Upfort collects some Personal Data from its Users.
Personal Data: browser information; clicks; page views
Personal Data: number of Users; session statistics; Trackers; Usage Data
Personal Data: IP address; Trackers
Personal Data: address; company name; email address; first name; last name; phone number
Personal Data: various types of Data
Personal Data: various types of Data
Personal Data: calendar information; email address; name
Personal Data: Tracker; Usage Data
Personal Data: various types of Data as specified in the privacy policy of the service
Personal Data: clicks; device information; page views; Usage Data
Personal Data: Usage Data; various types of Data as specified in the privacy policy of the service
Personal Data: various types of Data as specified in the privacy policy of the service
Personal Data: various types of Data as specified in the privacy policy of the service
Personal Data: company name; email address
Personal Data: company name; email address
Personal Data: email address; various types of Data as specified in the privacy policy of the service
Personal Data: email address; Tracker; Usage Data
Personal Data: email address; first name; last name; phone number
Personal Data: email address; first name; last name
Personal Data: various types of Data as specified in the privacy policy of the service
Personal Data: various types of Data as specified in the privacy policy of the service
Personal Data: email address; first name; last name; password; phone number; profile picture
Personal Data: various types of Data as specified in the privacy policy of the service
Personal Data: answers to questions; clicks; keypress events; motion sensor events; mouse movements; scroll position; touch events; Trackers; Usage Data
Personal Data: various types of Data as specified in the privacy policy of the service
Personal Data: Trackers; Usage Data
Personal Data: Usage Data
In addition to any opt-out feature provided by any of the services listed in this document, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section of the Cookie Policy.
We may analyze your network traffic data for the sake of stopping cyber attacks. We will never sell network traffic data to 3rd party data brokers.
We request read rights to your inbox in order to analyze emails for phishing and malware attacks. Emails are destroyed after being analyzed and are not used to develop, improve, or train generalized AI and/or ML models. Security procedures are in place to protect the confidentiality of your data. We use encryption to protect your information.
To provide its service, Upfort uses restricted scopes for Gmail which allow access to User Data related to this Google service (as indicated below). This access is provided by Google LLC under strict terms. Here's what this means for such User Data:
• The use of User Data is limited to providing or improving User-facing features. User Data will not be used for serving ads, including retargeting, personalized, or interest-based advertising.
• User Data will be transferred to third parties only if necessary, to provide or improve User-facing features and as necessary to comply with applicable law or as part of a merger, acquisition, or sale of assets with notice to Users.
Humans will not read the Data unless:
• the Owner has obtained the User's affirmative agreement for specific messages;
• it is necessary for security purposes and/or to comply with applicable law, or;
• the use is limited to internal operations and the Data (including derivations) have been aggregated and anonymized.
We collect email and names of your employees via the Admin SDK to streamline the onboarding process and save you the trouble of typing in your employees one by one. We will never resell this data to a 3rd party data broker.
If you would like your data deleted in conjunction with the California Consumer Privacy Act (CCPA), please email us at ccpa@upfort.com for processing
We affirm that Google APIs, including but not limited to Google Workspace APIs, are not used to develop, improve, or train generalized AI and/or ML models. Our application does not retain or use Google data to train generalized AI or ML models.
Transfer of Data to Third-Party AI Tools:
We do not transfer any Google user data to third-party AI tools for the purpose of developing, improving, or training generalized or non-personalized AI/ML models.
Your rights:
You have the right to access, correct, and delete your personal information at any time. You can do this by contacting us. You also have the right to object to the processing of your personal information and to lodge a complaint with the appropriate supervisory authority.
Security:
We take appropriate technical and organizational measures to protect your personal information from unauthorized access, use, or disclosure. We use industry-standard encryption technologies and secure Google Cloud Platform servers for data storage and processing to protect your information.
Upfort's use of information received from Google APIs will adhere to the Google API Terms of Service and the Google API Services User Data Policy, including the Limited Use requirements.
Limited Use
Our app strictly complies with all conditions specified in the limited use policy of Google.
• Do not allow humans to read the user's data unless you have obtained the user's affirmative agreement to view specific messages, files, or other data.
• Do not use or transfer the data for serving ads, including retargeting, personalized, or interest-based advertising; and
Authorized Agents: Some U.S. state privacy laws allow you to designate an authorized agent to submit privacy requests on your behalf. If you choose to use an authorized agent, we will require proof of the agent’s authority to act for you. For example, we may ask for a signed written permission from you or a valid power of attorney. We may also require you to verify your own identity with us directly and confirm that you gave the agent permission to make the request. We will only respond to requests from authorized agents that we can verify have been legitimately authorized by the relevant user, in accordance with applicable laws.
Appeals Process: Certain states (such as Colorado, Connecticut, Virginia, and others) grant you the right to appeal if we deny your request to exercise your privacy rights. If we refuse to take action on a request you submitted, our response will include the reason for the denial and instructions on how you can appeal the decision. To initiate an appeal, follow the procedures outlined in our response (for example, by contacting us through the designated email or web form provided for appeals). We will review your appeal and respond within the timeframe required by law (e.g., within 45 days, unless an extension is permitted and needed). If your appeal is ultimately denied, we will inform you of the decision and advise you of any further options available to you under applicable law (for instance, how to contact your state’s Attorney General or privacy regulator to lodge a complaint).
We do not offer financial incentives or price/service differences in exchange for your personal information. This means Upfort does not provide any rewards, discounts, loyalty programs, or other benefits that are conditioned upon you providing or allowing us to retain your personal data, nor do we penalize you for exercising your privacy rights. If in the future we choose to offer a program that involves financial incentives or preferential pricing related to the collection, retention, or sale of personal information, we will provide you with a detailed notice explaining the material terms of any such program. We would also obtain your explicit opt-in consent before enrolling you in a financial incentive program, as required by applicable law (for example, the California Privacy Rights Act), and you would have the right to withdraw from such programs at any time.
The following disclosures supplement our Privacy Policy only for California residents. They explain rights granted by California law and do not apply to users who live elsewhere.
California “Shine the Light” Law: California Civil Code § 1798.83 permits California residents to request information about our disclosures of certain categories of personal information to third parties for those third parties’ direct marketing purposes. Upfort does not disclose personal information to unaffiliated third parties for their own direct marketing use without your consent. Because we do not engage in such sharing, we do not maintain a list of third parties for marketing purposes and we do not anticipate any “Shine the Light” requests. California residents who have questions about our compliance with this law or who seek further information may contact us using the contact details provided in this policy.
Do Not Track Signals: Some web browsers and devices can send a “Do Not Track” (DNT) signal to websites, indicating a preference that the website not track the user’s online activities. Currently, there is no consensus or industry standard on how to interpret DNT signals, and therefore Upfort does not respond to browser DNT signals. However, we do honor certain universal opt-out preference signals, such as the Global Privacy Control (GPC), as a valid request to opt out of the sale or sharing of personal information, as described in the “How to exercise your rights to opt out” section above. In short, while DNT browser signals are not processed, any GPC or similar signal that is recognized under applicable law will be honored by Upfort in a frictionless manner.
These California‑specific provisions add to, but do not limit, the rest of our Privacy Policy. If you have questions about any privacy right—whether under California law or another jurisdiction—please contact us. Upfort treats all users fairly and will not retaliate against anyone who exercises a privacy right.
Not for children under 13. Upfort is designed for adults. We do not knowingly collect, solicit, or store Personal Data from anyone under 13 years of age. If we learn that we have inadvertently received such information, we will delete it without delay.
Ages 13‑17—parental consent required. Teen users (13 to 17, or the higher age of majority in their jurisdiction) may use Upfort only when a parent or legal guardian has reviewed our Terms of Service and provided verifiable consent.
No sale or sharing of minors’ data. Consistent with the California Consumer Privacy Act and similar state laws, Upfort does not sell or share the Personal Information of consumers under 16 years old without the required opt‑in consent.
EU/UK residents under 16. Where the General Data Protection Regulation or UK GDPR applies, we rely on parental consent for users under 16 years of age (or the lower age—never below 13—set by the user’s country).
Parental rights. Parents or guardians who believe we hold Personal Data about a child may email privacy@upfort.com or write to the address in the “Owner and Data Controller” section. We will verify the request and, where required by law, provide access to or delete the child’s information.
We do not sell your personal information in the everyday sense of the word. We never exchange your data for cash, we never hand it to data brokers, and we never let anyone use it to build their own marketing lists. We do send limited device and usage data to trusted analytics partners solely to operate, secure, and improve our services. In certain jurisdictions, this can be labeled as a "sale" or "share". You can opt out at any time via our Do Not Sell/Share link or by enabling the Global Privacy Control signal, and we will stop sending your visitor‑level analytics data.
We utilize this permission during the on-boarding process if you are not an administrator of your domain to add users based on your contact list.
Preference Cookies store the User preferences detected on Upfort in the local domain such as, for example, their timezone and region.
The Owner of Upfort may have legitimately collected Personal Data relating to Users without their knowledge by reusing or sourcing them from third parties on the grounds mentioned in the section specifying the legal basis of processing. Where the Owner has collected Personal Data in such a manner, Users may find specific information regarding the source within the relevant sections of this document or by contacting the Owner.
The Personal Data collected are used to provide the User with services or to sell goods, including payment and possible delivery. The Personal Data collected to complete the payment may include the credit card, the bank account used for the transfer, or any other means of payment envisaged. The kind of Data collected by Upfort depends on the payment system used.
Paladin Data Insurance Corp. dba Upfort
1990 N CALIFORNIA BLVD FL 8
1272
WALNUT CREEK, CA 94596
EU Representative
Instant EU GDPR Representative Ltd
Represented by Adam Brogden
Office 2 12A Lower Main Street, Lucan Co. Dublin K78 X5P8 Ireland
Contact: contact@gdprlocal.com
UK Representative
GDPR Local Ltd
Represented by Adam Brogden
1st Floor Front Suite 27-29 North Street, Brighton England BN1 1EB
Contact: contact@gdprlocal.com
Owner contact email: contact@upfort.com