Privacy Policy

This Privacy Statement was last updated January 8, 2018

This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our Services.

This Privacy Policy describes BotDoc’s information collection and use practices. This Privacy Policy refers to BotDoc as “we,” “us,” or “our,” and refers to the reader as “you” or “user.”  If you access or use our website, including botdoc.io, our mobile applications, and/or any of our other sites, products, or services that link to this Privacy Policy (“Services”), you consent to our collection and use of your information as described in this Privacy Policy, including that your information may be transferred to and stored in the United States.  IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, PLEASE DO NOT USE THE SERVICES.

The agreement that governs your subscription (or that of your organization) to BotDoc services, may include specific information use provisions that are different from or more restrictive than those described within this Privacy Policy.  Please refer to your individual agreement with BotDoc to check for any specific information privacy terms that may also apply to the information you provide to BotDoc in connection with your use of that particular service.

  1. What personal information do we collect and how we collect it?

When registering for our Services, information that you may provide us includes, but not limited to: name, email address, phone number, mailing address and billing information.

When do we collect information?

We collect information from you when you log in or create an account, use a third-party payment solution we support, create or edit your user profile, complete an online form or register for a promotion, request certain features (e.g., newsletters, demos, and other products), contact customer support or provide a user testimonial.

You may also choose to provide the following:

Social Media Account Information.  When you connect your social media account to the Services, you provide us with the user ID associated with any social media account (e.g., Facebook, Twitter, LinkedIn, Google Plus) that you use. If you sign in with or otherwise connect your social media account to the Services, you authorize us to collect, store, and use in accordance with this Privacy Policy any and all information available to us through the social media interface, including without limitation any information that you have made public in connection with your social media account, information that the social media service shares with us, or information that is disclosed as being shared during the sign-in process.  Please see your social media provider’s privacy policy and help center for more information about how they share information when you choose to connect your account.

User-Generated Content. If you choose to comment on our blogs or in our community forums or otherwise volunteer information, you provide us with that information and it may be available to other users and even the public. This means that it can be read, collected, and used by others without our knowledge, including to send unsolicited communications.

The decision to provide us with information is optional; however, if you elect not to provide certain information, you may not be able to access certain content or features available through the Services.

  1. Information That Is Collected Automatically

Device and Usage information. We may collect information about:  (i) the computers or devices (including mobile devices) you use to access the Services; and (ii) how you use the Services.  Examples of the information that we may automatically collect and analyze include, but are not limited to:

  • IP Address, a.k.a. internet protocol address (your point of access to the Internet). IP address can reveal a web user’s general location (city/state/country).
  • Unique Device Identifiers, such as MAC Address, IDFA, IDFV, IMEI, and Advertising IDs;
  • Device Attributes, such as browser types, browser language, and operating system;
  • Usage Data, such as information related to the ways in which you interact with the Services, such as: web log data, referring and exit pages and URLs, platform type, the number of clicks, domain names, landing pages, pages and content viewed and the order of those pages, the amount of time spent on particular pages, the date and time you used the Services, the frequency of your use of the Services, error logs, and other similar information; and

As described further below, we may use third-party analytics providers and technologies, including cookies and similar tools, to assist in collecting this information.

Purpose of Collection of Other PII; Privacy Shield: We collect certain PII constituting non-HR Data, generally consisting of personal data about those involved in BotDoc cases/proceedings in the United States and abroad, whether such persons are parties to the case, Neutrals involved with the case, or witnesses, for storage and processing on servers in the United States.  Non-HR personal data that is collected and processed includes PII about attorneys, parties and witnesses involved in BotDoc cases (arbitration and mediation proceedings) and the Neutrals (arbitrators and mediators) presiding over such proceedings; such information may be collected in the European Union (EU) or Switzerland and transferred to the United States in compliance with the Privacy Shield Frameworks.

  1. How do we protect your information?

Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.

We use regular Malware Scanning.

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers.

Cookies and Related Technologies. We use “cookies” and other “tracking” technologies for a variety of purposes.  The technologies we may use include, but are not limited to: (i) browser cookies; (ii) web beacons; (iii) tracking pixels; and (iv) local shared objects (“flash cookies”).  Our uses of cookies and related technologies include, but are not limited to: storing your username and password; analyzing usage of the Services by collecting the device/usage information discussed above; customizing the Services; and personalizing and delivering the advertising displayed by or within the Services or our emails, as well as advertisements that may be displayed on other sites or mobile applications.  As we adopt additional technologies, we may also gather additional information through other methods.

Cookie Choices.  Many browsers automatically accept cookies, but you can modify your browser setting to decline cookies by visiting the Help portion of your browser’s toolbar. If you choose to decline cookies, please note that you may not be able to sign in, customize, or use some of the interactive features of the Services.

Information from Other Sources.  We may obtain information about you from other sources such as marketers, partners, affiliates, researchers, and others where they are legally permitted to share such information with us.  For example, if you register for BotDoc through an affiliate that facilitates your activity on BotDoc, that affiliate may provide information about you and your transactions to us.

  1. How We Use the Information We Collect.

In general, we use the information we collect to provide and administer the Services. More specifically, we might use the information we collect to:

  • Provide you with the services and products you have requested, such as to create and maintain audit trails of activity associated with any particular request or to generate and maintain certificates of completion for completed transactions;
  • Send you records regarding our relationship and transactions or notifications of activity through different channels, such as email or push notifications;
  • Notify you about new features, products, and special events;
  • Provide you with newsletters or marketing communications about our products and services as well as third party products and services we think may be of interest to you;
  • Test changes and develop new features, products and services;
  • Generate and review data and reports describing our user base and usage patterns;
  • Analyze the accuracy, effectiveness, usability, or popularity of the Services and perform research;
  • Verify your identity, deter and prevent fraud, and enforce the legal terms that govern your use of the Services; and
  • Resolve disputes and troubleshoot the Services.
  • Public Authorities.  We may disclose your PII in response to lawful requests by public authorities, including to meet national security or enforcement requirements.
  • Service Providers. In the event that we engage service providers as data processors on our behalf, then subject to appropriate confidentiality and security measures, including compliance with this Privacy Policy, we may share your PII with them.  Any such third party data processors are and/or will be subject to contractual agreements to ensure that they only process PII provided by BotDoc in a manner consistent with BotDoc’s obligations under the Privacy Shield Principles as more fully described and made accessible to you below. BotDoc remains liable under such Principles if its agent processes your PII in a manner inconsistent with the Principles, unless we can prove that we are not responsible for the event giving rise to any damage.

Aggregated or De-Identified Data – We may aggregate and/or de-identify the information we collect to limit or prevent identification of any particular user or device.  Our use and disclosure of aggregated and/or de-identified information is not subject to any restrictions under this Privacy Policy, and we may disclose it to others without limitation for any purpose.

  1. Third-party disclosure – How we share information.

We do not rent, sell, or share your information with third parties except as described in this Privacy Policy. We may share your information with the following types of recipients and for the following purposes:

Recipients Designated by You or Associated with your Account.

If you are an authorized user of an account, the account subscriber or person who controls the account (e.g. administrator) will have access to information describing your use of the Services.

Third Parties.  If you make a payment within the Services, we will share your payment method details with the third-party payment processor.

Service Providers. We may share your information with third parties that we refer to as service providers to assist us in providing services to you.  For example, we might use these third parties to provide search technology, advertising services, authentication systems, bill collection and fulfillment, fraud detection, customer support, and recruiting.  Our contracts with service providers contain terms governing their use of your data.

Affiliates/Resellers. We may share your information with other companies under common ownership or control with BotDoc who will process your information in a manner consistent with this privacy policy.

Safety, Security, and Compliance with Law. We may share your information when we believe in good faith that such sharing is reasonably necessary to investigate, prevent, or take action regarding possible illegal activities or to comply with legal process (e.g. a subpoena). We may also share your information in situations involving potential threats to the physical safety of any person, violations of this Privacy Policy or our user agreements or terms; or to respond to the claims of violation of the rights of third parties and/or to protect the rights, property and safety of BotDoc, our employees, users, or the public. This may involve the sharing of your information with law enforcement, government agencies, courts, and/or other organizations.

Business Transactions. As we develop our business, we may sell, buy, merge or partner with other companies or businesses, or sell some or all of our assets. In such transactions, user information may be among the transferred assets or the assets disclosed in connection with the due diligence for any such transaction.  If BotDoc is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our websites of any change in ownership or uses of your information, as well as any choices you may have regarding your information.

Consent. We may share your information in other ways and for new purposes if you have asked us to do so or have consented to such sharing. For example, we post customer testimonials on our Services that may identify you if we have received your consent.

  1. Online Analytics.

We may use third-party web analytics services on our Services, such as those of Google Analytics and Mixpanel.  These providers use cookie-related technologies (described in the “Information that is Collected Automatically” section above) to help us analyze how users use the Services, including by noting the third-party website from which you arrive.  The information collected will be disclosed to or collected directly by these service providers, who use the information to evaluate your use of the Services.  To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-Out Browser by clicking here, and you may also use Mixpanel’s opt out by clicking here.

Tailored Online Advertising.  Third parties whose products or services are accessible or marketed via the Services may also place cookies or other tracking technologies on your computer or other device to collect information about your use of the Services, in order to (i) inform, optimize, and serve advertising content based on past visits to our Services and other sites and (ii) report how our advertising content impressions, other uses of advertising services, and interactions with these advertising impressions and services are related to visits to our Services. We also allow other third parties (e.g., ad networks and ad servers such as Google AnalyticsAdRoll, and AppNexus, and others) to serve tailored advertising to you on the Services, and to access their own cookies or other tracking technologies on your computer or other device you use to access the Services. We neither have access to, nor does this Privacy Policy govern, the use of cookies or other tracking technologies that may be placed by such third parties.

If you are interested in more information about tailored browser advertising and how you can generally control cookies from being put on your computer or mobile browser to deliver tailored advertising (i.e., not just for the Services), you may visit the following pages/sites to learn more and opt-out of receiving tailored advertising from companies that participate in those programs.

To opt out of Google Analytics for Display Advertising or customize Google Display Network ads, you can visit the Google Ads Settings page.

Please note that to the extent advertising technology is integrated into the Services, you may still receive advertising content even if you opt-out of tailored advertising.  In that case, the advertising content will just not be tailored to your interests.  Also, we do not control any of the above opt-out links and are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms.

When accessing the Services from a mobile application you may also receive tailored in-application advertisements. Each operating system – iOS, Android and Windows Phone – provides its own instructions on how to prevent the delivery of tailored in-application advertisements. You may review the support materials and/or the privacy settings for the respective operating systems in order to opt-out of tailored in-application advertisements.  For any other devices and/or operating systems, please visit the privacy settings for the applicable device or operating system or contact the applicable platform operator.

California Do Not Track Disclosure. We are committed to providing you with meaningful choices about the information collected on our Services for third party purposes, and that is why we provide above the NAI “Consumer Opt-out” link, DAA opt-out link, our dispute resolution providers opt-out link, and Google opt-out link.  However, we do not recognize or respond to browser-initiated Do Not Track signals, as the Internet industry is currently still working on Do Not Track standards, implementations and solutions.

  1. Data Retention.

We will retain your information for as long as your account is active or as necessary for legitimate business purposes.

Reviewing and Updating Your Account. We offer you the ability to access, review and change information associated with your account (such as your profile information, password, billing information, and user preferences) by logging into the Services and visiting your Profile.  You can also make a request to modify information that cannot be amended or deleted through the Services by contacting us using the contact information below in Section 14.  We will take reasonable steps to permit you to modify or delete information that is inaccurate or incomplete, in accordance with applicable laws.

Closing Your Account. If you wish to close your account, send us a request by emailing us at the contact information provided below in Section 14.   Upon your request, we will close your account, and delete your contact information, billing information, and shipping information from our active databases.   Your account will be closed as soon as reasonably possible based on your account activity and in accordance with applicable law.  However, please note that even after you close your account, we may retain and use certain of your information (such as information regarding transactions made through our Services) where permitted by law to prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations, enforce our user agreements and terms, and comply with legal requirements.  If you have shared content or information through our Services with other users, such content or information may still be available to those other users if they have not also deleted it or closed their accounts.

  1. Email and Direct Marketing Choices.

The CAN-SPAM Act is a law that sets the rules for commercial email and we provide opt-out information in all commercial email messages we send via an “unsubscribe” link.  We reserve the right to send one message confirming your opt-out from a messaging program.  Please note that it may take us some time to process your requests consistent with applicable law.  You do not have the ability to opt-out of transactional or relationship messages (e.g., account notifications) that we send if you are a registered user of our Services or if you have engaged in transactions with us.  To opt out of other direct marketing from us, please contact us using the email below in Section 14.

To be in accordance with CAN-SPAM, we agree to the following:

  • Not use false or misleading subjects or email addresses.
  • Identify the message as an advertisement in some reasonable way.
  • Include the physical address of our business or site headquarters.
  • Monitor third-party email marketing services for compliance, if one is used.
  • Honor opt-out/unsubscribe requests quickly.
  • Allow users to unsubscribe by using the link at the bottom of each email.
  1. Linked Sites and Services.

Our Services may contain links to third-party websites or apps. Your use of a third-party site or app may result in the collection, processing, or sharing of information about you, depending on the site or app. We are not responsible for the content or privacy practices of other websites or services which may be linked on our services. We do not endorse or make any representations about third-party websites or services. The information you choose to provide to or that is collected by these third parties is not covered by our Privacy Policy. We strongly encourage you to read such third parties’ privacy policies.

  1. Users From Outside the United States.

By using the Services, you acknowledge that your information may be transferred to our affiliates and facilities, in the United States or elsewhere, and to the facilities of those third parties with whom we share it as described in this Privacy Policy.

BotDoc complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  BotDoc has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of both Frameworks, and any reference to “Privacy Shield Principles” shall include such Principles under both the EU and Swiss Frameworks.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  For further information about the requirements for compliance with the Privacy Shield, and further detail about the Privacy Shield Principles, please visit https://www.privacyshield.gov/

In compliance with the Privacy Shield Principles, BotDoc commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us if you have any complaint or concern regarding your PII (personal data) under this Privacy Policy, or arising under the Privacy Policy please contact us at privacy@botdoc.io (see section 14 below). We suggest that you put in the subject line of any email or communication “Privacy Policy” or “Privacy Complaint.”  We will respond within 30 days.

If you do not receive timely acknowledgment by us of your complaint, or if your complaint is not satisfactorily addressed by us, please contact our U.S.-based third-party dispute resolution provider JAMS (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.  If you still believe that your complaint or dispute has not been resolved, you can invoke binding arbitration as a last resort (if permitted with respect to your complaint), by providing notice to us in the manner indicated in Annex I to the EU – U.S. Privacy Shield Principles, available online, and following the procedures set forth in such Annex.  The location of the arbitration will be in the United States. You may choose video or telephone participation, which will be provided at no cost to you. In-person participation will not be required.  To the maximum extent permitted by applicable law, you will not be entitled to recover attorneys’ or arbitration fees, even if you would otherwise be entitled to them. In addition, EU citizens have the right to initiate a private cause of action.  Finally, with respect to any PII transferred from Switzerland to the U.S., the Swiss Federal Data Protection and Information Commissioner’s authority shall substitute for the EU Data Protection Authority, and BotDot agrees to cooperate with such Swiss Commissioner in this context. BotDoc commits to follow up in its verification that the attestations and assertions made in this Privacy Policy are true, and to remedy any problems that may arise if we fail to comply with the Privacy Shield Principles.

Mediation: You also agree that, in the event any dispute or claim arising out of or relating to your use of the Site or the Services or this Privacy Policy that does not relate to your PII (personal data), or that is not covered by the previous paragraph, you and BotDoc will attempt in good faith to negotiate a written resolution of the matter directly between the parties. You agree that if the matter remains unresolved for forty-five (45) days after notification (via certified mail or personal delivery) that a dispute exists, all parties shall join in mediation services in Denver, Colorado with a mutually agreed mediator in an attempt to resolve the dispute. Should you file any arbitration claims, or any administrative or legal actions without first having attempted to resolve the matter by mediation, then you agree that to the maximum extent permitted by applicable law, you will not be entitled to recover attorneys’ fees, even if you would otherwise be entitled to them.

The Federal Trade Commission has jurisdiction over BotDoc’s compliance with the Privacy Shield and for more information on privacy shield please research at https://www.privacyshield.gov/

  1. Children’s Privacy.

The Services are not designed for and are not marketed to minors.  We do not knowingly collect or solicit personal information from minors, and we do not knowingly allow such persons to use the Services. If you are a minor, please do not attempt to use the Services or send any information about yourself to us.  In the event that we learn that we have collected personal information from a minor without verified parental consent, we will delete that information as quickly as possible.  If you believe that we might have any information from or about a minor, please contact us using the contact information below.

  1. Your California Privacy Rights. California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the type of personal information disclosed to those parties.  As discussed above, we do not currently share personal information with third parties for their own marketing purposes.
  2. Changes to this Privacy Policy.

We reserve the right to amend this Privacy Policy from time to time to reflect changes in the law, our data collection and use practices, the features of our Services, or advances in technology.  Please check this page periodically for changes.  Our use of the information we collect is subject to the Privacy Policy in effect at the time such information is used.  If we make any material changes to this Privacy Policy, we will post the changes here and may notify you by email or other means before the change takes effect.  Please review changes carefully. Your continued use of our Services following the posting of changes to this Privacy Policy will mean you consent to and accept those changes.

  1. How to Contact Us

If there are any questions or suggestions regarding our Privacy Policy, you may contact us at privacy@botdoc.io or via postal mail at BotDoc, Attention: Privacy Team,  15954 Jackson Creek Parkway, Ste B572, Monument, CO 80132