Privacy Policy

Overview

This Privacy Policy governs and describes how Smarty, LLC (herein the "Company," also referred to as "We", "Us" or "Our" herein) may collect, use, and disclose information that we obtain through or from all customers or users (also referred to as "You," "Your" or "Client") regardless of nationality or location when visiting our website or using our service. All personal information that we collect and maintain shall be subject to our Privacy Policy and current laws in effect at the time of collection.

If you have objections to our Privacy Policy, you should not access our Services until modified terms have been agreed to mutually through an addendum to our Terms of Service. If you require special instructions for processing your data,need us to enter into a Data Processing Agreement (DPA), or make modifications to legal terms to protect your privacy, contact us to discuss our Enterprise Solutions.

DEFINITIONS for the purposes of this Privacy Policy:

"Client Account Information" is any information that identifies you as our client, including, but not limited to, a name, email address, location information, Usage Data, account or an identification number, or online identifier.

"Client Data" means the information, and/or input data, including an address or any other Personal information contained therein, in any form or media, that is (i) submitted or entered into the Company's cloud-based system or Site by Client or on behalf of Client or its end users; (ii) accessed or used by Company in providing any Services to Client; or (iii) data and content collected, compiled, inferred, stored, cached, or derived directly or indirectly from any of the data and content described in subclauses (i) and (ii) herein.

"Consumer" means a natural person who is a California resident as defined by California Consumer Privacy Act ("CCPA").

"Data Controller" refers to you as the legal person or entity which alone or jointly with others determines the purposes and means of processing Personal Information. You are responsible and accountable for the use of Personal Information of Data Subjects and Consumers in your possession.

"Data Processor" refers to us as your Service Provider, who processes Personal Information only on your behalf or instruction as the Data Controller.

"Data Subject" refers to any person residing in the European Union ("EU") whose Personal Information is being collected, held, or processed as defined under the General Data Protection Regulation ("GDPR") .

"Enhanced Data Privacy" also commonly referred to as "incognito mode" is an optional feature in the Platform that Client may elect to purchase that prevents Client Data and or Personally Identifiable Information (PII) from ever being logged at the point of submission or Provider's APIs. Client Data submissions are accessed only momentarily in Random Access Memory (RAM), just long enough to process and deliver results back to Client. Upon completion of the process, any residual Client Data in the system's RAM is dumped or "garbage collected" and written over by subsequent transactions. Such processing methods render data deletion, destruction, correction, blocking, or exportation back to Client not feasible due to the nature of the transitory process.

"Personal Information" or "Personal Identifiable Information" is defined as any information that identifies or can be used to identify, contact, or locate a person, Consumer or Data Subject to whom such information pertains. (It may refer to Client Data such as the list of addresses of individuals you are seeking to validate or verify).

"Services" means subscription to or use of Company's software products, APIs, and/or Website.

"Service Provider" refers to us as the Data Processor analyzing Personal Information against our authoritative database to provide you the requested Services.

"Share" or "Sell" means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a Data Subject's or Consumer's Personal Information to another business or a third-party for monetary or other consideration.

"Usage Data" refers to data collected automatically when you access any of our services either through the use of the Service or generated from the infrastructure itself (for example, the duration of a website visit).

ROLES IN DATA PRIVACY

Smarty is identified as a Service Provider or "Data Processor." When you submit a request, Client Data or Personal Information, in your possession or under your control to be verified, we will process such request upon your instructions as the "Data Controller."

Your responsibilities

  • By using our Services, you authorize us to process your Client Data, on your behalf, in accordance with applicable laws and these Terms of Service.
  • As Data Controller, you are responsible to have a lawful basis for requesting processing of any Client Data you submit to us.
  • As Data Controller, you are responsible to maximize the security of your Client Data by not submitting unnecessary personal information such as name, age, sex, etc., and you agree to indemnify us of privacy violation claims if you do.
  • The Client Data you submit must be adequate and relevant but not excessive for location validation and verification purposes. (Only address information is needed).
  • Contact us if you need Enhanced Data Privacy or need us to enter into a Data Privacy Agreement (DPA) with you.

Our responsibilities

  • We pledge to collaborate with you to meet your compliance obligations.
  • We will not Sell or Share your Client Data or Client Account Information with any non-affiliated third-party entities unless legally mandated by a court order.
  • We minimize all security risks by encrypting all Client Data you submit to our API in transit and at rest.
  • We maintain appropriate administrative and physical security measures to protect against unauthorized access or accidental or unlawful destruction, loss, alteration or disclosure of your data. We are compliant with the American Institute of CPAs (AICPA)'s Service Organization Controls ("SOC"). A SOC type II report is available upon request.
  • We have expounded how we manage and protect your Client Data in our Approach to Security.

WHAT WE COLLECT

When you use our website, sign up for our services, and use our software or platform, we collect the following information:

Contact Information: If you use the contact information provided on the smarty.com website to contact us directly, you agree to allow us to store and process your contact information. We will receive your contact information which may include, depending on how you contact us, your email address, name, company name, job title, the reason for contacting, and postal address.

Cookies: From the moment you interact with our website, we are collecting Cookies which allows us to better serve your needs. We issue cookies unless you adjust your browser settings to refuse cookies. The type of cookies we collect automatically may include, but is not limited to, the type of device and unique ID, the IP address of your device, your operating system, the type of Internet browser you use, and other diagnostic data.

Financial Information: We use third-party payment processors to process payments made to us. In connection with the processing of such payments, we do not retain any financial information such as credit card numbers. Rather, all such information is provided directly to our third-party processors. Our third-party processors currently include Stripe, and Stripe's privacy policy can be viewed at https://stripe.com/us/privacy.

WHEN AND HOW WE COLLECT DATA

As a visitor, you can engage in many activities prior to providing any Client Account Information. When and how we use your data depends on whether you provide expressed or implied consent by accepting our Cookie Policy. Cookies help us recognize you when you return to our site so we can provide a tailored service. These cookies may be 'session' cookies, meaning they delete themselves when you leave our website, or 'persistent' cookies, which do not delete themselves.

In connection with other Website activities, subscription to our services, or utilization of our online software applications, the Company may require you to provide more detailed Client Account Information about yourself such as your name, address, email, telephone number, and credit card information solely in the interest of identifying you as our Client; invoicing you; delivering service; providing customer support; and/or promoting any available updated products. We strive to provide and uphold all users rights as governed under applicable law.

USE OF CLIENT DATA

Company may aggregate and filter submitted address information into de-identified and anonymized batches so that it no longer reflects or references an identifiable natural person for the purpose of creating statistical summaries, for benchmarking, and for use in research and development to create, refine, and improve Company products and services.

USE OF CLIENT ACCOUNT INFORMATION

We will only use Client Account Information and Client Data where we have a legal basis to do so which includes:

  • Consent: By accessing, utilizing, or subscribing to our services online, you agree to our Terms of Services and authorize us to process Client Data and charge processing to you according to the Client Account Information we have collected from you. If you change your mind, you can cancel your account or stop using our Services at any time.
  • Contract: As an alternative to agreeing to our Standard Terms of Service you may enter into a customized DPA or Master Service Agreement with us to process Client Data. The legal terms of that agreement shall supersede and govern our legal basis.
  • Legitimate interests: Our legitimate interests in using your data may include: (i) gaining insights from your interactions with our Services; (ii) delivering, developing and improving our Services to you; (iii) enabling us to enhance, customize or modify our Services and communication; (iv) determining whether marketing campaigns are effective; and (v) enhancing our data security.
  • Mergers and acquisitions: If the Company sells assets (or the assets of a division or subsidiary) to another entity, or the Company (or a division or subsidiary) is acquired by or merged with another entity, the Company may provide Client Account Information that is related to that part of our business that was sold or merged with the other entity without your consent.

HOW WE USE YOUR CLIENT ACCOUNT INFORMATION

We will only use Client Account Information:

  • To contact you: Your name, address, telephone number, email address.
  • To create an account: Your subscription may require you to enter financial information such as credit/debit card details to be submitted to our third-party banking provider.
  • To verify your identity: Your IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version.
  • To help support and maintain use of our Service: Your URL clickstreams, products/services viewed, page response times, download errors, how long you stay on our pages, what you do on those pages, how often, and other actions.
  • To provide you with: news, special offers, and general information about other products and services or events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.

HOW SECURE IS THE DATA WE COLLECT?

We maintain industry standards in physical, electronic, and managerial procedures to safeguard and secure all information we collect. For more information on our efforts to ensure your data is secure, please see our Approach to Security document.

WHAT ABOUT REALLY SENSITIVE DATA?

We don't collect any "sensitive data" in regards to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, data about sexual life or orientation, and or any alleged legal offenses.

WHAT ABOUT CHILDREN?

Our Service is directed to and intended for use by those who are 13 years of age or over. We do not target or market to children nor knowingly collect any from anyone under 18 years of age. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us.

RETENTION OF DATA

The Company will retain Client Account Information we collect through our website for the purposes set forth in this Privacy Policy, and to provide information regarding our products and services, or for marketing and promotions we believe you may find of interest. We also may use the information you provide for our internal purposes, such as website customization, enhancement or development, administration and operation of our websites, data analytics, and compliance with our legal obligations, policies and procedures, including performance of Smarty's obligations under sales contracts, leases or licenses. The Company may also retain aggregate data for internal analysis purposes. Such retention may be necessary to troubleshoot and analyze user problems or to verify and improve the functionality of the Services we provide you.

We will log all data for the period necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or allowed by law; or to otherwise fulfill a legal obligation, resolve disputes, and/or enforce our legal agreements and policies.

YOUR RIGHTS UNDER CCPA

The California Consumer Privacy Act ("CCPA") takes effect on January 1, 2020. It provisions that a resident of California ("consumer") has certain rights to their personal information. "Personal information" means information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household. Personal information does not include publicly available information, which is information lawfully made available from federal, state, or local government records. See further: CA CIV CODE 1798.140, subsections (g) and (o).

Under this Privacy Policy and by applicable law, if you are a resident of California, you have the following rights to:

  • Obtain data notices. Categories, sources, and purposes for what kind of data is being collected is found in this Privacy Policy and our Cookie Policy.
  • Access or request information. You may request and obtain information regarding the disclosure of your Client Account Information that has been collected in the past 12 months by the Company.
  • Say "no" to the selling of your Client Account Information or Client Data. We do not Share or Sell your personal data, Client Information, or Client Data. You can request to be removed from receiving direct marketing from us or our affiliates.
  • Request to transfer, delete, or return Client Account Information. Granted to the extent not excluded by applicable law. The Company is not required to comply with a Client's request to delete the Client's personal information if it is necessary for the business or service provider to maintain the Client's account information in order to:
    • Complete the transaction for which the personal information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business's ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer.
    • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity;
    • To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer's relationship with the business; Comply with a legal obligation;
    • Or a number of other enumerated exceptions. See: CA CIV CODE 1798.105
  • Not be discriminated against. The Company will not impose different levels of pricing or quality of available services based solely on your exercise of these rights.

GDPR PRIVACY RIGHTS

If you are Client within the EU, you may exercise the following GDPR privacy rights by sending us an email at support@smarty.com or calling our customer support team at 877-216-8883. You have the right to:

  • Request access to your Client Account Information. The right allows you to access, review, or correct inaccurate data on your profile page. Our website offers a self-service ability to correct or update information by logging into your account. When accessing or updating your account, we may ask you to verify your identity before we act on your request. Please note that we may reject requests, or limit the information we provide access to, if we determine it could risk the privacy of others or if unreasonable or repetitive, or if it would require disproportionate effort. As permitted by law, we may charge a reasonable fee for providing access to Client Account Information, but we do not charge for lodging a request for access. If you would like to make a request you may contact us.
  • Object to your Client Account Information being used for direct marketing purposes. You can opt out from marketing anytime by contacting us.
  • Request erasure of your Client Account Information. You have the right to ask Us to delete or remove your Client Account Information when there is no legitimate reason for us to retain it. You can do this by asking us to "cancel your subscription," or render your account "deleted." You will be required to verify your identity before we are able to fulfill your request. You can designate an authorized agent to make a request on your behalf. To do so, you will need to provide a written authorization or power of attorney signed by you for the agent to act on your behalf.
  • Request the transfer of your Client Account Information. Please note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Change your mind and withdraw your consent. You have the right to withdraw your consent for using your Client Account Information or process Client Data. If you withdraw your consent, we will not be able to provide you Services.
  • Browse incognito. If you choose to do this, you may continue to use the demo page of our website and browse its pages, however, certain Services on our website may not work effectively.
  • Turn off cookies in your browser by changing its settings. You can block tracking by activating a setting on your browser allowing you to refuse cookies. You can also delete cookies through your browser settings, however, certain Services on our website may not work effectively.

CHANGES IN OUR PRIVACY POLICY

The Company reserves the right to change the Privacy Policy from time to time at its sole discretion, and will provide notice to our customers of material changes. You will be deemed to have been made aware of, and will be subject to, the changes to the Privacy Policy by your continued use of our Website after such notice has been posted.

This Cookie Policy is incorporated as part of this Privacy Policy and our Terms of Service. We reserve the right to vary this policy from time to time, and such changes shall become effective as soon as they are posted on this website.

We use cookies to improve your experience on our website and to show you relevant advertising. We issue cookies unless you adjust your browser settings to refuse cookies. The type of cookies we collect automatically may include, but is not limited to, the type of device and unique ID, the IP address of your device, your operating system, the type of Internet browser you use, and other diagnostic data.

What are cookies?

Cookies are small text files which are downloaded to your computer, tablet, or mobile phone when you visit a website or application. The website or application may retrieve these cookies from your web browser (e.g., Internet Explorer, Mozilla Firefox, or Google Chrome) each time you visit, so they can recognize you, remember your preferences, and provide you with a more secure online experience.

Generally, cookies are very useful and are a common method used by almost every website you visit because they help to make your online experience as smooth as possible. For security reasons, many websites will not function at all without the use of cookies (or other similar technologies, such as "web beacons" or "tags"). Cookies do not hold any information to identify an individual person, but are instead used to identify a browser on an individual machine.

If you prefer, you can restrict, block, or delete cookies by changing your browser settings, but that may mean that our website won't work properly.

For more information about managing cookies visit: https://us.norton.com/internetsecurity-privacy-how-to-clear-cookies.html.

Types of cookies

Necessary cookies: These cookies are essential in helping you to make use of the features and services we offer on the website. Without these cookies, the services you want to use cannot be provided. These cookies do not gather information about you that could be used to identify you, and they do not monitor or remember where you have been on the Internet.

Functional cookies: These cookies allow us to provide you with a better online experience when you use our website. They do not gather or store any information which would allow us to identify you personally.

Performance cookies: Performance cookies help us to understand how our customers use our site, so we can keep our products and services relevant, easy to use, and up to date. For example, we can see which products and services are most popular, identify when and where errors occur, and test different versions of a page in order to provide an improved online experience.

Targeting cookies: Sometimes, the services we use to collect this information may be operated by other companies on our behalf. They may use similar technologies to cookies, known as "web beacons" or "tags." These are anonymous and, as they are only used for statistical purposes, they do not contain or collect any information that identifies you.

We have relationships with carefully selected and monitored suppliers (third parties) who may also set cookies during your visit. The purpose of these cookies is "behavioral advertising" (also known as "behavioral targeting" or "remarketing"), which is a means of showing you relevant products and services based on what you appear to be interested in. Although these cookies can track your visits around the web they don't know who you are. Without these cookies, online advertisements you encounter will be less relevant to you and your interests.

Managing cookies: Most internet browsers allow you to erase cookies from your computer hard drive, block all cookies (or just third-party cookies), or warn you before a cookie is stored on your device.

Please note, if you choose to block all cookies, our site may not function as intended and you might not be able to use or access all of the services we provide. If you have blocked all cookies and wish to make full use of the features and services we offer, you will need to enable your cookies. You can do this in your browser (see below).

Rather than blocking all cookies, you can choose to only block third-party cookies which will still allow our website to function as intended.

How to manage cookies on your browser

To manage cookies within your browser, follow the steps outlined in this site: https://us.norton.com/internetsecurity-privacy-how-to-clear-cookies.html

Third-party cookies

The following table lists the third-party cookies and their function on our sites. Please note that the names of cookies, pixels, and other technologies may be subject to change at any time.

Cookie Name Description Category
__hstc HelpScout chat client Communication
__fbp Facebook Targeting
__hssrc HelpScout chat client Communication
_gat Google Analytics Analytics
_gid Google Analytics Analytics
_ga Google Analytics Analytics
_gcl_au Google Ads Targeting
_hssc HelpScout chat client Communication
hubspotutk HubSpot Analytics
_hssrc Smarty Functional

Updated: September 14, 2020

Ready to get started?