Last updated June 22, 2021
Below, we cover the following topics:
- Information We Collect
- Use Of Your Information
- European Economic Area Users
- Sharing Of Your Information
- How Long We Keep Your Information
- How We Protect Your Information
- Where We Store Your Information
- Information From Minors
- EEA Privacy Rights
- Access To And Control Of YOur Information
- Cookies And Tracking Notice
- California Resident Privacy Rights
- How To Contact Us
1. Information We Collect
Information you provide to us. We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services or otherwise when you contact us. We may ask you for certain personal information, such as your name, birthdate, postal address, e-mail address, telephone number, company name, job title, or payment information. When you request support from us, we may also collect information from you such as contact information, documentation, screenshots, or other information you or we may believe is helpful to solving the issue. When you speak with our customer service or sales representative on the phone, your calls may be recorded and/or monitored for quality assurance, training and research purposes.
Information we collect automatically when you visit our websites. We and our third-party partners, such as our advertising and analytics partners, collect information about your visits to our websites and your interactions with our ads or content, together with information such as your IP address, cookies, and other tracking technologies (e.g., web beacons, device identifiers, and pixels). For more information, please see our Cookies and Tracking Notice, which includes information on how to control or opt out of these cookies and tracking technologies.
Information we get from third parties. Third party sources of information include: Our single sign on providers which provide us information like user email addresses, user IDs and tenant ID. This information allows users to sign in to our apps and services using single sign on. You can also opt to sync your Active Directory user information with our apps and services to allow automatic provisioning of user accounts. The user and tenant information you choose to sync with our apps and services is configurable but at the very least requires usernames, email addresses, user Ids and tenant Ids to be collected from 3rd party providers.
Your contact lists and address book. If you use our mobile apps, we may request your permission to access and store the contact list or address book maintained on your mobile phone, tablet, or other broadband-connected device. Your contact list is considered your personal data. We may also facilitate the delivery of messages to individuals in your contact list that you wish to invite to download our mobile apps so that you can utilize our services with these selected individuals, although it is always your choice to send invites to such individuals. We will not use your contact list information for other purposes without first notifying you of the proposed use. You do not have to allow us to access your contact list information, but if you do not, certain features of our mobile apps may not be available to you. You may at any time opt out from allowing this access via the privacy settings on your device.
2. Use Of Your Information
We use personal information collected via our Services for a variety of business purposes described below. How we use the information we collect depends on which of our services you use, how you use them, and specific preferences you may have communicated to us. We list below the specific purposes for which we collect your information.
To facilitate account creation and logon process. If you choose to link your account with us to a third-party account (such as your Google or Facebook account), we use the information you allowed us to collect from those third parties to facilitate account creation and logon process for the performance of the contract.
To deliver our services. We use your information because it is necessary to perform our obligations in delivering our services to our customers. This includes delivering your communications to the intended end user, processing transactions with you (such as billing), authenticating you when you log into our platform, providing customer support, and operating and maintaining our services. We also need your information to communicate with you about the services, including registration confirmations, purchase confirmations, expiration or renewal reminders, responding to your requests, and sending you notices, updates, security alerts, administrative messages, and other communications necessary to usage of the services.
Request feedback. We may use your information to request feedback and to contact you about your use of our Services.
To enable user-to-user communications. We may use your information in order to enable user-to-user communications with each user's consent.
To manage user accounts. We may use your information for the purposes of managing our accounts.
To send administrative information to you. We may use your personal information to send you product, service and new feature information and/or information about changes to our terms, conditions, and policies.
To protect our Services. We may use your information as part of our efforts to keep our Services safe and secure (for example, for fraud monitoring and prevention).
To enforce our terms, conditions and policies for business purposes, to comply with legal and regulatory requirements or in connection with our contract.
To respond to legal requests and prevent harm. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.
3. European Economic Area Users
European data protection law requires organizations like us to provide a lawful basis to collect And use your information. Our lawful basis to collect and use information from our EEA users include when:
- We need it in order to provide you with the services and to carry out the core activities related to our provision of the services.
- We need to comply with a legal obligation.
- We have a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the services and to protect our legal rights and interests.
- You give us your consent to do so for a specific purpose.
4. Sharing Of Your Information
We may process or share your data that we hold based on the following legal basis:
Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.
Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
Compliance with law enforcement requests and applicable laws; enforcement of our rights. We may disclose personal data as required by applicable law, regulation, legal process or government request; to protect Yellowfish, our services, our customers or the public from harm or illegal activities; and to enforce our agreements, policies and service terms.
Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
5. How Long We Keep Your Data
We store your information until it is no longer necessary to provide the Services or otherwise relevant for the purposes for which it was collected., unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). No purpose in this notice will require us keeping your personal information for longer than the period of time in which users have an account with us.
When we have no ongoing legitimate business need to maintain your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
6. How We Protect Your Information
YellowFish has implemented administrative, physical, and technical safeguards to help protect the personal data that we maintain. However, no system or service can provide a 100% guarantee of security, especially a service that relies upon the public internet. Therefore, you acknowledge the risk that third parties may gain unauthorized access to your information. Keep your account password secret and please let us know immediately if you think your password was compromised. Remember, you are responsible for any activity under your account using your account password or other credentials.
7. Where We Store Your Information
Personal information held by YellowFish is stored on and processed on computers situated in the United States [and in other jurisdictions?]. We and/or our service providers also process data in some other countries for customer care, account management and service provisioning.
If you are an EEA resident, your personal data held by YellowFish may be transferred to, and stored at, destinations outside the EEA that may not be subject to equivalent data protection laws, including the United States. When you sign up for Services with YellowFish or inquire about our Services, we transfer your information to the United States and other countries as necessary to perform our agreement with you or to respond to an inquiry you make. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers.
- International transfers within YellowFish and its corporate affiliates. To facilitate our global operations, we transfer information among our corporate affiliates in countries whose privacy and data protection laws may not be as robust as the laws of the countries where our customers and users are based. We utilize standard contractual clauses approved by the European Commission and rely on the European Commission’s adequacy decisions about certain countries, as applicable, for data transfers from the EEA to the United States and other countries.
8. Information From Minors
We do not knowingly solicit data from or market to children under 18 years of age. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at email@example.com.
9. EEA Privacy Rights
In some regions, like the European Economic Area (EEA) and the United Kingdon (UK), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please use the contact details provided below. We will consider and act upon any request in accordance with applicable data protection laws.
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
If you are a resident in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here:
If you are a resident in Switzerland, the contact details for the data protection authorities are available here:
If you have questions or comments about your privacy rights, you may email us at firstname.lastname@example.org.
10. Access To And Control Of Your Information
Account Information: Consistent with applicable laws and data security requirements, we will reasonably honor written requests from you to access or amend your account information, such as name, address, and billing information. If you would at any time like to review or change the information in your account or terminate your account, you can contact us using the contact information provided.
Opting Out Of Email Marketing: You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in the emails that we send or by contacting us using the details provided below. You will then be removed from the marketing email list — however, we may still communicate with you, for example to send you service-related emails that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.
To otherwise opt-out, you may contact us using the contact information provided.
Your rights as an EEA resident. If you are from the EEA, you may have broader or additional rights, including:
- to be provided with a copy of your personal data held by us;
- to request the rectification or erasure of your personal data held by us;
- to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
- to object to the further processing of your personal data, including the right to object to marketing and profiling; and
- to request that your provided personal data be moved to a third party.
Where the processing of your personal data by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us.
11. Cookies And Tracking Notice
They also help us track users, conduct research, allow you to back click to earlier registration pages viewed by you and improve our content and services. For instance, we may use web beacons on our websites to access and set cookies and otherwise help us to better understand how users are moving through our websites. Information provided by the web beacon includes the computer’s IP address, the type of browser being used and the time that the web beacon was viewed. We may also use web beacons in e-mails and newsletters so that we know when such communications have been opened and to otherwise help us tailor our communications to individual users.
12. California Resident
This section applies only to California Consumers. It describes how we collect, use, and share California consumers’ personal information in our role as a business, and the rights applicable to such residents. For purposes of this section "personal information" has the meaning given in the California Consumer Privacy Act (“CCPA”). YellowFish does not sell your personal information or your end users’ personal information.
We process your personal information only in order to provide the services and we do not retain, use, or disclose your personal information outside of the scope of the agreement we have with you.
How We Collect, Use, and Share your Personal Information
We have collected the following statutory categories of personal information in the past twelve (12) months:
- Identifiers, such as name, e-mail address, mailing address, fax number and phone number. We collect this information directly from you or from third party sources.
- Customer records information, such as your Social Security number for a limited purpose like tax reporting relating to a payment for a customer referral or to facilitate an international money transfer.
- Information collected in connection with your use of our services, including communications usage information and the communications content processed through the services.
- Internet or network information, such as browsing and search history. We collect this information directly from your device.
- Geolocation data, such as IP address. We collect this information from your device.
- Financial information, such as payment details or financial account numbers in the process of providing you with our services. We collect this information from you.
- Inferences based on your use of the services and browsing history.
- Other personal information, in instances when you interact with us online, by phone or e-mail in the context of receiving support from our sales and customer service teams
Your California Rights: You have certain rights regarding the personal information we collect or maintain about you. Please note these rights are not absolute, and there may be cases when we decline your request as permitted by law.
- The right of access means that you have the right to request that we disclose what personal information we have collected, used and disclosed about you in the past 12 months.
- The right of deletion means that you have the right to request that we delete personal information collected or maintained by us, subject to certain exceptions.
- The right to non-discrimination means that you will not receive any discriminatory treatment when you exercise one of your privacy rights.
- YellowFish does not sell personal information to third parties (pursuant to California Civil Code §§ 1798.100–1798.199).
- “California's “Shine the Light” law, Civil Code section 1798.83, requires certain businesses to respond to requests from California consumers asking about the businesses' practices related to disclosing personal information to third parties for the third parties' direct marketing purposes. Alternately, such businesses may have in place a policy, as we do, only to disclose personal information of consumers to third parties for the third parties' direct marketing purposes if the consumer has opted into such information-sharing.
How to Exercise your California Rights: You can exercise your rights yourself or you can alternatively designate an authorized agent to exercise these rights on your behalf. Please note that to protect your personal information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent's identity to protect your personal information.
Please email us at email@example.com if you would like to exercise your rights pursuant to CCPA or learn more about your rights or our privacy practices.
14. How To Contact Us
Synergy Corporate Technologies
55 Greens Farms Road
Westport, CT 06880