websites secure.
Our use of your Personal Information may be based on our legitimate interest to ensure network and information security, and for our direct marketing purposes, or you consenting to it (e.g. when you request a demo).
Services: We may use the information we collect from our customers and their users in connection with the Services we provide for a range of reasons, including to:
- Set up a user account;
- Provide, operate and maintain the Services;
- Process and complete transactions, and send related information, including transaction confirmations and invoices;
- Manage our customers ' use of the Services, respond to enquiries and comments and provide customer service and support;
- Send customers technical alerts, updates, security notifications, and administrative communications;
- Investigate and prevent fraudulent activities, unauthorized access to the Services, and other illegal activities; and
- For any other purposes about which we notify customers and users.
We use your Personal Information in this context based on the contract that we have in place with you or our legitimate interest for security purposes (e.g. the prevention and investigation of fraudulent activities). Personal Information will be deleted based on the terms of the contract.
3. How do we share and disclose information to third parties?
We do not rent or sell your Personal Information to anyone. We may share and disclose information (including Personal Information) about our customers in the following limited circumstances:
We do not rent or sell your Personal Information to anyone. We may share and disclose information (including Personal Information) about our customers in the following limited circumstances:
Vendors, consultants and other service providers: We may share your information with third party vendors, consultants and other service providers who we employ to perform tasks on our behalf. These companies include (for example) our payment processing providers, website analytics companies (e.g., Google Analytics), product feedback or help desk software providers (e.g. ZenDesk), CRM service providers (e.g., Salesforce), email service providers (e.g., Sendgrid) and others.
If Athennian receives your Personal Information in the United States and subsequently transfers that information to a third party agent or service provider for processing, Athennian remains responsible for ensuring that such third party agent or service provider processes your Personal Information to the standard required by our Privacy Shield commitments (see the sections below headed "Additional Information for Users in the European Economic Area ("EEA")" and "International Data Transfers").
Business Transfers: We may choose to buy or sell assets, and may share and/or transfer customer information in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information could be one of the assets transferred to or acquired by a third party.
Athennian Group Companies: We may also share your Personal Information with our parent companies, subsidiaries and/or affiliates for purposes consistent with this Privacy Notice.
Protection of Athennian and Others: We reserve the right to access, read, preserve, and disclose any information as necessary to comply with law or court order; enforce or apply our agreements with you and other agreements; or protect the rights, property, or safety of Athennian, our employees, our users, or others.
Disclosures for National Security or Law Enforcement: Under certain circumstances, we may be required to disclose your Personal Information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
Security: We use appropriate technical, organizational and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration or destruction.
4. Cookies and Other Tracking Technologies
A cookie is a small piece of data (text file) that a website - when visited by a user - asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first party cookies. Depending on which of our Websites you are visiting, we may also use third party cookies - which are cookies from a domain different than the domain of the website you are visiting - for our advertising and marketing efforts, as well as to understand your browsing of the Website (for example, which page you visit or how long you stay on each page).
More specifically, we use cookies and other tracking technologies for the following purposes:
- Assisting you in navigation
- Assisting in registration to our events, login, and your ability to provide feedback
- Analyzing your use of our products, services or applications
- Assisting with our promotional and marketing efforts (including behavioral advertising)
Below is a detailed list of the cookies we use on our Websites. Our Websites are scanned with our cookie scanning tool regularly to maintain a list as accurate as possible. We classify cookies in the following categories:
- Strictly Necessary Cookies
- Performance Cookies
- Functional Cookies
- Targeting Cookies
You can opt-out of each cookie category (except strictly necessary cookies) by clicking on the "cookie settings" button at the bottom of the page or in the applicable Website's Cookie Notice. While this Privacy Notice covers all Websites, Services and Events, each cookie notice you will find on one of our Websites applies to that Website only and also does not apply to our Services.
Google Analytics: On some of our Websites, we also may utilize Google Analytics, a web analysis service provided by Google, to better understand your use of the Website and Services. Google Analytics collects information such as how often users visit the Websites, what pages they visit and what other sites they used prior to visiting. Google uses the data collected to track and examine the use of the Websites, to prepare reports on its activities and share them with other Google services. Google may use the data collected on the Websites to contextualize and personalize the ads of its own advertising network. Google's ability to use and share information collected by Google Analytics about your visits to the Websites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. Google offers an opt-out mechanism for the web available here.
Please consult the applicable Website Cookie Notice for more information about the type of cookies and tracking technologies that we use on the Website and why, and how to accept or reject them.
5. Your Privacy Rights
What choices do I have? You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features.
Cookies: You can accept or reject cookies for our Websites through our Cookie Preference Centre, accessible by clicking the "cookie settings" button in the applicable Website Cookie Notice. You can also do so by adjusting your web browser controls. Please consult the Website Cookie Notice for more information about our use of cookies on the Website and how to accept or reject them.
Marketing Communications: You can opt-out of receiving certain promotional or marketing communications from us at any time, by using the unsubscribe link in the emails communications we send, or click the "Exercise your Rights" link available on the top left of our Privacy Notice, or fill out this Web Form directly. If you have any account for our Services, we will still send you non-promotional communications, like service related emails.
How Can I Exercise My Data Subject Rights? If you would like to access, review, update, rectify, and delete any Personal Information we hold about you, or exercise any other data subject right available to you under the EU General Data Protection Regulation (GDPR), you can either click the "Exercise your Rights" link available on the top left of our Privacy Notice, or fill out this Web Form directly. Our privacy team will examine your request and respond to you as quickly as possible.
Please note that we may still use any aggregated and de-identified Personal Information that does not identify any individual, and we may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to: privacy@athennian.com
If you are a resident of the European Economic Area, please see the section below headed "Additional Information for users in the European Economic Area" for further information about your privacy rights.
International Data Transfers: Personal Information you submit on the Websites or through the Services may be sent to the United States and processed by us there or in other countries, on our service providers' cloud servers. We will always protect your information in accordance with this Privacy Notice wherever it is processed. Athennian is hosted on Amazon Web Services data centres in Canada, the U.S. and elsewhere. You may choose to purchase data residency guarantees from us to ensure that your data is hosted in the E.U., Canada or other regions.
6. Data Collection and Processing Map
In compliance with GDPR requirements, please access our Data Collection and Processing Map here.
7. Data Storage Jurisdiction Adequacy
All of Athennian's servers and processing occurs on AWS Servers in the Canada region. In 2001, the EU recognized Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) as providing adequate protection. Canada's adequacy status ensures that data processed in accordance with the GDPR can be subsequently transferred from the EU to Canada without requiring additional data protection safeguards (for example, standard contractual rules) or authorization to transfer the data.
For more information, please visit the below links:
8. Contact Information
For more information, please contact the below:
Shamir Charania
Data Privacy Officer (DPO)
Paper Interactive, Inc.
privacy@athennian.com
END OF PRIVACY POLICY