HEARSAY Systems

Privacy policy

Last updated: February 16, 2022.
Read now

Hearsay Social, Inc. (“Hearsay”), is a web and mobile-based software platform that allows financial services and insurance companies (“Customers”) and their employees and/or designated agents with access to the Services (“Users”) to utilize electronic communications channels (such as social media, websites, email, mobile voice and text message) to communicate with clients and prospects (“SaaS Services”).

This Privacy Policy applies to Hearsay’s Website and Hearsay’s SaaS Services; collectively “Services.” This Privacy Policy contains details about how we collect, use, disclose, process, share and secure personal information that we obtain from and about you when you interact with our Services. Our collection and processing of information that alone or in conjunction with other information may reasonably identify you (“Personal Information”) may be either for our own purposes, or on behalf of other entities to whom we provide services.

If you have any questions regarding the collection and processing of Personal Information performed by us on behalf of another entity please consult that entity’s privacy policy.  If, after reviewing this Privacy Policy, you have any questions or privacy concerns, please send us an email to privacy@hearsaycorp.com (see the How to Contact Us about Privacy section). We are committed to protecting the privacy of those with whom we interact.

For purposes of this Privacy Policy, the words “our,” “us,” “we,” and “Hearsay” refer to Hearsay Social, Inc., and our affiliates (which includes any person or entity that controls us, is controlled by us, or is under common control with us, such as our subsidiary, parent company, or our employees).

For the purpose of this Notice, Personal Information shall by interchangeable with Personal Data, and each shall have the meaning assigned to it by applicable laws, including, but not limited to, information that directly or indirectly, on its own or in conjunction with other information, identifies an individual. Please read this Notice carefully.

IF YOU ARE CALIFORNIA RESIDENT: If you are a resident of California, this entire Privacy Policy applies to you. However, please see Additional Information for California Residents below, which will inform you in detail about our information collection practices and your specific rights.

IF YOU ARE AN INDIVIDUAL LOCATED IN THE EEA: If you are located in the European Economic Area (“EEA”), this entire Privacy Policy applies to you. However, please see Additional Information for Individuals in the EEA below, which will inform you in detail about our legal bases for processing and which rights you have in connection with our processing of your personal data.

Applicability

We collect information in several contexts as described below. This policy also does not apply to information we collect in connection with providing services to our business clients, where we act as a service provider and process Personal Information in accordance with their instructions (see “Hearsay Processor and Service Provider Data”).  Such information is subject to the Privacy Policies of the other financial institutions. 

This Policy applies only to Hearsay operated services and applications, including our online services and Website. Our Website may contain links to other websites that are not operated or controlled by Hearsay. Hearsay does not control such third-party websites or their privacy practices. Any personal information you choose to give to third-party websites is not covered by this Notice.

Changes to this Privacy Policy

Hearsay may update this Privacy Policy from time to time, in its sole discretion. If we do so, we will post an updated Privacy Policy on the Hearsay Website and provide prompt written notice of such updates, as applicable. Changes, modifications, additions, or deletions will be effective when posted unless stated otherwise. If we make material or significant changes, we may also send our Customers a notice that we have changed this Privacy Policy. Your continued use of the Hearsay Website and Services, and/or your continued provision of personal information to us after the posting of such notice, will be deemed an acceptance of any changes and subject to the terms of the then-current Privacy Policy. If any of the changes are unacceptable to you, you should cease interacting with us. When required under applicable law, we will seek affirmative consent from you before making material changes to the way we handle Personal Information previously collected from you. If you do not provide such consent, Personal Information will continue to be used in a manner that is consistent with the version of this Notice under which it was collected.

International Transfers

We are located in the United States, and the personal information that we collect is stored on servers located in the United States. This means that your Personal Information will be collected, processed, and stored in the United States, which may have data protection laws that are different from (and sometimes less protective than) the laws of your country or region, such as the General Data Protection Regulation 2016/679 (“GDPR”) in the European Union.

By sending us Personal Information, you agree and consent to the processing of your personal information in the United States, which may not offer an equivalent level of protection to that required in other countries (particularly the European Union).

We have implemented safeguards designed to ensure that the Personal Information we process remains protected in accordance with this Privacy Policy, including when processed internationally or by our third-party service providers and partners. The safeguards we may take at our discretion include, for instance, entering into specific agreements in connection with any onward transfers of personal information. We may implement other mechanisms and take similar appropriate safeguards with our third party service providers and partners. Further details can be provided upon request.

Who We Are

Hearsay acts  as a ‘data controller’ when it collects personal information on its own behalf and for its own business purposes, such as through our publicly-accessible Hearsay Website, and  as a ‘data processor’ when it collects and processes personal information on behalf of its Customers in order to provide the SaaS Services.  As such, this Privacy Policy is separated into two main sections that address our different roles:

  1. Hearsay Website (Controller and Business Data).  This Section describes the type of personal information (or personal data, as used interchangeably) that we collect for our own business purposes, such as from the Hearsay Website or from our Customers, as well as how we use and disclose such information.
  1. Hearsay Processor and SaaS Service Provider Data.  This Section describes the type of personal information that we collect on behalf of our Customers in order to provide our SaaS Services.

Please note that how you exercise certain rights will depend on whether Hearsay is processing your personal information as a ‘data controller’ or as a ‘data processor’, and is further explained throughout this Privacy Policy:

How to Contact Us about Privacy

If you are a visitor of the Hearsay Website or a Customer and have any questions about this Privacy Policy or requests for access to or deletion or rectification of personal information that Hearsay collects and processes contact us at privacy@hearsaycorp.com or by mail at:

Attn: Legal Department

Hearsay Social, Inc. d/b/a Hearsay Systems
600 Harrison Street, Suite 120
San Francisco, CA 94107
United States of America

Individuals in the EEA may contact Hearsay at:

Attn: Legal Department 
Hearsay Social, Inc. d/b/a Hearsay Systems
Koztelek utca 6, 1147 Budapest
privacy@hearsaycorp.com 



Hearsay Website and Services (Controller and Business Data)

Below is a description of the personal information that we gather from you as a visitor to Hearsay Website, which includes https://hearsaysystems.com and other websites where this Privacy Policy is posted.  Information about personal information collected through the account portal and the Saas Services can be found in the Hearsay Processor and SaaS Service Provider Data section below.

In this section, “you” refers to an individual visiting the Hearsay Website.

Personal Information We Collect

When you visit the Hearsay Website, we collect information directly from you when you provide it to us, such as when you request a demo, and indirectly, such as through the use of cookies and similar technology.

Information Collected Directly from You

Visiting the Hearsay Website

Some pages of the Hearsay Website allow you to fill out a web form and share your personal information with us directly, such as on our “Contact Us” page and on our “Submit a request” page. Information we collect consists of:

  • Name
  • E-mail address
  • Country of residence
  • Phone number
  • Company name
  • Job title and position

Occasionally, we may also offer opportunities for you to share your data with us such as through a survey, to sign up for a newsletter, or to register for or receive details about an event we are sponsoring. If you participate in those surveys, sign up for a newsletter, or register for an event, we will collect the information you provide to us at that time. You will be able to unsubscribe from receiving those types of communication at any time.

In addition, if you send us an email or otherwise contact us, we will collect the personal information that you provide to us at that time.

Information Collected Indirectly

When you visit the Hearsay Website, we, or authorized third parties, collect information, including Device and Usage Information described below, by automated means using cookies, web beacons, server logs or other tracking technologies for analytic purposes. For more information on our use of these technologies and the data that they collect, please see our Cookie Statement. We may also collect information from third parties, as explained below.

Device and Usage Information

When you visit, use or interact with the Hearsay Website, even if you do not have an account, we, or authorized third parties (such as service providers or External Ad Partners (as defined in the Targeted Advertising section below), may collect information about your use of the Hearsay Website via your device. Device and Usage Information that we, or these authorized third parties, collect consists of:

  • Information About your Device:  information about the devices and software you use to access the Hearsay Website – primarily the internet browser or mobile device that you use, the website or source that linked or referred you to the Hearsay Website, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device on the Internet), the operating system of your computer or mobile device, device screen size, and other similar technical information.
  • Usage Information:  information about your interactions with the Hearsay Website, including access dates and times, hardware and software information, device event information, crash data, and cookie data. This information allows us to understand the screens that you view, how you have used the Hearsay Website (which may include administrative and support communications with us or whether you have clicked on third party links), and other actions on the Hearsay Website. We, or our authorized third parties, automatically collect log data when you access and use the Hearsay Website, even if you have not created an account or logged in. We use this anonymized information to administer and improve the Hearsay Website, analyze trends, track users’ use of the Hearsay Website, and gather broad demographic information for aggregate use.
  • Location Data:  we, or authorized third parties, collect your location data, including city, metro code, zip code, state, country, latitude and longitude, and area code through your IP address. To disable the collection of precise location information from your mobile device through the Hearsay Website, you can access your mobile device settings and choose to limit that collection.


Information from Third Parties

In some instances, we process personal information from third parties, such as data from our External Ad Partners (see the Targeted Advertising section below). These third parties may also use tracking technologies to serve you advertisements tailored to interests you have shown by browsing on this Website and other sites, applications, destinations, and services you have visited, and for other lawful business purposes.

To provide you with more relevant and interesting experiences, we may work with third party companies to display ads or customize the content on this Website and on other digital properties and websites. These companies may use cookies and similar tracking technologies as described in this Notice to gather information about your visits to our Website, as well as your visits elsewhere on the Internet. These companies use this information to provide you with more relevant advertising known as interest-based advertising. 

Why We Collect Your Personal Information and How We Use It

We, or our authorized partners, collect and process personal information in order to:

  • Provide you the Hearsay Website and our Services;
  • Ensure that the Hearsay Website is operational and optimized for user experience, as well as enforce our agreements with you if necessary
  • Improve the content and general administration of the Hearsay Website
  • Enhance user experience, including to provide you with customer support or to personalize your experience
  • Detect fraud, illegal activities, or security breaches
  • Enable third parties to deliver advertising to you
  • Provide you with notices regarding Services that you have purchased or may wish to purchase in the future including, in some cases, to send you direct marketing communications regarding other services that we may think are of interest to you
  • Respond to your queries and requests, or otherwise communicate directly with you
  • Perform system maintenance and upgrades, and enable new features
  • Understand how you access and use the Hearsay Website in order to provide technical functionality, develop new products and services, and analyze your use of the Hearsay Website, including to conduct statistical analyses and analytics
  • Provide information to regulatory bodies, when legally required, and only as outlined in this Privacy Policy
  • To comply with applicable law or protect the rights or property of Hearsay, our Customers or others.

Additionally, we may disclose information about users (i) if it is required to do so by law or legal process; (ii) as may be required to law enforcement authorities or other government officials, (iii) when it believes disclosure is necessary or appropriate to prevent physical harm, financial loss or in connection with an investigation of suspected or actual illegal activity, or (iv) to respond to claims by third parties.

For California residents, please see the Additional Information for California Residents Section below for more information on specific purposes of collection for each category of personal information collected in the past 12 months as a “Business” under the California Consumer Privacy Act of 2018.

For individuals located in the EEA, please see the Additional Information for Individuals in the EEA Section below for more information, including our legal bases for processing. 

Disclosure of Your Personal Information 

We disclose your Personal Information under certain circumstances, such as to our service providers or in the event of a business transfer, as further described below.

Third Parties and Service Providers

Hearsay may share Personal Information with our third party agents, contractors, or service providers who are hired to perform services on Hearsay’s behalf or in order to assist with certain business purposes. These providers may operate or support certain functions of the Hearsay Website and Services. Below is a list of categories of service providers that we may use to perform these functions (which are subject to change):

  • Analytics services
  • Customer support services
  • Event sponsors
  • Hosting and content delivery network services
  • Communication tools
  • Professional service providers, such as auditors, lawyers, consultants, accountants and insurers

Service providers process your Personal Information for the specific purpose of providing their services to us (and in accordance with our instructions). 

As explained here, we also work with and disclose Personal Information to External Ad Partners who assist us with advertising and marketing our Services.

In some cases, service providers and External Ad Partners collect your Personal Information directly from you, such as via cookies.

Affiliates

We may share data collected from you from the Hearsay Website with our affiliate entities.

Business Transfers

As we continue to grow, we may purchase websites, applications, subsidiaries, or other businesses or business units. Alternatively, we may sell businesses or business units, merge with other entities, obtain financing, and/or sell assets or stock, in some cases, as part of a reorganization or liquidation in bankruptcy. In order to evaluate and/or as part of these transactions, we may transfer your personal information to a successor entity upon a merger, consolidation, or other corporate reorganization in which Hearsay participates, to investors and/or to a purchaser or acquirer of all or a portion of Hearsay’s assets, including bankruptcy.

Aggregated or Anonymized Information

We share anonymized, aggregated, automatically-collected, or otherwise non-personal information with third parties for various purposes, including (i) compliance with reporting obligations; (ii) business or marketing purposes; (iii) assistance for us and other parties in understanding our users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, and/or functionality available through the Services. We do not share personal information about you in this case.

Legal Obligations and Security

Hearsay may preserve or disclose your personal information in limited circumstances (other than as set forth in this Privacy Policy), including: (i) with your consent; (ii) when we have a good faith belief it is required by law, such as pursuant to a valid subpoena, warrant, or other judicial or administrative order (as further explained below); (iii) to protect the safety of any person; (iv) to protect the safety or security of the Hearsay Website and/or Services or to prevent spam, abuse, or other malicious activity of actors with respect to the Hearsay Website and/or Services; or (v) to protect our rights or property or the rights or property of those who use the Hearsay Website and/or Services.

If we are required to disclose personal information by law, such as pursuant to a subpoena, warrant, or other judicial or administrative order, we will use reasonable efforts to provide you with notice of this disclosure requirement, unless we are prohibited from doing so by statute, subpoena or court or administrative order. Our policy is to respond to requests that are properly issued by law enforcement within the United States or via mutual legal assistance mechanism (such as a treaty), and to object to requests that we do not believe were issued properly. However, if we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person, we may provide information to law enforcement trying to prevent or mitigate the danger (if we have it), which will be determined on a case-by-case basis.

Information from Children

Our Website is intended for individuals 18 years of age and older. It is not directed at, marketed to, nor intended for, children under 18 years of age. We do not knowingly collect any personal information directly from children under the age of 18. If we discover we have inadvertently received any personal information from a child under the age of 18 in violation of this Policy, we will take reasonable steps to delete that information as quickly as possible. If you believe that we have any personal information from or about anyone under the age of 18, please contact us at privacy@hearsaycorp.com.

Analytics

The Hearsay Website uses third-party analytics tools that drop cookies and/or similar technologies to collect and store information about your device and use of the Hearsay Website. We use analytics tools to calculate visitor, session and campaign data for the Hearsay Website analytics reports.

One of our tools is Google Analytics. You can read more about Google’s practices in Google’s privacy policy. You can opt-out from being tracked by Google Analytics in a particular browser on a particular device by downloading and installing the Google Analytics Opt-out Browser Add-on for that browser.

Another tool is the LinkedIn Insight Tag. You can read more about LinkedIn’s practices in LinkedIn’s privacy policy. LinkedIn only provides reports and alerts (which do not identify LinkedIn members) about the Hearsay website audience and ad performance (LinkedIn does not share the personal data of its members with Hearsay). LinkedIn members can control the use of their personal data for advertising purposes through their account settings.

Marketing & Advertising
Direct Marketing

We market our company and Services in a variety of ways.  Below is a description of what data we gather from you, and how we use it for purposes of these marketing activities. We gather information from or about you in the following different roles:

  • Individuals, entities and others who have no relationship with Hearsay, meaning that Hearsay has acquired data about them through a third party (“Leads”)
  • Individuals, entities or others who have contacted Hearsay or otherwise inquired about Hearsay’s products or services 
  • Customers and Users

Occasionally, we may also offer opportunities for you to share your data with us such as through a survey, to sign up for a newsletter, or to register for or receive details about an event we are sponsoring. If you participate in those surveys, sign up for a newsletter, or register for an event, we will collect the information you provide to us at that time. You will be able to unsubscribe from receiving those types of communication at any time.

In some cases, you provide personal information directly to Hearsay as part of a marketing event that Hearsay hosts or co-hosts, through email or when you participate in an online webinar.  Occasionally, and only with your consent, we may send you future communications.  We may also acquire personal information about you through a third party. In particular, Hearsay engages third parties who provide us with contact information for Leads. When acquiring information from third parties, Hearsay endeavors to obtain contractual commitments from the third parties that the information was acquired lawfully and with the appropriate level of consent. 

Our communications to you for marketing purposes will contain instructions on how you can opt-out from receiving future communications, and if you consent to our use of your personal information for marketing purposes, you may always withdraw your consent. You may also contact Hearsay directly about its marketing activities at privacy@hearsaycorp.com.

Targeted Advertising

Hearsay engages third-party advertising networks (“External Ad Partners”) to display advertising about our Services when you visit other websites within that advertising network. Like many other companies, we rely on retargeting, also known as remarketing, which is a type of marketing strategy that helps businesses “remind” visitors of their products and services after they leave their websites. For instance, through the use of cookies (and similar technologies) placed by External Ad Partners, online identifiers (considered personal information) are collected and then used to identify visitors to the Hearsay Website on other websites or social media platforms. With this information our External Ad Partners may serve relevant ads on consumers who previously visited the Hearsay Website. 

Individuals in the EEA or California residents have additional rights, as explained here and here.

Social Media 

Hearsay maintains an online presence on social media platforms (“Social Media Platforms”) such as Instagram, Twitter, Facebook and Linkedin, to provide information about our Services and communicate with users and/or visitors to those pages or accounts. When you interact or post to our account, we process your personal information. In some cases, the Social Media Platforms are service providers or processors. In other cases, such as with Facebook, we are jointly responsible for the processing, as explained in the section titled Hearsay as a ‘Joint Controller’ with Facebook.

How We Secure Personal Information

We use reasonably appropriate security measures designed to protect the security of personal information both online and offline. These measures vary based on the sensitivity of the information that we collect, process and store and the current state of technology. Please note, though, that no website or internet transmission is completely secure, so while we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.

Do-Not-Track Signals

Certain internet web browsers allow a “do not track” (DNT) setting that relies on a technology known as a DNT header, which sends a signal to websites visited by the individual about the individual’s browser DNT setting. At this time, we do not currently respond to DNT signals, whether that signal is received on a computer or on a mobile device.  

Hearsay Website

How you make choices about cookies and other tracking technologies depends on the type of cookie or tracking technology being used. For details on how to manage your preferences for cookies and tracking technologies within your web browser, please see our Cookie Statement

Marketing Activities  

If you are receiving promotional emails from us, you can choose to stop receiving those by following the unsubscribe/opt-out instructions in those emails. You can also opt-out by contacting customer support at support@hearsaycorp.com.

Accessing and Changing Your Information

To request access to, or to make changes to, data that we have collected from you via the Hearsay Website, please email us at privacy@hearsaycorp.com. Individuals in the EEA or California residents have additional rights, as explained here and here.

Additional Information for Individuals in the EEA
Categories of Recipients of Personal Data

The categories of recipients of personal data with whom we may share your personal data are listed in Disclosure of Your Personal Information above.

Purpose(s) of the Processing and Legal Bases

Hearsay as ‘Data Controller’

As a ‘data controller’, Hearsay processes your personal information for a number of different purposes. Some are essential for us to provide the Services or to fulfill our legal obligations, some help us run the Services efficiently and effectively, and some enable us to provide you with more relevant and personalized offers and information. In all cases, with respect to individuals in the EEA, we must have a reason and a legal ground for processing your personal information. The most common legal grounds on which we rely are briefly explained below:

  • Performance of a Contract: we may process your personal data in order to enter into, or perform a contract to which you are a party – in other words, your ability to use the Services - for instance, when a Customer signs up for the Services.
  • Legitimate Interests: we may process personal data where it is necessary for our legitimate business interests, but only to the extent that they are not outweighed by your own interests or fundamental rights and freedoms. We generally rely on legitimate interests to provide and maintain the Hearsay Website and the Services and ensure that they work well (and securely), to carry out fraud prevention, and to generally improve the Services. When we rely on this legal basis, if required, we will carry out a legitimate interest assessment to ensure we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws.

  • Consent: We rely on consent where it is required, such as when we are asking you to confirm your marketing preferences. When we rely on consent, you will be asked to confirm that you give your permission to Hearsay to process your personal data. You have the right to withdraw your consent at any time if you no longer want to be part of the Hearsay processing activity where your consent was sought.
  • Legal Obligation: Hearsay may have legal obligations to retain and/or disclose your personal data, or may cooperate in a legal or governmental investigation. It is essential that Hearsay complies with its legal, regulatory, and contractual requirements, so if you object to this processing, Hearsay will not be able to provide its Services to you.

The following breakdown illustrates in more detail our processing activities and how the above legal bases for processing apply (in brackets):

  • Provide you the Hearsay Website and our Services [Legal Basis: Performance of a Contract]
  • Ensure that the Hearsay Website is operational and optimized for user experience, as well as enforce our agreements with you if necessary [Legal Basis: Legitimate Interests or Performance of a Contract, depending on the specific use]
  • Improve the content and general administration of the Hearsay Website and the Services [Legal Basis: Legitimate Interests]
  • Enhance user experience, including to provide you with customer support or to personalize your experience [Legal Basis: Legitimate Interests]
  • Detect fraud, illegal activities, or security breaches [Legal Basis: Legitimate Interests]
  • Enable third parties to deliver advertising to you [Legal Basis: Legitimate Interests or Consent, depending on the specific circumstances]
  • Provide you with notices regarding Services that you have purchased [Legal Basis: Performance of a Contract]
  • Providing you information about Services that you may wish to purchase in the future including, in some cases, to send you direct marketing communications regarding other services that we may think are of interest to you [Legal Basis: Legitimate Interests]
  • Respond to your queries and requests, or otherwise communicate directly with you [Legal Basis: Legitimate Interests or Performance of a Contract, depending on the specific use]
  • Perform system maintenance and upgrades, and enable new features [Legal Basis: Legitimate Interests]
  • Understand how you access and use the Hearsay Website in order to provide technical functionality, develop new products and services, and analyze your use of the Hearsay Website, including to conduct statistical analyses and analytics [Legal Basis: Legitimate Interests]
  • Provide information to regulatory bodies when legally required, and only as outlined in this Privacy Policy [Legal Basis: Compliance with a Legal Obligations] 
Hearsay as a ‘Joint Controller’ with Facebook

We use Facebook’s products and services (“Facebook Products”) in different ways:

  • To advertise our Services, as well as to communicate with interested parties or prospects, we also have a presence on Facebook (including Instagram)
  • Through Facebook’s social plugins as explained here

With respect to our use of Facebook Products, we are jointly responsible with Facebook Ireland for the processing activities (“Joint Processing”):

Facebook Ireland Ltd., 
4 Grand Canal Square, Grand Canal Harbor
Dublin 2, Ireland 

Information about the personal data that is collected from you by Facebook, as well as how and why it is processed by Facebook, can be found at https://www.facebook.com/about/privacy.

Hearsay and Facebook have entered into an agreement in order to determine the respective responsibilities for compliance with our obligations in connection with the Joint Processing within the meaning of the GDPR. This joint controller agreement, which sets out the reciprocal obligations, is available here.

Hearsay’s legal basis for processing your personal data via Facebook Products is our legitimate interest in increasing and analyzing the communication, sales, and promotion of Services. Our legal basis may also be your consent, which may be revoked at any time.

PLEASE NOTE THAT FACEBOOK IRELAND IS RESPONSIBLE FOR ENABLING DATA SUBJECTS’ RIGHTS UNDER ARTICLES 15-20 OF THE GDPR WITH REGARD TO THE PERSONAL DATA STORED BY FACEBOOK IRELAND IN CONNECTION WITH THE JOINT PROCESSING, AS FURTHER DESCRIBED IN FACEBOOK’S PRIVACY POLICY. TO EXERCISE YOUR RIGHTS, PLEASE GO TO YOUR FACEBOOK SETTINGS OR CONTACT FACEBOOK AS SET FORTH IN ITS PRIVACY POLICY.


Some processing by Facebook Ireland Ltd. might take place in the United States by Facebook Inc.

How Long Do We Keep Your Personal Information?

We use the following criteria to determine our retention periods: the amount, nature and sensitivity of your information, the reasons for which we collect and process your personal data, the length of time we have an ongoing relationship with you and provide you with access to our Services, and applicable legal requirements. We will retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to comply with applicable legal, tax, or accounting requirements), when we are unable to reasonably verify your identity, or as may otherwise be required under GDPR. Additionally, we cannot delete information when it is needed for the establishment, exercise, or defense of a legal claim (also known as a “litigation hold”). In this case, the information must be retained as long as needed for exercising respective potential legal claims.

When we no longer have a legitimate business need to process your personal information, it is deleted and/or anonymized. If you have questions about, or need further information concerning, our data retention periods, please email privacy@hearsaycorp.com.

Staying in Control of Your Information: Your Rights

If the GDPR applies to you because you are in the EEA, you have certain rights in relation to your personal data:

  • The right to be informed – our obligation to inform you that we process your personal data (and that is what we are doing in this Privacy Notice)
  • The right of access – your right to request a copy of the personal data we hold about you (also known as a ‘data subject access request’)
  • The right to rectification – your right to request that we correct personal data about you if it is incomplete or inaccurate (though we generally recommend first making any changes in your Account Settings)
  • The right to erasure (also known as the ‘right to be forgotten’) – under certain circumstances, you may ask us to delete the personal data we have about you (unless there is an overriding legal reason we need to keep it)
  • The right to restrict processing – your right, under certain circumstances, to ask us to suspend our processing of your personal data
  • The right to data portability – your right to ask us for a copy of your personal data in a common format (for example, a .csv file)
  • The right to object – your right to object to us processing your personal data (for example, if you object to us processing your data for direct marketing)
  • Rights in relation to automated decision-making and profiling – our obligation to be transparent about any profiling we do, or any automated decision-making,
PLEASE NOTE THAT IF YOU ARE A USER CONTACT OR A USER, YOU MUST CONTACT THE CUSTOMER(S) (ACTING AS ‘DATA CONTROLLER’) ON BEHALF OF WHICH HEARSAY PROVIDES THE SERVICES AND COLLECTS PERSONAL INFORMATION, AS EXPLAINED HERE. IF WE RECEIVE REQUESTS FROM USERS OR USER CONTACTS, WE WILL SEND THOSE REQUESTS TO THE RELEVANT CUSTOMER, WHO WILL BE RESPONSIBLE FOR RESPONDING TO AND ADDRESSING RIGHTS REQUESTS, WITH OUR COOPERATION.


These rights are subject to certain rules around when you can exercise them. If you are located in the EEA and wish to exercise any of the rights set out above, please contact us (see How to Contact Us about Privacy).

We will respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.

Finally, you have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to address your concerns before you approach the supervisory authority, so please contact us directly first at privacy@hearsaycorp.com.

Additional Information for California Residents

This Privacy Notice for California Residents (“CCPA Notice”) supplements the information contained in the Privacy Notice and applies solely to individuals who reside in the State of California (“Consumers”). We have created this CCPA Notice in order to comply with the California Consumer Privacy Act of 2018 (“CCPA”). 

Scope

This CCPA Notice applies to personal information that Hearsay collects for its own purposes. It does not apply to:

  • Personal information that Hearsay collects as a service provider on behalf of its Customers
  • Personal information collected in the employment context from employees and job applicants

Categories of Information We Collect

We collect personal information as that term is defined in CCPA. Within the last twelve (12) months, Hearsay has collected the following categories of personal information from or about Consumers:

  • Identifiers, such as a real name, unique personal identifier, online identifier, IP Address, email address, or account name
  • Personal information categories listed in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e)), such as a name, signature or telephone number
  • Protected classification characteristics under California or federal law, such as age or gender
  • Commercial information, such as records of products purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
  • Internet or other similar network activity, such as browsing history or information on a Consumer’s interaction with a website or application
  • Geolocation data, such as physical location
  • Professional or employment-related information, such as a job title or position
  • Inferences drawn from other personal information, such as profile information reflecting a person’s preferences.


Personal information does not include:

  • Publicly available information from government records
  • Deidentified or aggregated Consumer information
  • Certain other information that is already regulated by other laws or regulations
  • Information that is specifically exempt from the scope of the CCPA.

Categories of Sources of Personal Information

As explained in more detail here, Hearsay obtains the categories of personal information listed above from the following categories of sources:

  • Directly from you. For example, when you request a demo, contact us or sign up to use the Services. This includes the following categories of personal information:
    • Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)):
      • Name, email address, phone number, job position
    • Protected classification characteristics under California or federal law: gender
    • Commercial information
    • Geolocation data
    • Professional or employment-related information
  • Indirectly. For example, from observing your actions on our Services, including through the use of cookies or from third parties. This includes the following categories of personal information:
    • Commercial information
    • Internet or other similar network activity
    • Geolocation data
    • Inferences drawn from other personal information

Use of Personal Information

We may use the personal information we collect for one or more of the following business purposes listed here.

Disclosure of Personal Information

Hearsay may disclose your personal information to a third party for a business purpose. When we disclose personal information for a business purpose, we enter into a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the services for us. As explained in more detail here, we also share your personal information with certain categories of third parties who assist us in providing the Hearsay Website and Services and with our business.

In the preceding 12 months, we have disclosed the following categories of personal information for a business purpose:

  • A. Identifiers
  • B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
  • C. Protected classification characteristics under California or federal law
  • D. Commercial information
  • F. Internet or other similar network activity
  • G. Geolocation data
  • I. Professional or employment-related information
  • K. Inferences drawn from other personal information
A. Disclosure of Personal Information For Business Purposes in the Past 12 Months

We disclose your personal information for a business purpose to the following categories of Service Providers:

  • Companies that do things to help us provide the Services: hosting service providers, user engagement and customer support providers, certain analytics providers,, communication tools
  • Professional service providers, such as auditors, lawyers, consultants, accountants and insurers.

The following chart describes the categories of Personal Information that we disclosed to third parties for a business purpose in the 12 months prior to the date of this Privacy Policy:

Categories of Consumers’ Personal Information
Categories of Third Parties With Which We Shared Personal Information for a Business Purpose
Personal identifiers: name, email address, address of the property for inspection, home or billing address, telephone numbers, customer number, account password, and IP address or other unique identifier.
Service Providers, who support our business operations and efforts
Our parents, subsidiaries, and affiliates
Companies to whom your data is shared at your direction
Personal information subject to the California Customer Records Act, e.g., signatures.
Service Providers, who support our business operations and efforts
Our parents, subsidiaries, and affiliates
Companies to whom your data is shared at your direction
Internet or other electronic network activity information: device and browser type, browsing and search history on our Website, and information regarding interaction with our Website and our advertisements.
Service Providers, who support our business operations and efforts
Our parents, subsidiaries, and affiliates
Companies to whom your data is shared at your direction
Audio or visual information: recordings of customer service calls for quality assurance purposes, and photographs of yourself that you voluntarily provide in connection with reviews of our services.
Service Providers, who support our business operations and efforts
Our parents, subsidiaries, and affiliates
Companies to whom your data is shared at your direction
Professional, employment, or education information: job title, employer, business address and contact information, employment history, other professional information, or education history.
Service Providers, who support our business operations and efforts
Our parents, subsidiaries, and affiliates
Companies to whom your data is shared at your direction.
Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.
Service Providers, who support our business operations and efforts
Our parents, subsidiaries, and affiliates
Companies to whom your data is shared at your direction


Sales of Personal Information

The CCPA defines ‘sale’ very broadly. It includes the sharing of California Information in exchange for anything of value. According to this broad definition, in the year before this section was last updated, we may have sold the following categories of personal information to third parties:

  • A. Identifiers
  • B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
  • D. Commercial information
  • F. Internet or other similar network activity
  • G. Geolocation data
  • I. Professional or employment-related information
  • K. Inferences drawn from other personal information
Your Rights and Choices

The CCPA provides Consumers with specific rights regarding their personal information, provided that we are able to verify their identities as explained below. This section describes your CCPA rights and explains how to exercise them. 

Please note that the rights to opt-out, access and deletion do not apply to personal information reflecting a written or verbal communication or a transaction between Hearsay and a Consumer, where the Consumer is a natural person who is acting on behalf of a company, partnership, sole proprietorship, non-profit, or government agency (“Entity”) and whose communications or transaction with Hearsay occur solely within the context of Hearsay conducting due diligence regarding, or providing or receiving the Services to or from such Entity.

Opting-out of Sales

You have the right to opt-out of our sharing of your personal information with some External Ad Partners in certain circumstances. If you would like to opt-out of the sale of personal information, please click here.

Access to Specific Information and Data Portability Rights

You have the right to request that Hearsay disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive your request and verify your identity, as explained in Exercising Your Consumer Rights, we will disclose such information to you.

Deletion Request Rights

You have the right to request that Hearsay delete your personal information, subject to certain exceptions listed in the CCPA. Once we receive your request and verify your identity, as explained in Exercising Your Consumer Rights, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

Exercising Your Consumer Rights

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable Consumer request related to your personal information.

An authorized agent is a natural person or a business entity registered with the Secretary of State that a Consumer has authorized to act on his or her behalf. When a Consumer uses an authorized agent to submit a request to know or a request to delete, Hearsay may require that the Consumer provide the authorized agent written permission to do so and verify his or her own identity directly with Hearsay, unless the Consumer has provided the authorized agent with a valid power of attorney. Hearsay may deny a request from an agent that does not submit proof that he or she has been authorized by the Consumer to act on his or her behalf.

To exercise the rights described above, please submit a verifiable Consumer request to us by either calling us at 1-888-399-2280 or mailing privacy@hearsaycorp.com.

You may only make a verifiable Consumer request for access or data portability twice within a 12-month period. In particular, you can request the following:

1. Specific Pieces of Information

  • The specific pieces of your personal information that we’ve collected about you in the past 12 months.

2. Categories of Information

  • The categories of your personal information that we’ve collected in the past 12 months.
  • The categories of sources from which we collected personal information.
  • The business or commercial purposes for which we collected or sold personal information.
  • The categories of third parties with which we shared personal information in the past 12 months. 
  • The categories of third parties to whom we’ve sold personal information in the past 12 months, and the category or categories of personal information sold to each.
  • The categories of personal information that we’ve shared with service providers who provide services for us in the past 12 months, like processing your bill, and the category or categories of personal information sold to each. 

The verifiable Consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will notify you to explain the basis of the denial.

If we have a good-faith, reasonable belief that a request to opt-out of the sale of Personal Information is fraudulent, we may deny the request. Should this occur, we will inform you and explain why we believe the request is fraudulent. 

Making a verifiable Consumer request does not require you to create an account with us. Please note that the methods for verification are set forth in the CCPA, which also requires us to consider a number of factors, such as the type, sensitivity, and value of the personal information or the risk of harm posed by unauthorized access or deletion, on a case-by-case basis.

We will only use personal information provided in a verifiable Consumer request to verify the requestor’s identity or authority to make the request.

Upon your request, we will delete the Personal Information we have collected about you, except for situations where the CCPA authorizes us to retain specific information, including when it is necessary for us to provide you with a good or service that you requested; perform a contract we entered into with you; maintain the functionality or security of our systems; or comply with or exercise rights provided by the law. The law also permits us to retain specific information for our exclusively internal use, but only in ways that are compatible with the context in which you provided the information to us or that are reasonably aligned with your expectations based on your relationship with us. We will act on your deletion request within the timeframes set forth below.

Response Timing

We endeavor to respond to a verifiable Consumer request generally within 45 days of its receipt, or as otherwise required by the CCPA, although we may take longer to process your request under certain circumstances. If we expect your request is going to take us longer than normal to fulfill, we will let you know. 

Any disclosures we provide will only cover the 12-month period preceding our receipt of the verifiable Consumer’s request. If applicable, in our response, we will also explain the reasons we cannot comply with a request. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.

We usually act on requests and provide information free of charge, but we may charge a reasonable fee to cover our administrative costs of providing the information in certain situations. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request. In some cases, the law may allow us to refuse to act on certain requests. When this is the case, we will endeavor to provide you with an explanation as to why.

Your Right to Ask Us Not to Sell Personal Information We Have Collected About You

You have a right to request that we do not sell Personal Information that we have collected about you.

Non-Discrimination and Notice of Financial Incentives

We will not discriminate against you in a manner prohibited by the CCPA because you exercise your CCPA rights. Please note that to use our Services, we do require the collection of your personal information – for example, to sign you up. While you may request to delete your personal information under CCPA, such deletions may affect our ability to offer the Services.

Requests for Household Information

There may be some types of Personal Information that can be associated with a household (a group of people living together in a single dwelling). Requests for access or deletion of household Personal Information must be made by each member of the household. We will verify the identity of each member of the household using the verification criteria explained above and will also verify that each household member is currently a member of the household. 

If we are unable to verify the identity of each household member with the degree of certainty required, we will not be able to respond to the request. We will notify you to explain the basis of our denial. 

California Shine the Light

California Civil Code Section 1798.83, also known as the “Shine the Light” law, permits California residents to annually request, free of charge, information about certain categories of Personal Information a business has disclosed to third parties for direct marketing purposes in the preceding calendar year. California residents may make such request to us at privacy@hearsaycorp.com. We will provide a list of the categories of personal information disclosed to such third parties for their direct marketing purposes during the immediately preceding calendar year, along with the names and addresses or these third parties. This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted other than to the email specified in this section.


Hearsay Processor and Service Provider Data

As explained above, we process personal information from individuals described below on behalf of our Customers in order to provide our Services, in accordance with their Instructions. When we process personal information on behalf of our Customers, we are a ‘data processor’ or service provider. This includes certain information that we collect through our account portal (https://my.hearsaysocial.com/) when Users log into their accounts with Hearsay, as well as other information that is collected through the various products offered by Hearsay as part of the Services. 

For purposes of this Section, “You” may refer to a variety of people, including:

  • Customers, which include individuals, entities and others who have entered into a master services or other agreement with Hearsay for the Services 
  • Users, who are the individuals, entities or others who are authorized on behalf of Customers to use the Services 
  • User Contacts, meaning individuals, entities and others who interact with the Services

If there are special terms and considerations, we will address the individual group by the capitalized term (Customer, User or User Contacts).  Where terms apply to all groups, we will address the group as “you.”

Personal Information We Process 

We process information (1) received directly from Customers and Users, other than personal information collected on signing up as a User of the Services, (2) from or about User Contacts through the use of the Services by Customers and Users, and (3) obtained indirectly, such as through the use of cookies or CRM integrations. 

The information that we process as part of the Services is described below in further detail. Collectively, all information processed by Hearsay in order to provide the Services is referred to “Services Information” for purposes of this Privacy Policy.

Information Collected Directly from Customers and Users

Through the Services, Customers and Users can populate their accounts with information submitted by a Customer or a User to Hearsay, or uploaded by Customer or a User to the Services, which is meant to be used and shared through the Services.  Examples of such content include articles, logos and other assets uploaded by a Customer or User to personalize a web page. In uploading or submitting this information, Customers and Users must not include any personally identifiable information contained within the uploaded materials. 

Hearsay may also contact Customers and Users to provide feedback on the Services by email or other means in order to better understand how Customers and Users use the Services. Some of the questions might include requests with a voluntary answer to provide certain additional personal identifiable information, such as name, age and geographic location. Information gathered by Hearsay will be used solely in connection with or to improve or expand the Services; however, this may include using this information within third-party services that are associated with the Services.  Please see our cookies section to better understand how we use performance cookies to improve the Services.  

Information From or About User Contacts

As part of our Services, Hearsay allows Users to connect certain digital assets such as social media accounts (including private messaging in some cases), email addresses and telephone numbers to the Services in order to communicate with User Contacts. Customers may also have their own websites hosted by Hearsay (“Customer Sites”). As a result, Hearsay processes personal information from or about User Contacts that is collected via the Customer Sites, User social media accounts and/or other connections to the Services, depending on the level of permission. For instance, when using social media networks, if Hearsay is allowed to collect social media activity about the User Contact, Hearsay will collect such information and present a summary of this information to the User. With respect to text message correspondence, Hearsay may collect, store and retain the telephone number of the User Contact, call history with the User Contact, and any contents of a text message that a User Contact made in text message communications with the User.  

Any information that a User or a User Contact submits to the Services will be captured and retained by Hearsay as part of the Services.

HEARSAY DOES NOT HAVE DIRECT RELATIONSHIP WITH USER CONTACTS. SOCIAL MEDIA ACCOUNT PROVIDERS AND CUSTOMERS ARE EACH SOLELY RESPONSIBLE FOR MAINTAINING THEIR OWN PRIVACY POLICIES ON HOW THEY COLLECT, RETAIN AND SHARE DATA COLLECTED FROM USER CONTACTS, AS WELL AS COMPLYING WITH APPLICABLE DATA PROTECTION LAWS. IN HANDLING USER INFORMATION AS WELL AS INFORMATION FROM OR ABOUT USER CONTACTS, HEARSAY PROCESSES AND RETAINS INFORMATION IN ACCORDANCE WITH THOSE PRIVACY POLICIES.


If you are a User Contact, you may have been directed to review this Privacy Policy by one of our Customers in lieu of their own Privacy Policy.  In this case, any information about you as a User Contact that Hearsay collects will be processed and maintained in accordance with this policy. However, to understand how the Customer uses the information or to exercise any rights, please contact the Customer directly. 

Information Collected Indirectly

CRM Integrations

Certain Customers integrate their customer relationship management (CRM) systems with the Services. When this happens, Hearsay receives any information about Users and User Contacts that a Customer has collected and wishes to share with Hearsay. Hearsay will use this information within the Service to enable certain functionality (e.g., populating email contacts from a CRM so that a  User may utilize email functionality), or use insights in order to recommend certain actions (e.g., based on a combination of activity documented in CRM and the Services with a User Contact, a User might receive a recommendation to make a future communication with the same User Contact).

Cookies

Additionally, when you use the Services, we and our service providers acting on our behalf automatically collect certain data using tracking technologies like cookies, web beacons, and similar technologies. A cookie is a small amount of data, which often includes an anonymous unique identifier that is sent to your browser from a website’s computers and stored on your computer’s hard drive. These technologies are used to help us better understand user behavior and facilitate and measure the effectiveness of the Services. We treat information collected by cookies and other technologies as non-personal information. We use cookies to record current session information.  We also use third party cookies (e.g. Google Analytics) to provide anonymized and aggregated information on website usage statistics and patterns. Hearsay uses web beacons with cookies or separately to compile information about your engagement with our Customers.  Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you view a particular website tied to the web beacon, and a description of a website tied to the web beacon.

Publicly Available Information about Users and User Contacts

In order to better understand Users and provide a better experience, Hearsay creates various “profiles” within the Services, in order to provide more targeted content and suggest action items for a User to take within the Services. “Profiles” are not composites of personal information nor based on actual individuals, but are common characteristics identified by Hearsay to describe certain behaviors or preferences.  In order to make recommendations or suggest content, Hearsay endeavors to find out more about its Users and User Contacts. In some instances, when building these “profiles,” Hearsay may retain third parties to collect publicly available information about Users. This information may include your industry, the size of your office, and your online directory listing, to help Hearsay understand more about our customer base and to tailor information we send you about the Services.   

Anonymized Aggregated Data

Hearsay has developed proprietary algorithms that monitor all communications and transactions that occur within the Services.  Hearsay engages third parties to perform data analysis on data sets provided by Hearsay in order to improve Hearsay’s algorithms. The purpose of these algorithms is to identify patterns of behavior, either unique to a User or to defined categories of people, which may enhance a User’s use of the Services. Any data created or identified within an algorithm does not identify the activity of an individual User or User Contacts. For example, the Services may identify that a User’s social media network contacts are most active between the hours of 10 AM to 12 PM on weekdays, and would therefore recommend a User to schedule social media posts during this time. The Services algorithms gather this information based on the volume activity occurring within this network; this recommendation, or any data associated with this recommendation, would not identify the posting habits of any individual User Contact or a User. For text message communication, the Services may suggest prepopulated quick replies to certain text messages. The Services algorithms make these suggestions based on gathered information from previous replies and conversations.  

Industry Information

Hearsay collects information relating to the industry with which a User is associated: acquiring data sets about certain financial services industries, reviewing census results to identify purchasing habits of consumers, etc. The purpose of acquiring this information is to provide more information and insight for the User when using the Services.

Why We Collect Services Data and How We Use It

We or our authorized service providers process the Services Information solely as a data processor, in order to:

  • Provide our Services to our Customers (and their Users)
  • Deliver our Customers’ and Users’ communications to their intended destination
  • Analyze the use of the Services
  • Improve, enhance and expand our Services
  • Detect fraudulent or unlawful activity in connection with a Hearsay account
  • Comply with our legal obligations
Disclosure of Your Personal Information

We disclose Services Information under certain circumstances, as further described below.

External Services

The Services allow Users to send or receive communications from User Contacts through social media, email, text messaging and voice communications. If Users send communications through the Services, Hearsay will deliver those communications to third parties in order for the User Contact to share and receive those communications. We call these third party delivery networks “External Services.” Examples of External Services include Facebook, Twitter, LinkedIn and Instagram (for social media). 

Third-party Service Providers or Consultants

We may share Services Information with third-party service providers or consultants who need access to the data to perform their work on Hearsay’s behalf. These third party service providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances that they will appropriately safeguard any data provided by Hearsay. These include Amazon Web Services for website hosting, Sendgrid for email delivery and Twilio for text messaging.

Regulatory Audits

Hearsay is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).  Telecommunications activity performed by Hearsay is regulated and overseen by the Federal Communications Commission (FCC) and various state public utility commissions. We may disclose Services Information pertaining to a regulatory audit conducted by these entities as well as oversight organizations for the financial services industry, such as FINRA, SEC, or similar state and international regulators.  When responding to a financial services regulatory audit, we will endeavor to first contact the Customer before disclosing any such information unless we are prohibited from doing so. The Customer is solely responsible for contacting any Users or User Contacts as part of the regulatory audit and disclosure of Services Information.

Affiliates

We may share data collected from you from the Services with our affiliates.

Business Transfers

As we continue to grow, we may purchase websites, applications, subsidiaries, or other businesses or business units. Alternatively, we may sell businesses or business units, merge with other entities, obtain financing, and/or sell assets or stock, in some cases, as part of a reorganization or liquidation in bankruptcy. In order to evaluate and/or as part of these transactions, we may transfer your personal information to a successor entity upon a merger, consolidation, or other corporate reorganization in which Hearsay participates, to investors and/or to a purchaser or acquirer of all or a portion of Hearsay’s assets, bankruptcy included.

Aggregated or Anonymized Information

We share anonymized, aggregated, automatically-collected, or otherwise non-personal information with third parties for various purposes, including (i) compliance with reporting obligations; (ii) business or marketing purposes; (iii) assistance for us and other parties in understanding our Customers’ and Users’ interests, habits, and usage patterns for certain programs, content, services, advertisements, and/or functionality available through the Services. We do not share personal information about you in this case.

Legal Obligations and Security

Hearsay may preserve or disclose your personal information in limited circumstances (other than as set forth in this Privacy Policy), including: (i) with your consent; (ii) when we have a good faith belief it is required by law, such as pursuant to a valid subpoena, warrant, or other judicial or administrative order (as further explained below); (iii) to protect the safety of any person; (iv) to protect the safety or security of the Hearsay Website and/or Services or to prevent spam, abuse, or other malicious activity of actors with respect to the Hearsay Website and/or Services; or (v) to protect our rights or property or the rights or property of those who use the Hearsay Website and/or Services.

If we are required to disclose personal information by law, such as pursuant to a subpoena, warrant, or other judicial or administrative order, we will use reasonable efforts to provide you with notice of this disclosure requirement, unless we are prohibited from doing so by statute, subpoena or court or administrative order. Our policy is to respond to requests that are properly issued by law enforcement within the United States or via mutual legal assistance mechanism (such as a treaty), and to object to requests that we do not believe were issued properly. However, if we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person, we may provide information to law enforcement trying to prevent or mitigate the danger (if we have it), which will be determined on a case-by-case basis.

Value Added Partners

Certain Customers may purchase services from third parties that have a partnership relationship with Hearsay and are authorized to access the Services (“Value Added Partners”). In such cases, Hearsay will allow the Value Added Partner(s) to access the relevant Services account if the Customer has given the requisite permission. This access may include being able to read Services Information. 

Your Rights

As ‘data controllers’ of Services Information, Customers are responsible for providing information to individuals in the EEA, including the purposes of collection, legal bases, and your rights, as well as California residents. If we receive a notification from a Customer regarding an individual wishing to exercise his/her exercising, we will assist said Customer with responding to and honoring such requests according to the Customer’s instructions. 

CONTACT

privacy@hearsaycorp.com

When you visit the Hearsay Website or use the Services, we and our service providers acting on our behalf automatically collect certain data using tracking technologies like cookies, web beacons, and similar tracking technologies. 

A cookie is a small amount of data, which often includes an anonymous unique identifier that is sent to your browser from a website’s computers and stored on your computer’s hard drive.

These technologies are used to help us better understand User behavior and facilitate and measure the effectiveness of our Hearsay Website and Services. We treat information collected by cookies and other technologies as non-personal information.

We use cookies to record current session information.  We also use third party cookies (e.g. Google Analytics) to provide anonymized and aggregated information on website usage statistics and patterns.

All modern Internet browsers allow you to control your cookie settings. These settings are usually accessed in the ‘Options’ or ‘Preferences’ section of your browser. On your mobile device, go to Settings, then go to the specific web-browser, and then to the Cookies section. Please note that certain features of the website will not be available once cookies are disabled.  For further information about cookies and how to manage them, please visit www.allaboutcookies.org.

Hearsay uses web beacons with cookies or separately to compile information about your engagement with us.  Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you view a particular website tied to the web beacon, and a description of a website tied to the web beacon.

Here is a basic description and overview of the type of cookies Hearsay uses:

Cookie table

Essential Cookies
Required cookies make it possible for you to access the Services, navigate within the Services, and access information related to your account.
Required cookies are necessary to operate the account portal, so you can’t opt out of them.
Each time you log into the Services, a cookie containing an encrypted, unique identifier that is tied to your account is placed on your browser. These cookies allow Hearsay to uniquely identify you when you are logged into the Services and to process your requests.
Functionality Cookies
Functionality cookies allow the Hearsay Website and Services to remember information you have entered or preferences you select, and provide enhanced, more personal features. These cookies allow you to optimize your use of the Services after logging in. These cookies can also be used to remember changes you have made to the portions of your account that you can customize.
You can use your browser settings to opt out of functionality cookies. For more information on how to do that, click here. Note that opting out may affect the functionality of our Site or Services for you.
Third party service providers that currently place functionality cookies within Hearsay Website and, the Services (only if you choose to connect your social media account to the Hearsay Service), include:
Twitter: We use Twitter to publish certain activities conducted within the Services.
Learn more about Twitter’s data policy here.
Facebook: We use Facebook to publish certain activities conducted within the Services.
Learn more about Facebook’s data policy here.
LinkedIn: We use LinkedIn to publish certain activities conducted within the Services.
Learn more about LinkedIn’s Privacy Policy here.
Performance Cookies
These cookies collect data about how visitors use the Hearsay Website or Services. This includes data like which pages visitors go to the most. These cookies don’t collect information that individually identifies visitors. The data these cookies collect is aggregated and intended to be anonymous and used to improve how the site functions and performs.
Third party service providers that currently place performance cookies within the Services or Hearsay Website include:
Google Analytics: We use Google Analytics to help analyze page statistics and user behavior to the Hearsay Website and Services.
For information on how to opt-out of tracking technologies from Google Analytics, click here.
Heap Analytics: We use Heap Analytics to help analyze page statistics and user behavior within the Services.
For information on Heap Analytics’ privacy policy, click here.
DataDog: We use DataDog to help analyze website page performance
For information on DataDog’s cookie policy, click here.
AppCues: We use AppCues to help analyze user behavior within the Services.
For information on AppCues’ privacy policy, click here.
Advertising Cookies
Hearsay may have External Ad Partners track and analyze usage and volume statistical information from those who visit the Hearsay Website and Services. Hearsay sometimes uses cookies placed by its External Ad Partners to track the performance of our advertisements. For example, these cookies remember which browsers have visited the Hearsay Websites or the Services.
To learn more about how to opt out of targeting and advertising cookies, you can go to the Your Online Choices page, the Network Advertising Initiative page, and the Digital Advertising Alliance’s Consumer Choice page. These opt-out tools are provided by third parties, not Hearsay. We do not control or operate these tools or the choices that advertisers and others provide through these tools.
Third party service providers that currently place advertising cookies within the Services or Hearsay Website include:
Demandbase: We use Demandbase to track how you use the Hearsay Website and Services to help us target ads to you on other websites.
To opt-out of Demandbase tracking technologies, click here.
Marketo: We use Marketo for marketing automation and lead management.
For information on how to opt-out of Marketo tracking technologies, click here.
The above table lists some third party service providers that Hearsay currently uses. This table is subject to change and is not does not necessarily include all third party service providers that Hearsay uses at any given time.

If you have any questions, our full contact information is listed here, or contact us at privacy@hearsaycorp.com.