Updated: May 15, 2023 | Terms of Service
We collect personal information, such as your name and email address, when you register for an account on the Service. You may also provide us with optional information such as a photograph. Your user name, email address and any optional profile information that you elect to associate with your account is referred to herein as your “Profile Information.”
We may use your email address to send you Service-related notices (including any notices required by law, in lieu of communication by postal mail). We may also use your email address to send you announcements and information about other products or services (including third-party services) that you may be interested in (together, the “Marketing Messages”). You may opt-out of receiving Marketing Messages at any time by following the instructions provided in the Marketing Message. Through your account interface, you may also opt-out of receiving categories of Service-related notices that are not deemed by Spiffy to be integral to your use of the Service.
Even if you are not a registered user of our Service, if you email us we may retain a record of such email communication, including your email address, the content of your email, and our response.
If you are a user of our paid premium service, we will utilize a third party credit card payment processing company to collect payment information, including your credit card number, billing address and phone number. We will share this payment information with the third-party processing company as detailed below in “How We Share Your Information: With Trusted Service Providers and Business Partners.” We do not store your payment information.
If you choose to use our invitation service to invite a friend to the Service, we will ask you for that person’s contact information, which may include their email address or their social network identity, and automatically send an invitation. Spiffy stores the information you provide to send the invitation, to register your friend if your invitation is accepted, and to track the success of our invitation service.
Your use of the Service will involve you uploading or inputting various content into the Service; including but not limited to: tasks, attachments, project names, team names, and conversations (together, the “Content”).
You control how your Content is shared with others via your settings on the Service.
Spiffy may view your Content only as necessary (i) to maintain, provide and improve the Service; (ii) to resolve a support request from you; (iii) if we have a good faith belief, or have received a complaint alleging, that such Content is in violation of our Acceptable Use Guidelines; (iv) as reasonably necessary to allow Spiffy to comply with or avoid the violation of applicable law or regulation; or (v) to comply with a valid legal subpoena or request that meets the requirements of our Law Enforcement Guidelines. We may also analyze the Content in aggregate and on an anonymized basis, in order to better understand the manner in which our Service is being used.
We use technologies like cookies and pixel tags to provide, monitor, analyze, promote and improve the Service. For example, a cookie is used to remember your user name when you return to the Service and to improve our understanding of how you interact with the Service. You can block cookies on your web browser; however please be aware that some features of the Service may not function properly if the ability to accept cookies is disabled.
When you use the Service, our servers automatically record certain information in server logs. These server logs may include information such as your web request, Internet Protocol (“IP”) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, mobile carrier, and other such information. Log files help us to monitor, analyze, improve and maintain the Service and to diagnose and fix any Service-related issues.
When you access the Service using a mobile device, we collect specific device information contained in your mobile device’s “device identifier.” This device identifier includes information such as the type of device you are using, its operating system, and mobile network information, which may include your mobile phone number. We may associate this device identifier with your Service account and will use data associated with your device identifier to customize our Services to your device and to analyze any device-related issues.
We may collect and process information about the location of the device from which you are accessing the Service. Location data may convey information about how you browse the Service and may be used in conjunction with personally identifiable information. You can disable location-based services in settings associated with the Service; however please be aware that some features of the Service may not function properly if location services are turned off.
We have designed our system to ensure a history of all records is maintained. You are not allowed to delete customer records, or order records in our system. An identifiable history of all transactions and customers is needed to ensure you have a proper history of transactions and customers for all Know Your Customer (KYC) and Anti-Money Laundering (AML) laws and regulations.
We may share the information we collect from you with third parties as detailed below.
We will display your Profile information on your profile page and elsewhere on the Service in accordance with the preferences you set in your account. You can review and revise your Profile information at any time.
We will display your Content within the Service as directed by you, including but not limited to your checkouts, portals, and customer-facing emails.
We may disclose your information (including your personally identifiable information) if required to do so by law or subpoena and if the relevant request meets our law enforcement guidelines. We may also disclose your information to our legal counsel, governmental authorities or law enforcement if we believe that it is reasonably necessary to do so in order to comply with a law or regulation; to protect the safety of any person; to address fraud, security or technical issues; or to protect Spiffy’s rights or property.
We may disclose aggregate non-personally identifiable information (such as aggregate and anonymous usage data, platform types, etc.) about the overall use of our Service publicly or with interested third parties to help them understand or to help us improve the Service.
The security of your information is important to us. When you enter sensitive information (such as a credit card number) as part of our service, we encrypt the transmission of that information using industry-standard encryption.
Spiffy uses commercially reasonable and industry-standard physical, managerial, and technical safeguards to preserve the integrity and security of your information. For example, we continuously and regularly back up your data to help prevent data loss and aid in data recovery. We also guard against common web attack vectors, host data in secure SAS 70 audited data centers, require multi-factor authentication, and implement firewalls and access restrictions on our servers to secure our network and better protect your information.
If you have any questions about security on our Service contact us at email@example.com
Although we allow you control over where you share your Content and what information is included in your Profile and take reasonable steps to maintain the security of the information associated with your account, please be aware that no security measures are perfect or impenetrable. We cannot control the actions of other users with whom you share your Content and we are not responsible for third-party circumvention of any privacy settings or security measures on the Service.
Additionally, we provide you and your team the ability to secure your access to the Service with multi-factor authentication to limit the viability of common personal security attack vectors (such as phishing, weak passwords, and brute forcing). Although, it’s solely your responsibility to ensure the security of your login credentials and device access.