Last updated: December 24, 2019

We Are Impact

We are Impact Tech, Inc. (US) (formerly known as “Impact Radius, Inc.”), and the following affiliated companies (“Affiliates”): Impact Radius Limited (UK), Forensiq Limited (UK), Impact Radius SA Pty Ltd (Cape Town, SA), Impact and Impact Radius Pty Ltd (AU), Impact Tech Singapore PTE. LTD. and Impact Radius (Shanghai) Co., Ltd..  We, and our Affiliates, are referred to as “Impact”.

Impact (“us”, “we”, or “our”) operates the website www.impact.com (“Website”) and provides Software-as-a-Service products to our business customers (collectively, the “Services”). This Privacy Policy informs you of our policies and practices regarding the collection, use, disclosure, retention and erasure of any information relating to you that identifies you or by which you are identifiable (“Personal Information”) through the use of our Website, our Services, or that you otherwise provide to us. We will not use or share your Personal Information with anyone except as described in this Privacy Policy. We use your Personal Information for providing and improving the Website and Services. By using the Website, the Services, or providing Personal Information to us, you agree to our collection and use of your Personal Information in accordance with this Privacy Policy.

Who may use our Website, Services?

Although certain areas of the Website can be accessed by visitors generally, access to our Services is not provided to the general public. Only persons or entities that are eligible to enter into further agreement(s) with us (our “Clients”) may, with our permission, access non-public areas of our Website. All such Clients are businesses and only adults may access our Services.

Personal Information Collection and Use

Clients

Our Clients that use our Services will be asked to provide us with certain Personal Information that can be used to contact or identify them (“Client Personal Information”). Such Client Personal Information will include, but is not limited to, name, postal address, business email address, phone number and employer. We collect and use Client Personal Information to:

  • verify your identity;
  • administer and support your interaction with our Website and Services;
  • permit access to our Services;
  • provide Services to our Clients;
  • provide information and otherwise respond to your requests;
  • contact you periodically about other services and products we offer and with information on upcoming Impact events;
  • carry out marketing analysis, enhance, improve, maintain and debug our Website and the Services;
  • prevent fraudulent use of our Website and our Services, and to prevent or take actions against such fraudulent use or violation of our Terms of Use or applicable law;
  • tailor content and other aspects of your experience on and in connection with our Website and Services; and
  • for any other purposes that we may disclose to you at the point at which we request your Personal Information, and pursuant to your consent.

If you submit information through our Website to enquire about our Services, our organization, or an event or information posted on our Website, we will use such Personal Information to contact you in reply to your specific enquiry.  You may be asked at that time whether you would like to be on our mailing list to receive news and updates about our company and Services.  You may request to be removed from such mailing list at any time by using the “unsubscribe” function in our electronic communications or by contacting us as provided in the How to Contact Us section of this Privacy Policy.

Our Clients’ Visitors

We may also process Personal Information of our Clients’ visitors and customers, and visitors to our Clients’ websites (or our Client’s application downloads) in performance of the Services on behalf of our Clients. In this context we are a “service provider” or “data processor” (as those terms are defined by applicable laws). This Personal Information may consist of Internet Protocol (“IP”) addresses, account or membership numbers (without a key to personally identify you), and/or email addresses, although, if it is our Clients sending email addresses to us, we request that our Clients encrypt email addresses prior to sending to us.  We take security measures to protect all Personal Information, including by hashing IP addresses and further encrypting email addresses. We do not associate Personal Information with individuals and are subject to our Clients’ instructions regarding such collection and use of such Personal Information. As a vendor of our Clients, the bases for our collection and processing of Personal Information of their customers and visitors may be through consent obtained by our Client, our Client’s legitimate interests, or (in accordance with applicable law) a lawful business purpose.

Impact does not rent or sell Personal Information. Other than to our Client that is utilizing our Services (who is the “business” or “controller”), Impact does not disclose Personal Information about you with other people or companies that are not Affiliates, except under the following circumstances:

  • in order to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
  • when it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person; violations of Impact’s terms of use, any agreement with Impact or this Privacy Policy; or as otherwise required by law.
  • if Impact sells any or all of its assets or their shareholders sell any or all of their shares to a third party in which case and subject always to compliance with applicable data protection legislation, you authorize that your Personal Information may be transferred to the buyer.
  • In relation to Client Personal Information and in the course of providing our Services, to our other Clients that you have relationships with.

Accessing and Correcting Your Personal Information

Client Personal Information is accessible through our Client online accounts (“Client Portals”). Clients are able to access their Personal Information to update and correct their Personal Information.  If you no longer have access to the Client Portals, you may submit a request to remove Personal Information you provided to us by emailing a request to privacy@impact.com or contacting us by telephone or mail as further specified in the How to Contact Us section of this Privacy Policy. To protect your privacy and security, we will also take reasonable steps to verify your identity before removing your information.

We reserve the right to retain and use Client Personal Information as reasonably necessary to comply with our contractual obligations to you, and in order to comply with applicable laws, including privacy and/or data protection legislation.

If you are not a Client but have signed-up to receive information from us and would like to be removed from our mailing lists, you may use the “unsubscribe” instructions in our newsletters or electronic communications, or email such request to privacy@impact.com or contact us by telephone or mail as further specified in the How to Contact Us clause of this Privacy Policy.

If you are a customer of one of our Clients, or a visitor to their website (or have downloaded one of our Client’s applications), please contact the Client to request access to your Personal Information, or to correct or have such information deleted. If you do contact Impact, Impact does not associate the data that we process on behalf of our Clients with any particular individual, and Impact may not be able to verify whether we have Personal Information that belongs to you.  See information below at How to Contact Us if you have questions regarding this policy or requests regarding your Personal Information.

Other Information

Log Data
Impact collects information that your browser or device sends whenever you visit our Website or use our Services, and we collect browser and device data as part of our Services for our Clients  (“Log Data”). When we collect this of our Clients, this Log Data may include information such as your computer’s IP address, browser type, browser version, the pages of our Website or Services that you visit, the time and date of your visit, the time spent on those pages, your activity on those pages and other statistics. In addition, we may use third party services such as Google Analytics that collect, monitor and analyze this type of information in order to increase our Services’ functionality. These third-party service providers have their own privacy policies addressing how they use such information. When you access the Services by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device’s unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, your location information and other statistics. Please see the section regarding Location Information below regarding the use of your location information and your options.

The Log Data that we collect for our Clients, of visitors to their website or mobile applications, includes the visitor’s computer or mobile device IP address, browser type, browser version, and the ads that you interact with.  If you are referred by one of our Clients to another’s website or application from interactions with the ads, we are passed information if you conclude an action there, such as the purchase of goods or services, signing-up for a newsletter or downloading an application. Impact does not receive your name, address, credit card, or other personally identifying information.

Location Information
In addition to Log Data, Impact may use and store information about Clients and Clients’ visitors’ location depending on the permissions that have been set on the relevant device. We use this information about our Clients to provide features of our Services and to improve and customize our Services. For our Clients’ visitors, Impact collects location information to attribute actions to particular Clients and for fraud prevention. You can enable or disable location services through your device settings.

Cookies
Cookies are files with a small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and transferred to your device. For visitors to our Website and our Clients’ visitors, we use cookies to collect information in order to perform and improve our Website and Services. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. The “Help” feature on most browsers provide information on how to accept cookies, disable cookies or to notify you when receiving a new cookie. If you do not accept cookies, you may not be able to use some features of our Website or Services (or our Clients’ websites) and we recommend that you leave them turned on.

Integrations

For Clients, you may enhance the Services by enabling Impact integrations with third-party products. If you provide third-party account credentials to us, you understand some content and/or information in those accounts (“Third Party Account Information”) may be transmitted into your account with us, and that Third Party Account Information transmitted to our Services is covered by this Privacy Policy. Further, Impact software may request permissions to take actions on your behalf using your third-party account credentials.

Service Providers

We may employ third-party companies and individuals (our “agents”) to facilitate our Services, to provide the Services on our behalf, to perform Service-related services and/or to assist us in analyzing how our Services are used. Examples may include processing and storing data, delivering messages, processing credit card payments, analyzing data, providing marketing assistance, supplementing the information you provide us in order to provide you with better service, and providing customer service. These third parties have access to your Personal Information only to perform specific tasks on our behalf and are under written obligation not to disclose or use your Personal Information for any purpose other than those disclosed in this Privacy Policy. We do not transfer data to non-agent third parties, except as indicated above in “Personal Information Collection and Use”.

Notwithstanding any legal and contractual obligations between us and our agents, we remain potentially liable for any misuse of your Personal Information.

Your Options for Communications

For Clients and our Website visitors that sign-up to be contacted, Impact may use your Personal Information to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.

Security of Personal Information

The security of your Personal Information is important to us, and we strive to implement and maintain reasonable, commercially acceptable security procedures and practices appropriate to the nature of the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the Personal Information we have collected from you.

International Transfer of Personal Information

Your Personal Information may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction, and in some cases be less stringent as compared to those of your own region. Our servers are located in data centers within the United States. Impact utilizes the EEA’s Standard Contractual Clauses for the purposes of transfers from the EEA to Impact and its Affiliates located outside of the EEA.  Regardless of where your information is processed, we apply the same protections described in this policy. Our Affiliates process Personal Information if necessary and appropriate for the business purposes (or legal basis) for which it was collected, and this may include if you have contacted the Affiliate directly for assistance or provide them directly with your information. Your consent to this Privacy Policy and your submission of Personal Information represents your agreement to those transfers.

Links to Other Sites

Our website and Services may contain links to other web sites or online locations that are not operated or controlled by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the privacy policy of every online site or location you visit. We have no control over, and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Children’s Privacy

Only persons who are age 18 or older have permission to access our Services. Our Services are not for access by anyone under the age of 18 (“Children”). We do not knowingly collect Personal Information from Children. If you are a parent or guardian and you learn that your Child has provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from a Child without verification of parental consent, we take steps to remove that information from our servers.

California Consumer Privacy Act (CCPA)

If the California Consumer Privacy Act (CCPA) applies to your Personal Information, we confirm that we are a Service Provider for our Clients and that we do not sell your Personal Information (which under the CCPA includes information about your household). We only share such Personal Information as described in this policy. Impact processes your Personal Information for the purposes described in this policy, which include the following “business purposes” under the CCPA:

Security. Impact uses and may disclose information to detect, prevent and respond to security incidents, and for protecting against other malicious, deceptive, fraudulent, or illegal activity. For example, to protect our Services, Impact may receive or disclose information about IP addresses that malicious actors have compromised.

Analytics & Services. Impact uses information for analytics to understand how our Services are used, as well as in the performance of our Services. We disclose data to our Clients pursuant to our agreements with them and their instructions, and this includes Personal Data of visitors to their websites and applications.  If instructed by a Client to delete Personal Data, we delete the data or anonymized it (including automatically after a set period of time).

Maintenance of our Services. Impact uses Personal Information of our Clients to ensure that our Services are working as intended, such as tracking outages or troubleshooting bugs and other issues that we observe or that are reported to us.

Research and Development. Impact uses Personal Information of our Clients concerning their use of our Services and to develop new products, features and technologies that benefit our Clients. We do not use Personal Information of our Clients’ visitors for these purposes.

Use of Service Providers. Personal Information is processed by our Affiliates and third-party Service Providers to perform services on our behalf, in compliance with our Privacy Policy and other appropriate confidentiality and security measures. For example, we utilize cloud storage solutions to store data that we process.

Compliance. Impact also uses information to satisfy applicable laws or regulations, and discloses information in response to legal process or enforceable government requests, including to law enforcement.

If the CCPA is applicable to you and you have additional questions or requests related to your rights under the CCPA, see How to Contact Us below.

Retention and Deletion

Impact retains Personal Data only as long as is reasonably necessary for the performance of its Services, and Personal Data of our Clients’ visitors is automatically deleted or anonymized after ninety days. When Impact is requested to delete Personal Data prior to such automatic deletion, we follow a process to make sure that genuine requests are honored. This involves verifying that the requestor is the individual that is the data subject, or, if the request comes from a Client about its visitors, we delete Personal Data as instructed by our Client. Since we do not collect personally identifiable information of our Client’s visitors, if the information comes directly from a Client’s visitor we may not be able to verify that we have any such data, or to match a request with a particular Client.

When deleting data, the Personal Data is completely removed from our servers or retained only in anonymized form. If we have collected Personal Data about you from more than one Client, we will delete all instances of the Personal Data that we have at the time of the request (to the extent that we are able to verify and match such data).  However, if you subsequently authorize or visit the same Client or another Client’s website or application, we will have processed your Personal Data in relation to such authorization or visit.

Privacy Policy Changes

We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of our website and/or the Services after we post any modifications to the Privacy Policy will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy. If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us, or by placing a prominent notice on our website.

How to Contact Us

If you have any questions about this Privacy Policy or requests concerning your Personal Information, please contact us at:
privacy@impact.com

Impact Tech, Inc.

223 E. De La Guerra Street
Santa Barbara, CA 93101

USA
+1 (805)-324-6021