We gather information in various ways, including when you provide it to us, when you use our Website or Services, and when other sources share it with us. The details are further explained below.
A. Information You Provide to Us
B. Information Collected Automatically
C. Information Obtained from External Sources
We have the potential to gather information about you from various other sources, which may include third-party services and organizations. If, for instance, you access our Website or Services through a third-party application such as a social networking site or a third-party login service, we might collect information about you from that particular third party, provided you have made it available through your privacy settings. Additionally, when you register a OpenRead account or associate it with an email address given to you by your organization, we may acquire information from third-party data enrichment providers. This helps us improve our business-to-business marketing and sales outreach efforts to better suit your needs.
In the event that you choose to utilize the Google Contacts feature within our Services, we will have the capability to view your contacts through the Google People API. This data will solely be used to populate the auto-completion feature for your contacts when sending invitation emails. OpenRead will refrain from using this data for any other purpose.
For the Cron Services, you are required to grant authorization for access to your calendar and events data stored in a third-party calendar service. This third-party calendar service falls under the category of Non-OpenRead Services, as defined in the Agreement. If you opt to authorize an integration with your calendar provider, we will store your userID for that provider and the authorization token required to connect to the provider's API. This grants you the ability to utilize the Cron Services for storing, viewing, and editing data from your calendars, as well as auto-populating contacts when creating events.
Furthermore, you have the option to integrate the Cron Services with your third-party conferencing provider. Similar to the calendar provider, this conferencing provider is also considered a Non-OpenRead Service as per the Agreement's definition. By authorizing the integration with your conference provider, you gain the ability to add conferencing meetings to your calendar events and view or store any associated information related to conferencing meeting invitations within the Cron Services.
We employ your information for various business purposes, which include:
Providing Services and Requested Information, such as:
Serving Administrative and Communication Purposes, such as:
Marketing of Products and Services:
In compliance with applicable legal requirements, we may utilize your information to customize and provide you with content and advertisements. If you have any inquiries about our marketing practices or if you wish to opt out of using your information for marketing purposes, please reach out to us using the contact details provided below.
We may utilize personal information for other purposes that are clearly communicated to you at the time you provide the information or with your explicit consent.
Use of De-identified and Aggregated Information:
Processing Information on Behalf of Our Customers:
Usage of Automatic Collection Technologies:
Our utilization of technologies can be categorized into the following general areas:
Your online activity may be tracked across various websites and devices or applications. For instance, we may try to match your browsing activity on your mobile device with that on your laptop. To achieve this, our technology partners may share data such as browsing patterns, geo-location, and device identifiers, and correlate information from browsers and devices that appear to belong to the same user.
We may share your information with the following groups of third parties:
We may disclose the information we collect about you to third-party service providers. These service providers may include those involved in: (i) providing the Services; (ii) delivering requested information, products, and other services, including Non-OpenRead Services as defined in the Agreement; (iii) marketing and advertising; (iv) processing payments and transactions; (v) handling customer service activities; (vi) providing IT and related services; and (vii) preventing fraud and verifying user identity.
Upon your request, we may provide information to business partners who can offer you products or services of interest. We may also share information with business partners with whom we collaborate to offer joint products or services.
We may share information with our affiliated entities that are under common ownership and/or control with us.
We do not use or disclose your information to advertise third-party products or services through the Services. However, as explained in detail in the "Information Collected Automatically" section above, we may share your information with third-party advertising partners to promote our own Services and expand our user base, such as by providing targeted marketing about our Services through third-party platforms. Please refer to the "Your Choices" and "Your Rights" sections below for more information and to opt out.
We may share your information with other third parties, including other users, in the following situations:
Disclosures for Protection:
If we have a good faith belief that it is necessary or appropriate, we may access, preserve, and disclose any information associated with you to external parties to: (i) comply with law enforcement or national security requests and legal processes, such as court orders or subpoenas; (ii) protect your, our, or others' rights, property, or safety; (iii) enforce our policies or contracts; (iv) collect amounts owed to us; or (v) assist with the investigation and prosecution of suspected or actual illegal activities.
Disclosure in Case of Merger, Sale, or Transfer of Assets:
In the event that we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of some or all assets, or transfer of service to another provider, your information may be sold or transferred as part of such a transaction, in accordance with applicable laws and contracts.
All information processed by us may be transferred, processed, and stored anywhere in the world, including but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live. When we engage in such transfers, we endeavor to safeguard your information consistent with the requirements of applicable laws.
You have the option to object to or choose not to participate in certain uses of your information. If you have given consent for the processing of your information for a specific purpose, you can withdraw that consent at any time by contacting us as explained below. Even if you choose not to participate, we may still gather and utilize your information for other purposes that were not based on your consent.
"Do Not Track":
Your browser may provide a "Do Not Track" option that allows you to indicate to website operators that you do not want them to track certain online activities of yours over time and/or across different websites. Similar to most online services, we do not currently respond to Do Not Track signals. However, as discussed in the "Your Privacy Rights" section below, we do respect legally recognized browser-based mechanisms (such as the Global Privacy Control) that signal your choices to opt out under specific applicable laws.
Withdrawing Your Consent:
The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below. Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within fifteen (15) business days of receiving it. Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our goods or services to you and we shall, in such circumstances, notify you before completing the processing of your request. Should you decide to cancel your withdrawal of consent, please inform us in writing in the manner described in clause 8 above. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclose without consent is permitted or required under applicable laws.
In accordance with applicable laws and depending on your location, you may have certain privacy rights, which include:
If you wish to exercise any of these rights, please contact us using the information provided below. We will handle such requests in accordance with applicable laws. In certain situations, we may need to deny your request partially or entirely, for example, if we have a legal obligation to retain your information for a specific purpose. To safeguard your privacy, we will take measures to verify your identity before fulfilling your request. This may include requiring you to submit your request through your account. While you have the right to authorize an agent to submit a request on your behalf, we will need the agent to provide us with your written permission and may need to confirm your identity before processing the agent's request.
If you reside in a location that grants you the right to appeal our response to your request, we will inform you about the appeals process and your right to appeal.
Please note that the above requests may be charged for. If so, we will inform you of the fee before processing your request. We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA).
Request to Restrict Selling or Sharing of "Personal Information":
As described in the section above titled "Information Automatically Collected," we share information about your device and online browsing activities with third-party advertising providers for targeted advertising purposes. This sharing may be considered a "sale" of personal information or the processing/sharing of personal information for targeted advertising under applicable law.
If you wish to opt out of our online disclosure, including the use of cookie and pixel technology to disclose your personal information for purposes that may be considered "sales" for third parties' commercial use or "sharing" for targeted advertising purposes, please submit a request to opt out of the disclosure of information, which is subject to applicable opt-out rights, by emailing us at email@example.com.
Please note that if your device browser has a legally recognized browser-based opt-out preference signal enabled (e.g., global privacy control), we will respect that preference in accordance with applicable law.
To achieve the purposes listed in the above clauses, we may continue to apply and retain the information even in situations where your relationship with us (for example, pursuant to a contract) has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
By using our Services or providing us with your information, you consent to receiving electronic communications from us regarding security, privacy, and administrative matters related to your use of our Services. In the event of a breach in our security system, we will make efforts to inform you electronically through notices posted on our Services, by mail, or by sending an email.
If we have unfortunately suffered a data breach that has caused (or is likely to cause) significant harm to affected individuals, or that has affected at least 500 individuals, then we will inform the Personal Data Protection Commission (PDPC) and affected individuals of the breach.
Our Services may include links to other websites or applications, and other websites or applications may reference or link to our Services. Please be aware that these third-party services are beyond our control. We encourage our users to review the privacy policies of each website and application they interact with. We do not endorse, screen, or approve these third-party websites or applications, and we are not responsible for their privacy practices or content. Visiting these external websites or applications is done at your own risk.
Our Services are intended for a general audience and are not aimed at children. If we discover that we have collected data from children below the age where valid parental consent is required, we will take appropriate measures to promptly delete it.
If you are located in the European Economic Area or the UK, you have the right to lodge a complaint with a supervisory authority if you believe that our handling of your information violates applicable laws.
You may contact our Data Protection Officer Han Wang if you have any enquiries or feedback on our personal data protection policies and procedures, or if you wish to make any request, in the following manner below.