Last Update: 09/09/2021
1. DATA WE MAY COLLECT
We may collect and process the following data about you:
• Personal data including your name, e-mail address, password, and in certain instances, telephone number, data about your usage of the Products and data collected by tracking technologies as further described below that may identify you as an individual or allow online contact with you as an individual.
• Murmur does not collect or process credit or debit card (“Payment Card”) data. Apple and Google collect Payment Card data with respect to in-app purchases made through the Apps, and our payment processor collects Payment Card data with respect to purchases made through the Websites. Such payment processors generally provide us with limited data related to you, such as a unique, anonymous token that enables you to make additional purchases using the data they’ve stored, and your card’s type, expiration date, billing address, and the last four digits of your card number.
• Facebook profile information, such as name, email address, and Facebook ID, if you choose to log in to the Products through Facebook.
• Device information such as operating system version, device type, and system performance data.
• Data collected via tracking technologies, as described in section 4.
2. CONFIDENTIALITY AND SECURITY
The security of your personal data is important to us. We follow accepted standards to protect personal data submitted to us, during transmission and once it is received. If you have any questions about the security of your personal data, contact us at firstname.lastname@example.org. Except as described under the “Disclosure of Your Data” section below, we do not provide your personal data to any third party without your consent, as defined by applicable law.
3. NEWSLETTERS OR OTHER ELECTRONIC COMMUNICATIONS
If you sign up to receive promotional materials from us via email and/or (push notifications) we will use the data you give us to provide the communications you requested. If you inform us that you wish to cancel promotional emails by selecting “unsubscribe” or by emailing us at email@example.com, we will remove you from our mailing list. If you no longer wish to receive push notifications, you may turn them off at the device level. If you provide your phone number to us directly or through a third-party for the purpose of receiving an SMS message with a link to our Products, you will receive such SMS message (the “SMS Service”). Standard text message rates will apply.
4. TRACKING TECHNOLOGIES
Murmur and our analytics partners use technologies such as cookies, beacons, tags, and scripts to enable a service to recognize your device so you don’t have to provide the same data several times during one task, to recognize that you may have already given a username and password so you don’t need to do it for every web page requested, and to measure how people are using the Products.
We partner with third parties, such as Facebook and Google, to manage our advertising of the Products on other sites or platforms as well as across your other devices based on your visits to our Website. Our third party partners may use technologies such as cookies to gather data about your activities within the Products to deliver advertising to you, such as retargeting ads. We are not always able to respond to do-not-track signals. For more data about interest-based ads, including how to opt-out of having your web-browsing data used for behavioral advertising, please visit www.aboutads.info/choices. Please note that this does not opt you out of being served ads. You may continue to receive generic ads on these third party platforms. You may also opt out of receiving ads across devices by adjusting your ad preference in your Google account.
We use third party trackers to let us know when users have visited the Products by “clicking-through” our sponsored advertising or content hosted on third party platforms. The Products use Google Analytics code to gather statistical data. Google Analytics sets cookies to help us accurately estimate the number of visitors to the Products and the volumes of usage of the Products. This is done to ensure that the Products are available when you want them. For more data on how Google Analytics processes this data, visit www.google.com/analytics.
We will acquire consent from you in order to use such trackers as required by law.
We use analytics to allow us to better understand the functionality of our mobile software on your phone. This software may record data such as how often you engage with the Products, events that occur within the Products, aggregated usage and performance data, and where Applications were downloaded from. We may link the data we store within the analytics software to any personal data you submit within the mobile application.
We gather certain data and automatically and store it in log files. This may include Internet Protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. If you receive our email newsletter, your opening of the newsletter is notified to us and saved. Your clicks on links in the newsletter are also saved. These and the open statistics are used in aggregate form to inform us on engagement of our newsletters and to help us make future content decisions.
5. WHERE WE STORE YOUR PERSONAL DATA
Data you provide to us via the Products is stored on our secure US-based servers. Any payment transactions will be encrypted using SSL technology; all payment data is stored with our payment processor and is never stored on Murmur’s servers. Where we have given you (or where you have chosen) a password which enables you to access the Products, you are responsible for keeping this password confidential. We ask you not to share a password, and advise that you change your password frequently. Transmission of data via the Internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Products; any transmission is at your own risk. Once we have received your data, we will use strict procedures and security features to try and prevent unauthorized access.
6. SINGLE SIGN-ON
You may be able to log-in to our Products using sign-in services such as Facebook Connect or an Open ID provider. These services authenticate your identity, provide you the option to share certain personal data (such as your name and email address) with us, and to pre-populate our sign-up form. Services like Facebook Connect give you to the option to post data about your activities on our Products or to your profile page to share with others within your network.
7. USES MADE OF THE DATA
We use information held about you in the following ways:
- To provide you with the Products.
- To answer your questions or requests for information or handle your complaints.
- To ensure content provided by the Products is presented in an effective manner for you and for your device.
- To provide you with promotional communications, such as email, to the extent that you have provided consent to receive such communications under applicable law.
- To carry out our obligations due to agreements entered into between you and us.
- To allow you to participate in interactive features of the Products, when you choose to.
- To notify you about updates or changes to Product features and content.
- To understand your broad, non-specific geographic location to help us identify groups of users by general geographic market (ex. zip code, state or country).
- To account for applicable sales taxes based on zip codes provided to our payment processors for purchases made through the Website.
- To serve our advertisements to you through third party platforms, such as Facebook or Google, on other sites and apps or across your devices, to the extent that you have provided consent for such uses under applicable law.
- To provide you with the SMS Service to the extent that you have provided consent for such practices under applicable law.
- We may ask you to complete surveys for research purposes, although you do not have to respond to them.
- To manage your payments and orders.
- If you are an existing customer, we will only contact you by electronic means (e-mail or in-Product communication) with information about products and services similar to those which were the subject of a previous sale to you, except if you opt-out to such communications.
8. DISCLOSURE OF YOUR DATA
We may also disclose your personal data to third parties as follows:
- In some circumstances, based on your requests, we may need to disclose your personal data to a third party so that it can provide a service you have requested from such party, or fulfill a request for data from such party. An example of this is the SMS Service.
- In some circumstances, we may disclose the personal data that you have provided to Murmur to a third party that offers and/or provides goods or services complementary to our own for the purpose of enhancing our users’ experiences by offering you integrated or complementary functionality, complementary services or bundled pricing options.
- If Murmur’s service providers (ex. hosting, IT maintenance, analytics, and payment providers) require this data to provide services to Murmur, Murmur requires each of its service providers to maintain the confidentiality and security of your personal data.
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Murmur or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation such as to comply with a subpoena, bankruptcy proceedings, legal process, or in order to enforce or apply our agreements with you; or to protect the rights, property, or safety of Murmur, our customers, or others. This includes exchanging data with other companies and organizations for fraud protection and credit risk reduction.
- With third parties, such as Facebook, in order to serve Murmur advertisements on such third party platforms, to the extent that you have consented to such practices under applicable law.
10. DATA RETENTION
The retention periods applied by Murmur pursuant to applicable law:
- For data relating to your account: such data will not be retained beyond your request that your account be deleted.
- For transactional data relating to your purchases: such data is kept for the period of the contractual relationship, then in accordance with legal obligations and applicable statute of limitation periods. This data does not include Payment Card information, which is processed by our third-party payment processors.
- For data collected based on your consent to receive our marketing communications: we will use such data until you withdraw consent or applicable law requires that such data is no longer used.
- When your data are collected in the context of requests/queries: such data are kept for the period necessary to process and reply to such requests or queries.
- When cookies or other trackers are placed on your terminal, they are kept for a period of 1 year
Other data will be kept as long in compliance with our legal obligations, including the applicable statute of limitations.
11. WITHDRAWAL OF CONSENT FOR PROCESSING ACTIVITIES
To the extent that you have provided appropriate consent under applicable law to certain processing activities, such consent can be withdrawn by emailing firstname.lastname@example.org.
12. LINKS TO THIRD PARTY SITES
The Products may, from time to time, contain links to and from the Products of our partner networks, advertisers and affiliates. If you follow a link to any of these external websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these websites or their policies. Please check these policies before you submit any personal data to these third party websites.
14. USE OF MURMUR BY MINORS
You must be 18 years of age, or the age of majority in your province, territory or country, to sign up as a registered user of the Products. Individuals under the age of 18, or the applicable age of majority, may utilize the Products only with the consent of a parent or legal guardian, under such person’s account.
15. DATA POSTED ON FORUMS
Murmur users may have the ability to post content to one or more Murmur forums. All such users may request and obtain removal of such posted content by contacting Murmur at email@example.com and identifying the content to be removed. Please be advised that such removal does not ensure full removal of all traces of the content posted on the Murmur forum(s).
Effective Date: January 1, 2020
1. INFORMATION WE MAY COLLECT FROM YOU
We obtain personal information from the following categories of sources:
Directly from you. (ex. from forms you complete when registering for the Products).
Indirectly from you. (ex. from observing your actions on our Products.)
2. USE OF PERSONAL INFORMATION
3. SHARING PERSONAL INFORMATION
We may disclose your personal information to third parties for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not to use it for any purpose except performing the contract.
4. YOUR RIGHTS AND CHOICES
Access to Specific Information and Data Portability Rights
The CCPA provides California residents with the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting that personal information.
- The categories of third parties with whom we share that personal information.
- The categories of personal information we share with third parties.
- The specific pieces of personal information we collected about you (also called a data
- portability request).
Deletion Request Rights
You may request that we delete any of your personal information that we collected from you and retained, subject to some exceptions. Once we receive and confirm your verifiable consumer request, we will permanently and irrevocably anonymize your personal information, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise free speech rights, or exercise another right provided by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Internal use reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information compatible with the context in which you provided it.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by emailing us at firstname.lastname@example.org
Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must (i) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and (ii) describe your request with detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Response Timing and Format
Upon receiving a request for access, portability, or deletion, we will confirm receipt of the request within a reasonable period of time and provide information about our verification process and how we will process the request.
We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time, we will inform you of the reason and extension period in writing.
We will deliver our written response to the email address associated with the account for account holders, and to the email address provided with the request submission for non-account holders.
Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily readable and useable.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completion.
5. COOKIE-BASED MARKETING OPT-OUT
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
We may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
7. CHANGES TO OUR CCPA ADDENDUM
We reserve the right to amend this CCPA Addendum any time at our discretion. When we make changes to this CCPA Addendum, we will post the updated notice on the Website and update the effective date. Your continued use of our Products following the posting of changes constitutes your acceptance of such changes.
If you have any questions or comments about this CCPA Addendum, the ways in which we collect and use your information described herein, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at email@example.com.