X

Policies

PoliciesPrivacy Policy

Privacy Policy Last updated Sep 26, 2015

Our Privacy Principles

If you read nothing else, please read this:

  • The most fundamental privacy principle we follow is that by default, anything you publish in Retail Zipline is private to your organization. That is, viewing the communications and files shared within a specific organization requires authentication as a member of that organization.
  • Retail Zipline is the custodian of data on behalf of the organizations that use Retail Zipline. We don’t own organization communication data. Organizations own their data. They like it that way and so do we.
  • At Retail Zipline we believe that more transparency is better than less. We try to make our product easy to use, with settings and options that are easy to find and understand. This is good for privacy, good for the product, and good for Retail Zipline customers and users. To foster greater transparency, we have published a Transparency Report, which is our summary of government and law enforcement requests for user data and content removal from Retail Zipline, and our User Data Request Policy explaining our policy requests regarding user data and content removal requests.
  • Privacy goes hand in glove with security and confidentiality. We see these things being the three legs that keep the stool balanced and upright. Each is as important as the other and if one is missing the stool won’t stand. They are all very important to us and we take them very seriously.

Retail Zipline Privacy Policy

This privacy policy is here to help you understand what information we collect at Retail Zipline, how we use it, and what choices you have. When we talk about Retail Zipline in this policy, we are talking about Retail Zipline, Inc., the company, Retail Zipline, the downloadable application, and the Retail Zipline website at www.retailzipline.com. Retail Zipline is available for use via a web browser or applications specific to your desktop or mobile device.

This policy describes how Retail Zipline treats your information, not how other organizations treat your information. If you are using Retail Zipline in a workplace or on a device or account issued to you by your employer or another organization, that company or organization likely has its own policies regarding storage, access, modification, deletion, and retention of communications and content which may apply to your use of Retail Zipline. Content that would otherwise be considered private to you or to a limited group of people may, in some cases, be accessible by your organization owner or administrator. Please check with your employer, organization owner or administrator about the policies it has in place regarding your communications and related content on Retail Zipline. More on this below.

In this policy we talk about various roles within a Retail Zipline organization and the privileges that come with each. It’s helpful to understand these roles and the relationships between them.

Here’s the breakdown:

primary owner > organization owner > organization administrator > organization member.

Primary owners have the most control over their organization’s settings on Retail Zipline, followed by organization owners and then organization administrators. The person who establishes the Retail Zipline organization is considered the primary owner with the most control over the organization (which is why it’s not a good idea for this person to be a contractor or temp employee). Organizations can have more than one owner, but only one can be the primary owner. Primary ownership can be transferred to another member after the organization is created (see prior note about temp workers and flaky people). All organization owners are administrators, and all owners and administrators are also organization members.

Information we collect and receive

We collect different kinds of information. Some of it is personally identifiable and some is non-identifying or aggregated. Here are the types of information we collect or receive:

  • Organization information. When you create an organization on Retail Zipline, we collect your email address (as the organization owner), your organization name, Retail Zipline domain (ex: your-organization-name.retailzipline.com), your name that appears in your Retail Zipline organization, and password. Optionally, you can provide an email domain to allow people on that domain to sign up for your organization without an invitation or individually add email addresses for people you’d like to invite to your organization.
  • Account and profile information. The only information we require to create your Retail Zipline account is an email address and password. Optional information you can enter into your profile includes information such as your first and last name. Any information you add to your profile is visible to other people in your organization as described on your profile management page.
  • Billing information. We collect billing address and credit card information if you purchase a premium version of Retail Zipline. Credit card information is securely passed to our payment processing partner and is not stored at Retail Zipline.
  • Log data. When you use Retail Zipline, our servers automatically record information, including information that your browser sends whenever you visit a website or your mobile app sends when you’re using it. This log data may include your Internet Protocol address, the address of the web page you visited before coming to Retail Zipline, your browser type and settings, the date and time of your request, information about your browser configuration and plug-ins, language preferences, and cookie data. Log data does not contain communication content and is not routinely deleted.
  • Device information. In addition to log data, we may also collect information about the device you’re using Retail Zipline on, including what type of device it is, what operating system you’re using, device settings, unique device identifiers, and crash data. Whether we collect some or all of this information often depends on what type of device you’re using and its settings.
  • Geo-location information. Precise GPS from mobile devices is collected only with your permission. WiFi and IP addresses received from your browser or device may be used to determine approximate location.
  • Retail Zipline usage information. This is information about which organizations, communications, tasks, attachments, content, and links you interact with within Retail Zipline.
  • Communications that you send and receive within Retail Zipline. This includes:
    • The communication content itself. This content can include text, pictures, files and video among other types of files.
    • When communications or files were sent and by whom, when or if they were seen by you, and where you received them (in an email or via an app, for example).
  • Information from partners or other 3rd parties. Retail Zipline may receive information from partners or others that we could use to make our own information better or more useful. This might be aggregate level information about which IP addresses go with which zip codes or it might be more specific information about how well an online marketing or email campaign performed.

Retail Zipline uses cookies, or similar technologies like single-pixel gifs and web beacons, to record log data. We use both session-based and persistent cookies.

Cookies are small text files sent by us to your computer and from your computer to us, each time you visit our website. They are unique to your Retail Zipline account or your browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire.

Some cookies are associated with your Retail Zipline account and personal information in order to remember that you are logged in and which organization you are logged into. Other cookies are not tied to your Retail Zipline account but are unique and allow us to do site analytics and customization, among other things. If you access Retail Zipline through your browser, you can manage your cookie settings there but if you disable all cookies you may not be able to use Retail Zipline.

Retail Zipline sets and accesses our own cookies on our company-owned domains. In addition, we use 3rd parties like Google Analytics and Mixpanel for website analytics. You may opt-out of third party cookies from Google Analytics and Mixpanel on their respective websites. We do not currently recognize or respond to browser-initiated Do Not Track signals as there is no consistent industry standard for compliance.

How we use your information

We use your information for the following:

  • Providing the Retail Zipline service. We use information you provide to authenticate you and deliver communications to you and from you.
  • Understanding and improving our products. To make the product better we have to understand how users are using it. We have a fair bit of data about usage and we intend to use it many different ways to improve our products, including research. This policy is not intended to place any limits on what we do with usage data that is aggregated or de-identified so it is no longer tied to a Retail Zipline user.
  • Investigating and preventing bad stuff from happening. We work hard to keep Retail Zipline secure and to prevent abuse and fraud.
  • Communicating with you:
    • Solving your problems and responding to your requests. If you contact us with a problem or question, we will use your information to respond to that request and address your problems or concerns.
    • In-product communications. We may use the information you provide to contact you through Retail Zipline using Retail Ziplinebot or other in-product messaging tools. For example, if, after, a few weeks of using Retail Zipline we notice that your notification setting is set to notify you of all messages, we may send you a Retail Zipline message that suggests you change this in case you are getting too many notifications. This is just one example of how we use information about your usage of the product to make suggestions to you.
    • Email messages. We may send you service and administrative emails, such as when we notice that you are nearing a system limit. We may also contact you to inform you about changes in our services, or our service offerings. These messages are considered part of the service and you may not opt-out of them. In addition, we sometimes send emails to Retail Zipline users about new product features or other news about Retail Zipline. You can opt-out of these at any time.

Your choices

When you use Retail Zipline, you have control over a number of things with respect to your own privacy and choices about how your content is visible to others or not. If you are a Retail Zipline organization owner or administrator, you have additional choices that impact your organization’s privacy. Some members will not have access to all of the same choices that their organization owner(s) or administrator(s) do. That is because Retail Zipline is set up to be organization-oriented, and provides organization owners with the maximum ability to control their organizations. Communication Retention Settings and Export Options

Retail Zipline offers different options for communication retention and export to organization owners and administrators, depending on the level of service they have signed up for. These service levels are likely to change so please see our pricing page to learn more about which features are associated with which level of service.

Communication Retention Settings

Communication retention setting options vary by service level from very general to very specific. The default for all organizations is that communications are retained for as long as the organization exists unless they are deleted by the user or administrators, and that users can edit and delete their own communications at any time.

Premium level organizations can modify their organization settings to shorten the duration of retention, and change settings to store all communication edits and to retain communications that users have deleted.

Please see our FAQ for more specific information about what options exist for different organization service levels.

You can view your organization’s communication retention settings at any time via Your Organization Settings.

Communication Exports

Administrators of all organizations can export their organization’s content that is shared in communications.

Choices for Organization Members

If you are a member of an organization, you may not deactivate your account. The creation and deactivation of an account is controlled by the organization administrators. Deactivation of an account disables your access to the Retail Zipline organization associated with that account but does not delete your profile or content, which are considered part of your organization’s data.

While you cannot completely delete a profile once it is created, you can update your profile information at any time and modify your email settings. Updating other settings, such as your name, is controlled by the organization administrators.

Choices for Organization Owners and Administrators

Administrators have the ability to manage and change most of the organization settings, including communication retention settings, and can modify whether or when organization members can edit or delete communications. Administrators can also deactivate member accounts for their organization. Only a primary owner can deactivate or delete an organization. For more about these privileges, choices, and permissions, see our FAQ.

Other Choices

The browser you use may provide you with the ability to control cookies or other types of local data storage. Your mobile device may provide you with choices around how and whether location or other data is shared with us.

Sharing and Disclosure

There are times when communications and related content and other user information may be shared by Retail Zipline. This section discusses only how Retail Zipline may share user information. Organizations that use Retail Zipline may have their own policies for sharing and disclosure of information they can access through Retail Zipline. Retail Zipline may share information:

With consent, to comply with legal process, or to protect Retail Zipline and our users. When we have your consent or if we believe that disclosure is reasonably necessary to comply with a law, regulation or legal request; to protect the safety, rights, or property of the public, any person, or Retail Zipline; or to detect, prevent, or otherwise address fraud, security or technical issues. If we receive a law enforcement or other third party request for information we will provide prior notice to the subject of the request where we are legally permitted to do so. For more information on Retail Zipline’s policies for responding to requests for user data, please see our User Data Request Policy.

With third parties and agents. We may employ third party companies or individuals to process personal information on our behalf based on our instructions and in compliance with this Privacy Policy. For example, we may share data with a security consultant to help us get better at preventing unauthorized access or with an email vendor to send messages on our behalf. We may also share data with hosting providers, payment processors, marketing vendors, and other consultants who work on our behalf and under contractual promises of confidentiality.

About you with your organization or organization administrator(s).

We may share your email address and organization name with your organization. If the email address under which you’ve registered your account belongs to or is controlled by an organization (to be clear, we’re not talking about free web-based email providers like Gmail, Hotmail or Yahoo! Mail) we may disclose that email address and associated organization names to that organization in order to help it understand who associated with that organization uses Retail Zipline, and to assist the organization with its enterprise accounts. Please do not use a work email address for our services unless you are authorized to do so, and are therefore comfortable with this kind of sharing.

In addition, there may be times when you contact Retail Zipline to help resolve an issue specific to an organization you are a member of. In order to help resolve the issue, we may need to share your concern with your administrator. When possible, we will try to mask or remove any identifying information before sharing these communications.

In the event of a merger or sale. If we engage in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding that involves the transfer of the information described in this Privacy Policy.

That is aggregated and non-identifiable. We may also share aggregated or non-personally identifiable information with our partners or others for business or research purposes. For example, we may tell a prospective Retail Zipline customer the average number of communications sent within a Retail Zipline organization in a day or may partner with research firm or academics to explore interesting questions about retail operations. Again, this policy is not intended to prohibit the disclosure and use of aggregated or de-identified data.

Security

Retail Zipline takes reasonable steps to protect information you provide to us as part of your use of the Retail Zipline service from loss, misuse, and unauthorized access or disclosure. When you enter sensitive information (such as sign-in credentials) we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it. However, no electronic or email transmission or digital storage mechanism is ever fully secure or error free.

To learn more about current practices and policies regarding security and confidentiality, please see our Security Practices; we keep that document updated as these practices evolve over time.

Children’s information

Retail Zipline is not directed to children under 13. If you learn that a minor child has provided us with personal information without your consent, please contact us.

Changes to this Privacy Policy

We may change this policy from time to time, and if we do we’ll post any changes on this page. If you continue to use Retail Zipline after those changes are in effect, you agree to the revised policy. If the changes are material, we may provide more prominent notice or seek your consent to the new policy.

Contacting Retail Zipline

Please also feel free to contact us if you have any questions about Retail Zipline’s Privacy Policy or practices. You may contact us at feedback@retailzipline.com or at our mailing address below:

Retail Zipline
423 Vermont St
San Francisco, CA
94107