AppDirect Privacy Notice

Last Updated: April 2024

Thank you for your interest in AppDirect, Inc. This Privacy Notice describes how AppDirect, Inc. (together with its subsidiaries and affiliates, "AppDirect," "we," "us," or "our"), collects, uses, discloses, and stores your information.

This Privacy Notice applies to information obtained through www.appdirect.com and our other websites (the "Websites"), and our service offerings (collectively, the “Services”), including our application marketplace ("AppDirect Marketplace").

This Privacy Notice covers various uses of our Services and your use of the Services in any capacity, including as a user, advisor, partner, provider, or end-customer, may implicate some or all of the practices described in this Privacy Notice.

Third parties who promote and market AppDirect branded or white-labeled instances of the AppDirect Marketplace are referred to in this Privacy Notice as “Platform Customers.” The AppDirect Marketplace also allows independent software and application vendors (each, a “Developer”) to make certain features of their applications, or other products or services owned and operated by the Developer (each, a “Developer Application”) available through the AppDirect Marketplace. This Privacy Notice does not cover the collection, use, and disclosure of your information by Platform Customers or Developers. These entities have their own privacy policies describing their practices that we encourage you to read.

By using the Services, you are agreeing to the practices described in this Privacy Notice. If you do not agree to the practices described in this Privacy Notice, please do not access or use the Services.

  1. Information We Process On Behalf Of Our Customers (As Data Processors)
  2. Introduction to the Services
  3. The Information We Collect
  4. How We Use Your Information
  5. Legal Bases For Processing Personal Information
  6. Online Analytics, Advertising, and Marketing
  7. How We Disclose Your Information
  8. Third Party Links And Features
  9. Security
  10. Data Retention
  11. Children’s Privacy
  12. Your Choices And Rights
  13. Changes And Updates To This Privacy Notice
  14. Contact Information
  15. Jurisdiction-Specific Notice

1. Information We Process On Behalf Of Our Customers (As Data Processors)

Our customers may choose to use the Services to process some of their data, which may contain personal information. The data that we process through our Services for our customers is processed by us purely as a data processor, on behalf of our customers and in accordance with our customers’ instructions, and our privacy practices governing the processing of such data will be in accordance with contracts that we may have in place with our customers.

If you have any questions or concerns about how such data is handled or would like to exercise your rights as a data subject, you should contact the person or entity who has contracted with us to use the Services to process your data (i.e., the data controller). Our customers control the personal information in these cases and determine the details regarding their account, including without limitation, how and for what purpose the data collected on their behalf should be processed. We will, however, assist our customers in addressing any concerns you may have, in accordance with the terms of our contract with them.

2. Introduction to the Services

We offer a number of Services through our Websites, including:

AppMarket. To launch a white-label software marketplace to sell your own core offerings and third-party products.

AppReseller. To launch, scale, and optimize indirect channels faster with commerce capabilities for your reseller and referral partners.

AppDistribution. To reach untapped markets across the globe by distributing your products through a network of SaaS marketplaces.

AppBilling. Robust recurring billing software to power worldwide sales of any product or service.

Digital Engagement Services. To drive efficiencies and increase customer lifetime value by managing identities and information across your digital commerce solutions, consisting of AppWise, AppInsights, AppIdentity.

AppHelp. In addition to this Privacy Notice, please refer to the AppHelp Privacy Notice.

Procurement AppDirect Marketplace. Streamline procurement and spend management with a single location to find and buy all the technology services that power your business.

3. The Information We Collect

We collect information in multiple ways, including:

Information you provide. We collect any information that you provide us when you use the Services, including:

  • Registration and Profile Information. If you register for one of our Services, we will ask you to provide your name, email address, mailing address, business name, and title. You may optionally provide additional profile information such as your phone number, date of birth, IM screen name, Twitter handle, and professional experience. You may also submit content including text, images, and other media files (“User Submissions”), such as when you submit a comment regarding a Developer Application.
  • Information Provided from Third-Party Cloud Services. If you connect the Services to third party cloud-based services and provide the needed permissions when requested, you authorize and enable us to access your third party cloud-based services and the content (“Third Party Service Content”) contained on those services in order to provide the Services and to provide you with productivity tools. The Services may retrieve the data maintained by these third party cloud-based services and copy it in a different format to AppDirect-controlled servers. The data can then be stored, aggregated, modified, removed, or provided to other users in case you are sharing content with other users. This allows us to provide you with search, data analytics, visualization, and user management functionality for your data. The type of data copied to AppDirect-controlled servers depends entirely on the type of data you store and maintain in the third-party cloud-based services. You can disconnect any third party cloud-based services at any time. Once disconnected, the Services will no longer collect new data from that service.
  • Communications and Other Interactions. We may collect information you provide if you interact with other users through the Services. We may also collect information through your communications with our sales or customer-support team.
  • Payments. If you make payments through the Services, we will ask you to provide your payment information, such as your credit card number, so our vendors can process your payments.

Information we collect through automated means. We and our vendors (which are third party companies that work on our behalf) may collect certain information automatically when you use our Services or otherwise interact with us.

  • Device and Usage Information. When you use the Services or open one of our HTML emails, we and our third-party vendors (such as Google Analytics) may automatically record certain information from your web browser by using different types of technology, including standard log files, cookies, clear gifs,” web beacons, or tracking pixels. This automatically collected information may include the type of device you are using, your operating system, your browser type, your browser language, your internet service provider, your domain name, your internet protocol (IP) address, your device and mobile ad identifiers, the website that referred you to our website, the web pages you view (including the date and time you viewed them), the services or functionality you access or use (including the date and time of your access or use), and the subject of the ads you click or scroll over. We use this information (including the information collected by our third-party service providers) for analytics (including to determine which portions of the Services are used most frequently and what our users like/do not like), to know when users have accessed the Services from a paid advertiser, an affiliate website, or a strategic partner website, to assist in determining relevant advertising (both on and off the Services), to evaluate the success of our advertising campaigns, and as otherwise described in this Policy.
  • Cookies and Similar Technologies: When you use the Services, we may send one or more cookies – small text files containing a string of alphanumeric characters – to your computer. Cookies help us to operate and improve our services, customize your experience and preferences, allow you to access and use our services without re-entering your email and password and to understand which areas and features of our services are most popular and count visits. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits. Persistent cookies can be removed.

    Clear gifs, web beacons, and tracking pixels are tiny graphics with a unique identifier. They function similarly to cookies and are used to track the online movements of web users. Unlike cookies which are stored on a user's computer hard drive, clear gifs are embedded on web pages and are single pixel wide.

    Most browsers allow you to control cookies through your browser settings. Disabling or limiting cookies can limit the functionality of certain websites or content. You can also use your browser’s private or incognito mode which will automatically delete all cookies placed during your use of private mode when all private mode tabs are closed. Please review your web browser "Help" file to learn the proper way to modify your cookie settings. Please note that if you delete, or choose not to accept, cookies from the Services, you may not be able to utilize the features of the Services to their fullest potential. Additionally, as we adopt additional technologies, we may also gather information through other methods.

    Platform Customers may send cookies to your computer in order to track your online activities on the Services. We are not responsible for the practices and policies of Platform Customers and encourage you to learn more about a Platform Customer’s privacy and security policies.
  • Location Information. When you use the Services, we may collect your general geographic location based on IP address.
  • User Interactions. In some cases, we may collect click or touch stream data, movement, scroll, keystroke activity and third-party sites or services you were using before and after interacting with our Services.

Information We Collect From Others. We may also obtain information from third parties and sources other than the Services, such as advertisers, Platform Customers, Developers, referral or reseller partners, which we combine with information collected through the Services. The types of information we collect from third parties include contact information, company roles, and system identification numbers and we use the information we receive from these third parties to the extent necessary to provide the Services, maintain and/or improve the accuracy of the records we hold about you, and send you communications which may be of interest to you.

4. How We Use Your Information

We, or our vendors, use your information (including any information that we collect, as described in this Privacy Notice) for various business and operational purposes depending on the types of information we have collected from and about you and the specific Service you use, in order to:

  • Complete a purchase or provide the Services you have requested, including invoicing and accounting
  • Respond to your request for information and provide you with more effective and efficient customer service
  • Provide you with updates and information about products you have purchased from us
  • Contact you by email, postal mail, or phone regarding AppDirect and third-party products, services, surveys, research studies, promotions, special events and other subjects that we think may be of interest to you
  • Customize the advertising and content on the Services
  • Help us better understand your interests and needs, and improve the Services
  • Engage in analysis, research, and reports regarding use of our Services
  • Allow us and our advertising partners to personalize the content and advertising that you see on the Services and on third-party platforms
  • Synthesize and derive insights from your use of different Services
  • Provide, manage, and improve the Services and their performance, and test and create new products, features, and services
  • Secure our websites, products, software, or applications
  • Understand and resolve app crashes and other issues being reported
  • Comply with any applicable legal obligations and establish, exercise, or defend our legal rights
  • Protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or our Services
  • Prevent fraud, unauthorized access/use of the Services, breaches of terms and policies, or other wrongful behavior
  • As required or permitted by law
  • As otherwise described to you at the point of collection

Combined Information. For the purposes discussed in this Privacy Notice, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Privacy Notice.

Aggregate/Anonymous Data. We may aggregate and/or anonymize any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/Anonymous Information”). We may use Aggregate/Anonymous Information for any purpose, including without limitation for research and marketing purposes, and may also disclose such data with any third parties, including advertisers, promotional partners, and sponsors.

5. Legal Bases For Processing Personal Information

The laws in some jurisdictions require companies to tell you about the legal ground relied on to use or disclose your information. To the extent those laws apply, our legal grounds are as follows:

  • To honor our contractual commitments to you: Much of our processing of personal information is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal information on this basis to allow you to use the Services.
  • Legitimate interests: In many cases, we process personal information on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes providing security for our websites, products, software, applications, and the Services; operating our business and our Services; ensuring safe environments for our staff and visitors; making and receiving payments; complying with legal requirements and defending our legal rights; preventing fraud and knowing the customer to whom we are providing Services.
  • Consent: Where required by law, and in some other cases, we handle personal data on the basis of your consent.
  • Legal compliance: We need to use and disclose personal information in certain ways to comply with our legal obligations (such as our obligation to keep track of purchases for tax and auditing purposes).

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contact Information” section below.

6. Online Analytics, Advertising, and Marketing

Analytics. We may use third-party web and mobile application analytics services (such as those of Google Analytics) on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. The information collected by the technology will be disclosed to or collected directly by these vendors, who use the information to evaluate your use of the Services. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on.

Online Advertising. The Services may integrate third-party advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use. These third parties may place their own cookies, pixel tags and similar technologies to collect information about your use of the Services. We also allow third parties (e.g., ad networks and ad servers, such as Google Analytics, DoubleClick and others) to access their own cookies and tracking technologies on your computer, mobile phone, or other device you use to access the Services. These third parties may use this and other information they have collected about you to deliver targeted advertisements for products and services in which you might be interested.

We neither have access to, nor does this Privacy Notice govern, the use of cookies or other tracking technologies that may be placed on your device you use to access the Services by such non-affiliated third parties. If you are interested in more information about tailored browser advertising and how you can generally control cookies from being put on your computer to deliver tailored advertising, you may visit the Network Advertising Initiative’s Consumer Opt-Out link, the Digital Advertising Alliance’s Consumer Opt-Out link, or Your Online Choices to opt-out of receiving tailored advertising from companies that participate in those programs. To opt out of Google Analytics for display advertising or customize Google display network ads, visit the Google Ads Settings page. We do not control these opt-out links or whether any particular company chooses to participate in these opt-out programs. We are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms.

Please note that even if you choose to remove your information (opt-out), you will still see advertisements. Additionally, many network advertising programs allow you to view and manage the interest categories they have compiled from your online browsing activities. These interest categories help determine the types of targeted advertisements you may receive. For example, the DAA Opt-Out Page provides a tool that identifies its member companies that have cookies on your browser and provides links to those companies.

Marketing. We may use information we collect for marketing purposes, such as providing you with promotional materials that may be useful, relevant, valuable or otherwise of interest to you, in accordance with your marketing preferences. Where required under applicable law, we will obtain your prior opt-in consent to send you electronic marketing communications. You will have the ability to opt-out of receiving any such communications, either through unsubscribe links provided in the messages, by updating your account preferences, or by contacting us using the contact details provided under the "Contact Information" section below.

Notice Concerning Do Not Track. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our website for third party purposes, and that is why we provide the variety of opt-out mechanisms listed above. However, we do not currently recognize or respond to browser initiated DNT signals. Learn more about Do Not Track. Please note that Do Not Track is a different privacy mechanism than the Global Privacy Control browser choice referenced below.

7. How We Disclose Your Information

We may disclose your information in a variety of circumstances in connection with the operation of our business:

  • Platform Customers and Developers. AppDirect discloses the information you provide or that we collect to Developers and Platform Customers in connection with the interoperation of their service offerings with the Services in order for them to provide their services to you. AppDirect may provide Developers, applicable Platform Customers, and your subscribing organization with information regarding your use of the Services.
  • Joint Marketing Partners. If you choose to participate in a webinar or event that is provided jointly by AppDirect and one of our partners, the information you provide in connection with such webinar will be collected by both AppDirect and the partners jointly providing the webinar or event, and such partners may use the information collected in accordance with their privacy policies and terms, including to contact you, in accordance with applicable legal requirements.
  • Vendors. AppDirect works with third party vendors who provide website development, marketing, hosting, maintenance, and support as well as other business services for us. These third parties may have access to or process your information to the extent it is necessary for these vendors to provide the services.
  • Other Users. The Services allow users to communicate in a variety of ways. Any information that you voluntarily choose to include in an area on the Services that is accessible to another user, such as a public profile page or in a review, comment, posting, electronic message, or other User Submission, will be available to other users who have access to that content. Once you make your information available to others in any of these ways, it may be collected, used, and disclosed by the recipients without restriction.
  • Employers. We may report information to your employer's administrator such as service usage statistics that may include names of most active users, top search terms that are used, number of documents indexed and services that are accessed.
  • Aggregate/Anonymous Information. AppDirect may disclose Aggregate/Anonymous Information with interested third parties, to assist such parties in understanding the usage, viewing, and demographic patterns for certain programs, content, services, advertisements, promotions, and/or functionality on the Services.
  • Third Party Applications. We may enable you to share information from the Services to third party applications. We are not responsible for the information you share through these or similar services. These third parties may use or share your information in accordance with their own privacy policies. We strongly suggest you review the third parties’ privacy policies if you use the relevant features.
  • Affiliates and Subsidiaries. We may disclose information to affiliates and subsidiaries.
  • As Required by Law and Similar Disclosures. We may disclose information about you: (i) if we are required to do so by law, regulation, or legal process, such as a court order or subpoena; (ii) in response to requests by government agencies, such as law enforcement authorities; (iii) when we believe disclosure is necessary or appropriate to protect the rights, property, or safety of AppDirect, our users and partners, or the public; and (iv) to enforce our agreements, policies, and Terms of Service (“Terms”).
  • Merger, Sale, or Other Asset Transfers. We reserve the right to transfer your information to vendors, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company, or we sell, liquidate, or transfer all or a portion of our assets.
  • Consent. We may also disclose your information to any third parties based on your permission to do so.

8. Third Party Links And Features

The Services contain links to and integrate with websites and services provided by third parties, including without limitation Developers and Platform Customers (where applicable). Any information you provide on third party sites or services is provided directly to that third party and is subject to that third party's policies, if any, governing privacy and security. We are not responsible for the content or privacy and security practices and policies of third party sites or services to which links are displayed on the Services. We encourage you to learn about third parties’ privacy and security policies before providing them with your information.

If you use AppHelp and use specific cybersecurity programs that make cybersecurity software available on an ongoing basis (as opposed to during a support session), then your personal information is processed by Bitdefender. For more information, please see https://www.appdirect.com/legal/monetization/apphelp-privacy-notice.

9. Security

AppDirect utilizes a combination of physical, technical, and organizational security measures designed to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. However, the Internet is not a fully secure environment, and we cannot ensure or warranty the security of any information transmitted to or generated by AppDirect in connection with the Services or any other service offered by AppDirect. You play a critical role in protecting your information by maintaining up-to-date computer security protections. Steps you take to ensure the security of your computer, computer passwords, or other personal identifier authentication mechanisms are key components of the protection of your personal information. You agree that you are responsible for any additional verification procedures and security you deem necessary.

10. Data Retention

We will retain your information for as long as necessary to provide the Services and for the other purposes set out in this Notice. We also store information when necessary to comply with contractual and legal obligations, when we have a legitimate interest to do so (such as improving and developing our Services, and enhancing the safety, security, and stability of our Services). We may also store your information in order to defend or ascertain our legal rights, respond to valid legal requests, in the context of a merger/acquisition or in order to implement our Terms.

In all cases, in addition to the purposes, we consider the amount, nature and sensitivity of the personal data, as well as the potential risk of harm from unauthorized use or disclosure of your personal data, in determining how long to retain personal data.

11. Children’s Privacy

The Services are intended for general audiences and not for children under the age of 16. If we become aware that we have collected “personal information” (as defined by the United States Children’s Online Privacy Protection Act) from children under the age of 16 without legally valid parental consent, we will take reasonable steps to delete it as soon as possible. We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible. We also comply with other age restrictions and requirements in accordance with applicable local laws.

12. Your Choices And Rights

We respect your right to make choices about the ways we collect, use, and disclose your information.

Your legal rights. Applicable law (such as the GDPR) may give you various rights regarding your information. If these rights apply to you, they may permit you to request that we:

  • confirm whether or not we are processing your information and provide access to and/or a copy of certain information we hold about you
  • prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling)
  • update or rectify information which is out of date or incorrect
  • delete certain information which we are holding about you
  • oppose, cancel, or restrict the way that we process and disclose certain of your information
  • transfer your information to a third-party provider of services
  • revoke your consent for the processing of your information

We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation.

To exercise any of these rights, please contact us using the contact details provided under the “Contact Information” section below. We may request you provide us with information necessary to verify your identity before responding to your request as required or permitted by applicable law, such as your name, email address, and account information.

You may be able to designate an authorized agent to make requests on your behalf. In order for an authorized agent to be verified, you must provide the authorized agent with signed, written permission to make such requests or a power of attorney. We may also follow up with you to verify your identity before processing the authorized agent’s request as permitted by applicable law.

You have the right to complain to a data protection authority about our collection and use of your personal information. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.

Marketing. You may instruct us not to use your contact information to contact you by email, postal mail, or phone regarding products, services, and promotions that might appeal to your interests through unsubscribe links provided in the messages, by updating your account preferences, or by contacting us using the contact details provided under the "Contact Information" section below.

Please note that, regardless of your request, we may still use and disclose certain information as permitted by this Notice or as required by applicable law. For example, you may not opt out of certain operational emails, such as those reflecting our relationship or transactions with you.

13. Changes And Updates To This Privacy Notice

Please revisit this page periodically to stay aware of any changes to this Privacy Notice, which may be revised from time to time at AppDirect's sole discretion. If we modify the Privacy Notice, we will make it available through the Services, and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder, we will notify you as may be required by law. By continuing to access and use the Services, you are confirming that you have read and understood the latest version of this Policy. If you do not agree with any changes to the Privacy Notice, you may terminate your account ceasing use of the Services.

Our amended Privacy Notice will automatically take effect 30 days after it is made available through the Services.

14. Contact Information

If you have any questions, concerns or complaints regarding the use or disclosure of your information or if you would like to review, delete or update information we have about you or your preferences, you can contact us at privacy@appdirect.com.

15. Jurisdiction-Specific Notice

a. Information For California Residents

This section applies only to “personal information” about California residents, as that term is defined in the California Consumer Privacy Act (“CCPA”), and it supplements the information in the rest of our Privacy Notice. Data about individuals who are not residents of California may be handled differently and is not subject to the same California rights described below. This section does not apply to personal information we collect from employees or job applicants in their capacity as employees or job applicants.

CCPA Categories Of California Personal Information We Collect. Throughout this Notice, including the “Information We Collect” section, we discuss in detail the specific pieces of personal information we collect from and about our users. Under the CCPA, we are also required to provide you with the CCPA “categories” of personal information and sensitive personal information we collect. The categories we collect are: identifiers (such as name, address, email address); commercial information (such as transaction data); financial data (such as credit card information); internet or other network or device activity (such as browsing history or IP address); location information (e.g., your city and state based on IP address or precise location, with your consent); professional or employment related data; audio information (e.g., call recordings if you don’t opt out); and other information that identifies or can be reasonably associated with you. We also may collect certain categories of information that you choose to disclose as part of your use of the Services. The categories of sensitive personal information are account log-in and password, financial data, or other credentials allowing access to your account.

How We Use These Categories of Personal Information. We and our vendors may use and disclose all of the personal information we collect for the purposes described in this Notice, and in accordance with our disclosures in the “How We Use Your Information” section above.

This includes the following business and commercial purposes (as those terms are defined in applicable law):

  • Provide the Services (e.g., account servicing and maintenance, order processing and fulfillment, customer service, advertising and marketing, analytics, and communication about the Service);
  • Operational purposes (e.g., to enable and troubleshoot our Service);
  • Auditing consumer interactions on our site (e.g., measuring ad impressions);
  • Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
  • Bug detection, error reporting, and activities to maintain the quality or safety of our Service;
  • Short-term, transient use, such as customizing content that we or our vendors display on the Service;
  • Improving our existing Services and developing new services (e.g., by conducting research to develop new products or features);
  • Other uses that advance our commercial or economic interests, such as third-party advertising and communicating with you about relevant offers from third-party partners;
  • Other uses about which we notify you.

We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Services; (3) affiliates; and (4) third parties such as advertisers, Platform Customers, Developers, referral or reseller partners.

How We Disclose These Categories of Personal Information. We describe our information sharing practices in the “How We Disclose Your Information” section above. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for business purposes. For example, we may disclose identifiers and commercial information with Platform Customers and Developers.

Your California Privacy Rights. If you are a California resident, the CCPA allows you to make certain requests about your personal information. Specifically, the CCPA allows you to request us to:

  • Inform you about the categories of personal information we collect or disclose about you; the categories of sources of such information; the business or commercial purpose for collecting your personal information; and the categories of third parties with whom we share/disclose personal information.
  • Provide access to and/or a copy of certain personal information we hold about you.
  • Correct inaccurate personal information that we maintain about you.
  • Delete certain personal information we have about you.

You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right not to be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the Services to you. If you ask us to delete it, you may no longer be able to access or use the Services.

If you would like further information regarding your legal rights under California law or would like to exercise any of them, please contact us at privacy@appdirect.com. You will need to provide us with information sufficient to verify your identity before we can satisfy your request. To do so, you will need to provide us with certain information regarding yourself and/or your usage of the Services, such as name, email address, and account information. You may also designate an authorized agent to make a request on your behalf. To do so, you need to provide us with written authorization or a power of attorney for the agent to act on your behalf. You will still need to verify your identity directly with us.

“Sharing” and “Selling” Information. The CCPA requires businesses that “sell” personal information, as the term “sell” is defined under the CCPA, to provide an opt-out from such sales. Some people have taken the position that when a website uses third parties’ cookies or similar technology for its own analytics or advertising purposes, the website is engaged in a “sale” under the CCPA if the third parties have some ability to use, disclose or retain the data to improve their service or to take steps beyond the most narrowly drawn bounds of merely providing their service to the website/app. Some take this position even when the website pays the third party (not vice versa), and in most cases merely provides the third party with an opportunity to collect data directly, instead of providing personal information to the third party. As part of these analytics and advertising services, these technologies may access identifiers (like IP addresses), internet or other electronic network activity information (like information regarding an individual’s browsing interactions on our Site), and commercial information (like the fact that a browser visited a page directed to people who are considering purchasing the Services) to those sorts of companies. While we do not believe these are “sales” as that term is defined under the CCPA, you can opt out of this activity by visiting your cookie settings on our website to manage your preferences.

The CCPA also requires businesses that "share“ personal information to provide an opt out from such sharing. Under the CCPA,” sharing” is defined as the targeting of advertising to a consumer based on that consumer’s personal information obtained from the consumer’s activity across websites. We may “share” information for these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share“ identifiers (like IP addresses and email addresses), internet or other electronic network activity information (like information regarding an individual’s browsing interactions on our Site), and commercial information (like the fact that a browser visited a page directed to people who are considering purchasing the Services) with advertising platforms and advertising networks. To opt out of such “sharing,” please visit your cookie settings on our website to manage your preferences.

Please note that we also respond to and abide by opt-out preference signals sent through the Global Privacy Control. Any opt out preferences you have exercised through these methods will only apply to the specific device/browser on which you made them. For more information on how to use the Global Privacy Control, see www.globalprivacycontrol.org.

We do not knowingly “sell” or “share” the personal information of children under 16. We will only “sell” or “share” such personal information if we receive express consent to do so from those aged 13 to 16 years of age.

Sensitive Personal Information. The CCPA also allows you to limit the use or disclosure of your “sensitive personal information” (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.

Data Retention. Please see the “Data Retention” section above.

California “Shine the Light” Disclosure

The California “Shine the Light” law gives residents of California the right under certain circumstances to opt out of the disclosure of certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not disclose your personal information with third parties for their own direct marketing purposes.

b. Information for Brazil

This section applies to personal data processing activities under Brazilian law. If you are a resident of Brazil, you may have certain rights. Brazilian law may permit you to request that we:

  • confirm whether we process your data;
  • provide access to and/or a copy of certain information we hold about you;
  • correct incomplete, inaccurate and outdated data;
  • anonymize, block or delete data that is unnecessary, excessive or not being processed in accordance with Brazilian data protection law;
  • port your personal data to another service or product vendor;
  • delete personal data processed with your consent, when applicable;
  • provide you with information regarding the public and private entities with which we share data;
  • provide you with information about the possibility of withdrawing consent and the consequences of such withdrawal, where applicable; withdraw your consent.

To exercise your rights, please contact us at privacy@appdirect.com. You may be required to verify your identity before we fulfill your request. To do so, you will need to provide us with certain information regarding yourself and/or your usage of the Services, such as your name, email address, and account information.

c. Information For International Users

Please note that in providing services to you, we may subcontract the processing of your data to, or otherwise disclose your information to, other members within the AppDirect group, trusted vendors, and trusted business partners in countries other than the country in which the information was originally collected, including the United States of America. Such third parties may be engaged in, among other things, the provision of the Services to you, the processing of transactions and/or the provision of support services.

Where required, we will use appropriate safeguards for transferring data outside of the EEA. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these safeguards, please contact us as at privacy@appdirect.com.