Privacy Policy with Privacy Shield

Cathy Labs Privacy Policy

Last Updated: November 19, 2018. For our previous privacy policy, go here.

We at Cathy Labs, Inc. (“Cathy Labs”) value your privacy. This privacy policy (“Policy”) describes the information we collect when you access or use our websites https://compa.as or https://cathylabs.com, our SaaS applications, and related services (collectively our “Services”) and how we use, disclose, and protect this information. Your access and use of our Services indicates your consent to the terms of this Policy and our Terms of Use.

Information We Collect

We provide Services that our enterprise customers use for a variety of purposes, including: resource management, project planning, budgeting, time tracking, and business analytics, such as forecasted revenue and utilization. We collect information through the use of our Services as described below.

Information You Provide

In order for us to provide our Services, we may ask you to provide us with certain information, including: (1) your name, location, and contact information (such as your e-mail address, phone number, billing and physical addresses, and your account password); and (2) payment information (such as your credit or debit card number, bank account routing number, and billing and shipping address). If you communicate with us by, for example, e-mail, telephone, or any online form that may be available on the Services, any information provided in such communication may be collected.

Information We Receive from Third Parties

We may collect information about you from third party sources. For example, we may receive your email address, demographic data, general location information, and information about your online activities from third party partners.

Automatically Collected Information

We automatically collect information when you access our Services, such as IP address. We may also track user activity (e.g., pages visited and projects created) and use cookies and other tracking technologies on our Services, and these tracking technologies may be linked to your information. Cookies are small text files that web servers place on your device; they are designed to store basic information and to help websites and applications recognize a browser. Cookies help us track and target the interests of our users to enhance their experience with our Services. We use website and application analytics services provided by third parties, such as Google Analytics, that use cookies and other similar technologies to collect information about website or application use and to report trends, without identifying individual visitors. The third parties that provide us with these services may also collect information about your use of third-party websites. You can learn about Google’s practices in connection with this information collection and how to opt out of it by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

In addition, we partner with third party analytic services and receive from them demographic data, general location information, and information about your online activities. For information about how to opt-out of certain uses of cookies and other technologies, please see the Your Choices section below.

How We Use Information

Customer Data will be used by Cathy Labs in accordance with Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. Cathy Labs is a processor of Customer Data and Customer is the controller.

We use Other Information in furtherance of our legitimate interests in operating our Services, Websites and business. More specifically, we may use Other Information for the following purposes:

Providing, Updating, Maintaining, Protecting, and Improving our Services. When you register for our Services, we use the information you provide to create and maintain your account. The information we collect also helps us improve, enhance, personalize, and promote our Services. This includes use of Other Information to support delivery of the Services under a Customer Agreement, prevent or address service errors, security or technical issues, analyze and monitor usage, trends and other activities or at an Authorized User’s request.

Communications. We will communicate with you to respond to your requests, comments, and questions. If you contact us, we may use your Other Information to respond. For example, if you’ve provided your phone number, we may call you to discuss our Services.  If you’ve given us your email address, we may send you promotional email offers or email you about your use of the Services. If you do not want to receive promotional emails from us, please indicate your preference by opting-out via the links provided in the emails. Note that if you opt-out of receiving our promotional emails, you may still receive transactional emails from us.

Billing, Account Management, and other Administrative Matters. Cathy Labs may need to contact you for invoicing, account management and similar reasons, and we use account data to administer accounts and keep track of billing and payments.

Legal. We reserve the right to access, use, preserve, transfer, or disclose, at any time without notice to you, any information as reasonably necessary to: (1) comply with any applicable law, regulation, subpoena, or legal process, or respond to any governmental request or regulatory investigation and to cooperate with law enforcement, if we believe such action is required or permitted by law; (2) enforce this Policy or our Terms of Service, including investigating any potential violations; (3) protect the safety, integrity, rights, or security of our users, our Services or equipment, or any third party; or (4) detect, prevent, or otherwise address fraud, security, or technical issues related to our Services or those of our business partners.

How We Disclose Information

We may disclose the information we collect, including in the following ways:

Vendors & Service Providers. We employ other companies and people to perform tasks for us relating to the Services and share your information with them to allow them to perform those tasks.  For example, we use a payment processing company to receive and process your credit card transactions for us. In addition, we may use third-party analytics vendors to evaluate and provide us with information about your use of our Services. These analytics service providers may set and access their own cookies, pixel tags and similar technologies on our Services and they may otherwise collect or have access to information about you which they may collect over time and across different websites. We also contract vendors to provide virtual computing and storage services. Additional information about the subprocessors we use to support delivery of our Services is available at Subprocessors.

Business Transfers. We may from time to time sell assets or enter into similar corporate transactions, and may share and/or transfer your information in connection with the evaluation of and entry into such transactions. Also, if our company (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, your information could be one of the assets transferred to or acquired by a third party.

Legal/Protection. We reserve the right to disclose any information that we reasonably believe is necessary to comply with law or court order; enforce or apply this Policy or our Terms of Use and other agreements; or protect the rights, property, or safety of Cathy Labs, our employees, our users, or others.

Aggregate Data. We may de-identify your information and process and share it in a de-identified and/or aggregated form for purposes in addition to those described above. For example, we may share aggregate reports about business metrics.

Your Choices

You may opt-out of future contacts with us, change or correct your information, or express any concerns you may have about the use of your information at any time. To do so, please contact us via the email address provided below in the Contact Us section.

How to Opt-Out

Email Communications. If you receive an unwanted email from us, you can use the unsubscribe link found at the bottom of the email to opt-out of receiving future emails. We will process your request within a reasonable time after receipt. You will continue to receive transaction-related emails regarding products or services you have requested and administrative communications, such as updates to the Terms or this Privacy Policy.

Cookies. Many web browsers allow you to manage your preferences relating to cookies. You can set your browser to refuse cookies or delete certain cookies. You may be able to manage other technologies in the same way that you manage cookies using your browser’s preferences. Please note that if you choose to block cookies, doing so may impair the use of our Services. Additionally, there is no accepted standard on how to respond to Do Not Track signals, and we do not respond to such signals.

Notice to California Residents

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of certain information to third parties for such third parties’ direct marketing purposes.  In order to submit such a request, please contact us at privacy@cathylabs.com. California residents are entitled to ask us for a notice identifying the categories of certain information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to privacy@cathylabs.com.

Transborder Transfer

If you live outside of the U.S., your information may be subject to privacy laws that differ from those in your country of residence. Information collected within the European Economic Area (“EEA”) and Switzerland may, for example, be transferred to and processed by recipients in countries outside of the EEA and Switzerland, including the U.S., where you may have fewer legal rights in relation to your information. By providing your information and/or using our Services, you consent to any transfer and processing in accordance with this Policy.

We commit to the principles of the Privacy Shield framework to safeguard information received from the EU.  Cathy Labs is certified to the EU-U.S. Privacy Shield Framework and the Swiss-U.S.Privacy Shield Framework. Cathy Labs is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (“FTC”).  To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List at https://www.privacyshield.gov.  You may direct any inquiries or complaints related to our Privacy Shield compliance to privacy@cathylabs.com.   If an issue cannot be resolved through Cathy Labs’ internal dispute resolution mechanism, you may submit a complaint, at no cost, to JAMS, which serves as Cathy Labs’ alternative dispute resolution provider for claims related to the Privacy Shield. For residual complaints not fully or partially resolved by other means, you may be able to invoke binding arbitration as detailed in the Principle.

Cathy Labs only transfers personal data to Third Parties who have clear privacy policies, and only for the purposes described in “How we use information”.  Cathy Labs’ accountability for Personal Information that it receives under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Cathy Labs remains responsible and liable under the Privacy Shield Principles if third party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Cathy Labs proves that it is not responsible for the event giving rise to the damage.

Cathy Labs does not share data on individuals with non-agent third parties.  If the way we use or share personal information changes, you will be notified via a prominent notice on our website.

Third Party Links

We may display advertisements from third parties and other content that links to third party websites. We cannot control or be held responsible for third parties’ privacy practices and content. Please read their privacy policies to find out how they collect and process your personal information.

Security

Protecting your information is important to us. We seek to use reasonable organizational, technical, and administrative measures to protect information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. Your password protects your user account, so you should use a unique and strong password, limit access to your computer and browser, and log out after having used our Services. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account with us has been compromised), please immediately notify us of the problem by contacting us in accordance with the Contact Us section below.

Data Transfers

We may store all Personal Information we collect anywhere in the world, including but not limited to, in the United States, in the cloud, on our servers, on the servers of our affiliates or the servers of our service providers.

Data Retention

We will retain personal data we process on behalf of our customers for as long as needed to provide services to our customer. We will retain and use such information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Rights of Access, Rectification, Erasure, and Restriction

Customers. Please contact us at support@compa.as to review or update incorrect information. Please include your full name, email address associated with your Account, and a detailed description of your data request. Such requests will be processed in accordance with local laws. We will respond to any requests for access to personal information within 30 days.

Data Controlled by Customers. We process information at the direction of our customers. An individual who seeks access, or who seeks to correct, amend, or delete data that is processed by us on behalf of a customer should direct queries to their employer (the data controller). If the customer requests that we to remove the data, we will respond to their request within 30 business days.

Children

Our Services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13.

Updates to this Policy

From time to time we may, in our discretion, make changes to this Policy. The “Last Updated” date at the top of this page indicates when this Policy was last revised. If we make material changes, we may notify you through the Services or by sending you an email or other communication. We encourage you to read this Policy periodically to stay up-to-date about our privacy practices. Your continued use of our Services after we have updated this Policy constitutes your acceptance of the changes.

Contact Us

If you have questions about this Policy, please contact us.
Cathy Labs, Inc.
548 Market Street #74751
San Francisco CA 94104

privacy@cathylabs.com