Privacy policy

PURPOSE OF DATA COLLECTION

Generally, we collect personal data for customer service-related purposes (such as providing our products and services and responding to customer requests or inquiries), as well as to understand how customers use our services. For more information about how we use personal data, see our Privacy Policy at ortto.com/privacy/

Privacy Shield Policy

Effective date: 24 July 2020

Update:A decision of the Court of Justice of the European Union on 16 July 2020 declared the EU-US Privacy Shield Framework (“Privacy Shield”) to be invalid as a mechanism for transferring personal data from the European Union to the United States. Following this decision, Ortto Inc. (“Ortto”, “we”, or “us”) continues to comply with the Privacy Shield as set out below.

Ortto relies on Standard Contractual Clauses (SCCs) for transfers of personal data from the European Union to the United States, which the Court of Justice of the European Union held to be a valid transfer mechanism, subject to the transferor determining that the level of protection afforded in the context of the transfer is essentially equivalent to the level of protection in the EU.

Ortto complies with the EU-US and Swiss-US Privacy Shield Frameworks as set forth by the US Department of Commerce regarding the transfer of personal data from the EU and Switzerland to the US. For purposes of this Privacy Shield Notice, “Personal Data” is information that identifies, directly or indirectly, a customer or consumer in the EU or Switzerland. Ortto has self-certified to the US Department of Commerce and declared its commitment to adhere to the Privacy Shield Principles of Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement, and Liability (the “Principles”). You can learn more about Privacy Shield at https://www.privacyshield.gov and see our Privacy Shield self-certification at https://www.privacyshield.gov/list. Ortto’s self-certification to the Privacy Shield is subject to the investigatory and enforcement authority of the Federal Trade Commission.

Personal Data We Process

From customers (i.e., users of www.Ortto.com and subscribers to Ortto software and services), we collect the categories of information, which may include Personal Data, described in our privacy policy https://ortto.com/privacy/. We process such information for the purposes described in the “How do we process your Personal Data” section of our Privacy Policy. From consumers (i.e., users of a website developed and operated by an Ortto customer), we may collect information such as name, contact information, IP address, purchase information, and transaction data.

Accessing Personal Data

The Privacy Shield Principles provide individuals located in the EU and Switzerland whose Personal Data we process the right to access their Personal Data and to review, correct, amend, or delete their Personal Data. Customers who would like to access their Personal Data may do so by logging into the Ortto user interface or emailing us at privacy@ortto.com. Consumers who would like to access their Personal Data should request access from the Ortto customer whose website they use.

Transfers to Third Parties and Your Choices

We may disclose and transfer customer and consumer Personal Data to third parties, including to our contractors or service providers who provide services or perform functions on our behalf, in response to a subpoena or other legal process by a governmental entity or third party, or if otherwise required by law, to protect or enforce our rights or property, including as evidence in litigation in which we are involved, in the event of the sale or dissolution (bankruptcy) of assets, in whole or in part, of Ortto or any of its affiliates, and to our affiliates and subsidiaries, for purposes consistent with our Privacy Policy. We contractually require those third parties to provide the same level of protections to Personal Data as required under the Principles. Ortto will remain liable under the Principles if a third party processes Personal Data in a manner inconsistent with the Principles, unless Ortto proves that it is not responsible for the event giving rise to the damage. In accordance with our legal obligations, we may also transfer, subject to a lawful request, Personal Data to public authorities for law enforcement or national security purposes. Please note that the information we collect or receive may be transferred to and processed in the United States and in Australia. By using our Site and Services, you consent to the transfer and processing of your Personal Information in the United States and Australia, jurisdictions which may not provide the same level of protection that exists in other countries such as those in the European Economic Area. Your consent is voluntary. If, however, you do not consent, we will not be able to provide you with our Services.You have the right to choose (opt out) whether your personal data is (i) to be disclosed to a third party or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by you. If you wish to opt out, please email us at privacy@ortto.com Applicable law allows certain exceptions to your ability to opt out, such as where we are parties to a contract that is still being performed, where law requires us to maintain information to warranty claims, or otherwise. Where applicable law permits us to retain and continue to use such information and we do so, we will do so only to the extent permitted or required by law. If you contact us to opt out, we will explain the options available and comply with your request as required by the Principles and applicable law.

Contacting Us, Complaints and Dispute Resolution

In compliance with the Privacy Shield Principles, Ortto, Inc. commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Ortto, Inc. at:

Ortto, Inc.
1390 Market Street, Suite 200
San Francisco, CA 94102
privacy@ortto.com

Ortto, Inc. has further committed to refer unresolved Privacy Shield complaints to ICDR/AAA Privacy Shield Program, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit ICDR/AAA Privacy Shield Program for more information or to file a complaint. The services of ICDR/AAA Privacy Shield Program are provided at no cost to you. If you are an EU or Swiss individual and unable to resolve any complaints through any of the above methods, you may be able to invoke binding arbitration through a Privacy Shield panel, in accordance with the Privacy Shield Framework at http://go.adr.org/privacyshieldfiling.html.