Spredfast Privacy Center

 

Spredfast takes privacy and data protection seriously.  We value your trust.

Our Privacy Policy details how we collect, use, store and protect data of both the Customers who use Spredfast Services and other Vistors who visit our website.  Below is a summary of key elements of our policy and helpful FAQs.  Please refer to the entire Privacy Policy for the complete terms that apply to you.  Capitalized terms are defined in the Privacy Policy.

 

Spredfast Privacy & Data Protection: Summary & FAQs

Overview & Purposes for Data Collection:  We collect information from our customers (“Customers”) who use our SaaS and related services (“Spredfast Services”) and visitors (together with Customers, “Visitors”) for legitimate business purposes only, primarily to operate the websites we use to run our business (our “Websites”) and to provide, and improve, Spredfast Services. 

We also process content on behalf of our Customers as their data processor.  This content consists of content published or generated through the Spredfast Services, such as content Customers collect from Facebook, Twitter or other social media networks.  It is our Customers, and not Spredfast, who control how such information and content is collected and used.  Spredfast processes (rather than controls) such content in accordance with instructions from Customers. 

The Spredfast Services enable Customers to connect other accounts they may have on social media networks or apps, such as Facebook and Twitter.  We are not in control of the collection of content by other websites, apps, networks or otherwise which is not published or generated through the Spredfast Services.  Our Customers are required to abide by the applicable policies and requirements of social media networks or any other websites or apps used in connection with the Spredfast Services.  

What Information Do We Collect? We collect information provided to us by individuals on our website as well as content and third party information provided to us or accessed by Customers through Spredfast Services.  We also collect information from computers and internet devices primarily to enable us to provide and improve our services.  We receive information from Customers and third parties.  Customers provide us with data to enable them to log on and use Spredfast Services and content that we process through Spredfast Services.  

It is important to understand that we do not own or operate our Customers’ websites or the social media or other websites used in connection with the Spredfast Services.  When a Customer provides or accesses information through one of our Spredfast Services, we may receive information from the Customer input, in response to, or by way of interaction with, content generated by Customers using Spredfast Services as well as from the Customer’s website or the relevant social media site, including information about actions that the third party takes and may include additional information about the third party that was published on or provided to the Customer website or social media site.

How is Information Used?  We use personally identifiable information only in ways that are relevant and compatible with the purposes for which that information was collected by our Customers, subsequently authorized by the individual user, or as otherwise provided in our Privacy Policy.  We take all commercially reasonable steps to ensure that personally identifiable information collected is only used for its intended use and our Customers must do the same. 

Customers may also use or transfer information collected from their use of Spredfast Services and may transfer such information from our systems to their systems. We do not control how Customers use the information collected by way of their use of Spredfast Services, but Customers must comply with all applicable laws and any applicable terms and conditions, such as terms and conditions of social media networks, when collecting and using such information.

What Does Spredfast do to Protect Data?  Spredfast takes data protection very seriously and takes all reasonable measures to secure all data its Customers and partners submit to its platform.  Spredfast has successfully passed a SOC 2 audit  each year and employs industry best practices.  For example, Spredfast trains its personnel on security and privacy measures, enforces controls on access to its systems and encrypts any sensitive data.  Additional details about Spredfast’s security practices are available upon request.

What Role Do Social Media Networks or Other Third Parties Play in Data Protection?  Data and content that comes from, or is provided to, social media networks or other third party sites will be subject to the data protection and privacy policies of those social media networks and third parties.  Spredfast Services provide tools for Customers to access and interact with such sites, but since data and content contributed to or accessed from the Spredfast Services reside on those third party sites, they are also protected in accordance with their policies.  This is also the reason Customers and Spredfast must agree to the applicable terms and conditions of such social media networks and third parties.

What Social Media Networks or Third Parties Are Involved & How Do Customers Know?  Customers know which of the Spredfast tools interact with which social media networks or other sites because they are described in the product descriptions made accessible to Customers and/or they are apparent on the Customers’ dashboards.  Customers can find the applicable privacy policies posted on each of those sites.  If they don’t want’ to use any particular social media network or other site, Customers are free to make those choices.

How is Deletion and Correction of Personally Identifiable Information Handled?  At the request of a Visitor, we will delete from our active databases all personally identifiable information the Visitor provided to us.  In addition, at the request of a Customer, we will delete from our active databases all Personally Identifiable Information collected through Spredfast Services collected by such Customer.   However, we may not be able to delete information accessed or provided through Spredfast Services if we do not control such information, such as information that originated through a social media network and is consequently controlled by such social media network.  In addition, we may retain such information to the extent required by law or document retention policies or if copies are kept in archival backups, but in no event will we use or disclose such information, except as required by law. 

If a Visitor has provided us Personally Identifiable Information and (a) would like that information deleted from our records, or (b) would like to update or correct that information, the Visitor can contact us at our email address, legal@spredfast.com, with the subject line “Privacy Policy Request” and provide us with the relevant name, postal address, and any other information necessary to respond to the request. 

EU-US and Swiss-US Privacy Shield Frameworks:  Spredfast has certified to the EU-US  and Swiss-US Privacy Shield Frameworks (the “Privacy Shields”) as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries.  We have certified that we adhere to the Privacy Shields Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.  If there is any conflict between the policies in this Privacy Policy and the Privacy Shields Principles, the Privacy Shields Principles shall govern.  To learn more about the Privacy Shields programs, please visit https://www.privacyshield.gov/.

Where Does Spredfast Process and Store Data:  Spredfast processes and stores data on the Amazon Web Services servers that it licenses, which are located in the United States, unless otherwise specifically agreed in writing by Spredfast and a Customer.

Last Updated April, 2017