Last Updated: June 30, 2019
Fond Technologies, Inc. respects your privacy and is committed to transparent privacy practices, in compliance with the European Union’s General Data Protection Regulation (“GDPR”) as applicable.
European Union residents should be sure to read the important information provided in the section below, entitled, “Additional Information for European Union Resident Users”.
Fond’s Service and Client User Data
Customers of our Service (each, a “Client” and collectively, “Clients”) use the Service to: (a) engage Client employees through a series of capabilities, including perks (employee discounts), recognition (company, manager and/or peer-to-peer recognition), to purchase experiences, gift cards, physical goods; and (b) periodically survey Client employees to gauge their job satisfaction.
Client user data (“Client User Data”) means and includes, without limitation, information about the identity of Client users (Client employees, such employees’ family members, and other users of the Site on Client’s behalf or under Client’s subscription) (such as name, e-mail address and shipping address), as well as information about the pages that users visit, the features they use, and the actions they take while using the Services.
Personal Information We Collect
Information you provide to us
We collect the following information from our Clients, their employees and employee family members who sign up for our Services:
Registration and Profile Information: We collect information about you when you create an account for our Services, which may include your name, title, company name, address, email address, birthdate, hire date, user identification, and password. If you are an employee of one of our Clients, we may also receive your name and email address from your employer. Other employees may also provide us your information when they invite you to try our Services.
Feedback and information: We collect information you provide in response to surveys, and any likes and comments you make in the Services. Providing this information is optional. All survey feedback is anonymized.
Request a perk: If you choose to request a Perk that is not then-currently available via the Services, we collect your email address, company name and city to improve our ability to access a relevant Perk and to notify you when the Perk is available. Requesting a Perk is optional.
Communications: We receive information from you when you contact us, or we communicate with you, including via email or social networks. All such communication is optional.
Information we collect from your use of our Services
Perks and Rewards Information: We collect information regarding which Perks you claim and which Rewards you give or receive. We also collect any additional information provided when you give or receive a Reward, including a description as to why you are receiving the Reward, and how you use the Rewards you receive. We also collect any feedback and ratings you provide about Perks or our Services. We may also collect analytics information regarding Perks redeemed from our third party vendors (“Vendors”).
Location: We will collect location information if you provide it to us or based on, for example, your device’s GPS coordinates, unless you configure your operating system settings to prevent this collection
Device and Usage Information: We record certain information and store it in log files when you interact with our Services. This information may include device and browser information, internet protocol (IP) address, the web pages or sites that you visit just before or just after you use our Services, the pages or other content you view or interact with on our Services, the information you search for, and the dates and times that you visit our Services.
Information we get from others
We may obtain additional information about you from third party sources, such as your company’s Human Resources Information System (HRIS) to enrich your experience on the Service and provide you with more relevant information related to our service offerings.
Sensitive personal information
Subject to the following paragraph, we ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers or other government-issued IDs, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Service or otherwise.
How We Use Personal Information We Collect
In order to provide the Services, we use your personal information to:
- Provide, operate, maintain, improve, and promote our Services
- Develop new products, services, features, and functionality
- Notify you when you visit a website or location that has a Perk available for redemption
- Process and complete transactions you make through the Service, and send you related information, including confirmations and invoices
- Monitor and analyze trends, usage, and activities to enhance our Services and to provide insights to you and your employer
- Manage and communicate with you regarding your Service account, if you have one, including by sending you Service announcements, technical notices, updates, security alerts, and support and administrative messages.
- Better understand your needs and interests, and personalize your experience with the Service
- As required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to government requests, including public and government authorities outside your country of residence, for national security and/or law enforcement purposes.
Changes to your personal information
It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us by updating your profile or emailing us at firstname.lastname@example.org.
If you correspond with us via email, we may gather the information you submit in a file specific to you. This includes information submitted for support purposes.
Fond uses your data to communicate with you, including responding to your Service-related requests, questions, and feedback; providing customer service and support; providing you with information about our Services, including technical notices, updates, security alerts, administrative messages, or advertising or marketing messages; and providing other news or information about us. You can manage your email Preferences via the Account page here https://fond.co/fond.co#/users/edit
If you request information from us, register for the Service, or express interest in learning more about our Service, we may send you Fond-related marketing communications, if permitted by law. Such emails provide you the ability to opt out of receiving such communications.
Information Sharing and Disclosures
Fond may use or share your personal information with companies, organizations, or individuals outside of our company when we have your consent, such as when you consent to let us post your feed comments and likes on our Site, or you instruct us to take a specific action with respect to your personal information.
Fond provides aggregate information regarding the number of Perks redeemed to your employer. We do not share the specific Perks you redeem with your employer.
When you redeem a Perk or Reward, Fond may provide your information to our Vendors or service providers as necessary to facilitate the redemption. Our Services contains features or links to Web sites and services provided by our Vendors. Any information you provide on these sites or services is provided directly to the operators of such services and is subject to those operator’s policies, if any, governing privacy and security, even if accessed through our Services. We are not responsible for the content or privacy and security practices and policies of the sites or services to which links or access are provided through our Services. We encourage you to learn about third parties’ privacy and security policies before providing them with information.
Service Providers and Others
Legal Compliance, Fraud Prevention and Safety
Fond may disclose your information (including your personal information) to government or law enforcement officials or third parties, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern the Service; (c) protect our rights, privacy, safety or property, and/or that of you or others; (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity; (e) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person, or (f) to investigate and defend ourselves against any third-party claims or allegations.
Aggregate and Anonymous Data
We may create anonymous data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous data by excluding information that makes the data personally identifiable to you, and we may use that anonymous data for our lawful business purposes.
We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
You may decline to share certain personal information with us, in which case we may not be able to provide you with some of the features and functionality of our Services.
Access, Update, Correct or Delete Your Information
All Fond account holders may review, update, correct or delete the personal information in their registration profile by logging into their account. Fond account holders may also contact us at email@example.com to accomplish the foregoing, or if you have additional requests or questions.
Access to Data Controlled by our Clients
Fond has no direct relationship with the individuals whose personal information is contained within the Client User Data processed by our Service. An individual who seeks access, or who seeks to correct, amend, or delete personal information provided by our Clients should direct their request to the Client. You may also contact us at firstname.lastname@example.org if you have additional questions or concerns.
You may opt out of marketing-related emails by clicking on a link at the bottom of each such email. You may continue to receive Service-related and other non-marketing emails.
Tracking and Targeted Advertising
In some of our communications, we use tracking means, such as a “click-through URL” linked to content on the Site. We track this data to help us measure the effectiveness of our customer communications.
Choosing not to share your personal information
Where we need to collect your personal information by law, or to be able to provide the Service to you and you do not provide that information when requested (or you later ask to delete it), we may not be able to provide you with the Service and may need to close your account. We will tell you what information you must provide to receive the Service by designating it as required in the Service or through other appropriate means.
European Union resident users should read the important information provided in the section below, entitled, “Additional Information for European Union Resident Users” about transfer of personal information outside of the European Economic Area.
Data security is very important to us. To help protect the privacy of data we collect through the Service, we employ measures intended to be consistent with industry standard practices for security and encryption in data transmission and storage. We process payments securely using an industry-accepted Payment Gateway (currently, Stripe), and we do not store any billing information on our own servers.
Please be aware, however, that despite our efforts, no security measures are perfect or impenetrable and no method of data transmission can be guaranteed against any interception or other type of misuse.
Other Sites and Services
The Service may contain links to other websites and services. These links are not an endorsement, authorization or representation that we are affiliated with that third party. We do not exercise control over third party websites or services, and are not responsible for their actions. Other websites and services follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies of the other websites you visit and services you use.
User Generated Content
We may make available on our Site, or link to, features that allow you to share information online (e.g., on the Engagement Feed, in recognition activities, etc.). Please be aware that whenever you voluntarily disclose personal information online, that information becomes public and can be collected and used by others. We have no control over, and take no responsibility for, the use, storage or dissemination of such publicly-disclosed personal information. By posting personal information online, you may receive unsolicited messages from other parties.
Fond’s Services are focused on businesses and, therefore, are not designed to be used by individuals under 13 years of age, nor are the Services directed to minors. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact us at email@example.com.
What additional rights do California residents have?
California Civil Code Section § 1798.83 permits users of our Site or Service who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us firstname.lastname@example.org.
33 New Montgomery, Suite 700
San Francisco, CA 94105 USA
Attention: Data Protection Officer
Additional Information for European Union Resident Users
Controller and Data Protection Officer
Fond is the controller of your personal information for purposes of European data protection legislation. Our Data Protection Officer can be reached at email@example.com. See the Questions? section above for additional contact details.
Legal basis for processing
We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal basis of how we process your personal information, contact us at firstname.lastname@example.org.
|Processing purpose(click link for details)||Legal basis|
|To provide the Service|
To ensure Service availability (backups, etc.)
|Processing is necessary to perform the contract governing our provision of the Service or to take steps that you request prior to signing up for the Service.|
|To communicate with you after you request more information, request a demo or fill out a contact form on the Fond.co website|
To communicate with you about changes in the service or scheduled maintenance
To create anonymous data for analytics
For compliance, fraud prevention and safety
|These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).|
|To comply with law||Processing is necessary to comply with our legal obligations|
|With your consent, we will send the Perks Newsletter, Recognition Roundup and Rewards Reminder emails||Processing is based on your consent. Where we rely on your consent, you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us at email@example.com.|
Use for new purposes
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
Fond retains your profile data while you are an active user of the system. If you leave your company, your account will be deactivated in Fond, however Fond will retain your (inactive) account profile until you request that we remove it. You will not be able to access your account or its contents after your account is deactivated. You can make a request to remove your data by sending an email to firstname.lastname@example.org.
If you request your account information to be removed, your request will generally be processed within 14 business days. Fond de-identifies logs within 30 days of account closure and deletes all backups after 12 months, except as noted here.
Data Subject rights requests, and Fond’s responses, will be retained for 12 months from the initial user request.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Information) for six years after they cease being customers for tax purposes.
In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.
European data protection laws give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
- Opt-out. Stop sending you direct marketing communications. You may continue to receive Service-related and other non-marketing emails.
- Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete your personal information.
- Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict the processing of your personal information.
- Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You can submit these requests by email to email@example.com or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at firstname.lastname@example.org or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
As part of our participation in Privacy Shield, if you have a dispute with us about our adherence to the Principles, we will seek to resolve it through our internal complaint resolution process, alternatively through the independent dispute resolution body JAMS, and under certain conditions, through the Privacy Shield arbitration process.
Privacy Shield participants are subject to the investigatory and enforcement powers of the US Federal Trade Commission and other authorized statutory bodies. Among other things, this means that Fond commits to cooperate with EU data protection authorities (DPAs) and comply with the advice that such authorities provide with regard to data transferred from the EU. Under certain circumstances, participants may be liable for the transfer of personal data from the EU or Switzerland to third parties outside the EU and Switzerland. Learn more about the EU-US Privacy Shield and Swiss-US Privacy Shield here.
Cross-Border Data Transfer
Whenever we transfer your personal information out of the European Economic Area (EEA) to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based on one of the following safeguards recognized by the European Commission as providing adequate protection for personal information, where required by EU data protection legislation:
- Contracts approved by the European Commission which impose data protection obligations on the parties to the transfer. For further details, see European Commission Model contracts for the transfer of personal information to third countries.
- For transfers to third parties in the United States, ensuring they participate in the E.U.-U.S. Privacy Shield Framework
Please contact us at email@example.com if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.
What law governs my use of the Service?