Our commitments to employees are governed by our internal employment policies.
In all instances, we are committed to transparency with our customers, employees and protecting your data privacy.
Referral Rock Inc.
950 N Washingston, Suite 404
Alexandria, VA 22314
Last Edited on 2020-02-24
What “personal information” do we collect from the people that visit our blog, newsletter, website or app?
We collect and process payment information from you when you subscribe to the Subscription Service, including credit cards numbers and billing information, using third party PCI-compliant service providers. Except for this, we do not collect Sensitive Information from you.
Information About Children
The Websites are not intended for or targeted at children under 16, and we do not knowingly or intentionally collect information about children under 16. If you believe that we have collected information about a child under 16, please contact us at email@example.com, so that we may delete the information.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under 13.
What “navigational information” do we collect from the people that visit our blog, newsletter, website or app?
This refers to information about your computer and your visits such as your IP address, geographical location, browser type, referral source, length of visit, pages viewed, emails opened, or other computer/visit based information.
Do we use ‘cookies’?
- Understand and save user’s preferences for future visits.
- Personalize and improve your online experience.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies.
If users disable cookies in their browser:
If you disable cookies off, some features will be disabled. It will turn off some of the features that make your site experience more efficient and some of our services will not function properly including tracking of referrals and access to some administration features.
Third party links
We do not include or offer third party products or services on our website.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users (https://support.google.com/adwordspolicy/answer/1316548?hl=en).
We use Google AdSense Advertising on our website.
We have implemented the following:
- Remarketing with Google AdSense
- Google Display Network Impression Reporting
- Demographics and Interests Reporting
We along with third-party vendors, such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions, and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising initiative opt out page or permanently using the Google Analytics Opt Out Browser add on.
How does our site handle do not track signals?
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
How We Use Information We Collect
We Never Sell Personal Information
We will never sell your Personal Information to any third party.
How do we use your personal information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To personalize user’s experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To quickly process your transactions.
- To send periodic emails regarding your order or other products and services related to the Subscription Service or that you have opted in to receive.
- Provide other companies with statistical information about our users — but this information will not be used to identify any individual user.
- To meet legal requirements including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms.
- To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements.
- To provide, support and improve the Subscription Services. This may include sharing your or your Contacts’ information with third parties in order to provide and support our Subscriptions Services or to make certain features available to you (for example, we use Tango Card to process and distribute Gift Cards).
Use of Navigational Information
We use Navigational Information to operate and improve the Websites, Newsletters, and the Subscription Service. We may also use Navigational Information alone or in combination with Personal Information to provide you with personalized information about Referral Rock.
How do we use the information inside your Referral Rock account?
Demographic information collected in your account for your referral programs are for your use only. This includes but is not exclusive to member and referral demographic information such as name, email address, IP address (for tracking purposes), and any other custom fields you set in the software. Referral Rock doesn’t contact, share, distribute, sell or otherwise use account data in any way outside of the built in functionality within the software. It is only accessible by the Referral Rock team for troubling shooting and support purposes.
Use of Credit Card Information
If you give us credit card information, we use it solely to check your financial qualifications and collect payment from you. We use a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use information you provide except for the sole purpose of credit card processing on our behalf.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
Users can visit our site anonymously.
Users are able to change their personal information by logging in to their account.
Security of your Personal Information
How do we protect personal information?
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Retention of Personal Information
We retain Personal Information that you provide us as long as we consider it potentially useful in contacting you about the Subscription Service or our other services, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements, and then we securely delete the information. We will delete this information from the servers at an earlier date if you so request, as described in “Opting Out and Unsubscribing” below.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
If a security breach causes an unauthorized intrusion into our system that materially affects you, then Referral Rock will notify you via email within 72 hours (as compliant with both the Fair Information Practices and the General Data Protection Regulation – GDPR). If looking for more GDPR information, see our GDPR page.
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
International Transfer of Information
Opting Out and Unsubscribing
Reviewing, Correcting and Removing Your Personal Information
Upon request, Referral Rock will provide you with information about whether we hold any of your Personal Information. If you provide us with your Personal Information, you have the following rights with respect to that information:
- To review the user information that you have supplied to us
- To request that we correct any errors, outdated information, or omissions in user information that you have supplied to us
- To request that your user information not be used to contact you
- To request that your user information be removed from any solicitation list that we use
- To request that your user information be deleted from our records
To exercise any of these rights, please contact us at firstname.lastname@example.org. We will respond to your request to change, correct, or delete your information within a reasonable timeframe and notify you of the action we have taken.
The above rights are compliant with the GDPR rulings of right to be forgotten, right to data portability, right of modification, and withdrawal of consent. If looking for more GDPR information, see our GDPR page.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. If you need further assistance regarding your rights, please contact us using the contact information provided above and we will consider your request in accordance with applicable law. In some cases our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
Spam is often in the eye of the beholder. If you ask ten different people for a definition of Spam, you’ll probably get ten different answers. So here’s our best explanation:
- Spam, as applied to email, means “Unsolicited Bulk Email”.
- Unsolicited means that the recipient has not granted the sender affirmative consent (permission) to email them.
- Bulk means that the message is sent as part of a larger collection of messages, all having materially similar content.
We won’t send unsolicited bulk email, for commercial or non-commercial purposes. Unsolicited bulk email is defined as email sent to more than 10 individuals with whom we do not have a prior business relationship. All of our bulk emails will have an “opt-out” mechanism and other required information.
Confidentiality; Proprietary Rights
Each party (the “Receiving Party”) understands that the other party (the “Disclosing Party”) has disclosed or may disclose business, technical or financial information relating to the Disclosing Party’s business (hereinafter referred to as “Proprietary Information” of the Disclosing Party). Proprietary Information includes, without limitation, trade secrets, know-how, including software and documentation therefor, marketing, sales, operating, performance, cost and customer lists, in any form, tangible or intangible. Proprietary Information of Referral Rock includes non-public information regarding features, functionality and performance of the Service. Proprietary Information of Customer includes non-public data provided by Customer to Referral Rock to enable the provision of the Services (“Customer Data”). The Receiving Party agrees: (i) to take reasonable precautions to protect such Proprietary Information, and (ii) not to use (except in performance of the Services or as otherwise permitted herein) or divulge to any third person any such Proprietary Information. The Disclosing Party agrees that the foregoing shall not apply with respect to any information that the Receiving Party can document (a) is or becomes generally available to the public, or (b) was in its possession or known by the Receiving Party prior to receipt from the Disclosing Party as evidenced by the Receiving Party’s written records, or (c) was rightfully disclosed to the Receiving Party without restriction by a third party, or (d) was independently developed without use of any Proprietary Information of the Disclosing Party. If the Receiving Party is required by applicable law or requested (by legal process, civil investigative demand or similar process) to disclose any of the Disclosing Party’s Proprietary Information, the Receiving Party shall notify the Disclosing Party immediately of such requirement so that the Disclosing Party may seek an appropriate protective order or waive compliance with the confidentiality covenants in this Agreement. Any such disclosure by the Receiving Party pursuant to the preceding sentence shall be limited to the extent required by applicable law, or order, subpoena, regulatory requirement, or litigation disclosure, and the Receiving Party shall reasonably cooperate with the Disclosing Party in any effort made by the Disclosing Party to seek a protective order or other appropriate protection of the Disclosing Party’s Proprietary Information.
Customer shall own all right, title and interest in and to the Customer Data. Referral Rock shall own and retain all right, title and interest in and to (a) the Services and Software, all improvements, enhancements or modifications thereto, (b) any software, applications, inventions or other technology developed in connection with Implementation Services or support, and (c) all intellectual property rights related to any of the foregoing.
Notwithstanding anything to the contrary, Referral Rock shall have the right to collect and analyze data and other information relating to the provision, use and performance of various aspects of the Services and related systems and technologies (including, without limitation, anonymized, aggregate information derived from Customer Data), and Referral Rock will be free (during and after the term hereof) to use such information and data solely to improve and enhance the Services and for other diagnostic and corrective purposes in connection with the Services. No rights or licenses are granted except as expressly set forth herein.