Last updated: March 3, 2021
connection with your use of our products, services, apps, and websites that link to this policy (we refer to these
collectively as our “services”).
Information security and privacy are at the heart of what Sharesecret values and
promotes as a company. As such, we think it’s important to be transparent about how we handle your
This policy uses the term “personal data” to refer to information that is
related to an identified or identifiable natural person and is protected as personal data under applicable data
Who is Sharesecret?
In this policy, “Sharesecret,” “we,” “us,” and
“our” refer to Sharesecret Inc., a U.S. company. See the Contact Us section below for the contact
details of Sharesecret.
1. What information do we collect about you?
This section describes the various types of information we collect from and about you.
To understand the context in which collection occurs, see Section 2 (How do we use your information?). More
information about some of the mechanisms we use to collect this information, such as cookies, is available in
Section 4 (Tracking Technologies & Cookies).
1.1. Information you provide to us
- Account information. Our services generally require you to create an
account before you can access them. As part of registering for an account, we may collect information such as
your name, username, email address, and password.
- Billing and payment information. In order to purchase a service, you may
need to provide us with details such as billing name, billing contact details (street addresses, email
addresses), and payment instrument details.
- Identity verification information. Some services require you to verify
your identity as part of creating an account to access them. We may collect information such as email addresses
or phone numbers for this purpose.
- Communications and submissions. You may choose to provide us with
information when you communicate with us (e.g. via email, phone, or chat for support or to inquire about our
services), including when you fill out an online form, respond to surveys, provide feedback, post comments to
our website, participate in promotions, or submit information through our services.
1.2. Information collected when you use our services
- Usage information. We collect information about how you interact with
our services, when and for how long you use our services.
- Device information. We may collect information from and about the device
you use to access our services, including about the browsers and Sharesecret apps you use to access our
services. For example, we may collect device identifiers, browser types, device types and settings, operating
system versions, mobile, wireless, and other network information (such as internet service provider name,
carrier name and signal strength), and Sharesecret application version numbers.
- Diagnostic information. We may collect information about the nature of
the requests that you make to our servers (such as what is being requested, information about the device and app
used to make the request, timestamps, and referring URLs).
- Location information. We may collect your location information based on
your IP address.
1.3. Information provided to us by third parties
- Referrals. If you are invited to use a Sharesecret service, the person
who invited you may submit your personal data, such as your email address or other contact information.
- Third Party Accounts. Our services may allow you to register an account
using a third party account (such as a Google, Slack or Okta account). If you do so, that third party may send
us some information about you that they have. You may be able to control what information they send us via your
privacy settings for that third party account.
- Threat Information. We may receive information from reputable members of
the security industry who provide information to help us to provide, develop, test, and improve our services
(for example, lists of malicious URLs, spam blacklists, and sample malware). Some of this information may
contain personal data on an incidental basis.
- Business Customers. Organizations who are our customers may submit your
personal data to facilitate account management and invite individuals to use our services.
You generally do not have a duty to disclose personal data to us unless you have a
contractual obligation to us to do so. However, we need to collect and process certain information that is
necessary or legally required in order to provide the services to you or otherwise perform our contractual
relationships with you.
2. How do we use your information?
We use the information we collect for various purposes described below:
- To provide, maintain, troubleshoot, and support our services. We use
your information for this purpose on the basis that it is required to fulfill our contractual obligations to you
per our Terms of Service.
- For billing and payment purposes. We use your information in order to
perform billing administration activities and process payments, which are required to fulfill our contractual
- To communicate with users and prospective users. We use your information
to communicate with you, including by responding to your requests, and sending you information and updates about
our services. We may do this in order to fulfill our contract with you, because you consented to the
communication, or because we have a legitimate interest in providing you with information about our
- To improve our services. We want to offer you the best services and user
experiences we can, so we have a legitimate interest in continually improving and optimizing our services. To do
so, we use your information to understand how users interact with our services. Examples: we analyze certain
usage, device, and diagnostic information to understand aggregated usage trends and user engagement with our
services; we review customer feedback to understand what we could be doing better.
- To develop new services. We have a legitimate interest in using your
information to plan for and develop new services. For example, we may use customer feedback to understand what
new services users may want.
- To market and advertise our services. We may use your information to
provide, measure, personalize, and enhance our advertising and marketing based on our legitimate interest in
offering you services that may be of interest. Examples: we may use information such as who or what referred you
to our services to understand how effective our marketing and advertising is.
- To prevent harm or liability. We may use information for security
purposes (such as to investigate security issues or to monitor and prevent fraud) and to prevent abuse. We may
do this to comply with our legal obligations, to protect an individual’s vital interests, or because we
have a legitimate interest in preventing harm or liability to Sharesecret and our users. For example, we may use
account, usage, and device information to determine if an entity is engaging in abusive or unauthorized activity
in connection with our services.
- For legal compliance. We internally use your information as required by
applicable law, legal process, or regulation. To learn about our practices regarding sharing your information
with third parties for legal compliance purposes, see Section 3.1 below. We also use your information to enforce
our legal rights and resolve disputes.
3. Who do we share your information with and why?
3.1. In General
We may disclose your information in the following circumstances:
- In accordance with your instructions or consent. For example, some
services may allow you to register an account using a third party account (such as a Google, Slack or Okta
account). If you choose to do so, we will share information with the third party account provider.
- To your business organization. If a business customer is providing you
with access to our services through a business account, others in that organization may be able to see and
manage your account and the information associated with it (such as an administrator).
- For collaborating with others. Some services may provide ways for
different users to interact or collaborate with each other. Your information will be shared in connection with
those activities if you choose to engage in them.
- Affiliates and third party service providers. To help us provide some
aspects of our services, we work with trusted third parties and partners. To protect your data, we enter into
appropriate confidentiality and data processing terms with these third parties, review their security practices,
and limit information sharing to the scope of what they are helping us with. Examples of activities that third
parties help us with include:
- processing customer payments
- providing analytics about our services
- providing sales and customer support
- maintaining the infrastructure required to provide our services
- delivering our marketing and advertising content
- To a new owner. If ownership or control of all or part of our services,
assets, or business changes, we may transfer your information to the new owner.
- Aggregated or de-identified data. We may use and share aggregated data
and data that is de-identified such that it no longer reveals the identity of an individual user for regulatory
compliance, research and analysis, our own marketing and advertising activities and other legitimate business
- To comply with legal process and the law. We may share your information
if we are required to do so by applicable law; to comply with our legal obligations; to comply with legal
process; and to respond to valid law enforcement requests relating to a criminal investigation, or alleged or
suspected illegal activity that may expose Sharesecret, you, or any of our other users to legal liability. If we
share your information for these purposes, we limit the information shared to what is legally necessary, and
challenge information requests that we believe are unlawful, overbroad, or otherwise invalid.
- To enforce our rights and prevent fraud and abuse. We may share limited
amounts of your information to enforce and administer our agreements with customers and users, and to respond to
claims asserted against Sharesecret. We may also share your information in order to protect against fraud and
abuse against Sharesecret, our affiliates, users and others.
4. Tracking Technologies & Cookies
4.1. About Tracking Technologies
Sharesecret uses various technologies in our services to
help us collect information. For convenience, we refer to these as “tracking technologies,” although
they are not always used to track individuals and the information collected is in a non-identifiable form that
does not reference any personal data. Tracking technologies include:
Cookies are small portions of text that are stored on the device you use to access our
services. Cookies enable us (or third parties that we allow to set cookies on your device) to recognize repeat
users. Cookies may expire after a period of time, depending on what they are used for.
Pixel Tags / Page Tags / Web Beacons / Tracking Links
These are small, hidden images and blocks of code placed in web pages, ads, and our
emails that allow us to determine if you perform a specific action. When you access a page, ad, or email, or click
a link, these items let us know that you have accessed that page, opened an email, or clicked a link.
SDKs or software development kits are software code provided by our business partners
that let our software interact with the services those partners provide. Sometimes these interactions will involve
that business partner collecting some information from the device on which the software is run.
- To provide our services. Some cookies are essential for the proper
operation of our services. For example, cookies allow us to authenticate who you are and whether you’re
authorized to access a resource.
- To store your preferences. Cookies can store your preferences, such as
language preferences or whether to pre-fill your username on sign in forms. We may also use them to optimize the
content that we show to you.
- For analytics. Cookies are used to inform us how users interact with our
services so we can, as a legitimate interest, improve how they work (such as what screens or webpages you
access, and whether our advertising is effective).
- For security. Cookies can enable us and our payment processors to detect
certain kinds of fraud.
- For advertising-related purposes. We may advertise our services online
with the help of third parties who show ads and marketing about us on sites around the internet.
4.3. Third Parties
We may allow our business partners to place certain tracking technologies in our
services. These partners use these technologies for the following purposes:
- To provide our services. Some business partners who help us to provide
our services may use these technologies to support those efforts.
- For Analytics. To help us understand how you use our services.
- For Marketing. To help us market and advertise our services to you,
including on third party websites. Tracking technologies are used in connection with this to measure the
performance of our advertising, attribute actions you take with our ads with actions you take on our services,
deliver ad retargeting (serving ads based on your past interactions with our services), and target ads at
4.4. Your Choices
- Our Cookies: Most web browsers and some mobile devices give you the
ability to manage your cookie preferences, including deleting cookies and blocking cookies from being set on
those browsers or devices. Visit the “help” section of your browser to understand what controls it
gives you over cookies. Note that deleting or blocking certain cookies could adversely impact the proper
operation of our services.
- Google Analytics: We use Google Analytics to help us understand how
users use our services. Google makes available a Google Analytics Opt Out Browser Add-On if you do not want to
participate in Google Analytics.
Sharesecret employs a range of administrative,
organizational, technical, and physical safeguards designed to protect your data against unauthorized access,
loss, or modification. We continuously work to improve such safeguards.
6. Data Retention
Sharesecret generally retains your personal data for as
long as is needed to provide the services to you, or for as long as you have an account with us. We may also
retain personal data if required by law, or for our legitimate interests, such as abuse detection and prevention,
and defending ourselves from legal claims. Residual copies of personal data may be stored in backup systems for a
limited period as a security measure to protect against data loss.
7. Your Rights
Depending on your country of residence, you may have certain legal rights in relation
to your personal data that we maintain. Subject to exceptions and limitations provided by applicable law, these
may include the right to:
- access and receive a copy of your personal data;
- correct your personal data;
- restrict the processing of your personal data;
- object at any time to the processing of your personal data;
- have your personal data erased;
- data portability;
- withdraw any consent you previously gave to the processing of your data
(such as opting out to marketing communications);
- lodge a complaint with a data protection authority;
- request that we provide you with the categories of personal data we
collect, disclose or sell about you; the categories of sources of such information; the business or commercial
purpose for collecting or selling your personal data; and the categories of third parties with whom we share
Please note your rights and choices vary depending upon your location, and some
information may be exempt from certain requests under applicable law.
You may be able to exercise some of these rights by using the settings and tools
provided in our services. For example, you may be able to update your user account details via the relevant
account settings screen of our apps. You may also be able to opt out from receiving marketing communications from
us by clicking an “opt out” or “unsubscribe” link in such communications.
Otherwise, if you wish to exercise any of these rights, you may contact us using the
details in the “Contact Us” section below. As permitted by law, we may ask you to verify your identity
before taking further action on your request.
9. Your California Privacy Rights
For additional information and rights available to California consumers, see the
Supplemental Privacy Notice.
10. Sharesecret as a Data Processor or Service Provider
Sharesecret customers submit content, configurations and
credentials to the services for processing. The security and privacy practices governing our customers’ use
(and the use of our customers’ users) and how we store, process, transmit and disclose the data submitted to
the services by our customers, are described in and governed by our service contracts with them. To the extent a
customer submits to the services the personal data of a European individual (including the United Kingdom and
Switzerland) or another individual who is protected by similar data privacy laws, Sharesecret processes that
personal data as a data processor or as the customer’s sub-processor (as the case may be).
Customers are solely responsible for establishing the policies governing, and ensuring
compliance with all applicable laws and regulations related to, the customer’s (and the customer’s
users’) collection and submission of personal data to the services. Any personal data about an individual (a
“data subject”) hosted, stored or published by a customer is the responsibility of the customer and is
Sharesecret acknowledges that you may have the right to access, update, and delete your
personal data. Sharesecret generally has no direct relationship with the data subjects whose personal data we
process on behalf of our customers. An individual who seeks to access, update, or delete personal data about them
that we process on behalf of our customers should direct their requests or queries to our customer, who is
typically the data controller for such data. In addition, we will forward to the applicable customer any request
by a data subject received by Sharesecret regarding personal data processed on behalf of that customer.
11. Age Restriction
Our services are not intended for and may not be used by minors. In this context,
minors are individuals under the age of 16. Sharesecret does not knowingly collect personal data from minors or
allow them to use our services. If we discover that we have collected personal data from a minor, we may delete
such data without notice. Please note that the legal terms under which we make certain services available may
require users to be older than 16 years of age.
time in accordance with this section for reasons such as changes in laws, industry standards, and business
practices. Sharesecret will post updates to this page and update the “Last updated” date above. If we
make updates that materially alter your privacy rights, we will also provide you with advance notice, such as via
email or through the services. If you disagree with such an update to this policy, you may cancel your services
account. If you do not cancel your account before the date the update becomes effective, your continued use of our
13. Contact Us
about our privacy practices. If you have any questions or complaints about our privacy practices, you can contact
us using the following details:
Sharesecret Inc., 2020 Whitley Terrace Steps, Los Angeles, CA 90068, United