EFFECTIVE DATE: July 6, 2023

This Pictorus, Inc. (“Pictorus”) Privacy Policy (“Policy”) describes how Pictorus collects, uses, discloses, and otherwise processes the personal information described in this Policy, as well as the rights and choices individuals have regarding such personal information.

For information about the privacy choices, you have regarding your personal information, review Section 7. Your Privacy Choices below, as well as Section 12. Additional Privacy Information for European Economic Area (EEA) and the United Kingdom (UK) Residents, which includes additional information about privacy rights for residents of the EU and UK.

Your use of our Services (defined below), and any dispute over privacy, is subject to this Policy and our Terms of Use, available at https://www.docs.pictor.us/legal/terms_of_use.html, including their applicable limitations on damages and the resolution of disputes.

1. Scope

Except as otherwise noted below, this Policy applies to the personal information that Pictorus processes as a business related to:

  • users of our websites where this Policy is posted, including at https://www.pictor.us/, our SaaS platform, and the services we provide through these, as well as any downloadable software, applications, and other products and services provided by us that display or include a link to this Policy (collectively, the “Services”).
  • individuals who register for or participate in our webinars and other events;
  • current, former and prospective customers, vendors and partners;
  • individuals who are subscribed to receive news, information, and marketing communications from us; and
  • individuals that communicate with us or otherwise engage with us related to our Services.

Not In Scope. This Policy does not apply to the personal information that we collect and process about Pictorus employees and personnel or job applicants and candidates.

2. Personal Information Collected

As further described below, we collect personal information directly from individuals, from third parties, and automatically when such data relates to the use of our Services or other interactions with us.

Personal Information Collected Directly. The personal information we collect from you depends upon how you use our Services or otherwise interact or engage with us, but generally includes:

  • Registration information. When you register or sign up for our services, we may collect certain personal information from you, such as your name, email address, phone number, and employer.
  • Payments and purchases. When you make a purchase or payment through the Services, we collect purchase and payment information in order to process your payment, such as your credit card number and applicable billing address. We also maintain records about your past purchases in connection with the Services we provide.
  • Communications and interactions. When you email, call, or otherwise communicate with us and with members of our team, we collect and maintain a record of your contact details, communications, and our responses. We also maintain records communications and information you provide to us related to any customer support requests.
  • Events and other requests. We also collect personal information related to your participation in our events as well as other requests that you submit to us related to our Services. For example, if you register for or attend an event or webinar that we host or sponsor, we may collect information related to your registration for and participation in such event. When you complete our “Early Access” form or otherwise request information from us, we collect and maintain records of your requests.

Personal Information from Third Parties. We may collect personal information about you from third party sources, such as public databases, joint marketing partners, social media platforms or other third parties.

  • Lead and Prospect Information. We may receive lead and prospect information from third parties about prospective customers that may be interested in our Services. We may also engage with third parties to enhance or update our customer information.
  • Third Party Accounts. You may choose to log into the Services through various third-party accounts, such as Google and/or GitHub. When you connect to our services using your third-party account, we may collect or receive personal information about you that you have provided to that account holder.
  • Third Party Platforms. If you post information about us or engage with us on third party platforms, we may collect personal information about you from that third party platform or account (e.g., to better understand who is viewing our page and to respond to your communications). These third-party platforms and services control the information they collect and share about you. For information about how they may use and disclose your information, including any information you make public, please consult their respective privacy policies.

Personal Information Collected Automatically. We automatically collect personal information related to your use of our Services and interactions with us and others, including information we collect automatically (e.g., cookies, pixel tags, etc.), as well as information we derive about you and your use of the Services. Such information includes:

  • Device and browsing information. We use cookies, log files, pixel tags and other tracking technologies to automatically collect information when users access or use our Services, such as IP address, general location information, domain name, page views, a date/time stamp, browser type, device type, device ID, Internet service provider, referring and exiting URLs, operating system, language, clickstream data, and similar device and usage information. For more information, see Section 6. Cookies, Targeting and Analytics, below.
  • Activities and usage. We collect activity information related to your use of the Services, such as information about the links clicked, searches, features used, items viewed, and time spent within the Services.
  • Session-Replay. We use session-replay technologies provided by third parties to record your interactions with the Services to help us diagnose problems and to improve our Services. These technologies allow us to watch a visual playback of user sessions on our Services and capture your activities such as clock, mouse movements, scrolls, and keystrokes/key touches when you use of Services.
  • Location information. We may collect or derive location information about you, such as through your IP address. Further, with your permission, we may collect geolocation information from your device. You may turn off location data sharing through your device settings.

3. Purposes of Use and Processing

Generally, we collect, use, disclose and otherwise process the personal information we collect for the following purposes:

  • Services and support. To provide and operate our Services, communicate with you about your use of the Services, provide troubleshooting and technical support, respond to your inquiries, fulfill your orders and requests, process your payments, communicate with you about the Services, and for similar service and support purposes.
  • Analytics and improvement. To better understand how users access and use the Services and for other research and analytical purposes, such as to evaluate and improve our Services and business operations, to develop services and features, and for internal quality control and training purposes.
  • Marketing and advertising. For marketing and advertising purposes. For example, to send you information about our Services, such as offers, promotions, newsletters, and other marketing content, as well as any other information that you sign up to receive. We also may use certain information we collect to manage and improve our advertising campaigns so that we can better reach people with relevant content.
  • Research and surveys. To administer surveys and questionnaires, such as for market research or member satisfaction purposes.
  • Security and protection of rights. To protect the Services and our business operations; to protect our rights or those of our stakeholders; to prevent and detect fraud, unauthorized activities and access, and other misuse; where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety or legal rights of any person or third party, or violations of our Terms of Use.
  • Compliance and legal process. To comply with the law and our legal obligations, to respond to legal process and related to legal proceedings.
  • General business and operational support. To consider and implement mergers, acquisitions, reorganizations, bankruptcies, and other business transactions such as financings, and related to the administration of our general business, accounting, auditing, compliance, recordkeeping, and legal functions.

4. Disclosures of Personal Information

We may disclose the personal information that we collect for the purposes described above, in order to provide our Services to you, to respond to and fulfil your orders and requests, as otherwise directed or consented to by you, and as follows:

  • Vendors and service providers. We may disclose personal information we collect to our service providers, processors and others who perform functions on our behalf. These may include, for example, IT service providers, help desk, payment processors, analytics providers, consultants, auditors, and legal counsel.
  • Our business clients. Any data that we collect and process on behalf of a business client will be disclosed to the business client and otherwise shared as directed by that business client.
  • Third party platforms, providers, and networks. We may disclose or make available personal information to third party platforms and providers that we use to provide or make available certain features or portions of the Services, or as necessary to respond to your requests. We may also make certain information that includes personal information available to third parties in support of our marketing, analytics, advertising, and campaign management (see Section 6. Cookies, Targeting and Analytics for more information).
  • In support of business transfers. If we are or may be acquired by, merged with, or invested in by another company, or if any of our assets are or may be transferred to another company, whether as part of a bankruptcy or insolvency proceeding or otherwise, we may transfer the information we have collected from you to the other company. We may also share certain personal information as necessary prior to the completion of such a transaction or corporate transactions such as financings or restructurings, to lenders, auditors, and third-party advisors, including attorneys and consultants, as part of due diligence or as necessary to plan for a transaction.
  • Compliance and legal obligations. We may also disclose personal information to third parties to comply with our legal and compliance obligations and to respond to legal process. For example, we may disclose information in response to subpoenas, court orders, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements. This may include regulators, government entities, and law enforcement as required by law or legal process. In addition, it may include certain disclosures that we are required to make under applicable laws.
  • Security and protection of rights. We may disclose personal information where we believe doing so is necessary to protect the Services, our rights and property, or the rights, property, and safety of others. For example, we may disclose personal information in order to (i) prevent, detect, investigate and respond to fraud, unauthorized activities and access, illegal activities, and misuse of the Services, (ii) situations involving potential threats to the health, safety or legal rights of any person or third party, or (iii) enforce, and detect, investigate and take action in response to violations of, our Terms of Use. We may also disclose information, including personal information, related to litigation and other legal claims or proceedings in which we are involved, as well as for our internal accounting, auditing, compliance, recordkeeping, and legal functions.

5. Aggregate Data and Non-identifiable Data

We may also use and disclose aggregate and other non-identifiable data related to our business and the Services for quality control, analytics, research, development, and other purposes. For example, when you connect your device to the Services, we collect the operating system and/or chip architecture the device machine runs on.

6.Cookies, Targeting and Analytics

We and our third-party service providers use cookies, pixels, local storage objects, log files, APIs, and other mechanisms to automatically collect information browsing, activity, device, and similar information within our Services. We use this information to, for example, analyze and understand how users access, use and interact with others through our Services, as well to identify and resolve bugs and errors in our Services and to assess secure, protect, optimize and improve the performance of our Services. You have certain choices about our use of cookies and tracking within the Services, as described in this section. For more information on the types of personal information we collect via cookies and similar mechanisms, please see Section 2. Personal Information Collected.

Cookies. Cookies are alphanumeric identifiers that we transfer to your device’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Services, while others are used to enable a faster log-in process, support the security and performance of the Services, or allow us to track activity and usage data within Service.

Pixel tags. Pixel tags (sometime called web beacons or clear GIFs) are tiny graphics with a unique identifier, similar in function to cookies. While cookies are stored locally on your device, pixel tags are embedded invisibly within web pages and online content. We may use these, in connection with our Services to, among other things, track the activities of users, help us manage content and compile usage statistics. We may also use these in HTML e-mails we send, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.

Local storage objects. Local storage is a web storage mechanism that allows us to store data on a browser that persists even after the browser window is closed. Local storage may be used by our web servers to cache certain information in order enable faster loading of pages and content when you return to our websites. You can clear data stored in local storage through your browser. Please consult your browser help menu for more information.

Third-Party Analytics and Tools. We use third party tools, such as Google Analytics, which are operated by third party companies. These third-party analytics companies may collect usage data (using cookies, pixels, and similar tools) about our Services in order to provide us with reports and metrics that help us to evaluate usage of our Services and improve performance and user experiences. You can also download the Google Analytics Opt-out Browser Add-on to prevent their data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.

Cross-device Tracking. We and our third-party providers may use the information that we collect about you within our Services and on other third-party sites and services to help us and these third parties to identify other devices that you use (e.g., a mobile phone, tablet, other computer, etc.). This information may be used as set forth in this section and Section 6. Cookies, Targeting and Analytics.

Targeted Advertising. We work with third parties, such as ad networks, channel partners, mobile ad networks, analytics and measurement services and others (“third-party ad companies”) to personalize content, as well as to manage our advertising on third-party sites and mobile apps. We may share certain information with these third-party ad companies, and we and they may use cookies, pixels tags, and other tools to collect usage and browsing information within our Services, as well as on third-party sites, apps., and services, such as IP address, location information, device ID, cookie and advertising IDs, and other identifiers, as well as browsing information. We and these third-party ad companies use this information to provide you more relevant ads and content on third-party sites and apps, and to evaluate the success of such ads and content.

Managing Your Preferences. We make available several ways for you to manage your preferences regarding targeted advertising and cookies within our Services. Many of these are browser and device specific, which means that you need to set the preference for each browser and device you use to access our Services; in addition, if you delete or block cookies, you may need to reapply these preferences. Further, opting out of cookies and advertising as discussed below does not mean that you will no longer receive advertising content from us. You may continue to receive generic or “contextual” ads from us.

  • Industry ad choice programs. You can also control how participating third-party ad companies use the information that they collect about your visits to our websites and those of third parties, in order to display more relevant targeted advertising to you. If you are in the U.S., you can obtain more information and opt out of receiving targeted ads from participating third-party ad networks at aboutads.info/choices (Digital Advertising Alliance). You may also download the DAA AppChoices (https://youradchoices.com/appchoices) tool in order to help control interest-based advertising on apps on your mobile device. In addition, users in the EU may obtain more information at the following links:
    • EU Users: https://youronlinechoices.eu/ (European Interactive Digital Advertising Alliance)

Please note that opting out of participating ad networks does not opt you out of being served advertising. You may continue to receive generic or ‘contextual’ ads. You may also continue to receive targeted ads on other websites from companies that do not participate in the above programs.

  • Browser settings. If you wish to prevent cookies from tracking your activity on our website or visits across multiple websites, you can set your browser to block certain cookies or notify you when a cookie is set; you can also delete cookies. The Help portion of the toolbar on most browsers will tell you how to prevent your device from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to delete cookies. Visitors to our Services who disable cookies will be able to browse the Site, but some features may not function.

7. Your Privacy Choices

We make available a number of ways that you can manage your privacy choices and submit privacy requests related to your personal information. These include:

  • Pictorus Account. You can review and update much of the personal information we maintain about you by logging into your account and updating your information.
  • Marketing communications. You can opt out of receive marketing emails from us by using the unsubscribe link in the footer of each marketing email we send to you.

For more information about our privacy practices and your privacy choices, you may contact us as set forth in the ‘Contact Us’ section below.

8. Children/Minors

Our Services are not designed for children, and we do not knowingly collect personal information from children under the age of majority. If we learn that personal information has been collected on the Services from persons under the age of majority, then we will take the appropriate steps to delete this information. If you are a parent or legal guardian and you believe we have collected your child’s information in violation of applicable law, please contact us using the contact information below in Section 11. Contact Us.

9. Security

We have implemented safeguards that are intended to protect the personal information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our efforts, no data security measures can guarantee security.

10. Changes to this Policy

This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any updates to the Policy on our website. If we make material changes to how we collect, use, and disclose the personal information we have previously collected about you, we will endeavor to provide you prior notice, such as by emailing you or posting prominent notice through on our website or within the Services.

11. Contact Us

If you have questions about this Policy or our privacy practices, you may contact us at contact@pictor.us.

12. Additional Privacy Information for European Economic Area (EEA) and the United Kingdom (UK) Residents

This section details the purposes for processing personal information and the legal bases for which we process personal information in accordance with the EEA and UK General Data Protection Regulation (the “GDPR”).

Lawful Basis for Collecting Personal Information. We collect and process personal information under the following legal bases:

  • To Perform a Contract with You or to Take Pre-contractual Steps at Your Request. This includes performance of an agreement with you, such as our Terms of Use, or terms and conditions applicable to the Services you use. If you don’t provide your personal information, we won’t be able to provide you with the Services requested.
  • To Comply with a Legal Obligation to Which Pictorus is Subject. This includes processing personal information to comply with our legal obligations, such as to retain records of transactions.
  • For Our Legitimate Interests. We may process personal information in furtherance of our legitimate interests, where those interests are not overridden by your rights, freedoms, and interests. Our legitimate interests include improving and personalizing the Services, marketing features or products that may be of interest, and promoting safety and security.
  • With Your Explicit Consent. We may process personal information about you based on your consent, for example (where required by law) to send you marketing communications, surveys, news, and updates. Where our processing of personal information is based on your consent, you may withdraw consent at any time; please see the section below titled, “Your Rights in Respect of Your Personal Information” for information on how to withdraw your consent.

Purposes and Legal Bases of Use and Processing. We use personal information for the purposes set forth below, and for the legal bases described below:

  • Services and Support. To provide and operate our Services, manage your account, communicate with you about your use of the Services, provide troubleshooting and technical support, respond to your inquiries, fulfill your requests, facilitate payment processing, communicate with you about the Services, for similar service and support purposes, and to otherwise run our day-to-day operations. (Legal basis: Performance of our contract with you and your explicit consent.)
  • Analytics and Improvement. To better understand how Pictorus’ users access and use the Services, and for other research and analytical purposes, such as to evaluate and improve the Site, our Services, and business operations, including to develop our Services and its features, and for internal quality control and training purposes. (Legal basis: Our legitimate interests in improving our products and Services to expand our business and increase our revenue.)
  • Communicate With You. To respond to your inquiries, send you requested materials and newsletters, as well as information and materials regarding our Services and offerings. We also use this information to send administrative information to you, for example, information regarding the Services and changes to our terms, conditions, and policies. (Legal basis: Our legitimate interests in improving our products and Services to expand our business and increase our revenue.)
  • Customization and Personalization. To tailor content we send and to otherwise personalize your experiences and offerings. (Legal basis: Our legitimate interests in improving our products and Services to expand our business and increase our revenue.)
  • Marketing and Advertising. For marketing, advertising, and promotional purposes. For example, to send you promotional information about our Services, including information about our events, webinars, presentations, and new offerings, as well as any other information that you sign up to receive. (Legal basis: Our legitimate interests in improving our products and Services to expand our business and increase our revenue.)
  • Research and Surveys. To administer surveys and questionnaires, such as for market research or user satisfaction purposes. (Legal basis: Our legitimate interests in improving the relevancy of our Services, products, and advertising to improve Services and products and to encourage interactions with us, which allows us to grow our business.)
  • Planning and Managing Events. For event planning and other management-related purposes, such as event registration and attendance, connecting you with other event attendees and users, and contacting you about relevant events, presentations, and our Services. (Legal basis: Our legitimate interests in improving the relevancy of our Services, products, and advertising to improve Services and products and to encourage interactions with us, which allows us to grow our business.)
  • Security and Protection of Rights. To protect the Services and our business operations, our rights and those of our stakeholders and investors, to prevent and detect fraud, unauthorized activities and access, and other misuse of our website and Services, including where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety or legal rights of any person or third party, or violations of our Terms and Conditions of Use. (Legal basis: Our legitimate interests in conducting our business in a lawful manner and protecting our rights and interests as well as those of our stakeholders and society at large.)
  • Compliance and Legal Process. To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding, to respond to a subpoena, warrant, court order, or other legal process, or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority. (Legal basis: To comply with an EEA or UK obligations, or in reliance on our legitimate interests in conducting our business in a lawful manner and protecting our rights and interests as well as those of our stakeholders and society at large where we need to comply with non-EEA or UK law.)
  • Auditing, Reporting, and Other Internal Operations. To conduct financial, tax and accounting audits, audits, and assessments of our operations, including our privacy, security, and financial controls, as well as for risk and compliance purposes. We may also use personal information to maintain appropriate business records and enforce our policies and procedures. (Legal basis: Our legitimate interests in running our business efficiently to improve our performance metrics and maintain profitability.)
  • General Business and Operational Support. To assess and implement mergers, acquisitions, reorganizations, bankruptcies, and other business transactions such as financings, and to administer our business, accounting, auditing, compliance, recordkeeping, and legal functions. (Legal basis: Our legitimate interests in organizing our business efficiently.)

Your Rights in Respect of Your Personal Information. The GDPR gives you certain rights regarding your personal information that we hold, with some exceptions:

  • Access. You have the right to obtain information about our processing of your personal information and obtain access to and a copy of your personal information.
  • Rectification. You have the right to update, complete or correct inaccuracies in your personal information.
  • Erasure. You have the right to have your personal information deleted.
  • Portability. You have the right to obtain a machine-readable copy of your personal information or to have us transfer it to another controller of your choice.
  • Restriction. You have the right to restrict the processing of your personal information, meaning that we will not further process your personal information except to store it.
  • Withdrawal of Consent. You have the right to withdraw your consent to our processing of your personal information, without affecting the lawfulness of processing up until withdrawal.
  • Objection. You have the right to object, on grounds relating to your particular situation, to the processing of your personal information.
  • You also have the right to object to the processing of your personal information for direct marketing (including profiling) purposes.

Please note that some of these rights may be limited, such as where we have an overriding interest or legal obligation to continue to process the data. Please contact us by using the information set out above in Section 11. Contact Us to exercise your rights. You can also contact us by using the information set out above in Section 11. Contact Us if you have any inquiries or complaints regarding the processing of your personal information by Pictorus.

If you are not happy with how your rights are handled, you can submit a complaint with the relevant data protection authority of your habitual residence, your place of work, or the place of the alleged infringement/violation of your rights. This link will redirect you to the European Data Protection Board Website with an up-to-date list of all European Union Data Protection Authorities: https://edpb.europa.eu/about-edpb/board/members_en. The UK authority, the ICO, can be reached here: https://ico.org.uk/.

Retention. We will retain personal information for as long as necessary for the purposes described in this Policy, including for the purpose of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We typically retain personal information for a period of time corresponding to a statute of limitation, and so that we can raise or defend a legal claim. We may also retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation.

International Data Transfers. By using our Services, you understand that your personal information is transferred to countries outside of the EEA and UK, and notably to the United States, which are not deemed by the European or UK Commission to provide an adequate level of personal information protection. Where necessary, we have implemented measures to protect your personal information.