Last Revised on August 14, 2020
MentorCloud™, an online platform (hereinafter the “Platform”) for mentoring and knowledge sharing, is a proprietary Platform offered by MentorCloud, Inc., (hereinafter “MentorCloud”, “we”, “us”, “our”, the “company”), a Delaware Corporation. The Platform is intended for individual users or members (hereinafter “users”, “you”, “your”, “them”) affiliated with a specific organization. We provide services (hereinafter collectively the “service”) through one or more Websites (hereinafter our “websites”).
WE DO NOT SELL YOUR PERSONAL INFORMATION. WE DO NOT GIVE ACCESS TO YOUR PERSONAL INFORMATION TO THIRD PARTIES EXCEPT TO SUB PROCESSORS TO ASSIST US IN THE PROVISION OF OUR SERVICES TO YOU.
3. WEB SITES COVERED
The Service is currently provided through the Websites identified with the following urls (uniform resource locators): http://www.mentorcloud.com and http://X.mentorcloud.com (where “X” is the name of the organization for whom We provide Our platform, pursuant to separately executed forms and agreements).
Our Websites may contain links to other Websites. We are not responsible for the information practices or the content of such other Websites. We encourage You to review the privacy statements of other Websites to understand their information practices.
4. INFORMATION COLLECTED
We collect information from individuals who visit our Websites (each a “Visitor” and collectively the “Visitors”) and individuals who register to use the Service (each a “Customer” and collectively the “Customers”). The purpose of the Platform is to permit Customers to provide information about themselves for the purposes of sharing knowledge, networking and forming mentoring relationships. You agree to provide us certain personal and professional information (hereinafter the “Required Information”), which we collect in order to allow you to benefit from our Websites. Such required information may include but is not limited to your name, email address, human values, professional area of expertise and office location.
Please note, we do not process sensitive information on our platform. “Sensitive Information” refers to your credit or debit card numbers, personal financial account information, social security number, Social Insurance numbers, passport numbers, driver's license numbers or similar personal identifiers, racial or ethnic origin, physical or mental health condition or information, or other financial or health information
5. USE OF INFORMATION COLLECTED
We use your information to provide and improve the Services.
a. Customer Data: MentorCloud may access and use Customer Data as reasonably necessary and in accordance with User’s instructions to (a) provide, maintain and improve the Services and Instance; (b) to prevent or address service, security, technical issues or at a User’s request in connection with customer support matters; (c) as required by law; and (d) as set forth in our agreement with the User or as expressly permitted in writing by the User.
b. Other information
We use other kinds of information in providing the Services.
i. To understand and improve our Services. We carry out research and analyze trends to better understand how users are using the Services and improve them.
ii. To communicate with you by:
(a). Responding to your requests. If you contact us with a problem or question, we will use your information to respond.
(b). Sending emails and MentorCloud messages. We may send you Services and administrative emails and messages. We may also contact you to inform you about changes in our Services, our Service offerings, and important Service-related notices, such as security and fraud notices. These emails and messages are considered part of the Services and you may not opt-out of them. In addition, we sometimes send emails about new product features or other news about MentorCloud. You can opt out of these at any time by sending us an email at email@example.com or clicking at the unsubscribe button, where applicable. We are offering an opt-out option in our Website itself.
(c). Billing and account management. We use account data to administer accounts and keep track of billing and payments.
(d). Communicating with you and marketing. We often need to contact you for invoicing, account management and similar reasons. We may also use your contact information for our own marketing or advertising purposes. You can opt out of these at any time by sending us an email at firstname.lastname@example.org or clicking at the unsubscribe button, where applicable.
(e). Investigating and preventing bad stuff from happening. We work hard to keep the Services secure and to prevent abuse and fraud.
6. WEB SITE NAVIGATIONAL INFORMATION
We use commonly used information-gathering tools, such as cookies and Web beacons, to collect information as You navigate the Company's Web sites (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information that may be collected on the Company's Web sites and how this information may be used.
Cookies: Flash Cookies are local storage objects (or flash cookies) that collect and store information about your preferences and navigation to, from and on our Websites.
Web Beacons: Web beacons and similar technologies are small bits of code, which are embedded in web pages, ads, and e-mail, that communicate with third parties. We may use web beacons, for example, to count the number of users who have visited a specific web page, to deliver or communicate with cookies, and to understand usage patterns. We also may include web beacons in emails to understand whether messages have been opened, acted on, or forwarded.
Automatic Data Collection: We use automatic data collection to (a) understand and save your preferences for future visits; (b) compile aggregate data about Website traffic and Website interactions in order to offer better Website experiences and tools in the future; and (c) we may also use trusted third-party services that track this information on our behalf.
Personal Information: We do not collect Personal Information automatically, but we may tie this information to Personal Information about you that we collect from other sources or you provide to us.
8. YOUR CHOICES
a. Customer Data: You provide us with instructions on what to do with your Customer Data. You have many choices and control over Customer Data. For example, you may provision or de-provision access to the Services, enable or disable third party integrations, manage permissions, retention and export settings, transfer or assign instances, share channels, or consolidate instances or channels with other instances or channels.
b. Other information: If you have any questions about your information, our use of this information, or your rights when it comes to any of the foregoing, contact us email@example.com
c. Browser: In addition, the browser you use may provide you with the ability to control cookies or other types of local data storage. Your mobile device may provide you with choices around how and whether location or other data is collected and shared. MentorCloud does not control these choices, or default settings, which are offered by makers of your browser or mobile device operating system.
9. SHARING AND DISCLOSURE
a. Customer Data
MentorCloud may share Customer Data in accordance with our agreement with the Customer and the Customer’s instructions, including:
i. With third party service providers and agents. We engage with third party companies or individuals to provide information and learning tools on Instance; therefore we share Customer Data with those third-party companies or individuals.
ii. With affiliates. We may engage affiliates in our corporate group to process Customer Data.
iii. With third party integrations. MentorCloud may, acting on our Customer’s behalf, share Customer Data with the provider of an integration added by Customer. MentorCloud is not responsible for how the provider of an integration may collect, use, and share Customer Data, as this is the responsibility of the Customer.
b. Other information
MentorCloud may share other information as follows:
i. About you with the Customer. There may be times when you contact MentorCloud to help resolve an issue specific to an instance of which you are a member. In order to help resolve the issue and given our relationship with our Customer, we may share your concern with our Customer.
ii. With third party service providers, content partners and agents. We may engage third party companies or individuals, such as third-party payment processors, to process information on our behalf. You may request a list of all of our third-party sub processors by email us at firstname.lastname@example.org or mail to our Mailing Address set forth below in subsection 4 of the International Users section.
iii. With affiliates. We may engage affiliates in our corporate group to process other information.
c. Other types of disclosure
MentorCloud may share or disclose Customer Data and other information as follows:
i. During changes to our business structure. If we engage in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of MentorCloud 's assets, financing, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence).
ii. To comply with laws. To comply with legal or regulatory requirements and to respond to lawful requests, court orders and legal process.
iii. To enforce our rights, prevent fraud and for safety. To protect and defend the rights, property, or safety of us or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud.
iv. We may disclose or use aggregate or de-identified information for any purpose. We may share aggregated or de-identified information with our partners or others for business or research purposes like telling a prospective MentorCloud Customer the average number of messages sent within a MentorCloud Instance in a day or partnering with research firm or academics to explore interesting questions about learning science and knowledge management
Protection of Data: MentorCloud takes security seriously. We take various steps to protect information you provide to us from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the information we collect, process and store, and the current state of technology.
b. Security Measures: We have implemented measures designed to secure your Personal Information from accidental loss and from unauthorized access, use, alteration and disclosure. All information you provide to us is stored on secure servers of our hosting service provider partner.
c. Compliance with our Procedures: The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of Websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
11. YOUR CALIFORNIA PRIVACY RIGHTS UNDER CCPA
If you are a California resident, you may request that we:
a. Request information. Disclose to you the following information covering the 12 months preceding your request:
i. the categories and specific pieces of personal information we collected about you and the categories of personal information we sold.
ii. the categories of sources from which we collected such personal information.
iii. the business or commercial purpose for collecting or selling personal information about you; and
iv. the categories of third parties to whom we sold or otherwise disclosed personal information.
b.Delete Personal Information. Delete personal information we collected from you; or
c. Opt-out of any future sale of personal information about you.
To make a request for such disclosure, or identification and/or deletion of Personal Information in all our systems that we store on you, please send an email to email@example.com or write to us at MentorCloud, 68 Willow Road, Menlo Park, CA 94025.
(i) if we delete your Personal Information as requested, we will no longer be able to provide our services to you and
(ii) we may need to keep such Personal Information for a while during the shutting down and billing process.
If you would like to discuss our Personal Information storage and processing process with us, please send an email to firstname.lastname@example.org or write to us at MentorCloud, 68 Willow Road, Menlo Park, CA 94025.
We will acknowledge receipt of your inquiry within ten (10) days of the receipt. We will respond within forty-five (45) days of receiving such request or query. Within this period, we are required to verify your identity before further action. Additionally, in order for us to respond to your request or query, we will need to collect information from the requesting party to verify their identity.
12. COPPA COMPLIANCE (FOR CHILDREN UNDER 13 USERS ONLY) INFORMATION
The Children’s Online Privacy Protection Act (“COPPA”) is a federal legislation that applies to entities that collect and store “Personal Information,” as the term is defined under COPPA, from children under the age of 13. We are committed to ensure compliance with COPPA. Our Websites are not meant for use by children under the age of 13. Our Websites do not target children under the age of 13, but we do not age-screen or otherwise prevent the collection, use, and personal disclosure of persons identified as under 13. If you would like to know more about our practices and specifically our practices in relation to COPPA compliance, please email us at email@example.com. If you believe that we have mistakenly or unintentionally collected personal information of a minor through our sites without appropriate consent, please notify us so that we may immediately delete the information from our servers and make any other necessary corrections.IF YOU ARE UNDER 13, PLEASE DO NOT ACCESS OR USE OUR WEBSITES.
13. INTERNATIONAL USERS
a. Processing Personal Information in the US. We are headquartered in the United States. Most of our operations are located in the United States and India. Your Personal Information, which you give to us during registration or use of our Platform, may be accessed by or transferred to us in the United States. If you are visiting our web site or registering for our Services from outside the United States, be aware that your Personal Information may be transferred to, stored, and processed in the United States. Our servers or our third-party hosting services partners are located in the United States. By using our site, you consent to any transfer of your Personal Information out of Europe for processing in the US or other countries. If you are resident, employee, or visitor in Europe, the processing, storage, transfer, and use of your Personal Information may be subject to the rules and regulations of the GDPR.
68 Willow Road,
Menlo Park, CA 94025
14. GDPR: FOR OUR EUROPEAN VISITORS, CONSUMERS, AND CUSTOMERS
If you are a resident of or a visitor to Europe, you have certain rights with respect to the processing of your Personal Data, as defined in the GDPR.
Please note that in some circumstances, we may not be able to fully comply with your requests, or we may ask you to provide us with additional information in connection with your request, which may be Personal Information, for example, if we need to verify your identity or the nature of your request.
In such situations, however, we will still respond to let you know of our decision. As used herein, “Personal Data” means any information that identifies you as an individual, such as name, address, email address, IP address, phone number, business address, business title, business email address, company, etc.
To make any of the following requests, contact us using the contact details referred to in the “Contact Information” section of this Policy.
a.Access: You can request more information about the Personal Data we hold about you. You can also request a copy of the Personal Data.
b.Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by logging into your service account. Please contact us as soon as possible upon noticing any such inaccuracy or incompleteness.
c.Objection: You can contact us to let us know that you object to the collection or use of your Personal Data for certain purposes.
d.Erasure: You can request that we erase some or all of your Personal Data from our systems.
e.Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
f.Portability: You have the right to ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another entity where technically feasible.
g.Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, it may limit your ability to use some/ all of our Services or Platform and you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services and Platform.
h.Response. We will respond to your inquiry within thirty (30) days of the receipt. Please see Section 14 for details regarding “Contacting Us.”
i.Right to File Complaint: You have the right to lodge a complaint about our practices with respect to your Personal Data with the supervisory authority of your country or EU Member State. Please go to https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm to locate your Data Protection Authority.
15. EU-US AND SWISS-US PRIVACY SHIELD CERTIFICATION
In compliance with the Privacy Shield Principles, MentorCloud commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact MentorCloud at firstname.lastname@example.org or at our mailing address,
Name: Ravishankar Gundlapalli
Address: MentorCloud Inc,
68 Willow Road, Menlo Park, CA 94025
Email Address: email@example.com
MentorCloud has further committed to refer unresolved Privacy Shield complaints to the Better Business Bureau, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information or to file a complaint. The services of Better Business Bureau are provided at no cost to you. MentorCloud commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of providing our SERVICES to you.
You have the right to access the personal data that we store on you. We are subject to the investigation and enforcement powers of the Federal Trade Commission (FTC). You may require us to arbitrate your complaints under certain circumstances. We will be liable to you for any unauthorized transfers of your personal data to third parties.
You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of a European country participating in the Privacy Shield must first: (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from BBB PRIVACY SHIELD; and (3) contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the resident.
(i)Obligations of the data importer (processors)
The data importer agrees and warrants:
●to process the personal data only on behalf of the data exporter and in compliance with its instructions and the Clauses; if it cannot provide such compliance for whatever reasons, it agrees to inform promptly the data exporter of its inability to comply, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
●that it has no reason to believe that the legislation applicable to it prevents it from fulfilling the instructions received from the data exporter and its obligations under the contract and that in the event of a change in this legislation which is likely to have a substantial adverse effect on the warranties and obligations provided by the Clauses, it will promptly notify the change to the data exporter as soon as it is aware, in which case the data exporter is entitled to suspend the transfer of data and/or terminate the contract;
●that it has implemented the technical and organizational security measures before processing the personal data transferred;
●that it will promptly notify the data exporter about:
●any legally binding request for disclosure of the personal data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation,
●any accidental or unauthorized access, and
●any request received directly from the data subjects without responding to that request, unless it has been otherwise authorized to do so;
●to deal promptly and properly with all inquiries from the data exporter relating to its processing of the personal data subject to the transfer and to abide by the advice of the supervisory authority with regard to the processing of the data transferred;
●at the request of the data exporter to submit its data processing facilities for audit of the processing activities covered by the Clauses which shall be carried out by the data exporter or an inspection body composed of independent members and in possession of the required professional qualifications bound by a duty of confidentiality, selected by the data exporter, where applicable, in agreement with the supervisory authority;
●to make available to the data subject upon request a copy of the Clauses, or any existing contract for sub-processing, unless the Clauses or contract contain commercial information, in which case it may remove such commercial information, with the exception of Appendix 2 which shall be replaced by a summary description of the security measures in those cases where the data subject is unable to obtain a copy from the data exporter;
●that, in the event of sub-processing, it has previously informed the data exporter and obtained its prior written consent;
(ii)Obligations of the data exporter
The data exporter agrees and warrants:
●that the processing, including the transfer itself, of the personal data has been and will continue to be carried out in accordance with the relevant provisions of the applicable data protection law (and, where applicable, has been notified to the relevant authorities of the Member State where the data exporter is established) and does not violate the relevant provisions of that State;
●that it has instructed and throughout the duration of the personal data processing services will instruct the data importer to process the personal data transferred only on the data exporter's behalf and in accordance with the applicable data protection law and the Clauses;
●that the data importer will provide sufficient guarantees in respect of the technical and organizational security measures;
●that after assessment of the requirements of the applicable data protection law, the security measures are appropriate to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation;
●that it will ensure compliance with the security measures;
●that, if the transfer involves special categories of data, the data subject has been informed or will be informed before, or as soon as possible after, the transfer that its data could be transmitted to a third country not providing adequate protection within the meaning of Directive 95/46/EC;
●to make available to the data subjects upon request a copy of the Clauses, with a summary description of the security measures, as well as a copy of any contract for sub-processing services which has to be made in accordance with the Clauses, unless the Clauses or the contract contain commercial information, in which case it may remove such commercial information; and
●that, in the event of sub-processing, the processing activity is carried out in at least the same level of protection for the personal data and the rights of the data subject as the data importer under the Clauses.
●The parties agree that any data subject, who has suffered damage as a result of any breach of the obligations referred above by any party or sub-processor is entitled to receive compensation from the data exporter for the damage suffered.
●If a data subject is not able to bring a claim for compensation in accordance with paragraph a against the data exporter, arising out of a breach by the data importer or his sub-processor of any of their obligations referred to above, because the data exporter has factually disappeared or ceased to exist in law or has become insolvent, the data importer agrees that the data subject may issue a claim against the data importer as if it were the data exporter, unless any successor entity has assumed the entire legal obligations of the data exporter by contract of by operation of law, in which case the data subject can enforce its rights against such entity.
17. COPYRIGHT INFRINGEMENT/DMCA NOTICE
If you believe that any content on our Website violates your copyright, and you wish to have the allegedly infringing material removed, the following information in the form of a written notification (pursuant to the Digital Millennium Copyright Act of 1998 (“DMCA Takedown Notice”)) must be provided to our designated Copyright Agent.
a. Your physical or electronic signature;
b .Identification of the copyrighted work(s) that you claim to have been infringed;
c. Identification of the material on our Website that you claim is infringing and that you request us to remove;
d. Sufficient information to permit us to locate such material;
e. Your address, telephone number, and e-mail address;
f. A statement that you have a good faith belief that use of the objectionable material is not authorized by the copyright owner, its agent, or under the law; and
g. A statement that the information in the notification is accurate, and under penalty of perjury, that you are either the owner of the copyright that has allegedly been infringed or that you are authorized to act on behalf of the copyright owner.
MentorCloud’s Copyright Agent to receive DMCA Takedown Notices is Ravishankar Gundlapalli, at firstname.lastname@example.org, MentorCloud, Attn: DMCA Notice, 68 Willow Road, Menlo Park, CA 94025, United States of America. You acknowledge that for us to be authorized to take down any content, your DMCA Takedown Notice must comply with all the requirements of this Section. Please note that, pursuant to 17 U.S.C. § 512(f), any misrepresentation of material fact (falsities) in a written notification automatically subjects the complaining party to liability for any damages, costs and attorneys’ fees incurred by MentorCloud in connection with the written notification and allegation of copyright infringement.
18. FOR OUR NEW YORK CUSTOMERS
We will fully comply with the letter and the spirit of the New York Shield Act (the “Act’), which became effective on January 1, 2020, to the fullest extent that it is applicable to us. We have adopted reasonable safeguards to protect the security, confidentiality, and integrity of your private information, as defined in the Act ("Private Information"). We will securely protect any personal information, as defined in the Act ("Personal Information"), and/or Private Information in accordance with the requirements set forth in the Act. We will notify you of any unauthorized access to or disclosure of your Personal Information or your Private Information in accordance with the requirements of the Act.
We will act as a fiduciary to our consumers and dedicate the highest duty of care, loyalty and confidentiality as is expected out of a 'data fiduciary' defined under Section 1102. The consumer will have the liberty to select a method to opt-in or opt-out from sharing of their personal information to indicate their consent or denial.
19. CAN-SPAM ACT OF 2003
The CAN-SPAM Act establishes requirements for commercial messages, gives recipients the right to have businesses stop emailing them, and spells out penalties for violations. Per the CAN-SPAM Act, we will:
a.not use false or misleading subjects or email addresses;
b.identify the email message as an advertisement in some reasonable way;
c.include the physical address of MentorCloud, Inc., which is 68 Willow Road, Menlo Park, CA 94025;
d.monitor third-party email marketing services for compliance, if one is used;
e.honor opt-out/unsubscribe requests quickly; and
f.give an “opt-out” or “unsubscribe” option.
If you wish to opt out of email marketing, follow the instructions at the bottom of each email or contact us at email@example.com and we will promptly remove you from all future marketing correspondences.
20. DISPUTE RESOLUTION OR FILING A COMPLAINT
21. CONTACT INFORMATION
Name: Ravishankar Gundlapalli
Address: MentorCloud Inc,
68 Willow Road, Menlo Park, CA 94025
Email Address: firstname.lastname@example.org