Last updated on December 15, 2020.

Blackfin Software, LLC d/b/a Blackfin Webware builds and maintains various web sites, as well as web and mobile applications.

This policy sets out how we handle personal information and applies across these sites and applications available under the blackfin.biz, blackfinsoftware.com, blackfinwebware.com and other domains including all subdomains, subdirectories and subsidiary web pages (the “Sites”).

When we say ‘we’, ‘us’ or ‘Blackfin’ it’s because that’s who we are and we own and run the Sites.

If we say ‘policy’ we’re talking about this privacy policy. If we say ‘user terms’ we’re talking about the rules for using the Sites. The rules vary by product and each product makes them separately available and seeks consent to them separately to this policy.

The type of personal information we collect

• We collect certain personal information about visitors and users of our Sites.
• The most common types of information we collect include things like: usernames, member names, email addresses, survey responses, forum comments, content you provide to maintain your membership or association with the third party Organization who is our customer.
• We also collect IP addresses in our logs so that we have analytics data to better understand and improve our offerings, and log data to help us troubleshoot and recover from problems.

How we collect personal information

• We collect personal information directly when you provide it to us, automatically as you navigate through the Sites.
• We collect your personal information when you provide it to us when you complete membership registration on our Sites, subscribe to a newsletter, submit feedback, fill out a survey, or send us a communication.

How we use personal information

• We will use your personal information where this is necessary for purposes which are in our, or third parties, legitimate interests. These interests include:
  • operating the Sites;
  • providing you with services described on the Sites;
  • responding to support tickets, and helping facilitate the resolution of any disputes;
  • updating you with operational news and information about our Sites and services e.g. to notify you about changes to our Sites, webSites disruptions or security updates;
  • carrying out technical analysis to determine how to improve the Sites and services we provide;
  • monitoring activity on the Sites, e.g. to identify potential fraudulent activity and to ensure compliance with the user terms that apply to the Sites;
  • training Blackfin staff about how to best serve our customers;
  • improving our products and services.

Where you give us consent:

• providing you with marketing information about products and services which we feel may interest you; and
• customizing our services and webSites, like advertising that appear on the Sites – where this involves the use of cookies or similar technologies – in order to provide a more personalised experience.
• For purposes which are required by law, such as responding to requests by local, state or federal government, a court of law, or law enforcement authorities conducting an investigation.

When we disclose your personal information

We may disclose personal information to people like:

• a purchaser or prospective purchaser of all or part of our assets or our business, and their professional advisers, in connection with the purchase;
• a third party, in order to enforce or defend our rights, or to address financial or reputational risks;
• a rights holder in relation to an allegation of intellectual property infringement or any other infringement; and
• other recipients where we are authorized or required by law to do so.

Where we transfer and/or store your personal information

• We are based in Seattle, WA in the United States.
• We store personal information and process data on servers provided by  Linode, Amazon AWS and Opalstack in the United States and in Europe.
• In order to protect your information, we take care where possible to work with subcontractors and service providers who we believe maintain an acceptable standard of data security compliance.

How we keep your personal information secure

• We store personal information on secure servers that are managed by us and our service providers.
• Personal information that we store or transmit is protected by security and access controls, including username and password authentication. It is encrypted wherever possible.

How you can access your personal information

• You can access some of the personal information that we collect about you by logging in to your account.
• You also have the right to make a request to access other personal information we hold about you and to request corrections of any errors in that data.
• You can also close the account you have with us on our Sites at any time. To make an access or correction request, contact us using the contact details at the end of this policy.
• You are also entitled to ask us to port your personal information (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase it, or restrict its processing.
• You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing.
• If you have unresolved concerns you also have the right to complain to data protection authorities.
• The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.

Marketing Choices regarding your personal information

• Where we have your consent to do so (e.g. if you have subscribed to one of our email lists or have indicated that you are interested in receiving offers or information from us), we send you marketing communications by email about products and services that we feel may be of interest to you.
• You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.
• You also have choices about cookies, as described below. By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies some parts of our Sites may not work properly in your case.

Cookies and web analytics

For more information on cookies, see http://www.allaboutcookies.org.

When you visit our Sites, certain information is automatically recorded which is generally anonymous information and may or may not reveal your true identity. If you’re logged into your account some of this information could be associated with your account. This includes the following kinds of details:

• your IP address or proxy server IP address;
• the domain name you requested;
• the name of your internet service provider is sometimes captured depending on the configuration of your ISP connection;
• the date and time of your visit to the webSites;
• the length of your session;
• the pages which you have accessed;
• the number of times you access our Sites within any month;
• the website which referred you to our site; and
• the operating system which your computer uses.

Information you make public or give to others

If you make your personal information available to other people, we can’t control or accept responsibility for the way they will use or manage that information. There are lots of ways that you may find yourself providing information to other people, like when you post a public ticket on a support forum. Before making your information publicly available or giving your information to anyone else, think carefully. If giving information to another user via our Sites, ask them how they will handle your information. If you’re sharing information via another website, check the privacy policy for that site to understand its information management practices as this privacy policy will not apply.

How long we keep your personal information

We retain your personal information for as long as is necessary to provide the services to you and others, and to comply with our legal obligations. If you no longer want us to use your personal information or to provide you with our services, you can request that we erase your personal information and close your account at the Sites. Please note that if you request the erasure of your personal information we will retain information from deleted accounts as necessary for our legitimate business interests, to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations, enforce the terms of service and take other actions permitted by law. The information we retain will be handled in accordance with this Privacy Policy.

When we need to update this policy

We will need to change this policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.

When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this page.

If you’re a user or visitor in the European Economic Area these rights also apply to you:

For the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ of your personal information.

How you can contact us

If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact us in writing at privacy@blackfin.biz.

Both personal information and personal data have the same meaning in the context of this Privacy Policy.