Privacy Statement

Last Updated: December 27, 2017

OpenWater is an online submission and review platform that strives to provide the easiest way for you to collect information over the internet. OpenWater is used by people who are interested in creating forms to collect information or perform a variety of other tasks related to review (“Program Managers”), and by people who fill out these forms (“Submitters”).

This privacy statement describes privacy practices which are specific to OpenWater.  OpenWater complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  OpenWater has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, please visit https://www.privacyshield.gov/

This privacy statement is split into three sections, one for Program Managers, another for Submitters, and a final policy that covers all users.

Privacy for Program Managers

1. What information does OpenWater collect?

Registration Information
We need your basic contact information (First Name, Last Name, Email address) to allow you to administer your forms and data in the OpenWater platform.

Form Data
We store your form data (form content, responses, scores) for you.

2. How does OpenWater use the information we collect?

We use the information we collect in accordance to our general privacy policy section of this document.  We would like to emphasize that we will not use your data to compete with you, market to your clients, or contact them for any means of profit.  We will not sell data your Submitters enter into our system.

3. With whom do we share or disclose your information?

We disclose information we collect in accordance to our general privacy policy section of this document.

4. What are your rights to your data?

You can:

• Update your account data immediately through the platform
• Download / backup your data via Excel / CSV exports
• Delete your data
• Cancel your account (resulting in deletion of all of your data).  Please be aware that OpenWater may retain your data for some residual time not to exceed 12 months in accordance with our backup procedures.  This document describes your right to cancel your account at any time with regards to privacy, any outstanding fees due are to be calculated under our master services agreement.

5. Security, cookies and other important information.

• Each Program Manager is assigned a unique username and password which is required to access their OpenWater account. It is each Program Manager’s responsibility to protect the security of his or her login information. Regardless of the security protections and precautions we undertake, there is always a risk that your personal data may be viewed and used by unauthorized third parties as a result of collecting and transmitting your data over the internet.
•  See our general policies below.
• Changes to Privacy Statement.  Archived copies of our privacy statements are available by contacting info@getopenwater.com, we will notify all program managers of any changes to our policy via getopenwater.com/privacy-policy
• Online Tracking. We will do our best to process or comply with web browser’s do not track signal or other similar mechanism that indicates a request to disable online tracking of individual users who visit our services, despite possible issues due to lack of harmonised standards in such signals.

Privacy for Submitters

1. What information does OpenWater collect?

Responses to Forms
We collect and store the responses that you submit to forms. Program Managers are responsible for this data and manage it. A form may ask you to provide personal information or data. If you have any questions about a form you are completing, please contact the Program Manager who created the form directly as OpenWater is not responsible for the content of that form. The creator of the form is usually the same person that invited you to complete the form and sometimes they have their own privacy policy. OpenWater is not liable for any actions or inactions a Program Manager takes with respect to any data or information that they may collect from a Submitter.

2. How does OpenWater use the information we collect?

See our general policy below for further detail, but we want to emphasize we do not share or sell your data, the primary purpose of collecting it is to be able to contact you to ensure a successful submission process.

3. With whom do we share or disclose your information?

See your general privacy policy below for further detail, but we want to emphasize we do not share or disclose your information to any third party for marketing or profit motives.  The primary use of your data is for operations of our system.

4. What are your rights to your data?

Contact the relevant Program Manager to access your responses. Because we collect submission responses on behalf of Program Managers, you will need to contact the Program Manager if you have any questions about the form, or if you want to access, update, or delete anything in your responses. We provide Program Manager with tools to maintain the responses they collect through their forms. OpenWater cannot provide you with this access since form responses are the Program Manager’s private information.

5. Security, cookies and other important information.

• Each Program Manager is assigned a unique username and password which is required to access their OpenWater account. It is each Program Manager’s responsibility to protect the security of his or her login information. Regardless of the security protections and precautions we undertake, there is always a risk that your personal data may be viewed and used by unauthorized third parties as a result of collecting and transmitting your data over the internet.
•  See our general policies below.
• Changes to Privacy Statement.  Archived copies of our privacy statements are available by contacting info@getopenwater.com, we will notify all program managers of any changes to our policy via getopenwater.com/privacy-policy
• Online Tracking.  We do not process or comply with any web browser’s do not track signal or other similar mechanism that indicates a request to disable online tracking of individual users who visit our services.

General Privacy Policy for all Users

1. ACCEPTANCE

We have created this Privacy Policy (the “Policy”) because we value your privacy. The Policy describes the types of information we may collect from you, or that you may provide, when you visit a website powered on the OpenWater platform (our “Site”), as well as how we collect, maintain, use, protect and disclose your information. This Policy covers the information we collect on or through our Site, or when you contact us for any reason. It does not apply to information collected by any third party, including through any external website that may link to or be accessible from the Site. Our clients license our software to allow us to collect data on their behalf, we do not share or sell your data to any third parties. Please check directly with client who uses OpenWater to avoid unfair surprises and misunderstandings.

Your use of this Site constitutes your acceptance of this Privacy Policy. If you do not agree with this Privacy Policy you may not use our Site. This Policy may change from time to time, and the date of last update is indicated at the top of this page. Your continued use of this Site after we revise this Policy is deemed to be acceptance of the revisions, so please check this page from time to time for updates.

2. PRIVACY SHIELD

OpenWater complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  OpenWater has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, please visit https://www.privacyshield.gov/

3. DEFINITIONS

For purposes of this Policy, the following definitions shall apply:

“We,” “us” or “our” means VOFFICEWARE DBA OpenWater its successors, subsidiaries and divisions.

“Personal information” means any information or set of information that identifies or is used by or on behalf of us to identify an individual. Personal information does not include information that is encoded or anonymized, or publicly available information that has not been combined with non-public personal information.

“Sensitive personal information” means personal information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns health or sex life. In addition, we will treat as sensitive personal information any information received from a third party where that third party treats and identifies the information as sensitive.

4. PRIVACY PRINCIPLES

Consistent with our commitment to protect personal privacy, we adhere to the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (hereinafter “Privacy Shield Principles”).  The privacy principles in this Policy are based on the Privacy Shield Principles.

Notice: Where we collect personal information directly from individuals in the EU and Switzerland, we will inform them about the purposes for which this information is collected and used. Notice will be provided in clear and conspicuous language when individuals are first asked to provide personal information to us, or as soon as practicable thereafter, and in any event before we use or disclose the information for a purpose other than that for which it was originally collected.

OpenWater does not disclose individuals’ personal information to third parties or use individuals’ personal information for purposes materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individual. In the event that we modify this practice and disclose personal information to third parties or use personal information for purposes materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individual, we will update this Privacy Statement to (a) identify the circumstances under which we disclose data to third parties, and (b) illustrate when and how we offer individuals the choice to opt-out of such disclosure.

 

Data Integrity: We will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. We will take reasonable steps to ensure that personal information is relevant to its intended use, accurate, complete, and current. We will only collect and store personal information that is relevant to fulfill the purpose of the request and will retain such information no longer than appropriate to fulfill the purpose of the request.

 

Onward Transfer: OpenWater does not transfer personal information to third parties. Therefore, the Privacy Shield provision regarding liability for the actions of agent processors does not apply. In the event that OpenWater modifies this policy and transfers personal information to third party agent processors, OpenWater will be subject to the Privacy Shield provision regarding liability for the actions of agent processors.

Access: We acknowledge the right of EU and Swiss individuals to access their personal data. Upon request, we will grant individuals reasonable access to their personal information that we hold. We will also take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete.  Please send an e-mail to contact@getopenwater.com to request access to, correct or delete any personal information that you have provided to us. We reserve the right to refuse a request if we believe it would violate any law or cause the information to be incorrect. Please also note that if you are a submitter, any access requests we receive will be forwarded to the appropriate Program Manager who controls your data.

Security: We will take reasonable precautions to protect personal information in our possession from loss, misuse and unauthorized access, disclosure, alteration and destruction. Personal information you provide to us is stored on a password protected server accessible only by administrator. We adhere to generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. However, we cannot guarantee the security of your personal information transmitted to our Site because any transmission of information over the Internet has its inherent risks. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Site. You are responsible for keeping your login credentials, if any, confidential.

Enforcement: We will conduct periodic compliance reviews of our privacy practices to verify adherence to this Policy. Any employee that we determine intentionally violates this policy will be subject to disciplinary action, including termination of employment. Any questions or concerns regarding the use or disclosure of your personal information should be directed to contact@getopenwater.com.

Dispute Resolution: In compliance with the Privacy Shield Principles, OpenWater commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Kunal Johar of OpenWater at kjohar@getopenwater.com.

OpenWater has further committed to refer unresolved Privacy Shield complaints to the Council of Better Business Bureaus (CBBB), an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.bbb.org/EU-privacy-shield/for-eu-consumers  for more information or to file a complaint.  The services of the CBBB are provided at no cost to you.

Finally as a last resort and under limited circumstances EU and Swiss individuals with residual complaints may invoke a binding arbitration option before the Privacy Shield Panel. EU and Swiss individuals who wish to learn more about this process should refer to https://www.privacyshield.gov/article?id=ANNEX-I-introduction for more comprehensive information.

OpenWater is subject to the investigatory and enforcement powers of the Federal Trade Commission.

Limitation on Application of Principles: Adherence by us to these Privacy Shield Principles may be limited (a) to the extent required or permitted by law or legal process, such as to respond to or investigate a legal or ethical obligation or request or pursuant to court orders, subpoenas, interrogatories or similar directive carrying the force of law; and (b) to the extent expressly permitted by an applicable law, rule or regulation.

5. INFORMATION WE COLLECT

We only collect personal information that you voluntarily submit to us (e.g. when you fill out forms or contact us for any reason). We do not use your data for our own purposes, we do not sell or share it with third parties. You are responsible for the data you submit in responses to the forms. We may collect several types of information from and about users of our Site, including the following:

• Name, email address, payment information, responses to forms.
• Analytical Site usage information collected via Google Analytics. This data may include the Site pages you view and other similar information about your behavior on our Site.

We collect this information:

• Directly from you when you provide it to us (e.g. when you contact us for any reason).
• Automatically as you navigate through the site. Information collected automatically may include usage details, IP addresses and information collected through cookies and other tracking technologies.

6. HOW WE USE YOUR INFORMATION

We will not use your personal information for our own purposes outside of administering the platform. We do not sell or share it. We use information that we collect about you or that you provide to us, including any personal information:

1. To provide the services you requested.
   b. To notify you about changes to our Site or any services we offer or provide though it.
   c. To allow you to participate in interactive features on our Site.
   d. To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
   e. In any other way we may describe when you provide the information.
2. DISCLOSURE OF YOUR INFORMATION

We may disclose personal information that we collect or you provide as described in this Policy:
a. To fulfill the purpose for which you provide it.
b. To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of the Site’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal information about our Site users is among the assets transferred.
c. We may disclose aggregated information about our users and information that does not identify any individual without restriction.
d. For any other purpose disclosed by us when you provide the information.

We may also disclose your personal information:
e. To comply with any court order, law or legal process, including to respond to any government or regulatory request.
f. If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of the Site, our customers or others.

Note that we may be required to disclose the personal information of EU and/or Swiss individual in response to lawful requests from public authorities including to meet national security and law enforcement requirements.

COOKIES
Our Site utilizes cookies. A cookie is a small amount of data, which often includes a unique identifier that is sent to your computer or mobile device browser from a website’s server and is stored on your device’s hard drive.  Cookies do not contain any personal information about you and therefore cannot be used to identify you personally. However, cookies assist us in tracking which of our features you like best and help us to customize our content according to your preferences. You can decline cookies by modifying your browser’s.

However, if you decline cookies, some features of our Site might not be available to you.

CHILDREN’S PRIVACY

We are committed to respecting the sensitive nature of children’s privacy online. Children under 13 years of age are not allowed to use our Site. We do not knowingly collect personally identifiable information from anyone under the age of 13 and our service is not directed to children. If we learn or have reason to suspect that any Site user is under the age of 13, we will delete any personal information in that user’s account or use that information only to respond directly to that child (or a parent or legal guardian) to inform him or her that he or she cannot use our Site.