The Week Ahead
Sign up to get our free weekly newsletter that gives you everything you need to know about the world of tech and business in one hyper-curated email.
In certain jurisdictions, the processing of your Personal Data (as defined below) is lawful only if it is permitted under data protection legislation. In this case, we have a lawful basis for each of our processing activities (unless an exemption applies) as outlined below:
When you access the Site, purchase, download trial or evaluation versions, register for any associated products and/or services, or use the Software in any way, we may collect Personal Data and Anonymous Data from you. We may also collect Personal Data and Anonymous Data when you send us information or communications.
“Personal Data” means data that allows someone to identify or contact you, including, for example and without limitation:
Personal Data may be used for the purposes of recording the transaction when you access the Site or when you use any of the Software or any associated products and/or services. Shift does not knowingly collect any sensitive personal data or any data defined under special categories of the applicable law(s).
“Anonymous Data” refers to data about you that is not associated with, or linked to your Personal Data. Anonymous Data does not permit the identification of individual persons. When you link third-party Accounts like Google or Outlook to the Software, nothing is collected from these accounts. As such, Personal Data and Anonymous Data expressly exclude any information that could be collected by way of linking your accounts. This data is only stored locally on your computer system and thus does not constitute any part of data that we collect. In most cases, Personal Data collection occurs when you provide such data directly to us, when you use the Software to connect your email address(es) or to access your event data, or if such information and data is required in order for us to provide the Software and related services to you.
We may use Personal Data collected from you for the following general purposes:
If and when we use a third-party payment processing merchant, third-party technical support provider, third-party technology provider, or third-party hosting provider, we ensure that the same privacy criteria, as defined herein, are in place with such third parties. We do not knowingly collect personal information from persons under the age of eighteen (18).
“Application Data” refers to data about how you use the Software. The Software may collect certain information from you including, but not limited to: User IP addresses, geolocation, OS version, OS localization, version of the application, localization of the application, device, bug reports, etc. The Software obtains this information as a result of data being sent to our servers from our software “agent” embedded in the Software or on the website that you are accessing. The Software generates a globally unique identifier (“GUID”) that is stored on your computer to uniquely identify it. The GUID is a randomly generated number; it does not contain any Personal Data. The GUID is stored on your computer and sent with every report generated by the Software. The Software does not, and will not, collect any other Personal Data from your computer(s) without your prior approval. Application Data we collect is primarily used to report application usage and statistics, improve the Software, and track the performance of various marketing initiatives. Application Data may also be used by Shift to answer questions that customers have about their use of the Software and any associated service(s).
We will never sell, trade, or rent any Personal Data, or any Anonymous Data that may contain Personal Data, to any third-party without your explicit prior consent.
In certain special cases, we may disclose Personal Data when we have reason to believe that disclosing such information is necessary to identify, contact, or bring legal action against someone who may be causing injury to you, or is otherwise injuring or interfering with our rights, property or operations, other users of the Software, or anyone who could be harmed by such activities. We may also disclose your Personal Data and any Application Data when we believe the law requires it, or in response to any demand by law enforcement authorities in connection with criminal investigation, or civil or administrative authorities in connection with a pending civil case or administrative investigation.
If we determine, in our sole discretion, that you have engaged in conduct that might be considered unlawful, fraudulent, or might harm or damage the reputation or standing of Shift with either the general public or with a business partner or potential business partner of Shift, we reserve the right to release your Personal Data to such persons or third parties, as we consider necessary, to prevent you from causing injury to, or otherwise injuring or interfering, now or in the future, with our rights, property or operations or otherwise the rights, property or operations of anyone which could be harmed by such conduct.
“CCPA” as used herein means the California Consumer Privacy Act, as amended, including without limitation any and all applicable implementing regulations (CCPA). “CPA” as used herein means the Colorado Privacy Act, as amended, including without limitation any and all applicable implementing regulations (CPA). “CTPDA” as used herein means the Connecticut Data Protection Act, as amended, including without limitation any and all applicable implementing regulations (CTDPA). “UCPA” as used herein means the Utah Consumer Privacy Act, as amended, including without limitation any and all applicable implementing regulations. “VCDPA” as used herein means the Virginia Consumer Data Protection Act, as amended, including without limitation any and all applicable implementing regulations. “European Data Law” as used herein shall mean, without limitation, (i) the EU General Data Protection Regulation (“EU GDPR”); (ii) the EU e-Privacy Directive; (iii) the United Kingdom’s European Union (Withdrawal) Act (“UK GDPR”); (iv) the Swiss Federal Act on Data Protection (“Swiss DPA”); and (v) any and all applicable national laws made under or pursuant to (i), (ii), (iii) and (iv); in each case as may be amended or superseded from time to time. “LGPD” as used herein means the Lei Geral de Proteção de Dados, as amended, including without limitation any and all applicable implementing regulations.
In accordance with Applicable Data Law, you have the following rights in respect of your personal information that we collect and hold:
In accordance with Applicable Data Law, you have certain rights with respect to the processing of your personal information. Under Applicable Data Law, you have a right to request that we provide you with the following:
You also have certain rights under Applicable Data Law that may permit you to:
If you opt-out of having your information collected through cookies and other web technologies, your existing display advertising cookie(s) will be deleted and a new cookie will attempt to be placed that instructs third party service providers not to track your future activities when that cookie is detected (a “do-not-track” cookie). If your browsers are configured to reject cookies when you visit our opt-out page, a “do-not-track” cookie cannot be set on your computer. Also, if you subsequently erase “do-not-track” cookies, use a different computer or change web browsers, you will need to opt-out again. We currently do not respond to browser “do-not-track” signals.
Third-party Links. The Site and the Software may contain links to other third-party owned and/or operated websites and, where you request information from third-party providers, we may transfer you directly to the websites of such third-party providers. Shift is not responsible for the privacy practices or the content of such third-party websites. In some cases, you may be required to provide certain information to register or complete a transaction at such website. These third-party websites have separate privacy and data collection practices and Shift has no responsibility or liability relating to them. We do not endorse, nor are we responsible for the accuracy of, the privacy policies and/or terms and conditions of such third-party website. These third-party entities are independent third parties and are not affiliated with Shift.
Third-party Offers. Shift may provide you with the opportunity to receive special offers, products and/or services from third parties. Where you indicate the desire to receive certain offers, products or services from a third-party during the applicable information collection process, your Personal Data that was provided during that information collection process will be shared with the applicable third-party so that such third-party may provide their products and/or services to you so that you do not have to complete another information collection form to purchase or receive that product or service. Clicking on any third-party offers may add and place cookies on your computer prior to directing you to the applicable advertiser’s site. These third-parties have separate cookie polices and Shift has no responsibility or liability relating to them. If you do not wish to receive cookies, you may set your browser to reject cookies or to alert you when a cookie is placed on your computer. You are not required to accept cookies, however, if your browser rejects our cookies you may not be able to use all of the Site functionality.
Third-party Cookies. Clicking on any third-party offers may add and place cookies on your computer prior to directing you to the applicable advertiser’s site. These third parties have separate cookie polices and Shift has no responsibility or liability relating to them. If you do not wish to receive cookies, you may set your browser to reject cookies or to alert you when a cookie is placed on your computer. You are not required to accept cookies, however, if your browser rejects our cookies you may not be able to use all of the Site functionality.
Third-party Technology/Software/Service/Solutions Providers. The Site or the Software may contain certain software technologies and services licensed from third-party providers. Shift may engage with certain third-party services and solutions providers such as data hosting service providers, payment processing service providers, and email marketing service providers. These third-party providers have separate privacy and data collection practices and policies, and Shift has no responsibility or liability relating to them. We do not endorse, nor are we responsible for the accuracy of the terms and conditions of any third-party privacy policies. These third-party entities are independent third parties and are not affiliated with Shift. Shift may be using or sharing your Personal Data for Legitimate Interest purposes with third-party service providers. For more information about these third-party service providers, please visit this link.
Accounts are added to the Software using Oauth authentication. Oauth is a secure mechanism which gives the Software access to your Google or Microsoft account data without letting us know your password. This token is valid during your use of the Software. If you remove an account, or uninstall the Software, you’ll be prompted to re-authorize the Software for each Google or Microsoft Account using Oauth.
We only use the authorization to support certain Software features like unread email count for each account, and to support push desktop notifications if requested. This information is local, and not stored on, or transmitted to, our servers.
The Software will require access to your Google/Microsoft account(s) and user data for the following purposes:
Shift is committed to protecting the security of any Application Data and Personal Data that is collected by Shift. We use a variety of industry-standard and advanced security technologies and procedures to help protect any Application Data, Personal Data, and other information and data that you may submit to Shift through the Software from unauthorized access, use, or disclosure. Despite these measures, no method of transmission over the Internet, or method of electronic storage is 100% secure. Shift cannot fully eliminate security risks associated with the collection and storage of any Application Data and Personal Data, including without limitation, any mistakes and security breaches that may happen. While we strive to use commercially acceptable means to protect the Application Data and Personal Data, we cannot guarantee its absolute security. In the unlikely event of a data breach where your Personal Data has been compromised, Shift will promptly notify you, the applicable authorities and supervisory authorities or data protection authorities.
Any Personal Data that is collected and stored by Shift will be retained only for as long as required in order to provide certain products and/or services to you, or as required by applicable law. Any Personal Data that is no longer required by Shift will be destroyed.
We reserve the right to limit or deny your request to view, update, or remove your Personal Data if you have failed to provide us with sufficient information to verify your identity.