If you are using assistive technology and are unable to read any part of the Retention Science website, or otherwise have difficulties using the Retention Science website, please call 877-358-5969 and our customer service team will assist you.Retention Science Privacy Policy
Effective Date: May 25, 2018
Last updated: March 5, 2020
Overview
Retention Science takes data privacy seriously. This privacy statement describes the policies and practices of Retention Science, in collecting, processing, and safeguarding the private information that may be obtained through use of our products, services and websites including the Retention Science Member’s Portal and public-facing website (collectively and individually referred to herein as “Retention Science” or the “Services”). Questions about this privacy policy may be submitted by an email to help@retentionscience.com. This privacy policy applies to each of the Retention Science products, services, and websites, but not to Retention Science’s partners or affiliates, which may have separate privacy policies. Our aim is to earn your trust by being transparent about what data we collect and use in addition to being fully compliant with privacy law.
In addition to the general sections (section 1 and section 5), which are applicable to everyone, we have divided this document into additional sections specifically applicable to:
SECTION 2: Clients
any person or entity registered with Retention Science
SECTION 3: End-Users
a person who one of our Clients may contact (eg. if you are a subscriber or user to a Client’s website, product, or marketing list)
SECTION 4: Visitors
any person who visits Retention Science
SECTION 1 – General (applies to all)
Key Terms
In this privacy policy, these terms have the following meanings:
“Clients”: any person or entity registered with Retention Science.
“Visitors”: any person who visits Retention Science
“End-Users” : a person who one of our Clients may contact (eg. if you are a subscriber or user to a Client’s website, product, or marketing list)
“Personal Information”: any information that identifies or can be used to identify a Client, a End-User, or a Visitor, directly or indirectly. Examples of Personal Information include, but are not limited to, first and last name, date of birth, email address, gender, occupation, or other demographic information.
SECTION 2 – Clients
This section applies to the Personal Information we collect and process from a Client or potential Client through the provision of the Services. If you are not a Client, the Visitors or End-Users section of this policy may be more applicable to you and your data. In this section, “you” and “your” refer to Clients and potential Clients.
Information Collection
The Personal Information that we may collect broadly falls into the following categories:
(i) Information you provide to us:
In the course of engaging with our Services, you may provide Personal Information about yourself, your company, and your End-Users. Personal Information is often, but not exclusively, provided to us when you sign up for and use the Services, consult with our customer service team, send us an email, integrate the Services with another website or service (for example, when you choose to connect your e-commerce account with Retention Science), or communicate with us in any other way.
We will let you know prior to collection whether the provision of Personal Information we are collecting is compulsory or if it may be provided on a voluntary basis and the consequences, if any, of not providing the information. By giving us this information, you agree to this information being collected, used and disclosed as described in our privacy policy.
This information may include:
Registration information: You need a Retention Science account to use the Services as a Client. When you register for an account, you will be asked to provide certain basic information, such as your name, email address, username, company name, occupation, location, and phone number. You will also be asked to create a password.
Billing and communications information: If you purchase our Services, you may also need to provide us with payment and billing information, such as your ACH details and billing address. Retention Science will also maintain a record of your billing transactions and purchases, and any communications and responses.
Information we process on your behalf: In order to send an email campaign or use certain features in your account, you need to send us your End-User data (eg. upload a List that provides us email addresses). We use and process this information to provide the Services in accordance with your instructions.
(ii) Information we collect automatically:
When you use the Services, we may automatically collect certain information about your device and usage of the Services. We use cookies and other tracking technologies to collect some of this information.
This information may include:
Device information: We collect information about the device and applications you use to access the Services, such as your IP address, your operating system, your browser information, and other information about your system and connection.
Log data: Our web servers keep log files that record data each time a device accesses those servers and those log files contain data about the nature of each access, including originating IP addresses. We may also access metadata and other information associated with files that you upload into our Services.
Product usage data: We collect usage data about you whenever you interact with our Services, which may include the dates and times you access the Services and your browsing activities (such as what portions of the Services are used). We also collect information regarding the performance of the Services, including metrics related to the deliverability of emails and other communications you send through the Services. This information allows us to improve the content and operation of the Services, and facilitate research and analysis of the Services.
(iii) Information we collect from other sources:
From time to time, we may obtain information about you or your End-Users from third-party sources, such as public databases, social media platforms, and third-party data providers. We take steps to ensure that such third parties are legally or contractually permitted to disclose such information to us.
Examples of the information we receive from other sources include demographic information (such as age and gender), device information (such as IP addresses), location (such as city and state). We use this information, alone or in combination with other information (including Personal Information) we collect, to enhance our ability to provide relevant marketing and content to you and to develop and provide you with more relevant products, features, and services.
Services
Enrolling in Retention Science’s subscription service may require you to provide certain personal information and enter into a Subscriber Agreement. Nothing herein is intended to modify the terms in the Subscriber Agreement.
Use of Personal Information
We may use the Personal Information we collect through the Services or other sources for a range of reasons, including:
To bill and collect money owed to us by you.
To send you system alert messages.
To communicate with you about your account and provide customer support.
To enforce compliance with our Terms of Use and applicable law, and to protect the rights and safety of our Clients and third parties, as well as our own. This may include developing tools and algorithms that help us prevent violations.
To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.
To prosecute and defend a court, arbitration, or similar legal proceeding.
To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
To provide, support and improve the Services. For example, this may include sharing your or your End-Users’ information with third parties in order to provide and support our Services or to make certain features of the Services available to you.
To provide suggestions to you.
For our data analytics projects. Our data analytics projects use data from Retention Science accounts, including Personal Information of End-Users, to provide and improve the Services. (Eg. machine learning predictions, decisions, and products for our Clients).
Other purposes. To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you.
Other Data Protection Rights
You and your End-Users may have the following data protection rights:
To access, correct, update or request deletion of Personal Information. Retention Science takes reasonable steps to ensure that the data we collect is reliable for its intended use, accurate, complete and up to date. As a Client, you can manage many of your individual account and profile settings within the dashboard provided through the Retention Science platform. You can also manage information about your End-Users within the dashboard provided through Retention Science tools (data uploads, etc) to assist you with responding to requests to access, correct, update or delete information that you receive from your End-Users.
In addition, individuals who are residents of the EEA can object to processing of their Personal Information, ask to restrict processing of their Personal Information or request portability of their Personal Information. You can exercise these rights by contacting us at help@retentionscience.com
.
Similarly, if Personal Information is collected or processed on the basis of consent, the data subject can withdraw their consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent. If you receive these requests from End-Users, you can segment your lists within the Retention Science platform to ensure that you only market to End-Users who have not opted out of receiving such marketing.
The right to complain to a data protection authority about the collection and use of Personal Information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here (http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm).
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection law. We may ask you to verify your identity in order to help us respond efficiently to your request. If we receive a request from one of your End-Users, we will either direct the End-User to reach out to you, or, if appropriate, we may respond directly to their request.
SECTION 3 – End-Users
Retention Science Services are intended for use by our Clients. As a result, for much of the Personal Information we collect and process about End-Users through the Services, we act as a processor on behalf of our Clients. Retention Science is not responsible for the privacy or security practices of our Clients, which may differ from those set forth in this privacy policy. Please check with individual Clients about the policies they have in place. For purposes of this section, “you” and “your” refer to End-Users.
Legal Basis for Processing
We process Personal Information about you as a data processor as described in this section, where such processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. Our legitimate interests typically include: improving, maintaining, providing, and enhancing our technology, products and services; ensuring the security of the Services and our Website; and for our marketing activities.
Information We Collect
The Personal Information that we may collect or receive about you broadly falls into the following categories:
(i) Information we receive about End-Users from our Clients:
A Client may provide Personal Information about you to us through the Services. For example, when a Client uploads their marketing list or integrates the Services with another website or service (for example, when a Client chooses to connect their e-commerce account with Retention Science), or when you sign up for a Client’s Distribution List on a 3rd party signup form, they may provide us with certain contact information or other Personal Information about you such as your name, email address, address or telephone number.
(ii) Information we collect automatically:
When you interact with a Client’s service (website, mobile app, email campaign that you receive from a Client or browse or purchase from a Client’s connected store), we may collect information about your device and interaction. We use cookies and other tracking technologies to collect some of this information. Our use of cookies and other tracking technologies is discussed in more detail in our Cookies section below.
Device information:
We collect information about the device and applications you use to access emails sent through our Services, such as your IP address, your operating system, your browser information, and other information about your system and connection.
Product usage data:
We collect usage data about you whenever you interact with emails sent through the Services, which may include dates and times you access emails and your browsing activities (such as what pages are viewed on Client websites). We also collect information regarding the performance of the Services, including metrics related to the deliverability of emails and other marketing communications our Clients send through the Services. This information allows us to improve the content and operation of the Services, and facilitate research and analysis of the Services.
(iii) Information we collect from other sources:
From time to time, we may obtain information about you from third-party sources or data providers. We take steps to ensure that such third parties are legally or contractually permitted to disclose such information to us, and we use this information to improve our personalization technology.
Use of Personal Information
We may use the Personal Information we collect or receive about you for our legitimate business interests, including:
To enforce compliance with our Terms of Use and applicable law. This may include developing tools and algorithms that help us prevent violations.
To protect the rights and safety of our Clients and third parties, as well as our own. For example, sometimes we review the content of our Clients’ campaigns to make sure they are functioning properly and comply with our Terms of Use. Our employees or independent contractors may review those particular campaigns, which may include your contact information. This is meant to ensure high quality of our product and product functionality.
To meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.
To prosecute and defend a court, arbitration, or similar legal proceeding.
To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
To provide, support and improve the Services. For example, this may include sharing your information with third parties in order to provide and support our Services or to make certain features of the Services available to our Clients. When we share Personal Information with third parties, we take steps to protect your information by requiring these third parties to enter into a contract with us that requires them to use the Personal Information we transfer to them in a manner that is consistent with this privacy policy and applicable privacy laws.
For our data analytics projects. Our data analytics projects use data from Retention Science accounts, including your Personal Information, to provide and improve the Services. We use information, like your purchase history, provided to us by Clients, so we can make more informed predictions, decisions, and products for our Clients.
Other purposes. To carry out other legitimate business purposes, as well as other lawful purposes.
Other Data Protection Rights
As described above, for much of the Personal Information we collect and process about End-Users through the Services, we act as a processor on behalf of our Clients. In such cases, if you are a End-User and want to exercise any data protection rights that may be available to you under applicable law or have questions or concerns about how your Personal Information is handled by Retention Science as a processor on behalf of our individual Clients, you should contact the relevant Client that is using the Retention Science Services, and refer to their separate privacy policies.
If you no longer want to be contacted by one of our Clients through our Services, please unsubscribe directly from that Client’s newsletter or contact the Client directly to update or delete your data. If you contact us directly, we may remove or update your information within a reasonable time and after providing notice to the Client of your request.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. We may ask you to verify your identity in order to help us respond efficiently to your request.
SECTION 4 – Visitors
This section applies to the Personal Information we collect and process from a Visitor. If you are not a Visitor, the Clients or End-Users section of this policy may be more applicable to you and your data. In this section, “you” and “your” refer to Visitors.
Information Collection
Information is collected and stored from you only after obtaining consent, which is obtained when you are prompted for information, by using a Retention Science website, downloading a product, or requesting further information.
We collect information from your interactions with our network. Some of this information, you actively tell us (such as your email address, which we use to communicate with you). Other information, we collect based on actions you take while using Retention Science, such as what pages you access and your interactions with our product features (like which pages you click). This information includes records of those interactions, your Internet Protocol address, information about your device (such as device or browser type), and referral information. In some countries, including countries in the European Economic Area, this information may be considered Personal Information under applicable data protection laws.
We may also collect Personal Information, such as your contact and job details and feedback, when you attend our events, take part in surveys, or through other business or marketing interactions we may have with you. You may choose to provide additional information when you communicate with us or otherwise interact with us, and we will keep copies of any such communications for our records.
The Personal Information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your Personal Information. We will also let you know prior to collection whether the provision of the Personal Information we are collecting is compulsory or may be provided on a voluntary basis and the consequences, if any, of not providing the information.
Use of Personal Information
To provide, operate, optimize, and maintain our Websites.
To send you information for marketing purposes, in accordance with your marketing preferences.
For recruitment purposes if you have applied for a role with Retention Science.
To respond to your online inquiries and requests, and to provide you with information and access to resources or services that you have requested from us.
To manage our Websites and system administration and security.
To improve the navigation and content of our Websites.
To identify any server problems or other IT or network issues.
To process transactions and to set up online accounts.
To compile aggregated statistics about site usage and to better understand the preferences of our Visitors.
To carry out research and development to improve our products and services.
To customize content and layout of the Websites.
To carry out other legitimate business purposes, as well as other lawful purposes.
Retention Science may contact Visitors about offers and opportunities from Retention Science or its business partners, to conduct surveys, and gather feedback. This privacy statement does not extend to any information that is beyond the control of Retention Science.
To opt out or update your cookie preferences, please visit the cookie settings cookie-settings-link
SECTION 5 – General
Cookies
A cookie is a piece of data stored on a computer’s hard disk containing information about the owner. Retention Science may employ the use of cookies for measuring usage and access information. Our partners may use cookies. Retention Science does not exercise any access or control of such cookies.
Retention Science’s websites use Google Analytics, a web analytics service provided by Google, Inc. (“Google”), to evaluate the use of the Retention Science site. Google Analytics places a third party cookie on your computer that is then used to compile reports of visitor traffic and internet usage. Google analytics does not have a database of individual profiles for each visitor and only collects aggregate data.
We and our partners may use various technologies to collect and store information when you interact with a Client’s services (eg. email campaign or connected store), and this may include using cookies and similar tracking technologies, such as pixels and web beacons. For example, we use web beacons in the emails we send on behalf of our Clients. When you receive and engage with a Client’s campaign, web beacons track certain behavior such as whether the email sent through the Retention Science platform was delivered and opened and whether links within the email were clicked. They also allow us to collect information such as your IP address, browser, email client type, and other similar details. We use this information to measure the performance of our Clients’ email campaigns, and to provide analytics information and enhance the effectiveness of our Services.
Data Storage
Retention Science uses third-party vendors and hosting partners, such as Amazon Web Services, for hardware, software, networking, storage, and related technology we need to run Retention Science.
Log Files
We maintain two types of logs: server logs and event logs. By using Retention Science, you authorize Retention Science to transfer, store, and use your information in the United States and any other country where we operate. Retention Science uses log files comprising of non-personally identifiable information to analyze trends, administer the site, track movements throughout the site, and gather broad demographic information for aggregate use.
Sharing
Information provided to Retention Science will be protected by Retention Science and not sold or rented to any unrelated third parties without the express consent of the information provider, except that Retention Science may disclose data to its affiliates and business partners who have established similar privacy standards, when legally obligated to do so, or if disclosure is required to protect the rights over Retention Science, Retention Science’s customers, or Clients or users of Retention Science’s services. Retention Science may also share aggregate demographic data that does not contain any personally identifiable information.
External Links
The Retention Science website contains links to external websites which are outside the scope of this privacy statement. Retention Science is not responsible for the privacy practices of such other sites and does not control the accuracy of the information displayed by such websites.
Forums, Bulletin Boards, Testimonials, Chat Rooms, and Surveys
Personal information submitted through a forum, bulletin board, testimonial, or chat room operated by Retention Science may be collected, used, and read by third parties, including other users. Retention Science is not responsible for any information submitted through these services.
We occasionally request information from customers via surveys. Participation in these customer surveys is voluntary. Survey information is used to improve this website and our services and products.
Data Security
Retention Science protects information both online and off-line. The transmission of information is encrypted and protected using Secure Sockets Layer(SSL). Stored customer information is kept in a secure environment where access is restricted to key employees who need the information to perform a specific job. Employee access is dictated according to the Retention Science Access Control Policy.
Retention Science Client accounts require a username and password to log in. Clients must keep their username and password secure, and never disclose it to a third party. Because the information in a Client’s Retention Science account is so sensitive, account passwords are hashed, which means we cannot see a Client’s password. We cannot resend forgotten passwords either. We will only provide Clients with instructions on how to reset them.
Data Retention
We retain Personal Information where we have an ongoing legitimate business or legal need to do so. Our retention periods will vary depending on the type of data involved, but, generally, we’ll refer to these criteria in order to determine retention period:
Whether we have a legal or contractual need to retain the data.
Whether the data is necessary to provide our Services.
Whether our Clients have the ability to access and delete the data within their Retention Science accounts.
Whether our Clients would reasonably expect that we would retain the data until they remove it or until their Retention Science accounts are closed or terminated.
When we have no ongoing legitimate business need to process your Personal Information, we will either delete or anonymize it or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
Choices and Opt-Outs
Clients and Visitors who have opted in to our marketing emails can opt out of receiving marketing emails from us at any time by clicking the “unsubscribe” link at the bottom of our marketing messages.
Also, all opt-out requests can be made by emailing us at help@retentionscience.com. Please note that some communications (such as service messages, account notifications, billing information) are considered transactional and necessary for account management, and Clients cannot opt out of these messages unless you cancel your account.
Amendments
Retention Science reserves the right to amend this privacy statement at any time. Any amendment will be made by posting the changes to the website. Customers must check the website periodically to be aware of any changes to the privacy statement. Your continued use of the website or Retention Science product or service constitutes your acceptance of those changes.
Your Rights and Choices
The CCPA provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Access to Specific Information and Data Portability Rights
You have the right to request that Retention Science disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will disclose to you:
The categories of personal information we collected about you. The categories of sources for the personal information we collected about you. Our business or commercial purpose for collecting or selling that personal information. The categories of third parties with whom we share that personal information. The specific pieces of personal information we collected about you (also called a data portability request). If we sold or disclosed your personal information for a business purpose, two separate lists disclosing: sales, identifying the personal information categories that each category of recipient purchased; and disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
Deletion Request Rights
You have the right to request that Retention Science delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request (see Exercising Access, Data Portability, and Deletion Rights), we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
Debug products to identify and repair errors that impair existing intended functionality.
Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
Comply with a legal obligation.
Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by emailing help@retentionscience.com.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
Making a verifiable consumer request does not require you to create an account with us.
We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.
If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
Questions / Concerns
For additional questions or concerns about Retention Science or this privacy policy, please contact help@retentionscience.com. For GDPR or CCPA concerns, or to contact our Data Protection Officer, please send requests to dpo@retentionscience.com.