Teamworks Privacy Policy & Cookies
Last updated: April 2, 2024
This Privacy Policy describes how Teamworks Innovations, Inc. and its affiliates (collectively, “Teamworks”, “we”, “us”, or “our”) collects and processes your personal information for our own purposes when you interact with Teamworks software, services, content, and any related mobile applications, websites or other technology (collectively, our “Services”). Teamworks is committed to protecting and respecting your privacy. This Privacy Policy explains why and how we process your personal information (also referred to as “personal data”), your rights and how to contact us if you need to.
By engaging with our Services, you acknowledge you have read and understood this Privacy Policy. For the purposes of applicable data protection laws, (the “Data Protection Laws”), Teamworks is the processor in relation to the personal data processed in accordance with this policy (except where this policy explains otherwise).
Some regions provide additional rights by law. For region-specific terms, please see the following sections below:
- 11. “Additional Disclosures for California Residents”
- 12. “Additional Disclosures for Data Subjects in the European Economic Area, Switzerland, and United Kingdom”
1. Information we collect about you
We may collect and process your personal data if: You or your organization (such as your team, governing body, school or employer) are a customer of Teamworks. You or your organization use our Services. You or your organization use the services of a data provider or other business partner that integrates or shares data with our Services.
Information we collect from you or from a third party
We may process your personal data that we have either obtained from you or your organization through the use of our Services, or obtained from somewhere else. Personal data which is not collected directly from you may be collected: From your organization in connection with your role and its relation to our provision of the Services. From third parties we work with (including, for example, data providers or other business partners that integrate or share data with our Services, and vendors in technical, payment and delivery services.
Personal data relating to you that we process may include:
Any information that we obtain from you when you use our Services. Depending on which of our Services you or your organization use, this may include without limitation: your full name, cell phone number, email, address, family and emergency contacts, height, weight, travel itinerary, drivers’ license, insurance cards, biometric data, data concerning health, medical information, and any other personal data provided to us by you or by your organization.
Children under the age of 13
Our Services are not intended for use by children under 13 years of age. No one under age 13 should themselves provide any of their own personal information to us by using our Services. If you are under 13, do not use or provide any information through any of our Services, or provide any information about yourself to us, including your name, address, telephone number, email address, or any username you may use. If we receive written notice that we have received personal information directly from a child under age 13 without parental consent, we will delete that information. If you believe we might have obtained any information from or about a child under 13 without parental consent, please contact us.
2. Cookies and other similar technologies
Our Services use cookies and other similar technologies such as device-IDs to collect and store certain information. These typically involve pieces of information or code that a website transfers to or accesses from your computer hard drive or mobile device to store and sometimes track information about you. Cookies and similar technologies enable you to be remembered when using that computer or device to interact with websites and online services and can be used to manage a range of features and content as well as storing searches and presenting personalized content. We use these cookies and other technologies on the basis that they are necessary for the performance of a contract with you or your organization, or because using them is in our legitimate interests (where we have considered that these are not overridden by your rights), and, in some cases, where required by law, where you have consented to their use.
3. How we use your information
Information you give to us
We use your personal information to:
Carry out our obligations arising from any contract entered into between your organization and us, including providing our Services to you or your organization, administering you or your organization’s account with us, and where otherwise required by law or otherwise in our legitimate interests (provided these interests do not override your right to object to such communications).
Ensure in our legitimate interests that content included in our Services is presented in the most effective manner for you and for your device.
Provide you or your organization with the information, products and Services you request from us.
In our legitimate interests, where we have considered these are not overridden by your rights, to administer and support our Services and for internal operations and business purposes, including, data analysis and analytics, research, statistical and survey purposes.
To keep our Services safe and secure.
To improve our Services to ensure that content is presented in the most effective manner for you and for your organization.
To allow you to participate in interactive features of our Services.
Information we receive from other sources
We will combine your personal information that we receive from other sources with personal information you give to us and information we collect about you in our legitimate interests (where we have considered that these are not overridden by your rights). We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
4. Who we give your information to
We may share your personal data with appropriate third parties including: subcontractors or subprocessors who support our processing of personal data under this policy, our data providers or other business partners, or otherwise for the performance of any contract we enter into or other dealings we have in the normal course of business with your organization, including supporting the functionality of our Services.
Subprocessors of your personal information may include, but are not necessarily limited to: Amazon Web Services, Inc. (for hosting and data storage), Twilio Inc. (for SMS delivery), DocuSign, Inc. (for e-signatures), Gainsight, Inc. (for helpdesk support and ticketing). Unless otherwise specified in our agreement with you or your organization, the data processing location for each of our subprocessors is the United States.
We will disclose your personal information to third parties in other circumstances, including but not limited to:
In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets subject to the terms of this Privacy Policy.
If Teamworks is acquired by or merges with a third party, in which case personal data held by Teamworks about its customers will be one of the transferred assets.
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation; this includes disclosures made in connection with a subpoena, warrant, or other court order.
In order to enforce our agreements with you or your organization.
To protect the rights, intellectual property, or safety of Teamworks, our customers, or others.
5. Where do we store your information?
The data that we process in relation to you may be transferred to, and stored at, a destination outside the United States, the United Kingdom, the European Economic Area (“EEA”), or Australia that may not be subject to equivalent data protection laws. It may also be processed by staff situated outside the United States, the United Kingdom, the EEA, or Australia who work for us or for one of our suppliers or subprocessors. We may transfer your personal information outside the United States, the United Kingdom, the EEA, or Australia: in order to store it, or in order to enable us to provide the Services and fulfill our contract with you or your organization. Where your information is transferred outside the United States, the United Kingdom, the EEA, or Australia, we will take any legally required steps to ensure that your data is subject to appropriate safeguards, such as relying on a recognized legal mechanism, and that it is treated securely and in accordance with this privacy policy.
6. How we protect your information
We pride ourselves in our approach to ensuring the data you entrust to us is handled appropriately and subscribe to several standards that should give you the peace of mind that your information is as safe as possible. In the instance of our educational customers, we adhere to the Family Educational Rights and Privacy Act (“FERPA”) where applicable. We also adhere to the Payment Card Industry Data Security Standard (“PCI DSS”) standards where applicable to our Services. All information you provide to us through the use of our Services is stored on secure servers where the data is encrypted. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Unfortunately, the digital transmission of information is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted via our Services. Any digital transmission involves some risk.
Our Services also contain links to external sites or integrate with our data providers. We are not responsible for the privacy policies or the content of such third parties.
7. How long we keep your information
We retain personal data for as long as you use our Services and in accordance with our contractual obligations to your organization. We may also retain information beyond this time for research and analytics purposes and to help us develop and improve our Services.
8. Your rights
You may have the right under certain circumstances to be provided with a copy of your personal data held by us; to request the rectification or erasure of your personal data held by us; to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example); or to object to the further processing of your personal data.
Your right to withdraw consent: Where the processing of your personal information by us is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us.
How to exercise your rights
You can exercise the rights listed above at any time by contacting the Teamworks Privacy Officer at privacy@teamworks.com.
9. Changes to this policy
Any changes we make to our privacy policy in the future will be posted on our website at www.teamworks.com.
10. Contact us
Our full contact details are:
Privacy Officer
Teamworks Innovations, Inc.
122 E Parrish St, Durham,
NC, USA 27701
privacy@teamworks.com
(877) 821-5558
11. Additional disclosures for California residents
These additional disclosures apply only to California residents and only to the extent applicable.
Notice of collection
The California Consumer Privacy Act as amended by the California Privacy Rights Act (“CPRA”) provides additional rights and requires businesses collecting or disclosing personal information to provide notices and means to exercise rights. In the past 12 months, we have collected the following categories of personal information enumerated in the CPRA:
Identifiers, including name, postal address, email address, and online identifiers (such as IP address).
Customer records, including phone number, billing address, bank account and credit or debit card information.
Characteristics of protected classifications under California or federal law, including gender.
Commercial or transaction information, including records of products or services purchased, obtained, or considered.
Internet activity, including browsing history, search history, and interactions with a website, email, application, or advertisement.
Non-precise geolocation data.
Employment and education information.
Inferences drawn from the above information about your predicted characteristics and preferences.
For further details on personal information we collect, including the sources from which we receive information, review the “1. Information we collect about you” section above. We collect and use these categories of personal information for the business purposes described in the “3. How we use your information” section above. We disclose the personal information to the categories of persons set out in the “4. Who we give your information to” section above. Please visit those sections for further details.
Right to know, correct and delete
You have the right to know certain details about our data practices. In particular, you may request the following from us:
The categories of personal information we have collected about you;
The categories of sources from which the personal information was collected;
The categories of personal information about you we disclosed for a business purpose or sold or shared;
The categories of persons to whom the personal information was disclosed for a business purpose or sold or shared;
The business or commercial purpose for collecting or selling or sharing the personal information; and
The specific pieces of personal information we have collected about you.
In addition, subject to exceptions, you have the right to correct or delete the personal information we have collected from you.
To exercise any of your rights, please submit a request using the information in the “10. Contact us” section above. We will respond to your request as prescribed by law. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests.
If personal information about you has been processed by us as a service provider on behalf of your organization, please inquire with your organization directly to exercise your rights. If you wish to make your request directly to us, please provide the name of our customer on whose behalf we processed your personal information. We will refer your request to that customer, and will support them to the extent required by applicable law in responding to your request.
Additional notice and opt-out
In general, our business is providing the Services to our customers such as your organization, not selling personal information. However, under the CPRA, some practices may be considered a “share” or “sale” even if no money is exchanged. For instance, a “sale” is broadly defined under the CPRA to include a disclosure for something of value. Under these definitions, we may collect, share, or sell the following categories of personal information for commercial purposes: identifiers, characteristics, commercial or transaction information, internet activity, non-precise geolocation data, and inferences drawn. The categories of third parties to whom we “share” or “sell” personal information may therefore include any third parties we disclose personal information to. To the extent our Services or other practices constitute a “share” or “sale” of your personal information, you may have the right to opt out. You can exercise this right by contacting us through the “10. Contact us” section above
Retention
We retain each category of personal information for the length of time that is reasonably necessary for the purpose for which it was collected, and as necessary to comply with our contractual obligations to our customers and other legal obligations.
Authorized agent
You can designate an authorized agent to submit requests on your behalf. However, we may require signed proof of the agent’s permission to do so and verify your identity directly. Requests must be submitted through the “10. Contact us” section above.
Right to non-discrimination
You have the right not to receive discriminatory treatment by us for the exercise of any of your rights.
Shine the Light
Residents of California may request (i) a list of the categories of personal information disclosed by us to third parties during the immediately preceding calendar year for those third parties’ own direct marketing purposes; and (ii) a list of the categories of third parties to whom we disclosed such information. To exercise a request, please contact us using the information in the “10. Contact us” section above and specify that you are making a “California Shine the Light Request.” We may require additional information from you to allow us to verify your identity and are only required to respond to requests once during any calendar year.
12. Additional disclosures for data subjects in the European Economic Area, Switzerland and the United Kingdom
Roles
Teamworks may process personal data in accordance with the instructions of or on behalf of your organization, including when providing Services to a customer under an agreement. In this context, Teamworks acts as a processor and your organization acts as a controller. Teamworks may also act as a controller in certain limited contexts, such as when complying with regulatory obligations applicable to our business.
Lawful basis for processing
Data protection laws in Europe require a “lawful basis” for processing personal data. Our lawful bases include where: (a) you have given consent to the processing for one or more specific purposes, either to us or to our service providers, partners, or customers; (b) processing is necessary for the performance of a contract; (c) processing is necessary for compliance with a legal obligation; or (d) processing is necessary for the purposes of the legitimate interests pursued by us or a third party, and your interests and fundamental rights and freedoms do not override those interests.
International transfers
We may transfer your personal data to our operations in the United States or Australia or to our service providers or other third parties in the United States or Australia or other countries – this may involve the transfer of your personal data to countries which have different data protection standards to those which apply in the European Economic Area or Switzerland.
Some of these countries are subject to a European Commission or a United Kingdom adequacy decision. For other countries, Teamworks generally puts into place the relevant European Commission or United Kingdom-approved model clauses with the relevant third parties to ensure that your personal data is protected with appropriate safeguards. We may also rely on other permitted data transfer mechanisms.
Your data subject rights
You may have certain statutory rights relating to your personal data. Subject to applicable law, you may have the right to access and rectify your personal data, to require us to erase your personal data or to transfer it to other organizations, and to object to the processing of your personal data. Where we process your personal data because we have a legitimate interest in doing so (as explained above), you may have a right to object to this. You may also have the right to restrict processing of your personal data in certain circumstances. These rights may be limited in some situations, for example, where we can demonstrate that we have legitimate grounds to process your personal data. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different from those for which it was originally collected or subsequently authorized by you. You may withdraw your consent at any time for any processing of your personal data which we do based on consent you have provided to us.
To exercise any of these rights, please use the information in the “10. Contact us” section above. We will respond to your request within the time limits prescribed by law. We may require specific information from you to help us confirm your identity and process your request. If your personal data has been processed by us as a processor on behalf of a customer and you wish to exercise any rights you have with such personal data, please inquire with our customer directly. If you wish to make your request directly to us, please provide the name of our customer on whose behalf we processed your personal data. We will refer your request to that customer, and will support them to the extent required by applicable law in responding to your request.
Retention of your personal data
Please note that we retain personal data for as long as necessary to fulfill the purposes for which it was collected from you or our customers, and may continue to retain and use your personal data for purposes of our legitimate interests or as necessary to comply (or demonstrate compliance with) with our legal or regulatory obligations, resolve disputes, prevent fraud, and enforce our rights.
