Data Security, Retention and Communication Policy
Regroup Mass Communication
This document serves as Regroups’ (“we” or “us”) privacy notice to customers and contacts that customers upload to the Regroup Platform. It describes the types of personal information that we collect from clients and contacts, how we use that information, third-parties we may share the information with, and your choices in editing/removing the information.
We honor your trust in Regroup and are committed protecting your privacy rights and using best practices and precautions to maintain the security of your data.
Our privacy practices will vary depending on the circumstances under which we collected your personal information. Regroup collects personal information in the following circumstances:
- Personal information collected from clients
- Personal information collected through our Websites
- Personal information collected through our mobile applications
We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. The security of your personal information and our clients’ information is extremely important to us. For example, we use commercially reasonable security measures such as encryption, firewalls, and transport layer security (TLS) or hypertext transfer protocol secure (HTTPS) to protect Personal Data.
However the safety and security of your information is also dependent on you. Where we have given you (or where you have chosen) a password for access to certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the website.
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
For University clients in the United States, Regroup will maintain data in accordance to the Clery Act. The Jeanne Clery Disclosure Of Campus Security Policy And Campus Crime Statistics Act (Clery Act), a consumer protection law passed in 1990, requires all colleges and universities who receive federal funding to share information about crime on campus and their efforts to improve campus safety. Regroup maintains live data for one full calendar year accessible in the Regroup Web Portal. Clery reports are available for three full-calendar years upon requests to email@example.com.
Information Collected from Clients
Regroup provides a critical mass communication platform that allows our clients to better manage emergencies. Part of this capability involves Regroup’s software enabling our clients to broadcast notifications to targeted individuals. To broadcast a notification, the client will have uploaded contact information for their recipients into the Regroup system from various data sources which they manage. Recipients’ names and basic contact information (such as mobile numbers, work telephones, and email addresses) are then available within the Regroup platform to send out notifications.
Regroup has no direct relationship with the recipients whose personal information it processes from our clients. Our clients are typically organizations that the recipient belongs to (i.e. Universities, non-for profits, etc.), the recipient’s employer, or a local or state government agency with jurisdiction over the area where the recipient resides.
It may be necessary to share our client data with third-parties in order for Regroup to provide certain services to our clients. For example, we will need to transmit a recipient’s cell-phone number to a telecommunications operator in order to deliver a client-initiated notification to contacts/recipients. Under such circumstances we will only transmit the information needed to fulfil the obligations described in our client’s service contract.
These third parties are also bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them. We do not sell, trade, or rent client or recipient data to others.
How we use your Information
Regroup uses your personal data in ways that are compatible with the purposes for which it was collected or authorized by you or on behalf of our clients, including for the following purposes:
- To inform you about services available from Regroup;
- To administer content, promotion, survey or other Sites features;
- To communicate about, and administer your participation in surveys, special programs, offers or promotions and to deliver pertinent emails;
- To improve our customer service;
- To respond to and support customers regarding their use of the Sites;
- To comply with all applicable legal requirements.
Choices in How we Use Your Information
We are committed to provide you with choices regarding your personal information. We have created mechanisms to provide you with the following control over your information:
- We use client data only as necessary to deliver the Regroup services that a client has agreed to use. These include, but are not limited to, the provision of our notification services, client support, and notification of new features and services. We may also use client data to contact you regarding administrative notices, to resolve disputes, troubleshoot problems and enforce the client services agreement. Regroup will retain personal information (including geolocation data) provided by our clients for as long as is needed to provide services to our clients and in accordance with the client’s service agreement. In addition to this privacy notice, usage of client data is subject to and covered by the applicable client services agreement.
- If you are accessing Regroup services as an employee, resident or other contact type of one of our clients, and you wish to make any changes to your contact information, you will need to do so through that client. If you would no longer like to receive communications from the client, please contact the Regroup client that you interact with directly. If the client requests Regroup to remove the data, we will respond to their request promptly, within a reasonable period of time. If you are unsure of which Regroup client you are receiving notifications from you can always email firstname.lastname@example.org and we will redirect your communication to the proper client point of contact.
- Push Notifications. We may occasionally send you push notifications through our mobile apps to send you updates and other service-related notifications that may be of importance to you. You may opt-out from receiving these types of communications, at any time, by contacting our support team at email@example.com or simply disabling push notifications from the mobile app settings.
Legal Basis for Collecting Information (EU Only)
If you are from the European Union (EU), our legal basis for processing your personal information will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.
If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will normally be to operate our website and communicate with you as necessary to provide our products and services to you and for our legitimate commercial interest. These legitimate interests include, for example, responding to your queries, improving our platform, undertaking marketing, or detecting or preventing illegal activities. We may have other legitimate interests and, if appropriate, we will make clear to you at the relevant time what those legitimate interests are. Regroup understands that you have certain rights to your personal data;
- The right of access. You have the right to request a copy of your Personal Data which we hold about you.
- The right of correction: You have the right to request correction or changes of your Personal Data if it is found to be inaccurate or out of date.
- The right to be forgotten: You have the right to request us, at any time, to delete your Personal Data from our servers and to erase your Personal Data when it is no longer necessary for us to retain such data. Note, however, that deletion of your Personal Data will likely impact your ability to use our services.
- The right to object (opt-out): You have the right to opt-out of certain uses of your Personal Data, such as direct marketing, at any time.
- The right to data portability: You have the right to a “portable” copy of your Personal Data that you have submitted to us. Generally, this means your right to request that we move, copy or transmit your Personal Data stored on our servers / IT environment to another service provider’s servers / IT environment.
- The right to refuse to be subjected to automated decision making, including profiling: You have the right not to be subject to a decision and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
- The right to lodge a complaint with a supervisory authority.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided at firstname.lastname@example.org.
When visiting our marketing website www.regroup.com we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.
We link this automatically collected data to other information we collect about you. We do this to improve our offered services, marketing, analytics, and site functionality.
Note: Regroup does not attempt to collect any sensitive information, such as personal financial information, social security or driver’s license numbers, or personal health information, on our Websites.
Minors (Under 18 Years Old)
Regroup products are not intended for use by minors under the age of 18. We do not intentionally gather Personal Data about visitors who are under the age of 13. If a child has provided us with Personal Data, a parent or guardian of that child may contact us to have the information deleted from our records. If you believe that we might have any information from a child under age 13, please contact us at email@example.com. If we learn that we have inadvertently collected the personal information of a child under 13, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.
Changes to this Privacy Notice
From time to time, we may update this privacy notice to reflect changes to our information practices. We encourage you to periodically review this page for the latest information on our privacy practices.
How to Contact Us
Regroup Mass Communication
709 Noe Street
San Francisco, CA 94114