Last Updated: 8/31/2022
This Privacy Statement describes the personal data collected and/or processed (which may include collecting, organizing, structuring, storing, using, or disclosing) by absurd:joy, Inc. (“absurd:joy”) to provide products and services offered directly by absurd:joy, including absurd:joy’s websites and collaboration platform Tangle (“Products”).
What Personal Data Do We Receive?
Personal data is any information from or about an identified or identifiable person, including information that absurd:joy can associate with an individual person. We may collect and/or process the following categories of personal data when you use or interact with absurd:joy Products:
- Account Information: Information associated with an account created to use absurd:joy Products, which may include name, company name, contact information (including email), account ID, billing information, and account plan information.
- Device Information: Information about the computers, phones, and other devices you use when interacting with absurd:joy Products, which may include meta-data about the computer and internet connection used to access absurd:joy Products, a unique per-computer identifier, computer username, hardware configuration, version numbers and IP addresses (which may be used to infer general location at a city or country level).
- Billing Information: Although absurd:joy does not directly collect any payment information, absurd:joy may request names, billing/shipping addresses, email and currency country codes for transactions entered with our third-party service providers related to the use of absurd:joy Products.
- Product and Website Usage: Information about how people and their devices interact with absurd:joy Products, such as user ID, email address, and event-based activities related to your use of an absurd:joy Product.
How Do We Use Personal Data?
absurd:joy uses personal data to conduct the following activities:
- Provide absurd:joy Products and Services: To provide Products, features, and services to account owners, their users, and those they invite to join meetings hosted on their accounts. We also use personal data to manage our relationship and contracts with account owners, including billing, compliance with contractual obligations, waitlists for Products and related administration.
- Product Research and Development: To develop, test, and improve absurd:joy Products, including, for example, content-related features, and to troubleshoot products and features, including bug fixes.
- Marketing, Promotions, and Advertising: To permit absurd:joy and/or its third-party marketing partners to market, advertise, and promote absurd:joy Products, features, and services.
- Authentication, Integrity, Security, and Safety: To authenticate accounts and activity, detect, investigate, and prevent malicious conduct or unsafe experiences, address security threats, protect public safety, and secure absurd:joy Products.
- Communicate with You: We use personal data (including contact information) to communicate with you about absurd:joy Products, features, and services, including product updates, your account, and changes to our policies and terms. We also use your information to respond to you when you contact us.
- Legal Reasons: To comply with applicable law or respond to valid legal process, including from law enforcement or government agencies, to investigate or participate in civil discovery, litigation, or other adversarial legal proceedings, and to enforce or investigate potential violations of our Access Agreement or other agreements or policies.
How Do We Share Personal Data?
absurd:joy provides personal data to third parties only with consent or in one of the following circumstances (subject to your prior consent where required under applicable law):
- For Legal Reasons: absurd:joy may share personal data as needed to: (1) comply with applicable law or respond to, investigate, or participate in valid legal process and proceedings, including from law enforcement or government agencies; (2) enforce or investigate potential violations of its Terms of Service or policies; (3) detect, prevent, or investigate potential fraud, abuse, or safety and security concerns, including threats to the public; (4) meet our corporate and social responsibility commitments; (5) protect our and our customers’ rights and property; and (6) resolve disputes and enforce agreements.
- Marketing, Advertising, and Analytics Partners: absurd:joy uses third-party marketing, advertising, and analytics providers: to provide statistics and analysis about how people are using absurd:joy Products; to manage waitlists for absurd:joy Products; to provide advertising and marketing for absurd:joy Products; for billing purposes; and for troubleshoot products and features, including bug fixes. Where required by law, absurd:joy will first obtain your consent before engaging in the marketing or advertising of the activities described.
- Corporate Affiliates: absurd:joy shares personal information with corporate affiliates, to provide integrated and consistent experiences across absurd:joy Products.
- Change of Control: We may share personal data with actual or prospective acquirers, their representatives and other relevant participants in, or during negotiations of, any sale, merger, acquisition, restructuring, or change in control involving all or a portion of absurd:joy’s business or assets, including in connection with bankruptcy or similar proceedings.
Who Can See and Share My Personal Data When I Use absurd:joy?
When you use our Products, other people and organizations may be able to see content and information that you share:
- Account Owner: An account owner is the organization or individual that signs up for an absurd:joy account. The account owner and their users can invite others (including guests not on their account) to meetings or webinars hosted on their account.
- Meeting Hosts and Participants: Hosts and other participants in a meeting may be able to see your display name and profile picture.
Privacy Rights and Choices
If you are in the European Economic Area (EEA), Switzerland, or the UK, or a resident of California, please refer to the respective dedicated sections below. Otherwise, at your request, and as required by applicable law, we will:
- Inform you of what personal data we have about you that is under our control;
- Amend or correct such personal data or any previous privacy preferences you selected, or direct you to applicable tools; and/or
- Delete such personal data or direct you to applicable tools.
In order to exercise any of your rights as to personal data controlled by absurd:joy, please send a request at the contact details specified in the How to Contact Us section of this Privacy Statement . Where legally permitted, we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, or jeopardize the privacy of others. As an account owner or a user under a licensed account, you may also take steps to affect your personal data by visiting your account and modifying your personal data directly.
absurd:joy does not allow children under the age of 13 to sign up for an absurd:joy account, unless local laws require an older age.
How to Contact Us
If you have any privacy-related questions or comments related to this Privacy Statement, please send an email to firstname.lastname@example.org.
You can also contact us by writing to the following address:
absurd:joy 177 Huntington Ave #179096 Boston, MA 02115
We retain personal data for as long as required to engage in the uses described in this Privacy Statement, unless a longer retention period is required by applicable law.
The criteria used to determine our retention periods include the following:
- The length of time we have an ongoing relationship with you and provide absurd:joy Products to you (for example, for as long as you have an account with us or keep using our Products);
- Whether account owners modify, or their users delete, information through their accounts;
- Whether we have a legal obligation to keep the data (for example, certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
- Whether retention is advisable in light of our legal position (such as in regard to the enforcement of our agreements, the resolution of disputes, and applicable statutes of limitations, litigation, or regulatory investigation).
European Data Protection Specific Information
Data Subjects Rights
If you are in the EEA, Switzerland, or the UK, your rights in relation to your personal data processed by us as a controller specifically include:
- Right of access and/or portability: You have the right to access any personal data that we hold about you and, in some circumstances, have that data provided to you so that you can provide or “port” that data to another provider;
- Right of erasure: In certain circumstances, you have the right to the erasure of personal data that we hold about you (for example, if it is no longer necessary for the purposes for which it was originally collected);
- Right to object to processing: In certain circumstances, you have the right to request that we stop processing your personal data and/or stop sending you marketing communications;
- Right to rectification: You have the right to require us to correct any inaccurate or incomplete personal data;
- Right to restrict processing: You have the right to request that we restrict processing of your personal data in certain circumstances (for example, where you believe that the personal data we hold about you is not accurate or lawfully held).
To exercise your rights, or, have any other questions about our use of your personal data, please send a request at the contact details specified in the How to Contact Us section of this Privacy Statement. Please note that we may request you to provide us with additional information in order to confirm your identity and ensure that you are entitled to access the relevant personal data.
You also have the right to lodge a complaint to a data protection authority. For more information, please contact your local data protection authority.
Legal Basis for Processing Personal Data
Depending on the specific personal data concerned and the factual context, when absurd:joy processes personal data as a controller for individuals in regions such as the EEA, Switzerland, and the UK, we rely on the following legal bases as applicable in your jurisdiction:
- As necessary for our contract: When we enter into a contract directly with you, we process your personal data on the basis of our contract in order to prepare and enter into the contract, as well as to perform and manage our contract (i.e., providing absurd:joy Products, manage our relationship and contract, including billing, compliance with contractual obligations, and related administration). If we do not process your personal data for these purposes, we may not be able to provide you with all Products, features, and services;
- As necessary to comply with our legal obligations: We process your personal data to comply with the legal obligations to which we are subject for the purposes of compliance with EEA laws, regulations, codes of practice, guidelines, or rules applicable to us, and for responses to requests from, and other communications with, competent EEA public, governmental, judicial, or other regulatory authorities. This includes detecting, investigating, preventing, and stopping fraudulent, harmful, unauthorized, or illegal activity (“fraud and abuse detection”) and compliance with privacy laws;
- To protect your vital interests or those of others: We process certain personal data in order to protect vital interests for the purpose of detecting and preventing illicit activities that impact vital interests and public safety, including child sexual abuse material; and
- As necessary for our (or others’) legitimate interests, unless those interests are overridden by your interests or fundamental rights and freedoms, which require protection of personal data: We process your personal data based on such legitimate interests to (i) enter and perform the contract with the account owner (which includes billing, compliance with contractual obligations, and related administration and support); (ii) develop, test, and improve our Products and troubleshoot products and features; (iii) ensure authentication; (iv) send marketing communications, advertising, and promotions related to the Products; and (v) comply with non-EEA laws, regulations, codes of practice, guidelines, or rules applicable to us and respond to requests from, and other communications with, competent non-EEA public, governmental, judicial, or other regulatory authorities, as well as meet our corporate and social responsibility commitments, protect our rights and property and the ones of our customers, resolve disputes, and enforce agreements.
International Data Transfers
Your personal data may be transferred, stored (for example, in a data center), and processed outside of the country or region where it was initially collected where absurd:joy or its service providers have customers or facilities – including in countries where meeting participants or account owners hosting meetings that you participate in or receiving messages that you send are based.
Therefore, by using absurd:joy Products or providing personal data for any of the purposes stated above, you acknowledge that your personal data may be transferred to or stored in the United States where we are established, as well as in other countries outside of the EEA, Switzerland, and the UK. Such countries may have data protection rules that are different and less protective than those of your country.
We protect your personal data in accordance with this Privacy Statement wherever it is processed and take appropriate contractual or other steps to protect it under applicable laws. Where personal data of users in the EEA, Switzerland, or the UK is being transferred to a recipient located in a country outside the EEA, Switzerland, or the UK which has not been recognized as having an adequate level of data protection, we ensure that the transfer is governed by the European Commission’s standard contractual clauses. Please contact us if you would like further information in that respect.
California Privacy Rights
California Consumer Privacy Act
Under the California Consumer Privacy Act of 2018 (CCPA), California residents may have a right to:
- Access the categories and specific pieces of personal data absurd:joy has collected, the categories of sources from which the personal data is collected, the business purpose(s) for collecting the personal data, and the categories of third parties with whom absurd:joy has shared personal data;
- Delete personal data under certain circumstances; and
- Opt out of the “sale” of personal data. We do not sell your personal data.
absurd:joy will not discriminate against you for exercising any of these rights, which is further in line with your rights under the CCPA.
To exercise your rights, please send a request at the contact details specified in the How to Contact Us section of this Privacy Statement.
We will acknowledge receipt of your request within 10 business days, and provide a substantive response within 45 calendar days, or inform you of the reason and extension period (up to 90 days) in writing.
Under the CCPA, only you or an authorized agent may make a request related to your personal data. Note that to respond to your requests to access or delete personal data under the CCPA, we must verify your identity. We may do so by requiring you to log into your absurd:joy account (if applicable), provide information relating to your account (which will be compared to information we have, such as profile information), give a declaration as to your identity under penalty of perjury, and/or provide additional information. You may designate an authorized agent to submit your verified consumer request by providing written permission and verifying your identity, or through proof of power of attorney.
California’s Shine the Light Law
California Civil Code Section 1798.83, also known as “Shine The Light” law, permits California residents to annually request information regarding the disclosure of your Personal Information (if any) to third parties for the third parties’ direct marketing purposes in the preceding calendar year. We do not share Personal Information with third parties for the third parties’ direct marketing purposes.
Changes to This Privacy Statement
We may update this Privacy Statement periodically to account for changes in our collection and/or processing of personal data, and will post the updated Privacy Statement on our website, with a “Last Updated” date at the top. If we make material changes to this Privacy Statement, we will notify you and provide you an opportunity to review before you choose to continue using our Products.