Cookie Policy of Off Script

This document informs Users about the technologies that help this Website to achieve the purposes described below. Such technologies allow the Owner to access and store information (for example by using a Cookie) or use resources (for example by running a script) on a User’s device as they interact with this Website.

For simplicity, all such technologies are defined as "Trackers" within this document – unless there is a reason to differentiate.
For example, while Cookies can be used on both web and mobile browsers, it would be inaccurate to talk about Cookies in the context of mobile apps as they are a browser-based Tracker. For this reason, within this document, the term Cookies is only used where it is specifically meant to indicate that particular type of Tracker.

Some of the purposes for which Trackers are used may also require the User's consent. Whenever consent is given, it can be freely withdrawn at any time following the instructions provided in this document.

This Website uses Trackers managed directly by the Owner (so-called “first-party” Trackers) and Trackers that enable services provided by a third-party (so-called “third-party” Trackers). Unless otherwise specified within this document, third-party providers may access the Trackers managed by them.
The validity and expiration periods of Cookies and other similar Trackers may vary depending on the lifetime set by the Owner or the relevant provider. Some of them expire upon termination of the User’s browsing session.
In addition to what’s specified in the descriptions within each of the categories below, Users may find more precise and updated information regarding lifetime specification as well as any other relevant information – such as the presence of other Trackers - in the linked privacy policies of the respective third-party providers or by contacting the Owner.

Activities strictly necessary for the operation of this Website and delivery of the Service

This Website uses so-called “technical” Cookies and other similar Trackers to carry out activities that are strictly necessary for the operation or delivery of the Service.

Third-party Trackers

• SPAM protection

  This type of service analyzes the traffic of this Website, potentially containing Users' Personal Data, with the purpose of filtering it from parts of traffic, messages and content that are recognized as SPAM.

  Google reCAPTCHA (Google Ireland Limited)

  Google reCAPTCHA is a SPAM protection service provided by Google Ireland Limited.
  The use of reCAPTCHA is subject to the Google privacy policy and terms of use.

  Personal Data processed: Cookies and Usage Data.

  Place of processing: Ireland – Privacy Policy. Privacy Shield participant.

• Traffic optimization and distribution

  This type of service allows this Website to distribute their content using servers located across different countries and to optimize their performance.
  Which Personal Data are processed depends on the characteristics and the way these services are implemented. Their function is to filter communications between this Website and the User's browser.
  Considering the widespread distribution of this system, it is difficult to determine the locations to which the contents that may contain Personal Information of the User are transferred.

  Cloudflare (Cloudflare Inc.)

  Cloudflare is a traffic optimization and distribution service provided by Cloudflare Inc.
  The way Cloudflare is integrated means that it filters all the traffic through this Website, i.e., communication between this Website and the User's browser, while also allowing analytical data from this Website to be collected.

  Personal Data processed: Cookies and various types of Data as specified in the privacy policy of the service.

  Place of processing: United States – Privacy Policy.

Other activities involving the use of Trackers

Basic interactions & functionalities

This Website uses Trackers to enable basic interactions and functionalities, allowing Users to access selected features of the Service and facilitating the User's communication with the Owner.

• Registration and authentication

  By registering or authenticating, Users allow this Website to identify them and give them access to dedicated services.
  Depending on what is described below, third parties may provide registration and authentication services. In this case, this Website will be able to access some Data, stored by these third-party services, for registration or identification purposes.
  Some of the services listed below may also collect Personal Data for targeting and profiling purposes; to find out more, please refer to the description of each service.

  Auth0 (Auth0, Inc)

  Auth0 is a registration and authentication service provided by Auth0, Inc. To simplify the registration and authentication process, Auth0 can make use of third-party identity providers and save the information on its platform.

  Personal Data processed: Cookies, email address, first name, last name, password, picture and various types of Data as specified in the privacy policy of the service.

  Place of processing: European Union – Privacy Policy. Privacy Shield participant.

• Tag Management

  This type of service helps the Owner to manage the tags or scripts needed on this Website in a centralized fashion.
  This results in the Users' Data flowing through these services, potentially resulting in the retention of this Data.

  Segment (Segment Inc.)

  Segment is a tag management service provided by Segment.io, Inc.

  Personal Data processed: Cookies and Usage Data.

  Place of processing: United States – Privacy Policy. Privacy Shield participant.

Experience enhancement

This Website uses Trackers to provide a personalized user experience by improving the quality of preference management options, and by enabling interaction with external networks and platforms.

• Interaction with external social networks and platforms

  This type of service allows interaction with social networks or other external platforms directly from the pages of this Website.
  The interaction and information obtained through this Website are always subject to the User’s privacy settings for each social network.
  This type of service might still collect traffic data for the pages where the service is installed, even when Users do not use it.
  It is recommended to log out from the respective services in order to make sure that the processed data on this Website isn’t being connected back to the User’s profile.

  Facebook Like button and social widgets

  The Facebook Like button and social widgets are services allowing interaction with the Facebook social network provided by Facebook, Inc. or by Facebook Ireland Ltd, depending on the location this Website is accessed from,

  Personal Data processed: Cookies and Usage Data.

  Place of processing: United States – Privacy Policy; Ireland – Privacy Policy. Privacy Shield participant.

Measurement

This Website uses Trackers to measure traffic and analyze User behavior with the goal of improving the Service.

• Analytics

  The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.

  MixPanel (MixPanel)

  MixPanel is an analytics service provided by Mixpanel Inc.

  Personal Data processed: Cookies and Usage Data.

  Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant.

  Google Analytics (Google Ireland Limited)

  Google Analytics is a web analysis service provided by Google Ireland Limited (“Google”). Google utilizes the Data collected to track and examine the use of this Website, to prepare reports on its activities and share them with other Google services.
  Google may use the Data collected to contextualize and personalize the ads of its own advertising network.

  Personal Data processed: Cookies and Usage Data.

  Place of processing: Ireland – Privacy Policy – Opt Out. Privacy Shield participant.

  Facebook Ads conversion tracking (Facebook pixel) (Facebook, Inc.)

  Facebook Ads conversion tracking (Facebook pixel) is an analytics service provided by Facebook, Inc. that connects data from the Facebook advertising network with actions performed on this Website. The Facebook pixel tracks conversions that can be attributed to ads on Facebook, Instagram and Audience Network.

  Personal Data processed: Cookies and Usage Data.

  Place of processing: United States – Privacy Policy. Privacy Shield participant.

  Amplitude (Sonalight, Inc.)

  Amplitude is an analytics service provided by Sonalight, Inc.
  This service is designed for mobile apps analytics and can collect various information about your phone, highlighted in the Amplitude privacy policy.

  Personal Data processed: Cookies and Usage Data.

  Place of processing: United States – Privacy Policy.

  Heap Analytics (Heap Inc.)

  Heap Analytics is an analytics service provided by Heap Inc.

  Personal Data processed: Cookies and Usage Data.

  Place of processing: United States – Privacy Policy.

• Content performance and features testing (A/B testing)

  The services contained in this section allow the Owner to track and analyze the User response concerning web traffic or behavior regarding changes to the structure, text or any other component of this Website.

  Optimizely (Optimizely, Inc.)

  Optimizely is an A/B testing service provided by Optimizely, Inc.

  Personal Data processed: Cookies and Usage Data.

  Place of processing: United States – Privacy Policy.

• Heat mapping and session recording

  Heat mapping services are used to display the areas of a page where Users most frequently move the mouse or click. This shows where the points of interest are. These services make it possible to monitor and analyze web traffic and keep track of User behavior.
  Some of these services may record sessions and make them available for later visual playback.

  Full Story

  Privacy Policy
  Thanks for visiting FullStory. This privacy policy explains the what, how, and why of the Personal Information we collect when you visit the website located at www.fullstory.com (the “Site”) and when you use the FullStory SaaS analytics software and services (“Services”) and includes Personal Information collected via email, SMS, telephone, or other means. It also explains the specific ways we use and disclose that information and how you can exercise your privacy rights. By using or accessing the Site or Services, you are accepting the practices described in this Privacy Policy and our processing of your information as described below.
  
  FullStory is subject to the regulatory and enforcement authority of the United States Federal Trade Commission.
  
  The Full Story on FullStory
  FullStory is based in Atlanta, GA, USA.
  
  The FullStory Services utilize a powerful script that creates a new level of ease for website owners to understand the usability of their websites. Website owners who use FullStory Services can watch a DVR-like video playback of user sessions on their website, enabling meaningful insight into their users' experience, as an effective way to identify usability problems and other areas for improvement. FullStory exists to make the web better for end-users, and it is only available to websites that share that goal.
  
  Definitions
  Getting a few definitions out of the way should help you better understand this policy.
  
  “FullStory” means FullStory, Inc., a Delaware corporation. We may also refer to FullStory as “we”, “us”, or “our”.
  
  “FullStory Customer” means any customer that has entered into an agreement with FullStory to use the FullStory Services on its site, including those in a trial environment.
  
  “Personal Information” means any information which may identify an individual, directly or indirectly. Examples of Personal Information include, but are not limited to, first and last name, home address, billing address or other physical address, email address, telephone number, etc.
  
  “User” refers to a visitor to a website that uses the FullStory Services or a client of a FullStory Customer.
  
  “Visitor” refers to anyone accessing the FullStory website, www.fullstory.com.
  
  Information we collect
  The types of information we collect varies depending on whether you are:
  
  A FullStory Visitor,
  A FullStory Customer, or
  A User, i.e., someone visiting a website that uses FullStory Services
  A. Information Collected from FullStory Visitors
  This section applies to Personal Information we may process in the usual course of business via the Site.
  
  If you are a Visitor, FullStory collects information on your use of the Site, such as pages visited, links clicked, non-sensitive text entered, and mouse movements, as well as information more commonly collected such as the referring URL, browser, operating system, and Internet Protocol (“IP”) address. We use publicly available sources to approximate your geographic region and Internet Service Provider based on your IP address. We use the term “Usage Data” to refer to this information about your use of the Site that we collect. FullStory’s purpose in collecting Usage Data is to better understand how FullStory’s Visitors use the Site.
  
  FullStory collects information that may be personally identifiable, such as IP addresses. Also, you may choose to interact with the Site in a way that results in your providing Personal Information to FullStory, such as giving us your name, email address, and user name when signing up for a free trial of the Services or creating an account to license the Services or to post comments to the FullStory blog or social media sites, etc. Any information you provide in the FullStory blog or social media areas may be read, collected, and used by others who access them.
  
  Any Personal Information provided by you as a Visitor to the Site will be used only as described in this Privacy Policy and in FullStory’s Acceptable Use Policy located at https://www.fullstory.com/legal/acceptable-use/.
  
  Cookies on the Site:
  
  For Visitors to the Site, FullStory uses first party cookies, third party cookies, and other tracking technologies in order to:
  
  Provide personalized pages for visitors,
  Help us track email response rates, measure the success of our marketing campaigns, identify when our emails are viewed and track whether our emails are forwarded,
  Provide assistance in navigation,
  Provide assistance during the visit,
  Analyze your use of our products, services, or applications,
  Assist us with our promotional or marketing efforts.
  When you visit any website, it may store or retrieve information on your browser in the form of cookies. This information might be about you, your preferences, or your device. It is used to make the Site work as you expect it to, and is designed to give you a more personalized web experience.
  
  Because we respect your right to privacy, we provide you with a nice user interface you can use to opt out of our use of some types of cookies. In our Privacy Preference Centre, you can click on the different category headings to find out more and change our default cookie settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.
  
  Here are the types of cookies we use:
  
  Strictly Necessary Cookies: These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in, or filling in forms.
  
  You can set your browser to block or alert you about these cookies, but some parts of the site will not then work.
  
  Performance & Functionality Cookies: These cookies are used to enhance the performance and functionality of our website but are non-essential to their use. However, without these cookies, certain functionality may become unavailable.
  
  Analytics & Customization Cookies: These cookies collect information that is used either in aggregate form to help us understand how our websites are being used or how effective our marketing campaigns are, or to help us customize our websites and applications for you in order to enhance your experience.
  
  B. Information collected for FullStory Customers
  This section applies to Personal Information of FullStory Customers that we may process via provision of the FullStory Services. If you are not a Customer, please refer to either the FullStory Visitors or the FullStory Users section of this policy.
  
  We use FullStory on FullStory. In this regard, we use a separate instance of the FullStory Services to monitor the instance of FullStory Services that our customers use. This includes using first-party cookies to maintain a coherent scope for a customer user session across the customer-facing FullStory Services. In addition, the customer-facing FullStory Services may use third-party cookies to aid in payment processing.
  
  If you are a Customer of FullStory, when you signed up for the Services, you entered into an agreement with FullStory to accept FullStory’s terms of use for the Services, which includes the obligations in this Privacy Policy and our Acceptable Use Policy (the “Agreement”). As part of your use of the Services, we collect the same information as that of a Visitor (see above) through your interaction with the Site, and we may ask you for additional information, such as payment information, Usage Data in relation to the Services, and other information we deem relevant for the purpose of providing the Services.
  
  FullStory may use Customers’ Personal Information as agreed to in the Agreement and:
  
  To complete transactions between you and FullStory,
  To send e-mail, chat, or in-app messaging about the Site or respond to inquiries,
  To provide support for the FullStory Services,
  To enhance or improve user experience, the Site, or FullStory Services,
  In a support context, to view details of your account and ensure that it complies with your contractual obligations to us,
  To perform any other function that we believe in good faith is necessary to protect the security or proper functioning of the FullStory website or the FullStory Services,
  We may post your testimonials along with those of other satisfied customers on our Site, in addition to other endorsements.
  The information we collect from Customers is disclosed only in accordance with the Agreement, this Privacy Policy, and the Acceptable Use Policy. FullStory’s terms and conditions prohibit Customers from providing FullStory with sensitive personal data through the Services.
  
  C. Information collected when visiting websites that use FullStory Services
  This section applies to Personal Information FullStory may process relating to Users of a FullStory Customer’s website.
  
  For Users of a FullStory Customer, FullStory is acting as a service provider to the Customer for the FullStory Services. FullStory collects information on a User under the direction of its Customer, and has no direct relationship with the User whose information it processes. It is important to understand that when a User visits other websites that use the FullStory Services, the FullStory Customer’s privacy policy applies to that information collected instead of this Privacy Policy.
  
  FullStory Services use first-party cookies and local storage to maintain a coherent scope for a user session across multiple pages on a single website.
  
  FullStory Services do not and will not ever attempt to identify the same person across disparate, unrelated domains. FullStory takes pains in its engineering choices to differentiate itself from ad-tracking software. It is a violation of our Acceptable Use Policy for our customers to attempt to build multi-site user profiles for the intent of selling or exchanging lists of users or demographic information.
  
  General Information on our use of Personal Information
  We will never sell your data to third parties or otherwise share it with non-agent third parties. If this practice should change in the future we will update this policy to identify those parties and illustrate how individuals can exercise their right to opt out of such usage. However, in the course of business, we may hire third party individuals and organizations to help us make the FullStory Services better. These third parties include our web host provider, SaaS providers such as email hosting services, payment processors, or outside contractors we hire to perform marketing, maintenance, or assist us in securing our website. We may also hire third parties to operate, maintain, repair, or otherwise improve or preserve our website or its underlying files or systems.
  
  FullStory may disclose Personal Information only to those of its employees and third-party organizations that (1) need to know such information in order to process it on FullStory’s behalf or to provide services as described above, and (2) have agreed not to disclose it to any other parties without FullStory’s consent. Some of those employees, contractors and affiliated organizations may be located outside of your home country; by using the Site and/or the Service, you consent to the transfer of information to such individuals and organizations in order to accomplish these purposes.
  
  If you are a registered user of the Service and have supplied your email address, FullStory may occasionally send you an email to tell you about new features, solicit your feedback, or just keep you up to date with what’s going on with FullStory and our products. FullStory will only send you marketing communications, including via email, in compliance with applicable laws and in accordance with your preferences, that we believe may be of interest to you. FullStory takes all measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of Personal Information. To the extent we send you this type of email in compliance with applicable laws and in accordance with your preferences, you can opt-out at any time by either following the opt-out instructions in the email or just replying to tell us you don’t want to receive any additional emails.
  
  In some cases, we may choose to buy or sell assets. In these types of transactions, user information is typically one of the transferred business assets. If we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, User and Visitor information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this Privacy Policy. You will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
  
  Opting out of FullStory Services
  If you wish to prevent all websites using the FullStory Services to be able to record activity, you can opt-out of the FullStory Services. Opting out will create a cookie that tells FullStory to turn off recording on any site which uses the FullStory Services. The presence of this cookie is required to continue opting out. That means if you clear your browser cookies, you will have to opt-out again. Unfortunately, this is the most permanent and least intrusive solution FullStory can offer because of how browser technology works. You may wish to employ a third party browser extension to block scripts like FullStory instead of using our Opt Out cookie, but know that using any third party extension may pose additional risk.
  
  One More thing about FullStory Services
  If you are considering opting-out, it's probably a good time to make sure you really understand that the purpose of the FullStory Services is to help well-intentioned companies make their website better for you. It is emphatically not one of those we-track-you-around-the-web kind of deals. We think that's creepy, too.
  
  Most people who make websites are just like you: nice people who want to do a good job and make something awesome. And you wouldn't believe how much time and energy product teams spend trying to make their websites great for you. Without the FullStory Services, though, they simply do not have enough information to understand when they get it wrong. If they can see how you actually experience their website, like an ongoing usability study, they'll actually know what to improve! They don't need to record anything sensitive in order to do that, and we have a strict Acceptable Use Policy where you can see for yourself the high standards we expect of FullStory customers with respect to your privacy.
  
  Blocking Cookies on the FullStory Services
  If you choose, you can set your browser to reject cookies or you can manually delete individual cookies or all of the cookies on your computer by following your browser’s help file directions. Note that turning off cookies may also disable functions of many websites you visit. If your browser is set to reject cookies or you manually delete cookies, FullStory will not be able to coalesce your anonymous user identity automatically into sessions across pages on the same website.
  
  Release of Your Information for Legal Purposes
  We may access or release Personal Information about you when required to do so in order to comply with any applicable, laws, regulations, subpoenas, or enforceable governmental or public authority requests, including, to meet national security or law enforcement requirements. We may also access or release Personal Information when we have a good faith belief that such access or release is reasonably necessary to (i) enforce applicable terms of service, including investigation of potential violations, (ii) detect, prevent, or otherwise address fraud, security, or technical issues, (iii) respond to user support requests, or (iv) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection, spam/malware prevention, and security forensics.
  
  Your Rights
  You have the following rights with respect to data protection:
  
  The right to access, update, edit, correct, or request deletion of your Personal Information:
  
  For FullStory Customers, you have the right to access Personal Information we hold about you. Whenever you use our site or the FullStory Services, we strive to make sure the Personal Information we hold is accurate. If that information is wrong, we give you ways to update it quickly or to delete it (unless we have to keep that information for legitimate business or legal purposes) .
  
  You can contact us at any time regarding your right to access, update, edit, correct, request deletion of your Personal Information, as well as making changes to your marketing preferences us by emailing us at privacy@fullstory.com. We will consider any requests in accordance with applicable laws and our potential legitimate interests. If we are unable to accommodate your request, we will let you know why we are unable to do so.
  
  If you have consented to our processing of Personal Information, you can always withdraw your consent to such processing. A request to withdraw consent will not affect processing of your Personal Information if such processing is conducted in reliance on a lawful processing ground other than consent.
  
  To the extent you believe processing of your Personal Information infringes on applicable regulations, you have the right to lodge a complaint with a supervisory authority
  
  If you are a User of a Fullstory Customer’s website and you would like to access, updated, edit, correct, or request deletion of your Personal Information, you should direct your inquiry to the FullStory Customer. If you direct your inquiry to us when it should be directed to a FullStory Customer, we will redirect your inquiry to the FullStory Customer.
  
  Security Measures
  We take measures to enhance the security of our site and the FullStory service. These measures include maintaining a robust information security program, instituting security controls within the FullStory Services such as TLS certificates and strong authentication options, and giving our Customers facilities to exercise good security practices. As a FullStory Customer, it is important for you to protect against unauthorized access to your password and to your computer. No security measures are perfect and we cannot promise to be able to withstand security threats in all circumstances.
  
  International Transfers
  FullStory operates in the United States and we store and process data on Google Cloud Platform servers located in the United States. Regardless of your locations, your information will be stored, processed in, or transferred to the United States.
  
  For transfers from the EU or Switzerland to the United States, the following applies:
  
  FullStory complies with both the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework, as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland to the United States. FullStory has certified that it adheres to the Privacy Shield Principles. If there is any conflict between this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles will govern. To learn more about the Privacy Shield program and to view our certification page, please visit www.privacyshield.gov.
  
  Pursuant to the Privacy Shield we are obliged to state that we remain liable for the onward transfer of EU and Swiss personal data to agent third parties unless we can prove we were not a party to the actions giving rise to the damages.
  
  The Privacy Shield Frameworks require us to inform EU and Swiss individuals that we may be required to release their data in response to lawful requests by public authorities including to meet national security or law enforcement requirements.
  
  In compliance with the Privacy Shield Principles, FullStory commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact FullStory at privacy@fullstory.com.
  
  FullStory has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to the BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.bbb.org/EU-privacy-shield/file-a-complaint for more information and to file a complaint. Under certain limited conditions, if your complaint is not resolved through these channels, it may be possible for individuals to invoke binding arbitration before the Privacy Shield Panel to be created by the U.S. Department of Commerce and the European Commission. These options of redress are in no way designed to replace or take precedence over any right you may have to file a complaint with an applicable supervisory authority.
  
  Australia:
  
  FullStory adheres to the Australian Privacy Act 1988, as applicable.
  
  Do Not Track Signal
  We treat the data of everyone who comes to our site in accordance with this Privacy Policy, regardless of their Do Not Track setting.
  
  Children
  Our site is intended for a general audience and we do not knowingly collect personal information from anyone under the age of 13. If you become aware that a child has provided us with personal information, please contact us at privacy@fullstory.com and we will take steps to delete such information.
  
  Changes
  We may amend this Privacy Policy from time to time. When there are changes to this Privacy Policy, we will update this page. When there are significant changes to this Privacy Policy, we will also endeavor to notify FullStory Customers via email. The date on the bottom will always indicate when we last made changes. If you are a Visitor to this site and disagree with this Privacy Policy, you should leave the site and/or cancel your agreement with FullStory.
  
  What if I Have Questions or Concerns
  If you have any questions or concerns regarding privacy when using FullStory, please send a detailed message to privacy@fullstory.com or via postal mail at:
  
  FullStory
  Attn: Privacy
  1745 Peachtree St NE
  Suite G
  Atlanta, GA 30309
  
  We will make every effort to address your concerns.
  
  California Privacy
  FullStory may disclose your Personal Information to commercial providers for a business purpose, which includes verifying your identity when making a payment or registering access to your accounts. When we disclose Personal Information for these reasons, we enter into a contract that describes the purpose and requires the recipient to both keep that Personal Information confidential and not use it for any purpose except for the purposes set forth in the contract.
  
  In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for one or more business purposes:
  
  Identifiers;
  California Customer Records Personal Information categories;
  Internet or other network activity information.
  Professional or employment-related information
  We disclose your Personal Information for a business purpose to the following categories of third parties:
  Service providers and other third parties we use to support our business, including without limitation those performing core services (such as billing, credit card processing, customer support services, customer relationship management, accounting, auditing, surveys, advertising and marketing, analytics, email and mailing services, data storage, and security) related to the operation of our business and/or the Services, and making certain functionalities available to our users;
  Third parties to whom you or your agents authorize us to disclose your personal information in connection with the services we provide to you.
  We may disclose your Personal Information for legal reasons as described earlier in this policy.
  
  We attempt to notify Users about legal demands for their personal data when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
  
  We may disclose your Personal Information in the event of a business transfer. If we establish a new related entity, are acquired by or merged with another organization, or if substantially all of our assets are transferred to another organization, Personal Information about our users is often a transferred business asset. In the event that FullStory itself or substantially all of our assets are acquired, Personal Information about our users may be one of the transferred assets.
  
  Sale of Personal Information
  In the preceding twelve (12) months, we have not sold any Personal Information.
  
  Your Privacy Choices
  You may have certain rights relating to your Personal Information, subject to local data protection law. Whenever you choose to be a guest or visitor at one of our managed properties, we aim to provide you with choices about how we use your Personal Information. Subject to applicable law, you may obtain a copy of Personal Information we maintain about you. In addition, if you believe that Personal Information we maintain about you is inaccurate, subject to applicable law, you may have the right to request that we correct or amend the information by contacting us as indicated in the “How to Contact Us” section below. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to the information.
  
  Privacy Rights Specific to California Residents
  Under the California Consumer Privacy Act, California residents have specific rights regarding their personal information. This section describes Californians’ rights and explains how California residents can exercise those rights.
  
  Below we further outline specific rights which California residents may have under the California Consumer Privacy Act.
  
  Right to Access Your Data. You have the right to request that we disclose certain information to you about our collection, use and disclosure of your Personal Information over the past twelve (12) months. Any disclosures we provide will only cover the 12-month period preceding the receipt of your request. The response we provide will also explain the reasons we cannot comply with a request, if applicable.
  Right to Data Portability. You have the right to a “portable” copy of your Personal Information that you have submitted to us. Generally, this means you have a right to request that we move, copy or transmit your Personal Information stored on our servers or information technology environment to another service provider’s servers or information technology environment.
  Right to Delete Your Data. You have the right to request that we delete any of your Personal Information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your Personal Information from our records, unless an exception applies.
  Right to Non-Discrimination for the Exercise of Your Privacy Rights. You have the right not to receive discriminatory treatment by us for exercising your privacy rights conferred by the California Consumer Privacy Act.
  Exercising Your Rights
  If you are a California resident who chooses to exercise your rights, you can:
  
  Submit a request via email to privacy@fullstory.com or
  Call 1-833-385-5786 to submit your request.
  You may also designate an agent to exercise your privacy rights on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government issued identification.
  
  Our Response to Your Request
  Upon receiving your request, we will confirm receipt of your request by [sending you an email/confirming receipt via our online portal/sending a message to your online account]. To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the information. In some instances, such as a request to delete personal information, we may first separately confirm that you would like for us to in fact delete your personal information before acting on your request.
  
  We will respond to your request within forty-five (45) days. If we require more time, we will inform you of the reason and extension period in writing. If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
  
  In some cases our ability to uphold these rights for you may depend upon our obligations to process Personal Information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, listed below, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request. We may deny your deletion request if retaining the information is necessary for us or our service providers to:
  
  Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you;
  Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
  Debug products to identify and repair errors that impair existing intended functionality;
  Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
  Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.);
  Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
  Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us;
  Comply with a legal obligation; or
  Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
  Effective Date
  This Privacy Policy became effective on: December 20, 2019.

Targeting & Advertising

This Website uses Trackers to deliver personalized marketing content based on User behavior and to operate, serve and track ads.

• Advertising

  This type of service allows User Data to be utilized for advertising communication purposes. These communications are displayed in the form of banners and other advertisements on this Website, possibly based on User interests.
  This does not mean that all Personal Data are used for this purpose. Information and conditions of use are shown below.
  Some of the services listed below may use Trackers to identify Users or they may use the behavioral retargeting technique, i.e. displaying ads tailored to the User’s interests and behavior, including those detected outside this Website. For more information, please check the privacy policies of the relevant services.
  In addition to any opt-out feature offered by any of the services below, Users may opt out by visiting the Network Advertising Initiative opt-out page.

  Users may also opt-out of certain advertising features through applicable device settings, such as the device advertising settings for mobile phones or ads settings in general.

  Facebook Audience Network (Facebook Ireland Ltd)

  Facebook Audience Network is an advertising service provided by Facebook Ireland Ltd In order to understand Facebook's use of Data, consult Facebook's data policy.

  This Website may use identifiers for mobile devices (including Android Advertising ID or Advertising Identifier for iOS, respectively) and technologies similar to cookies to run the Facebook Audience Network service. One of the ways Audience Network shows ads is by using the User's ad preferences. The User can control this in the Facebook ad settings.

  Users may opt-out of certain Audience Network targeting through applicable device settings, such as the device advertising settings for mobile phones or by following the instructions in other Audience Network related sections of this privacy policy, if available.

  Personal Data processed: Cookies, unique device identifiers for advertising (Google Advertiser ID or IDFA, for example) and Usage Data.

  Place of processing: Ireland – Privacy Policy – Opt Out. Privacy Shield participant.

• Remarketing and behavioral targeting

  This type of service allows this Website and its partners to inform, optimize and serve advertising based on past use of this Website by the User.
  This activity is facilitated by tracking Usage Data and by using Trackers to collect information which is then transferred to the partners that manage the remarketing and behavioral targeting activity.
  Some services offer a remarketing option based on email address lists.
  In addition to any opt-out feature provided by any of the services below, Users may opt out by visiting the Network Advertising Initiative opt-out page.

  Users may also opt-out of certain advertising features through applicable device settings, such as the device advertising settings for mobile phones or ads settings in general.

  Facebook Remarketing (Facebook Ireland Ltd)

  Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook Ireland Ltd that connects the activity of this Website with the Facebook advertising network.

  Personal Data processed: Cookies and Usage Data.

  Place of processing: Ireland – Privacy Policy – Opt Out. Privacy Shield participant.

• User database management

  This type of service allows the Owner to build user profiles by starting from an email address, a personal name, or other information that the User provides to this Website, as well as to track User activities through analytics features. This Personal Data may also be matched with publicly available information about the User (such as social networks' profiles) and used to build private profiles that the Owner can display and use for improving this Website.
  Some of these services may also enable the sending of timed messages to the User, such as emails based on specific actions performed on this Website.

  Intercom (Intercom R&D Unlimited Company)

  Intercom is a User database management service provided by Intercom R&D Unlimited Company.
  Intercom can also be used as a medium for communications, either through email, or through messages within this Website. Intercom Messenger may use Cookies and similar technologies to recognize and track Users behaviour.

  Personal Data processed: Cookies, Data communicated while using the service, email address, Universally unique identifier (UUID), Usage Data and various types of Data as specified in the privacy policy of the service.

  Place of processing: Ireland – Privacy Policy.

How to manage preferences and provide or withdraw consent

There are various ways to manage Tracker related preferences and to provide and withdraw consent, where relevant:

Users can manage preferences related to Trackers from directly within their own device settings, for example, by preventing the use or storage of Trackers.

Additionally, whenever the use of Trackers is based on consent, Users can provide or withdraw such consent by setting their preferences within the cookie notice or by updating such preferences accordingly via the relevant consent-preferences widget, if available.

It is also possible, via relevant browser or device features, to delete previously stored Trackers, including those used to remember the User’s initial consent.

Other Trackers in the browser’s local memory may be cleared by deleting the browsing history.

With regard to any third-party Trackers, Users can manage their preferences and withdraw their consent via the related opt-out link (where provided), by using the means indicated in the third party's privacy policy, or by contacting the third party.

Locating Tracker Settings

Users can, for example, find information about how to manage Cookies in the most commonly used browsers at the following addresses:

• Google Chrome
• Mozilla Firefox
• Apple Safari
• Microsoft Internet Explorer
• Microsoft Edge
• Brave
• Opera

Users may also manage certain categories of Trackers used on mobile apps by opting out through relevant device settings, such as the device advertising settings for mobile devices, or tracking settings in general (Users may open the device settings, view and look for the relevant setting).

Advertising industry specific opt-outs

Notwithstanding the above, Users may follow the instructions provided by YourOnlineChoices (EU), the Network Advertising Initiative (US) and the Digital Advertising Alliance (US), DAAC (Canada), DDAI (Japan) or other similar services. Such initiatives allow Users to select their tracking preferences for most of the advertising tools. The Owner thus recommends that Users make use of these resources in addition to the information provided in this document.

The Digital Advertising Alliance offers an application called AppChoices that helps Users to control interest-based advertising on mobile apps.

Owner and Data Controller

Courate AB
559251-7006
c/o Henrietta Fromholtz
Skeppargatan 29A
114 52 STOCKHOLM, Sweden

Owner contact email: contact@offscript.io

Since the use of third-party Trackers through this Website cannot be fully controlled by the Owner, any specific references to third-party Trackers are to be considered indicative. In order to obtain complete information, Users are kindly requested to consult the privacy policies of the respective third-party services listed in this document.

Given the objective complexity surrounding tracking technologies, Users are encouraged to contact the Owner should they wish to receive any further information on the use of such technologies by this Website.