OPENSYNC PRIVACY POLICY
Last Updated: October 24, 2023
Plume Design, Inc. and its subsidiaries and affiliates (collectively, Plume or we) offers the website and services available at opensync.io (OpenSync Site). Plume provides this OpenSync Privacy Policy to explain the personal information that Plume processes through the OpenSync Site and how and why Plume processes it.
This OpenSync Privacy Policy also describes the rights and choices that you may have with respect to your Personal Information and how to exercise those rights.
The controller or business for personal information collected through the OpenSync Site is Plume Design, Inc., 325 Lytton Ave., Palo Alto, CA 94301.
In this OpenSync Privacy Policy, the following terms have the following meanings:
- personal information means information that identifies or can be used to identify an individual person and, under some privacy laws that may apply to Plume, information that identifies a specific entity
- processing means any operation (or set if operations), such as collecting, combining and storing, performed on personal information
- controller means the person or entity that determines why and how personal information is processed, including a “business”
- processor means the person or entity processing personal information on behalf of a controller, including a “service provider”
- user means you and other individuals who access and use the OpenSync Site
Plume's processing of personal information is subject to the laws in the jurisdictions in which Plume operates. Privacy rights also may vary depending on each user's place of habitual residence.
CALIFORNIA RESIDENTS: FOR OUR NOTICE AT COLLECTION, PLEASE CLICK HERE
For more information, please see Section 7 below.
IF YOU HAVE QUESTIONS REGARDING OUR PERSONAL INFORMATION PROCESSING PRACTICES, PLEASE CONTACT US AT privacy@plume.com.
1. WHEN THIS PLUME PRIVACY POLICY APPLIES
This Privacy Policy applies to the OpenSync Site and otherwise when you specifically acknowledge it. If a particular website or service links to a different privacy policy, then that privacy policy - not the OpenSync Privacy Policy - applies. Please make sure to check those other privacy policies to learn how your personal information is processed.
2. PERSONAL INFORMATION COLLECTION
Plume collects personal information to provide and promote the OpenSync Site and for the other purposes listed below. The specific types of personal information that Plume collects from or about you depends on how you interact with Plume.
a. Information users choose to give us
We collect the personal information that users choose to share with us, which typically includes the following types of personal information
Types of Personal information | Why this Personal Information is Collected |
---|---|
Contact and account information Name, email address or other username, password, telephone number and similar contact information and purchase related contact information (e.g., billing and delivery address, payment information and similar information necessary to complete a purchase); profile nicknames and profile photos. |
|
Personal information you share through the OpenSync Site |
|
b. Information automatically collected by the OpenSync Site
The OpenSync Site automatically collects certain information from and about use of the OpenSync Site. Some automatically collected information is personal information under certain laws. Information is automatically collected using cookies, pixel, web beacons and similar data collection technology and includes:
- browser type, operating system version, domains, IP address, browser type, internet service provider and mobile network of visitors to Plume's websites
- how a computer or Mobile Device or interacts with Plume's websites, including the date and time accessed, search requests and results, mouse clicks and movements, specific webpages accessed and links clicked
- data about the third-party sites or services accessed before interacting with Plume's websites, which is used to make advertising more relevant for users
- interactions with Plume's marketing communications, such as whether and when a Plume email is opened, to help Plume measure the success of email marketing campaigns
Please see Plume's Cookie Policy for more information.
c. Information collected from third parties
From time to time, Plume receives personal information from third parties that help Plume learn more about users and how to more effectively promote and improve the OpenSync Site.
The types of personal information that we receive from third parties are:
- Personal information from marketing services providers to help identify individuals who may be interested in learning more about the OpenSync Site and to supplement personal information we already have
- Personal information from the third-party advertising partners that use cookies to collect information about browsing activities over time and across websites. Through a process called “retargeting,” each advertising partner places cookie(s) in a user's browser when the user visits the Open Sync Site so that they can identify the user and serve ads on other websites around the web based on browsing activity.
- Personal information from publicly available sources
When Plume combines personal information from third-party data sources to enhance the personal information that Plume holds, Plume requires that each third party confirm the lawfulness of its sharing of personal information with Plume for the purposes described in this OpenSync Privacy Policy.
d. Other information collected with consent
We may ask users for consent to collect specific types of personal information, such to participate in events, request exclusive content or participate in testing new features or products related to the OpenSync Site.
3. PERSONAL INFORMATION USE
Plume uses personal information to provide and improve the OpenSync Site, manage our business, protect users and enforce our legal rights. Plume processes personal information as a controller to:
-
For Plume's lawful business purposes:
- monitor use of and protect the OpenSync Site and information processed through the OpenSync Site
- track customer support
- analyze, measure the effectiveness of and improve the OpenSync Site
- identify user needs and develop new products and services to meet them
- conduct marketing about the OpenSync Site or related third-party products and services (where permitted)
- invite users and others to participate in market research and testing of current and new features
- create statistical analyses and segment and combine data sets to identify trends
- detect and prevent fraud (e.g., if you provide a credit or debit card, we may use third parties to check the validity of the sort code, account number and card number you submit)
- enforce the OpenSync Site Terms of Use
- prevent, investigate and/or report security incidents
-
To comply with applicable laws and protect legal rights:
- enforce and investigate actual or suspected violations of our agreements
- protect the safety, security and legal rights of users
- detect, prevent and remediate fraud or other unlawful behavior and similar issues related to the OpenSync Site
-
With consent. Plume processes personal information as a controller based on consent for certain marketing activities and advertising practices.
Plume also anonymizes personal information and uses the anonymized data as permitted by applicable law and contracts. (Once personal information is anonymized in compliance with applicable law, it is no longer personal information and not subject to this OpenSync Privacy Policy.)
4. PERSONAL INFORMATION SHARING
How Plume shares personal information depends on the OpenSync Site used. Generally, Plume shares personal information with people and businesses that help operate the OpenSync Site and otherwise when Plume is legally permitted or required to do so.
Plume shares personal information with the following categories of recipients:
- Professional advisors, such as lawyers, accountants, insurers and information security and forensics experts.
- Processors to enable them to perform services on our behalf, including data analytics, data security, cloud storage providers, surveys and otherwise to help us carry out our business.
- Marketing vendors that help promote the OpenSync Site (such as by email marketing) and supplement personal information that we already have
- Potential or actual acquirers or investors and their professional advisers in connection with any actual or proposed merger, acquisition or investment in or of all or any part of our business. We will use our best efforts to ensure that the terms of this OpenSync Privacy Policy apply to personal information after the transaction or that users receive advance notice of changes to personal information processing.
- Competent law enforcement, government regulators and courts when we believe disclosure is necessary (i) to comply with the law, (ii) to exercise, establish or defend legal rights, or (iii) to protect the vital interests of users, business partners, service providers or another third party.
- Our affiliates and subsidiaries, such as Plume's entities in Poland, Slovenia, Switzerland and Taiwan.
- Other third parties with consent.
When Plume shares anonymized data, Plume takes administrative measures to prohibit efforts by recipients to re-identify anonymized data.
5. PERSONAL INFORMATION PROTECTION
Plume uses technical, physical, and administrative safeguards intended to protect the personal information that we process from unauthorized access and use.
Our safeguards are designed to provide a level of security appropriate to the risk of processing your personal information and include (as applicable) measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and a procedure for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing of personal information. Like any other organization, Plume cannot fully eliminate security risks associated with the processing of personal information.
You are responsible for maintaining the security of your account credentials. Plume will treat access to the OpenSync Site through your account credentials as authorized by you.
We may suspend your use of all or part of the OpenSync Site without notice if we suspect or detect any breach of security. If you believe that information you provided to Plume or your account is no longer secure, please notify us immediately at privacy@plume.com.
If we become aware of a breach that affects the security of your personal information, we will provide you with notice as required by applicable law. When permitted by applicable law, Plume will provide this notice to you through the email address associated with your account or other permitted method associated with your account.
UNAUTHORIZED ACCESS TO PERSONAL INFORMATION AND THE PLUME SERVICES - INCLUDING SCRAPING - IS PROHIBITED AND MAY LEAD TO CRIMINAL PROSECUTION.
6. PERSONAL INFORMATION RETENTION
Plume retains personal information for as long as necessary to carry out the purposes described above. Plume also retains personal information for as long as Plume believes necessary to comply with our legal obligations, resolve disputes and enforce our legal agreements.
When determining the relevant retention period, Plume considers a user's purpose for using the OpenSync Site, retention periods in Plume's data deletion procedures and requirements of data protection laws.
At the end of the relevant retention period, Plume either deletes or anonymizes personal information or, if Plume cannot delete or anonymize the personal information, then Plume segregates and securely stores personal information until deletion or anonymization is possible. Plume uses anonymized data subject to applicable law.
7. CHOICES AVAILABLE FOR PERSONAL INFORMATION
Choices about personal information depend on a user's place of habitual residence and the applicable OpenSync Site.
For residents of the US:
To Opt-out of Selling/Sharing or make another privacy rights request, please complete this form. You also can send us an email to privacy@plume.com for such requests.
For more information, please visit: please click here
For residents of EEA, Switzerland and UK
Data Controller
The controller for the personal information collected in connection with use of the OpenSync Site in the European Economic Area, Switzerland and United Kingdom is Plume Design, Inc. You also may contact our local representative as required under Article 27 GDPR at eu27representative.plume@hoganlovells.com.
Processing
Plume's processing of your personal information is described above in this Privacy Policy, including:
- Personal information collection (Section 2)
- Personal information use and sharing (Sections 3-4)
- Personal information protection and retention (Sections 5-6)
Legal Bases for Plume's Processing
The legal bases for Plume's processing of your personal information depend on the context in which the personal information is collected and processed. Generally, we only collect personal information when
(i) Plume needs the personal information to perform a contract (such as the OpenSync Terms of Use)
(ii) when we have consent to do so (which consent you can withdraw at any time using the contact information below); or
(iii) when the processing is in our legitimate business interests and not overridden by the privacy or other fundamental rights and freedoms of users (such as when we process personal information to prevent fraudulent use of the OpenSync Site). When we collect and use personal information in reliance on our legitimate interests (or those of any third party), this interest is to provide the OpenSync Site and communicate with you about the OpenSync Site and for responding to queries, improving the OpenSync Site, advising users about new features or maintenance or similar commercial interests to make the OpenSync Site available for you. We may have other legitimate interests and if appropriate we will make clear our legitimate interests at the relevant time.
In some cases, we also may have a legal obligation to collect personal information from users. If we ask you to provide personal information to comply with a legal requirement, we will make this clear at the relevant time and advise you whether providing your personal information is mandatory and the possible consequences if you do not provide your personal information.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us at privacy@plume.com.
Cookie Policy
Plume has a Cookie Policy separate from this Open Sync Privacy Policy. To manage your cookies, click Cookie Manager in the footer of this webpage.
Data Subjects Rights
To the extent provided under GDPR and similar laws of Switzerland and UK, you have the following rights with respect to personal information concerning you:
- Right of access your personal information
- Right to rectification (i.e., correction, update)
- Right to erasure
- Right to restrict processing
- Right to data portability (i.e., receive an electronic copy of your personal information for purposes of transmitting it to another organization)
- Right to withdraw consent at any time
If you would like to access, correct, update, suppress, restrict, object to or delete personal information that you have previously provided to Plume as or if you would like to receive an electronic copy of your personal information for purposes of transmitting it to another company (where this right to portability is provided to you by law), please submit your request to us as follows:
- To make a privacy rights request, please fill this this form. You also can send us an email to privacy@plume.com for such requests.
In your request, please make clear what personal information you would like to have changed or other limitations you would like to put on our use of your personal information. For your protection, we verify your identity and geographic residency before fulfilling your request. We will comply with your request as soon as reasonably practicable and within the time periods required by applicable law.
Please note that we often need to retain certain personal information for record keeping purposes and/or to complete any transaction that you began prior to submitting your request. We also may not delete certain personal information for legal reasons.
How to Contact Data Protection Authorities
EU Data Protection Authorities
You have a right to lodge a complaint about how we process your personal information with the appropriate EU data protection authority. Please click here for more information.
Switzerland's Data Protection Regulator
Office of the Federal Data Protection and Information Commissioner (FDPIC)
Feldeggweg 1
CH - 3003 Berne
Tel: 41 (0)58 462 43 95 (mon.-fri., 10-12 am)
Telefax: 41 (0)58 465 99 96
https://www.edoeb.admin.ch/edoeb/en/home/deredoeb/kontakt.html
United Kingdom's Data Protection Regulator
Information Commissioner's Office (ICO)
Wycliffe House, Water Lane, Wilmslow Cheshire SK9 5AF
Telephone: 0303 123 1113
Fax: 01625 524510
https://ico.org.uk/global/contact-us/
To stop receiving promotional emails from Plume, please click the “Unsubscribe” link at the bottom of the email. Your account settings also may allow you to change your notification preferences. After you opt out, we may still send you non-promotional communications, such as receipts for purchases or administrative information about your account.
IF YOU RESIDE IN A JURISDICTION WITH PRIVACY LAWS THAT OFFER YOU PRIVACY RIGHTS NOT DESCRIBED IN THIS PRIVACY POLICY, PLEASE CONTACT PLUME AT PRIVACY@PLUME.COM. PLUME RESPECTS YOUR PRIVACY RIGHTS AND WILL DO OUR BEST TO ACCOMMODATE YOUR REQUESTS.
8. CROSS-BORDER TRANSFERS OF PERSONAL INFORMATION
Plume may transfer personal information across borders to any of the places where Plume and its suppliers and partners do business. Other jurisdictions may have data protection laws that are different from (and, in some cases, less protective) than the laws where you reside.
If your personal information is transferred across borders by Plume or on Plume's behalf, Plume uses appropriate safeguards to protect personal information in accordance with this OpenSync Privacy Policy. These safeguards include agreeing to standard contractual clauses and similar model contracts for transfers of personal information among the Plume affiliates and among Plume's suppliers and partners. When in place, these contracts require the affiliates, suppliers and partners to protect personal information in accordance with applicable privacy laws.
To request information about Plume's standard contractual clauses or model contracts and other safeguards for cross-border personal information transfers, please contact privacy@plume.com.
9. CHANGES TO THIS OPENSYNC PLUME PRIVACY POLICY
Plume may update this OpenSync Privacy Policy from time to time in response to changing legal, technical or business developments. When Plume updates the OpenSync Privacy Policy, Plume will post the updated version and change the “Last Updated” date above. Plume also will take appropriate measures to inform you in advance of significant changes that we believe affect your privacy rights so that you have an opportunity to review the revised OpenSync Privacy Policy before it is effective. If your consent is required by applicable privacy laws, Plume will obtain your consent to changes before the revised OpenSync Privacy Policy applies to you.
10. CONTACT INFORMATION
If you have questions or comments about the OpenSync Privacy Policy or Plume's privacy practices, please contact us:
- by email at privacy@plume.com
- by mail at:
Plume Design, Inc.
Attn: Privacy
325 Lytton Ave
Palo Alto, CA 94301