Privacy Policy | ReachSuite
top of page

Privacy Policy

Last updated: January 3rd, 2024

Introduction and Background

Privacy is important to ReachSuite and we take care to process personal data in accordance with applicable data protection laws and our contractual obligations. Please take the time to read this Privacy Policy to understand how and why we process, share and secure personal data, and to learn more about your rights and preferences.

In this Policy, “ReachSuite,” “we,” “us” and “our” each means ReachSuite Inc. If you have any questions about this Policy, please contact us at contact@reachsuite.io

  • What this Policy covers

  • Personal data we process and sources of personal data

  • Why and how we process personal data

  • Personal data sharing and disclosure

  • Where we process personal data 

  • Personal data retention and deletion

  • Your choices and rights

  • Security of your personal data

  • Children’s privacy

  • How to contact ReachSuite about privacy

  • Changes to this Policy

  • Additional information – Europe (including Switzerland and UK)

  • Additional information – Residents of California, USA

 

Scope of this Policy

What this Policy covers

This Policy applies where ReachSuite processes personal data about human beings in its role as a controller of that personal data. This includes where you:

  • Visit our website https://reachsuite.io or other ReachSuite digital properties or branded social media pages (collectively, the “Sites”)

  • Are identified as a prospect or potential customer of ReachSuite

  • Receive communications from us (including emails, phone calls or text messages)

  • Apply for a job with ReachSuite or are referred to us for recruitment reasons

  • Provide services to ReachSuite as a vendor or service provider or contact us for other purposes (e.g. regulatory officials working in their official capacity)

  • Are a ReachSuite customer or use our Services (as defined below) 

  • Register for, attend or participate in webinars, sponsored events, trade shows, online surveys, contests or other similar promotional events organized by ReachSuite

 

What this Policy doesn't cover

This Policy doesn’t apply where we process personal data about our customers’ end users that is processed through the ReachSuite Platform as part of the Services (i.e., where ReachSuite acts as a processor).

ReachSuite customers (and/or their affiliates) use our services to provide product experiences via the ReachSuite Platform (“ReachSuite Platform” or “Services”) for their users. We do not process nor retain any information provided by users experiencing the products of our customers beyond what is immediately necessary to continue the users product experience.

We act as a “processor” (for purposes of the General Data Protection Regulation or “GDPR”) or “service provider” (under the California Consumer Privacy Act or “CCPA”) or similar roles under applicable law on behalf of our customers. Our customers’ privacy policy or agreements with its end users (or the end user’s organization) will apply to such processing, not this Policy. If you are an end user of our customer - please contact that organization for information.

If you are an end user of a ReachSuite customer and have questions about personal data used by such customer, or if you want to exercise any of your rights regarding your personal data processed by such customer, we request that you contact the customer directly.

Personal data we process and sources of personal data

Information you give us directly:

  • Contact, biographical and payment information - this includes your contact details, social media handle, financial and credit card information if you are a customer paying directly through our Site, personal description and photograph, company name and position, login and password details, and information you share in discussion boards, search queries, feedback forums, or in customer service requests. This may also include audio or video recordings if you participate in a customer interview or testimonial (and where legally permissible).

  • Employment and professional information - if you apply for a job at ReachSuite, this includes your CV, resumé or other details about your education and employment history in relation to recruitment activities. In limited circumstances and only where legally permissible, this may include sensitive personal data, such as information about health or disability (e.g. where required for access) or information about ethnicity (e.g. where relevant to local diversity obligations for employment purposes).

Information we automatically collect from your interactions with us:

  • Technical information related to your visit to our Sites and/or Services - this includes your Internet protocol (IP) address (which can provide general information about your location, country, region, or city, but not your precise location), login information, device data such as device/browser type and version, time zone setting, and the operating system and platform you use when visiting our Sites or Services.

  • Information about your use of our Site and Services, and your activities and your interaction with our marketing materials - this may include the web address of the page you were on prior to coming to our Site and the page you visit after you leave. We may also process information about what you do on our Sites, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, downloads and mouse-overs), methods used to browse away from the page, and data relating to whether you engaged with our marketing materials (e.g. from web beacons). 

Information we obtain from other sources:

  • Marketing and sales information (including your web browsing activity if cookies are enabled) - this includes biographical information and job information, contact details, sales orders from third party lead generation resources and marketing list vendors, or from publicly available sources such as LinkedIn. We may receive information about your browsing activities on websites outside of ReachSuite collected via partners.. We also receive information from marketing partners and event sponsors where we co-host events and webinars and from digital advertising partners, business partners, advertising networks, analytics providers, and search information providers.

  • Log-in / authentication information and other information related to our provision of the Services - if you log in to our Site or Services by using credentials from a third party (for example, Google, Microsoft or GitHub), we will receive information that you (or the Customer on your behalf) have authorized for sharing. 

  • Employment / educational history / background check information - if you apply for a job at ReachSuite, our service providers, partners or other agencies, such as recruitment agencies or referees, may provide information in relation to your application for employment with ReachSuite, including information about immigration status or criminal allegations or offences in relation to compulsory background checks, where legally permissible.

Why and how we process personal data

We use personal data in accordance with applicable legal requirements, including for the following purposes:

  • To administer, monitor the usage of and to improve the Site. We may use personal data to administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes and for safety and security including detecting, investigating, and preventing activities on our Site that may violate our terms of use, could be fraudulent, violate copyright, or other rules or that may be otherwise illegal. We may use information to improve our Site, to ensure that content is presented to you in the most effective manner and to allow you to participate in interactive features of our Site when you choose to do so.

  • To provide, monitor the usage of and to improve the Services. We will use your personal data to provide, monitor the usage of and to improve the Services. This includes concluding contracts; billing and other account administration; provision of Services; event logging; internal research and product development; ensuring safety and security including detecting, investigating, and preventing activities on our Services that may be fraudulent or may violate copyright, contractual terms, or other rules, or that may otherwise be illegal; monitoring usage of the Service to ensure compliance with ReachSuite policies; and conducting data analytics. This also includes provision of customer and technical support for the Services (including the recording of some support services provided via phone or with online conference services such as Zoom).

  • To conduct marketing (including direct marketing) and sales activities. Where permissible by local law and in accordance with our legitimate interests, we may build and maintain sales & marketing profiles of prospective and actual customers and of individuals representing them in a “customer relationship management” “CRM” database. We may combine information from different sources to better understand their interests and to provide content or information about the Services that are relevant to their business needs. E.g. We may enhance their CRM profile information with information about their activities on the Site or the Services with browsing activities on websites outside of ReachSuite in order to target marketing to them and assess how likely they are to purchase ReachSuite services. We may also do this to measure the effectiveness of advertising we serve to them and others.

  • Employment purposes. If you have applied for a job with ReachSuite, we will use your personal data for employment purposes, including recruitment and selection, to conduct background checks, to conduct onboarding if we decide to hire you, and to meet local legal obligations such as those related to health and safety and, where appropriate, diversity and inclusion.

  • Other business purposes. We use personal data in accordance with law to administer our global business operations, including physical site operation, for record-keeping and corporate governance purposes, to respond to queries from individuals, and to comply with legal requirements or other such reasonable purposes related to our business operations.

Personal data sharing and disclosure

ReachSuite discloses personal data to third parties in accordance with legal and contractual requirements as follows:

To third party service providers who process your personal data on our behalf and in accordance with our instructions and applicable law. These organizations, which will only use your personal data to the extent necessary to perform their support functions, include:

  • Operational, security and marketing service providers and other business partners with whom we have entered into agreements in relation to the processing of your personal data.

  • Analytics and search engine providers that assist us in the improvement and optimisation of our Site and Services.

  • Payment processing providers who provide secure payment processing services. Your payment card details are not shared with us by the provider.

To prospective sellers or buyers in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets, subject to this Policy; or to a third party acquiring all or substantially all of ReachSuite’s assets, in which case personal data held by ReachSuite about its customers will be one of the transferred assets.

To third parties in order to comply with any legal obligation, or in order to enforce or apply our terms of service, and other agreements with you, or to protect the rights, property, or safety of ReachSuite, our customers, or others.

Where we process personal data and international transfers

Storage. ReachSuite primarily stores your personal data in the United States (“US”) and in the Europe Economic Area (“EEA”). Personal data that is transferred to, or stored at, a destination outside the EEA may not be subject to data protection laws that provide the same level of protection as those in your jurisdiction.

Transfer. Where your personal data originates from the EEA, United Kingdom (“UK”) or from Switzerland and is transferred outside of your jurisdiction, we ensure that your personal data is subject to appropriate safeguards (such as a recognised legal adequacy mechanism or standard contractual clauses with third parties or between ReachSuite group companies that process your personal data on our behalf) and that it is treated securely and in accordance with this Policy.

Personal data retention and deletion

  • We retain personal data only for as long as is needed to exercise our legal obligations and for appropriate business purposes.

  • If you have applied for a job at ReachSuite, your personal data will usually be deleted 2 years after your application process concludes. You may contact contact@reachsuite.io to request that we delete your application and CV information sooner than this.

  • We retain personal data during any period in which you have expressed an interest in our Sites or Services, for as long as necessary for us to meet our contractual obligations, and for six years after the end of a contract to identify any issues and resolve any legal proceedings. 

At the end of retention periods, ReachSuite may retain limited aggregate information for research purposes and to help us further improve our Services. This aggregate information does not include any personal data that relates to you as an individual.

Your choices and rights

  • Opt-out of marketing email communications You can opt out of direct marketing from ReachSuite at any time by checking and updating your contact details within your account, using the "unsubscribe" link at the end of all our marketing emails, or by submitting your email address to contact@reachsuite.io. If you are a customer and you opt-out of receiving marketing messages from ReachSuite, you may continue to receive transactional communications from us regarding our Services.

  • Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy policy.

  • Mobile Device Settings Your mobile device may also have settings that, if enabled, restrict mobile app platforms (such as Apple and Google) from sharing certain information obtained by automated means.

  • Additional Privacy Rights Depending on where you are located, you may have additional rights with respect to the personal data we process about you. If you reside in the EEA, the UK or in Switzerland, see the Additional information – Europe (including Switzerland and UK section below. If you are a California resident, see the Additional information – Residents of California, USA section below.

Security of personal data

We are committed to maintaining the confidentiality, integrity, and security of your personal data and take precautions to protect such information. It is our policy to use reasonable and appropriate administrative, technical, and physical safeguards designed to protect the personal data we have about you from loss, theft, and unauthorized use, access, modification, or destruction. We periodically review our policies and procedures to confirm that they are appropriate to meet our commitment to our community, our customers, and ourselves.

We also require third-party service providers acting on our behalf or with whom we share your personal data to maintain security measures consistent with applicable regulatory compliance requirements.

Payments made on the Site are made through our payment gateway provider. Payment details you provide will be encrypted using secure sockets layer (SSL) technology before they are submitted to us over the internet. Personal data you supply to our payment gateway provider is not within our control and is subject to the provider’s privacy policy and terms and conditions.

Notwithstanding our security safeguards, it is impossible to guarantee absolute security in all situations. If you have any questions about the security of our Site or Services, please contact us at contact@reachsuite.io. For your own security, please do not send any confidential or sensitive personal data to us via email or through the contact form on our website.

Children’s privacy

The Site is intended for use only by individuals who are at least 18 years of age. By using the Site, you confirm to us that you meet this requirement. If you are under the age of 18, you confirm you have received permission from your parent or guardian before using this Site or sending us personal data.

How to contact ReachSuite about privacy

Questions, comments, and requests regarding this Policy are welcomed and should be addressed to:

ReachSuite, Inc.

4500 WhiteChapel Circle

Virginia Beach, VA

USA 23455

contact@reachsuite.io

 

Changes to this Policy

We periodically review and update this Policy to describe changes to our data processing practices or to reflect changes in laws and regulations that apply to ReachSuite. You can check when this Policy was last revised by referring to the “Updated” date at the top of this Policy. We encourage you to review the Policy whenever you interact with us to stay informed about our privacy practices.

If the changes we make to this Policy are significant, we may notify you including through a prominent notice on the Site or the Services, as appropriate. If you do not agree with the privacy practices disclosed in the Policy, we recommend you stop using our Site and Services.

Additional information – Europe (including Switzerland and the UK)

This section applies to individuals located in the EEA, the UK or in Switzerland and outlines additional information about your rights and choices regarding ReachSuite’s processing of your personal data under the GDPR or equivalent laws in Switzerland and UK.

A. Legal Basis

We collect and process personal data about you only where we have a legal basis for doing so under applicable data protection laws. Our legal bases include processing personal data as follows:

  • With your consent: Where appropriate or legally required, we collect and use personal data about you subject to your consent (e.g. where legally required for direct marketing activities or to process your application for employment).

  • Performance of contract: We collect and use personal data about you to contract with you or to perform a contract that you have with us.

  • To protect the legitimate interests of ReachSuite, you or other parties: We process personal data for our legitimate interests such as to improve our Site or Services; deliver content; optimize your experience; market our Services; provide appropriate security for the Services; and to protect you, ReachSuite and other third parties.

  • Where necessary for compliance with laws: We may process personal data about you: (1) as required by law, such as to comply with a subpoena or similar legal process; (2) when we believe in good faith that disclosure is necessary to protect our rights or property, to protect your health and safety or the health and safety of others; (3) to investigate fraud or respond to a government request; or (4) if we are involved in a merger, acquisition, or sale of all or a portion of our assets.

B. Data Subject Rights

You have certain rights related to the personal data we hold about you in our capacity as “controller.” Some of these rights may be subject to limitations and qualifications including (1) where fulfilling your request would adversely affect other individuals, company trade secrets or intellectual property; (2) where there are overriding public interest reasons; or (3) where we are required by law to retain your personal data.

  • Right of Access: You have the right to access personal data held by us.

  • Right to Rectification: You have the right to rectify personal data that is inaccurate or incomplete.

  • Right to Data Portability: You have the right to request a copy of certain personal data we hold about you in a structured, machine readable format, and to ask us to share this information with another entity.

  • Right to Erasure: You have the right to have personal data deleted where: (1) you believe that it is no longer necessary for us to hold your personal data; (2) we are processing your personal data based on legitimate interests and you object to such processing and we cannot demonstrate an overriding legitimate ground for the processing; (3) you have provided your personal data to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your personal data; or (4) where you believe the personal data we hold about you is being unlawfully processed by us.

  • Right to Restrict Processing: You have the right to ask us to restrict (stop any active) processing of your personal data where: (1) you believe the personal data we hold about you is inaccurate and while we verify accuracy; (2) we want to erase your personal data as the processing is unlawful, but you want us to continue to store it; (3) we no longer need your personal data for our processing, but you require us to retain the data for the establishment, exercise, or defense of legal claims; or (4) you have objected to us processing your personal data based on our legitimate interests and we are considering your objection.

  • Right to Object: You can object to our processing of your personal data based on our legitimate interests. We will no longer process your personal data unless we can demonstrate an overriding legitimate purpose.

  • Objection to Direct Marketing, Automated Decision Making, and Profiling: You have the right to object to our processing of personal data for direct marketing communications, and profiling related to direct marketing. We will stop processing the personal data for that purpose.

  • Automated Profiling: In the event that we conduct automated decision making that has a legal or other significant impact we will tell you about this and you have the right to challenge such decisions and request that it is reviewed by a human.

  • Withdrawal of Consent: Where the processing of your personal data by us is based on consent, you have the right to withdraw that consent without detriment at any time by emailing privacy@reachsuite.com or other means provided.

C. Exercising your Rights

If you would like to exercise the rights set forth above, please contact us at contact@reachsuite.io Before we respond to requests for personal data, we will require that you verify your identity or the identity of any data subject for whom you are requesting personal data. Our verification methods may include requesting that you log into your account, confirm your contact information or email address, and/or provide documents for identity verification depending on the nature of your relationship with us.

We will fulfill your request within one month of receipt unless an exception applies. If you have concerns unresolved by ReachSuite, you may also address any grievance directly with the relevant Supervisory Authority or the ICO for UK-based individuals.

We will fulfill your request within one month of receipt unless an exception applies. 

D. Contact Details for ReachSuite’s Data Protection Officer and EU Representative

ReachSuite, Inc. is the controller for personal data collected in connection with the use of the Site and Services in the EEA, the UK and Switzerland. Our Data Protection Officer can be contacted at contact@reachsuite.io.

 

Additional information – Residents of California, USA

This section applies to California residents and outlines your rights and choices with respect to ReachSuite’s processing of your personal data under the CCPA.

For business purposes in the last twelve months, we may have collected, used, and shared personal data about you as described in this Policy. To learn more about the personal data we collect, including the specific pieces of personal data collected, sources of collection, our purposes for collection, and the categories of service providers with whom we share personal data, please see the Personal data we process and sources of personal data, Why and how we process personal data and Personal data sharing and disclosure sections of this Policy.

We do not sell personal data for business or commercial purposes.

A. Consumer Rights

The CCPA grants California consumers certain rights in connection with the personal data collected by businesses, as described below:

  • Right to Know: You have the right to know the categories and specific pieces of personal data we have collected about you in the previous 12 months.

  • Right to Deletion: You have the right to request that we delete any personal data we have collected about you.

  • Right to Request Information: You have the right to request information about our collection, sale, and disclosure of your personal data from the previous 12 months.

  • Right to Opt-out of the Sale of Personal Data: You have the right to opt-out of the sale of personal data we have collected about you. As of the date of this Policy, ReachSuite does not sell the personal data we have collected about you.

  • Right to Non-Discrimination: You have the right to not receive discriminatory treatment for exercising any of your CCPA rights. We will not treat you differently for exercising any of the rights described above.

B. Exercising Your Rights

To exercise any of the CCPA rights above, please contact us by emailing contact@reachsuite.io. We will fulfill your request within 30 days of receiving your request. Some of these rights may be subject to limitations and qualifications, such as where fulfilling the request would conflict with federal, state or local law, regulatory inquiries, subpoenas or ReachSuite’s ability to defend against legal claims.

We will verify your request using your email address. If you’ve created an account with us, we will also verify your request using the information associated with your account, including billing information. Government identification may be required. We cannot respond to your request if we cannot verify your identity and/or authority to make the request on behalf of another and confirm the personal data relates to you. Making a verifiable consumer request does not require you to create an account with us.

If you wish to use an authorized agent to submit a request to opt-out on your behalf, you must provide the authorized agent written permission signed by you, the consumer. We may deny a request from an authorized agent if the agent cannot provide to ReachSuite your signed permission demonstrating that they have been authorized to act on your behalf.

bottom of page