Effective May 25, 2018
Cloud Army Network Inc. (“CloudArmy”) is committed to protecting the privacy of all individuals who:
- visit any websites or mobile sites offered by CloudArmy, including without limitation www.cloud.army, portal.cloud.army, and including all subdomains, present and future (the “Website”);
- use the mobile applications that CloudArmy makes available from time to time (the “Applications”);
- use the Services including “Reactor™” and other CloudArmy products and services (the “Platforms”); and,
- To make this policy easier to read, we call the Website, the Applications, and the Platforms together the “Services”. Personally Identifiable Information, henceforth referred to as PII, means any piece of information that can be used to identify an individual, using publicly available information.
CloudArmy Data and Customer Content
The personally identifiable information we collect from our customers and users of the Services is for our own purposes, such as to provide and administer the Services (“CloudArmy Data”) and, with the exception of IP addresses, is only collected with their unambiguous consent. We are the data controller in respect of this information. CloudArmy Data is also referred to as “Customer Information” in our Terms. If your PII is not needed for billing, and isn’t attached to another organization due to your own actions, you can request to have that information deleted, and CloudArmy will delete it without undue delay.
CloudArmy Data we receive or collect
When you first register for a CloudArmy account, and/or when you use the Services, we collect some Personal Information about you, when you explicitly give us this information, such as:
- your full name, username, and email address and other contact details
- a unique CloudArmy user ID (an alphanumeric string) which is assigned to you upon registration
- other optional information as part of your account profile
- other information submitted by you or your organizational representatives via various methods (phone, email, online forms, surveys, in-person meetings, etc)
- your billing address and any necessary other information to complete any financial transaction, and when making purchases through the Services, we may also collect your credit card or PayPal information
- user generated content (such as messages, posts/notes, comments, digital media, or communications exchanged on the Supported Platforms)
- information we may receive relating to communications you send us, such as queries or comments concerning our Services or Supported Platforms
CloudArmy also automatically collects and receives other information from your computer or mobile device, including the activities you perform on our Website, the Platforms, and the Applications, the type of hardware and software you are using (for example, your operating system or browser), and information obtained from cookies (see “Cookies and Related Technologies” below). For example, each time you visit the Website or otherwise use the Services, we automatically collect your IP address, browser and device type, access times, the web page from which you came, the regions from which you navigate the web page, and the web page(s) you access (as applicable).
How we use CloudArmy Data
CloudArmy uses CloudArmy Data for the following general purposes:
- to identify you when you login to your account
- to enable us to operate the Services and provide them to you
- to verify your transactions and for purchase confirmation, billing, security, and authentication (including security tokens for communication with configured Third-Party Platforms)
- to analyze the Website or the other Services and information about our visitors and users, including research into our user demographics and user behaviour in order to improve our content and Services
- to contact you about your account and provide customer service support, including responding to your comments and questions
- to share aggregate (non-identifiable) statistics about users of the Services to prospective partners
- to share aggregate (non-identifiable) statistics about users of the Services to our Customers and their users
- to keep you informed about the Services, features, surveys, newsletters, offers, contests and events we think you may find useful or which you have requested from us
- to sell or market CloudArmy products and services to you
- to better understand your needs and the needs of users in the aggregate, diagnose problems, analyze trends, improve the features and usability of the Services, and better understand and market to our customers and users
- to keep the Services safe and secure, and to prevent fraudulent use of the Services
- We also use non-identifiable information gathered for statistical purposes to keep track of the number of visits to the Services with a view to introducing improvements and improving usability of the Services. We may share this type of statistical data so that our partners also understand how often people use the Services, so that they, too, may provide you with an optimal experience.
Customer Content we process for our customers
CloudArmy is a consumer research platform. By its nature, Services enable our customers to design experiments and run studies which can be integrated with other Third-party Platforms, such as respondent recruiting services.
Our Services help our customers manage studies, define tests, recruit respondents, and analyze the results.
Cookies and related technologies
CloudArmy uses tracking technology (“cookies”) on the Website, in the Applications, and in the Platforms, which could include mobile application identifiers and a unique CloudArmy user ID to help us recognize you across different Services, to monitor usage and web traffic routing for the Services, and to customize and improve the Services. Our cookies will only collect your personal information should you unambiguously consent to their use. Cookies are small text files placed on your device when you visit a website, in order to track use of the site and to improve your user experience.
The Services use “session cookies,” which improve your user experience by storing certain information from your current visit on your device, such as log-in information. These enable us to remember your log-in session so you can move easily within the Website or the other Services. Without these session cookies, we wouldn’t be able to provide the Services to you. These session cookies have limited functionalities and expirations, and you will be required to re-enter your CloudArmy log-in information after a certain period of time has elapsed to protect you against others accidentally accessing your account contents and related Personal Information. Other examples of our use of session cookies include to track the number of visits by a particular visitor to a page and to store items in an online shopping cart.
Performance and Remarketing Cookies
- Google Analytics
- CloudArmy uses Google Analytics to track visitors to the Website anonymously
- Please see Google Privacy for more details.
- CloudArmy uses Facebook’s Social Integrations to allow users to share and ‘Like’ Website pages.
- After opting in to these features you may opt out at any time by visiting your Facebook ad settings while logged into Facebook.
CloudArmy may also use related technologies including web beacons, bugs, pixels, and software tokens in order to facilitate your use of the Services. Most notably, the Services use software tokens (stored securely on CloudArmy-controlled servers) in order to facilitate the logging in to and the functioning of both the Supported Platforms and Third-Party Platforms.
Most computer and some mobile web browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. The Network Advertising Initiative has also developed a tool that may help you understand which third parties have currently enabled cookies for your browser and opt-out of those cookies. Further information can be found at http://www.networkadvertising.org/managing/opt_out.asp. Please note however that, by blocking or deleting cookies, you will not be able to take full advantage of the Website, Applications, and Platforms. If you do not want to receive tracking pixels, you will need to disable HTML images in your email client, and that may affect your ability to view images in other emails that you receive.
When we may share Personal Information
- when you explicitly consent to the disclosure of such information to a third party when connecting to a third-party service that asks you if you consent to such sharing;
- where we are legally required to do so, such as in response to court orders or legal process, or to establish, protect, or exercise our legal rights or to defend against legal claims or demands;
- if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person;
- if we believe it is necessary to investigate, prevent, or take action regarding situations that involve abuse of the Services infrastructure or the Internet in general (such as voluminous spamming, denial of service attacks, or attempts to compromise the security of the Website infrastructure or the Services generally);
- to a parent company, subsidiaries, joint ventures, or other companies under common control with CloudArmy;
- if this information is not private, is aggregated or is otherwise non-Personal Information, such as your public user information.
Retention of Personal Information
CloudArmy only retains personal information for as long a necessary to provide you with the Services you are subscribed to. If we use personal information to make a decision that directly affects you, we will retain that personal information for at least one year so that you have a reasonable opportunity to request access to it. In addition we will retain personal information only as long as necessary to fulfill the identified purposes or a legal or business purpose.
We use industry best practices to keep any information collected and/or transmitted to the Supported Platforms or Third-Party Platforms secure. This includes the use of HTTPS with TLS (Transport Layer Security), which encrypts all transmitted data, and OAuth 2.0 protocols for authentication and data transfer to Supported Platforms and Third-Party Platforms.
Certain Personal Information, most notably CloudArmy log-in details, is encrypted during transmission using TLS. Passwords are only stored in the CloudArmy using a salted one-way hash and never as plain text. In addition, CloudArmy uses third-party vendors and hosting partners such as Amazon to provide the necessary hardware, software, networking, storage, and related technology required to run the Services. These vendors have been selected for their high standards of both physical and technological security, including ISO and SSAE16 certifications.
When payments are processed via credit card, CloudArmy uses third-party vendors that are PCI-DSS Compliant. At no point does CloudArmy have access to your credit card information.
You should bear in mind that submission of information over the Internet is never entirely secure. We cannot guarantee the security of information you submit via the Services while it is in transit over the Internet and any such submission is at your own risk, and this risk is specifically disclaimed in our Terms.
If you are a Logged-in User, it is advisable that you log out of your account at the end of every session and not leave a logged-in account unattended for any period of time, particularly if you use a shared computer or device.
Information storage and international transfers
CloudArmy Network Inc., the entity which provides the Services, is a Canadian company with its head-office located in British Columbia. For the purposes of EU data protection law, Canada is considered a country which provides adequate protections for Personal Information, as confirmed by the European Commission in Commission Decision 2002/2/EC.
The Services are mainly provided from our offices in Canada. However, by the very nature of the Services, the data that is viewed, collected, stored or posted on or through the Services also needs to flow from wherever you are located in the world, to where our Supported Platforms are storing the same data (i.e. in most cases, in the United States). Whenever such a transfer occurs CloudArmy uses appropriate safeguards to ensure that your data rights are protected. In addition, CloudArmy uses third-party service providers (such as managed hosting providers, card processors, CRM systems, sub-processors of Customer Content and technology partners) to provide the necessary hardware, software, networking, storage and other services that we use to operate the Services. These third party providers may process, or store, the same Customer Content on servers outside of the EEA, including in Canada or the US.
By using any of the Services, or submitting or collecting any Personal Information via the Services, you authorize CloudArmy and its authorized service partners to use and process Customer Content and CloudArmy Data (including any Personal Information) in these countries. Please be aware that the privacy protections and the rights of authorities and Government agencies to access your Personal Information in some of these countries may not be equivalent to those in your country.
For our customers with a principal location in the EU:
If you primarily use the Services within the EU, we will process Customer Content (which may include Personal Information) as a data processor on your behalf. Under EU law, you are considered to be the data controller of the Customer Content, and as such you are responsible for complying with applicable data protection laws in respect of the processing of Customer Content and the lawful instructions you give us.
To facilitate the lawful transfer by you of your Customer Content (as a data controller) through the Services to outside the EEA, CloudArmy is offering its EU customers a data processing agreement as an addendum to their existing CloudArmy agreement (“Data Processing Addendum”). This incorporates the European Commission’s Standard Contractual Clauses (processors) of 2010 (also known as “model processor clauses” or “SCC 2010”).
Please note that the Data Processing Addendum only applies to the extent there is not another legal basis in place to validate the transfer of Personal Information to outside the EEA.
The Data Processing Addendum and some FAQs are available to all of our Customers. If you would like to incorporate the Data Processing Addendum into your existing agreement with CloudArmy, please email us and we will promptly send you CloudArmy’s Data Processing Addendum for you to complete, sign and return to us.
If you have any questions, please feel free to contact us.
After opting in you may opt out of marketing communications sent by CloudArmy by managing your email preferences by following the unsubscribe instructions included in each marketing email.
You can contact us to obtain a copy of the Personal Information held about you by us. This may be subject to a fee not exceeding any prescribed fee permitted by applicable law. You can also ask us to correct and, where relevant, erase that information. Please note that certain Personal Information may need to be retained by CloudArmy for a period of time following cancellation of your account where this is necessary for our legitimate business purposes or required or authorized by applicable law. As mentioned above you have a right to change your email preferences at any time.
You should be aware that CloudArmy acts as a conduit between our users and the various Supported Platforms and Third-Party Platforms. In several instances, the content published via CloudArmy will not be in CloudArmy’s custody or control, and any content that has been shared by you through any Supported Platform or Third-Party Platforms via the Services may continue to be available to third parties and the public at large, as this content is now under the control of the operators of the Supported Platforms and/or the Third-Party Platforms.
CloudArmy Legal Services
c/o Cloud Army Network Inc..
PO Box 2271,
Abbotsford Station A,
Abbotsford, British Columbia,
© CloudArmy Network Inc. 2017