TUNE Privacy Policy
Last modified: November 21, 2024
Introduction
TUNE, Inc. (“Company,” “Us,” “Our,” or “We”) respects Your privacy and is committed to protecting it through Our compliance with this Privacy Policy. Please read this Privacy Policy carefully to understand Our policies and practices regarding the Personal Information We collect from You, how We use it, how We share it, Your rights and choices with respect to Your Personal Information, and how You can contact Us about Our privacy practices.
This Privacy Policy applies to Personal Information We collect about You from various sources, as further described in the “Personal Information We Collect and How We Collect It” section below.
Definitions
“Affiliate” means any entity that now or hereafter (i) directly or indirectly owns or controls, is owned or controlled by, or is under common ownership or control with a Us, and (ii) is under common management with Us.
“B2B Representative” refers to individuals who work for or on behalf of a B2B Party, or in the event that the B2B Party is a sole proprietorship, the B2B Representative is the sole proprietor.
“End User” means individuals who do business with, or otherwise interact with, a B2B Party but who are not doing business with Us directly.
“Personal Information” means any information that identifies or relates to an individual or can be used in conjunction with other information to identify an individual, whether such information is explicitly regulated by applicable law or otherwise.
“Processing” means any operation or set of operations which is performed on Personal Information, encompassing the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction or erasure of Personal Information. The terms “Process”, “Processes” and “Processed” will be construed accordingly.
“Product(s)” means the products and services that We offer, including, but not limited to, software, software-as-a-service, support/maintenance, professional services, and hosting services.
“Vendor” means an individual or legal entity that Processes Your Personal Information on behalf of Company.
“Visitor” means (i) any individual that visits the Website, including a B2B Representative or End User, provided that a B2B Representative or End User that visits the Website shall only be deemed a Visitor with respect to their activities while visiting the Website, or (ii) anyone that otherwise communicates with the Company that is not a B2B Representative or End User.
“Website” means any publicly accessible website hosted by or on behalf of the Company which is not part of a Product.
“You” and “Your” mean B2B Party, B2B Representative, End User, or Visitor, depending on the context as further explained in this Privacy Policy, and if there is no context which specifically identifies any of the foregoing, then “You” or “Your” means all of the foregoing collectively.
Scope, Generally (Controller vs. Processor)
Our Role as a Processor
Generally speaking and without regard to any particular definition under applicable law, We are a data processor (“Processor”) when We do not determine the purpose and means of Processing the Personal Data of B2B Representatives and End Users, and We only Process that Personal Information in accordance with the specific instructions of a B2B Party, as is the case when We Process Personal Information only as necessary to provide Our Products to a B2B Party. We receive instructions from B2B Parties through agreements We have with those B2B Parties, including any ancillary data privacy agreements or addenda (collectively a “B2B Agreement”). This Privacy Policy does not apply when We Process Personal Information as a Processor.
When You are a B2B Party and We act as a Processor with respect to the Personal Information that We receive from You or on Your behalf, You alone are responsible for providing appropriate privacy notices and disclosures to Your B2B Representatives and End Users with respect to Your Processing of their Personal Information. You cannot rely on this Privacy Policy as a means for satisfying Your privacy notice and disclosure obligations.
When You are a B2B Representative or an End User and We act as a Processor with respect to Your Personal Information, the B2B Party with whom You have a relationship is responsible for providing appropriate notices and disclosures to You about how they Process Your Personal Information and You must refer to that B2B Party’s privacy policy or other notices for information regarding their privacy practices, Your rights, and how You exercise those rights.
Our Role as a Controller
Generally speaking and without regard to any particular definition under applicable law, We are a data controller (“Controller”) when We determine the purpose and means of Processing the Personal Information of B2B Representatives, as is the case when a B2B Party permits Us to Process that Personal Information in ways that relate to Our Products but are not strictly necessary in order to perform those Products. This Privacy Policy only applies when We Process Personal Information as a Controller.
When You are a B2B Party and We act as a Controller with respect to the Personal Information that We receive from You or on Your behalf pursuant to a B2B Agreement, We are responsible for providing appropriate privacy notices and disclosures to Your B2B Representatives with respect to Our Processing of their Personal Information as a Controller. However, pursuant to the B2B Agreement, You agree to comply with all applicable laws, including those which may require You to provide notice to or gain consent from Your B2B Representatives prior to giving Us permission to Process that Personal Information as a Controller. Specifically, You and Your legal advisors should consider whether You need to list Us in Your privacy policy and notify Your B2B Representatives of Our privacy practices by linking to this Privacy Policy.
When You are a B2B Representative and We act as a Controller with respect to Your Personal Information, this Privacy Policy describes Our privacy practices, including the Personal Information We collect from You, how We use it, how We share it, Your rights and choices, and how You can contact Us about Our privacy practices. However, as mentioned in the “Our Role as a Processor” section above, You must refer to the privacy notices and disclosures of the B2B Party with whom You have a relationship for more information regarding that B2B Party’s privacy practices, including any notices or disclosures with respect to that B2B Party’s transfer of Your Personal Data to Us for Our Processing as a Controller.
When You are a Visitor, We are a Controller with respect to Your Personal Information. We Process Your Personal Information in accordance with this Privacy Policy and any other agreement We may have directly with You. This Privacy Policy describes Our privacy practices, including the Personal Information We collect from You, how We use it, how We share it, Your rights and choices, and how You can contact Us about Our privacy practices.
Part A: Information for All Individuals (subject to applicable law, where stated)
For B2B Representatives
When You are a B2B Representative, We collect the following Personal Information about You from the following sources:
|
Categories and Types of Personal Information We Collect |
Sources From Which We Collect Your Personal Information |
|
Identifiers, including real name, a postal address, an email address, IP address, telephone number, and login credentials |
|
|
Financial Information, including bank account number, credit card number, or debit card number |
|
|
Commercial information, including records of products or services purchased, obtained, or considered |
|
|
Internet or other similar network activity, including information on a Your interaction with the Website |
|
|
Geolocation data, including imprecise physical location derived from IP address and/or wifi networks |
|
|
Professional or employment-related information, including records of job title, employer information, and current employment status |
For End Users
We are not a Controller with respect to any End User Personal Information.
For Visitors
When You are a Visitor, We collect the following Personal Information about You from the following sources:
|
Categories and Types of Personal Information We Collect |
Sources From Which We Collect Your Personal Information |
|
Identifiers, including name, email address, telephone number, and IP address |
|
|
Internet or other similar network activity, including browsing history, search history, or information on Your interaction with the Website, including length of visit, number of page views, and search queries You make on the Website |
|
|
Geolocation data, including imprecise physical location derived from IP address and/or wifi networks |
How We Use and Disclose Your Personal Information
For B2B Representatives
When You are a B2B Representative, We Process Your Personal Information described below for the following purposes and based on the following legal bases:
|
Categories and Types of Personal Information |
Purpose for Processing |
Legal Bases |
|
Identifiers, including real name, a postal address, an email address, IP address, telephone number, and login credentials · |
|
|
|
|
|
|
Financial Information, including bank account number, credit card number, or debit card number |
|
|
|
|
|
|
Commercial information, including records of products or services purchased, obtained, or considered |
|
|
|
Internet or other similar network activity, including browsing history, search history, information on a consumer’s interaction with the Products |
|
|
|
Geolocation data, including imprecise physical location derived from IP address and/or wifi networks |
|
|
|
Professional or employment-related information, including job title and company information |
|
|
When You are a B2B Representative, We disclose Your Personal Information described below to the following categories of third-parties and for the following purposes:
|
Categories and Types of Personal Information |
Categories of Parties to Whom We Disclose the Information |
Purpose for Disclosing |
|
Identifiers, including real name, a postal address, an email address, IP address, and telephone number |
|
|
|
|
|
|
Financial Information, including bank account number, credit card number, or debit card number |
|
|
|
Internet or other similar network activity, including browsing history, search history, information on a consumer’s interaction with the Website or advertisement |
|
|
|
Geolocation data, including imprecise physical location derived from IP address and/or wifi networks |
|
|
|
Professional or employment-related information, including job title and company information |
|
|
For End Users
We are not a Controller with respect to any End User Personal Information.
For Visitors
When You are a Visitor, We Process Your Personal Information described below for the following purposes and based on the following legal bases:
|
Categories and Types of Personal Information |
Purpose for Processing |
Legal Bases |
|
Identifiers, including a real name, IP address, email address, and telephone number |
|
|
|
|
|
|
Internet or other similar network activity, including browsing history, search history, information on a consumer’s interaction with the Website or advertisement |
|
|
|
|
|
|
Geolocation data, including imprecise physical location derived from IP address and/or wifi networks |
|
|
|
Commercial information, including records of products or services purchased, obtained, or considered |
|
|
When You are a Visitor, We disclose Your Personal Information described below to the following categories of third-parties and for the following purposes:
|
Categories and Types of Personal Information |
Categories of Parties to Whom We Disclose the Information |
Purpose for Disclosing |
|
Identifiers, including a real name, IP address and email address |
|
|
|
|
|
|
Internet or other similar network activity, including browsing history, search history, information on a consumer’s interaction with the Website or advertisement |
|
|
|
· Geolocation data, including imprecise physical location derived from IP address and/or wifi networks |
|
|
Aggregated, Deidentified, and Anonymized Data
We create aggregated, deidentified, or anonymized data derived from Our use of Your Personal Information, and such data can be used by Us as permitted by applicable laws and regulations. We will not attempt to re-identify the data.
Other Purposes for Processing and Disclosing Your Personal Information
We may also Process and disclose Your Personal Information:
- To competent public authority, government, regulatory or fiscal agency where it is necessary to comply with any court order, law, or legal process, including to respond to any government or regulatory request.
- To enforce or exercise Our rights under any agreement which governs Your relationship with Us, including Our rights under any such agreements that may be exercised for billing and collection purposes.
- If We believe disclosure is necessary or appropriate to protect Our rights, property, or safety, Our customers, or others. This may include the exchange of information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
- Subject to some restrictions under applicable laws, We may transfer, whether for consideration or otherwise, Your Personal Information as an asset that is part of a bankruptcy, merger, or other similar transaction involving all or any portion of Our business. Any such transfer does not affect Your rights under any applicable laws.
No telephone or SMS information will be shared with third parties or Affiliates for their own marketing/promotional purposes. All the above disclosures exclude text messaging originator opt-in data and consent, which will not be shared with any third parties. We will only send SMS/telephone communications when We have the appropriate consent to do so or as otherwise permitted by law.
Information We Collect Through Automatic Data Collection Technologies
As You navigate through and interact with Our Website, We may use automatic data collection technologies to collect certain information about Your equipment, browsing actions, and patterns, including:
- Information about your estimated location as may be determined from the IP Address;
- Information about the device you are using, such as:
- Internet Protocol (or IP) address, protocol and sequence information;
- Browser language and type; and
- Hardware model, operating system, application version number, device or browser data;
- Domain name system requests;
- Browsing history, time spent at a domain, time and date of your visit, number of clicks, or location data; and
- HTTP headers, application client and server banners.
The information We collect automatically does, in some cases, include Personal Information, or We may maintain it or associate it with Personal Information We collect in other ways or receive from third parties. These activities help Us improve Our Website and Products and deliver a better and more personalized experience, including by enabling Us to:
- Estimate Our audience size and usage patterns;
- Store information about Your preferences, allowing Us to customize Our Website according to Your individual interests; and
- Recognize You when You return to Our Website.
The technologies We use for this automatic data collection may include:
- Cookieless Tracking Technology. When You visit Our Website, Our Website runs a script that stores information about how You interact with the Website. The script only runs while You are visiting the Website, and will not persist when You leave the Website.
- Cookies. When You visit Our Website, a “cookie” may be sent to Your computer. A cookie is a small piece of data that is sent to Your Internet browser from a web server and stored on your computer’s hard drive. When You visit the Website again, the cookie allows the Website to recognize Your computer. Cookies may store user preferences and other information to assist Your navigation between pages efficiently, remember preferences, and improve the user experience. You can choose whether to accept cookies by changing Your Internet browser settings, which may impair or limit some functionality of the Website.
- Cookies can be “persistent” or “session” cookies. Persistent cookies remain on Your personal computer or mobile device when You go offline, while session cookies are deleted as soon as You close Your web browser.
- We use first party cookies, which are cookies that We place on Your device ourselves, and third party cookies, which are cookies that We allow third parties to place on Your device.
In some cases, You may also block the use of non-essential cookies altogether using cookie management technology available to You when you visit the Website. You may also leverage any of the methods identified in the “Exercising Your Rights” section below in order to opt-out of certain cookies.
Google Cookies and Tracking Technologies
Google Analytics
We use Google Analytics to track information about how You interact with Our Website and Products so that We can make improvements. We also use analytics cookies to test pages, features or new functionality of the Website and Products to see how Our users react to them.
In order to collect this information, Google Analytics may set cookies on Your browser or mobile device, or read cookies that are already there. Google Analytics may also receive information about You from apps You have downloaded, that partner with Google. We do not combine the information collected through the use of Google Analytics with Personal Information. Click https://policies.google.com/technologies/partner-sites to learn about how to control information used by Google Analytics. Google’s ability to use and share information collected by Google Analytics about Your visits to the Website to another application which partners with Google is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. Please review those and see https://policies.google.com/privacy or information about how Google uses the information provided to Google Analytics and how You can control the information provided to Google. Please also visit https://tools.google.com/dlpage/gaoptout/ for information about a Google Analytics opt-out browser add-on.
As mentioned previously, in some cases, You may also block the use of non-essential cookies altogether using cookie management technology available to You when you visit the Website. You may also leverage any of the methods identified in the “Exercising Your Rights” section below in order to opt-out of certain cookies.
Third-Party Use of Cookies and Other Tracking Technologies
Our website may contain content from and links to other sites that are operated by third parties that may use cookies. We do not control these third-party sites or cookies and this Privacy Policy does not apply to them. Please consult the terms and conditions and Privacy Policy of the relevant third-party site to find out how that site collects and uses Your information and to establish whether and for what purpose they use those cookies. If You are unclear who the responsible third party is, You can contact Us using any of the methods identified in the “Exercising Your Rights” section below.
Data Privacy Framework and International Data Transfers
In order to carry out the Processing activities described above, We may make use of subcontractors that act on Our behalf as Processors. These subcontractors will be contractually obligated by Us to Process Your Personal Information only in accordance with Our instructions, only for the purposes described above, and only for the period of time necessary to preform those purposes.
In some cases, these subcontractors may be located outside of the data privacy jurisdiction in which You reside. In the event such international data transfers are necessary, Company complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) (collectively, the “DPF”) as set forth by the U.S. Department of Commerce. Company has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the Processing of Personal Information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Company has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the Processing of Personal Information received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the aforementioned Principles shall govern. To learn more about the Data Privacy Framework program, and to view Our certification, please visit https://www.dataprivacyframework.gov. In certain situations, We may be required to disclose Personal Information in response to lawful requests from law enforcement and national security authorities of that jurisdiction, such as when disclosure is required to meet national security or law enforcement requirements.
In compliance with the DPF, Company commits to resolve DPF Principles-related complaints about Our collection and use of Your Personal Information. EU, UK, and Swiss individuals with inquiries or complaints regarding Our handling of Personal Information received in reliance on the DPF should first contact Us using the Contact Information provided at the end of this Privacy Policy. In compliance with the DPF, Company commits to refer unresolved complaints concerning Our handling of Personal Information received in reliance on the DPF to TRUSTe, an alternative dispute resolution provider based in the United States with operations globally. If You do not receive timely acknowledgment of Your DPF Principles-related complaint from Us, or if We have not addressed Your DPF Principles-related complaint to Your satisfaction, please visit https://feedback-form.truste.com/watchdog/request for more information or to file a complaint. The services of TRUSTe are provided at no cost to You. In some cases, the DPF gives You the right to pursue binding arbitration. You can do this to resolve complaints not resolved by Us or Our third-party dispute resolution provider, as described in Annex I to the DPF.
The Federal Trade Commission has jurisdiction over Company’s compliance with the DPF. In accordance with the DPF, Company is also liable for onward transfers to third parties that Process Personal Information in a way that does not follow the DPF unless Company was not responsible for the event giving rise to any alleged damage.
For questions or comments about Our practices with respect to international data transfers, please refer to the “Contact Information” section at the end of this Privacy Policy.
Consequences of Not Providing Your Personal Information
You have the right to withhold Your consent for Us to Process Your Personal Information. Personal Information gathered by Us for the purposes defined in this Privacy Policy may be required by Us, either directly or indirectly, in order for Us maintain a relationship with You; therefore, Your failure to provide Us with Your Personal Information may negatively affect Our ability to:
- Provide the Products to You and fulfill Our contractual obligations with You;
- Fulfill legal requirements;
- Enter into a contract with related parties and continuing to contract with those related parties; or
- Maintain contact with You.
Data Security and Storage
We have implemented technical, administrative, and physical security measures that are designed to protect Your Personal Information from unauthorized access, disclosure, use, and modification. Such measures include the encryption of sensitive information. We regularly review Our security procedures to consider appropriate new technology and methods. Even so, please be aware that no security measure is perfect. Thus, We cannot guarantee the security of Your Personal information at all times. You should always be vigilant when it comes to the protection of Your Personal Information.
Retention Period
Subject to any opt-out rights You may have and all applicable laws, We retain Your Personal Information for only as long as reasonably necessary to carry out the purposes for which We originally collected it, as set forth in this Privacy Policy. Notwithstanding the foregoing, we may continue to retain Your Personal Information to comply with our legal and regulatory obligations; to enable fraud monitoring, detection and loss prevention activities; to comply with our tax, accounting, and financial reporting obligations; and where required by our contractual commitments to third-parties. The retention period may also depend on the terms of any B2B Agreement we have with a B2B Party.
Children Under the Age of 16
Our Website and Products are not intended for children under 16 years of age. You may not knowingly or unknowingly provide Us Personal Information of minors under 16 years of age through Your use of the Website or Products. We do not knowingly collect Personal Information from children under 16. We do not sell or share Personal Information of children under age 16. No one under age 16 may provide any Personal Information to Us. If You are under 16, do not use or provide any Personal Information on Our Website or through Our Products. If We learn We have collected or received Personal Information from a child under 16 without verification of parental consent, We will delete that information. If You believe We might have any information from or about a child under 16, please contact Us using the Contact Information provided at the end of this Privacy Policy.
Your Privacy Rights
Depending on Your location and subject to applicable law and certain other limitations, You may have the rights set forth below with respect to Your Personal Information. To exercise any of the following rights, please refer to the “Exercising Your Rights” section at the end of this Privacy Policy.
Right of Access. You have the right to receive confirmation as to whether or not Your Personal Information is being Processed, and, where that is the case, access to and a copy of that Personal Information.
Right of Rectification. You have the right to request that We correct or update Your Personal Information that is inaccurate, incomplete or outdated.
Right to Erasure. You have the right to request the deletion of Your Personal Information in certain circumstances (but only where they are no longer required for a legitimate business purpose or required by law).
Right to Opt-Out of Direct Marketing and Targeted Advertising. To the extent that We Process Your Personal Information for the purposes of direct marketing or targeted advertising (as those terms are defined by the applicable laws of the jurisdiction in which you reside, but which generally means the display of an advertisement to You based on Personal Information about You obtained or inferred over time from Your activities across nonaffiliate websites, applications, or online applications), or to the extent that we provide Your Personal Information to others for those purposes, you have the right to opt-out of that activity.
Right to Opt-Out of the Sale of Personal Information. To the extent that We sell Your Personal Information (as that term is defined by the applicable laws of the jurisdiction in which you reside), You have the right to opt-out of that activity.
Right to Opt-Out of Automated Profiling. You have a right to opt out of any automated Processing of Your Personal Information, including for profiling purposes (as those terms are defined by the applicable laws of the jurisdiction in which You reside, and subject), but only to the extent that such Processing activities are used to make decisions which produce legal effects, or similarly significant effects, that affect You.
Right to Restrict Processing. You have the right to restrict the Processing of Your Personal Information in certain circumstances, such as when We consider another request that You have submitted.
Right to Object. In certain circumstances, You have the right to object to the Processing of Your Personal Information where the Processing is necessary for performance of a task carried out in the public interest, for Our legitimate interests, or for the legitimate interests of others. You also have the right to object where Personal Information is Processed for direct marketing purposes or for scientific or historical research purposes or statistical purposes.
Right to Data Portability. In certain circumstances, You have the right to receive Your Personal Information in a structured, commonly used, machine-readable and interoperable format and have the right to transmit that Personal Information to another organization.
Right to Withdraw Consent. In those cases where Processing is based on consent, and subject to applicable local law which provides otherwise, You have the right to withdraw Your consent at any time. This will not affect the validity of the Processing prior to the withdrawal of consent.
Right to Complain. If You believe We have not Processed Your Personal Information in accordance with applicable law, You may file a compliant with Us using the mechanisms provided for in the “Exercising Your Rights” section at the end of this Privacy Policy. If you are a resident of the EU or the UK, You may also have the right to make a complaint to an applicable Supervisory Authority or seek a remedy through the courts. A list of Supervisory Authorities for residents of the EU or EEA is available at: https://edpb.europa.eu/about-edpb/board/members_en. For residents of the UK, the Information Commissioner’s Office may be reached at: https://ico.org.uk/your-data-matters/.
Right to Appeal. You have the right to appeal any decision made by a Us regarding Your privacy rights identified in this section. To submit an appeal, you may contact Us using the information contained in the “Contact Information” section below.
Right to Correct. You have the right to request the correction of any inaccuracies in the Personal Information We hold about You, subject to certain limitations.
Promotional Offers from the Company. You have the right to opt-out of Our use of your contact information to promote Our own or third parties’ products or services. This opt out does not apply to information provided to Us as a result of a product purchase, warranty registration, product service experience or other transactions.
Part B: Additional Information for Residents of Particular Jurisdictions
Information for Residents of All “US Privacy Law States” (as hereinafter defined)
If You are a resident of California, Colorado, Connecticut, Montana, Oregon, Texas, Utah, and Virginia (each a “US Privacy Law State”), We Process Your Personal Information in accordance with the state privacy law that is applicable in Your US Privacy Law State, which is one of the following:
- In California: the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act (the “CCPA”);
- In Colorado: the Colorado Privacy Act (the “CoPA”);
- In Connecticut: the Connecticut Personal Data Privacy and Online Monitoring Act (the “CPDP”);
- In Montana: the Montana Consumer Data Privacy Act (the “MCDPA”);
- In Oregon: the Oregon Consumer Privacy Act (the “OCPA”);
- In Texas: the Texas Data Privacy and Security Act (the “TDPSA”);
- In Utah: the Utah Consumer Privacy Act (the “UCPA”); and
- In Virginia: the Virginia Consumer Data Protection Act (the “VCDPA”).
If You are a resident of any one of the US Privacy Law States, then this “Information for Residents of All US Privacy Law States” section discloses Our privacy practices and Your rights as a resident of any one of those US Privacy Law States. The disclosures in this section are in addition to those disclosures set forth in (i) Part A of this Privacy Policy, and (ii) for California residents, the “Supplemental Information for California Residents” section of this Privacy Policy below. To the extent that anything in Part B of this Privacy Policy conflicts with anything in Part A of this Privacy Policy, the conflicting content in Part B shall take precedence.
Sale of Personal Information
We do not sell Your Personal Information.
A transfer, whether for consideration or otherwise, of Your Personal Information as an asset that is part of a bankruptcy, merger, or other similar transaction involving all or any portion of Our business is not a “sale” under the laws of US Privacy Law States.
Targeted Advertising / Cross-Context Behavioral Advertising
Generally speaking, “targeted advertising” and “cross-context behavioral advertising” are defined under the applicable laws of US Privacy Law States as the display of an advertisement to You based on Personal Information about You obtained or inferred over time from Your activities across nonaffiliate websites, applications, or online applications.
We do not share Your Personal Information with third parties for targeted advertising or cross-context behavioral advertising. Additionally, We do not Process Personal Information for Our own targeted advertising or cross-context behavioral advertising purposes.
Your Rights as a Resident of a US Privacy Law State
As an individual residing in a US Privacy Law State, You have the rights set forth below with respect Our use and disclosure of Your Personal Information, subject to some limitations as set forth in the laws of those US Privacy Law States. To exercise any of the following rights, please refer to the “Exercising Your Rights” section at the end of this Privacy Policy.
Right to Know and Data Portability. You have a right to request additional information about the categories of Personal Information collected, sold, disclosed, or shared; purposes for which this Personal Information was collected, sold, disclosed, or shared; categories of sources of Personal Information; and categories of third parties with whom We disclosed or shared this Personal Information. You have a right to receive this information in a portable and, to the extent technically feasible, in a readily useable format that allows You to transmit this information to another entity without hindrance.
Right to Opt-Out of Our Sale of Your Personal Information. To the extent that the “Sale of Personal Information” section above indicates that We sell Your Personal Information, You have a right to opt-out of those sales. As stated above, to exercise this right to opt-out, please refer to the “Exercising Your Rights” section at the end of this Privacy Policy.
Right to Opt-Out of Our Sharing or Use of Your Personal Information for Targeted Advertising or Cross-Context Behavioral Advertising. To the extent that the “Targeted Advertising / Cross-Context Behavioral Advertising” section above indicates that share or use Your Personal Information for either of those activities, You have a right to opt-out of those activities. As stated above, to exercise this right to opt-out, please refer to the “Exercising Your Rights” section at the end of this Privacy Policy.
Right to Withdraw Consent to Use Sensitive Personal Information. To the extent that the “Personal Information We Collect and How We Collect It” section above indicates that We use Your Sensitive Personal Information, You have a right to withdraw Your consent to allow Us to use that Sensitive Personal Information. As stated above, to exercise this right to opt-out, please refer to the “Exercising Your Rights” section at the end of this Privacy Policy.
Right to Deletion. You have the right to request the deletion of Your Personal Information, subject to certain limitations.
Right to Correct. You have the right to request the correction of any inaccuracies in the Personal Information We hold about You, subject to certain limitations.
Right to Non-Discrimination. We will not discriminate against You for exercising any of Your rights identified in this section of the Privacy Policy. For example, charge You a different price, or provide a different level or quality of goods or services just because You exercised Your rights under this section of the Privacy Policy; however, We may offer You financial incentives that can result in different prices, rates, or quality levels, provided that (i) You provide Your revocable, opt-in consent to participate in such financial incentive programs, (ii) the financial incentives reasonably relate to the value of Your Personal Information, and (iii) We provide written terms that describe the program’s material aspects. Furthermore, there may be situations where Your Personal Information is required by Us, either directly or indirectly, in order for Us maintain a relationship with You. Please refer to the “Consequences of Not Providing Your Personal Information” section in Part A of this Privacy Policy for more information.
Right to Appeal. You have the right to appeal any decision made by a Us regarding Your privacy rights identified in this section.
As a reminder, when You are a B2B Representative or an End User and We act as a Processor with respect to Your Personal Information, the B2B Party with whom You have a relationship is responsible for providing appropriate notices and disclosures to You about how they Process Your Personal Information and You must refer to that B2B Party’s privacy policy or other notices for information regarding their privacy practices, Your rights, and how You exercise those rights.
Supplemental Information for Residents of California
This “Supplemental Information for Residents of California” section applies to natural persons who are California residents. If You are a consumer located in California, We Process Your Personal Information in accordance with the CCPA. The disclosures in this section are in addition to those in (i) Part A of this Privacy Policy and (ii) the “Information for Residents of All US Privacy Law States” section of Part B of this Privacy Policy. To the extent that anything in the preceding items (i) or (ii) conflicts with anything in this “Supplemental Information for California Residents” section, the conflicting content in this section shall take precedence.
Notice at Collection
Categories of Personal Information We Collect. The categories of Personal Information We may collect and have collected about You in the preceding 12 months are: Identifiers, Financial Information, Commercial Information, Internet or other similar network activity, Geolocation data, and Professional or employment-related information. Additional information about each category, along with the sources from which We collected that Personal Information, is contained in the “Personal Information We Collect and How We Collect It” section of this Privacy Policy.
Business Purposes for Collection and Use of Personal Information. The business purposes for which We collect Your Personal Information include: providing and improving Our Products, operating and improving the Website, providing customer services including support and maintenance, sending You marketing and promotional material, and ensuring security and compliance. Further detail about Our business purposes for collecting Your Personal Information, information on why We disclose Your Personal Information, along with the categories of third parties to whom We disclose that Personal Information, is contained in the “How We Use and Disclose Your Personal Information” section of this Privacy Policy.
Commercial Purposes for Collection and Use of Personal Information (Sale and Sharing). We neither sell Your Personal Information nor share it with third parties for cross-context behavioral advertising.
Retention Period of Personal Information. We retain Your Personal Information as set forth in the “Retention Period” section of this Privacy Policy.
Sensitive Personal Information
We Process some sensitive Personal Information; however, pursuant to Cal. Civ. Code § 1798.121(d), this information shall be treated as Personal Information, because the information is being used without the purpose of inferring characteristics about a consumer.
You may ask Us to provide You with a list of the types of Personal Information that We have disclosed during the preceding year to third parties for their direct marketing purposes, and the identity of those third parties. If You are a California resident and would like such a list, please refer to the “Exercising Your Rights” section at the end of this Privacy Policy.
Notice of Financial Incentives
We may offer programs, benefits, and other offerings related to the collection, retention and use of Your Personal Information that may be deemed a “financial incentive” or “price or service difference” under the CCPA. The types of Personal Information collected by Us from You or someone on Your behalf for this purpose includes Identifiers (name, email address, address, and telephone number) and limited Commercial Information (the Products You have purchased or are interested in purchasing). In exchange for that Personal Information, we may grant you or someone on Your behalf a one-time reward, the value of which depends on the agreement We sign with the referred party.
To opt-in to the financial incentive, you must provide a referral through Our referral program. If the party You refer meets the qualifications provided in Our referral program terms of use and enters into an agreement with Us, You are eligible to receive the financial incentive.
There is no obligation to participate in Our offers of financial incentives. You have the right to withdraw from a financial incentive by contacting Us using the methods set forth in the “Exercising Your Rights” section at the end of this Privacy Policy, and we will not discriminate against You for exercising this right. Each financial incentive or price or service difference related to Company’s collection and use of Your Personal Information is based upon Our reasonable, good-faith determination of the estimated value of such Personal Information to Us, taking into account the value of the financial incentive and the anticipated benefit Company may receive.
Your CCPA Rights
As an individual residing in California, You have the rights identified in the “Your Rights as a Resident of a US Privacy Law State” section of this Privacy Policy with respect Our use and disclosure of Your Personal Information.
In addition to those rights, if the “Sensitive Personal Information” section above indicates that We Process Your Sensitive Personal Information for the purpose of inferring characteristics about You, You have the right to limit that particular use of Your Sensitive Personal Information to certain permitted purposes under the CCPA, such as (i) to provide the goods or services reasonably expected by an average consumer who requests those goods or services; (ii) to prevent, detect, and/or investigate security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted Personal Information; (iii) to resist malicious, deceptive, fraudulent, or illegal actions directed at Us and to prosecute those responsible for those actions; (iv) to ensure the physical safety of natural persons; (v) for short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a current interaction with Us; (vi) to perform services on Our behalf; (vii) to verify or maintain the quality or safety of the Products; and/or (viii) for purposes that do not infer characteristics about You.
To exercise any of these rights, please refer to the “Exercising Your Rights” section at the end of this Privacy Policy.
Information for Residents of Delaware
This “Information for Residents of Delaware” section applies to residents of Delaware. We will not share Your Personal Information with nonaffiliated third parties, except as described in this Privacy Policy or as otherwise permitted by law.
Information for Residents of Nevada
This “Information for Residents of Nevada” section applies to residents of Nevada. If You are a resident of Nevada, We Process Your Personal Information in accordance with the “Nevada Privacy of Information Collected on the Internet from Consumers Act.” The disclosures in Part A of this Privacy Policy also apply to residents of Nevada, except in the event that anything in this section conflicts with the sections above, in which case this section shall take precedence. For the sake of clarity, the disclosures in the “Information for Residents of All US Privacy Law States” do not apply to residents of Nevada.
Nevada residents have the right to request that We do not sell certain Personal Information to select third parties for monetary consideration, even if their Personal Information is not currently being sold. To exercise this right, please refer to the “Exercising Your Rights” section at the end of this Privacy Policy.
You may be placed on Our internal Do Not Call List by contacting Us via the information set forth at the end of this Privacy Notice. Nevada law requires that We also provide You with the following contact information: Bureau of Consumer Protection, Office of the Nevada Attorney General, 555 E. Washington St., Suite 3900, Las Vegas, NV 89101; Phone number: 702.486.3132 or 888.434.9989 (Toll-free); email: [email protected].
Information for Residents of Oregon
This “Information for Residents of Oregon” section applies to residents of Oregon. We will not share Your Personal Information and Browsing Information with nonaffiliated third parties for marketing purposes, except after You have been informed by Us of such sharing and had an opportunity to indicate that You do not want a disclosure made for marketing purposes.
Information for Residents of Vermont
This “Information for Residents of Vermont” section applies to residents of Vermont. We will not share Your Personal Information and Browsing Information with nonaffiliated third parties, except as permitted by Vermont law, such as to process Your transactions or to maintain your account. In addition, We will not share information about Your creditworthiness with Our Affiliates except with Your authorization. For joint marketing in Vermont, We will only disclose Your name, contact information and information about Your transactions.
Information for Residents of Australia
This “Information for Residents of Australia” section applies to residents of Australia. If You are resident of Australia, We Process Your Personal Information in accordance with the Australian federal Privacy Act of 1988. The disclosures in Part A of this Privacy Policy also apply to residents of Australia, except in the event that anything in this section conflicts with the sections above, in which case this section shall take precedence.
If You are an Australian resident, and You are dissatisfied with Our handling of any complaint You raise under this Policy, You may wish to contact the Office of the Australian Information Commissioner.
Information for Residents of Brazil
This “Information for Residents of Brazil” section applies to residents of Brazil. If You are a resident of Brazil, You have the write to request anonymization, blocking or deletion of unnecessary or excessive data or data Processed in noncompliance with the provisions of the Brazilian General Data Protection Law. You have the right to request that We send the Personal Information we hold about You to another service or product provider.
Changes to Our Privacy Policy
We reserve the right to amend this Privacy Policy at Our discretion and at any time. When We make changes to this Privacy Policy, We will post the updated Privacy Policy on the Website and update the Privacy Policy’s effective date. The date the Privacy Policy was last revised is identified at the top of the page. If You would like Us to notify You of any changes to this Privacy Policy, You must ensure We have an up-to-date, active, and deliverable email address for You; otherwise, You are responsible for periodically visiting Our Website and this Privacy Policy to check for any changes.
Exercising Your Rights
The following methods are available to send Us a request to exercise Your rights defined in this Privacy Policy or that You are otherwise entitled to under applicable law:
- Send an email with the subject line “Data Privacy Request” to: [email protected]
- Browse to Our Data Subject Access Request (DSAR) form which is located here: https://app.smartsheet.com/b/form/f756b77f7b8c454c9f4d5c950e95bd2b
- Write Us at:
TUNE, Inc.
Attn: Data Subject Access Request
11350 McCormick Road
EP 3, Suite 200 Hunt Valley, MD 21031
Not all of Your rights can be exercised through each individual method. In some cases, You may need to utilize more than one method to exercise all of Your rights. If You have any doubt as to whether a particular method is effective with respect to a particular right, please contact Us using the email method specified above.
All requests must provide sufficient information for Us to be able to verify You are the person whose Personal Information We hold. Whenever possible, You must describe Your request in enough detail so that We can properly locate the Personal Information related to the request. We cannot respond Your request unless We can verify Your identity and locate Your Personal Information. You may designate, in writing or through a power of attorney, an authorized agent to make requests on Your behalf by contacting Us using the same methods. We may still require You to directly verify Your identity and confirm that You provided the authorized agent permission to submit the request.
Contact Information
To ask questions, or comment about this Privacy Policy and Our privacy practices, or for any other privacy-related inquiries, please:
Email Us at: [email protected]
Write Us at the following postal address:
TUNE, Inc.
Attn: Heather Pruger, General Counsel
11350 McCormick Road
EP 3, Suite 200 Hunt Valley, MD 21031
In the EEA: TUNE, Inc. has appointed ePrivacy GmbH as its Legal Representative in the EEA.
External Data Protection Officer
ePrivacy GmbH
Prof. Dr. Christoph Bauer
Große Bleichen 21, 20354 Hamburg
In the UK: TUNE, Inc. has appointed Perseus Group Software Ltd. as its Legal Representative in the United Kingdom.
Perseus Group Software Ltd.
Abacus House
Acorn Business Park, Ling Road, Poole, Dorset, BH12 4NZ, United Kingdom