Last Revised: January 5, 2024
Etleap Inc. (”Etleap”, “we”, or “our”) respects individual privacy and is committed to protecting it. We encourage you to read this privacy policy (“Privacy Policy”) carefully when using our website or services or transacting business with us. By using our website, you are accepting the practices described in this Privacy Policy. If you have any questions about our privacy practices, please refer to the end of this Privacy Policy for information on how to contact us.
Scope
This Privacy Policy applies to information obtained by Etleap when you visit our website located at https://etleap.com. This Privacy Policy also describes how we may share information we obtain about you, your choices regarding our use of your information, the ways in which we safeguard such information, and how you may contact us regarding our privacy practices. Such information may include personally identifiable information that may be used to readily identify or contact you as an individual person, such as: name, address, email address, or phone number (”Personal Information”). Personal Information does not include information that has been anonymized such that it does not allow for the ready identification of specific individuals.
In addition to obtaining information from the visitors to and commercial users (including their end users, “End Users”) of our website, Etleap obtains, processes and hosts Personal Information through its commercial hosted or cloud platforms and software applications (collectively, “Services”) provided to its business entities who subscribe to such services pursuant to a Master Services Agreement or other contracts with us (”Customers”). When providing Services, Etleap is a “data processor” or “sub-processor” and only processes Personal Information on behalf of and in accordance with the instructions of its Customers, which are “data controllers” and/or “data processors,” depending on the context. Many of our Services contain automated processes and workflows and other software that generally allow Customers to control how they process the data and content they choose to input into Services, and we do not typically control these processes or store such data or content other than as may be necessary to provide Services. The agreements between Etleap and its Customers define specific roles and responsibilities of the parties for the processing of data in the context of Services. For more information on these activities please refer to the privacy policy of our Customer who inputted your Personal Information into our Services.
What Data We Collect
Information Provided by Visitors: If you visit our website, we may collect Personal Information from you, including, but not limited to, first and last name, organization name, e-mail address and password if you decide to register to receive information, schedule a demo, or create an account to use Etleap’s Services. If you provide us feedback or contact us via e-mail (e.g., in response to an employment opportunity posted on our website), we will collect your name and e- mail address, as well as any other content included in the e-mail, in order to send you a reply, and any information that you submit to us, such as a resume.
Information that we may collect via technological means: Our servers (which may be hosted by a third-party service provider) may collect data from you, such as browser type, operating system, IP address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit. Like most Internet services, we automatically gather this data and store it in log files each time you visit our website or access your account on our network. We may also directly collect analytics data, or use third-party analytics tools, to help us measure traffic and usage trends for the Services. These tools collect information sent by your browser or mobile device, including the pages you visit and other information that assists us in improving the Service.
Information that we may collect from our Customers: If you decide to purchase the Services and become an Etleap customer, the data we collect about you is what you have provided to us, which may include your name, email address, cell phone number, etc. You will be required to set up all Etleap profiles with applicable contact information (”Contact Information”), parts of which will also be Personal Information, to be able to use the Services. This allows you or your organization to be contacted by Etleap when there are ETL events you need to be notified about, or when you need to create new accounts for your other team members. If you or your end users are supplying Personal Information for contact persons, you represent and warrant that you have the right to provide such information.
How We Use the Data We Collect
We use Personal Information for two basic purposes: to provide and improve our website and to provide and improve the Services. In particular, we use Contact Information to send alerts to Customers in accordance with the Customer’s notification rules.
We may also use Personal Information to facilitate the creation of and secure your account on our network; identify you as an end user in our system; provide customer support and improved administration of our website and Services; improve and personalize the quality of experience when you interact with our website and Services; respond to your inquiries related to employment opportunities or other requests; send promotional communications; provide you with information that we believe may be useful to you, such as information about the Services, provide you with hardcopy or electronic newsletters, or surveys; send upgrades and special offers related to our Services and related services and for other marketing purposes of Etleap, should you request to receive such communications from us; make telephone calls to you, from time to time, as a part of secondary fraud protection or to solicit your feedback. We may also analyze request and usage patterns so that we may enhance the content of our website and Services or improve their respective functionalities, or for other business purposes.
We do not transfer or disclose your Personal Information to third parties for purposes other than the ones provided. We may provide your Personal Information or other information to third-party service providers who work on behalf of or with us to provide or enable some of the services and/or features of our website and Services or to help us communicate with you. Examples of such services include sending e-mail, analyzing data, providing marketing assistance, providing assistance in operating the website and Services and providing customer service. We require our third-party service providers to agree not to use such information except as necessary to provide the relevant services to us and you. However, once we have disclosed your information, including Personal Information, to a third party as described in this Privacy Policy, we cannot control and assume no responsibility for the manner in which that third party uses or further discloses such information.
We may use financial information or payment method to process payment for any purchases, subscriptions or sales made on our website or in connection with our Services, to protect against or identify possible fraudulent transactions, and otherwise as needed to manage our business.
In addition, we may use the Personal Information we obtain about you in other ways for which we provide notice at the time of collection or with your consent.
Our Services include ETL (Extract, Transform, and Load) data integration, extraction and management software applications which automate various business processes and are intended for enterprise business customers and not for individuals. Depending on the specific Service, we process different types of data uploaded to our online platforms and hosted software applications by Customers. The exact data elements to be transferred and data retention are controlled and defined by each Customer or the owner of the domain associated with your email address if the Service is used by your organization, employer or the company which originally collected your data. Consequently, while we process the data the End Users originally transferred to our Customer that can include Personal Information about such End Users, we cannot assume responsibility for the information or content you transferred to the Customer. Etleap has no direct relationship with the End Users or other individuals whose Personal Information it processes as part of Customer’s data. Each Customer is responsible for providing notice to its End Users and third persons concerning the purpose for which a Customer collects their Personal Information and how this Personal Information is processed through the Services.
Disclosure to Law Enforcement
Etleap may use your Personal Information to comply with applicable laws, regulations, or legal process as well as industry standards and our company policies, to prevent fraud or other misuse, including by protecting our rights and the rights of affiliates or related third parties and to enforce our Terms of Service and other policies of Etleap.
In particular, Etleap may disclose Personal Information, including the data you submit to us, with or without notice (a) if required by a subpoena or other judicial or administrative order, (b) where required by law, or © at our sole discretion, where we deem it necessary to protect the safety of any individual, the general public, or to prevent violation of the rights of Etleap or any third party. We also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Change of Ownership
In the event of change in ownership, a direct merger or acquisition with another entity, reorganization or liquidation, we reserve the right to transfer all of the information we collect through our website and End User information, including Personal Information, to another entity involved in the transaction.
Security
We are committed to protecting the security of your information. We maintain appropriate physical, electronic, and administrative safeguards designed to protect Personal Information that we obtain in accordance with this Privacy Policy from unauthorized access, disclosure or destruction. Generally, Personal Information you provide to us through our website is stored on our secure servers behind firewalls and sensitive information is encrypted using Transport Layer Security (TLS) (sometimes referred to as Secure Sockets Layer or SSL). Although we use reasonable efforts to secure such information, transmission via the Internet is not completely secure, and we cannot guarantee the confidentiality of information transmitted to us over the Internet.
Your account is protected by your account password and we urge you to take steps to keep your Personal Information safe by not disclosing your password and by logging out of your account after each use. We further protect your information from potential security breaches by implementing certain technological security measures including only authorized access, role-based access control models, two-factor authentication for server access, encryption, firewalls and transport layer security technology.
Although we maintain physical, administrative, and technological safeguards to preserve the integrity and security of all information collected through our Services, these measures do not guarantee that your information will not be accessed, disclosed, altered or destroyed by breach of such firewalls and secure server software. In the event of a data breach we will use commercially reasonable efforts to report to any and all relevant persons and authorities promptly following our discovery of the breach if it is apparent that Personal Information stored in an identifiable manner has been stolen or otherwise compromised.
Links to Other Websites
Our website may contain hyperlinks to other websites or online locations for your convenience and information. Those linked websites may be operated by unaffiliated entities, such as our Customers, and may have their own privacy policies, statements or notices.
This Privacy Policy does not apply to those websites, so please review the privacy policies posted on those sites to understand how they may collect and use your Personal Information. We are not responsible for the content or privacy practices of the websites that we do not control.
Children’s Privacy
Our website is not intended for children, nor is it targeted to children under the age of thirteen. We do not knowingly collect Personal Information from children under the age of 13 through the website, and if we learn that we have received information from a visitor under the age of 13, we will delete such information in accordance with applicable law.
California Privacy Rights
If you are a California resident, you have the additional rights outlined in this section. If you are a California resident and there are conflicts between this section and any other provision of this Privacy Policy, the portion that is more protective of your Personal Information shall control. If you have any questions about this section or whether any of the following applies to you, please email us at privacy@etleap.com. Your rights as a “Consumer” under the California Consumer Privacy Act of 2018 (“CCPA”) vary depending on whether Etleap acts as a “Service Provider” or a “Business,” as such terms are defined under the CCPA, with respect to your Personal Information.
Etleap as Service Provider
The Services offered by Etleap to Customers are deemed “processing on behalf” under the CCPA. Therefore, when Etleap provides Services to its Customers, such Customers determine the purposes and means of processing of Personal Information and are deemed “Businesses” under the CCPA, while Etleap is processing Personal Information on behalf of its Customers and is deemed a Service Provider under the CCPA. Etleap’s receipt and collection of any Personal Information related to Consumers is completed on behalf of our Customers in order for us to provide the Services. For example, if you are an End User of the Services, Etleap will be acting as a processor or sub-processor to a Customer (your vendor, employer or in any other contractual or statutory capacity) who has contracted to use our Services, and you can exercise your rights as a Consumer under the CCPA by addressing our Customer.
If you are a Consumer under the CCPA and believe that your Personal Information is being processed by us, you should direct any exercise of your Consumer data subject rights under the CCPA to our Customer on whose account you use or receive the benefit of the Services. Please address any requests for access or deletion of your Personal Information and other inquiries under the CCPA directly to the Customer with whom you have a direct relationship. If you contact us regarding information associated with a Customer, we may forward your requests or inquiries to the relevant Customer.
We will assist our Customers by appropriate technical and organizational measures currently available to Etleap, insofar as this is possible, for the fulfilment of our Customers’ obligation to respond to legitimate Consumers’ requests under the CCPA. If Etleap receives a request from a Consumer directly, we will promptly notify the Customer so the Customer could take appropriate action with regards to the Consumer’s request.
In addition, in order to facilitate CCPA compliance for its Customers, Etleap has prepared a Data Processing Addendum together with the CCPA Annex (“DPA”). The DPA fulfils the legal requirements mandated by the CCPA (as well as those mandated by the EU GDPR) and has been drafted for the benefit of Etleap’s Customers to help them comply with CCPA. The DPA assures that, with regard to the Personal Information Etleap processes on behalf of its customers, Etleap shall:
- process Personal Information only for purposes of performing the services in a manner that is reasonably necessary and proportionate to achieve the purpose of the processing;
- be prohibited from selling Personal Information or retaining, using, or disclosing the Personal Information for any purpose other than for the specific purpose of providing the services described in the respective agreement;
- apply appropriate reasonable administrative, technical, physical, and organizational safeguards to protect the security, confidentiality, integrity, and availability of Personal Information entrusted to Etleap for processing;
- assist Customers in the event Consumers exercise their legitimate rights under the CCPA.
Etleap as “Business”
If you are a “Consumer” as defined under the CCPA and in the instances where Etleap acts as a “Business” as defined under the CCPA and receives or collects your Personal Information from you directly and on its own determines the purposes and means of the processing of such Personal Information, then you have the right to exercise the following privacy rights under the CCPA in relation to Etleap:
Access. You have the right to request from us certain information about our collection and use of your Personal Information over the past 12 months. We will provide you with the following information:
- The categories of Personal Information that we have collected about you;
- The categories of sources from which that Personal Information was collected;
- The business or commercial purpose for collecting or selling your Personal Information;
- The categories of third parties with whom we have shared your Personal Information; and
- The specific pieces of Personal Information that we have collected about you.
However, please note that these rights are not absolute, and in certain cases we may decline your request as permitted by law.
You can find the categories of Personal Information generally collected and disclosed in the section “What Data We Collect” and the categories of third parties to whom the Personal Information may be disclosed under the section “How We Use the Data We Collect.”
If we have disclosed your Personal Information for a business purpose over the past 12 months, we will identify the categories of Personal Information shared with each category of third-party recipient.
If we have sold your Personal Information over the past 12 months, we will identify the categories of Personal Information purchased by each category of third-party recipient.
Deletion. You have the right to request that we delete the Personal Information that we have collected directly from you. Under the CCPA, this right is subject to certain exceptions. For example, we may need to retain your Personal Information to provide you with the Services or complete a transaction or other action you have requested. If your deletion request is subject to one of these exceptions, we may deny your deletion request.
Exercising Your Rights. To exercise the rights described above, you must send us a request that (i) provides sufficient information to allow us to verify that you are the person about whom we have collected Personal Information (this will require you to send an email from the account in question, login credentials and/or government identification document), and (ii) describes your request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request that meets both criteria will be considered a “Valid Request.” We may not respond to requests that do not meet these criteria. We will only use Personal Information provided in a Valid Request to verify your identity and eligibility and complete your request. You do not need an account to submit a Valid Request.
If your identity and eligibility are successfully verified by us, your request will be processed, and we will work to respond to your Valid Request within 45 days of receipt of all required documentation from you. We will not charge you a fee for making a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your Valid Request warrants a fee, we will notify you of the fee and explain that decision before completing your request.
You may submit a Valid Request by emailing us at privacy@etleap.com or calling us toll-free at (800) 679-6704. You may make a request to access your personal information twice within a 12-month period. Any disclosures we provide will only cover the 12-month period preceding the receipt of the request.
You may also authorize an agent (an “Authorized Agent”) to exercise your rights on your behalf if you have provided written permission to the Authorized Agent, and if the Authorized Agent’s identity can be verified by us. We may request a copy of this written permission from your Authorized Agent when it makes a request to exercise your rights on your behalf.
We Will Not Discriminate Against You for Exercising Your Rights Under the CCPA
We will not discriminate against you for exercising your rights under the CCPA. We will not deny you our goods or services, charge you different prices or rates, or provide you a lower quality of goods and services if you exercise your rights under the CCPA. However, we may offer different tiers of our Services as allowed by applicable data privacy laws (including the CCPA) with varying prices, rates, or levels of quality of the goods or services you receive related to the value of Personal Information that we receive from you.
Information for Persons Outside the United States
We are based in the United States and the information we collect is governed by U.S. law. If you are visiting our website from outside the United States, please be aware that information we collect through our website will be transferred to, and processed in, the United States. By using our website, you acknowledge and consent to the transfer and processing of your Personal Information in the United States as described in this Privacy Policy. The data protection laws and regulations applicable to your Personal Information transferred to the United States may be different from the laws in your country of residence. The following provisions apply with respect to the Personal Information of the individuals resident in the member states of the European Union, Iceland, Liechtenstein and Norway (the European Economic Area or EEA)
Legal Basis for Processing (EEA only)
If you are an individual from the EEA, our legal basis for collecting and using the Personal Information will depend on the Personal Information concerned and the specific context in which we collect and use it. As explained above, we process Personal Information in various ways depending upon your use of our website and the Customers’ use of our Services. We process Personal Information on the following legal bases: (1) with your consent; (2) as necessary to perform a contract when you request services or products; and (3) as necessary for our legitimate interests in enhancing our services and products and providing you with marketing materials and other information. We also collect Personal Information where we need to provide Services to a Customer under an agreement with such Customer, in which case we may be acting as a data processor or sub-processor.
Your GDPR Rights under the EU Privacy Law
If you are an individual in a European Union member state or in an EEA country, you have the following rights:
Right to Lodge a Complaint. “Etleap has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.”
Right to Erasure. You have the right to request that Personal Information you provided to Etleap directly through our website about you be deleted or erased. If deletion of your Personal Information should not be possible for technical or legal reasons, we may block the respective data instead.
To request deletion or blocking of Personal Information, or revoke previously granted consent, please contact us at privacy@etleap.com.
Right to Revoke Consent for Processing of Personal Information. If you consented to Etleap’s processing of your Personal Information you have provided to us directly through our website, you have the right to revoke the consent you previously provided.
To revoke previously granted consent, please contact us at privacy@etleap.com.
Right to Data Portability. You have the right to request that the Personal Information you have provided directly to Etleap through our website, which we process by automated means, be provided to you or another controller in a structured, commonly used and machine-readable format.
Transfers. We are headquartered in the United States of America. Personal Information may be accessed by us or transferred to us in the United States. By providing us with Personal Information, you consent to this transfer. We will protect the privacy and security of Personal Information according to this Privacy Policy, regardless of where it is processed or stored. By providing us with Personal Information, you consent to the storage or processing of Personal Information in the United States and acknowledge that the Personal Information will be subject to the laws of the United States, including the ability of governments, courts or law enforcement or regulatory agencies of the United States to obtain disclosure of your Personal Information.
EU-US and Swiss-US Data Privacy Framework For EU and Swiss Individuals Whose Data Is Transferred to the US
Etleap complies with the EU-U.S. Data Privacy program Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy program Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Etleap has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework program Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. Etleap has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework program Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Etleap is subject to the supervisory and enforcement authority of the United States Federal Trade Commission (FTC).
Pursuant to the Data Privacy Frameworks we acknowledge the right of EU and Swiss individuals to access their personal data that has been transferred into the United States. As a data processor, however, we may not have the authority to provide individuals with that access and may have to refer you to our client who controls the data.
Under the Data Privacy Frameworks Etleap remains liable for the onward transfer of personal data to third parties unless we can prove we were not a party to the events giving rise to the damages.
We currently do not transfer any personal data to non-agent third parties or utilize any data for reasons other than that for which it was originally provided. If this practice should change in the future we will update this policy accordingly and provide individuals with opt-out or opt-in consent, as applicable, prior to releasing their information.
Dispute Resolution
In compliance with the EU-US Data Privacy Framework Principles, Etleap commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union and Swiss individuals with DPF inquiries or complaints should first contact
Etleap Inc.
Re: EU-US or Swiss-US Data Privacy Framework
440 N Barranca Ave #9232
Covina, CA 91723
info@etleap.com
In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, Etleap commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2
Information Subject to Other Policies
The Company is committed to following the Principles for all Personal Information within the scope of the Data Privacy Framework Agreement. However, certain Information is subject to policies of the Company that may differ in some respects from the general policies set forth in this privacy policy.
Changes to this Privacy Policy
We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of this Privacy Policy. We encourage you to review this Privacy Policy whenever you visit our website to stay informed about our information practices.
Contact Us
To contact us regarding this Privacy Policy or with questions about our privacy practices, you may email us at privacy@etleap.com (please include “Privacy Inquiry” in the subject line of your email), or send postal mail to: Etleap Inc., 440 N Barranca Ave #9232, Covina, CA 91723