Effective as of January 17, 2024.  

This Privacy Notice describes how Bureau, Inc. ("Bureau," "we", "us" or "our") handles personal data in our control and your choices about your personal data covered by this Privacy Notice.   If you have any questions or concerns about our use of your personal data, please contact us

This Privacy Notice describes how we handle personal data that we collect through the websites and mobile applications that we own and operate and that link to this Privacy Notice (collectively, the “Service”).  However, this Privacy Notice does not apply to personal data that Bureau processes on behalf of our business customers while providing our services to them (“Customer Personal Data”), even where the customer’s service indicates that it is “powered by” Bureau.  If you have concerns about the handling of Customer Personal Data, you should contact the relevant Bureau customer, which determines how Customer Personal Data is handled and contractually restricts how we use it.  If you are unsure about how to contact the customer, please contact us and we will try to assist you.  You should also review the relevant customer’s own privacy disclosures to understand how it handles personal data. 

The Service is provided to businesses and is not intended for use by individuals for personal, family, household, or other consumer purposes. All personal data covered by this Privacy Notice pertains to individuals acting in a business or commercial capacity.

The personal data we collect from you, either directly or indirectly, will depend on how you interact with us and with our Service. We collect personal data about you from the following sources:

Information you provide to us. Personal data you may provide to us through the Service includes:

• Contact data. Your full name, professional title, organization name, email address, mailing address, phone number, social media handle, and other contact details.
• Account data. Your username (i.e., email address) and password for your Service account, and any other information you choose to add to your Service profile.
• Transaction data.  Any payment card data you chose to use to pay for the Service, and information about your transactions with us.  
• Communications data. Information in your communications with us, including when you communicate with us through the Service, social media, events, or otherwise.  This includes both the content of these communications and the contact details and metadata associated with it, such as social media handles, profile photos that you use with your social and email accounts, and the date/time of the communication.  We and our service providers may monitor and record these communications, including calls/videoconferences with our support or sales teams, for training and quality assurance purposes and the other purposes described in the How we use your personal data section below.

‍

If we collect personal data not specifically listed above, we will use it consistent with this Privacy Notice      or as otherwise explained at the time of collection.

Information automatically collected.  We and our service providers may automatically collect information about you, your computer or device, and your browsing actions and usage activity, such as:

• Device data.  Technical information about your computer or mobile device, including operating system type and version, manufacturer and model, browser type, screen resolution, RAM and disk size, CPU usage, device type (e.g., phone, tablet), IP address, unique device identification numbers or other identifiers (including identifiers used for advertising purposes), language settings, mobile device/cellular carrier, radio/network information (e.g., Wi-Fi, LTE, 3G), and general location information associated with IP address (e.g., city/town).
• Usage data.  Page and screen views, search terms, authentication details, how long you spent on a page or screen, the website you visited before browsing to the Service, navigation paths between pages/screens, information about your activity on a page/screen, access times and duration of access, whether you have opened our emails or clicked links within them, and other functional information on Service performance (like diagnostics and crash logs).

‍

Cookies and other technologies. The following technologies enable some of the automatic collection described above:

• Cookies. These are small data files that are placed on your computer or mobile device when you visit a website to help website operators understand site traffic and use, help you navigate between pages efficiently, remember your preferences, and enable functionality.  Cookies used on our site include cookies that we serve as well as cookies served by third party vendors that we work with to enable the services they provide, such as website analytics services that track traffic and usage.  Some cookies are stored only for the duration of a user session and others remain on your device for a longer period. You can learn more about cookies and how to control them at www.allaboutcookies.org and you can set preferences for which cookies you wish to remove or reject in your browser.  
• Pixels. We may use pixels (also known as web beacons and clear GIFs) on our site and in our HTML formatted emails to track the actions of users on our sites and interactions with our emails, such as when an email was opened. Pixels are embedded invisibly in image files within webpages or HTML formatted emails. Most browsers and devices allow you to configure your browser or device to prevent images and any pixels embedded in them from loading.
• SDKs. Software development kits (SDKs) are third-party computer code incorporated into our mobile and web applications to enable functions and tracking similar to those enabled by the other technologies described above, including to enable authentication services, analytics services, and functionality provided by third parties.

‍

If you block or reject these technologies, certain areas or features of the Service may not work or be accessible.

‍

Third party data sources. We combine personal data we receive from you or collect automatically when you use the Service with personal data we obtain from other sources, such as:

‍

• Our business contacts who share details about their professional contacts and friends, including potential customers, partners, and vendors.
• Public sources, including government records, information you submit in public forums, and information made publicly available on social media and company website bios. 
• Data brokers who provide contact and biographical details about potential customers and help us keep the details in our database up to date.
• Authentication services you can use to log into the Service, such as those provided by Google, which may share information about you to facilitate the authentication as described in the service’s settings or privacy policy.

We use your personal data for the following purposes or as otherwise described in this Privacy Notice      or at the time of collection:

Service delivery. We use your personal data to register your Service account, to manage and administer your Service account, provide the Service and to communicate with you about our Service (including support and administrative messages).

Business operations.  We use your personal data to administer and maintain our Service and our IT systems (including monitoring, troubleshooting, data analysis, testing, system maintenance, repair, and support, reporting and hosting of data) and to operate our business. 

Research and development. We use your personal data for research and development purposes, including to conduct survey research and to otherwise analyze and improve the Service and our business. As part of these activities, we may create aggregated, de-identified and/or anonymized data from personal data we collect. We make personal data into de-identified or anonymized data by removing information that makes the data personally identifiable. We may use this aggregated, de-identified or otherwise anonymized data and share it with third parties for our lawful business purposes, including to analyze, improve, and promote the Service and our business.

Marketing. We use your personal data to send you marketing emails or contact you by phone about our products, services, or events. You may opt-out of our marketing communications as described in the Opt-out of marketing section below.

Compliance and protection. We use your personal data to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities. We also use your personal data to protect our, your or others’ rights, privacy, safety, or property (including by establishing and defending legal claims), including by conducting internal audits against our policies; enforcing the terms and conditions that govern the Service; and taking steps to prevent, investigate and deter fraud, cyberattacks or other unauthorized, unethical, or illegal activity.

We, our service providers, and the third parties we work with may process personal data as described in this Privacy Notice manually or through automated means, including through artificial intelligence (AI) and machine learning technologies, including generative AI.

We may share your personal data with the following categories of recipients, at your direction, and as otherwise described in this Privacy Notice or at the time of collection.

Affiliates. We may share personal data with affiliates that we control, are controlled by, or with which we are under common control, for purposes consistent with this Privacy Notice.

Service providers. We share personal data with parties that provide services on our behalf or help us operate the Service or our business (such as hosting, information technology and software, customer support, email, and telephone communications, call recording, marketing, advertising, payment processing, user authentication, market/survey research, data brokerage, generative artificial intelligence, and analytics).

Payment processors. Third party payment processors that collect your payment card data and other transaction data to process your payment card transactions when you pay for the Service. 

Authentication services.  When you log into the Service by using your credentials on a third party service, such as Google, the service will collect contact data, device data and usage data from you to facilitate the authentication as described in the service’s relevant settings or privacy policy.

Professional advisors. We may share all categories of personal data with professional advisors, such as lawyers, auditors, and bankers, where necessary in the course of the professional services that they render to us.

Authorities and others. We may share all categories of personal data with law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.

Business transferees. Parties (and their advisors) to business transactions involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, Bureau or our affiliates (including, in connection with a bankruptcy or similar proceedings) may acquire all categories of personal data that we handle in connection with such transactions or we may share it with them in the context of negotiations of or due diligence for such transactions.

Account administrators. Administrators of Service accounts provisioned to you by your employer or other organization, who can access information about your account and activity in it; restrict, suspend, or terminate your access to the account and ability to process information associated with it.

Access or update your information. You may review and update certain Service account information by logging into your account.

Opt-out of marketing communications. You may opt-out of marketing emails at any time by following the opt-out or unsubscribe instructions at the bottom of the email, or by contacting us. Please note that if you opt-out of promotional emails, you may continue to receive service-related and other non-marketing emails.

Cookies. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. You can learn more about Google Analytics, one of the analytics services we use, and how to opt-out of being tracked by Google Analytics, here: https://tools.google.com/dlpage/gaoptout

Do Not Track. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

Notice to end users.  The Service is intended for use by businesses. Where your employer or another organization provisions a Service account for you, that organization is the administrator of the application and is responsible for the application accounts that it controls. If this is the case, please direct your questions about your account data to your administrator, as your use of the account is subject to that organization's policies. We are not responsible for the privacy or security practices of an administrator's organization, which may be different than ours.

The Service may contain links to, or integrations of websites and other online services operated by third parties. In addition, our content may be integrated into web pages or other online services that are not associated with us. These links and integrations are not an endorsement of, or representation that we are affiliated with, any third party. We do not control websites or other online services operated by third parties, and we are not responsible for their actions. We encourage you to read the privacy policies of the other websites and other online services you use.

We use technical and organizational safeguards designed to protect the personal data we collect. However, security risk is inherent in all internet and information technologies, and we cannot guarantee the security of your personal data.

We are based in the United States and have affiliates and service providers that operate in the United States and other regions outside of your country of residence. These countries may have data protection laws that differ from those of your country and, in some cases, may not be as protective as the laws where you live.

The Service is not intended for use by anyone under 18 years of age. If you are a parent or guardian of a child under 18 from whom you believe we have collected personal data in a manner prohibited by law, please contact us. If we learn that we have collected personal data through the Service from a child under 18 without the consent of the child’s parent or guardian as required by law, we will comply with applicable legal requirements to delete the information.

We reserve the right to modify this Privacy Notice at any time. If we make material changes to this Privacy Notice, we will notify you by updating the date of this Privacy Notice and posting it on the Service or other appropriate means. Any modifications to this Privacy Notice will be effective upon our posting the modified version (or as otherwise indicated at the time of posting). In all cases, your use of the Service after the effective date of any modified Privacy Notice indicates your acknowledgment that the modified Privacy Notice applies to your interactions with the Service and our business.

If you have questions or concerns about this Privacy Notice or our practices, please contact us at privacy@bureau.id.