Last updated: 11th Dec 2021 | Effective from: 11th Dec 2021
INTRODUCTION:
This privacy notice (“Privacy Notice” or “Notice”) describes how BellMe.io and its affiliate (“BellMe”, “we”, or “us”) collect, use, and disclose your Personal Data. Throughout this document, we will use a few definitions to describe various products, roles and relevant terms:
• “Website” means all of the text, data, information, software, graphics, photographs and more that we and our affiliates may make available to you, plus our websites (including the BellMe.io Help Center) and any services, extensions, plug-ins, software, or applications (including BellMe.io Click, BellMe.io for Chrome, BellMe.io for Firefox, and any BellMe.io applications) that we may provide to you
• “Users” are the people who have created a BellMe.io account
• “Invitees” are people who have scheduled a meeting with a User but may or may not have registered with BellMe. Invitees also include candidates in the context of the Prelude service.
• “Viewer” is a person who visits the Website but may or may not be a User or Invitee.
• “Personal Data” is any data relating to an identified or identifiable natural person that is processed by BellMe.io as described in this Privacy Notice when such information is protected as “personal data” or “personal information” or a similar term under applicable data protection laws.
Applicability.
This Privacy Notice applies to Personal Data BellMe.io collects when you visit or use our Website as described in the “Information We Collect” section of this Privacy Notice below. BellMe.io is the controller of that Personal Data. This Privacy Notice does not apply to Personal Data within Customer Data (as that term is defined in your agreement with BellMe), such as information a User collects about an Invitee when an Invitee books a meeting or interview using our services. We process Personal Data within Customer Data on our customers’ behalf as a processor or service provider. If you are an Invitee and have questions about how your data is processed by our customers or wish to exercise your rights with respect to that data, you must reach out to the User who collected your information. If you contact us about Personal Data within Customer Data and are able to identify the company or User with whom you have interacted, we will promptly notify the relevant customer who collected your data of your inquiry.
Information We Collect.
We collect information about you directly from you and automatically through your use of our Website. To help you protect yourself and your information, we encourage you to provide and collect only that information that is necessary for using our Website or app. For example, to schedule a meeting, the only information that is necessary is names, email addresses, date, and time. Please note that if you choose not to share certain Personal Data with us, or refuse certain contact permissions, we might not be able to provide certain parts of the Services.
BellMe.io is not directed to children under thirteen (13) years of age, and we do not knowingly collect personal Data from children under 13. If we discover that a child under 13 has provided us with Personal Data, we will promptly delete such Personal Data from our systems. For educational service providers and schools, please see our
FERPA and COPPA Privacy Policy and Notice.
Information You Provide.
BellMe.io collects the following information, either directly from Users, Invitees, or Viewers, or through third parties regarding Users, Invitees, or Viewers.
• Appointment Information. A User may voluntarily give us certain information when scheduling and setting up appointments. This can include name, email address, phone number; email addresses of other people and/or Invitees; the subject of the meeting; and any other information a User provides or collects upon scheduling, pursuant to the BellMe.io Terms of Use or an executed agreement with BellMe. BellMe.io processes the information an Invitee provides to a User when scheduling with the User on the User’s behalf as a processor or service provider.
• Calendar Availability. A User may connect their calendar with BellMe. In most instances, our calendar integration only uses and displays the duration and free/busy status of the events in your calendar so that we don’t book you when you’re busy. A few of our features also use and display the meeting titles in your calendar (these are currently our one-off meeting feature, or if you are booking with another BellMe.io user). In all cases, however, no details about the appointments in your connected calendar are stored in BellMe, such as who you are meeting with, their email address, or the meeting title. Although connecting your BellMe.io to our services makes the scheduling process much more efficient, you are not required to connect your calendar to use our services. More information about access the BellMe.io app and extensions have to your connected calendar is available here. BellMe.io processes the calendar information on the User’s behalf as a processor or service provider. (For Prelude service Users only, the Prelude service works a bit differently. BellMe.io will have access to the duration, free/busy status of the events in your calendar, attendees, start time, and the title of these events. We need this information in order to understand which events are movable on a User’s calendar so interviews may be scheduled more seamlessly.)
• Information Received from Third Parties. If you choose to connect your account to your account with a third-party service, we may receive or be granted access to information from such third-party service, including Personal Information. For example, if you use the Prelude service and enable applicant tracking systems integrations for the recruiting use case within Prelude, your ATS may send to Prelude certain Personal Information as determined by you. You can stop sharing your information from a third-party service with us by removing our access to that service. BellMe.io processes that information on the User’s behalf as a processor or service provider.
• Account and Billing Information. Users provide BellMe.io with certain information, including name, email address, username, and password, when you set up your account. If you purchase a premium version of BellMe, our third party payment processors will collect and store your billing address and credit card information. We store the last four digits of your credit card number, card type, and the expiration date. (For Prelude service Users only, the payment and billing information will be processed as established in the services agreement between BellMe.io and your organization.)
• Chatbot Data. If you engage with our virtual chatbot, we will collect the information you provide during the chat, including transcripts of your conversation with the chatbot.
• Marketing Information. Users, Invitees, or Viewers interested in BellMe’s services may contact us through forms made available on the Website and voluntarily give information such as name, work email, phone number, company, and role. Users, Invitees, or Viewers interested in our newsletter may also submit their name and email addresses to join our mailing list. We also receive other similar information provided by you if you participate in an event hosted by BellMe.io or its partners (such as webinars) and in your interactions with our social media accounts.
Information Collected Automatically From You.
We and our authorized third parties use Cookies, pixels, web beacons, and other technologies to receive and store certain types of information when you interact with us through your computer or mobile device (subject to your consent, opt-out preferences or other appropriate legal basis where legally required). Using these technologies helps us customize your experience with our Website, improve your experience, tailor marketing messages, and help us detect and prevent fraud and security risks. Here is more specific information about the types of information we collect:
• Log & Device Data. When you use BellMe, we and our authorized third parties may automatically record certain information (“log data”), including information that your browser sends whenever you visit our Website. This log data may include the web address you came from or are going to, your device model, operating system, browser type, unique device identifier, IP address, mobile network carrier, and time zone or approximate location. Whether we collect some or all of this information often depends on what type of device you’re using and its settings. For example, different types of information are available depending on whether you’re using a Mac or PC, or an iPhone or an Android phone. To learn more about what information your device makes available to us, please check the policies of your device manufacturer or software provider.
• Cookie Data. Depending on how you’re accessing our services and subject to your consent, opt-out preferences, or other appropriate legal basis where legally required, we and our authorized third parties may use “Cookies” (a small text file sent by your computer each time you visit our Website, unique to your BellMe.io account or your browser) or similar technologies to record log data. When we use Cookies, we may use ‘session’ Cookies (that last until you close your browser) or ‘persistent’ Cookies (that last until you or your browser deletes them). For example, we may use Cookies to keep you logged into BellMe. Some of the Cookies we use are associated with your BellMe.io account (including Personal Data about you, such as the email address you gave us), and other Cookies are not. BellMe.io provides a centralized cookie management service across the entire BellMe.io application. You can find the link to manage your cookie preferences at the bottom of the BellMe.io homepage under “Support” or under “Account Settings” within your BellMe.io Website account. (For Prelude service Invitees only, you can opt out through the “Cookie Preferences” link made available to you on the booking page you receive from a Prelude User.)
• Usage Data. When you use our scheduling platform either as a User or an Invitee, we and our authorized third parties collect certain information about how you use the platform. For example, we collect information on the meeting types our Users use most often, and how many meetings are scheduled each day. We aggregate this information and use it to help us monitor and improve the Services, such as to determine which features are most popular amongst our Users, and which features could be added or improved.
• Third-Party Tools. We may disclose information to third parties or allow third parties to directly collect information using these technologies on our Website, such as social media companies, advertising networks, companies that provide analytics including ad tracking and reporting, security providers, and others that help us operate our business and Website. We use such third-party tools subject to your consent, opt-out preferences, or other appropriate legal basis where legally required. For example, we use third-party Service Providers such as Google Analytics to provide certain analytics and Viewer interactions services to BellMe.io in connection with our operation of our Website, including the collection and tracking of certain data and information regarding the characteristics and activities of visitors to BellMe. You may opt-out of relevant cookies using opt-out features on their respective websites. To learn how Google Analytics collects and processes data, please visit: “How Google uses data when you use our partners’ sites or apps” located at www.google.com/policies/privacy/partners. We also use session replay tools provided by a third party to record your interactions with our Website, such as how you move throughout our Website and engage with our webforms. In addition to analytics, this information helps us improve our Website, our marketing activities, and identify and fix technical issues visitors may be having with our Website. Where available, you may opt-out of relevant cookies and other tracking technologies using opt-out features on their respective websites.
Certain third-party tools may not be opted out of and are essential to our service. For example, BellMe.io has implemented Google reCAPTCHA Enterprise to help prevent spam and abuse. reCAPTCHA Enterprise collects hardware and software information, such as device and application data, and sends it to Google for purposes of providing, maintaining, and improving reCAPTCHA Enterprise and for general security purposes. This information is not used by Google for personalized advertising. Your use of reCAPTCHA Enterprise is subject to Google’s Privacy Policy and Terms of Use.
How We Use Your Information.
We may use information that we collect about you, including Personal Data, to:
• Provide the BellMe.io Website Service. We will use your information to provide our Website to you, including to facilitate scheduling; create and manage your account; respond to your inquiries; prevent or address service errors, security, or technical issues; analyze and monitor usage; prevent spam, fraud and abuse on the Website; and for other customer service and support purposes. We use the payment information you provide to us in order to alert you of past, current, and upcoming charges, to allow us to present the billing history to you on your billing page on the Website, and to perform internal financial processes, such as looking at the status of a credit card charge. In the event of a credit card dispute, we also share account information with your bank to verify the legitimacy of a charge. For EU / UK purposes, our legal bases for processing are performance of a contract and legitimate interests.
• Understand and improve our products. We will perform research and analysis about your use of, or interest in, our products, services, or content, or products, services or content offered by others. We do this to help make our products better and to develop new products. For EU /UK purposes, our legal basis for processing is legitimate interests.
• Communicate with you.
Service-related communications. We may send you service and administrative emails to ensure the service is working properly. We will also email you regarding your calendar appointments. These messages are considered part of the service and you may not opt out of these messages. For EU/UK purposes, our legal basis for processing is performance of a contract.
Promotional. Subject to your opt-out preference and subscription, we may send you emails about new product features or other news about BellMe.io or on topics we think would be relevant to you. You may opt out of receiving these communications at any time. Visit the ‘Your Rights and Choices’ section below. For BellMe.io Invitees, please be assured that we do not use the email addresses that you enter to schedule a meeting with a BellMe.io User to send any type of direct marketing. However, you may receive marketing communications if you have used the same email address to sign up for them previously or to manage your account as a BellMe.io User. For EU/UK purposes, our legal basis for processing is consent.
Responding to your requests. We will also use your information to respond to your questions or comments. For EU/UK purposes, our legal bases for processing are performance of a contract, legitimate interests and/or compliance with a legal obligation.
Administrative. We may contact you to inform you about changes in your services, our service offering and other important service-related notices, such as changes to the Notice or about security or fraud notices. For EU/UK purposes, our legal bases for processing are performance of a contract, legitimate interests, and/or compliance with a legal obligation.
• Protecting Rights and Interests. We will use your information to protect our rights and interests as well as the rights and interests of our Users and any other person, as well as to enforce this Notice or our Terms of Use. For EU/UK purposes, our legal basis for processing is legitimate interests.
• Legal Compliance. We may use your information to comply with applicable legal or regulatory obligations, including complying with requests from law enforcement or other governmental authorities, or in legal proceedings involving BellMe. For EU/UK purposes, our legal basis for processing is compliance with a legal obligation.
• Other. We also may use your information to manage our business or perform functions as otherwise described to you at the time of collection subject to your consent where legally required.
With Whom We May Share Your Information.
We may share information we collect about you, including Personal Data, in the following ways:
• With third-party Service Providers, agents, contractors, or government entities. We use other companies, agents, or contractors (“Service Providers”) to perform services on our behalf or to assist us with providing services and communicating with you. We may engage Service Providers to process credit card transactions or other payment methods. We may also engage Service Providers to provide services such as monitoring and developing BellMe.io services; aiding in communications, infrastructure, and IT services; customer service; debt collection; analyzing and enhancing data. These Service Providers may have access to your Personal Data or other information to provide these functions. In addition, some of the above-listed types of information that we request may be collected by third-party Service Providers on our behalf. Microsoft is one of BellMe’s Service Providers. You may review Microsoft’s Privacy statement here.
We may share information with Service Providers and government entities for legal, security, and safety purposes. This includes sharing information to enforce policies or contracts, address security breaches, and assist in the investigation of fraud, security issues, or other concerns.
We require Service Providers to agree to take reasonable steps to keep the Personal Data that we provide to them secure. We do not authorize them to use or disclose your Personal Data except in connection with providing their services. You may find the list of BellMe’s Service Providers who are also platform subprocessors here.
• Affiliates. We may disclose information to current or future affiliates or subsidiaries for purposes consistent with this Privacy Notice.
• Government entities. We may share your data if we believe that disclosure is reasonably necessary to comply with a law, regulation, legal, or governmental request; to respond to a subpoena, court order, warrant, or other legal process; to enforce applicable Terms of Use or this Notice, including investigation of potential violations thereof; to protect the safety, rights, or property of the public, any person, or BellMe; to detect, prevent, or otherwise address, security or technical issues, illegal, or suspected illegal activities (including fraud); or as evidence in litigation in which we are involved, as part of a judicial or regulatory proceeding. In this process, BellMe.io is committed to maintaining individuals’ privacy, and all such disclosures are carefully reviewed to ensure their legitimacy, and if disclosure is required, that only the necessary information is provided or that the request is challenged accordingly. Unless prohibited by law, BellMe.io will inform you of a government request it has received.
• Authorized Agents. If you are using BellMe.io as a paid member of an organization or using your organization’s email domain (thereby representing yourself as a member of the organization), we may share your email address, plan information, and data within your account with an authorized agent of your company upon your company’s request for them to administer the account for the company.
• Reorganization Event. We may, as a result of a sale, merger, consolidation, change in control, transfer of assets, reorganization, or liquidation of our company (a "Reorganization Event"), transfer or assign your Personal Data to parties involved in the Reorganization Event. You acknowledge that such transfers may occur and are permitted by and subject to this Privacy Notice.
Security and Storage of Information.
Given the nature of communications and information processing technology, there is no guarantee that Personal Data will be absolutely safe from access, alteration, or destruction by a breach of any of our physical, technical, and managerial safeguards. However, BellMe.io takes the security of your Personal Data very seriously. We work hard to protect the Personal Data that you provide from loss, misuse, unauthorized access, or disclosure and we have taken reasonable steps to help protect the Personal Data we collect. We have obtained industry recognized certifications and audits such as the ISO/IEC 27001, which affirm our commitment to our security program (certification not applicable to the Prelude service). More information on BellMe.io security and storage practices is available here.
You should also take steps to protect against unauthorized access to your device and account by, among other things, choosing a unique and complex password that nobody else knows or can easily guess and keeping your log-in and password private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
We retain the Personal Data we collect for so long as is reasonably necessary to fulfill the purposes for which the data was collected, to perform our contractual and legal obligations (including any exemptions or exceptions contemplated by law), and for any applicable statute of limitations periods for the purposes of bringing and defending claims.
Users Outside the USA.
Our application and database servers are located here in the United States.
If you are an individual located in the European Economic Area, the United Kingdom, Canada or another jurisdiction outside of the United States with laws and regulations governing Personal Data collection, use, and disclosure that differ from United States laws, please be aware that information we collect (including through the use of methods such as Cookies and other web technologies) will be processed and stored in the United States or in other countries where we or our third-party Service Providers have operations. By submitting your Personal Data to BellMe.io and using BellMe, you expressly consent to have your Personal Data transferred to, processed, and stored in the United States or another jurisdiction which may not offer the same level of privacy protection as those in the country where you reside or are a citizen. (For a list of applicable jurisdictions, you may check our subprocessors list.)
In connection with the operation of its Website, BellMe.io may transfer your Personal Data to various locations, which may include locations both inside and outside of the European Economic Area. We rely on Standard Contractual Clauses and the UK Addendum to legally transfer Personal Data submitted relating to individuals in the European Economic Area, the United Kingdom and Switzerland.
BellMe.io has designated representatives in the European Economic Area and in the United Kingdom in accordance with the applicable requirements in the GDPR and UK GDPR. If you are located in these jurisdictions, you can contact our representatives at any time with any questions you may have about data protection. Their contact details are found in the “Contacting Us” section below.
Sharing with Third Parties:
We may share your information (including Personal Information) with select third parties including:
Business partners, suppliers and sub-contractors ("Affiliates"). Affiliates may use this information to help provide, understand, and improve the Service and Affiliates’ own services for the performance of any contract we enter into with you.
Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that any given number of women in a specified age group clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target.
Government bodies or law enforcement agencies, if we have good-faith belief that it is reasonably necessary to share your personal data or information in order to comply with any legal obligation or any government request; or to protect the rights or prevent any harm to the property, or safety of the Company, our customers, or public; or to detect, prevent or otherwise address public safety, fraud, security or technical issues.
We may also disclose your information (including Personal Information) to select third parties in the following
circumstances:
If the Company or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets. If we are involved in a merger, acquisition, bankruptcy, reorganization or sale of assets such that your information would be transferred or become subject to a different Privacy Policy, we will notify you in advance so you can opt out of any such new policy by deleting your account before transfer.
In order to enforce or apply our Terms and/or any other agreements.
Security Practices:
We have in place appropriate technical and security measures to secure the information collected by us. Where we have given you (or where you have chosen) a username and password which enables you to access the Platform, you are responsible for keeping these details confidential. We ask you not to share your password with anyone.
Changes To this policy:
The Company may periodically update this Privacy Policy. Whenever we make any changes to this Privacy Policy that are important for you to know about, we will post the updated Privacy Policy at this link. It is your responsibility to keep checking this page from time to time in order to be aware of any changes made to this Privacy Policy.
Disclaimer:
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Information, we cannot guarantee the security of your data transmitted to the Platform; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Your Rights:
You are free to remove or delete content from your user account/profile and your account/ profile at any point in time. However, the history of your activities and account on our Platform remains available to us. You may correct, amend, add or delete Personal Information from your account at any time by logging in and visiting your profile page. As noted above, you may opt out from unwanted e-mail communications from us by following the instructions in the message. However, until your account is deleted you will continue to receive all system e-mails. Under Section 5(6) of the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 ("Rules"), you have a right to ask us to review, correct and amend the information we collect about you at any point in time. Under Section 5(7) of the Rules, you also have the right to revoke your consent to the collection of your information going forward. However, please note that revoking your consent may negatively affect your use of the Platform. For instance, we need access to your mobile device’s media folder and camera so that you can click pictures from your mobile device and post them on the Platform, which functionality will not be available to you if you do not provide us such access. You may also ask us not to process your personal data for marketing purposes. You can exercise any of these rights at any time by contacting us at connect@bellme.io. However, we require a reasonable period of 30 (thirty) days to comply with any of your requests.
Data Retention:
We do not retain your Sensitive Personal Information (defined below in this paragraph) for longer than is required for the purposes for which the information may be lawfully used. For any other content, we will entertain your request for deletion, however, there is a strong possibility that copies of any public content will be retained indefinitely in our systems, including in cached and archived pages of the Platform, or if other users have copied or saved that information. In addition, due to the nature of the internet, copies of your content, including content that you have removed or deleted from your account, may also exist elsewhere on the Internet and be retained indefinitely. "Sensitive Personal Information" shall mean passwords and any other information that is classified as sensitive under Section 3 of the Rules.
Third Party Links:
The Platform may, from time to time, contain links to and from the websites of our partner networks, advertisers, Affiliates and/or any other websites or mobile applications. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites or mobile applications.
Communications from us:
We may from time to time send you service-related announcements when we consider it necessary to do so (such as when we temporarily suspend the Platform for maintenance, or security, privacy, or administrative-related communications). We send these to you via SMS. You may not opt-out of these service-related announcements, which are not promotional in nature and used solely to protect your account and keep you informed of important changes to the Platform.
Note - For all user related grievances, kindly contact us at connect@bellme.io