Effective Date: July 4, 2020
mmhmm inc. (the “Company,” "us", "we", or "our") operates desktop, mobile and web-based applications (hereinafter referred to as the "Service").
This page informs you of our policies regarding the collection, use and disclosure of personal data when you use our Service and the choices you have associated with that data.
Service refers to the various web-based, desktop and mobile applications operated by the Company as well as the mmhmm cloud service.
Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
Usage Data is data collected automatically that is either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies are small files stored on your device (computer or mobile device).
Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.
DATA PROCESSORS (OR SERVICE PROVIDERS)
Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller.
We may use the services of various Service Providers in order to process your data more effectively.
DATA SUBJECT (OR USER)
Data Subject is any living individual who is using our Service and is the subject of Personal Data.
Information Collection and Use
We collect several different types of information for various purposes to provide and improve our Service to you.
TYPES OF DATA COLLECTED
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- IP address for your device(s)
- Cookies and Usage Data
When you access the Service, we may collect certain information automatically, including, but not limited to, the type of device you use, your device unique ID, the IP address of your device, your operating system, the type of Internet browser you use, unique device identifiers and other diagnostic data ("Usage Data").
TRACKING COOKIE DATA
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
- Session Cookies. We use Session Cookies to operate our Service.
- Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
- Security Cookies. We use Security Cookies for security purposes.
Use of Data
mmhmm uses the collected data for various purposes:
- To provide and maintain our Service
- To notify you about changes to our Service
- To allow you to participate in interactive features of our Service when you choose to do so
- To provide customer support
- To gather analysis or valuable information so that we can improve our Service
- To monitor the usage of our Service
- To detect, prevent and address technical issues
We will not sell your data to any third party for the purposes of marketing or advertising, or any other purpose.
Legal Basis for Processing Personal Data under the General Data Protection Regulation (GDPR)
We may process your Personal Data because:
- We need to perform a contract with you
- You have given us permission to do so
- The processing is in our legitimate interests and it is not overridden by your rights
- For payment processing purposes
- To comply with the law
Retention of Data
We will also retain Usage Data for internal analysis. Usage Data is generally retained for a shorter period of time, except when this data is used to improve and strengthen the security and/or to improve the functionality of our Service, or we are legally obligated to retain this data for longer periods.
Transfer of Data
Your information, including Personal Data, may be transferred to - and maintained on - computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction.
If you are located outside the United States and choose to provide information to us, please note that we collect the data, including Personal Data, in the United States and process it there.
We will use commercially reasonable efforts to ensure that no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
Disclosure of Data
DISCLOSURE FOR LAW ENFORCEMENT
Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency, subpoena, etc.). You will be notified of the request where legally permissible, and we will try to limit the amount and nature of the information disclosed to that of a “need to know” basis to the extent commercially reasonable. Once notified, you are also able to work with the requisite authorities to procure an injunction at your own cost and discretion.
We may disclose your Personal Data in the good faith belief that such action is necessary to:
- comply with a legal obligation
- protect and defend our rights or property
- prevent or investigate possible wrongdoing in connection with the Service
- protect the personal safety of users of the Service or the public
- protect against legal liability
Security of Data
Our Policy on "Do Not Track" Signals under the California Online Protection Act (CalOPPA)
We do not track you over time and across third party websites to provide targeted advertising. Accordingly, we do not currently respond or take any action with respect to web browser "do not track" signals or other mechanisms that generally provide you the ability to exercise choice regarding the collection of Personal Data about your online activities over time and across third party websites or online services.
Your California Privacy Rights Under CCPA
If you are a California resident, the California Consumer Privacy Act (CCPA) permits you to request information about our practices related to the disclosure of your personal information to certain third parties for their direct marketing purposes. You may be able to opt-out of our sharing of your personal information with unaffiliated third parties for the third parties’ direct marketing purposes in certain circumstances. If you wish to make such a request, please send it (along with your full name, email address, postal address, and the subject line labeled “Your California Privacy Rights”) by email to email@example.com or by mail to:
548 Market Street, PMB 85948
San Francisco, California 94104
If you do not provide this required information, we may not be able to respond to you.
We will not discriminate against you for exercising your rights under the CCPA. Specifically, we will not:
- Deny access to our Site;
- Charge a different rate for any of our products; or
- Provide a different quality of service.
California Shine the Light
Nevada law gives Nevada consumers the right to request that a company not sell their personal information for monetary consideration to certain other parties. This right applies even if their personal information is not currently being sold. If you are a Nevada consumer and wish to exercise this right, please submit your request by sending us an email to firstname.lastname@example.org or by mail to:
548 Market Street, PMB 85948
San Francisco, California 94104
Your Data Protection Rights under the General Data Protection Regulation (GDPR)
If you are a resident of the European Economic Area (EEA), you have certain data protection rights. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
If you wish to be informed about what Personal Data we hold about you and if you want it to be removed from our systems, please contact us at email@example.com.
In certain circumstances, you have the following data protection rights:
The right to access, update or delete your personal information.Whenever made possible, you can access, update or request deletion of your Personal Data directly within the account settings section of our Service. If you are unable to perform these actions yourself, please contact us at firstname.lastname@example.org.
The right to correct information.You have the right to correct your information if that information is inaccurate or incomplete.
The right to object.You have the right to object to our processing of your Personal Data.
The right of restriction.You have the right to request that we restrict the processing of your personal information.
The right to data portability.You have the right to be provided with a copy of your personal information we have in a structured, machine-readable and commonly used format.
The right to withdraw consent.You also have the right to withdraw your consent at any time where we relied upon your consent to process your personal information.
Please note that we may ask you to verify your identity before responding to such requests. Additionally, your ability to use the Service may be adversely affected depending upon how you may wish to exercise these rights.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
We may employ third party companies and individuals to facilitate our Service ("Service Providers"), provide the Service on our behalf, perform Service-related services or assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyze the use of our Service. These include:
We use Google Analytics on our Site to help us analyze the traffic on our Site. For more information on Google Analytics’ processing of Personal Data, please see google.com/policies. By using a browser plugin provided by Google, you can opt out of Google Analytics.
We use Mixpanel in our Service to help us understand how our products are being used.
We use Mailchimp to send email updates and announcements about our Service. We use Mailchimp’s analytics tools to analyze responses to our emails. You can unsubscribe from these communications at any point in time by following the instructions in the email.
We may provide paid products and/or services within the Service. In that case, we will use third-party services for payment processing (e.g. payment processors).
Links to Other Sites
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Our Service is not intended for children under the age of 18. Accordingly, we do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us at email@example.com. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
By email: firstname.lastname@example.org