Privacy Policy
This privacy policy (“Privacy Policy”) explains how information is collected, used, and disclosed by Contactous Pte Ltd (“Contactous” “we,” or “our”) for its website of CarbonSutra (www.carbonsutra.com) and applies to information we collect when you use or access our online or API services and use our products, service or applications (collectively, the “Service”), or when you otherwise interact with us. We respect the privacy rights of users and recognize the importance of protecting information collected about you.
Changes to This Policy
If there are any changes to this Privacy Policy, we’ll post them on the Website and send them to the last email address you gave us. Any changes will be effective as of the date we post on the Website or send the email (or whichever date is later). You may object to any changes within 10 days after they’re posted on our Website or delivered to you, in which case none of the proposed changes will be effective with respect to information that we’ve already collected from you but will apply only to information we collect in the future. We won't treat information of any open account differently from any other open account. If you object to changes in our Privacy Policy, we’ll have to terminate your account. That said, if we ever changed our Privacy Policy to expand our rights to use or disclose Personal Information for marketing purposes, you would be able to opt out without termination.
Protection Principles We Follow
Lawfulness
We maintain lawfulness in our personal data collection & processing. This means that:
Information We Collect
Information We Do Not Collect
Sensitive Personal Data: Personal data which are, by their nature, particularly sensitive in relation to fundamental rights and freedoms merit specific protection as the context of their processing could create significant risks to the fundamental rights and freedoms. Those personal data include personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
Use and Disclosure of Your Personal Information
We will use information we collect to provide, develop, and improve the Services on your Organization’s behalf and in accordance with any other instructions from your Organization. Examples of such use include:
The Service offers collaboration features or other integrated tools, through which your User Content may be shared through the Service. As a function of the collaborative nature of the Service and based on the permissions and settings you choose and/or the terms of the user guide for the Service, the use of such features enables the sharing of User Content with other people you collaborate with. For more information about such collaboration and sharing features, please review the applicable instructions provided in the Service and information provided in the user guide for the Service, if any.
If the Service permits a user to post or submit to the Service any User Content that is to be made publicly available and you submit User Content in such manner, you automatically grant (or warrant that the owner of such materials expressly grants) Contactous and its affiliates a world-wide, perpetual, royalty-free, irrevocable and non-exclusive right and license to use, copy, store, adapt, transmit, communicate publicly display and perform, distribute and create compilations and derivative works from such User Content and to use such content for promotional and marketing purposes. Such license will apply with respect to any form, media, or technology, now known or later developed. In addition, you warrant that all “moral rights” in such materials have been waived. You will be solely responsible for your own submissions and the consequences of posting or publishing them through the Service, and you agree to indemnify and defend Contactous for any cost and action resulting from any such submission.
Security
Disclaimer: We understand that the security of your personal data is paramount. We provide reasonable administrative, technical, and physical security controls to protect your personal information. However, despite our efforts, no security controls are 100% effective and Contactous cannot ensure or warrant the security of your personal information.
Notice of Breach of Security: Nobody’s safe from hackers. If a security breach causes an unauthorized intrusion into our system that materially affects you or people on your collaboration Lists, then Contactous will notify you as soon as possible and later report the action we took in response.
Safeguarding Your Information:
Compliance
Safe Harbor Certification
Contactous does not collect any personal information about users, except which is knowingly and specifically supplied to us by the user. Contactous is committed to ensuring the privacy of your personal information and complying with the Privacy Act.
“Cookies” are used within this website to improve the quality of the site. Aggregate information may be collected about the use of this website, including page hits, number of visitors, clickstream, etc. Contactous reserves the right to use this information for the purpose of enhancing the usability of this website.
Your Choices
Account Information & Retention
Subject to the terms of this Privacy Policy, you may update, correct or delete information about you at any time by logging into your online account and modifying your information or by emailing us at [email protected]. We will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy. If you wish to deactivate your account, please email us at support@contactous.com, but note that we may retain certain information as required by law or for legitimate business purposes. We may also retain cached or archived copies of information about you for a certain period of time. We will respond to your access request within 30 days. To request removal of your personal information from our blog or testimonials, contact us at the email address listed above. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
We will retain your information for as long as your account is active or as needed to provide the Service to you and/or your collaborator(s). We will retain and use your information to comply with our legal obligations, exercise our rights, resolve disputes and enforce our agreements.
Promotional and Newsletter Communications
You may opt out of receiving promotional and newsletter emails from Contactous by following the opt-out instructions provided in those emails. You may also opt-out of receiving promotional emails and other promotional communications from us at any time by emailing [email protected] with your specific request. If you opt-out, we may still send you non-promotional communications, such as security alerts and notices related to your access to or use of the Service or those about your online account or our ongoing business relations.
Cookies
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies or to prompt you before accepting such a cookie. Please note that, if you choose to remove or reject browser cookies, this could affect the availability or functionality of the Service.
Third Parties
You can opt out of Contactous’s disclosure of your personal information to third parties for direct marketing purposes. If you choose to opt out at any time after granting approval email [email protected].
Testimonials
We may display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent we may post your testimonial along with your name.
Links to Third Party Websites
We may place links on the Service. When you click on a link to a third party website from our website, your activity and use on the linked website is governed by that website’s policies, not by those of Contactous. We do not endorse and are not responsible for the privacy practices of these Third Party Websites. We encourage you to visit their websites and review their privacy and user policies.
Adherence to Privacy Shield Principles
Contactous adheres to the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries, Switzerland, Iceland, Liechtenstein and Norway as to personal data submitted by Contactous customers or collected by Contactous through its service.
Accountability for Onward Transfer
Pursuant to the Privacy Shield Principles, Contactous remains accountable for Personal Data that it receives under the Privacy Shield and subsequently transfers to third party vendors, consultants and other service providers.
In particular, Contactous remains responsible and liable under the Privacy Shield Principles if third-party vendors, consultants or other service providers that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless Contactous proves that it is not responsible for the event giving rise to the damage.
Recourse, Enforcement and Liability
In compliance with the Privacy Shield Principles, Contactous commits to resolve any questions, concerns or complaints about our collection or use of your Personal Information. EU, Swiss, Iceland, Liechtenstein and Norway individuals with inquiries or complaints regarding our Privacy Policy should first contact CarbonSutra at support@contactous.com.
If your complaint was not resolved by Contactous, Contactous commits to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (Commissioner) and comply with the advice given by the DPA and Commissioner, with regard to data transferred from the EU, Switzerland, Iceland, Liechtenstein and Norway.
Contacting Us
If you have any privacy-related questions, suggestions, unresolved problems, or complaints you may contact us via support@contactous.com.
Last Modified on 15-Jul-2023
Changes to This Policy
If there are any changes to this Privacy Policy, we’ll post them on the Website and send them to the last email address you gave us. Any changes will be effective as of the date we post on the Website or send the email (or whichever date is later). You may object to any changes within 10 days after they’re posted on our Website or delivered to you, in which case none of the proposed changes will be effective with respect to information that we’ve already collected from you but will apply only to information we collect in the future. We won't treat information of any open account differently from any other open account. If you object to changes in our Privacy Policy, we’ll have to terminate your account. That said, if we ever changed our Privacy Policy to expand our rights to use or disclose Personal Information for marketing purposes, you would be able to opt out without termination.
Protection Principles We Follow
- Lawfulness, fairness, and transparency: We process personal data lawfully, fairly, and transparently.
- Purpose limitations: We collect and use personal data for specified, explicit, and legitimate purposes.
- Data minimization: We Only collect the personal data that is necessary for the purpose of the business function.
- Accuracy: We keep personal data accurate and current. All necessary steps are taken to achieve this. No inaccurate data shall be kept and any errors in data shall be rectified as soon as they become known.
- Storage limitation: We do not retain the data if we no longer require it for the purposes defined and agreed for processing. We securely remove the data when it is no longer necessary. We do not store personal data that we no longer use.
- Integrity and confidentiality: Integrity, confidentiality, and availability are fundamental to information security. The confidentiality and integrity of the personal data are always be maintained. Access is also controlled to achieve this.
Lawfulness
We maintain lawfulness in our personal data collection & processing. This means that:
- Your consent is the pre-dominantly essential for collection and processing of your personal data
- Contractual necessity is a primary lawful basis for processing
- Lawful processing remains on the ground of compliance with legal obligations
- The protection of the ‘vital interests’ of a natural person is another ground for lawful processing
- Public interest forms a basis for lawful processing. In other words “processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller”.
- Legitimate interests as a legal basis for processing
Information We Collect
- Information You Provide to Us: When you register to use the Services, communicate with our customer service team, send us an email, or post on our blog, you’re giving us information that we collect. That information may include your IP address, name, physical address, email address, phone number, credit card information, and other details like gender, occupation, and other demographic information. By giving us this information, you consent to your information being collected, used, disclosed, and stored by us, only as described in our Terms of Use and Privacy Policy.
- Information from your Use of the Service: We may get information about how and when you use the Services. This information may include your IP address, time, date, browser used, and actions taken by you within the application[b1] .
- Cookies: When you register to use our Services, we store "cookies," which are strings of code, on your computer. We use those cookies to collect information about when you visit our Website, when you use the Services, your browser type and version, your operating system (operating system of the ‘Services’ you use), and other similar information. You may turn off cookies that have been placed on your computer by following the instructions on your browser, but if you block our cookies, it may be more difficult (and maybe even impossible) to use the Services.
- Customer Data: Through use of the Services (websites + apps), you, your colleagues, your Organization, and other users, may directly provide or submit information to Contactous ("Customer Data"). Customer Data includes, for example:
- Contact information, such as full name, mobile number and email address;
- Demographic information;
- Username and password;
- Work title, department information, and other information related to your work or Organization;
- All content that you create, in audio, video, text, images, and other media or software files that you provide on or through the Services, or that are provided on your behalf, including information in or about the content you provide, such as the location of a photo or the date a file was created;
- User communications, feedback, suggestions, and ideas sent to us;
- Your mobile device id
- Information you provide us when you or your Organization contact or engage us for support regarding the Services.
- Contact information, such as full name, mobile number and email address;
- Note: We process personal data where identification is required, as mentioned above [non-applicability of GDPR#11]
- Information from Other Sources: We may get more information about you, like name, age, and participation in social media websites, by searching the internet or querying third parties (we’ll refer to that information as Supplemental Member Information). We only collect data that’s publicly available or provided by a third party according to its terms of use.
- If the content or information that you store on Contactous apps or websites contains personal information of other individuals, you must be legally permitted to share the personal information with Contactous.
Information We Do Not Collect
Sensitive Personal Data: Personal data which are, by their nature, particularly sensitive in relation to fundamental rights and freedoms merit specific protection as the context of their processing could create significant risks to the fundamental rights and freedoms. Those personal data include personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
- Health and genetic data
- Biometric data
- Racial or ethnic data
- Political opinions
- Sexual orientation
- criminal convictions and offences
- Information of the minors/ children [non-applicability of GDPR#8]
Use and Disclosure of Your Personal Information
We will use information we collect to provide, develop, and improve the Services on your Organization’s behalf and in accordance with any other instructions from your Organization. Examples of such use include:
- Communicate with users and administrators regarding their use of the Services;
- Enhance the security and safety of the Services for your Organization and other users;
- Personalize your and your Organization’s experiences as part of our provision of the Services;
- Develop new tools, products, or services for your Organization;
- Associate activity on our Services across different devices operated by the same individual to improve the Service which we provide to your Organization;
- Associate activity on our Services across different devices operated by the same individual;
- Conduct data and system analytics, including research to improve the Services. In these circumstances Contactous shall, to the extent possible, use de-identified or aggregated data.
- To promote use of our Services - For example, if you leave your Personal Information when you visit our Website and don’t sign up for any of the Services, we may send you an email asking whether you want to sign up. And if you use any of our Services, and we think you might benefit from using another Service we offer, we may send you an email telling you about it.
- For R&D of our products and services - For example, our systems will analyse your data provided when you use our products and services to improve them, develop new, secure, maintain and provide stable operations consistently.
- To bill and collect money owed to us - This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number.
- To send you System Alert Messages - For example, we may let you know about temporary or permanent changes to our Services, like planned outages, new features, version updates, releases, abuse warnings, and changes to our Privacy Policy. We send these to your email address or via SMS. You may not opt-out of these service-related announcements, which are not promotional in nature and used solely to protect your account and keep you informed of important changes.
- To enforce compliance with our Terms of Use and applicable law. This may include developing tools and algorithms that help us prevent violations.
- To provide customer support. This may include providing project level support from a representative from the company who can access your project data upon your approval.
- To protect the rights and safety of our Members and third parties, as well as our own.
- To meet legal requirements like complying with court orders and valid subpoenas. [GDPR#6]
- To provide information to representatives and advisors, like such as attorneys and accountants, to help us comply with legal, accounting, or security requirements. [GDPR#6]
- To prosecute and defend a court, arbitration, or similar proceeding. [GDPR#6]
- To support and improve the Services we offer.
- To communicate with you about your account for informational, not promotional, reasons.
- To transfer your information in the case of a sale, merger, consolidation, or acquisition. In that event, any acquirer will be subject to our obligations under this Privacy Policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Web site.
- To send you informational and promotional content that you may choose (or "opt in") to receive. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.
The Service offers collaboration features or other integrated tools, through which your User Content may be shared through the Service. As a function of the collaborative nature of the Service and based on the permissions and settings you choose and/or the terms of the user guide for the Service, the use of such features enables the sharing of User Content with other people you collaborate with. For more information about such collaboration and sharing features, please review the applicable instructions provided in the Service and information provided in the user guide for the Service, if any.
If the Service permits a user to post or submit to the Service any User Content that is to be made publicly available and you submit User Content in such manner, you automatically grant (or warrant that the owner of such materials expressly grants) Contactous and its affiliates a world-wide, perpetual, royalty-free, irrevocable and non-exclusive right and license to use, copy, store, adapt, transmit, communicate publicly display and perform, distribute and create compilations and derivative works from such User Content and to use such content for promotional and marketing purposes. Such license will apply with respect to any form, media, or technology, now known or later developed. In addition, you warrant that all “moral rights” in such materials have been waived. You will be solely responsible for your own submissions and the consequences of posting or publishing them through the Service, and you agree to indemnify and defend Contactous for any cost and action resulting from any such submission.
Security
Disclaimer: We understand that the security of your personal data is paramount. We provide reasonable administrative, technical, and physical security controls to protect your personal information. However, despite our efforts, no security controls are 100% effective and Contactous cannot ensure or warrant the security of your personal information.
Notice of Breach of Security: Nobody’s safe from hackers. If a security breach causes an unauthorized intrusion into our system that materially affects you or people on your collaboration Lists, then Contactous will notify you as soon as possible and later report the action we took in response.
Safeguarding Your Information:
- We do not capture any credit card information at this point and the site uses no SSL certification at this moment. When we begin processing credit card information, to protect your information, our credit card processing vendor will use the latest 128/256-bit Secure Socket Layer (SSL) technology for secure transactions. Our vendor is certified as compliant with card association security initiatives, like the Visa Cardholder Information Security and Compliance (CISP), MasterCard® (SDP), and Discovery Information Security and Compliance (DISC).
- Contactous accounts require a username and password to log in. You must keep your username and password secure, and never disclose it to a third party. Because the information in your account is so sensitive, account passwords are encrypted, which means we can’t see your passwords. We can’t resend forgotten passwords either. We’ll only reset them.
Compliance
Safe Harbor Certification
- Contactous complies with the Singapore’s Personal Data Protection Act (pdpa) which is overseen by the Government of Singapore,. We certify that we follow the principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. In light of a recent European Court of Justice ruling users may request an updated data processing agreement which incorporates the Standard Contractual Clauses here.
- We do our best to keep your data accurate and up to date, to the extent that you provide us with the information we need to do that. If your data changes (like a new email address), then you’re responsible for notifying us of those changes.
- We only store data about you for as long as it’s reasonably required to fulfill the purposes that gave us the right to access it in the first place. We keep some data indefinitely, relating to when and where emails were sent, which bounced, which resulted in a complaint, and similar information, because we use it to help us screen out people who violate SPAM laws, and for other reasons explained in this policy.
- We’ll give you access to any Personal Information about you that we hold within 30 days of any request for that information you make by contacting us on [email protected]. Unless it’s prohibited by law, we’ll remove any Personal Information about you from our servers at your request.
Contactous does not collect any personal information about users, except which is knowingly and specifically supplied to us by the user. Contactous is committed to ensuring the privacy of your personal information and complying with the Privacy Act.
“Cookies” are used within this website to improve the quality of the site. Aggregate information may be collected about the use of this website, including page hits, number of visitors, clickstream, etc. Contactous reserves the right to use this information for the purpose of enhancing the usability of this website.
Your Choices
Account Information & Retention
Subject to the terms of this Privacy Policy, you may update, correct or delete information about you at any time by logging into your online account and modifying your information or by emailing us at [email protected]. We will retain your personal information for the period necessary to fulfill the purposes outlined in this Privacy Policy. If you wish to deactivate your account, please email us at support@contactous.com, but note that we may retain certain information as required by law or for legitimate business purposes. We may also retain cached or archived copies of information about you for a certain period of time. We will respond to your access request within 30 days. To request removal of your personal information from our blog or testimonials, contact us at the email address listed above. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
We will retain your information for as long as your account is active or as needed to provide the Service to you and/or your collaborator(s). We will retain and use your information to comply with our legal obligations, exercise our rights, resolve disputes and enforce our agreements.
Promotional and Newsletter Communications
You may opt out of receiving promotional and newsletter emails from Contactous by following the opt-out instructions provided in those emails. You may also opt-out of receiving promotional emails and other promotional communications from us at any time by emailing [email protected] with your specific request. If you opt-out, we may still send you non-promotional communications, such as security alerts and notices related to your access to or use of the Service or those about your online account or our ongoing business relations.
Cookies
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies or to prompt you before accepting such a cookie. Please note that, if you choose to remove or reject browser cookies, this could affect the availability or functionality of the Service.
Third Parties
You can opt out of Contactous’s disclosure of your personal information to third parties for direct marketing purposes. If you choose to opt out at any time after granting approval email [email protected].
Testimonials
We may display personal testimonials of satisfied customers on our site in addition to other endorsements. With your consent we may post your testimonial along with your name.
Links to Third Party Websites
We may place links on the Service. When you click on a link to a third party website from our website, your activity and use on the linked website is governed by that website’s policies, not by those of Contactous. We do not endorse and are not responsible for the privacy practices of these Third Party Websites. We encourage you to visit their websites and review their privacy and user policies.
Adherence to Privacy Shield Principles
Contactous adheres to the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries, Switzerland, Iceland, Liechtenstein and Norway as to personal data submitted by Contactous customers or collected by Contactous through its service.
Accountability for Onward Transfer
Pursuant to the Privacy Shield Principles, Contactous remains accountable for Personal Data that it receives under the Privacy Shield and subsequently transfers to third party vendors, consultants and other service providers.
In particular, Contactous remains responsible and liable under the Privacy Shield Principles if third-party vendors, consultants or other service providers that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless Contactous proves that it is not responsible for the event giving rise to the damage.
Recourse, Enforcement and Liability
In compliance with the Privacy Shield Principles, Contactous commits to resolve any questions, concerns or complaints about our collection or use of your Personal Information. EU, Swiss, Iceland, Liechtenstein and Norway individuals with inquiries or complaints regarding our Privacy Policy should first contact CarbonSutra at support@contactous.com.
If your complaint was not resolved by Contactous, Contactous commits to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (Commissioner) and comply with the advice given by the DPA and Commissioner, with regard to data transferred from the EU, Switzerland, Iceland, Liechtenstein and Norway.
Contacting Us
If you have any privacy-related questions, suggestions, unresolved problems, or complaints you may contact us via support@contactous.com.
Last Modified on 15-Jul-2023