Last updated: 31 March 2023
Konsus, Inc., and its subsidiaries (collectively, “Superside”, “we”, “us”, or “our”) are committed to protecting your information. This Privacy Policy (“Policy”) informs you how we collect, use, secure and share your personal information that we collect when you visit our Websites, use our Services, visit our branded social media pages, receive communication from us, register or attend our events or webinars, or ask questions about our products. We may change this Policy from time to time. We always indicate the date the last changes were published and we offer access to the last version of our Policy for your review.
This Policy may be updated from time to time. We will notify you of any material changes by posting the updated Policy on the Websites. We recommend consulting this Policy regularly for any changes. We may provide “just-in-time” disclosures or additional information about our data collection, use and sharing practices of specific services. These notices may supplement or clarify Superside’s privacy practices or may provide you with additional choices about how Superside processes your personal information.
We will not rent, sell, or share your Personal Information except in accordance with this Policy. If you do not feel comfortable with any part of this Policy, you should cease using our Websites and Services.
Contents
1. Policy Scope
2. Personal Information You Provide
3. Personal Information Automatically Collected
4. Personal Information We Collect From Other Sources
5. Why We Process Your Personal Information
6. Legal Basis for Processing Your Personal Information
7. Why We Share Your Personal Information
8. Security & Confidentiality
9. Retention
10. International Transfer of Personal Information
11. Privacy Rights and Choices
12. Notice to California Residents
13. Children’s Personal Information
14. Google Data Use Disclosure
15. Contact Us
1. Policy Scope
Superside is committed to protecting the privacy of individuals who interact with us. This Policy applies to the personal information we collect and use for our own purposes (i.e., as a “data controller”). We provide this Policy to explain the ways in which we collect, use, and share personal information about individuals who:
For purposes of this Policy “Websites”, shall refer collectively to www.superside.com, and the other websites that Superside operates and that link to this Policy, the term “Services” shall refer to any of our plans located on any of the Websites. The term “Subscriber” refers to an individual or legal entity that has agreed to an applicable agreement between you and any member of Superside relating to access and use of our Services (“Services Agreement”), including an individual representing the Subscribing company. The term “Account” refers to a Superside account or instance created by or on behalf of a Subscriber within the Services. The term “Users” shall refer to the individuals authorized to use our Services through a Subscriber’s Account.
In providing our Services, we may process certain personal information on behalf of our Subscribers as a “data processor”. In such cases, Subscribers to our Services act as data controllers. Such Subscribers are solely responsible for establishing privacy policies for and ensuring compliance with all applicable laws and regulations, agreements or other obligations, relating to the processing of personal information of individuals who use the Subscriber’s instance of our Services. If you are an individual who uses a Subscriber’s instance of our Services, then except as otherwise noted in this Privacy Policy, the processing of your personal information will be subject to the Subscriber’s privacy practices, and you should contact that Subscriber for assistance with any requests or questions relating to the processing of your personal information.
2. Personal Information You Provide
In this Policy, “personal information” means information relating to an identified or identifiable natural person. An identifiable person is one who can be identified, directly or indirectly, including by reference to an identification number or to one or more factors specific to his/her physical, physiological, mental, economic, cultural or social identity.
Account and Registration Information. If you are a Subscriber, we must process certain personal information about you such as first name, last name, IP address, email address, phone number, and, if applicable, credit card information to provide our Services (collectively “Account Information”), and name or alias for each of your Users. We may request documents to verify this information, such as a copy of your government-issued identification or photo, and we may authenticate it against third-party databases or request a credit report. By voluntarily providing us with this information, you represent that you are the owner of such personal information or are otherwise authorized to provide it to us, specifically, if you as a Subscriber provide us information related to the User, you represent that the User has not objected to such processing. We use a third-party intermediary to manage credit card processing.
User Information. We collect certain information automatically from Users through cookies and other tracking technologies when they use a Subscriber’s Account, subject to the applicable law’s consent requirements. We use this information to improve our services. In relation to all of the information that Users voluntarily provide when working in a Subscriber’s Account, the Subscriber is the data controller and we are a data processor.
3. Personal Information Automatically Collected
Cookies and Other Tracking Technologies. We and our authorized sub-processors use cookies and other information-gathering technologies for a variety of purposes.We also use cookies and other browser features that allow persistent or session storage on a user's device. These technologies may provide us with your personal information, information about devices and networks you utilize to access our Websites, and other information regarding your interactions with our Websites. We utilize persistent Cookies to save your registration ID and login password for future logins to the Websites and to track your compliance with our marketplace policies. We also utilize session ID Cookies to enable certain features of the Websites, to better understand how you interact with the Websites and to monitor aggregate usage by Users and web traffic routing on the Websites. Unlike persistent Cookies, session Cookies are deleted from your computer when you log off from the Websites and then close your browser. You can instruct your browser, by changing its options, to stop accepting Cookies or to prompt you before accepting a Cookie from the Websites. If you do not accept Cookies, however, you may not be able to use all portions of the Websites.
Logs. As is true with most websites and services delivered over the internet, we gather certain information and store it in log files when you interact with our Websites and Services. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your devices, your mobile carrier, and system configuration information. Occasionally, we connect personal information to other information gathered in our log files as necessary to improve our Websites and Services. In such a case, we would treat the combined information in accordance with this Policy. In addition, we may use third party services such as Google Analytics that collect, monitor and analyze this type of information in order to increase our Websites' functionality and user experience and to detect suspicious activity. These third-party service providers have their own privacy policies addressing how they use such information.
Session Replay Scripts. On our Services we may also use session replay scripts provided by third-party analytics service providers to better understand our users’ needs and to optimize our Services and user experience. These website analytics tools provide us :, session recordings of your activities on the Services, form analytics, feedback campaigns, and similar features and functionalities, including to assist in website debugging and customer service matters. Our session replay script providers may record your clicks, mouse movements, scrolling, form fills (keystrokes) in non-excluded fields, and other metadata such as IP address or device type.
Do Not Track. Some Internet browsers, like Internet Explorer, Firefox, and Safari, include the ability to transmit “Do Not Track” or “DNT” signals. Since Superside does not track Users over time and across third-party websites to provide targeted advertising, we therefore do not respond to DNT signals. Third parties cannot collect any other personally identifiable information from Superside unless you provide it to them directly.
We Do Not Collect Protected Health Information. Superside is not a HIPAA Business Associate and, therefore, is not HIPAA-compliant and should not be used to store any protected health information (“PHI”). You agree that uploading or storing any documents containing PHI would be a violation of our Terms of Use.
We Do Not Request Unsolicited Personal Information. To safeguard against the identity theft practice known as ”phishing”, we do not, and will not, at any time, request your credit card information, account ID, login password, or national identification numbers in a non-secure or unsolicited e-mail or telephone communication. We advise you to promptly report any email or telephone communication purporting to be from us in which such information is attempting to be collected. For more information about phishing, visit the Federal Trade Commissionʼs website at https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
4. Personal Information We Collect From Other Sources
Social Media Widgets. Our Websites may include social media features, such as the Facebook “Like” button, and widgets, such as the “Share This” button or interactive mini-programs that run on our Websites. These features may collect your IP address, which page you are visiting on the Websites, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on the Websites. Your interactions with these features are governed by the privacy policy of the companies that provide them.
Information From Third-Party Services. We may also obtain personal information from third parties and combine that with information we collect through our Websites. For example, we may have access to certain information from a third-party social media or authentication service if you log into our Services through such a service or otherwise provide us with access to information from the service. Any access that we may have to such information from a third-party social media or authentication service is in accordance with the authorization procedures determined by that service. By electing to use a third-party authentication service, you authorize us to process the personal information that the third-party service makes available to us, and to use and disclose it in accordance with this Policy. The disclosure of your personal information is subject to the third party’s privacy policy. You should check your privacy settings on these third-party services to understand the personal information sent to us through these services.
5. Why We Process Your Personal Information
We process your personal information to:
6. Legal Basis for Processing Personal Information
For individuals who are located in the European Economic Area, the United Kingdom or Switzerland, Japan or Brazil, at the time their personal information is collected, our legal basis for processing your information under the applicable laws will depend on the personal information at issue, the specific context in the which the personal information is collected and the purposes for which it is used. We generally only process your personal information where we are legally required to, where processing is necessary to perform any contracts we entered with you (or to take steps at your request prior to entering into a contract with you), where processing is in our legitimate interests to operate our business and not overridden by your data protection interests or fundamental rights and freedoms, or where we have obtained your consent to do so. In some rare instances, we may need to process your personal information to protect your vital interests or those of another person.
We process your information for the purposes described in this Policy, based on the following legal grounds:
When we are pursuing legitimate interests. We process your personal information for our legitimate interests and those of third parties. This means that we process your information for things like: providing, operating; maintaining, and improving our Services; enabling you to access and use the Services; promoting the Services; sending promotional communications, including through the use of tools or services that may provide us with personal contact information for potential job applicants or business contact information for prospective customers; monitoring and analyzing trends, usage, and activities in connection with the Websites and Services (subject to applicable law); investigating and preventing fraudulent transactions, unauthorized access to the Services, and other illegal activities; personalizing the Websites and Services.
When we are providing a service pursuant to a contract. We process your personal information to provide you with our Services pursuant to the Service Agreement or other contract between you and us. This means that we process your personal information to: enable you to access and use the Services; process transactions, and send you related information; provide customer service and support.
When we are complying with legal obligations. We process your personal information when we have a legal obligation to do so, for example, if we are responding to a legal process or an enforceable governmental request.
With your consent. In certain situations, we may request your consent to process your personal information for specific purposes and you have the right to withdraw your consent at any time.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us at dataprivacy@superside.com.
7. Why We Share Your Personal Information
We take care to allow your personal information to be accessed only by those who really need access in order to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it. We may share personal information about you with third parties in the following circumstances.
Third-Party Service Providers. We share your personal information with our third-party service providers that we use to provide hosting for and maintenance of our Websites, application development, backup, storage, payment processing, analytics and other services for us. A list of our third-party sub processors can be found by visiting https://www.superside.com/subprocessors. These third-party service providers may have access to or process your personal information for the purpose of providing these services for us. We do not permit our third-party service providers to use the personal information that we share with them for their marketing purposes or for any other purpose other than in connection with the services they provide to us.
Compliance with Laws and Law Enforcement Requests. To Protect Our Rights. In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may disclose personal information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Service Agreement or our Websites’ Terms of Use, available at: https://www.superside.com/terms-of-use, or as otherwise required by law.
Testimonials. From time to time, we may post testimonials on the Websites that may contain personal information. We obtain your consent to post your name along with your testimonial. If you wish to update or delete your testimonial after giving your consent, you can contact us at dataprivacy@superside.com.
Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, dissolution, corporate reorganization or similar event. We will inform any buyer that your personal information shall only be used in accordance with this Privacy Policy.
Interactive Areas. The Websites may offer feedback forms, comments sections, discussion forums, or other interactive features (“Interactive Areas”). You should be aware that any information that you post in an Interactive Area might be read, collected, and used by others who access it, in particular to Users who initiated the particular Interactive Area. To request the removal of your personal information from an Interactive Area, contact us at dataprivacy@superside.com. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
Superside Sharing. We may share information, including personal information, with any member of Superside.
With Your Consent. We may also share personal information with third parties other than the third parties mentioned in the above sections when we have your consent to do so.
8. Security & Confidentiality
We maintain (and require service providers to maintain) generally accepted, reasonable, and appropriate standards to protect your personal information, both during transmission and once it is received. For example, we employ physical access controls, encryption, Internet firewalls, intrusion detection and network monitoring depending on the nature of the information and the scope of processing. In deciding what is reasonable and appropriate, we take into account the risks involved and the nature of the information. However, no security procedures or protocols are ever guaranteed to be 100% secure. In the event that we are required by law to inform you of a breach of your personal information we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
If you have any questions about the security of your personal information, you can contact us at dataprivacy@superside.com.
9. Retention of Your Personal Information
We will retain personal information we collect from you where we have a justifiable business need to do so or for as long as is needed to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, legal, accounting or other purposes). When we have no justifiable business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
10. International Transfer of Personal Information
We primarily store personal information about Website Visitors and Subscribers within the European Economic Area (the “EEA”) and in the United States. To facilitate our global operations, we may transfer and access such personal information from around the world, including from other countries in which Superside has operations. If and when transferring your personal data from the EEA, United Kingdom or Switzerland, or via an onward transfer, we rely on the Standard Contractual Clauses adopted by the relevant authority as appropriate safeguards.
We will protect your personal information in accordance with this Policy wherever it is processed and will take appropriate contractual or other steps to protect the relevant personal information in accordance with applicable laws. We contractually obligate recipients of your personal information to agree to at least the same level of privacy safeguards as required under applicable data protection laws.
11. Your Privacy Rights and Choices
Marketing Communications. If you do not want to receive marketing email communications from us, you can opt-out by clicking on the “unsubscribe” link located at the bottom of our marketing emails or you may send a request to dataprivacy@superside.com.
Right to Correct or Update Your Information. You may request that we correct or update any inaccurate or incomplete personal information by contacting support@Superside.com. Subscribers to our Services may update or change their Account Information at any time by editing their profile or organization record or by contacting support@Superside.com for more detailed instructions.
Additional Rights for Certain Territories: If you reside in certain territories (such as the European Economic Area, Switzerland, the United Kingdom, Japan or Brazil), you may have the right to exercise certain privacy rights available to you under applicable law. If any of the rights listed below are not provided under law for your jurisdiction, we have the absolute discretion in providing you with those rights.
Your personal information rights are not absolute. Depending upon the applicable law, access to your rights under the applicable law may be denied: (a) when denial of access is required or authorized by law; (b) when granting access would have a negative impact on another’s privacy; (c) to protect our rights and properties; (d) where the request is frivolous or vexatious, or for other reasons.
Right not to provide consent or to withdraw consent: We may seek to rely on your consent in order to process certain personal information. Where we do so, you have the right not to provide your consent or to withdraw your consent at any time. This does not affect the lawfulness of the processing based on consent before its withdrawal.
Right of access and/or portability: You may have the right to access the personal information that we hold about you and, in some limited circumstances, have that data provided to you so that you can provide or port that data to another provider.
Right of erasure: In certain circumstances, you may have the right to the erasure of personal information that we hold about you (for example, if it is no longer necessary for the purposes for which it was originally collected).
Right to object to processing: You may have the right to request that we stop processing your personal information and/or stop sending you marketing communications.
Right to rectification: You may have the right to require us to correct any inaccurate or incomplete personal information.
Right to restrict processing: You may have the right to request that we restrict processing of your personal information in certain circumstances (for example, where you believe that the personal information we hold about you is not accurate or lawfully held).
Right to lodge a complaint to your local Data Protection Authority: You may have the right to lodge a complaint with your national Data Protection Authority or equivalent regulatory body.
To assert your privacy rights, please email dataprivacy@superside.com. Please note that to protect your privacy and security, we must be able to verify your identity before we can process your request to exercise any of the privacy rights that you may be entitled to under the applicable law. We may conduct the verification process by email or phone, and we may ask you to provide information such as your name, contact information, and any additional relevant information based on your relationship with us. You may also use an authorized agent to submit a request to opt out on your behalf if you provide the authorized agent signed written permission to do so. You may have other privacy rights if you are a California Resident, see our “Notice to California Residents” section below for more information.
Rights and Choices where Superside Acts as a Processor: An individual who seeks access to, or who seeks to correct, amend, or delete inaccuracies in personal information stored or processed by us on behalf of a Subscriber should direct his/her query to the Subscriber (the data controller)
Social Media Accounts: We maintain accounts with various social media networks. When you visit these social media networks, a variety of data processing operations are triggered. We use your personal information when you visit Our profiles on these social media networks, or when you click on the “like” button on one of our social media advertisements. When you visit Our profiles, your personal information is not only used by Us but also by the social network provider, regardless of whether you have a profile in the social network or not. The individual processing and its scope differ from provider to provider, and they are not completely transparent to Us. Details about the processing of the social network providers can be found in the relevant social media network’s Privacy Policy:
The social network providers collect your usage information to provide us with usage statistics.
12. Notice to California Residents
This notice to California residents is provided under California law, including the California Consumer Privacy Act (“CCPA”), Cal. Civ. Code 1798.100, et seq. as amended by the California Privacy Rights Act of 2020 (CPRA). The information provided below relates to the Personal Information, Superside process as a data controller, which is known as a “business” under the CCPA. If you are a California resident, this Section applies to you in addition to the rest of this Policy. The CCPA defines the terms “sell” and “sale” broadly to include the sharing of Personal Information with third parties for something of value, even if no money is exchanged. We do not sell users’ Personal Information as the term “sell” is commonly understood. We do not sell your Personal Information as part of our business processes.
Categories of Personal Information Collected. In the preceding 12 months, we have collected the following categories of Personal Information: identifiers (such as your name and contact information); commercial information (such as information about products or services you have purchased); internet or other electronic network activity information (such as your IP address, device identifier, and other information captured by online tracking technologies); and inferences drawn from the information collected about you. When you purchase a product or service from us, we may also collect the information described in Section 1798.80(e) of the California Civil Code (such as signature and credit/debit card number). For examples of the precise data points we collect and the categories of sources of such collection, please see Sections 3, 4, and 5 of this Policy.
Business or Commercial Purpose for Collecting and Using Personal Information. We collect the categories of Personal Information described in this Section for the business or commercial purposes described in Section 6 of this Policy.
Categories of Personal Information Disclosed and Categories of Recipients. In the preceding 12 months, we have disclosed the following categories of Personal Information for business or commercial purposes to the following recipients:
We may share identifiers with advertising networks, Internet service providers, data analytics providers, operating systems and platforms, social networks, payment processors, customer support partners, events and promotions partners, and fraud prevention partners.
We may share commercial information with data analytics providers, payment processors, customer support partners, and fraud prevention partners.
We may share internet and electronic network activity information with data analytics providers, operating systems and platforms, customer support partners, and fraud prevention partners.
We may share the information described in Section 1798.80(e) of the California Civil Code (such as signature and credit/debit card number) with: our affiliates and subsidiaries, our business partners, financial institutions, professional services organizations such as auditors and law firms, and other service providers.
We may share inferences with data analytics providers and fraud prevention partners.
We may also share the above categories of information with government entities as may be needed to comply with our legal obligations or prevent illegal or fraudulent activity.
Your Rights. For Personal Information collected by us during the preceding 12 months preceding your request that is not otherwise subject to an exception, California residents have the right to access and delete their Personal Information. We will not discriminate against those who exercise their rights. You have the following rights:
Use of Authorized Agent: You can designate an authorized agent to make a request under the CCPA/CPRA on your behalf provided that (1) it is a natural person or a business entity registered with the Secretary of State of California; and (2) you have authorized the authorized agent to act on your behalf in this regard. Authorized agents may email dataprivacy@superside.com to carry out requests on behalf of the party(ies) they represent. To protect your information, please note that we may take steps to verify your identity and we will also ask for signed permission from you authorizing the authorized agent to submit a request on your behalf.
We do not offer financial incentives to consumers based upon the retention or sale of a consumer’s Personal Information. As of the date of the last update and review of this Privacy Policy, we have no reason to believe that we have collected, disclosed, sold, or otherwise processed the Personal Information of more than 4 million California Consumers.
We do not perform Automated Decision Making on Personal Information collected from your use of our services.
If you are a California resident and you would like to exercise your rights described in this Policy, you can submit your request by emailing us at: dataprivacy@superside.com with the subject line “CCPA/CPRA Rights.” Except where we are required by law to maintain such information for record-keeping purposes, we will take steps to delete or anonymize any new Personal Information collected for the purpose of verification as soon as practical after processing your request. Please also be aware that making any such request does not ensure the complete or comprehensive removal or deletion of Personal Information or content you may have posted, and there may be circumstances in which the law does not require or allow us to fulfill your request, including for example, where fulfilling your request may infringe upon the rights and freedoms of other consumers.
13. Children’s Personal Information
We do not knowingly collect any personal information from children under the age of 16. If you are under the age of 16, please do not use or submit any personal information through our Websites or Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children never to provide personal information through the Websites or Services without parental permission. If you have reason to believe that a child under the age of 16 has provided personal information to us through the Websites or Services, please contact us at dataprivacy@superside.com, and we will use commercially reasonable efforts to delete that information.
14. Google Data Use Disclosure
Superside’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
15. Contact Us
If you have questions regarding this Policy or about the privacy practices of Superside, please contact us by email at dataprivacy@superside.com, or at: Konsus, Inc., Attn: Data Privacy, 1201 North Market Street, Suite 111, Wilmington, DE, 19801, United States of America.
Get a demo and discover how 450+ ambitious companies and 2,500 energized fans use Superside to free themselves from the shackles of limited budgets, broken processes and stretched in-house teams.