Redfish Labs, Inc. dba Torch Leadership Labs
Last Updated on July 8th, 2020
TABLE OF CONTENTS
- What Information Do We Collect?
- How Do We Use the Information We Collect?
- Do We Share Your Personal Information?
- How Do We Secure Your Personal Information?
- Your Choices Regarding Information
- Links to Third Party Websites
- How We Respond to Do Not Track signals
- Children Under 16
- DMCA Notice
- Your California Privacy Rights
- Users Outside of the United States
- Contact Us
Privacy Shield Framework
Torch adheres to the Privacy Shield Principles with respect to data received from the EU, UK and/or Switzerland in reliance on the Privacy Shield Frameworks. You can find Torch on the Privacy Shield List on the Commerce Department website.
Pursuant to the Privacy Shield Frameworks, EU, UK and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct or amend incomplete or incorrect information, or delete the personal information that has been processed in violation of the principles. An individual who seeks access, or who seeks to correct, amend, or delete data transferred to the United States under Privacy Shield, should direct their query to firstname.lastname@example.org.
As mentioned further in this policy, we do not rent, sell, or permit personal data to be used for reasons other than those for which it was originally provided. If this practice should change in the future, we will update this policy accordingly and l provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to email@example.com.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Torch’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Torch remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless Torch proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, Torch commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, United Kingdom and Swiss individuals with Privacy Shield inquiries or complaints should first contact Torch at: firstname.lastname@example.org.
Torch has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/bbb-privacy-shield/file-a-complaint for more information and to file a complaint. This service is provided free of charge to you.
Torch commits to cooperate with EU data protection authorities (DPAs), the United Kingdom Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU, the UK and Switzerland in the context of the employment relationship. EU, UK or Swiss individuals with HR complaints should not refer anything to BBB EU Privacy Shield.
EU, UK or Swiss individuals wishing to contact their Data Protection office may find more information at the following links:
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
The Federal Trade Commission has jurisdiction with enforcement authority over Torch’s compliance with the Privacy Shield.
What Information Do We Collect?
We collect information, including Personal Information, only where we have a lawful basis. Lawful bases on which we rely include your consent where you have given it, contract where processing is necessary for us to perform our obligations pursuant to a contract with you, and legitimate interests of our business such as operating and providing the Services to you.
We collect, store, and use information we get from your use of the Services, including the following categories of information (which, for clarity, include Personal Information):
- Your profile information, which includes first name, last name, email address, phone number, your role at the Corporate Customer, and any other information you share when you create an account with us or otherwise access the Services.
- Other Personal Information you voluntarily submit to the Services as part of your use thereof, which may include your date of birth, your profile picture, etc.
- Other details about you that you voluntarily submit to Corporate Customers as part of your use of the Services.
- Your responses to surveys that we may ask you to complete for research purposes or to help direct Torch activities.
- Details of how you use the Services.
- Your internet protocol address (i.e., IP address) and, if you access the Services from a mobile application, mobile device identifiers and non-email authentication.
- Browser and device information and information collected through Tracking Technologies (defined below), such as cookies, pixel tags, and other technologies.
How Do We Use The Information We Collect?
We use the information we collect for a variety of purposes, including to improve the Services, optimize our technology, and refine and customize our offerings and user experience.
In particular, we use the information we collect to:
- Administer and provide the Services, enable you to use its features, and improve the overall user experience.
- Communicate with you through email, text, SMS, message via social media platforms, telephone, or any other medium for which we have contact information so that we can provide you with information and updates about the Services.
- Respond to comments and questions and provide technical support and customer support.
- Analyze how you and other Clients use the Services using tools like Google Analytics, Hubspot and other tools to help us understand traffic patterns and know if there are problems with the Services.
- Protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
- Link or combine user information with other Personal Information.
- Compare information for accuracy, update our records, and verify it with third parties.
Do We Share Your Personal Information?
We do not rent, sell, or share your Personal Information with other people or non-affiliated third parties except with your consent or as necessary to complete any transaction or provide the Services or any specific service you have requested or authorized. We currently do not share personal data with third parties for their direct marketing purposes without your consent.
To help us do our work, we may provide limited access to some of your Personal Information to the following third parties:
- Collaborating Organizations: Sometimes we collaborate closely with other groups to further our mission. In these cases, we may share your name, contact information and other details you provided when making an account with our partners.
- Service Providers: We work with a wide range of third-party providers, notably our database administrators, cloud computing services, advertising services, data analysts, application service providers, bulk SMS services, and other non-governmental organizations. We do not authorize them to use or disclose your Personal Information except in connection with providing their services.
- Payment processors: We work with payment processors such as Stripe to help process credit card transactions and other payment methods made through the Services. These payment processors will store certain information about you. Please refer to their privacy policies to learn more about how they use your Personal Information.
We may also transfer your Personal Information to a third party as a result of a merger, acquisition, reorganization or similar transaction; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of the Services; and to protect Torch’s rights or property. In such event, and to the extent legally permitted, we will notify you and, if there are material changes in relation to the processing of your Personal Information, give you an opportunity to consent to such changes.
We will also share Personal Information with companies, organizations or individuals outside of Torch if we have a good-faith belief that access, use, preservation, or disclosure of your Personal Information is reasonably necessary to (1) detect or protect against fraud or security issues, to enforce the Agreement, (2) meet any enforceable government request, (3) defend against legal claims, or protect against harm our legal rights or safety, or that of our staff and/or users.
We, or third parties we do business with, may use certain technologies to automatically collect log files and other information about your usage of, and the devices you use to access, the Services (“Tracking Technologies“). For example, we may use Tracking Technologies like cookies, log files, web beacons, session replay scripts, or similar technologies to help us analyze our web page flow, customize our services, content and advertising, measure promotional effectiveness and promote trust and safety.
You may delete and block all cookies from the Services, but parts of the Services will not work. We want to be open about our cookie use.
Web beacons may be used to track the traffic patterns of users from one page to another in order to maximize web traffic flow. Our third-party advertising service providers may also use web beacons to recognize you when you access the Services and to help determine how you found the Services. If you would like more information about this and to know your choices about not having this information used by these companies, please visit: the Digital Advertising Alliance’s website, http://www.aboutads.info/, or the Network Advertising Initiative’s website, http://networkadvertising.org/consumer/opt_out.asp.
How Do We Secure Your Personal Information?
We take reasonable steps to protect your Personal Information against unauthorized access, alteration, disclosure, misuse, or destruction. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. The safety and security of your Personal Information also depends on you. If you create an account with us, you are solely responsible for keeping your account details confidential, including any access credentials like passwords or mobile device PINs.
Your Rights Regarding Your Personal Information
You have certain rights with respect to the storage, use, and sharing of Personal Information that is submitted to us, which are listed below. If you wish to exercise any of your rights with respect to your Personal Information, please contact your employer (the Corporate Customer) directly. If you contact us, we will use commercially reasonable efforts to work with the applicable Corporate Customer to respond to your request.
- Changing, Correcting, or Deleting Your Personal Information. All users may review, update, correct or delete the Personal Information furnished by a user, and/or other content uploaded by the user, to a Corporate Customer.
- Downloading or Accessing Your Personal Information. You may obtain a copy of your Personal Information, as well as information about its processing.
- Withdrawing Consent (Opting Out). Where processing Personal Information is based on your consent, you have a right to withdraw consent at any time for future processing.
- Lodging Complaints. You have a right to lodge a complaint with a data protection authority.
Links to Third Party Websites
By using the Services, you agree that we will not be liable for any damage or loss caused by your use of or reliance on any content, advertising, products, or other materials on or available from these third-party websites.
How We Respond to Do Not Track Signals
Your browser settings may allow you to automatically transmit a Do Not Track signal to websites and other online services you visit. We do not alter our practices when we receive a Do Not Track signal from a visitor’s browser because we do not track our visitors to provide targeted advertising. To find out more about Do Not Track, please visit http://www.allaboutdnt.com.
Children Under 16
The Services is not directed to individuals who are under age of sixteen (16) and we do not solicit nor knowingly collect Personal Information from children under the age of sixteen (16). If you believe that we have unknowingly collected any Personal Information from someone under the age of sixteen (16), please contact us immediately at email@example.com and the information will be deleted.
If you own a copyright or have authority to act on behalf of a copyright owner and want to report a claim that a third party is infringing that material on or through our Services, please send a notice to our copyright agent that includes all of the items below and we will expeditiously take appropriate action. Our designated copyright agent to receive such claims can be reached at firstname.lastname@example.org. This process does not limit our ability to pursue any other remedies we may have to address suspected infringement.
- A description of the copyrighted work that you claim is being infringed;
- A description of the material you claim is infringing and that you want removed or access to which you want disabled and the URL or other location of that material;
- Your address, telephone number, and email address;
- The following statement: “I have a good faith belief that the use of the copyrighted material I am complaining of is not authorized by the copyright owner, its agent, or the law (e.g., as a fair use)”;
- The following statement: “The information in this notice is accurate and, under penalty of perjury, I am the owner, or authorized to act on behalf of the owner, of the copyright or of an exclusive right that is allegedly infringed”; and
- An electronic or physical signature of the owner of the copyright or a person authorized to act on the owner’s behalf.
A Note to Users Outside the United States
Torch is based in the United States. The Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States. Your Personal Information may be collected, transferred to, stored and otherwise processed in any country where we have facilities or in which we engage service providers. By using the Services you consent to the transfer of information to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.
We may also process Personal Information using other compliance mechanisms to ensure that transfers of Personal Information are provided an adequate level of protection as required by law, such as by entering into appropriate contractual arrangements (such as, where applicable, the standard contractual clauses for the transfer of data as approved by the European Commission) or by asking for your prior consent.
Please do contact us at email@example.com if you have any complaints or concerns with respect to your privacy. If you believe we are unable to assist you, you may have the right to lodge a complaint with a supervisory authority in the relevant jurisdiction. For individuals in the European Union, a list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en. Individuals in the United Kingdom may find more information about the ICO here : https://ico.org.uk/make-a-complaint/eu-us-privacy-shield/ Swiss individuals may locate FDPIC information here: https://ico.org.uk/make-a-complaint/eu-us-privacy-shield/ However, we are committed to working with you to resolve any complaint or concern you may have with respect to your privacy.