Privacy Policy

Last modified Aug 5, 2022

Introduction#

Welcome to the website of Playbook Software Inc. ("Rollout", "we", "us" and/or "our"). This website is operated by Rollout and has been created to provide information about our company and its content and data automation platform and related services (together with the website, the "Service(s)") to our Service visitors ("you", "your"). “Personal Data” means any information relating to, or which can reasonably be ascribed to an identified or identifiable natural person. There are from two (2) classes of users possibly impacted by the Service: Administrators for entities that contract with us or that might be interested in contracting with us (“Partners”) and the persons that Partners may collect information or data on that are in their Services (“Users”). This Privacy Policy sets forth Rollout's policy with respect to "Personal Data" that is collected from visitors to the website and Services.

Note to Users#

Our Service allows Partners to create automated workflows, sometimes using APIs. While a Partner may have access to User Personal Data and use our Service to work with it as it is stored with them and their other processors and transmit and store it through our Service. We do not control Partner use of the Personal Data they collect from you and provide to us.

Partners may store and transmit information using the Service which may include:

  • name, email address, physical address, phone number, and other similar contact information;
  • payment information, including credit card and bank account information;
  • information about location;
  • information about a User organization and contacts, such as colleagues or people within your organization;
  • usernames, aliases, roles, and other authentication and security credential information;
  • content of feedback, testimonials, inquiries, support tickets, and any phone conversations, chat sessions and emails with or to us;
  • images (still, video, and in some cases 3-D), voice, and other identifiers that are personal.
  • information regarding identity, including government-issued identification information; corporate and financial information; and
  • VAT numbers and other tax identifiers.

If you are a User and desire to exercise any of your rights with respect to your Personal Data, please contact the Partner directly as we will cooperate with them with respect to any lawful request.

Our Service also allows Users to create automated workflows, sometimes using UI Components. For Workflow Content (content transferred in and out of automated workflows in your Partner account), you, the User, are considered the “data controller” of that data from a privacy perspective.

In turn, Rollout is the “data processor” responsible for safeguarding Workflow Content as it flows through Rollout's systems. Rollouts’s security measures are described in Rollouts’s Security page.

As data controller, you are responsible for safeguarding Workflow Content as you interact directly with services integrated with Rollout. You should configure your Workflows and integrations to not trigger or work with users' data without proper consent.

Information We Collect#

Website Visitors#

For anyone who visits the website, we may collect information automatically using web tracking technologies such as cookies, web beacons, pixel tags, clear GIFs and third party tracking services in order to ensure that the website and Services operate efficiently and to collect data related to usage of the website and Services such as, but not limited to, the IP Address, browser type, language preference, referring website, and the date and time of each visitor or Partner request.

Cookies: In visiting our website and in operating the Services, we may use a technology called "cookies." A cookie is a piece of information that the computer that hosts our Services gives to your browser when you access the Services. Our cookies help provide additional functionality to the Services and help us analyze Services usage more accurately. For instance, our Services may set a cookie on your browser that allows you to access the Services without needing to remember and then enter a password more than once during a visit to the Services. In all cases in which we use cookies, we will not collect Personal Data except with your permission. On most web browsers, you will find a "help" section on the toolbar. Please refer to this section for information on how to receive notification when you are receiving a new cookie and how to turn cookies off. We recommend that you leave cookies turned on because they allow you to take advantage of the full capability of our Services' features.

"Web Beacons" (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services, to monitor how many visitors view our Services, and to monitor the effectiveness of our advertising. Unlike Cookies, which are stored on the user's device, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).

If you are a visitor and make any inquires to us regarding your interest we will collect your name, email address and other contact information you provide us with in order to respond to your inquiry.

Partners#

With respect to Partners when you register or purchase our Services, we collect the name, business you work with, email address, address and password in order to administer the Services. Our payments processor will collect your billing information (credit card information, address and name) to process the payments for the Services.

In order to use the Service, it will need to connect with the various online third-party services you want us to integrate with ("Third-Party Services"), so we will need to collect the usernames and passwords to for the various Third Party Services ("Login Credentials").

We also will collect IP Address, device ID and other information and log it in connection with your account information and use history to administer the Services, provide support, improve your experience and monitor the Service for fraud, misuse and other reasons permitted by law.

How We Use the Personal Information We Collect#

Providing the Services#

We use Personal Data to administrate the Services, process payments and provide customer support for Partners. If you provide Personal Data for a certain reason, we may use the Personal Data in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. Also, if you provide Personal Data in order to obtain access to the Rollout Services, we will use your Personal Data to provide you with access to such services and to monitor your use of such services. For persons located in the EEA, our lawful basis in the processing of such Personal Data is under Article 6.1 (c) and (f) of the GDPR.

Direct Marketing and Improvement of the Services and Site#

Rollout and its subsidiaries and affiliates (the "Rollout Related Companies") may also use your Personal Data and other personally non-identifiable information collected through the Services to help us improve the content and functionality of the Services, to better understand our users and to improve the Rollout Services. Rollout and its affiliates may use this information to contact you in the future to tell you about services we believe will be of interest to you. If we do so, each communication we send you will contain instructions permitting you to "opt-out" of receiving future communications. In addition, if at any time you wish not to receive any future communications or you wish to have your name deleted from our mailing lists, please contact us as indicated below. For persons located in EEA lawful basis in the processing of such Personal Data is under Article 6.1 (f) of the GDPR.

Detecting of Fraud and Misuse#

We review logs and Personal Data to detect fraud, misuse, illegal activity or violation of our terms. For persons located in the EEA, our lawful basis in the processing of such Personal Data is under Article 6.1 (d) and (f) of the GDPR

‍Third-Party Service Integration#

Our Service allows Partners to integrate and create commands for various online third-party services ("Third-Party Services"). In order to take advantage of this feature, Partners may need to authenticate, register for or log into Third-Party Services through the Service or on the websites of their respective providers. When a Partner enables linking between or log in to Third-Party Services through the Service, we will collect relevant information necessary to enable the Service to access that Third-Party Service and Partner data and content contained within that Third-Party Service ("Login Credentials"). We store Partner Login Credentials long enough to enable linking to the Third-Party Service.

When a Partner enables the Service to link content and data between Third-Party Services, the Third-Party Services will provide us with access to certain information that Partner may have provided to the Third-Party Services, and we will use, store and disclose such information in accordance with this Privacy Policy and the rules Partner sets to govern the linking. In addition, Partner can use the Service to share content and third party Personal Data amongst the Third-Party Services they integrate with the Service. Please remember that the manner in which Third-Party Services use, store and disclose your information is governed by the policies of such Third-Party Services, and Rollout shall have no liability or responsibility for the privacy practices or other actions of any Third-Party Services that may be enabled within the Service.

We may retain certain personally non-identifiable information related to the data or content linked between Third-Party Services (for example, date sent, link configuration, names of the Third-Party Services), for the purpose of improving our Services and as described below in the "Aggregated Personal Data" section. For persons located in the EEA, our lawful basis in the processing of such Personal Data is under Article 6.1 (c) and (f) of the GDPR.

Aggregated Personal Data:#

In an ongoing effort to better understand and serve the users of the Rollout Services, Rollout often conducts research on its customer demographics, interests and behavior based on the Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and Rollout may share this aggregate data with its affiliates, agents and business partners. This aggregate information does not identify you personally and we do not collect or use such data on Users. Rollout may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.

How We Share the Personal Information We Collect#

Rollout will not sell or rent to any third party any of the personal information or data that Partner or User provides to us. We share Personal Data as set forth below. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:

Third Party Integrations.#

We will share Partner login data and User Personal Data in order to provide the Services as instructed by Partner or User.

Your Account Team Members#

If you are invited to join a Rollout team account, and you accept the invitation, you are agreeing that certain of your information will be shared with the team account holder and other team members. In particular, the team account holder will have access to your name, email address, avatar (if any) and task usage, and other team members will have access to your name, email address and avatar (if any). Any information you share via a team account, including workflows you create or Third-Party Services you link to, will be available to all team members of the team account you have joined. To remove yourself from a team please contact us at [email protected] and we will confirm removal before implementing.

Law Enforcement and Internal Operations#

Personal Data may be provided where we are required to do so by law, or if we believe in good faith that it is reasonably necessary (i) to respond to claims asserted against Playbook Software Inc or to comply with the legal process (for example, discovery requests, subpoenas or warrants); (ii) to enforce or administer our policies and agreements with users; (iii) for fraud prevention, risk assessment, investigation, customer support, product development and de-bugging purposes; or (iv) to protect the rights, property or safety of us, our users or members of the general public. We will use commercially reasonable efforts to notify users about law enforcement or court ordered requests for data unless otherwise prohibited by law. However, nothing in this Privacy Policy is intended to limit any legal defenses or objections that you may have to any third-party request to compel disclosure of your information.

Business Transfer#

We may sell, transfer or otherwise share some or all of its assets, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy. Under such circumstances, we will use commercially reasonable efforts to notify its users if their personal information is to be disclosed or transferred and/or becomes subject to a different privacy policy.

Third-Parties#

We sometimes contract with other companies and individuals to perform functions or services on our behalf, such as payments processing software maintenance, data hosting, sending email messages, etc. We necessarily have to share your Personal Data with such third-parties as may be required to perform their functions. We take steps to ensure that these parties take protecting your privacy as seriously as we do, including entering into Data Processing Addendum(s), EU Model Clauses and/or ensuring these third-parties have Binding Corporate Rules or other acceptable legal basis for transfer and protection of Personal Data.

Third Parties Collecting Data on Our Behalf#

Intercom#

We use Intercom in connection with our Site and Services to store and track usage statistics, support conversations and contact information such as name and email in connection with those support live chat conversations.

To learn more about how Intercom stores your data and protects your privacy as well as other terms, please see: https://www.intercom.com/legal/terms-and-policies

LogRocket#

We use LogRocket in connection with our Site to store and track usage details and statistics such as features used & errors encountered.

To learn more about how LogRocket stores your data and protects your privacy, please see: https://logrocket.com/privacy/

How We Transfer Data#

If you are providing your Personal Data to us directly to use our Services, we will transmit your data, including your Personal Data, to the United States in order to fulfill our contractual obligations to you.

Your Choices#

Marketing Communications#

You can unsubscribe from our promotional emails via the link provided in the emails or by responding to those emails with the content "unsubscribe". Even if you opt-out of receiving promotional messages from us, you will continue to receive administrative messages from us.

Location Information#

You can prevent your device from sharing precise location information at any time through your device’s operating system settings.

Do Not Track#

There is no accepted standard on how to respond to Do Not Track signals, and we do not respond to such signals.

Changing, Updating and Removing Personal Data#

If your Personal Data changes, you may correct, update, amend, remove, or ask to have it removed by making the change on your user account settings page dashboard within your account, or by contacting us by phone or email at the contact information available on our website. To the extent you cannot remove our own Personal Data you may request we do so by contacting support at [email protected],

Generally speaking, we will still retain your information for as long as your account is active, as needed to provide you the Services and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. While we will remove Personal Data from use in connection with the Services, will retain Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements or as otherwise required by law.

Choices for EU, UK AND EEA Residents.#

If you are located in the European Economic Area (EEA) or the United Kingdom you have the following additional rights:

You have the right to withdraw consent where such consent is required to share or use data and you may request that we delete your Personal Data.

If you receive communications from us and no longer wish to receive them, please follow the removal instructions in the email or change your account settings.

Right to be Forgotten#

As detailed above, you can delete your Personal Data by logging into your account and deleting your account or, to the extent required by law, you may request to do so by completing the Data Subject Access Request instructions on our GDPR page subject to our confirmation of your identity. However, since your Personal Data is required for us to provide the Services to you, deleting it or making such a request will also terminate your access to the Services. Deleting your Personal Data does not mean that all of it will be removed. We take steps to delete Personal Data and content that is no longer necessary in relation to provide the Services by deleting it within 12 months of you terminating your account.

If you are located in the EEA and wish to make a request for removal (Right to Be Forgotten), you may request to do so by completing the Data Subject Access Request instructions on our GDPR page.

If we are legally required to comply with such a request, we will confirm your identity and delete your personal data in such time frame as required by law.

We may be required by law or to retain it to exercise or defend legal claims, or contractual obligations with our customers to retain some information in connection with our obligation to provide the Services. We may de-identify and anonymize some data for purposes of retaining it.

Data Portability#

If you are located in the EEA or the UK and you would like us to transmit your Personal Data to another company providing similar services, we will work with them to do so upon request and verification of such request with both the requestor and the company receiving the Personal Data. You may request to do so by completing the Data Subject Access Request instructions on our GDPR page

California Privacy Rights#

We do not believe that we sell Consumer Personal Information as defined by the California Consumer Privacy Act (“CCPA”).

To the extent provided for by law and subject to applicable exceptions, California residents that are “Consumers” under the CCPA have the following privacy rights in relation to the Personal Information we collect:

The right to know the categories of Personal Data collected and/or sold for a business purpose and the purpose for use, as well as what Personal Data was collected and how we have used and disclosed that Personal Information;

The right to request deletion of your Personal Information; and

The right to be free from discrimination relating to the exercise of any of your privacy rights.

Exercising Your Rights: You may be able to delete or change your information within your account dashboard. California residents can also exercise the above privacy rights by emailing us at: [email protected]

The right to “Opt Out” of the sale of Consumer Personal Information. We do not believe that we “sell” Personal Information as defined in the CCPA. However, if you wish to make such a request, you may make the request via email at [email protected]

Verification: in order to protect your Personal Information from unauthorized access or deletion, we may require you to verify your login credentials before you can submit a request to know or delete Personal Information. If you do not have an account with us, or if we suspect fraudulent or malicious activity, we may ask you to provide additional Personal Information for verification. If we cannot verify your identity, we will not provide or delete your Personal Information.

Authorized Agents: you may submit a request to know or a request to delete your Personal Information through an authorized agent. If you do so, the agent must present signed written permission to act on your behalf and you may also be required to independently verify your identity with us.

Nevada and California Residents – Your Privacy Rights#

California and Nevada residents may request and obtain from us, once a year, free of charge, a list of third parties, if any, to which we disclosed their Personal Information for direct marketing purposes during the preceding calendar year and the categories of Personal Information shared with those third parties. If you are a California or Nevada resident and wish to obtain that information, please submit your request by sending us an email at [email protected], we will confirm your identity and response in accordance with legal requirements.

Third Parties#

Our Services may contain links to other websites, products, or services that we do not own or operate. We are not responsible for the privacy and advertising practices of these third parties, including Partners. Please be aware that this Privacy Policy does not apply to your activities on these third-party services or any personal information you disclose to these third parties. We encourage you to read their privacy policies before providing any personal information to them.

Security#

We make reasonable efforts to protect your personal information by using physical and electronic safeguards designed to improve the security of the personal information we maintain. However, as no electronic transmission or storage of personal information can be entirely secure, we can make no guarantees as to the security or privacy of your personal information.

Children's Privacy#

We do not knowingly collect, maintain, or use personal information from children under 13 years of age, and no parts of our Services are directed to children. If you learn that a child has provided us with personal information in violation of this Privacy Policy, then you may alert us at [email protected].

Changes to this Privacy Policy#

We will post any adjustments to the Privacy Policy on this page, and the revised version will be effective when it is posted. If we materially change the ways in which we use or share personal information previously collected from you through our Services, we will attempt to notify you through our Services, by email, or other means.

Other Terms#

Your access to and use of the Services is subject to the Terms of Service

Contacting Rollout#

Rollout is responsible for processing your information. If you have any questions, comments, or concerns about our processing activities, please email us at [email protected]

If you are located in the European Economic Area or the United Kingdom, the “data controller” or "data processor" of your personal information is Playbook Software Inc. Playbook Software Inc has appointed DataRep to be its representative in the EEA and UK. You can contact them directly regarding the processing of your information by Playbook Software Inc., by email at [email protected] quoting "Rollout" in the subject line, by visiting this link, or by post using the most convenient of the addresses listed here.