Obo respects your privacy. We value transparency and want you to know exactly what we do with your personal information. This page maps out what personal information we collect, what we do with it, and your choices and rights. (Note that there’s another company with the website Obo.com— that’s not us.)
1. Some key terms
3. Personal information we collect
We collect a variety of personal information regarding you or your device. This includes the following:
- Information you provide to create an Account, specifically your email address, first name and last name. If you purchase an Obo Product subscription, we receive a portion of your payment information from our payment processor (such as the last four digits, the country of issuance and the expiration date of the payment card) and we ask you to select your jurisdiction.
- Your marketing preferences.
- The emails and other communications that you send us or otherwise contribute, such as customer support inquiries or community posts (e.g., to customer message boards or forums). Please be aware that any information that you post on public parts of our sites is available to others.
- Information you share with us in connection with surveys, campaign responses, or promotions.
- Information from your use of the Obo website and on-line software suite. This includes: IP addresses, preferences, web pages you visited prior to coming to our sites, information about your browser, network or device (such as browser type and version, operating system, internet service provider, preference settings, unique device IDs and language and other regional settings), information about how you interact on-line with Obo (such as timestamps, clicks, scrolling, browsing times, searches, transactions, referral pages, load times, and problems you may encounter, such as loading errors).
- Information we get from our partners to support marketing campaigns, improve our services, and better monitor our online marketing campaigns, such as details about when an Obo partner shows you one of our campaigns or promotions on or via its site or advertising platform.
- Other information you submit to us directly or through Third Party Services if you use a Third Party Service to create an Obo account (based on your privacy settings with such Third Party Service).
4. How we collect personal information
We obtain personal information from various sources in three primary ways:
- You provide some of it directly (such as by registering for an Account).
- We record some of it automatically when you use Obo Product Suite or Obo websites (via technologies like cookies).
- We receive some of it from third parties (such as when you register for an account using a Third Party Service or when you make payments to us using our payment processor).
We’ve outlined this in more detail below.
a. Personal information you provide
When you use our Services, we collect information from you in a number of ways.
- We ask you to provide your name and email address to register and use an Obo free trial or to set up and use an Obo account.
- We maintain your marketing preferences and the emails and other communications that you send us or otherwise contribute, including customer support inquiries or posts to online communities or forums.
- You may provide us with information in other ways, such as responding to surveys, submitting a form, or attending an event.
We may require you to provide information for specific contractual or legal reasons. For example, we may ask you to select your jurisdiction when you sign up for Paid Services to determine tax implications and requirements. We will inform you when this information is required, and we will let you know the consequences of failing to provide it. For example, you may not be able to use our Services if that information is necessary to provide the service or if we are legally required to collect it.
b. Personal information obtained from your use of our Services
When you use our Services, we collect information about your activity on and interaction with the Services, such as your IP address(es), your device and browser type, the web page you visited before coming to our sites, what pages on our sites you visit and for how long and identifiers associated with your devices. If you’ve given us permission through your device settings, we may collect your location information in our mobile apps.
c. Personal information obtained from other sources
If you sign up for Paid Services and use a credit card for payment, we obtain limited information about your payment card from our payment processor, such as the last four digits, the country of issuance, and the expiration date.
5. How we use your personal information
We use the personal information we obtain about you to:
- Provide Services. Create and manage your Account, provide and personalize our Services, process payments, and respond to your inquiries.
- Communicate with you. Communicate with you, including sending you emails about your Obo-related transactions and any Service-related announcements (e.g., maintenance updates, planned downtime, etc.).
- Conduct surveys. Send surveys to you, with your permission.
- Promote Services. Promote our Services and send you marketing communications about products, services, offers, programs and promotions of Obo and our partners and measure the success of those campaigns. For example, we may send different marketing communications to you based on what Obo Services you use or other information we hold about you.
- Improve our Services. Analyze and learn about how you access and use Obo Services so that we can evaluate and improve our Services (for example, by developing new products and services or tailoring our communications) and monitor and measure the effectiveness of our marketing and promotions. We do this based on anonymous or aggregated information which does not focus on you individually.
- Ensure Security. Ensure the security and integrity of our Services.
- Manage third-party relationships. Manage our vendor and partner relationships.
- Enforce Terms of Service. Enforce our Terms of Service and other legal terms and policies.
- Protect rights and property. Protect our and others’ interests, rights and property (e.g., to protect our Users from abuse).
- Comply with law. Comply with applicable legal requirements, such as tax and other government regulations and industry standards, contracts, and law enforcement requests.
We process your personal information for the above purposes when:
- Consent. You have consented to the use of your personal information in a particular way. Note that you can change your mind at any time and we will update how we use your information.
- Performance of a contract. We need your personal information to provide you with Services and products requested by you, and to respond to your inquiries. We need this information s that we can perform our contract with you or take steps at your request before entering into one. For example, we need your email address so you can sign in to your Obo account.
- Legal obligation. We have a legal obligation to use your personal information, such as to comply with applicable tax and other government regulations or to comply with a court order or binding law enforcement request.
- Legitimate interests. We have a legitimate interest in using your personal information. In particular, we have a legitimate interest in the following cases:
- To operate the Obo business and provide you with tailored communications.
- To analyze and improve the safety and security of our Services – we do this as it is necessary to pursue our legitimate interests in ensuring Obo is secure, such as by implementing and enhancing security measures and protections and protecting against fraud, spam, and abuse.
- To provide and improve the Services, including any personalized services – we do this as it is necessary to pursue our legitimate interests of providing an innovative and tailored offering to our Users on a sustained basis.
- To share your personal information with other Obo group companies that help us provide and improve the Services.
- To anonymize and subsequently use anonymized information.
- Protecting you and others. To protect your vital interests, or those of others.
- Others’ legitimate interests. Where necessary for the purposes of a third party’s legitimate interests, such as our partners who have a legitimate interest in delivering requested information and/or services to you and monitoring and measuring its effectiveness.
6. How we share your personal information
We share personal information in the following ways:
- Business partners. We may share personal information with business partners. For example, we may share your personal information when our Services are integrated with their Third Party Services, but only when you have been informed or would otherwise expect such sharing.
- Service providers. We share personal information with our service providers that perform services on our behalf. For example, we may use third parties to help us provide customer support, send marketing and other communications on our behalf, or assist with data storage.
- Process payments. We transmit your personal information via an encrypted connection to our payment processor.
- Following the law or protecting rights and interests. We disclose your personal information if we determine that such disclosure is reasonably necessary to comply with the law, protect our or others’ rights, property or interests (such as enforcing our Terms of Service) or prevent fraud or abuse of Obo or our users. In particular, we may disclose your personal information in response to lawful requests by public authorities, such as to meet national security or law enforcement requirements.
- Advertising. We share personal information with third parties so they and we can provide you with tailored advertising and measure and monitor its effectiveness. For example, we may share your pseudonymized email address with a third-party content platform on which we advertise to avoid serving Obo ads to people who already use Obo.
- Business transfers. If we’re involved in a reorganization, merger, acquisition, or sale of some or all of our assets, your personal information may be transferred as part of that deal.
7. Your rights and choices
Where applicable law requires (and subject to any relevant exceptions under law), you may have the right to access, update, change, or delete your personal information.
You can access, update, change, or delete your personal information either directly in your Obo on-line account or by contacting us at email@example.com to request the required changes. You can exercise your other rights (including deleting your Account) by contacting us at the same email address.
You can also elect not to receive marketing communications by changing your preferences in your Account or by following the unsubscribe instruction in such communications (generally provided in the footer area of those communications).
Note that there may be a delay, for technical reasons, in deleting your personal Information from our systems when you request that we delete it. We also will retain personal Information to comply with the law, protect our and others’ rights, resolve disputes, or enforce our legal terms or policies, to the extent permitted under applicable law.
You may have the right to restrict or object to the processing of your personal information or to exercise a right to data portability under applicable law. You also may have the right to lodge a complaint with a competent supervisory authority, subject to applicable law.
Additionally, if we rely on consent for the processing of your personal information, you have the right to withdraw it at any time for no charge. When you do so, this will not affect the lawfulness of the processing before your consent withdrawal.
8. How we protect your personal information
Our security team is dedicated to keeping your personal information safe. We maintain administrative, technical, and physical safeguards to protect against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of, the personal information in our possession.
9. How we retain your personal information
The exact length of time for which we keep your personal information may vary depending on the nature of the information and why we need it. Factors will include the minimum required retention period prescribed by law or recommended as best practice, the period during which a claim can be made, whether the personal information has been aggregated or pseudonymized, and other relevant criteria.
Please note that in the course of providing Obo Services, we collect and maintain aggregated, anonymized, or de-personalized information which we may retain indefinitely.
10. Data transfers
Personal information that you submit through the Services may be transferred to countries other than where you live, such as, for example, to our servers in the U.S. We also store personal information locally on the devices you use to access the Services.
Your personal information may be transferred to countries that do not have the same data protection laws as the country in which you first provided your personal information.
We rely upon a number of means to transfer personal information which is subject to the European General Data Protection Regulation (“GDPR”) in accordance with Chapter V of the GDPR. These include:
- Privacy Shield. We transfer, in accordance with Article 45 of the GDPR, personal information to companies that have certified their compliance with the EU-U.S. or Swiss-U.S. Privacy Shield Frameworks (each individually and jointly, the “Privacy Shield”), including Obo, Inc.
- Standard data protection clauses. We may, in accordance with Article 46 of the GDPR, transfer personal information to recipients that have entered into the European Commission approved contract for the transfer of personal data outside the European Economic Area.
- Other means. We may, in accordance with Articles 45 and 46 of the GDPR, transfer personal information to recipients that are in a country the European Commission or a European data protection supervisory authority has confirmed, by decision, offers an adequate level of data protection, pursuant to an approved certification mechanism or code of conduct, together with binding enforcement commitments from the recipient to apply the appropriate safeguards, including as regards data subjects’ rights, or to processors which have committed to comply with binding corporate rules.
11. Privacy Shield
Obo, Inc has certified its compliance to the Privacy Shield.
Obo is committed to treating personal information received from the European Economic Area and Switzerland pursuant to the Privacy Shield Frameworks in accordance with the applicable Principles. You can find our certification here and you can learn more about the Frameworks and Principles by visiting https://www.privacyshield.gov/.
Our accountability for personal information we receive under the Privacy Shield and subsequently transfer to a third party is described in the Privacy Shield Principles.
If you have a question or complaint you believe to be within the scope of our Privacy Shield certification, please contact us first at firstname.lastname@example.org, or using the contact details in the “How to contact us” section below. We’ll respond within 45 days.
For any complaints that we can’t resolve directly, JAMS is the independent organization responsible for reviewing and resolving complaints about our Privacy Shield compliance. You can contact JAMS free of charge at https://www.jamsadr.com/eu-us-privacy-shield. JAMS is an alternative dispute resolution provider based in the U.S.
If your concern still isn’t addressed by JAMS, you may be entitled to a binding arbitration under the Privacy Shield Principles. For purposes of enforcing compliance with the Privacy Shield, Obo, Inc. is subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission.
12. Privacy Notice for California Residents
This Privacy Notice for California Residents (this “CCPA Notice”) supplements the information contained in the Policy and except as provided herein, applies solely to California residents. We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this CCPA Notice.
This CCPA Notice does not apply to employment-related personal information collected from California-based employees, job applicants, contractors, or similar individuals. Where noted in this CCPA Notice, the CCPA temporarily exempts personal information reflecting a written or verbal business-to-business communication (“B2B personal information”) from some its requirements.
A. Information We Collect
Section 3. Personal information we collect describes what we have collected from users in the past twelve months. We collect the information for the purposes of described in section 5. How we use your personal information section above, and we share this information as described in that section.
B. Your Rights
The CCPA provides California residents with specific rights to request information about our collection, use and disclosure of your personal information over the prior twelve months, and ask that we provide you with the following information:
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources from which we collect personal information.
- Purpose for collecting, using or selling personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (known as “data portability request”).
- If applicable, categories of personal information sold about you and the categories of third parties to which the personal information was sold.
We do not provide these access and data portability rights for B2B personal information.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
We do not provide these deletion rights for B2B personal information.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us at: email@example.com. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: your full name and your email address associated with your account.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
14. How to contact us
Attention: Legal – Privacy
481 N Santa Cruz Ave., Suite 175
Los Gatos, CA 95030
15. Issues using the site
If you have any issues using this site, please send a message to firstname.lastname@example.org.