Last Updated: July 15, 2023
Last Updated: July 15, 2023
Thank you for using the Site and/or Services of Unbounce Marketing Solutions Inc. (“Unbounce”, “we”, “us”, or “our”).
You can find a list of our data subprocessors here.
I. Key Terms
a. Customer – The entity/entities who subscribes to Unbounce’s Apps/Platform/Products.
b. Lead – The entity/entities who visit the Landing Pages built by Unbounce’s Customers.
c. Customer Data – The business relationship between information gathered during the subscription process to Unbounce’s platform
d. Customer Content – The landing page stricture, copy, and design. Basically, all the elements that make us a “Customer’s” landing page on the Unbounce platform.
e. Lead Data – Any Information provided by a visitor to the “customer’s” landing page through “form” elements used by the “Customer: on their landing page on Unbounce’s platform.
f. Personal data: any information that can be used to identify an individual, such as name, email address, and phone number.
g. Processing: any operation or set of operations performed on personal data, such as collection, storage, use, or deletion.
h. Controller: the organization that determines the purposes and means of processing personal data.
i. Processor: a third-party organization that processes personal data on behalf of a controller.
j. Data subject: the individual to whom the personal data relates.
k. Consent: the freely given, specific, informed, and unambiguous indication of a data subject’s wishes by which he or she, by a statement or by clear affirmative action, signifies agreement to the processing of personal data.
l. Legitimate interests: the lawful basis for processing personal data where it is necessary for the purposes of a controller’s legitimate interests, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.
m. Data breach: a security incident that results in the accidental or unlawful destruction, loss, alteration, or unauthorized disclosure of, or access to, personal data.
II. Information We Collect
We collect different types of information from or through the Site and/or Services. Where appropriate, the legal basis for our processing of Personal Data is either consent, where we ask for it or that the processing is necessary for providing the Site and/or Services and is carried out in our legitimate interests, which are further explained in “Clause III”. How We May Use Information We Collect from You” section.
1. Account Information
- When you sign up for an Unbounce Account, you select a User ID (by entering an email address and password) and we collect and store that information. Collected information is data we have solicited in a form or obtained via cookies or by other means; stored information is collected information that has been subsequently deposited into our databases after collection.
- In addition to your User ID, we also collect and store your first name and last name.
- We may also collect and store your company name, telephone number, address, and certain other information about you that may be required by us to provide the Services or be disclosed by you during your use of the Services.
2. Billing Information
- When your Account includes a Subscription, we collect but do not store your credit card number.
- When you enter your credit card number, it is sent directly to the Payment Processor, our Third Party payment provider, and bypasses our databases entirely.
- From there, the Payment Processor transfers Billing Information to the Payment Service Provider for payment processing.
- You agree that our Third Party payment providers and processors may collect and store your billing address and credit card information on our behalf and that we may change our payment provider and processor at any time for any reason.
- Unbounce will collect and store your billing address.
- Full credit card numbers are never visible to Unbounce employees or contractors, and we will not modify your credit card number or billing address under any circumstances.
- We adhere to all controls required for handling cardholder data in accordance with Payment Card Industry (PCI) compliance standards.
- You agree that our Third Party payment processors may collect and store your billing address and credit card information on our behalf.
- We only use Third Parties providing sufficient guarantees to implement appropriate technical and organizational measures.
3. Log Data
- When you use the Services, our servers may automatically collect and store information, including information that your browser sends whenever you visit a website.
- This log data may include but is not limited to, your Internet Protocol (IP) address, the address of the web page you visited before using the Services, the operating system you are using, the date and time of your accessing the Services, geolocation information, type of device, cookie data, and browser signatures.
- IP Addresses: We will log the IP address of any visitor to a webpage you create and publish using the Services in order to calculate traffic usage per Account and conversion rates per variant, investigate spam allegations and discrepancies in page statistics, as well as to ensure the security of the webpage, Services, and related data. Unbounce never uses the IP address or other Personal Data of visitors to your pages to conduct marketing activities or promote the Services.
4. Cookies and Log Files
- Cookies are small amounts of data that are transferred to your web browser by a web server and are used to collect and store information about a user.
- First-party cookies on Unbounce landing pages are anonymous and cannot be used on their own to identify an individual.
- You agree that should you disable cookies on your browser, certain aspects of the Services may be unavailable to you, and that Unbounce is not responsible for any adverse effects arising from your browser or other computer or mobile settings.
- You agree that you are responsible for adhering to all laws, policies, and other regulations in your relevant jurisdiction(s), including but not limited to all laws requiring that cookie use must be disclosed. Unbounce disclaims all liability in this area.
5. User Contributions
- You may also provide information to be published or displayed on public areas of the Site and/or Services, or transmitted to other users of the Site and/or Services (collectively, “User Contributions”).
- Your User Contributions are posted and transmitted to others at your own risk. We cannot control the actions of other users of the Site with whom you may choose to share your User Contributions.
- Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.
6. Lead Data
- You have the option of using the Unbounce platform to build forms and solicit information from individual data subjects (“Lead Data”).
- In these situations, since you choose which data to collect and process, the nature of the data, as well as the purposes and means of processing, you are acting as “Data Controller” under applicable laws (including, but not limited to, the General Data Protection Regulation (“GDPR”) and you have the accountability and associated responsibilities under these applicable laws.
- Without limiting the foregoing, we may on occasion ask you to consent when we collect, store, use, or disclose your Personal Data in specific circumstances.
- These circumstances may include but are not limited to, Trial Programs, Beta Tests, research and development, and other changes, updates, or additions to the Services.
- You are obligated to protect your Customer i.e. Data Subject Rights and the deletion of Lead Data for your Customers is your responsibility and Unbounce shall not be responsible for any deletion obligations of the Lead Data.
7. WordPress Plug-in: You have the option of adding a “WordPress Domain” to your account.
- A WordPress Domain is a domain you have purchased from a hosting provider or domain name seller and onto which you have installed wordpress.org software.
- In order to publish Unbounce webpages to your WordPress Domain, you will need to install Unbounce’s Plugin for WordPress (“the Plugin”) in your WordPress account.
- When installing or updating the Plugin, Unbounce will collect and store certain data from your WordPress environment.
- This data includes but is not limited to the WordPress version number, PHP version number, URL version number, the names of other WordPress plugins installed on your domain, the names of other PHP extensions installed on your domain, your operating system, and key PHP configuration settings.
- We are collecting this information in order to better support the Plugin and the environments in which it is installed.
- Among other things, we will collect and store this data in order to inform our decisions on minimum configuration and testing requirements, and to improve the stability of Plugin updates.
- You hereby consent to the collection and storage of this information in your use, installation and updating of the Plugin.
- If you do not consent to the collection and storage of this information, you may choose not to use the Plugin.
III. How We May Use the Information We Collect From You
- We analyze this information based on our legitimate interest in enhancing the Unbounce platform and ensuring a better user experience. Additionally, it is essential for fulfilling our contractual obligations to you effectively.
- We take steps designed to ensure that only those employees who need access to your Personal Data to fulfill their employment duties will have need-to-know and restricted access to it.
- We may use the information we collect from you to provide the Services to you and to understand, improve, and enhance the Services.
- We do not sell your personal information to any third party.
- This includes but is not limited to, the right to conduct research, analyze trends, monitor traffic usage, and examine the ways in which our users engage with the Services.
- We may use your Personal Data to respond to your questions or comments, including support-related and billing inquiries.
- We also use your Account data to administer your Account and keep track of billing and payments, invoicing, and Account management.
- If you have received a commercial electronic message from us (regarding our products, services, news and events), it is because either you have previously provided your express consent, we have your implied consent under Canada’s Anti-Spam Legislation, or because the type of message sent is exempt under Anti-Spam Legislation.
- You have the option not to receive this commercial electronic message.
- We provide an opt-out function within all electronic marketing communications or will cease to communicate with you for this purpose if you email us at firstname.lastname@example.org and tell us not to communicate this information to you.
- While you maintain an Account with us, we may contact you to notify you about changes to the Services, and other important Service-related notices, including but not limited to security and fraud notices, Service suspensions, overages and outages.
- These emails and messages are considered essential, non-marketing communications, and you may not be able to opt out of them.
- We work hard to keep the Services secure and to prevent abuse and fraud.
- We may use your Personal Data as necessary to respond to security incidents, claims of any violation of our rights or those of any Third Parties, to protect the rights, property, or personal safety of you, us, our Customers, and the public, and as required or authorized by law.
IV. How We May Disclose Information We Collect from You
- Unbounce will only share your information with Third Parties in accordance with your instructions or as necessary to provide you with a specific service (for example, our Third Party payment processors, and our email service provider for the “Email Me New Leads” integration) or otherwise in accordance with applicable privacy legislation.
- When we disclose your Personal Data to Third Party service providers, we take reasonable measures to ensure that the rules set forth in this Policy are complied with.
- This policy is not intended to place any limits on what we may do with data that is aggregated and/or anonymized so it is no longer associated with an identifiable Customer or user of the Services (“Aggregated Data”).
- We may use your Personal Data to generate Aggregated Data for internal use and for sharing with Third Parties on a selective basis.
- Lead Data is hosted in our Frankfurt (Germany) database.
- However, please note that your Personal Data may be stored and processed in any country where we have facilities or in which we engage Third-Party service providers.
- By using the Site and/or Services, you consent to the transfer of information to countries outside your country of residence, including the United States, which may have different data protection rules than in your country.
- While such information is outside of the EU/EEA, it is subject to the laws of the country in which it is held and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country.
- Our practices regarding your Personal Data will at all times continue to be governed by this Policy and we will comply with GDPR requirements providing adequate protection for the transfer of Personal Data from the EU/EEA to a third country.
V. Your Privacy Rights
a. Managing Your Information:
You have the right to access and edit your Account and Profile Information (including User ID and billing details) by logging into the Services and choosing to edit your Profile. If you believe we have exceeded the legitimate basis for processing, the processing is no longer necessary, are processing, or believe your Personal Data is inaccurate; you have the right to reach out to us to delete/change any of your personal data.
b. Changes To Profile
You are able to upgrade, downgrade, enable and disable Third Party integrations, view your Lead Data, download a CSV file of your Lead Data for any date range, invite additional Users to your Account (depending on your Account level), and decide which permission level to grant each additional User.
c. Withdrawing Consent
You have the right to withdraw consent to processing where consent is the basis of processing and object to any unlawful data processing under certain conditions.
d. Data Portability
In certain jurisdictions, the law may grant you the right to request copies of the personal information that we hold. You may also have the right to request your personal information, which you have provided to us, in a structured, commonly used, and machine-readable format. Additionally, where technically feasible, you may have the right to request the transmission of this information to another service provider.
e. Retention Periods
We will maintain your Personal Data for as long as they are needed, or as required by applicable laws, regulations, or government orders. Unless you request otherwise, your Account, including Lead Data, will be deleted from our databases within ninety (90) days to twelve (12) months of Account cancellation. We reserve the right to charge a fee for data retention past our prescribed deletion period, and to update or amend our data retention policy.
f. Data Restriction and Objection
You have the right to object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you, under certain conditions. You have the right to demand that we restrict processing of your Personal Data, under certain conditions, if you believe we have exceeded the legitimate basis for processing, the processing is no longer necessary, are processing, or believe your Personal Data is inaccurate;
For individuals located in the European Economic Area, Switzerland, the United Kingdom, or Brazil, you hold the right to lodge a complaint with a supervisory authority if you believe that our handling of your personal information violates applicable laws. the right to lodge a complaint with data protection authorities. You may contact our Data Protection Officer by emailing email@example.com with your request.
If you want to learn more about your rights under the GDPR, you can visit the European Commission’s page on Data Protection.
We will maintain your Personal Data for as long as they are needed, or as required by applicable laws, regulations, or government orders.
VI. Link to Third Party Websites
- The Site and/or Services may contain links to other websites.
- We are not responsible for the privacy practices or the content of such websites.
VII. Change of Ownership or Business Transition
- The acquiring party would need to provide substantial evidence and establish the ownership of the acquisition and claim.
- We will strive to prevent unauthorized access to your Personal Data, however, no data transmission over the Internet, by wireless device or over the air is guaranteed to be 100% secure.
- We will continue to enhance security procedures as new technologies and procedures become available.
- Our password policy for our application employs a non-traditional approach by utilizing the third-party service, zxcvbn, for password validation. zxcvbn offers a more secure, flexible, and usable alternative to traditional password composition policies, allowing for a minimal complexity score rather than rigid rules regarding the inclusion of lowercase letters, uppercase letters, numbers, and symbols. It provides improved security by effectively detecting weak passwords while accommodating strong passwords, and its flexibility considers factors such as passphrases with uncommon words, keyboard patterns with varying lengths and turns, and the impact of capitalization on complexity.
- If you forget your password, we will ask you for your email address and send you an email with instructions for resetting your password. Please also note at no time is an Unbounce employee able to view your password.
- Please remember that you control what Personal Data you provide while using the Site and Services.
- Ultimately, you are responsible for maintaining the secrecy of your identification, passwords and/or any Personal Data in your possession for the use of the Site and/or Services.
- We are not responsible for, and cannot control, the use by others of any information which you provide to them and you should use caution in selecting the Personal Data you provide to others through the Site or Services.
- Similarly, we cannot assume any responsibility for the content of any Personal Data or other information which you receive from other users through the Site or Services, and you release us from any and all liability in connection with the contents of any Personal Data or other information which you may receive using the Site or Services.
- We cannot guarantee, or assume any responsibility for verifying, the accuracy of the Personal Data or other information provided by any Third Party. You release us from any and all liability in connection with the use of such Personal Data or other information of others.
- We use technical and organizational means to ensure the security of personal data and to protect it from accidental or deliberate destruction, accidental loss, alteration, unauthorized disclosure or access, to the extent required by generally applicable law.
- The data entrusted shall be retained on hardware and servers in properly secured information storage centres, to which only authorized persons have access.
- We carry out activities related to the processing of personal data with respect to all legal and technical requirements imposed on us by the provisions regarding personal data protection.
- We have implemented pseudonymization, and data encryption and have access controls in place so as to minimize the effects of possible data security breaches.
- We regularly test the security of our systems and have a backup procedure in place.
- Personal data is processed only by persons authorized by us or by processors with whom we cooperate closely. Sub-processing is conducted exclusively on the basis of relevant contracts.
- As an internet user, there are various vulnerabilities that the systems are exposed to. Therefore, you have full responsibility and liability for the use of the related personal data or sharing the information of others. Unbounce will not be responsible or liable for any personal data loss or breach for any viruses or attacks vulnerability on your systems.
VIII. Children’s Privacy
- The Site and/or Services are not directed to children under the age of 16, and we do not intentionally and/or knowingly collect Personal Data from children under the age of 16 without obtaining parental consent¹.
- If you are under 16 years of age, then please do not use or access the Site and/or Services at any time or in any manner.
- If we learn that Personal Data has been collected on the Site and/or Services from persons under 16 years of age and without verifiable parental consent, then we will take the appropriate steps to delete this information.
- If you are a parent or guardian and discover that your child under 16 years of age has provided Personal Data, then you may alert us as set forth in the “Contact Us” section and request that we delete that child’s Personal Data from our systems.
You have the right to reach out to the jurisdiction of the supervisory board of the respective country that applies to you if you are not satisfied with the privacy practices, responses or policies of Unbounce.
XI. Contact Us
Address: 500-401 West Georgia St. Vancouver, BC, Canada, V6B 5A1
Worldwide: +1 604 484 1354
Unbounce may change this Policy from time to time. If we make any changes to this Policy, we will change the “Last Updated” date above. Your continued use of our Website, Platform or Services after such changes have been published to our Policy will constitute your acceptance of the revised Policy.
¹ As per Article 8 of the GDPR, ages below 16 are considered children. The same may be different for your jurisdiction. <https://gdpr-info.eu/art-8-gdpr/>