Privacy Policy of Upfort

Upfort collects some Personal Data from its Users.

Personal Data processed for the following purposes and using the following services:

    • Analytics

      • Google Analytics (Universal Analytics)

        Personal Data: Cookies; Usage Data

    • Collection of privacy-related preferences

      • iubenda Cookie Solution

        Personal Data: Trackers

    • Contacting the User

      • Mailing list or newsletter

        Personal Data: address; company name; email address; first name; last name; phone number

    • Data transfer outside of the UK

      • Data transfer abroad based on consent (UK) and Data transfer abroad based on standard contractual clauses (UK)

        Personal Data: various types of Data

    • Data transfer outside the EU

      • Data transfer abroad based on consent and Data transfer abroad based on standard contractual clauses

        Personal Data: various types of Data

    • Displaying content from external platforms

      • Calendly widget

        Personal Data: calendar information; email address; name

      • Google Fonts

        Personal Data: Tracker; Usage Data

    • Handling payments

      • Stripe

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Hosting and backend infrastructure

      • Firebase Cloud Firestore, Firebase Cloud Functions, Firebase Cloud Storage and Firebase Realtime Database

        Personal Data: Usage Data; various types of Data as specified in the privacy policy of the service

      • Firebase Hosting

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Infrastructure monitoring

      • Sentry and Uptime Robot

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Interaction with live chat platforms

      • Zendesk Chat

        Personal Data: company name; email address

    • Interaction with support and feedback platforms

      • Zendesk Widget

        Personal Data: company name; email address

    • Managing contacts and sending messages

      • SparkPost

        Personal Data: email address; various types of Data as specified in the privacy policy of the service

      • Postmark

        Personal Data: company name; email address

      • Customer.io

        Personal Data: email address; Tracker; Usage Data

      • Appcues

        Personal Data: email address; first name; last name; phone number

    • Managing data collection and online surveys

      • Typeform

        Personal Data: email address; first name; last name

    • Managing support and contact requests

      • Zendesk

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Platform services and hosting

      • Webflow

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Registration and authentication

      • Firebase Authentication

        Personal Data: email address; first name; last name; password; phone number; profile picture

      • Google OAuth and Adherence to the Google API Services User Data Policy and Limited Use Requirements

        Personal Data: various types of Data as specified in the privacy policy of the service

    • Traffic optimization and distribution

      • Cloudflare

        Personal Data: various types of Data as specified in the privacy policy of the service

Information on opting out of interest-based advertising

In addition to any opt-out feature provided by any of the services listed in this document, Users may learn more on how to generally opt out of interest-based advertising within the dedicated section of the Cookie Policy.

Further information about the processing of Personal Data

    • Network traffic data

      We may analyze your network traffic data for the sake of stopping cyber attacks. We may hold on to anonymized versions of network traffic data for training and improving our detection algorithms. We will never sell network traffic data to 3rd party data brokers.

    • Gmail Inbox Access

      We request read rights to your inbox in order to analyze emails for phishing and malware attacks. Emails are destroyed after being analyzed unless they are flagged as malicious. We keep emails that are deemed malicious to better train our detection model and to report to you the types of attacks your inbox is facing.

    • Google Admin SDK

      We collect email and names of your employees via the Admin SDK to streamline the onboarding process and save you the trouble of typing in your employees one by one. We will never resell this data to a 3rd party data broker.

    • California Consumer Privacy Act (CCPA) Data Deletion

      If you would like your data deleted in conjunction with the California Consumer Privacy Act (CCPA), please email us at ccpa@upfort.com for processing

    • California Consumer Privacy Act (CCPA) Data Resell

      We do not resale consumer data in any way which qualifies under the California Consumer Privacy Act (CCPA).

    • Outlook Inbox Access

      In order for the Inbox Defender to analyze emails for danger, it needs access to the content of the email, to include the sender's information and email body. That information is sent to Paladin's threat detection engine, and upon processing, is deleted after a result is sent back to the client. We keep emails that are deemed malicious to better train our detection model and to report to you the types of attacks your inbox is facing.

    • Google Contacts Read Only

      We utilize this permission during the on-boarding process if you are not an administrator of your domain to add users based on your contact list.

    • Preference Cookies

      Preference Cookies store the User preferences detected on Upfort in the local domain such as, for example, their timezone and region.

    • Personal Data collected through sources other than the User

      The Owner of Upfort may have legitimately collected Personal Data relating to Users without their knowledge by reusing or sourcing them from third parties on the grounds mentioned in the section specifying the legal basis of processing.
      Where the Owner has collected Personal Data in such a manner, Users may find specific information regarding the source within the relevant sections of this document or by contacting the Owner.

Contact information

    • Owner and Data Controller

      Paladin Data Insurance Corp.
      1586 Campus Dr, Berkeley, CA 94708

      EU Representative
      Instant EU GDPR Representative Ltd
      Represented by Adam Brogden
      Office 2 12A Lower Main Street, Lucan Co. Dublin K78 X5P8 Ireland
      Contact: contact@gdprlocal.com

      UK Representative
      GDPR Local Ltd
      Represented by Adam Brogden
      1st Floor Front Suite 27-29 North Street, Brighton England BN1 1EB
      Contact: contact@gdprlocal.com

      Owner contact email: contact@upfort.com