3. TRANSPARENCY/NOTICE—TYPES of Personal Information We Collect and How We Use It
The types of Personal Information we may collect (directly from you or from Third-Party sources) and our privacy practices depend on the nature of the relationship you have with PublishXi and the requirements of applicable law. Some of the ways that PublishXi may collect Personal Information include: You may provide Personal Information directly to PublishXi through interacting with the Services, participating in surveys, during events such as trade shows, and requesting Services, or information. As you navigate the Services, certain passive information may also be collected about your visit, including through cookies and similar technologies as described below. We endeavor to collect only that information which is relevant for the purposes of Processing. Below are the ways we collect Personal Information and how we use it.
1. Types of Personal Information We Collect
PublishXi collects Personal Information regarding its current, prospective, and former clients, customers, users, visitors, guests, and employees (collectively “Individuals”). PublishXi Customers If you are a PublishXi Customer, you may provide Personal Information when you register with us through the Site to create and manage content, such as your name, company name, email address, and “Payment Information” such as billing address and credit card information. End Users When you download or use the PublishXi App, any Application published there or elsewhere, and/or use a content through the Site, you may choose to provide Personal Information for your registration and/or profile as follows: Name, email, photo/profile image, Company, Position/Title, Gender, phone number, and/or website (“Profile Information”). Linked social media accounts such as Facebook, Twitter, Google+ and LinkedIn (“Social Information”). If, when you create an account with us, you may choose to login using certain social media accounts (Facebook, LinkedIn, Twitter, etc). In this case, we collect the login identifier and password from this account (“Social Logins”). We collect your Mobile ID when you download the PublishXi App or a branded Application app. If your device enables location services for the PublishXi App, we will collect information about your location when you use the App. You may send messages to other End Users or connect with them, in which case we will collect records and data reflecting your interactions with the other users. You may be asked, but not required, to complete surveys about your use of the PublishXi App. Note that this information is treated like Profile Information for purposes of this policy. Visitors This Section describes the information that we may collect from Visitors. To the extent you are a PublishXi Customer or an End User and visit the Site or use the PublishXi App, this Section will apply to you as well: If you contact us by email or by filling-out a registration form, we may keep a record of information you provide, such as contact information and correspondence. We will collect Usage Data reflecting your behavior on the Site. We may use session and persistent cookies, both first-party and third-party, to collect information about your visits to the Site. Information Submitted Via Services. You agree that PublishXi is free to use the content of any communications submitted by you via the Services, including any ideas, inventions, concepts, techniques, or know-how disclosed therein, for any purpose including developing, manufacturing, and/or marketing goods or Services. PublishXi will not release your name or otherwise publicize the fact that you submitted materials or other information to us unless: (a) you grant us permission to do so; (b) we first send notice to you that the materials or other information you submit to a particular part of a Service will be published or otherwise used with your name on it; or (c) we are required to do so by law. Information from Other Sources. We may receive information about you from other sources, including through Third-Party services and organizations to supplement information provided by you. For example, if you access our Services through a Third-Party application, such as an App Store or SNS, we may collect information about you from that Third-Party application that you have made public via your privacy settings. Information we collect through App Stores or SNS accounts may include your name, your SNS user identification number, your SNS user name, location, sex, birth date, email, profile picture, and your contacts on the SNS. This supplemental information allows us to verify information that you have provided to PublishXi and to enhance our ability to provide you with information about our business, products, and Services.
2. How PublishXi Uses Your Information
3. Cookies, Pixel Tags/Web Beacons, Analytics Information, and Interest-Based
4. Third-Party Websites and Social Media Platforms
The Site may contain links to other websites and other websites may reference or link to our Site or other Services. These other domains and websites are not controlled by us, and PublishXi does not endorse or make any representations about Third-Party websites or social media platforms. We encourage our users to read the privacy policies of each and every website and application with which they interact. We do not endorse, screen or approve, and are not responsible for the privacy practices or content of such other websites or applications. Visiting these other websites or applications is at your own risk. PublishXi’s Services may include publicly accessible blogs, community forums, or private messaging features. The Site and our other Services may also contain links and interactive features with various social media platforms (e.g., widgets). If you already use these platforms, their cookies may be set on your device when using our Site or other Services. You should be aware that Personal Information which you voluntarily include and transmit online in a publicly accessible blog, chat room, social media platform or otherwise online, or that you share in an open forum may be viewed and used by others without any restrictions. We are unable to control such uses of your information when interacting with a social media platform, and by using such services you assume the risk that the Personal Information provided by you may be viewed and used by third parties for any number of purposes. We use Third-Party software development kits (“SDKs”) as part of the functionality of our Services. Third-Party SDKs may allow Third Parties, including advertisers, to collect your personal information to provide content that is more relevant to you. You may opt out of tracking by following the instructions below: Google Analytics. You can opt out of Google’s collection and Processing of data generated by your use of the Services by going to http://tools.google.com/dlpage/gaoptout.
5. Third-Party Payment Processing
When you make purchases through the Services, we process your payments through a Third-Party application, Stripe. The Third-Party application may collect certain financial information from you to process a payment on behalf of PublishXi, including your name, email address, address and other billing information. When you enter Payment Information through the Site, you do so through an interface owned and operated by Stripe or our payment processing partner, to which you will be redirected automatically from PublishXi.
4. Human Resources Data
PublishXi collects Personal Information from current, prospective, and former Employees, their contact points in case of a medical emergency, and beneficiaries under any insurance policy (“Human Resources Data”). The Human Resources Data we collect may include title, name, address, phone number, email address, date of birth, passport number, driver’s license number, Social Security number or other government-issued identification number, financial information related to credit checks, bank details for payroll, information that may be recorded on a CV or application form, language abilities, contact information of third parties in case of an emergency and beneficiaries under any insurance policy. We may also collect Sensitive Human Resources Data such as details of health and disability, including mental health, medical leave, and maternity leave; information about national origin or immigration status; and optional demographic information such as race, which helps us achieve our diversity goals. We acquire, hold, use and Process Human Resources Data for a variety of business purposes including: Workflow management, including assigning, managing and administering projects; Human Resources administration and communication; Payroll and the provision of benefits; Compensation, including bonuses and long-term incentive administration, stock plan administration, compensation analysis, including monitoring overtime and compliance with labor laws, and company recognition programs; Job grading activities; Performance and employee development management; Organizational development and succession planning; Benefits and personnel administration; Absence management; Helpdesk and IT support services; Regulatory compliance; Internal and/or external or governmental compliance investigations; Internal or external audits; Litigation evaluation, prosecution, and defense; Diversity and inclusion initiatives; Restructuring and relocation; Emergency contacts and services; Employee safety; Compliance with statutory requirements; Processing of Employee expenses and travel charges; and Acquisitions, divestitures, and integrations.
5. Onward Transfer—PublishXi May Disclose Your Information
1. Information We Share
2. INTERNATIONAL Data Transfers
You agree that all Personal Information collected via or by PublishXi may be transferred, Processed, and stored anywhere in the world, including but not limited to, the United States, the European Union, Canada in the cloud, on our servers, on the servers of our affiliates or the servers of our service providers. Your Personal Information may be accessible to law enforcement or other authorities pursuant to a lawful request. By providing information to PublishXi, you explicitly consent to the storage of your Personal Information in these locations.
6. Opt-Out (RIGHT TO OBJECT TO PROCESSING)
You have the right to object to and opt out of certain uses and disclosures of your Personal Information. Where you have consented to PublishXi’s Processing of your Personal Information or Sensitive Personal Information, you may withdraw that consent at any time and opt out of further Processing by contacting privacy@publishXi.com. Even if you opt out, we may still collect and use non-Personal Information regarding your activities on our Sites and/or information from the advertisements on Third-Party websites for non-interest based advertising purposes, such as to determine the effectiveness of the advertisements.
2. Email and Telephone Communications
3. Mobile devices
PublishXi may occasionally send you push notifications through our mobile applications with notices that may be of interest to you. You may at any time opt out from receiving these types of communications by changing the settings on your mobile device. PublishXi may also collect location-based information if you use our mobile applications. You may opt out of this collection by changing the settings on your mobile device.
4. Human Resources Data
With regard to Personal Information that PublishXi receives in connection with the employment relationship, PublishXi will use such Personal Information only for employment-related purposes as more fully described above. If PublishXi intends to use this Personal Information for any other purpose, PublishXi will notify the Individual and provide an opportunity to opt out of such uses.
5. “Do Not Track”
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.
6. Cookies and Interest-Based Advertising
7. Rights of Access, Rectification, Erasure, and Restriction
Under Privacy Shield, you may inquire as to whether PublishXi is Processing Personal
Information about you, request access to Personal Information, and ask that we correct,
amend or delete your Personal Information where it is inaccurate or has been Processed
in violation of the Privacy Shield Principles.
EU and Swiss residents have the right to access personal data about them and to request
the correction, amendment, removal or limitation of the use and disclosure of their
personal data processed by PublishXi. Such requests should be sent by email to
support@publishXi.com or by regular mail to:
Attn: Security Department
2489 Bloor St. West
Please include your full name, email address associated with your account, and a detailed description of your data request. Such requests will be processed in line with local laws. Although PublishXi makes good faith efforts to provide Individuals with access to their Personal Information, there may be circumstances in which PublishXi is unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the Individual’s privacy in the case in question or where it is commercially proprietary. If PublishXi determines that access should be restricted in any particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries. To protect your privacy, PublishXi will take commercially reasonable steps to verify your identity before granting access to or making any changes to your Personal Information.
8. Data Retention
9. Security of Your Information
10. International Users
11. Children’s Privacy
Our Services are not directed to children under 13. In addition, you are not permitted to use our Services if you do not meet the minimum age requirement applicable to our Services in your jurisdiction. We do not knowingly collect Personal Information from children under 13. If you learn that your child has provided us with Personal Information without your consent, you may alert us at privacy@publishXi.com. If we learn that we have collected Personal Information of a child under 13 we will take steps to delete such information from our files as soon as possible and terminate the child’s account.
12. Redress/Compliance and Accountability
lodge a complaint with the appropriate authority, please contact PublishXi by email at
support@publishXi.com or by postal mail to:
Attn: Security Department
2489 Bloor St. West
We will address your concerns and attempt to resolve any privacy issues within 45 days. If you are an EU or Swiss citizen and feel that PublishXi is not abiding by the Terms. of this Policy, or is not in compliance with the Privacy Shield Principles, please contact PublishXi at the contact information provided above. In addition, PublishXi has agreed to refer unresolved complaints related to Personal Information to the International Centre for Dispute Resolution, the international division of the American Arbitration Association (ICDR/AAA) and, with respect to Employee and human resources data, has committed to cooperate with the panel established by local data protection authorities and comply with the advice given by the panel for EU citizens and with the Swiss Federal Data Protection and Information Commissioner’s authority and advice for such data of Swiss citizens. For more information and to submit a complaint regarding Individual data to ICDR/AAA, a dispute resolution provider which has locations in the United States and EU, visit http://go.adr.org/privacyshield.html. Such independent dispute resolution mechanisms are available to citizens free of charge. If any request remains unresolved, you may contact the national data protection authority for your EU Member State. You may also have a right, under certain conditions, to invoke binding arbitration under Privacy Shield; for additional information, see https://www.privacyshield.gov/article?id=ANNEX-I-introduction. The FTC has jurisdiction over PublishXi’s compliance with the Privacy Shield.
13. Other Rights and Important Information
2. California Privacy Rights
California Civil Code Section 1798.83, known as the “Shine The Light” law, permits our customers who are California residents to request and obtain from us a list of what personal information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year and the names and addresses of those third parties. Requests may be made only once a year and are free of charge. Under Section 1798.83, we currently do not share any personal information with third parties for their direct marketing purposes other than the reciprocal sharing of information with Application authors.
This Policy shall be implemented by PublishXi and all its operating divisions, subsidiaries and affiliates. PublishXi has put in place mechanisms to verify ongoing compliance with Privacy Shield Principles and this Policy. Any Employee that violates these privacy principles will be subject to disciplinary procedures.
The following capitalized Terms. shall have the meanings herein as set forth below.
- “Agent” means any Third Party that Processes Personal Information pursuant to the instructions of, and solely for, PublishXi or to which PublishXi discloses Personal Information for use on its behalf.
- “Employee” refers to any current, temporary, permanent, prospective or former employee, director, contractor, worker, or retiree of PublishXi or its subsidiaries worldwide.
- “Mobile ID” means a unique, proprietary alphanumeric tag we create specifically to reflect your mobile device on our systems as a part of operating the Services, which is not known to any third party and is generated by a proprietary method we keep confidential.
- “Personal Information” is any information relating to an identified or identifiable natural person (“Individual”). This includes, but is not limited to, information that alone or when in combination with other information may be used to identify, contact, or locate you, such as: name, address, email address, IP Address, login credentials, profile information, or phone number, and excludes information that has been aggregated and/or anonymized so that it does not allow a third party to easily identify a specific individual.
- “Privacy Shield” means the seven (7) principles of the Privacy Shield Framework: (1) notice, (2), choice, (3) accountability for onward transfer, (4) security, (5) data integrity and purpose limitation, (6) access, and (7) recourse, enforcement, and liability. Additionally, it includes the sixteen (16) supplemental principles described in the Privacy Shield: (1) sensitive data, (2) journalistic exceptions, (3) secondary liability, (4) performing due diligence and conducting audits, (5) the role of the data protection authorities, (6) self-certification, (7) verification, (8) access, (9) human resources data, (10) obligatory contracts for onward transfers, (11) dispute resolution and enforcement, (12) choice – timing of opt-out, (13) travel information, (14) pharmaceutical and medical products, (15) public record and publicly available information, and (16) access requests by public authorities.
- “Process” or “Processing” means any operation which is performed upon Personal Information, whether or not by automatic means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- “Sensitive Data” or “Sensitive Personal Information” is a subset of Personal Information which, due to its nature, has been classified by law or by policy as deserving additional privacy and security protections. Sensitive Personal Information includes Personal Information regarding EU residents that is classified as a “Special Category of Personal Data” under EU law, which consists of the following data elements: (1) race or ethnic origin; (2) political opinions; (3) religious or philosophical beliefs; (4) trade union membership; (5) genetic data; (6) biometric data where Processed to uniquely identify a person; (6) health information; (7) sexual orientation or information about the Individual’s sex life; or (8) information relating to the commission of a criminal offense.
- “Third Party” is any company, natural or legal person, public authority, agency, or body other than the Individual, PublishXi or PublishXi’s Agents.
- “Usage Information” is information reflecting usage of our Services through a web browser or mobile application, such as browser type, operating system version, click behavior, connection speed, which does not reflect the identity of any individual user.
15. Revision history
- Initial Posting: September 4 2018
- Effective Date: September 4,2018
- Last Updated Date: September 4,2018
Attn: Security Department
2489 Bloor St. West, Suite 204