Privacy Policy & Cookies
Privacy Policy
CircleUp Education, and its affiliated entities (collectively, the foregoing entities are referred to as “CircleUp”, “we” or “us” in this Privacy Policy) and is committed to protecting your privacy. The purpose of this Privacy Policy is to inform you about the types of information we gather about you, how we may use and share that information, specific use controls, and how we safeguard the information. The Privacy Policy applies to information collected through our website www.circleuped.org, e-commerce activities, social media, catalog, services booking web platforms, and retail (collectively, the “Site”). The CircleUp Terms of Use and Terms of Service are incorporated by reference into this Privacy Policy.
Information You Provide to Us
We collect information about you directly from you and from third parties, as well as automatically through your use of our Site. CircleUp has implemented technical and organizational measures with respect to processing personal information from European Union individuals for purposes of the EU General Data Protection Regulation (“GDPR”). Upon request, we will provide you with information as to whether and what personal data we store in relation to you. Should your personal data be incorrect, you may request to have it rectified. You may also revoke your consent to use your personal data in the future, in whole or in part, or request the deletion of your personal data.
When you provide us with information through this Site, we may collect various information including your name‚ email address‚ mailing address‚ shipping address‚ phone number and payment and billing information. In addition, we may collect the information you provide us through various social media services, sweepstakes, contests, or joint promotions with partners.
There may also be times where you provide us with information in the course of our marketing or customer service activities, such as using our customer service help desk, submitting a testimonial, or rating, or providing product or service feedback.
In addition, we may also collect non-personally identifiable information, such as IP addresses (which identify your device), pages viewed, computer type, screen resolution, operating system version, Internet browser type and version, information collected through cookies, pixel tags, web beacons, and other technologies, and other data (“Non-Personal Information”). Because Non-Personal Information does not personally identify you, we may collect, use, and disclose Non-Personal Information for any purpose. Non-Personal Information will be retained only for so long as to fulfill a legitimate business need.
We may aggregate Personal Information so that the aggregated information does not personally identify you or anyone else, such as by using Personal Information to calculate the percentage of our customers who live in a particular area (“Aggregate Information”). In some instances, we may combine Non-Personal Information with Personal Information (such as combining your name with your geographical location). If we combine any Non-Personal Information with Personal Information, the combined information will be treated by us as Personal Information as long as it is combined, and may aggregate any information collected in a manner which does not identify any individual.
We do not collect any types of Sensitive Data from our users. Sensitive Data includes any personally identifiable information pertaining to: race or ethnic origin, political opinions, religious or philosophical beliefs, trade union memberships, genetic or biometric data, health or mortality, and sex life or sexual orientation. Please immediately notify us if you have accidentally submitted any Sensitive Data and we shall promptly remove such information
Information from Other Sources
In order to improve our products, services, or marketing efforts, we may collect information about you from third party sources. The information may include demographic information, psychographic information, and geographic location-based information. These third-party sources may include public record databases‚ marketing data providers‚ data sharing cooperatives‚ and others.
We may use automated devices and applications, such as Google Analytics, to evaluate usage of our Site. We also may use other analytic means to evaluate our Site. We use these tools to help us improve our Services, performance, and user experiences. These entities may use cookies and other tracking technologies to perform their services. We do not share your personal information with these third parties
Automatically Collected Information
When you visit our website or retail store, read our emails or interact with our marketing partners, we may collect certain types of technology-specific information from you. This information will help us optimize your visit, merchandise our products, and track the performance of our marketing efforts.
Existence of Automated Decision-Making
We may use automated decision-making processes to personalize the Site to enhance your shopping and consumer experience (for example, by recommending certain products to you) or, if you have opted into receiving promotional material from us, to send you personalized promotional emails. We do not believe any of these automated decision-making processes will produce legal effects concerning our users or similarly significantly affects our users.
Use of Your Information
CircleUp will primarily use your information to provide our products and services and to complete core business functions such as authentication, order fulfillment‚ internal business processes‚ marketing‚ loss and fraud prevention‚ and legal functions. Here are some of the ways we use your information:
In order to use our online educational services, you must register an account. Accounts require, at minimum, name, email address, payment information, phone number, address, and any other information required in the Terms of Use. If you believe that an unauthorized profile has been created about you, you can request for it to be removed by contacting us at solutions@circleduped.org.
Fulfill your product orders; Respond to your requests for information, including regular email communications through newsletters or promotions; Complete your account registration; Administer marketing promotions through advertising, sweepstakes, and contests; Combine information we collect with third-party information to better understand our customers, and conduct more relevant marketing or advertising; Conduct market research through surveys, analytics or other interactions; Provide customer service and alert you to product information‚ including potential recalls; Help us improve our products or services; Protect the security or integrity of our business.
We use Personal Information to process and fulfill any orders that you have placed, contact you about our products and services, send you our catalog or related advertisements, personalize your experience with us including by presenting products or offers tailored to you, and allow you to use, communicate and interact with others on our Site, including our product reviews.
How We Share Your Information
We may share your information, including personal information, as follows:
-
Service Providers. We will not sell, trade, or rent your Personal Information to others. However, we do provide some of our services through contractual arrangements made with affiliates, service providers, partners, and other third parties ("Service Providers"). Our Service Providers include Copper, Square, Zapier, Pandadoc, and Mailchimp. Copper is a customer relationship management software (CRM) that is used to collect and store your personal information and share it with other applications, databases, and software mentioned in this section to allow us to provide a better customer experience for you. Square is used to process all payments and will collect your applicable payment, billing, and shipping information. Zapier to transfer your Personal Information from one of our applications, databases, or software to another. Pandadoc is used to create proposals for users who have registered an account for our online training services. We use Mailchimp to process and send out all emails to our users. Mailchimp will store your names and email addresses as well in their database, in accordance with their privacy policy. We and our Service Partners may need to use some personal information in order to perform tasks between our App or to deliver services to you.
We may also share information in the following circumstances:
-
Business Transfers. If we are acquired by or merged with another company, if substantially all of our assets are transferred to another company, or as part of a bankruptcy proceeding, we may transfer the information we have collected from you to the other company.
-
In Response to Legal Process. We also may disclose the information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
-
To Protect Us and Others. We also may disclose the information we collect from you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Use, Terms of Service or this Privacy Policy, or as evidence in litigation in which we are involved.
-
Aggregate and De-Identified Information. We may share aggregate or de-identified information about users with third parties for marketing, advertising, research, or similar purposes.
We may also disclose information about you that is not personally identifiable. For example, we may provide merchants, business partners, or other third parties with reports that contain aggregated and statistical data about our users.
CAN-SPAM Act and Opting Out of Emails
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. We collect your email address in order to:
-
Send information, respond to inquiries, and/or other requests or questions.
-
We may also send you additional information related to your membership.
-
to our mailing list or continue to send emails to our clients after an account has been created.
-
Market to our mailing list or continue to send emails to our clients after an account has been created.
To be in accordance with CANSPAM we agree to the following:
-
NOT use false, or misleading subjects or email addresses
-
Identify the message as an advertisement in some reasonable way
-
Include the physical address of our business or site headquarters
-
Monitor third party email marketing services for compliance.
-
Honor opt-out/unsubscribe requests quickly
-
Allow users to unsubscribe by using the link at the bottom of each email
Cookies
Cookies
CircleUp uses cookies and other tracking mechanisms to track information about your use of our Site. We may combine this information with other personal information we collect from you.
Cookies. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Site, while others are used to enable a faster check out process or to allow us to track your activities at our Site. There are two types of cookies we use: session and persistent cookies.
-
Session Cookies. Session cookies exist only during an online session. They disappear from your computer when you close your browser or turn off your computer. We use session cookies to allow our systems to uniquely identify you during a session or while you are logged into the Site. This allows us to process your online transactions and requests and verify your identity after you have logged in, as you move through our Site.
-
Persistent Cookies. Persistent cookies remain on your computer after you have closed your browser or turned off your computer. We use persistent cookies to track aggregate and statistical information about user activity.
-
Disabling Cookies. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Site who disable cookies will be able to browse certain areas of the Site, but some features may not function.
Clear GIFs, pixel tags, and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs, including Google Analytics, (a.k.a. web beacons, web bugs or pixel tags), in connection with our Services to, among other things, track the activities of App or Site visitors, help us manage content, and compile statistics about our App and Site usage. We and our third-party service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
Clickstream
As you use the Internet, a trail of electronic information is left at each website you visit. This information, which is sometimes referred to as "clickstream data," can be collected and stored by a website's server. Clickstream data can tell us the type of computer and browsing software you use and the address of the website from which you linked to the Site. We may collect and use clickstream data as a form of Aggregate Information to anonymously determine how much time visitors spend on each page of our Site, how visitors navigate throughout the Site and how we may tailor our web pages to better meet the needs of visitors. This information will be used to improve our Site and our services. Any collection or use of clickstream data will be anonymous and aggregate, and will not intentionally contain any Personal Information.
Interactive Tools
Certain features on our Site may give you an opportunity to interact with us and others. These may include blogs, message boards, and product and service reviews. When you use these features you should be aware that any information you submit, including your name, location, and e-mail address, may be publicly available to others. We are not responsible for any information you choose to submit through these interactive features and we strongly discourage you from disclosing any sensitive Personal Information (such as health or credit card information) through these features. If you use these features, your Personal Information may remain on the Site even after you cease use of the Site.
Payment
If you choose to register an administrator account, payments are exclusively processed through Square. If you provide us with your financial or any other personal information, the information is encrypted using industry-standard protections. Please refer to Square’s Privacy Policy at https://squareup.com/us/en/legal/general/privacy for information regarding their own security protections and use of your personal information. Payment information is stored on our Site for automatic monthly payments until you choose to cancel your account.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So, if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. Once you leave our Site or are redirected to a third-party website, you are no longer governed by this Privacy Policy or our Terms of Use.
Other Websites
Our Site may contain links to other websites not maintained by CircleUp. Other websites may also reference or link to our Site. The inclusion of a link on the website does not imply endorsement of the linked site by us. We are not responsible for the privacy practices of websites operated by third parties that are linked to or integrated with our Site, or for the privacy practices of third-party Internet advertising companies. We encourage you to be aware when you leave our Site, or surf the Internet, and to read the privacy statements of each and every website that you visit.
Information Security
To protect your Personal Information, we take reasonable precautions and follow industry-standard SSL/TLS end-to-end encryption of data in transit to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your financial or any other personal information, the information is encrypted using industry-standard protections in our database. No payment information is ever stored in our database, as it is solely processed through third parties and is only temporarily stored during the processing of payment. All other information we collect may be stored up to five years after termination of your account or completion of a purchase through our internal database, unless we receive a request by you to remove such information earlier.
Although we have implemented commercially reasonable precautions to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction, please be aware that despite our best efforts, no data security measures can guarantee 100% security. You should take steps to protect against unauthorized access to your password, phone, and computer by, among other things, signing off after using a shared computer, choosing a robust password that nobody else knows or can easily guess, and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
Privacy of Minors
We do not intentionally collect or maintain information from persons under the age of 13. If we determine upon collection that a user is under this age, we will not use or maintain his/her Personal Information without the parent/guardian’s consent. If we become aware that we have unknowingly collected personally identifiable information from a child under the age of 13, we will make reasonable efforts to delete such information from our records. We also recommend that parents monitor their children’s Internet activities and learn and employ software or other tools that can help their children enjoy their online experience without compromising their personal safety or allowing them to use the Internet in a manner inconsistent with their parent/guardian’s preferences.
California Privacy Rights
California law permits users who are California residents to request and obtain from us once a year, free of charge, information regarding (i) the categories of personal information collected, (ii) the categories of sources for the personal information collected, (iii) the business purpose for collecting that information, (iv) the categories of third parties with whom CircleUp shares that information, (v) the specific pieces of personal information CircleUp collects about the consumer, and (vi) whether CircleUp sold or disclosed the personal information for a business purpose, CircleUp will also provide two separate lists disclosing: a) sales, identifying the personal information categories that each category of recipient purchased; and, b) disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
If you are under 18 years of age please do not use the Site. If you are under 18 years of age and already have an account, believe we have collected your personal information, or are the parent or guardian of a minor under 18 years of age with an account or information collected by us, please inform us at solutions@circleuped.org.
Any user may request the discontinuation (or opt-out) of our sharing of the information with third parties and/or that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your California Privacy Rights Request (see below), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you. Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities. Debug products to identify and repair errors that impair existing intended functionality. Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law. Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.) ("CCPA"). Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent. Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us. Comply with a legal obligation. Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Please submit any requests (“California Privacy Rights Request”) by: emailing us at solutions@circleuped.org with a subject line of “Your California Privacy Rights”.
For each California Privacy Rights Request, please clearly state the following:
Sufficient detail of your request such that it allows us to properly understand, evaluate, and respond to it; That the request is related to "Your California Privacy Rights; Your name, street address, city, state, zip code, and email address; and Whether you prefer to receive a response to your request by mail or email.
We cannot respond to your California Privacy Rights Request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. CircleUp is not responsible for a California Privacy Rights Request that is incomplete, incorrectly labeled, or incorrectly sent. Making a California Privacy Rights Request does not require you to create an account with us. It may take us up to 45 days to process your California Privacy Rights Request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
Deny you goods or services; Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; Provide you a different level or quality of goods or services; or Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Communications with CircleUp
By providing your email address to CircleUp, you expressly consent to receive emails from us. We may use email to communicate with you, to send information that you have requested or to send information about other products or services developed or provided by us or by other third party manufacturers, services and/or distributors that CircleUp believes will be of interest to its audience. If you receive an unwanted email from us, you can simply reply and ask not to receive future emails. We also give you the option to remove your personal information from our list of active users completely. All unsubscribe or opt-out requests should be sent to us at solutions@circleuped.org. We will process your request within a reasonable time after receipt. We are not responsible for removing your personal information from the lists of any third party who has been provided your information in accordance with this Privacy Policy, such as a business partner.
Information for Nevada Consumers
Nevada law requires website operators to provide a way for Nevada consumers to opt-out of the sale of certain information that the website operator may collect about them. This information is limited to direct identifiers, such as your name, postal address, and email address. When Nevada consumers opt-out of the sale of their information, website operators must ensure that the information is not sold to another business that will further license or sell the information to others.
If you are a Nevada resident and you would like to opt-out of any possible sale of this information, please email us at solutions@circleuped.org. For all requests, you must put the statement “Your Nevada Privacy Rights” in the subject field of your request. You must also include your full name, street address, city, state, and zip code. We will not accept requests via telephone, postal mail, or facsimile, and we are not responsible for notices that are not labeled or sent properly, or that do not have complete information
Changes to this Privacy Policy
CircleUp reserves the right to change this Privacy Policy from time to time as it sees fit and your continued use of the Site will signify your acceptance of any adjustment to this Privacy Policy. If there are any changes to our Privacy Policy, we will announce that these changes have been made on our home page and on other key pages on our Site. If there are any changes in how we use our customers’ personal information, notification by e-mail will be made to those affected by this change. Any changes to our Privacy Policy will be posted on our Site 30 days prior to these changes taking place. You are therefore advised to re-read this statement on a regular basis.
Effective Date
This Privacy Policy is effective as of May 2, 2020.