Nifty Privacy Policy

Effective Date: May 25, 2019

This Privacy Policy describes Nifty Technology, Inc.'s practices regarding the collection, use and disclosure of the information we collect from and about you when you use Nifty's web, mobile and desktop based applications as well as the Nifty websites (including niftypm.com, nifty.pm, blog.niftypm.com) that link to this Privacy Policy.

If you do not agree to these terms you must leave our website and applications immediately.

THE INFORMATION WE COLLECT

We fully respect your right to privacy in relation to your interactions with the Service and endeavor to be transparent in our dealings with you as to what information we will collect and how we will use your information. Also, we only collect and use individual's information where we are legally entitled to do so. Information in relation to Personal Data collected by Irish entities is available on www.dataprotection.ie, the website of the Irish Data Protection Commissioner ("DPC").

When you sign up for Nifty, we ask for your first and last name, company name, and email address. If you subscribe to one of Nifty's plans of services, we collect billing and credit card information in order to complete the purchase transaction. When you are on Nifty, we log additional information like browser used, your latency to remote VM, your plan information, integration used, local, performance numbers etc. When you log into the Service, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type and settings, browser language, the address of the web page visited before using the Service, the date and time the Service was used, information about browser configuration and plugins, language preferences and one or more cookies that may uniquely identify your browser. When you send email or other communication to Nifty (other than in respect of personal data included in support requests), we may retain those communications in order to process your inquiries, respond to your requests and improve our Service (any Personal Data that we collect from you for these purposes is hereinafter referred to together as "Your Data"). Nifty is a Data Controller (as defined in Data Protection Legislation) in respect of the Your Data. The legal basis upon which we process Your Data is our legitimate interest to provide the Service to you.

Your Data is separate from and should be distinguished from User Uploaded Data. "User Uploaded Data" is data (which may include Personal Data) uploaded by you or others through Your Account, and may be any information, data or materials provided or utilized by you or others in connection with the Service, including, without limitation, user credentials, and any data contained in your or others' websites, applications or in tests created by you or a party authorized by you in connection with the Service, and/or any personal data provided by you during a support request, and/or actual tests you run, their text logs, video logs etc. Nifty is a Data Processor (as defined in Data Protection Legislation) in respect of the User Uploaded Data.

We'll never sell your personal info to third parties, and we won't use your name or company in marketing statements without your permission.

We will not use any data or APIs from Google Workspace integrations to develop, improve, or traing generalized AI and/or ML models.

If you are aged 18 or under, please get your parent/guardian's permission before you provide Your Data to us.

USE OF YOUR INFORMATION

We use your information (including any information that we collect, as described in this Privacy Policy) for various purposes depending on the types of information we have collected from and about you and the specific Nifty products you use, including to:

  • Complete a purchase transaction or provide the services you have requested
  • Respond to your request for information and provide you with better customer service
  • Provide you with product updates and information about products you have purchased from us
  • Provide you with notifications via email and push notifications within and through the Nifty product based on your notification selections
  • Analyze and resolve app crashes and other bugs and issues
  • To provide and improve our services.
  • To communicate with users about their accounts and provide customer support
  • To send marketing communications, where consent has been obtained.
  • To comply with legal obligations.

If we wish to use Your Data in any other way, we will ensure that we notify you and get your consent first. You will be given the opportunity to withhold or withdraw your consent for the use of Your Data for purposes other than those listed in this Privacy Policy.

PRIVACY DATA OFFICER

Our Data Privacy Officer (DPO) is responsible for overseeing questions related to this Privacy Policy. If you have any questions or concerns about our data practices, please contact our DPO:

Name: Joyti Balaggan
Email: joy@niftypm.com

ANALYTICS & TRACKING

We use third-party analytics services such as Google Analytics and/or MixPanel within our products and services to collect and analyze the information discussed above.
If you receive emails from us, we may use certain analytical tools, eg. CampaignMonitor, Intercom etc. to capture data such as when you open our messages or click on any links our email contains.

SHARING OF YOUR INFORMATION

Nifty will not share Your Data without your consent or unless required by law (except as set out in this Privacy Policy). By the nature of our Service, Nifty will gather statistics about the usage of your website and store that information. Nifty will not share your website statistics without your consent. If Nifty becomes involved in a merger, acquisition, or any form of sale of some of all of its assets, we will provide notice before Your Data is transferred to any third party.

Nifty will share your information in the following ways:

  • Outside Service Providers. We may provide access to or share your information with select third parties who perform services on our behalf. These third parties provide a variety of services to us, including without limitation billing, sales, marketing, provision of content and features, advertising, analytics, research, customer service, data storage, security, fraud prevention, payment processing, and legal services.
  • Google API. Nifty's use of information received, and Nifty's transfer of information to any other app from Google APIs will adhere to Google's Limited Use Requirements.
  • Third-Party Integrations. When you initiate a connection with a third-party integration through the Services (e.g., Google Drive, Dropbox, Slack), we will share information about you that is required to enable your use of the third-party integration through the Services.
  • Transfer of Ownership. Although we don't intend to sell, in case the ownership of any or all of our business changes, we may transfer your information to the new owner so that the Services can continue to operate. If such transfer is subject to additional legal restrictions under applicable laws, Nifty will comply with such restrictions.

Obtaining consent: We obtain consent from users before collecting and processing their personal data. Consent is obtained through clear affirmative action, such as ticking a checkbox or selecting an option within our services.

Modifying Consent: Users can modify their consent preferences at any time by accessing their account settings or by contacting our Data Privacy Officer.

Revoking Consent: Users can revoke their consent at any time by contacting our Data Privacy Officer. Revoking consent will not affect the lawfulness of processing based on consent before its withdrawal.

DATA BREACH REPORTING PROCESS

In the event of a data breach that affects personal data, we will:

  • Notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of the breach, unless the breach is unlikely to result in a risk to the rights and freedoms of individuals.
  • Inform affected data subjects without undue delay if the breach is likely to result in a high risk to their rights and freedoms.
  • Provide information about the nature of the breach, the likely consequences, and the measures taken or proposed to address the breach and mitigate its effects.

The Services contain links to third-party websites and may also contain third-party integrations. If you choose to use these sites or integrations, you may disclose your information not just to those third-parties, but also to their users and the public more generally depending on how their services function. Because these third-party websites and services are not operated by Nifty, Nifty is not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your personal and other information will be subject to the privacy policies of the third party websites or services, and not this Policy. We urge you to read the privacy and security policies of these third-parties.

DATA DELETION

When you cancel your account, we'll ensure that nothing is stored on our servers past 30 days. Anything you delete on your account while it's active will also be purged within 30 days (up until then it may be available in the trash can).

DATA ENCRYPTION

All data is encrypted via SSL/TLS when transmitted from our servers to your browser.

CHANGES TO OUR PRIVACY POLICY

We reserve the right to amend this Policy at any time to reflect changes in the law, our data collection and use practices and the features of our Services.

PROTECTING YOUR INFORMATION

Nifty takes technical and non-technical measures to protect your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. We restrict access to Your Data to employees, contractors and agents who need to know such Your Data in order to operate, develop or improve the services that we provide. However, no method of transmission over the Internet, and no means of electronic or physical storage, is absolutely secure, and therefore we cannot ensure or warrant the security of that information.

Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access. To the extent permitted by law, we are not responsible for any delays, delivery failures, or any other loss or damage resulting from (i) the transfer of data over communications networks and facilities, including the internet, or (ii) any delay or delivery failure on the part of any other service provider not contracted by us, and you acknowledge that the Service may be subject to limitations, delays and other problems inherent in the use of such communications facilities. You will appreciate that we cannot guarantee the absolute prevention of cyber-attacks such as hacking, spyware and viruses. Accordingly, you will not hold us liable for any unauthorized disclosure, loss or destruction of Your Data arising from such risks.

DATA SUBJECT RIGHTS POLICY

Nifty ("we," "us," or "our") is committed to protecting the privacy and personal data of individuals in accordance with the General Data Protection Regulation (GDPR). This policy outlines the rights of data subjects and how they can exercise these rights.

1. Right to Access

Data subjects have the right to access their personal data held by us. This includes:

  • Confirmation of whether personal data is being processed.
  • Access to the personal data.
  • Information about the processing, including the purposes, categories of data, recipients, retention periods, and the rights of the data subject.

How to Exercise This Right: To request access to your personal data, please contact our Data Privacy Officer (DPO) using the contact details provided in Section 8.

2. Right to Rectification

Data subjects have the right to request the rectification of inaccurate or incomplete personal data.

How to Exercise This Right: To request rectification of your personal data, please contact our DPO with details of the inaccuracies and the correct information.

3. Right to Erasure (Right to be Forgotten)

Data subjects have the right to request the deletion of their personal data under certain circumstances, including:

  • The data is no longer necessary for the purposes for which it was collected.
  • The data subject withdraws consent, and no other legal basis for processing exists.
  • The data subject objects to the processing, and there are no overriding legitimate grounds.
  • The data was processed unlawfully.
  • The data must be erased to comply with a legal obligation.

How to Exercise This Right: To request the erasure of your personal data, please contact our DPO with the relevant details and reasons for the request.

4. Right to Restriction of Processing

Data subjects have the right to request the restriction of processing under certain circumstances, including:

  • The accuracy of the data is contested by the data subject, pending verification.
  • The processing is unlawful, and the data subject opposes erasure and requests restriction instead.
  • The data is no longer needed by us, but the data subject requires it for legal claims.
  • The data subject has objected to the processing, pending verification of legitimate grounds.

How to Exercise This Right: To request the restriction of processing, please contact our DPO with the relevant details and reasons for the request.

5. Right to Data Portability

Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format, and to transmit the data to another controller, where technically feasible.

How to Exercise This Right: To request data portability, please contact our DPO with the relevant details of the data you wish to transfer.

6. Right to Object

Data subjects have the right to object to the processing of their personal data based on legitimate interests or for direct marketing purposes.

How to Exercise This Right: To object to the processing of your personal data, please contact our DPO with the relevant details and reasons for the objection.

7. Right to Withdraw Consent

Data subjects have the right to withdraw their consent at any time, where processing is based on consent.

How to Exercise This Right: To withdraw your consent, please contact our DPO with the relevant details. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.

8. Response Time

We will respond to all requests related to data subject rights within one month. If an extension is necessary, we will inform the data subject within one month of receiving the request and explain the reason for the delay.

9. Complaints

If you are not satisfied with our response to your request, you have the right to lodge a complaint with a supervisory authority.

QUESTIONS

Nifty is located at 315 W 36th St, New York, NY 10018. If you wish to contact us or have any questions about this Privacy Policy, please contact us at team@niftypm.com.