This Policy provides information about how CherryRoad collects, uses, discloses, and protects the personal information (“Personal Information”) we gather when you:
- create or access an account through our Sites or use the services, including any applications or demos that we make available via the Sites, from time to time (the “Services”);
- download, install, or otherwise use any CherryRoad software product, including any demos related to such products (“Products”);
- request information about any Products or subscribe to newsletters or other promotional material about our Products and Services; or
- subscribe to, access, configure, or otherwise use any CherryRoad hosted or software-as-a-service offering (“SaaS Products”).
The Sites, Services, Products, and SaaS Products are each referred to in this Policy as a “CherryRoad Property”, or, collectively as the “CherryRoad Properties”.
This Policy does not apply to the privacy practices governing the relationship between our customers and their end users when our customers use our Products or SaaS Products to collect and process data, which will be governed by our customers’ own privacy policies.
Furthermore, access to and usage of some of our Products or SaaS Products, may entail additional privacy terms, to which you must agree before using the specific Product or SaaS Product.
Information Gathered and Tracked by CherryRoad Products
CherryRoad may collect various types of information from visitors to our Sites or from phone or email conversations, which are described in more detail below. In some instances, we may combine one type of information with another type of information and store them together in our records. In all cases, however, we strive to limit the amount of information we collect and store to that which is necessary to provide you the relevant services.
Organizational and Personal Information Collected
Within our Sites, you may be asked to give us personal or organizational information in order to purchase or receive information about a CherryRoad Property or to use a CherryRoad Property. We may collect this information through different methods, including (without limitation):
- Registration Forms. We encourage all visitors to register with CherryRoad, although registration is not required except for access to our premium content areas. The registration forms require users to give us accurate contact information and references to help us better serve you. If you establish an account with us, you will be given specific account information in connection with establishing an account with us and it is your responsibility to ensure your account credentials always remain confidential.
- Order Forms and Enrollment Forms. Our order and enrollment forms securely collect visitor’s contact information and payment information to use for order fulfillment and this information may be shared with our partners or resellers if that is necessary to fulfill your request. During the purchasing process, you may be given the opportunity to sign up for future e-mailings regarding our products, services, and promotions.
- Registration Profile. You may also be given the option of registering a profile with us to store your name, purchase history, and billing information to make it easier for you to shop and purchase products/services from us in the future. Depending on the specific CherryRoad Property, you may change or cancel information relating to your profile online at any time.
- Customer Proprietary Network Information. If you are a customer of our VoIP Services, we may receive what is known as Customer Proprietary Network Information (“CPNI”). Examples of CPNI include information typically available from telephone-related details on billing for Services, such as technical information, type of service, current charges, service billing records, usage data, and calling patterns. CPNI does not include things like customer name, address, or telephone number, aggregate information or data that is not specific to a single customer, customer premises equipment, and Internet access services.
- Online forums and social networks. Any Personal Information that you choose to submit while using one of our online forums or social networks may be read, collected, or used by others who visit these community areas. You should carefully consider whether you wish to submit Personal Information to these forums or social networks and should tailor any content you submit appropriately.
The Personal Information collected by CherryRoad Products may include, but is not necessarily limited to:
- Contact information (such as your name, title, e-mail address, postal address, and telephone number);
- Transactional information;
- User preferences;
- IP address/Domain information;
- Financial/credit card and payment information (please see the Third Party Payment Processor section for more information);
- Demographic information and geographic or geo-location information
- Additional information as needed for our business and customer service purposes.
We ask that you not send or otherwise share with us any sensitive Personal Information, which includes but is not limited to your government-issued ID numbers (e.g. Social Security Number or driver’s license number), racial or ethnic information, political or religious opinions, or your health information (“Sensitive Personal Information”).
In some cases, end users of our customers may need to provide Sensitive Personal Information to our customer in order to make use of an application that uses our Product or SaaS Product, and that Sensitive Personal Information may be stored or processed by us as a result. We process such Sensitive Personal Information in the role of a processor on behalf of a customer (and/or its affiliates) who is the responsible controller of the Sensitive Personal Information concerned. If your Personal Information has been submitted to us by or on behalf a CherryRoad customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable customer directly. Because we may only access a customer’s data upon instruction from that customer, if you wish to make your request directly to us, please provide to us the name of the CherryRoad customer that submitted your data to us. We will refer your request to that customer and will support them as needed in responding to your request within a reasonable timeframe.
Notwithstanding the above, it we ever need to handle Sensitive Personal Information about you, we will ask your consent to do so. Once given, such consent may be withdrawn at any time. We will not handle any Sensitive Personal Information that we are not permitted by you to handle, or that you have not provided us with. Any Personal Information about you that we handle will only be accessible by those CherryRoad personnel who have a reason to do so.
CherryRoad Sites Cookies & Analytics
Do Not Track Signals
Without a common industry or legal standard for interpreting Do Not Track (DNT) signals, the Sites do not respond to browser DNT signals. We will continue to monitor further development of a DNT standard by the privacy community and industry.
How CherryRoad Uses and Shares Information
CherryRoad does not sell, lease, or rent the Personal Information you share with us with third parties. However, the information you provide may be used by us or shared with third parties for any of the following purposes (and please note that not all the uses listed below may be relevant to you):
With your consent (when required), we may use and share the Personal Information we collect to provide, support, and improve the CherryRoad Properties; deliver correspondence, communications, or services, such as newsletters, email job alerts, events, training, or software that you request or purchase; process orders; confirm licensing compliance; solicit your feedback; and inform you about the Company and the products and services of our distributors and resellers.
Product-specific data collection and usage information may also be available in the applicable end user agreement or services agreement and product documentation.
- Also, we may use your Personal Information as described below.
- We may anonymize your Personal Information and analyze that data and other information in aggregate form which does not identify you personally. We may share this aggregate data with our affiliates, agents, advertisers, manufacturers, business partners, and to current and prospective business partners and to other third-parties for other lawful purposes.
- We may employ other companies and individuals to perform functions on our behalf. Examples may include providing hosting and network services, information technology support, and customer service. These other companies will have access to the Personal Information we collect only as necessary to perform their functions pursuant to contractual agreements with CherryRoad.
- CherryRoad may retain, aggregate, use, and resell any non-personal information (including other information) collected in connection with any use of the Sites or our products and services both during your use of the same and after such use has ended.
Also, as you browse our Sites, our web servers collect non-personal information about your visit for the operation and improvement of the CherryRoad Properties, to track Site trends and statistics, and to prevent Product license abuse. Via server logs, we monitor statistics such as the number of visitors to our Sites, which pages on the Sites that people visit most often and from which domains visitors come to the Sites. While we gather this type of information, none of it is associated with you as an individual. We use these statistics to improve our Sites, monitor their performance, and to make it easier for you and other visitors to use them.
Use of CPNI and Account Representative. If you are a customer of our VoiP Services, CherryRoad will not use, disclose, or permit access to your CPNI except in connection with the provision of services from which such information is derived, or as authorized or required by federal law, or as authorized by you. The Federal Communications Commission (FCC) has adopted additional rules in 47 C.F.R. 64.2010, designed for residential customers, that would restrict our ability to disclose certain information to, or permit certain changes to accounts requested by, inbound callers or visitors to our offices, and that would regulate our ability to provide customers with account access online, but the FCC permits business customers and their telecommunications service providers to agree to more flexible customer authentication methods that are better suited for an efficient business relationship. You hereby agree that your dedicated account representative assigned by CherryRoad and CherryRoad’s personnel who are responsible for commercial accounts may disclose your CPNI or make changes to your account at the request of persons that they reasonably believe to be your authorized representatives, that CherryRoad may provide online access to your CPNI in any commercially reasonable manner, and that the requirements of Section 64.2010 of the FCC’s rules shall not apply to the relationship between CherryRoad and you.
Informed Consent to Data Collection and Processing
CherryRoad will rely on current and prospective customers to determine what information they would like to receive about our products, services, and partners, and will inform all visitors to our websites of their rights regarding information collection and tracking and provide the ability for an individual to amend their selections in the future.
Controlling Your Communication Preferences
If you sign up for newsletters, email job alerts, or other communications from us about any CherryRoad Property, you can change, update, or opt-out of receiving future communications by either clicking on the “unsubscribe” link at the bottom of any email from us or emailing us at firstname.lastname@example.org. However, some non-marketing communications are not subject to general opt-out, such as communications related to product download, sales transactions, software updates and other support related information, patches, and fixes, conferences, or events for which you have registered, and disclosures to comply with legal requirements.
Third Party Payment Processor
We use third-party service providers (“Payment Processors”) to manage credit card processing. Under our agreement with service providers, they are not permitted to store, retain, or use your Personal Information or your billing information except for the sole purpose of credit card processing on our behalf. In certain cases, we may have access to the last four digits of your credit card number, its expiration date, and the billing address, which we will use solely to assist us in providing the product or service you purchased. In addition, we and our service providers may use any information processed pursuant to this section at an aggregate level for internal business analyses and fraud prevention.
Communications on the Site
Any Personal Information or other content that you choose to submit in any forum on the Sites may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. We are not responsible for the Personal Information or other content that you choose to submit in these forums.
Any content or Personal Information you publish on the Sites may also appear in search engine results (such as Google, Yahoo!, and Bing), in the cache of those search engines, in feeds, and on third-party sites pursuant to cobranding agreements. We have no control over updating and/or removal of such content or Personal Information, which is the sole responsibility of the search engines, third-party sites, and RSS web feed resources. You agree and acknowledge that we are not liable for the information published in search results or by any third-party site that carries any content or Personal Information you publish on the Sites. We strongly discourage your posting any content or Personal Information that you do not want others to see or use.
We do not and cannot review all communications and materials posted to or created by users that visit the Sites or use the Services. However, we reserve the right to block or remove communications, content, Personal Information, or other submissions to the Sites, for any reason, in our sole and absolute discretion.
Our Security Practices
CherryRoad employs industry standard security measures to ensure the security of information. However, the security of information transmitted through the Internet can never be guaranteed. CherryRoad is not responsible for any interception or interruption of any communications through the internet or for changes to or losses of information. Users of our Sites are responsible for maintaining the security of any password, user ID, or other form of authentication involved in obtaining access to password protected or secure areas of our Sites or any of the CherryRoad Properties. To protect you and your information, CherryRoad may suspend your use of the Sites or a CherryRoad Property without notice, pending an investigation, if any breach of security is suspected. Access to and use of password protected and/or secure area of the Sites or any CherryRoad Property is restricted to authorized users only. Unauthorized access to such areas is prohibited and may lead to criminal prosecution.
We have put in place physical, electronic, and managerial procedures designed to help prevent unauthorized access, to maintain data security, and to correctly use the information we collect online. These safeguards vary based on the sensitivity of the information that we collect and store. We also use administrative, technical, and physical security measures to help protect your Personal Information. While we have taken reasonable steps to secure the Personal Information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal information.
We use third parties to assist us providing you with a variety of services while using the CherryRoad Properties. When you subscribe to receive any of these services, we will share your Personal Information only as necessary with the third-party solely for the purpose of providing that service. In addition, we may use specialized third parties for our subscription billing platform.
These companies may use your information to help CherryRoad communicate with you about offers from CherryRoad. These companies do not have any independent right to share this information. We will obtain your initial consent prior to sharing your Personal Information. If you would like to opt out of having your Personal Information shared with these third parties in the future, you may Contact Us, but please note that opting out may preclude you from licensing certain products due to our point-of-sale processes.
Commitment to Children’s Online Privacy
The Sites are not directed at children. CherryRoad does not knowingly accept online Personal Information submitted to its Sites from children under the age of 18. If you are under 18 or otherwise would be required to have parent or guardian consent to share information with CherryRoad, you should not share any information about yourself.
Correcting and Updating Your Personal Information
CherryRoad may retain your Personal Information for a period consistent with the original purpose of collection. For instance, we may retain your Personal Information during the time in which you have an account to use our Sites or Services and for a reasonable period afterward. We also may retain your information during the period needed for CherryRoad to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes, and enforce our agreements.
You may request to review, correct, delete, or otherwise modify any of the Personal Information that you have previously provided to us through the CherryRoad Properties. If you have registered for an account with CherryRoad, you may generally update your user settings, profile, organization’s settings, or event registration by logging into the applicable Site or Service with your username and password and editing your settings or profile. To update your billing information, discontinue your account, and/or request return or deletion of your Personal Information associated with your account, please contact your account representative or the customer service team for the applicable Service. For other requests to access, correct, modify, or delete your Personal Information, please review the “Contact Us” section below. Requests to access, change, or delete your information will be addressed within a reasonable timeframe. If you are an employee of a CherryRoad customer, you may also wish to contact your company’s system administrator for assistance in correcting or updating your information.
California Privacy Rights
Under the California Consumer Privacy Act of 2018 (CCPA), California residents may have a right to:
- Access the categories and specific pieces of personal data CherryRoad has collected via the Site, the categories of sources from which the personal data is collected, the business purpose(s) for collecting the personal data, and the categories of third parties with whom CherryRoad has shared personal data;
- Delete personal data under certain circumstances; and
- Opt out of the sale of personal data (if applicable). We do not sell your personal data.
CherryRoad will not discriminate against you for exercising any of these rights, which is further in line with your rights under the CCPA.
To exercise your rights, contact us via the webform, https://www.cherryroad.com/contact-us/or by calling 973-402-7802 (Option 6) . We will acknowledge receipt of your request within 10 business days, and provide a substantive response within 45 calendar days, or inform you of the reason and extension period (up to 90 days) in writing.
Under the CCPA, only you or an authorized agent may make a request related to your personal data. Note that to respond to your requests to access or delete personal data under the CCPA, we must verify your identity. We may do so by requiring you to log into your CherryRoad account (if applicable), provide information relating to your account (which will be compared to information we have, such as profile information), give a declaration as to your identity under penalty of perjury, and/or provide additional information. You may designate an authorized agent to submit your verified consumer request by providing written permission and verifying your identity, or through proof of power of attorney.
For the purposes of the CherryRoad Properties, CherryRoad acts as a “service provider” to its customers pursuant to the CCPA. If you are a California resident and would like information regarding personal data collected by our customers who use the CherryRoad Properties, please contact the customer directly.
California’s Shine the Light Law
California Civil Code Section 1798.83, also known as “Shine the Light” law, permits California residents to annually request information regarding the disclosure of your Personal Information (if any) to third parties for the third parties’ direct marketing purposes in the preceding calendar year. We do not share Personal Information with third parties for the third parties’ direct marketing purposes.
Notice to Visitors Outside the United States
Changes to Policy
CherryRoad will occasionally update this Policy. When we do, we will post a prominent notice in this section of this policy notifying users when it is updated. For material changes (i.e., substantially new practices you wouldn’t expect from us or that we didn’t previously tell you about), we may decide to give you notice via email, in which case you will have a choice as to whether we use your Personal Information in this different manner. We reserve the right to make changes to our practices and this Policy at any time if we follow the procedures above.
If you have comments or questions about this Policy, you may contact us at email@example.com.