Northshore IO Inc
Effective Date: May 8th, 2020
We are Northshore IO Inc (“Company”, “Us”, “We”) registered in California with California Corporate Number C4091478 of 2195 Beach St. #304, San Francisco, CA 94123 USA.
The procedures and principles set out herein must be followed at all times by the Company, its employees, agents, contractors, or other parties working on behalf of the Company.
If you are a resident of California USA, you should refer to our section 14 “California Residents” below.
If you are a resident of the United Kingdom or the European Economic Area (meaning all European Union member states together with Norway, Lichtenstein and Iceland) you have different rights to those set out in parts 2 through 14 of this Policy and should refer to Part 15 "United Kingdom ("UK") and European Economic Area ("EEA") Residents" below.
2. Types of Data Collected
We collect several different types of information for various purposes to provide and improve our Service to you:
Whenever engaging with Us, We may ask you to provide Us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information includes:
First name and last name
Address, State, Province, ZIP/Postal code, City
Financial/billing information (not stored by Us).
We use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you.
You may opt out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any email We send. Marketing consent is not required as a condition of use of any of our products or services.
We may also collect information on how our website is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s IP address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our website.
To enable certain functions of our Website
To provide analytics
To store your preferences. We use both session and persistent cookies on Our Website and We use different types of cookies to run Our Website.
Essential cookies. We may use essential cookies to authenticate users and prevent fraudulent use of user accounts.
Preferences cookies. We may use preferences cookies to remember information that changes the way Our Website behaves or looks, such as the “remember me” functionality of a registered user or a user’s language preference.
Analytics cookies. We may use analytics cookies to track information on how Our Website is used so that We can make improvements. We may also use analytics cookies to test new advertisements, pages, features or new functionality of Our Website to see how our users react to them.
Third-party cookies. In addition to our own cookies, We may also use various third-parties cookies to report usage statistics of Our Website, deliver advertisements on and through Our Website, and so on.
List of cookies. For a list of cookies used by Our Website, or to change or withdraw your consent, please call us..
For the Chrome Web browser, please visit this page from Google: https://support.google.com/accounts/ansWer/32050
For the Internet Explorer Web browser, please visit this page from Microsoft: http://support.microsoft.com/kb/278835
For the Firefox Web browser, please visit this page from Mozilla: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-Websites-stored
For the Safari Web browser, please visit this page from Apple: https://support.apple.com/en-au/guide/safari/sfri11471/mac
For any other Web browser, please visit your Web browser’s official Web pages.
Use of data
We use the collected data for various purposes:
To provide and maintain our website, products and services.
To notify you about changes to our products and services.
To allow you to participate in interactive features of our website when you choose to do so.
To provide customer support.
To gather analysis or valuable information so that We can improve our products and services
To monitor the usage of our Service
To detect, prevent and address technical issues
To provide you with news, special offers and general information about other goods, services and events which We offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.
We are not in the business of selling personal data to third parties, in the course of providing our products and services, or otherwise.
4. Retention of data
We will retain your Personal Data only for as long as We have a legitimate business or legal need to do so. Our retention periods depend on the type of data and its purpose.
We will retain your Personal Data to the extent necessary to comply with our legal obligations (for example, if We are required to retain your data to comply with applicable laws), to resolve disputes, and to enforce our legal agreements and policies.
We will retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or We are legally obligated to retain this data for longer time periods.
5. Transfer of data
Your information, including Personal Data, may be transferred to— and maintained on— computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with these Data Privacy Notices and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
6. Disclosure of data
We may disclose your Personal Data in the good faith belief that such action is necessary:
To comply with a legal obligation
To protect and defend our rights or property
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public.
To protect against legal liability.
7. Security of Data
The security of your data is important to Us, but remember that no method of transmission over the internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable, best practice, and state-of-the-art means to protect your Personal Data, We cannot guarantee its absolute security.
8. Your Rights
We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact Us to make the required changes.
If you wish to be informed what Personal Data We hold about you and if you want it to be removed from our systems, please contact Us.
You can submit a justified request:
To access and receive a copy of the Personal Data We hold about you.
To rectify any Personal Data held about you that is inaccurate.
To request the deletion of Personal Data held about you.
You have the right to data portability for the information you provide to Us. You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it.
You may exercise your right to object, if no opt-out mechanism is otherwise made available to you (including objecting to the basis of use for the purpose of our legitimate interest), by sending an email to Us.
Please note that We may ask you to verify your identity before responding to such requests.
9. Service Providers
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist Us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyze the use of our Service.
We may use third-party software Service Providers to manipulate images and PDFs that you may upload to the Service. Images and PDFs provided to our third-party image manipulation Service Providers could include Personal Data, and We use our best endeavors to ensure that they adhere at least to the same standards of data privacy as our own.
We may use third-party software Service Providers for sending and receiving email, SMS, push messages and support interactions. Messages provided to our third-party messaging Service Providers could include Personal Data, and We use our best endeavors to ensure that they adhere at least to the same standards of data privacy as our own.
We may provide paid products and/or services within our website. In that case, We use third-party services for payment processing.
10. Links to other sites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.
11. Children’s privacy
Our website does not address anyone under the age of 16 (“Children” or “Child”). Additionally, if you are under the age of majority in your jurisdiction (most commonly, 18 years of age), you represent that your parent or legal guardian has reviewed and agreed to this Policy.
We do not knowingly collect personally identifiable information from anyone under the age of 16. If you are a parent or guardian and you are aware that your Child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from Children without verification of parental consent, We take steps to remove that information from our servers.
13. Contact Us
14. California Residents
The California Consumer Privacy Act (“CCPA”) applies to you if you are a “Consumer” as defined by that Act. The CCPA defines a consumer as either an individual who is in the State for other than a temporary or transitory purpose or an individual who is domiciled in the State who is outside the State for a temporary or transitory purpose. Therefore, California law may provide you with certain rights regarding our use of your personal information.
We set forth below the provisions which We believe apply in our dealings with you, but it is your responsibility to check the full provisions of the Act which you can find here on the website of the State of California Department of Justice.
14.1 “Do Not Track” under the CCPA:
We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser. We are not aware of any processes for others collecting personal information about your activities on our websites over time and across third party websites, apps, or other online services, nor do We knowingly collect information about your activities over time across third party sites and services.
14.2 “Do Not Sell My Personal Information” under the CCPA:
As We set forth in section 3 “Use of Data” above, We are not in the business of selling personal data to third parties in the course of providing our products and services, or otherwise. Further, the CCPA gives you a specific right to require Us not to sell your personal information, and you may so indicate your preference by checking this box in a document that identifies you to Us, as in this example:
Do Not Sell My Personal Information
14.3 CCPA – General Preamble:
Terms defined in the CCPA have the same meaning when used in this Policy. Note that provision of this CCPA notice is not an admission on our part that We are a “business” within the meaning of the CCPA, and nothing in this Policy may be construed as such an admission.
This notice to you is effective upon the effective date of enforcement of the CCPA, which took place on January 1, 2020.
14.4 Personal information We collect:
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person (“Personal Information”) that falls within the following categories of personal information, and have done so within the last 12 months:
A real name, postal address, unique identifier, online identifier, Internet Protocol address, email address, and account name.
Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
A name, address, telephone number, financial and business information.
Records of services purchased, obtained, or considered, or other transaction histories.
Internet or other similar network activity
A consumer’s interaction with a website.
Personal Information does not include:
(a) publicly available information from government records;
(b) deidentified information or aggregate consumer information;
(c) information excluded from the CCPA’s scope; and
(d) personal information covered by certain sector-specific privacy laws.
We obtain the categories of Personal Information listed above from the following categories of sources:
directly from you or publicly available sources. For example, from forms you complete or products and services you purchase or sell, or from information you choose to display in publicly accessible social media accounts.
indirectly when you use our services (eg cookies when using our website).
14.5 Our use of Personal Information:
We may use or disclose the Personal Information We collect for the purposes set forth in this Policy, and one or more of the following business purposes:
to fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our products or services, We will use that Personal Information to respond to your inquiry. If you provide your Personal Information to purchase a product or service, We will use that information to process your payment and facilitate delivery,
to provide, support, personalize, and develop our website, products, and services,
to create, maintain, customize, and secure your account with Us.
to process your requests, purchases, transactions, and payments and prevent transactional fraud,
to provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses,
to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our sites, third-party sites, and via email or text message (with your consent, where required by law),
to help maintain the safety, security, and integrity of our website, products and services, databases and other technology assets, and business,
for testing, research, analysis, and product development,
to respond to law enforcement requests and as required by applicable law, court order, or governmental regulations,
as described to you when collecting your Personal Information or as otherwise set forth in the CCPA,
auditing related to a current interactions and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards,
detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity,
debugging to identify and repair errors that impair existing intended functionality,
to evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by Us is among the assets transferred.
We will not collect additional categories of Personal Information or use the Personal Information We collected for materially different, unrelated, or incompatible purposes without providing you notice. We will not sell Personal Information (other than in connection with a sale of business or merger as explained above).
14.6 Sharing personal information:
We may disclose any or all of the categories above of your Personal Information to a third party for a business purpose, as set forth in section 9 “Service Providers” above, and We have done so in the last 12 months. When We disclose Personal Information for a business purpose, We enter a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except performing the contract. The CCPA prohibits third parties who purchase the Personal Information We hold from reselling it unless you have received explicit notice and an opportunity to opt-out of further sales.
We disclose your Personal Information for a business purpose to the following categories of third parties:
third parties to whom We may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, We may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your Personal Information in the same way as set out in this Policy,
any other third parties to whom you have permitted Us to disclose your personal information,
as set forth in this Policy.
14.7 Your rights and choices:
You have the right to request that We disclose certain information to you about our collection and use of your personal information over the past 12 months. Once We receive and confirm your verifiable consumer request, We will disclose to you:
the categories of Personal Information We collected about you,
the categories of sources for the Personal Information We collected about you,
our business or commercial purpose for collecting or selling that Personal Information,
the categories of third parties with whom We share that Personal Information,
the specific pieces of Personal Information We collected about you (also called a data portability request),
if We sold or disclosed your Personal Information for a business purpose, two separate lists disclosing: (a) sales, identifying the personal information categories that each category of recipient purchased; and (b) disclosures for a business purpose, identifying the Personal Information categories that each category of recipient obtained.
14.8 Deletion request rights:
You have the right under the CCPA to request that We delete any of your Personal Information that We have collected and retained, subject to certain exceptions. Once We receive and confirm a verifiable consumer request (see below), We will delete (and direct our service providers to delete) relevant Personal Information from our records, unless an exception applies.
We may deny California residents’ deletion request if retaining the information is necessary for Us or our service provider(s) to:
complete the transaction for which We collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with the requesting individual, or otherwise perform our contract with a requesting individual,
detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities,
debug products to identify and repair errors that impair existing intended functionality,
exercise free speech, ensure the right of another to exercise their free speech rights, or exercise another right provided for by law,
enable solely internal uses that are reasonably aligned with consumer expectations,
comply with a legal obligation,
make other internal and lawful uses of that information that are compatible with the context in which you provided it.
14.9 Verifiable consumer request:
To exercise the access, data portability, and deletion rights under the CCPA described above, please submit to Us a verifiable consumer request by email to Us at firstname.lastname@example.org or the Contact section of Our website.
Only a California resident, or a person registered with the California Secretary of State that a California resident has authorized to act on their behalf, may make a verifiable consumer request related to their Personal Information. A California resident may also make a verifiable consumer request on behalf of their minor child.
A verifiable consumer request for access or data portability can only be made twice within a 12-month period. The verifiable consumer request must provide sufficient information that allows Us to reasonably verify the California resident about whom We collected Personal Information or an authorized representative, and contain sufficient detail that allows Us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide Personal Information if We cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.
Making a verifiable consumer request does not require you to create an account on our website. However, We do consider requests made through your password protected account sufficiently verified when the request relates to Personal Information associated with that specific account. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
We will endeavor to respond to a verifiable consumer request within 45 days of its receipt. If We require more time (up to 90 days), We will inform you of the reason and extension period in writing. If you have an account with Us, We will deliver our written response to that account. If you do not have an account with Us, We will deliver our written response by mail or electronically.
Any disclosures We provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response We provide will also explain the reasons We cannot comply with a request, if applicable. For data portability requests, We will select a format to provide your Personal Information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If We determine that the request warrants a fee, We will tell you why We made that decision and provide you with a cost estimate before completing your request.
We will not discriminate against you for exercising any of your CCPA rights. Except as permitted by the CCPA, We will not:
deny you goods or services,
charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties,
provide you a different level or quality of goods or services,
suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
14.11 California’s “Shine the Light” law (Civil Code Section § 1798.83):
This law permits users of our website that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to Us.
15. United Kingdom ("UK") and European Economic Area ("EEA") Residents
15.1 If you are accessing our website from the UK or EEA you will have different rights to those set out above. In these locations, our company Northshore IO Limited registered in England with company number 12357367 and registered office at 47a Prideaux Road, Eastbourne, England, BN21 2NB administers our policies for data protection there. This Part 15 deals with your rights in this respect.
15.2 We observe the provisions of the UK´s Data Protection Act 2018 ("DPA") and the General Data Protection Regulation (EU Regulation 2016/679) (“GDPR”). In general terms, under these provisions We must obtain your specific permission in order to contact you and handle personal data unless We are contacting you by reason of a "Legitimate Interest" (such as, when the processing takes place within a client relationship, when it processes personal data for direct marketing purposes, in order to deliver our services to you, to advise you of product enhancement and updates, or to prevent fraud or to ensure the network and information security of our IT systems).
15.3 The Data Controller for these purposes is Northshore IO Limited and you may contact Us at any time using any of the means set out in our website. We will collect personal data which generally includes name, address and contact details, including email address and telephone number but may include any personally identifiable data.
15.4 As a Data Subject, you may make subject access requests (“SARs”) at any time to find out more about the personal data which We hold about you, what it is doing with that personal data, and why.Employees and contractors of our organisation may make SARs using forms which We will publish on our website from time to time. We endeavour to answer all SARs within one month of receipt, however, this may be extended by up to two months if the SAR is complex and/or numerous requests are made. If such additional time is required, the data subject shall be informed. Generally We do not charge a fee for the handling of normal SARs, but We reserve the right to charge reasonable fees for additional copies of information that has already been supplied to a data subject, and for requests that are manifestly unfounded or excessive, particularly where such requests are repetitive.
15.5 In the case of direct marketing, We are subject to certain rules and regulations when marketing our products and services. The UK´s Privacy and Electronic Communications Regulations 2003 ("PECR")allows Us to make contact to staff members of limited companies, public limited companies, incorporated partnerships, trusts and foundations, local authority and government institutions via business email addresses (corporate subscribers). Under PECR We can contact individuals via their corporate email address and We do not need to have their consent or have had any previous dealings with them providing the processing is on a legitimate interest basis, that is: providing there is no disproportionate impact on the rights, freedoms and interests of the data subject concerned. By relying on Legitimate Interest rather than consent to process data, We understand We must take on extra responsibility for considering and protecting people’s rights and interests and We guarantee that We will do this. We offer every opportunity for a data subject to ‘Opt Out’ of communications with Us by using the unsubscribe link at the bottom of all marketing and product emails, or by emailing Us directly.
15.6 We may from time to time transfer (which includes making available remotely) personal data to countries outside of the UK and EEA. We will only do this within the bounds of the DPA and GDPR, such as (but not limited to) to a country which the UK or European Commission ("EC") determined ensures an adequate level of protection for personal data; or where the country provides appropriate safeguards that the UK or the EC deem sufficient; or for the conduct or the defence of legal process.
We are committed to providing you with the best possible experience, which includes the security, privacy and integrity of your Personal Information.
You may opt out of receiving any, or all, communications from Us by following the unsubscribe link or instructions provided in any communication We send, or by contacting Us at any time.