Privacy Policy

Last updated on May 17, 2018

Bulb Software Ltd. (“we”, “us”, or “our”) has created this privacy policy (“Policy”) to inform you (“you” or “your”) of when and how information is collected, used, disclosed and protected when you use our services (“Service”). By using the Service, accessing our websites, or accessing our mobile applications, you consent to the privacy practices described in this Policy. You acknowledge that this Policy is to be read in conjunction with our Terms of Service available at https://www.bulbthings.com/terms-and-conditions and that by accessing and using our websites, our apps, or Service, you agree to be bound by the Terms of Service as well as this Policy.

We reserve the right to update and change this Policy from time to time and will provide notice to you by changing the “last updated” date above. All changes are prospective only. It is your obligation to be familiar with the most current version of the Policy. Continued use of the Service after any such changes shall constitute your acknowledgment of and consent to such changes. You can review the most current version of the Policy at any time at https://www.bulbthings.com/privacy-policy.

If you are using the Service on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind that company or other legal entity to this Policy, in such event, “You” will refer and apply to that company or other legal entity.

INFORMATION GATHERING

We collect, use and disclose two types of information: Personal Information and Non-Personal Information.

  1. “Personal Information” is information that is directly associated with a specific person or entity, including but not limited to, names, email addresses, usernames, passwords, and payment information.
  2. “Non-Personal Information” is information we collect or compile that by itself cannot be directly associated with a specific person or entity.
  3. We may further compile “Non-Personal Information” into “Aggregate Data”. This Policy in no way restricts or limits our collection and use of Non-Personal Information and Aggregate Data, and we may share Non-Personal Information and Aggregate Data that we collect or compile with third parties for various purposes, including to help us better understand our customer needs and improve our Service, and for advertising and marketing purposes.
  4. We automatically receive certain types of information when you interact with our Service. That information includes your computer’s IP address, access times, your browser type and language, and referring website addresses. We may also collect information about the type of operating system you use, your account activity, and files or pages accessed or used by you.
  5. You reserve the right to ask us what personal data is being processed and the rationale for such processing if that should ever be unclear.
  6. While using our Service, you will have access to all data within your account. You reserve the right to access this data and/or request copies of this data.
  7. While using our Service, you’ll be able to update all personally identifiable information to maintain accuracy.
  8. You maintain the right to withdraw consent to manual or automated data processing when previous consent has been given. This could include all future processing or processing during a specific timeframe. This could include removal of data from an account or a request to remove an email from a specific mailing list.
  9. You reserve the right to erasure and data portability. You will have the ability to export data in your account and keep for yourself or import into another system. After Service cancellation, data will not be retained on our servers if requested in writing. In addition, you can delete any type of personally identifiable information within your account or request to be removed from any type of customer communication at any time.

COOKIE POLICY

Like many websites, we use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard drive for record-keeping purposes. Most web browsers automatically accept cookies as the default setting. For example, we use cookies to enable you to use the Service without re-entering your username and password.

We have also included information about cookies set by third parties. Given that these relate to third party services, we cannot guarantee the completeness or accuracy of the list, but we can say that we have done our best to ensure the list is as accurate as possible at the time this policy was prepared. Nevertheless, we strongly recommend that you consult the third party websites listed in the cookie descriptions to find out more about the third party cookies in question.

Cookies

Cookie

Description

Source

Learn more

auth.token

Used to keep a user signed in without having to enter his password again when loading the application

BulbThings

https://www.bulbthings.com/privacy-policy

auth.user

Contains information on the user currently signed in

BulbThings

https://www.bulbthings.com/privacy-policy

user.lang

Contains the user's locale setting to provide a translated application and correct display of country-specific values such as currencies

BulbThings

https://www.bulbthings.com/privacy-policy

mp_0ecbcfb85e872de451ee3e744a119d09_mixpanel

Cookie set by Mixpanel, a tracking and analytics service we use to measure and understand how users are using the application

https://mixpanel.com/

https://mixpanel.com/legal/privacy-policy/

chatlio_at--749e3167-8761-42bd-46ba-0c7f303f144b

Cookie set by Chatlio, a service we use to provide an in-app chat service to assist users using direct messages

https://chatlio.com/

https://chatlio.com/legal/privacy-policy/

chatlio_rt--749e3167-8761-42bd-46ba-0c7f303f144b

Cookie set by Chatlio, a service we use to provide an in-app chat service to assist users using direct messages

https://chatlio.com/

https://chatlio.com/legal/privacy-policy/

chatlio_uuid--749e3167-8761-42bd-46ba-0c7f303f144b

Cookie set by Chatlio, a service we use to provide an in-app chat service to assist users using direct messages

https://chatlio.com/

https://chatlio.com/legal/privacy-policy/

__stripe_sid

Cookie set by Stripe, a payment service we use to process any payment made through application

https://stripe.com/

https://stripe.com/gb/privacy

__stripe_mid

Cookie set by Stripe, a payment service we use to process any payment made through application

https://stripe.com/

https://stripe.com/gb/privacy

io

Cookie set by socket.io, a service we use to provide real-time notification inside the application

https://socket.io/

https://socket.io/

USE OF PERSONAL INFORMATION

We use collected information about you to process your requests or billing transactions, to provide you with information or services you request, to inform you about other information, events, promotions, products, or services we think will be of interest to you, and to support and facilitate your usage of the Service.

INFORMATION SHARING AND DISCLOSURE

We will not give, sell, rent, share, or trade any of your Personal Information or any data that you store using our Service to any third party except i) with your explicit consent or ii) as outlined in this Policy. We reserve the right to share Non-Personal Information and Aggregate Data as described in this Policy.

We may share Personal Information with third party service and technology providers to facilitate the operation of the Service, to perform related services (e.g., without limitation, maintenance services, web analytics and improvement of the Service’s features, or to process credit card payments), or to assist us in analyzing how our Service is used.

We may disclose Personal Information to a third party to comply with a court order, subpoena, search warrant, or other legal processes; to comply with legal, regulatory, or administrative requirements of any governmental authorities; to protect and defend us, our affiliates, and our officers, directors, employees, attorneys, agents, contractors, and partners, in connection with any legal action, claim, or dispute; to enforce the Terms of Service; to prevent imminent physical harm; and in the event that we find that your actions violate any laws, our Terms of Service, or any of our usage guidelines for specific products or services..

We may share Personal Information in connection with an acquisition, merger, consolidation or sale of all or a portion of our business, with or to another company. In any such event, you will receive notice if your data is transferred and becomes subject to a substantially different privacy policy.

USE OF PERSONAL INFORMATION

We use collected information about you to process your requests or billing transactions, to provide you with information or services you request, to inform you about other information, events, promotions, products, or services we think will be of interest to you, and to support and facilitate your usage of the Service.

We also use collected information to track engagement in key product areas in an effort to continually improve the user experience. As mentioned above, you reserve the right to remove yourself from that type of tracking.

INFORMATION SHARING AND DISCLOSURE

We will not give, sell, rent, share, or trade any of your Personal Information or any data that you store using our Service to any third party except i) with your explicit consent or ii) as outlined in this Policy. We reserve the right to share Non-Personal Information and Aggregate Data as described in this Policy.

We may share Personal Information with third party service and technology providers to facilitate the operation of the Service, to perform related services (e.g., without limitation, maintenance services, database management, web analytics and improvement of the Service’s features, or to process credit card payments), or to assist us in analyzing how our Service is used.

We may disclose Personal Information to a third party to comply with a court order, subpoena, search warrant, or other legal processes; to comply with legal, regulatory, or administrative requirements of any governmental authorities; to protect and defend us, our subsidiaries and our affiliates, and our officers, directors, employees, attorneys, agents, contractors, and partners, in connection with any legal action, claim, or dispute; to enforce the Terms of Service; to prevent imminent physical harm; and in the event that we find that your actions violate any laws, our Terms of Service, or any of our usage guidelines for specific products or services.

We may share Personal Information in connection with an acquisition, merger, consolidation or sale of all or a portion of our business, with or to another company. In any such event, you will receive notice if your data is transferred and becomes subject to a substantially different privacy policy.

MODIFYING YOUR PERSONAL INFORMATION

If you are a registered user of our Service, you may review, update, correct or delete your personal information by logging into the Service and editing your profile.

SECURITY

We are very concerned with safeguarding your information. We take reasonable steps to protect the information we collect from you to prevent loss, misuse and unauthorized access, disclosure, alteration, and destruction. Highly confidential personal information such as credit card data is protected with encryption using Secured Socket Layer (SSL) technology during transmission over the Internet. But, remember that no method of transmission over the Internet or method of electronic storage is 100% secure.

Your account information and access to our Service is accessible only through the use of an individual username and password. You should keep your password confidential and do not disclose it to any other person. Please note that we will never ask you to disclose your password in an unsolicited phone call or email. You are responsible for all activities which are conducted using your account or password.

All data in the Service is stored and processed through third party subprocessor Google Cloud Platform (GCP). GCP has multiple processing centers all around the world but BulbThings is only using the Belgium processing center. You can learn more about Google’s privacy and security processes here: https://cloud.google.com/security/privacy/

BREACH PROTOCOL

In the case of a data breach, we will notify affected users – without undue delay and where feasible – within 72 business hours. The notification will include the nature of the breach, likely consequences, a detail action plan and a main technical point of contact at Bulb Software Ltd.

EUROPEAN UNION GENERAL DATA PROTECTION REGULATION (GDPR)

As a data controller, we have updated our Service and processes as required by GDPR, including giving data subjects in the European Union the following rights

  • Right of access
  • Right to rectification
  • Right to erasure
  • Right to restriction of processing
  • Right to object
  • Right to data portability

Please see below for more details about the GDPR compliance of our data subprocessor, Google Cloud Platform.

If you require measures beyond our Privacy Policy, please access our Data Processing Agreement (DPA) here.

Google Cloud Platform

As mentioned above, all data in the Service is stored and processed through third party subprocessor Google Cloud Platform (GCP), with processing in Belgium. GCP security and compliance experts confirm that GCP has in place effective technical and organizational measures for data processors to secure personal data in accordance with the GDPR (https://cloud.google.com/security/gdpr/).

QUESTIONS

If you have any questions about this Privacy Policy, please contact us at hello@bulbthings.com.