Effective Date: October 9, 2024
Your privacy is extremely important to us. To better protect you, we provide this notice explaining our online information practices and the choices you can make about the way your information is collected and used. This Privacy Policy relates to information collected by Plz Fix Inc. (referred to in this Privacy Policy as "Flippr" or the “Company” or "we" or "us" or "our") through your use of our websites, software, services, features, and information available on our websites (collectively, the "Flippr Service"). We recognize that information privacy is an ongoing responsibility and will from time to time update this Privacy Policy as the Company undertakes new personal data practices or adopts new privacy policies.
This Privacy Policy is also incorporated into and governed by our Terms of Use. Our commitment to customers and service providers is governed by a Data Processing Addendum.
Our commitments to employees and customers are further governed by our internal employment policies. In all instances, we are committed to transparency with our customers and employees and to protecting your data privacy.
Personal information or personal data is any information that identifies, relates to, or could reasonably be linked with you or your household. Flippr may collect, or process on behalf of its customers, the following categories of personal information when you use or interact with Flippr products and services:
Flippr uses this information to:
Flippr does not sell personal information to anyone and only shares it with third parties who are facilitating the delivery of our services for the purposes set out in this section.
You can opt out of promotional communications by clicking the unsubscribe button at the bottom of any promotional email or by emailing us at privacy@flippr.ai. You cannot unsubscribe from non-promotional and transactional communications.
Flippr employees do not access content created with Flippr (specifically, documents, comments, markups, project names, or team names) unless authorized by an account owner, or as required for legal, safety, or security reasons, and where technically feasible. Documents uploaded to Flippr Lite Mode are not stored on any cloud server and cannot be accessed by Flippr employees or any other third party. To troubleshoot and address customer issues, the Flippr support team obtains explicit permission from customers and approval from appropriate system administrators before accessing specific user content that is related to the customer-reported issue. This type of access is only granted when required to troubleshoot a customer issue and is restricted to the select support personnel assisting with the specific issue. These types of support requests are logged.
As is true of most other websites, the Company’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of the Company’s website, including a history of the pages you view. Flippr uses this information to help design its site to better suit its users’ needs. Flippr may also use your IP address to help diagnose problems with its server and to administer its website, analyze trends, track visitor movements, and gather broad demographic information that assists the Company in identifying visitor preferences. The Company has a legitimate interest in understanding how customers and potential customers use its website. This assists the Company with providing more relevant products and services to Flippr’s customers.
The Company makes available a comprehensive Cookie Policy that describes the cookies and tracking technologies used on the Company website and provides information on how users can accept or reject them. To view the notice and see more information on how to opt out of certain cookies, click Cookie Policy.
Flippr operates globally, which means personal data may be transferred, stored (for example, in a data center), and processed outside of the country or region where it was initially collected where Flippr or its service providers have customers or facilities – including in countries where Flippr customers or account owners are based. Therefore, by using Flippr products and services or providing personal data for any of the purposes stated above, you acknowledge that your personal data may be transferred to or stored in the United States where we are established, as well as in other countries outside of the EEA, Switzerland, and the UK. Such countries may have data protection rules that are different and less protective than those of your country.
Flippr protects your personal data in accordance with this Privacy Policy wherever it is processed and takes appropriate contractual or other steps to protect it under applicable laws. Where personal data of users in the EEA, Switzerland, or the UK is being transferred to a recipient located in a country outside the EEA, Switzerland, or the UK which has not been recognized as having an adequate level of data protection, we ensure that the transfer is governed by standard contractual clauses as recognized or issued in accordance with EU and UK data protection law. The Company also applies safeguards to protect the privacy and security of your personal data and uses it only consistent with your relationship with the Company and the practices described in this Privacy Policy. More information on this topic can be found in our Data Processing Agreement and on our security page.
Flippr complies with the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce and as available. Flippr has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regards to the processing of personal information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Flippr has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal information received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Statement and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view our certification page, please visit https://www.dataprivacyframework.gov/.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Flippr commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF should first contact Flippr at privacy@flippr.ai.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Flippr commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.
Flippr is adhering to the DPF Principles. The Federal Trade Commission has jurisdiction over Flippr’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).
If third-party agents process personal data on our behalf in a manner inconsistent with the DPF Principles, we remain liable unless we prove we are not responsible for the event giving rise to any damages. If you have a question or complaint related to our compliance with the DPF Principles, please contact us as indicated at the bottom of this privacy policy.
Under limited circumstances and after other available dispute resolution mechanisms have been exhausted, binding arbitration is available to address certain residual complaints under the DPF not resolved by other means.
For more information or if you have any questions or complaints, you can contact us at privacy@flippr.ai or by following the instructions provided in section 14.
The personal information Flippr collects from you is stored in one or more databases hosted by third parties. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval. On occasion, the Company engages third parties to send information to you, including information about our products, services, and events.
For all categories of information that we collect, we disclose personal data to our service providers for various business purposes set out in this Privacy Policy. A list of our third-party sub-processors processing personal information can be found here.
We do not otherwise reveal your personal data to non-Company persons or businesses for their independent use unless: (1) you request or authorize it; (2) for any reason as described in this Privacy Policy; (3) the information is provided to comply with the law (for example, compelled by law enforcement to comply with a search warrant, subpoena, or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others; (4) to address emergencies or acts of God; or (5) to address disputes, claims, or to persons demonstrating legal authority to act on your behalf. We may also gather aggregated data about our services and website visitors and disclose the results of such aggregated (but not personally identifiable) information to our partners, service providers, advertisers, and/or other third parties for marketing or promotional purposes.
If you choose to engage with the Company or the Company’s website through a third-party service, you should review the privacy policy of that service.
We are represented on LinkedIn, the social media platform, in order to present our organization and our services there. The operators of social media platforms like LinkedIn regularly process their users' data for advertising purposes. Among other things, they create user profiles from their online behavior, which are used to show advertising on the pages of the platforms and elsewhere on the Internet that correspond to the interests of the users. To this end, the operators of these platforms store information on user behavior in cookies on users' computers. Furthermore, it cannot be ruled out that the operators merge this information with other data. Users can obtain further information and instructions on how to object to processing by these operators in the data protection declarations of the respective platforms. It is also possible that the operators or their servers are located in countries different from where users are based, such that the operators process data there. This may result in risks for users, e.g. because it is more difficult to enforce their rights or because government agencies access their data.
We do not share personal data with social media platforms. If we do process personal data on these platforms, it is (i) our legitimate interest and such processing is expected to be of interest and potential benefit to the recipients in a way that does not override their fundamental rights and freedoms or (ii) required by law. Among other rights, you have the right to opt out of any communications via a social media platform, and you may have the right to object to processing based on legitimate interests. To request more information or contact us regarding this matter, see section 14.
We maintain a profile on LinkedIn. If you are in the EU, EEA, or Switzerland, the operator is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. If you are in another region, the operator is LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA. The privacy policy is available here: https://www.linkedin.com/legal/privacy-policy.
The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following:
If you would like to exercise your privacy rights, please click here or reach out to us using the contact information below.
You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside the Company might have received the data from the Company; what the source of the information was (if you didn’t provide it directly to the Company); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by the Company if it is inaccurate. You may request that the Company erase that data or cease processing it, subject to certain exceptions. You may also request that the Company cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how the Company processes your personal data. When technically feasible, the Company will, at your request, provide your personal data to you.
Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, the Company will provide you with a date when the information will be provided. If for some reason access is denied, the Company will provide an explanation as to why access has been denied.
For questions or complaints concerning the processing of your personal data, you can email us at privacy@flippr.ai or contact us by following the instructions provided in section 14. You may also have the right to lodge a complaint with your relevant supervisory authority or the data protection supervisory authorities available at https://www.bfdi.bund.de/EN/Service/Anschriften/Laender/Laender-node.html.
If you are a website visitor located in the European Economic Area ("EEA"), Switzerland, or United Kingdom ("UK"), Plz Fix Inc., 224 West 35th Street Ste 500-186, New York, NY 10001, United States is the data controller of your personal data. Our data protection officer can be reached via heyData GmbH, Schützenstraße 5,10117 Berlin, www.heydata.eu, email: datenschutz@heydata.eu.
Our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it. However, we will normally collect personal data from you only where we have your consent to do so, where we need the personal data to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal data from you. If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not (as well as of the possible consequences if you do not provide your personal data).
Under section 3, we list the categories of personal data we collect and the purposes for which we use that data. User Content that users of the Flippr Service choose to share with other users may be classified as Sensitive Personal Data as that term is defined under the California Consumer Privacy Act of 2018, as amended by the California Consumer Privacy Rights Act ("CCPA"). Flippr has not sold or shared any Sensitive Personal Data, but we may have used a sub-processor to process your Sensitive Personal Data for business purposes as further described in this Privacy Policy, our Data Processing Agreement, and our list of sub-processors.
Under some U.S. state laws, including the CCPA, residents may have a right to:
Flippr will not discriminate against you for exercising any of these rights, which is further in line with your rights under state law. We also do not provide any financial incentives tied to the collection, sale, or deletion of your personal data.
To exercise your rights, please click here or email us at privacy@flippr.ai. Under the CCPA, only you or an authorized agent may make a request related to your personal data. Note that to respond to your requests to access or delete personal data under the CCPA, we must verify your identity under the process described below in section 11.
California Civil Code Section 1798.83, also known as “Shine The Light” law, permits California residents to annually request information regarding the disclosure of your personal information (if any) to third parties for the third parties’ direct marketing purposes in the preceding calendar year. We do not share personal information with third parties for the third parties’ direct marketing purposes.
We have reasonable methods in place for verifying rights requests for individuals who choose to exercise these rights, such as a request to know or delete their personal data.
We will acknowledge receipt of the rights request within 10 business days and provide a substantive response within 45 calendar days or inform you of the reason and extension period (up to 90 days) in writing.
We may require you to log into your Flippr account (if applicable), provide information relating to your account, give a declaration as to your identity under penalty of perjury, and/or provide additional information. We will match the identifying information provided by you to the personal information we already maintain to verify your identity. At a minimum, we will ask for your name, email address, country, and state or province. When verifying requests, our verification standards vary depending on the sensitivity of the request. If we cannot verify your identity, we may deny your request. In some cases, we may require additional information, in which case we will contact you. We also securely retain records of data requests for at least 24 months as required under the CCPA.
If you are an authorized agent making a request to know or delete, we also require you to email privacy@flippr.ai to: (i) provide us with a copy of your written authorization to confirm your right to make the request and direct the requesting individual to verify their identity directly with user, if applicable, and (ii) provide a copy of your power of attorney to exercise these rights on behalf of another.
Your personal data is stored on the servers of the cloud-based database management services the Company engages. Unless expressly stated in this Privacy Policy, we will delete your personal data as soon as it is no longer required for its intended purpose, unless we must retain it to comply with our legal obligations, resolve disputes, or enforce our agreements. If the data is not deleted because it is required for other and legally permissible purposes, its processing is restricted, i.e. the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.
Personal data that the Company controls may also be deleted upon verified request from Data Subjects or their authorized agents. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us using the details provided in section 14.
We do not knowingly attempt to solicit or receive information from children under the age of 16. If you are a parent or guardian and believe that your child has provided us with personal data with out your consent, please contact us by using the information provided in section 14, and we will take steps to delete such personal data from our systems.
If you would like to contact us with questions or concerns about our privacy policies and practices, you may contact us via any of the following methods:
Email: privacy@flippr.ai
Online Form: click here
Mailing Address:
Plz Fix Inc.
224 W 35th St Ste 500-186
New York, NY 10001
If you are in the EEA, UK, or Switzerland, you can contact our Data Protection Officer:
Email: datenschutz@heydata.eu
Mailing Address:
heyData GmbH
Schützenstraße 5, 10117 Berlin
Website: www.heydata.eu
We may update this Privacy Policy from time to time. When we do so, we will make it available on this page and indicate the date of the latest revision. Please check this page frequently to see any updates or changes to this Policy. By using the Flippr Service, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, you should not use the Flippr Service.