Prior to your use of the Service, we may request certain personal information about yourself, including, but not limited to, your: (i) first name and last name; (ii) email address; (iii) mailing address; (iv) telephone number(s); (v) organization information; and (vi) credit card information. Such personal information is considered “Personal Data,” which means information that can directly or indirectly identify you as a natural person. There are two types of Personal Data we may collect, including “regular data” and “special categories of personal data.” Regular data may include your name, address, email address, photo, IP address, geographical location data, online behavior (cookies), profiling and analytics data. Special categories of personal data would include race, religion, political opinions, trade union membership, sexual orientation, health information, biometric data, and genetic data. No special categories of personal data is collected by Wildnote.
Additional information, which may not identify you (as described below) and other Personal Data may include: browser type and version, operating system, information about your visits to and use of the Service including the referral source, length of visit, page views, and website navigation paths; email address, profile information that you voluntarily provide to us, including, e.g. profile pictures, gender, birthday, relationship status, interests and hobbies, educational details, employment details, and credit card information. Information may also include your click history, the times and dates at which you access the Service, the particular portions of the Service you use, and the details of transactions you conduct using the Service.
Personal Data may be collected and/or used by us as a “Controller” as such term is defined in the European Union General Data Protection Regulation (“GDPR”), or our “Processor” designee, which is also defined within the GDPR. A “Controller” is a person or entity that determines the purposes and means of the processing of personal data. As such, we will endeavor to implement appropriate technical and organizational measures to ensure that such processing activities, if any, protect your privacy. A “Processor” stores or maintains data on behalf of a Controller, but does not decide which items of personal data are going to be stored, or how that data is used.
Whether as a Controller or Processor, we will adhere to the following data protection (privacy) principles. Personal Data will be processed lawfully, fairly and transparently. Upon request, we will be clear and transparent about how your personal data is going to be processed, by whom and why. Personal Data will be collected only for specific legitimate purposes, and it will be relevant and limited to that which is necessary. Provided that you communicate to us updated information, we will keep your Personal Data accurate and up to date. We will only store it for so long as is necessary, and we will ensure appropriate security, integrity and confidentiality against unauthorized processing and against accidental loss, destruction or damage.
In the event of any data breach, you will be notified without undue delay and, in no event, later than 72 hours of our discovery of any such breach, including whether we believe there is any risk to your rights and freedoms (e.g., identity theft and personal safety). There is an exception where the data breach is unlikely to result in any harm to you. In the event of a breach, you will be notified of: (1) a description of the data breach, including the number of data subjects affected and the categories of data affected; (2) the name and contact details of our privacy personnel; (3) the likely consequences of the data breach; and (4) any measures taken to remedy or mitigate the breach. We may be exempt if the risk of harm is remote because the affected data are protected (e.g., through strong encryption), we have taken measures to protect against the harm (e.g., suspending affected accounts), or the notification requires disproportionate effort (in which case a public notice of the breach is required). We will keep records of all data breaches, including the facts and effect of the breach and remedial action taken. Credit card information is used solely for billing purposes, and is encrypted and transmitted securely via HTTPS to Stripe (our payment processing provider) for processing. More information on Stripe security is available here. Your credit card information is never stored on the Service’s systems anywhere.
We may also record information about your use of the Service, such as your local internet address.
Your personal information remains your property at all times, subject to the permissive uses granted hereunder.
Personal information, i.e. Personal Data, submitted to us through our app or website will be used for the purposes specified in this policy. We may use your personal information for the following:
If you submit Personal Data for publication on our website, we will publish and otherwise use that information in accordance with the license you grant to us.
We will not, without your express consent, supply your Personal Data to any third party (other than our Processor) for their or any other third party’s direct marketing.
IN ACCORDANCE WITH THE ABOVE STATEMENT, YOU HEREBY ACKNOWLEDGE, UNDERSTAND AND AGREE THAT, BY REGISTERING AN ACCOUNT WITH THE SERVICE, YOU EXPRESSLY CONSENT TO THE USE OF YOUR PERSONAL DATA FOR THE PURPOSES DESCRIBED ABOVE.
Personal Data will be stored in the cloud by our Processor. Personal Data will be stored in a manner that ensures appropriate security, integrity and confidentiality and secured against unauthorized processing, accidental loss, destruction or damage. We will take reasonable technical and organizational precautions to prevent the loss, misuse, or alteration of your Personal Data. We will store the Personal Data you provide on our secure (password and firewall-protected) servers. All electronic financial transactions entered into through our app or website will be protected by encryption technology. You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet. You are responsible for keeping the password you use for accessing our app or website confidential; we will not ask you for your password (except when you log in to our website).
Personal Data will be stored in a format that allows for easy portability. Portability means the Personal Data will be stored in a manner that allows you to obtain and reuse your Personal Data for your own purpose by transferring it to a different environment. Upon your written request, you will be provided with the ability to access your Personal Data to verify its accuracy, download it in an easily-portable format or request a copy of your Personal Data being processed.
Personal Data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
You further have the right to object in writing to the processing of your Personal Data. In such case, the Personal Data will not be processed, unless we demonstrate compelling and legitimate grounds for the processing that override your interests, rights and freedoms, or we require the data to establish, exercise or defend legal rights. You further have the right to object to the processing of your Personal Data for the purpose of direct marketing, including profiling. Where Personal Data are processed for scientific and historical research purposes or statistical purposes, you have the right to object, unless the processing is necessary for the performance of a task carried out for reasons of public interest. If you object to the processing of your Personal Data, you agree to the termination of your access to the Service in the event that we determine, in our sole discretion, that we are unable to provide the Service due to your objection to the processing of your Personal Data. This objection right is given free of charge, although we may charge a reasonable fee for repetitive requests, manifestly unfounded or excessive requests for additional copies of information you request.
Upon termination of the Service for any reason, and upon your written request, your Personal Data may be erased. Additionally, you have the right at any time to demand that inaccurate or incomplete Personal Data are erased or rectified. You have the right of erasure if:
You have the right to obtain the following information:
We will not refuse to give effect to your rights unless we cannot identify you through the use of reasonable efforts to verify your identity. Where we have reasonable doubts as to your identity, we may request the provision of additional information to confirm your identity.
You may restrict processing of your Personal Data, meaning the Data may only be held by us, and may only be used for limited purposes, if the accuracy of data is contested (and only for as long as it takes to verify accuracy), the processing is unlawful and you request restriction (as opposed to exercising the right to erasure), we no longer need the Data for their original purpose but the Data are still required by us to establish, exercise or defend legal rights; or verification of overriding grounds is pending in the context of an erasure request.
We may disclose your Personal Data to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors, subsidiaries or parent companies as reasonably necessary for the purposes set out in this Policy. We may disclose your personal information:
Except as provided in this Policy, we will not provide your Personal Data to third parties.
Information that we collect may be stored, processed in, and transferred between any of the Information that we collect may be stored, processed in, and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this policy. Information that we collect may be transferred to the following countries, which do not have data protection laws equivalent to those in force in the European Economic Area: the United States of America. Personal information that you publish on our website or submit for publication on our website may be available, via the internet, around the world. We cannot prevent the use or misuse of such information by others.
You expressly agree to the transfers of personal information described in this Section.
We do collect IP addresses of devices accessing the Service in our server logs, as well as information like internet domains, the date and time of a visit, and the pages accessed on the Service. This information is used solely for diagnostic and analytical purposes in order to improve the Service.
As you browse wildnoteapp.com, cookies can be placed on your computer so that we can understand what you are interested in. Our display advertising partners, AdRoll and Google, then enable us to present you with retargeting advertising on other sites based on your previous interaction. The techniques our partners employ do not collect personal information such as your name, email address, postal address, or telephone number. You can visit this page to opt out of AdRoll’s and their partners’ targeted advertising.
To opt-out of all further contact initiated by us, and to forestall our further use or disclosure of your personal information, email us any time. Opting out of all communication in this manner means that you must discontinue all use of the Service.
05 Jun 2019: Complete revamp based on GDPR requirements
Wildnote is a configurable software-as-a-service (SaaS) environmental consulting automation platform that helps you become more competitive, efficient, and profitable. We offer annual subscriptions with pricing based on the number of full-year and seasonal licenses, customizations, and support required.