Last Updated February 28, 2022
This Rootwurks Privacy Statement (“Privacy Statement”) explains our privacy practices for the activities described in this statement. Please read this Privacy Statement carefully to learn how we collect, use, share, and otherwise process information relating to individuals (“Personal Data”), and to learn about your rights and choices regarding your Personal Data.
A reference to “Rootwurks,” “we,” “us” or the “Company” is a reference to Rootwurks, Inc.
1. Activities Covered
- Visit our websites that display or link to this Privacy Statement;
- Visit our branded social media pages;
- Visit our offices;
- Receive communications from us or otherwise communicate with us, including but not limited to emails, phone calls, texts or faxes;
- Use our products and services as an authorized user (for example, as an employee of one of our customers who provided you with access to our services) where we act as a controller of your Personal Data;
- Register for, attend or take part in our webinars or programs;
- Act as or work for a service provider or supplier to Rootwurks, to the extent Rootwurks acts as a controller with respect to your Personal Data; or
- Participate in surveys, research or other similar data collection facilitated by us.
Our websites and services may contain links to other websites, applications, platforms, and services maintained by third parties. The information practices of these third parties, including the social media platforms that host our branded social media pages, are governed by their privacy statements, which you should review to better understand their privacy practices.
2. What Personal Data do we collect?
- If you express an interest in obtaining additional information about our services; request customer support; use our “Contact Us” or similar features; register to receive communications; sign up for a webinar; participate in a program or survey; act as an authorized user for our products and services; or download certain content, we may require that you provide to us your contact information, such as your name, job title, company name, address, phone number, email address or username and password;
- If you attend an event, we may, with your further consent, scan your attendee badge, which will provide to us your information, such as name, title, company name, address, country, phone number and email address;
- If you register with us for a variety of purposes, including participating in a program, we may ask you to provide a username, photo or other biographical information, such as your occupation, location, social media profiles or usernames, company name, areas of expertise and interests;
- If you interact with our websites or emails, we may collect information about your device and your usage of our websites or emails (such as Internet Protocol (IP) addresses or other identifiers), which may qualify as Personal Data using cookies, web beacons, or similar technologies;
- If you use and interact with our products and services, we collect information about your device and your usage of our services through log files and other technologies, some of which may qualify as Personal Data;
- If you communicate with us via a phone call, we may record that call in accordance with applicable laws;
- If you attend an event or visit our offices, we may collect your image or video;
- If you voluntarily submit certain information to us, such as filling out a survey, responding to a questionnaire or participating in other forms of research, we may collect the information you have provided as part of that request, which may include special categories of Personal Data, to the extent you voluntarily choose to provide it;
- If you visit our offices, you may be required to register as a visitor and to provide your name, email address, phone number, company name and time and date of arrival; and
- If you are a supplier or service provider to Rootwurks (or work for a supplier or service provider), you may also be required to provide us with Personal Data such as your contact details and payment and billing information.
Another individual at your organization may provide us with your personal information, which may include Personal Data and special categories of Personal Data, to the extent you consent to providing it and sharing it, for the purposes of offering our or obtaining your services.
3. What device and usage data do we process?
1.3 Device and usage data
In addition, we may gather certain information automatically as part of your use of our products and services. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server), mobile device number, device and application identification numbers, location, browser type, Internet service provider or mobile carrier, the pages and files viewed, website and webpage interactions including searches and other actions you take, operating system type and version, system configuration information, date and time stamps associated with your usage and details of which of our products and product versions you are using. This information is used to maintain the security of the services, to provide necessary functionality, to improve performance of the services, to assess and improve customer and user experience of the services, to validate that you are a licensed user, to review compliance with applicable usage terms, to identify future opportunities for development of the services, to assess capacity requirements, to identify customer opportunities, and for the security of Rootwurks generally (in addition to the security of our products and services). Some of the device and usage data collected by the services, whether alone or in conjunction with other data, could identify you. Please note that this device and usage data is primarily used to identify the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the services to our customers.
3.2 Cookies, web beacons and other tracking technologies on our website and in email communications
We also use web beacons and pixels on our websites and in emails. For example, we may place a pixel in a marketing email that notifies us when you click on a link in the email. We use these technologies to operate and improve our websites and marketing emails.
3.3 Social Media Features
Your interactions with Social Media Features are governed by the privacy policies of the companies providing them.
3.4 Telephony log information
4. Purposes for which we process Personal Data
- Promoting the security of our websites and services: We process your Personal Data by tracking use of our websites and services, creating aggregated non-personal data, verifying accounts and activity, investigating suspicious activity, and enforcing our terms and policies to the extent it is necessary for our legitimate interest in promoting the safety and security of the services, websites, systems and applications and the security of Rootwurks generally, and in protecting our rights and the rights of others;
- Handling contact and user support requests: If you fill out a “Contact Me” web form or request user support, or if you contact us by other means including but not limited to via phone, we process your Personal Data to perform our contract with you and to the extent it is necessary for our legitimate interest in fulfilling your requests and communicating with you;
- Managing event registrations and attendance: We process your Personal Data to plan and host events or webinars for which you have registered or that you attend, including sending related communications to you or to perform our contract with you or where we receive your consent;
- Contract fulfilment: We may process your Personal Data for the purposes of fulfilling our contract with you or your employer (e.g. if you are an authorized user of our products and services or work for a service provider or supplier to Rootwurks). We do this where it is necessary for the performance of the relevant contract;
- Developing and improving our websites and services: We process your Personal Data to analyze trends and to track your usage of and interactions with our websites and services to the extent it is necessary for our legitimate interest in developing and improving our websites and services and providing our users with more relevant content and service offerings, or where we seek your consent;
- Assessing and improving user experience: We process device and usage data as described in Section 3.1 above, which in some cases may be associated with your Personal Data, to analyze trends and assess and improve the overall user experience to the extent it is necessary for our legitimate interest in developing and improving the service offering or website, or where we seek your consent;
- Assessing capacity requirements: We process your Personal Data to assess the capacity requirements of our services to the extent that it is in our legitimate interest to ensure that we are meeting the necessary capacity requirements of our service offering;
- Identifying customer opportunities: We process your Personal Data to assess new potential customer opportunities to the extent that it is in our legitimate interest to ensure that we are meeting the demands of our customers and their users’ experiences;
- Registering and hosting visitors to the office or at events: We process your Personal Data for security, health, and safety reasons, to register visitors and to manage non-disclosure agreements that visitors may be required to sign, to the extent such processing is necessary for our legitimate interest in protecting our offices, staff and visitors and our confidential information against unauthorized access;
- Recording phone calls: We may record phone calls for training, quality assurance, and administration purposes. If required under applicable law, we will obtain your prior consent or give you the option to object to a call being recorded;
- Administering surveys and conducting research: We process your Personal Data (including special categories of Personal Data) in order to meet the goals set out in surveys or research as well as to analyze our compliance with internal policies. If required under applicable law, we will obtain your consent to process your responses;
- Sending communications: We may process your Personal Data or device and usage data, which in some cases may be associated with your Personal Data, to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, telemarketing calls, SMS, or push notifications) about us and our affiliates and partners, including information about our products, promotions, news or events as necessary for our legitimate interest in conducting direct marketing or to the extent you have provided your prior consent (please see Section 9 below to learn how you can control the processing of your Personal Data by Rootwurks for marketing purposes); and
- Compliance with legal obligations: We process your Personal Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Data to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of our websites or services, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, respond to lawful requests, or for auditing purposes.
5. Who do we share Personal Data with?
- Service providers: With our contracted service providers, who provide services such as IT and system administration and hosting, credit card processing, research and analytics, marketing, customer support and data enrichment for the purposes described above in Section 4 above;
- Customers with whom you are affiliated: If you use our services as an authorized user, we may share your Personal Data with your affiliated customer responsible for your access to the services to the extent this is necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies;
- Professional advisers: In individual instances, we may share your Personal Data with professional advisers acting as service providers, processors, or joint controllers – including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Personal Data; and
- Third parties involved in a corporate transaction: If we are involved in a merger, reorganization, dissolution or other fundamental corporate change, or sell a website or business unit, or if all or a portion of our business, assets or stock are acquired by a third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party.
6. International transfer of Personal Data
Therefore, your Personal Data may be processed outside your jurisdiction, including in countries and jurisdictions that are not subject to an adequacy decision by the European Commission or your local legislature or regulator, and that may not provide for the same level of data protection as your jurisdiction. We ensure that the recipient of your Personal Data offers an adequate level of protection and security, for instance by entering into the appropriate back-to-back agreements and, if required, standard contractual clauses or an alternative mechanism for the transfer of data as approved by the European Commission (Art. 46 GDPR) or other applicable regulators or legislators. Where required by applicable law, we will only share, transfer or store your Personal Data outside of your jurisdiction with your prior consent.
8. How long do we keep your Personal Data?
After the expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of such data.
For more information on data retention periods, please contact us by using the information in the Section 12 below.
9. Your rights relating to your Personal Data
9.1 Your rights
- Access your Personal Data held by us;
- Know more about how we process your Personal Data;
- Rectify inaccurate Personal Data and, taking into account the purpose of processing the Personal Data, ensure it is complete;
- Erase or delete your Personal Data;
- Restrict our processing of your Personal Data;
- Transfer your Personal Data to another controller, to the extent possible;
- Object to any processing of your Personal Data;
- Opt out of certain disclosures of your Personal Data to third parties;
- If you’re under the age of 16, or such other applicable age of consent for privacy purposes in relevant individual jurisdictions, opt in to certain disclosures of your Personal Data to third parties;
- Not be discriminated against for exercising your rights described above;
- Not be subject to a decision based solely on automated processing, including profiling, which produces legal effects (we do not do this); and
- Withdraw your consent at any time (to the extent we base processing on consent), without affecting the lawfulness of the processing based on such consent before its withdrawal.
9.2 How to exercise your rights
Some registered users may update their user settings, profiles, organization settings, and event registrations by logging into their accounts and editing their settings or profiles.
9.3 Your rights relating to customer data
9.4 Your preferences for email and SMS marketing communications
Please note that opting out of marketing communications does not opt you out of receiving important business communications related to your current relationships with us, such as communications about your subscriptions or event registrations, service announcements or security information.
9.5 Your preferences for telemarketing communications
Alternatively, you can always let us know during a telemarketing call that you do not want to be called again for marketing purposes.
10. How we secure your Personal Data
While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password (if applicable), limiting access to your devices and if applicable signing out of websites after your sessions. If you have any questions about the security of our websites, please contact us by using the information in Section 12 below.
11. Changes to this Privacy Statement
We encourage you to periodically review this Privacy Statement to stay informed about our collection, processing and sharing of your Personal Data.
12. Contacting us
13. Additional Disclosures for California Residents
California law requires that we detail the categories of Personal Data that we disclose for certain “business purposes,” such as to service providers that assist us with securing our services or marketing our products, and to such other entities as described in Sections 5 and 6 of this Privacy Statement. We disclose the following categories of Personal Data for our business purposes:
- Commercial Information;
- Internet activity information;
- Financial Information;
- Professional and employment-related information;
- Education information; and
- Inferences drawn from any of the above information categories.
For more information on how to exercise your rights, please refer to Section 9.2 of this Privacy Statement. If you are an authorized agent wishing to exercise rights on behalf of a California resident, please contact us using the information in the “Contacting Us” section above and provide us with a copy of the consumer’s written authorization designating you as their agent. We may need to verify your identity and place of residence before completing your rights request.