Effective November 2019
- Subscriber Information, being personal information relating to our Subscribers and (where applicable) their businesses. We collect this information so that we can provide our Services to those Subscribers. For the purposes of GDPR in the European Union, we are the 'data controller' of this Subscriber Information and we collect and store it for the purposes of providing our Services to Subscribers and maintaining records and contact details relating to those Services and Subscribers. This policy sets out how Dremind process your information as a Subscriber.
In using our Services, you provide us with the following information which we store securely:
ACCOUNT AND PROFILE INFORMATION
- Contact information such as name, email address, mailing address, phone number and country
- Profile information such as a username, profile photo, and job role
- Preferences information such as notification and marketing preferences
We also store information you upload to or send through our Services, including:
- Information about products and services the Subscriber sells (including inventory, pricing, sale, transaction, tax, and other data)
- Information about the Subscriber or the Subscriber’s business (employee, customer, and contact data)
We ask for and collect personal information from you when you submit web forms on our websites or when you participate in any interactive features of our Services, participate in a survey, competition, promotion, activity or event, apply for a job, request customer support, download content, communicate with us via third party social media sites, or otherwise communicate with us.
What other information do we collect?
We collect analytics information when you use our Services to help us improve our products and services. We are always aiming to make Dremind a better experience for retailers and customers alike, and your information really helps us to do this! This analytics information consists of the function and feature of the Dremind Service being used, and the Subscriber's Dremind subdomain name (or similar), the username and IP address of the individual who is using the function or feature (which will include any personal information incorporated into the username), and other information needed to detail the operation of the function and the parts of the Services that are being affected.
ANALYTICS INFORMATION DERIVED FROM OPERATIONAL DATA
Analytics information also consists of data we collect as a result of running queries against Operational Data across our user base for the purposes of generating Usage Data. "Usage Data" is aggregated data about a category or group of features, services, or users that is not of itself personal information. It is also data about our Subscribers and their business.
We may incidentally come across sensitive or personal information when we compile Usage Data.
COOKIES, WEB BEACONS AND OTHER TRACKING TECHNOLOGIES
INFORMATION FROM THIRD PARTY SERVICES
How Dremind uses your information
We are continually striving to improve Dremind. Being able to identify how retailers are using our product plays a big part in helping us to make our software better. We may use information about you for purposes such as:
- Enabling you to access and use our Services
- Displaying historical sale information
- Sending you marketing, advertising, educational content and promotional messages and other information that may be of interest to you, including information about us, our Services, or general promotions for business partner campaigns and services. You can unsubscribe or opt-out from receiving these communications described below under “How You Can Protect Your Information”
- To administer referral programs, rewards, surveys, sweepstakes, contests, or other promotional activities or events sponsored or managed by us or our business partners
- In the case of retail stores, to share the name of the retail store with potential customers to encourage them to use our Services
- Measuring, customising and improving the Services and developing new products
- Sending to you service, support and administrative messages, reminders, technical notices, updates, security alerts and information requested by you
- Investigating and preventing fraudulent transactions, unauthorised access to Services, and other illegal activities
Where we need your personal information for any other purposes, it will be obvious from the circumstances as to the purposes for which we require that personal information from you.
Sharing & disclosure of your information
When you use the Services, we may share your information only as described below:
VEND BLOGS, FORUMS AND WIKIS
Our websites offer publicly accessible community services such as blogs, forums, and wikis. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. Your posts may remain even after you cancel your account. To request removal of your personal information from a Dremind community service, please contact us using the information listed below. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to and why.
SERVICE PROVIDERS, BUSINESS PARTNERS AND OTHERS
We use and work with third party service providers and our trusted Business Partners to provide application development, hosting, website, infrastructure, maintenance, backup, payment processing, customer relationship management, marketing, accounting, human resources, business intelligence and analytics, data enrichment, customer support and other services for us. These service providers may have access to or process your information for the purpose of providing those services for us. Some of our pages use white-labelling techniques to serve content from our service providers while providing the look and feel of our site. Please note that you are providing your information to these third parties acting on behalf of Dremind. These third parties are located in countries which may be outside of your location.
We also share your contact information with select trusted Business Partners, such as our partners who integrate with Dremind services, to enable them to contact you about their services (as they relate to your Dremind Services). We also obtain contact information from select Business Partners to better understand your preferences and to deliver you more personalised marketing.
THIRD PARTIES YOU AUTHORISE
You can give third parties access to your and your end users’ information on the Services. For example, you may wish to integrate Dremind with a third party appointment scheduling service that requires access to the email addresses you collect from your end users, in order for that appointment service to send reminder emails on your behalf and at your direction. Just be aware that such third party’s use of this information will be governed by the terms and privacy policies of the third party.
LINKS TO THIRD PARTY SITES
SOCIAL MEDIA WIDGETS
COMPLIANCE WITH LAWS AND PROTECTION OF RIGHTS
In certain situations, we may be required to use and disclose your information (including personal information) to a third party if we believe the disclosure is reasonably necessary:
- To comply with any applicable law, legal process (for example, subpoenas and warrants) or governmental request
- To protect the property, rights, and safety of Dremind, our Subscribers or the public from harm or illegal activities
- For fraud prevention, risk assessment, investigation, customer support, product development or debugging purposes
- To protect the rights, property or personal safety of Dremind, its users or members of the public
- To establish or exercise our legal rights or defend ourselves against any third-party claims or allegations
NON-IDENTIFYING OR AGGREGATED DATA
We may share aggregated or other non-personal information that does not directly identify you with third parties in order to improve our Services.
Your Choices and Privacy Rights
Updating your Personal Information via the Services:You may access, change, or correct information about you by logging into your Dremind account at any time or by making a request to us using the contact details below, in which case we may need to verify your identity before granting access or otherwise changing or correcting your information.
ACCOUNT INFORMATION AND DEACTIVATING YOUR ACCOUNT
If you wish to deactivate your Dremind account, you may do so by logging into your Dremind account and following these instructions or by emailing us using the contact details provided below.
OPTING OUT OF PROMOTIONAL COMMUNICATIONS
You may opt out of receiving promotional communications from Dremind by using the unsubscribe link within each email or contacting us via our home page or sales team. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding Services (e.g., account verification, purchase and billing confirmations and reminders, technical and security notices).
YOUR CALIFORNIA PRIVACY RIGHTS
In addition to the rights listed above, if you are in California you also have rights under the California Consumer Privacy Act (CCPA) to:
- Know what personal information we collect, use, and disclose
- Request deletion of your personal information
- Not receive discriminatory treatment by us for the exercise of your rights
- Designate an authorised agent to make a CCPA request on your behalf
- Know that we do not sell your personal information
If you are a California resident and would like to exercise any of your above rights, or if you have questions or concerns about our privacy policies and practices, please contact us at [email protected] We may need to verify your identity before processing any request, by asking you to log in to our Services using your login credentials.
This section applies to Customer Information constituting personal information under the CCPA. For the purposes of such personal information, you are a business and we are a service provider.
Your transfer of the personal information to us is not a sale, and we provide no monetary or other valuable consideration to you in exchange for the personal information.
Except as otherwise instructed by you, we will not (a) sell the personal information or (b) collect, retain, use or disclose the personal information for any purpose (including any commercial purpose) other than to provide our Services.
As applicable to our Services, we will reasonably assist you with any verifiable consumer requests to retrieve or delete the personal information.
For purposes of this section, the terms “business”, “commercial purpose”, “consumer”, “personal information”, “service provider”, “sell” and “verifiable consumer request” have the meanings given in the CCPA.
YOUR EUROPEAN PRIVACY RIGHTS
In addition to the rights listed above, if you are in the EEA you also have rights to:
- Know what personal information we hold about you, and to make sure it’s correct and up to date
- Request a copy of your personal information or ask us to restrict processing of or delete it
- Object to our continued processing of your personal information
If you’re not happy with how we are processing your personal information, you have the right to complain to your local information protection authority. Your local data protection authority will be able to give you more information on how to submit a complaint.
You can request to exercise these rights by emailing [email protected]
COOKIES AND ADVERTISING
You may opt out of receiving cookies by instructing your browser to stop accepting cookies or to prompt you before accepting a cookie from websites you visit, by changing your browser options.
You also can learn more about cookies by visiting www.allaboutcookies.org, which includes useful information on cookies and how to block cookies on different types of browsers and mobile devices.
Please note, however, that by blocking or deleting cookies used in Services, you may not be able to use all aspects of our Services.
Children’s use of the services
Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact us at the address listed below.
We have adopted technical, administrative and physical procedures to collect, manage, maintain and store information in a manner designed to help protect your information from loss, misuse, unauthorised access, and alteration. Unfortunately, no security system is impenetrable and due to the inherent nature of the Internet as an open global communications vehicle, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers.
Where data is transferred over the Internet as part of the Services, the data is encrypted using industry standard TLS (HTTPS).
For more information about our security practices, please visit www.miretail.com.co/security.
Our global operations (including transfers of data from your home country to another)
To bring you Services, we operate globally. In order to do so, your personal information may be transferred to, and processed in countries other than the country you live in, outside of your home country, including to Australia, New Zealand, United Kingdom and the United States. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.
Specifically, Dremind hosts data with Amazon Web Services in the United States. If you are a non-US resident, this means that your personal information will be transferred to the US. The servers on which personal information is stored are kept in a controlled environment.
European Economic Area (EEA) users: This means that your information may be transferred outside of the EEA. Where your personal information is transferred outside the EEA, it will only be transferred to countries that have been deemed to provide adequate protection for EEA information (like New Zealand), or to a third party where we have approved transfer mechanisms in place to protect your personal information – i.e., by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US based third parties).
Australian users: The third parties we share data with do not control, and are not permitted to access or use your personal data, except for the limited purpose it was provided. This means that, for the purposes of Australian privacy legislation and Australian users, Dremind does not disclose personal data to third parties located overseas.
Where we process your Subscriber Information, we retain personal information we collect from you where we have an ongoing legitimate business need to do so (in connection with the purposes set out above. For Information about how long any of our Subscribers retain your personal information, please contact that Subscriber.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Do You Have Questions?
Level 1, 2 Nuffield Street
Note that the Dremind companies operate as a group of individual data controllers. If you write to the address above, we will make sure that your request is dealt with by the appropriate part of Dremind.