Chartbeat Privacy Policy

Effective Date: March 15, 2013

This privacy policy (the "Privacy Policy") describes how Chartbeat, Inc. ("Chartbeat", "We" or "Us") collects and uses your data on our websites, including chartbeat.com (collectively, the “Site”), along with services related to the Site (collectively, the "Service"). By visiting the Site and using the Service, you consent to our use and processing of your information as set forth herein. This Privacy Policy covers Chartbeat’s treatment of personal information that Chartbeat gathers when you use the Service or visit the Site. This policy does not apply to third parties that Chartbeat does not own or control.

If you have any questions or comments regarding this privacy policy or its enforcement, please contact Us at privacy@chartbeat.com.

  1. NOTICE - INFORMATION WE COLLECT AND USE.
    1. Users of Websites on which the Service are Implemented. When you visit a website on which the Service is implemented (“Customer Website”), We collect certain information regarding your use of the Customer Website, such as your IP address and browser type. We gather this information for systems administration purposes, abuse prevention and to track user trends. Your session on the Customer Website will be tracked, but each user will remain anonymous. We may use your IP address to identify the general geographic area from which you are accessing the Customer Website. We do not link IP addresses to any personally identifiable information.
    2. Users of Our Service. We collect and store information that registered users of Our Service ("Customers") submit to Us, such as their names and e-mail addresses, to allow Us to identify Customers, provide the Service and notify Customers of changes or updates to the Service. When Customers provide us with their e-mail addresses, they automatically opt-in to receive e-mails from Us (including marketing e-mails). If a Customer would like to opt-out of these marketing e-mails, it can change its settings through its account page. If a Customer elects to provide it, We also collect and store the Customer’s name and phone number, which We use to assist Us in providing the Service. We also collect other information from Customers, such as IP address and browser type. We use the IP addresses of Customers to assist in login and other uses related to Customers’ use of the Service. Customers’ sessions on Our Site are also tracked for systems administration purposes and to track user trends. We may link IP address and other information to a Customer's account.
    3. Traffic Data. As part of the Service, We collect information relating to traffic on the Customer Websites ("Traffic Data") on which Customers choose to activate the Service. In connection with the collection of this Traffic Data, Chartbeat does not collect any personally identifiable information from users of Customer Websites, provided that (i) Chartbeat does collect IP addresses from visitors to Customer Websites in order to show geolocation information, and (ii) the Customer configures the Chartbeat code on the Customer Website in accordance with the instructions and documentation provided by Chartbeat, so that URLs containing personally identifiable information of end users are not captured by the Service. Chartbeat is not and shall not be liable for any collection or use of personally identifiable information of end users of a Customer Website due to a Customer’s placement of the Chartbeat code on the Customer website not in accordance with Chartbeat’s instructions or the documentation.
    4. Header Information. We collect and use browser header information to help Us understand from which websites a user navigates to a Customer Website.
    5. Cookies. Like many other websites, We use a standard technology called "cookies." Cookies are small pieces of information stored on your hard drive. They can help make the Internet experience quicker and more convenient. Cookies allow Customers to login without entering their user ID and password each time they use the Service. We also use cookies on Customer Websites; these cookies help Us understand how users interact with those Customer Websites. Cookies also allow Us to improve the Service. Most browsers have an option for turning off the cookie feature, which will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new cookie in a variety of ways. If you disable cookies, you will not be able to use the Service. We may also use cookies in connection with third party services to run analytics on Our Site; these cookies do not collect or use any personal information about users of Our Site or Service.

      For our European Customers who are subject to the EU ePrivacy directive:
      Chartbeat uses two cookies. One cookie (_chartbeat2) is used to register whether a user has visited the Customer Website before (to calculate “new vs returning” users). The other (_SUPERFLY_nosample) is used only if a Customer exceeds its plan’s traffic limit. When the traffic limit is reached the cookie is set and will disable the beacon from that Customer for one hour. The chartbeat2 cookie is valid for 30 days. The _SUPERFLY_nosample cookie is valid for one hour.

      If a Customer does not allow the placement of Chartbeat cookies on its Customer Website, the “new vs. returning user” data point in its Chartbeat dashboard will not be accurately reported.

  2. DATA INTEGRITY - HOW WE USE YOUR INFORMATION. We generally use the information We collect from end users of our Site, Customers of our Service, and end users of our Customer Websites to create a secure and personalized Service.
    1. IP Addresses. We gather this information for systems administration purposes, abuse prevention and to track user trends. If you are an end user of a Customer Website, we may also use your IP address to identify the general geographic area from which you are accessing the Customer Website. We do not link IP addresses to any personally identifiable information.
    2. Header Information. Header information is used to determine which websites originated traffic into Customer Websites implementing the Service.
    3. Traffic Data. Traffic Data is used to provide Customers with real-time analytics and uptime monitoring. We may aggregate and anonymize Traffic Data with that from other sites to provide benchmarking data and other functionality, but Chartbeat will not use or disclose aggregated Traffic Data in a manner that reveals the identity of a Customer or Customer Website without the Customer’s express prior consent.
    4. User ID and Password Information. We collect Customers’ user ID and password information to enable them to log into and use the Service.
    5. Customer E-Mail Addresses. Customers are automatically opted-in to receive marketing emails from us when they register for the Service. Customers can opt-out of such emails by adjusting their account settings, provided that we may still send Customers e-mails relating to their accounts.
    6. Customer Names and Phone Numbers. We collect Customers’ names and phone numbers, which allow Us to contact them in account recovery and other scenarios.
  3. ONWARD TRANSFER - DISCLOSURE OF INFORMATION TO THIRD PARTIES.
    1. Personal Information. Except as expressly provided otherwise herein, we will not sell, lease or exchange the personal information of our Customers or any end user (to the extent that we obtain such information) to third parties without first obtaining their express consent, unless required by law or to protect their status as a Customer. To the extent We do disclose your personal information to a third party to protect your status as a Customer, We will notify you in accordance with this Privacy Policy.
    2. Traffic Data. We may aggregate and anonymize Customers’ Traffic Data with that from other Customers to provide benchmarking data and other functionality, but we will not disclose aggregated Traffic Data in a manner that reveals the identity of a Customer or a Customer Website without the Customer’s express prior consent.
    3. Cookies We generally use only 1 cookie called "_chartbeat2" on Customer Websites, which informs us of whether an end user has visited the Customer Website before. On occasion, we will add a second cookie called "_SUPERFLY_nosample" if a Customer Website is receiving more traffic than its plan for the Service allows. These cookies are assigned to the Customer Website using the Service and are unique to that domain. If you choose to remove Chartbeat cookies, please refer to the documentation for your browser. Keep in mind that a Customer’s removal of Chartbeat cookies will render the data on its Chartbeat dashboard inaccurate.
    4. Agents We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products and services. Examples include billing, technical assistance, and customer service. Our agents subscribe to the same level of privacy protection as we do. Unless we tell you differently, Chartbeat’s agents do not have any right to use the personal information we share with them beyond what is necessary to assist us.
    5. Business Transfers In some cases, Chartbeat may choose to buy or sell assets. In these types of transactions, user information is typically one of the business assets that is transferred. Moreover, if Chartbeat, or substantially all of its assets, were acquired, user information would be one of the assets that is reviewed and transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Chartbeat may continue to use your personal information as set forth in this policy.
  4. CHOICE
    1. Your Authorization Required. We will not use or share your personal information other than as set forth in this Privacy Policy, or as you have explicitly authorized, without obtaining your consent. If at any time We would like to disclose your personal information to a third party in a manner not described above, We will provide you with an affirmative or explicit (opt in) choice. Personal information will not be used to directly market the Service unless that possible use of the information has been disclosed to you and you have authorized us to permit such disclosure.
    2. Email Opt-Out. As noted above, Customers may choose not to receive marketing emails from Us and can opt out of such e-mails through their account settings.
  5. ACCESS.
    1. Accessing Personal Information. Customers may access their personally identifiable information stored by Chartbeat. We will allow Customers to correct, amend or delete their personal information that We retain to the extent it is inaccurate, except where the burden or expense of providing access would be disproportionate to the risks to the privacy of the Customer in question, or where the rights of others would be violated. Note that We do not retain IP addresses, browser information or header information of non-Customer users for more than a temporary period of time in order to provide the Service, and as such, that information cannot be accessed or modified.
    2. Deletion. Customers who discontinue use of the Service may choose to have their personal information deleted from the Service by contacting legal@chartbeat.com.
  6. LINKS TO THIRD PARTY WEBSITES.
    Our Site may contain links to third party websites. Please be aware that We are not responsible for the privacy practices of third party websites you choose to visit. If you provide any information directly to parties other than Us, different rules may apply to the use or disclosure of that information. We encourage you to investigate and ask questions before disclosing your personal information to third parties.

  7. CUSTOMER WEBSITES.
    Websites are not under Chartbeat’s control and Chartbeat is not responsible for the privacy or security practices or the content of such websites. You should review the privacy policy posted on any other website to understand how that third party collects and uses your personally identifiable information.

  8. THIRD PARTY ADVERTISERS.
    We may choose to deploy advertising on the Site and Service that is delivered to users through a third party's advertising server. Information about users' visits to Our Site or use of our Service, such as the number of times a user has viewed an ad (but no personally identifiable information of the user), would be used in such a scenario to serve ads to users of Our Site and Service.

  9. VOLUNTARY PUBLIC DISCLOSURE OF PERSONAL INFORMATION. Please be aware that whenever you voluntarily disclose personal information online - e.g., on message boards, in chat areas, in file uploads, through events, etc. - that information becomes public and can be collected and used by others and indexed in search engines. We have no control over, and take no responsibility for, the use, storage or dissemination of such publicly disclosed personal information. By posting personal information online in public forums, you may receive unsolicited messages from other parties. If you log on to our Site or Service through a social networking site (e.g., Facebook or Twitter), we may receive personal or anonymous data about you from that site, in accordance with the terms of use and privacy policy of that site. We may add this information to the information we have already collected from you via that site.

  10. PRIVACY PROTECTION FOR CHILDREN.
    In compliance with the Children's Online Privacy Protection Act (COPPA), We do not knowingly provide access to the Service to persons under the age of thirteen (13). If We learn that any user of the Service is under the age of thirteen (13), We will take appropriate steps to remove that user's information from our records and We will restrict that individual from future access to the Service.

  11. SECURITY.
    We have implemented security measures to protect user information from loss, misuse and alteration. We use industry-standard practices such as encrypted storage, firewalls and password protection systems to safeguard the confidentiality of Customers’ personal information. Each of Our employees and agents is aware of Our security policies, and your information is only available to those employees and agents who need it to perform their jobs.

  12. CONSENT.
    This Privacy Policy is a part of Our Terms of Service. By visiting Our Site or using the Service, you agree to be bound by the Terms of Service and this Privacy Policy. Capitalized terms used here and defined in the Terms of Service shall have the meanings set forth in the Terms of Service. Any order forms or additional agreements to which you agree governing the provision of optional Chartbeat features shall take precedence over the terms of this Privacy Policy to the extent of any differences, so please read such order forms or additional agreements carefully. This Privacy Policy only addresses activities on our Site and Service.

  13. NOTIFICATION OF CHANGES.
    If We change this Privacy Policy and seek to use your personal information in a manner different from that stated at the time of collection, you will be notified via e-mail or otherwise in some manner through the Service. In addition, if We make any material changes in Our privacy practices that do not affect personal information already stored by Us, We will post a notice on Our Site notifying users of the change. In some cases where We post such a notice, We will also e-mail users who have opted to receive communications from Us to notify them of the changes in Our privacy practices.

  14. SAFE HARBOR PRIVACY STATEMENT.
    Chartbeat complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Chartbeat has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Chartbeat’s certification, please visit http://www.export.gov/safeharbor/.

    We process user information in Our facilities in the United States. All information subject to this Privacy Policy is collected in the United States, obtained through websites in the United States, or obtained in other countries and transferred to the United States. Regardless where it originated, all user information subject to this Privacy Policy receives the same level of privacy protection as described herein.

  15. ENFORCEMENT.
    Complaints related to this Privacy Policy and Our compliance with it and the Safe Harbor Principles can initially be referred to legal@chartbeat.comor Chartbeat, Inc. at 826 Broadway, 6th Floor, New York, New York 10003. We also follow internal procedures for verifying that Our commitments under this Privacy Policy have been implemented, and will remedy problems arising out of a failure to comply with this Privacy Policy and the Safe Harbor Principles.

    We have further committed to refer unresolved privacy complaints under the Safe Harbor Principles to an independent dispute resolution mechanism, the BBB EU SAFE HARBOR, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Us, you may contact the BBB EU SAFE HARBOR program by visiting the page: www.bbb.org/us/safe-harbor-complaints.