CoralTree offers cloud-enabled software solutions like Qbox, CADbox, MSbox, LegalBox, ScanBox, which are designed to provide cloud enabled collaboration for software like Intuit QuickBooks, Microsoft Office products, Autodesk CAD products, Adobe Acrobat, etc. (collectively the “Services”). The Services can be accessed through our Website, applications on Devices (“App”) and through third parties. A “Device” is any computer used to access the Services, including without limitation, a desktop, laptop, mobile phone, tablet, or other consumer electronic device.
A. INFORMATION WE COLLECT AND CONTROL
All of the different forms of data, content, and information described below are collectively referred to as “Information.” We may collect and store the following Information when you access the Services:
1. Information you provide
When you register for an account, we collect some personal information, including your name, email address, home or business address, phone number. This information is stored in databases hosted by Amazon AWS services. We use information to create your account for the Service you register and for the purpose of contacting you for providing technical support related to the Services. We also collect your credit card or bank account details. This information is stored on BrainTree payment processing service whom we use for processing your payments for CoralTree services availed. We collect information from individuals who visit the Website (“Visitors”). You do not need to register for a Service in order to review the content on the Website as a Visitor. The information described in this paragraph is referred to collectively as “Personal Information”.
We collect email addresses (optional) of people whom you can assign to pay your CoralTree bills, and email addresses of people with whom you share your files or offer consulting services. We collect information related to your business type, number of employees and revenue of your business, which are optional. We use this information for gathering market data and deciding future product offerings. This information is stored in databases hosted by Amazon AWS services. The information described in this paragraph is referred to collectively as “Non-Personal Information”. Personal Information and Non-Personal Information are referred to collectively as “Information”.
The following are additional situations in which you may provide your information to us:
● When you sign up for any newsletters or other materials;
● When you provide information to us through a third-party application or website;
● When you communicate with us or request information about us or our Services, whether via email or other means, including contacting our support team;
● When you participate in online surveys;
● When you participate in any of our marketing initiatives, including, competitions, events, or promotions; and
● When you register and/or participate in online forums, reviews or provide user generated content or submissions.
2. Information collected automatically
We collect information related to your Device and its software when using the Services automatically, and store it in databases hosted by Amazon AWS. This information includes Internet Protocol IP address, type of operating system, number of folders and files that are shared, names of folder and files, upload and download status, history of versions of files, configuration information of the Services software installed on your Device, times at which the software accessed server software, number of messages sent by you or your clients, and times at which these messages were sent. We use this information for the purpose of diagnostics and troubleshooting, to be able to provide quality support to our customers.
As is true of most websites, we gather certain non-personally identifiable information from your Device and its software when using the Services automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, information you search for on our Website, your mobile carrier, operating system and system configuration information, date/time stamp, click stream data and other fields. We use this information to analyze trends, to administer the site, to track users’ movements around the site and to gather demographic information about our user base as a whole.
We collect and store the computer files you upload, download, or access with the Services (“Files”). These files are stored on Amazon AWS S3 storage services. Your files can be downloaded and accessed by the users with whom you share the folders containing the files, by providing their email address on our Service.
We collect testimonials and video clips from our customers who are willing to provide such information and have given us permission to display them at our Websites. These are stored on WPengine systems where our Websites are hosted.
6. Data Collection from Our Channel Partners
When you visit our online channel partners, we may receive information from such channel partners, and also via third parties when you visit our page on social media sites (e.g., LinkedIn, Facebook, Google). When you’re visiting any of these online channels/sites, our partners may collect:
● Registration information that we use to help you set up an account (e.g. your name, country, gender, date of birth, email address, username and password).
● Payment or transactional information that we use when you buy or use online services (e.g. phone number or credit card number).
● Location information or your IP Address that we use to give you relevant online content.
● Information you’ve shared publicly on our forums (such as discordapp.com).
● Information you’ve sent to an individual or group using our messaging, chat or post services
● Information you provide when you use our own online channels or third-party channels (such as social networks).
B. Why we need to collect and process information
As we offer our Services directly to our end users and our Services offer many different experiences, we need to collect and process information, so that:
● Users can subscribe to our Services our online;
● Users are able register for any accounts and services they want to use;
● Users can share information on our public forums;
● We can send users any information they’ve asked us for or answer their questions;
● We can ask users to give us feedback on our Services through questionnaires and surveys;
● We can provide our users with relevant marketing information about our Services;
● To improve and supplement our matching algorithms, display relevant public facing information for user profiles (such as professional data and videos/images) to other users on the platform, analytical purposes, marketing purposes; or
● We will store to information we receive from you in a secure cloud databases. The data will be used in multiple ways, including but not limited, to creating predictions with our algorithm, using bio data to draw analytical conclusions, to provide a better experience to the end user.
C. HOW WE USE INFORMATION
In addition to those uses of Information discussed in Section A of this Policy, we also use Information in the following ways
1. Personal Information
Personal Information including name, email address, phone number, and address may be used: (i) to set up your account with the Service you registered (ii) provide and improve our Services, (iii) to better understand your needs and interests, and (iv) to personalize and improve your experience while using the Service.
2. Service-related notifications for Customers
3. Business Information
Customers use our Services to upload and share computer files that may contain business data, financial information, project data, architectural designs, personal information, etc., related to their business (“Business Information”). That Business Information is considered confidential to our Customers. CoralTree will not review, share, distribute, or reference any such Business Information except for the purpose of resolving a problem, providing customer support or to investigate a suspected violation of our business agreement.
4. Billing Information
All billing information like credit card and bank details, that we collect is used solely to bill for our Services. CoralTree uses a third-party credit card processor (BrainTree) to assist us in processing customer payments. This processing partner is not permitted to store, retain, or use the personally identifiable information provided, except for the sole purpose of credit card processing or collecting payments.
5. Special Offers and Updates
We will occasionally send Visitors and Customers new information regarding our Website, webinars, or new product offerings. We will use your Personal Information to send these communications to you. Out of respect for your privacy, if you would prefer not to hear from us you can choose not to receive these types of communications. Please see Section F below.
Testimonials provided to us in text form and video clips by customers are stored on WPEngine and displayed on our websites. These can be viewed by registered users and visitors to our websites.
We conduct periodic webinars for users who register by providing their Personal Information including email address, name, phone number and location. We conduct these webinars using the service offered by Zoom, and such Personal Information is stored on Zoom website for sending Webinar related information and reminders. If you do not wish to receive such Webinar related information, you can opt-out by following instructions given in each communication or by sending us an email at email@example.com.
D. WHERE IS INFORMATION STORED
1. Amazon Web Services
We use Amazon Web Services (AWS) to store and process Personal Information. Personal information is stored in databases hosed by AWS. Computer files uploaded and downloaded by customers are stored on AWS S3 services. Amazon Web Services may store this information in any of their data centers located around the world and have contractual obligations and privacy policies to protect Personal and Business Information. Please refer to AWS privacy policies for details on how information is protected on their data centers.
We use BrainTree to process payments for Services. Personal Information including credit card details, customer name and address, bank information, etc. are stored on BrainTree payment gateway for the purpose of processing payments. Please refer to BrainTree privacy policies for details on how Personal Information is protected on their payment gateways.
We use ZOHO for CRM, customer support, chats, email campaigns, promotions, visitor tracking and analytics. Personal and Non-personal Information including email addresses, phone numbers, contact information and company information are stored on Zoho. Please refer to Zoho privacy policies for details on how Personal Information is protected on Zoho services.
We use Zoom for Webinars and customer support. Personal information including email address, name, phone number and location are stored on Zoom. Please refer to Zoom privacy policies for details on how Personal Information is protected on Zoom websites.
We use WPEngine for hosting CoralTree, Inc and our Services websites. Personal Information such as email address, name, phone number, and address, testimonials, video clips, and other such information are stored on WPEngine. Please refer to WPEngine privacy policies for details on how Personal Information is protected on WPEngine.
We partner with Privafy to provide enhanced security and data-in-motion protection for our customer access to our services from private or public networks. Personal information such as email address, name, phone number and address are stored on Privafy. Please refer to Privafy privacy policies for details on how Personal information is protected on Privafy.
We use Zoho Office Integrator so that users may edit their Doc, Excel or PowerPoint files stored on LegalBox cloud. Please refer to Zoho privacy policies for details on how Personal Information is protected on Zoho.
8. Microsoft 365
LegalBox is integrated with Microsoft 365 so that users can use their Microsoft 365 subscription to edit documents stored on the LegalBox cloud. Please refer to Microsoft 365 privacy policies for details on how Personal Information is protected on Microsoft 365.
E. WHO HAS ACCESS TO INFORMATION
CoralTree entities listed in this section have access to Personal Information and Non-Personal Information you provide (A1) and information collected automatically (A2). We do not sell any of your Personal Information or Non-Personal Information. Entities listed in this section adhere to confidentiality and security measures, have been made aware of our Privacy policies and have executed non-disclosure agreements with CoralTree, Inc.
1. Employees and Independent contractors
2. Business partners
We provide access to some of the Information listed under A1 and A2 for our business partners who have executed the required confidentiality agreements with us, for the purpose of testing and support of the CoralTree products. These business partners are not permitted to retain, share, store or use your Information for any purpose other than to complete the contracted assignment and under obligations similar to those in this Policy.
3. Third Parties
We may employ or use trusted third parties to act on our behalf for our Services, including but not limited to providing marketing support, analysis and public relations. These third parties may have access to your Information. However, such third parties are not permitted to retain, share, store or use your Information for any purpose other than to complete the contracted assignment and under obligations similar to those in this Policy. From time to time, we may provide services, or sell product lines jointly with selected business partners. We DO NOT share Personal Information with third parties for unknown reasons.
F. LEGAL DISCLAIMER
We reserve the right to disclose your Information, when we have a good faith belief that disclosure is reasonably necessary to:
1. Protect our rights;
2. Comply with a law, regulation, judicial proceeding, court order, or legal process served on us;
3. Protect the safety of any person from death or serious bodily injury;
4. Prevent fraud or abuse of CoralTree or its Customers.
5. To enforce or protect our rights.
G. YOUR RIGHTS IN RELATION TO THE PERSONAL INFORMATION WE COLLECT
Please note that, if you request that we restrict or stop using information we hold on you, or withdraw a consent you have previously given to the processing of such information, this may affect our ability to provide Services to you or negatively impact the services we can provide to you.
We reserve the right to deny you access for any reason permitted under applicable laws. Such exemptions may include national security, corporate finance and confidential references. If we deny access or correction, we will provide you with written reasons for such denial unless it is unreasonable to do so and, where required by local data protection laws, will note your request and the denial of same in our records.
H. LINKS TO THIRD-PARTY WEBSITES
I. CHOICE AND OPT-OUT
If you no longer wish to receive our communications outside those communications necessary for the administration of your use of the Services, you may opt-out of receiving such communications by following the instructions included in each communication or by emailing us at firstname.lastname@example.org. You may also opt-out by phone at 408-448-QBOX (7269) or 855-448-QBOX (7269) Toll Free.
J. DATA RETENTION
We will retain your Information for as long as your CoralTree Services account is active or as needed to provide you Services. Further, we can retain copies of information about you and any transactions or Services in which you may have participated for a period of time that is consistent with applicable law, applicable statute of limitations or as we believe is reasonably necessary to comply with applicable law, regulation, legal process, or governmental request, to detect or prevent fraud, to collect fees owed, to resolve disputes, to address problems with our Services, to assist with investigations, or to take any other actions consistent with applicable law. If you wish to cancel your account or request that we no longer use your Information to provide you Services, you may close your account by signing into your account at the CoralTree Services website and selecting ‘Close Account’. In most cases we will close your account within 48 hours of your request. In some cases, we may close your account after validating your request to avoid erroneous closures resulting in the loss of Business Information. After your account is closed, files uploaded to your account will be deleted after 30 days, if there are no other users sharing and using these files.
Cookies are small data files that your browser places on your computer or device. A cookie itself does not contain or collect information. However, when it is read by a server via a web browser it can help a website deliver a more user-friendly service – for example, remembering previous subscription or account details. Like most websites, our Website, online channels and App collect some information (e.g. information on IP addresses, browsers, internet service providers, referring pages, exit pages, operating systems, date stamps, time stamps and clickstream data). Both we and our third-party tracking utility partners use browser storage, app storage, cookies, pixls, beacons, scripts and tags to analyze trends, administer the site, track user movement through the site and collect demographic information about our overall user base. We may receive reports on these from our third-party tracking utility partners on an individual and aggregate basis.
L. OUR POLICY TOWARD CHILDREN
Our Services are not directed to persons under 13. We do not knowingly collect personally identifiable information from children under 13. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us at email@example.com. If we become aware that a child under 13 has provided us with Personal Information, we will take steps to delete such information from our files.
M. CHANGES TO THE POLICY
We reserve the right to modify this Policy at any time. If we make material changes to this Policy, we will notify you here and also, as necessary via email. By continuing to use the Services after those changes become effective, you agree to be bound by the revised Policy.
The security of your Information is important to us. We utilize robust security measures to protect customer data from unauthorized access. We follow generally accepted standards to protect the information submitted to us, both during transmission and once we receive it. Sensitive data is encrypted and web site connections are protected using secure socket layer (SSL) technology with a minimum of 128-bit symmetric encryption and a 1024-bit authenticated key agreement. Our Web sites are hosted in a secure server environment that uses multi-layer perimeter security including firewalls and other advanced technology to prevent interference or access from outside intruders.
We, through our partners, strive to implement and maintain reasonable, industry-standard secure storage technologies and commercially acceptable security procedures and practices appropriate to the information we store, in order to protect it from unauthorized access, destruction, use, modification, or disclosure. However, we cannot ensure or warrant 100% security of any information you provide to us or guarantee that information on the Services may not be accessed, disclosed, altered, or destroyed by unauthorized persons or hardware or software failure. Further, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure and we are unable to guarantee the absolute security of the information we have collected from you.
Our users, employees and partners also play an important role in protecting information. We encourage users to choose passwords that are difficult for others to guess and to keep their personal passwords secret.
Should you notice any flaws or concerns in our security, please contact our Data Protection Officer at firstname.lastname@example.org as soon as possible.
If we ever experience a data breach in which customer information is at risk of being misused, we’ll contact user according to legal requirements. If necessary, we’ll also contact data protection authorities.
O. EXTERNAL LINKS
Our Website may contain links to third party websites. These third-party websites maintain their own policies regarding cookies and the collection and use of your Information. We assume no responsibility or liability for the actions of such third parties with respect to their collection or use of your Information. We encourage you to read the privacy statements of every website that you visit through a link on our Website or otherwise.
P. DATA TRANSFERS, STORAGE AND PROCESSING GLOBALLY
We will make sure we, as a minimum, use the standards of data privacy and security that follows from the European General Data Protection Regulation (“GDPR”) anywhere in the world where we collect, store, use or share your personal data. Where your local rules require more from us than that, we will adjust our practice to make sure your data is safe with us no matter where in the world you are! These rules are set by European data authorities across the European Union (EU) and set the some of the highest standards in the world on data collection, storage, use and sharing.
Q. BUSINESS TRANSITIONS
R. DO NOT TRACK
Some web browsers may give you the ability to enable a “do not track” feature that sends signals to the websites you visit, indicating that you do not want your online activities tracked. This is different than blocking or deleting cookies, as browsers with a “do not track” feature enabled may still accept cookies. We currently do not respond to “do not track” signals.
S. NOTICE TO CALIFORNIA RESIDENTS
T. CONTACT US