Effective: Aug 1, 2022
Y Meadows is committed to protecting your privacy. In order to provide our services and to provide a personalized experience, we need to collect certain information from you. This Privacy Notice explains when and why we collect Personal Information about you as well as the types of Personal Information we may collect when you interact with us. It also explains how we’ll look after your data and keep it safe. If you have any questions, please contact us at privacy@YMeadows.com.
Depending on our relationship with you, we require different types of Personal Information in order to deliver our services to you. Here are some definitions of the type of relationships we may have with you:
You might provide us with your contact information, whether through use of our services, a form on our website, an interaction with our sales or support team, or as a user of one of our apps. We always keep our requests for contact information to a minimum.
When you sign into our apps, attend our events, or create an application with us, you may be asked to provide us with information about yourself and to give us more detailed insights into who you are.
We collect usage information whenever you interact with our websites or solutions. This includes which webpages you visit, what you click on, when you perform those actions, what language preference you have, and so on.
We collect information from the device and application you use to access our services. This data mainly refers to your IP address, operating system version, device type, system and performance information, and browser type.
We use third party tracking services that employ cookies to collect data about visitors to our websites. This data includes usage and user statistics. Emails sent by Y Meadows or by users through our services include page tags that allow the sender to collect information about who opened those emails and clicked on links within them. We provide more information on cookies in our Cookies Policy.
Like most websites today, our web servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses, internet service providers, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system versions, device type, and timestamps.
If you arrive at an Y Meadows website from an external source (such as a link on another website or in an email), we record information about the source that referred you.
We collect your Personal Information or data from third parties if you give permission to those third parties to share your information with us (e.g. LinkedIn for authentication).
If you are an Owner, we will also collect:
We require information about your company and role as part of the account information.
If you make a payment to Y Meadows, we require you to provide your billing details, a name, address, email address, and financial information corresponding to your selected method of payment.
If you are a User of our own applications, we will collect:
We store your application data (responses) for you and provide ways to analyze and understand this information.
Here are some ways we secure your data:
We have in place an information security management system, including security processes and policies to prevent loss of personal information.
We encrypt Personal Information data at rest where possible.
We use encrypted https links between our web server and your browser.
We monitor and check our data security systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.
At times, we need to share your Personal Information with trusted third parties. We only provide what they need and they cannot use your data for anything other than their stated purposes. Your data is deleted or rendered anonymous if we stop working with them.
We use companies who will process and store your Personal Information as part of their contract or terms and conditions with us, including Google Analytics, Google Suite, and Google Cloud Platform.
We will never sell or trade your contact details with any third parties. There are some instances when we may have to share your information based on our legal obligations.
You retain the right to request us to refrain from processing your Personal Information for the purposes of marketing. To exercise such right, you may unsubscribe using the link in an email we send to you or you can exercise this same right by contacting us electronically via email at privacy@YMeadows.com.
We are required to maintain your Personal Information accurately. If you believe any of the Personal Information that we process is inaccurate, you are entitled to contact us to correct any inaccuracies at privacy@YMeadows.com. When we agree that the Personal Information held by us is inaccurate, we will correct such inaccuracies without undue delay.
We will not be responsible for correcting inaccuracies in third party Personal Information unless you have informed us of such inaccuracies, in which case we will provide you with reasonable assistance in complying with your obligations as data controller under the applicable Data Protection Laws in relation to any inaccurate third party data.
Right to be forgotten – if we no longer have a legal basis to process your Personal Information or if the legal basis that we are relying on is consent and you subsequently withdraw your consent, then we will stop processing your Personal Information.
You are responsible for ensuring that any third party request to be forgotten is applied to any third party Personal Information that you send to us. We will provide you with reasonable assistance in complying with your obligations as data controller under the applicable Data Protection Laws in relation to any third party requests to be forgotten.
You may at any time contact us to review the Personal Information we hold about you. You may exercise this right by contacting us at privacy@YMeadows.com.
We are providing this supplemental privacy notice to consumers in California, pursuant to the California Consumer Privacy Act of 2018 (the “CCPA”).
California Privacy Rights. If you are a California resident, you have the following rights:
Access: You can request a copy of the personal information that we maintain about you.\
Deletion: You can ask to delete the personal information that we have collected from you.
Opt-out of sale of your Personal Data: We do not sell Personal Data.
Please note that the CCPA limits these rights by, for example, prohibiting businesses from providing certain sensitive information in response to an access request and limiting the circumstances in which they must comply with a deletion request.
You are entitled to exercise the rights described above free from discrimination.
Exercising your rights. To exercise these rights, you can submit requests as follows:
To request access to or deletion of Personal Data collected via your use of the Services, please email us at firstname.lastname@example.org.
If you are a resident of the European Economic Area, the United Kingdom, or Switzerland (collectively, “Europe”), you may have additional rights under the General Data Protection Regulation (the “GDPR”) or other European data protection legislation.
Controller and European Representatives. Y Meadows, Inc. will be the controller of your Personal Data processed in connection with the Services.
As noted elsewhere in this policy you can contact us at: email@example.com
The “How We Use Personal Data” section above explains how we use your Personal Data. We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others but will depend on the type of Personal Data and the specific context in which we process it. However, the legal bases we typically rely on for each category of processing activity are set out below.
Processing is necessary to perform our contract, or to take steps that you request prior to engaging our Services. Where we cannot process your Personal Data as required to operate the Services on the grounds of contractual necessity, we process your personal information for this purpose based on our legitimate interest in providing you with the products or Services you access and request.
Research and development: These activities constitute our legitimate interests.
Processing is based on your consent where that consent is required by applicable law. Where such consent is not required by applicable law, we process your personal information for these purposes based on our legitimate interests in promoting our business.
From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
We process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, you have the right to withdraw it any time in the manner indicated at the time you give consent or in as listed in our Services.
To determine the appropriate retention period for your Personal Data, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.
You have certain rights with respect to your Personal Data, including:
You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by logging into your account.
If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by logging into your account.
You can request that we erase some or all of your Personal Data from our systems.
Withdrawal of consent. If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
Objection. You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
You can ask us to restrict further processing of your Personal Data.
Right to file a complaint. You have the right to lodge a complaint about our practices with respect to your Personal Data with the supervisory authority of your country or European Economic Area Member State.
To provide the Services, we will process your Personal Data in the United States, where Y Meadows is based. If such processing involves the transfer of Personal Data to the U.S. in a manner governed by European data protection law, the transfer will be performed pursuant to the applicable requirements of the law, such as standard contractual clauses, the individual’s consent, or other circumstances permitted by European data protection law.
For site security purposes and to ensure that this service remains available to all users, this computer system employs software programs to monitor network traffic to identify unauthorized attempts to upload or change information, or otherwise cause damage. Unauthorized attempts to upload information or change information on this service are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act.