Last updated: 2023-06-28
xFanatical ("we" or "us" or "our") respects the privacy of our users ("user" or "you"). We operate the xfanatical.com website (or "site") and offer Software Services, including free or paid products (Foresight, Safe Doc, Form Merger etc.) and custom software development services.
COLLECTION OF YOUR INFORMATION
Data collected by our https://xfanatical.com site
This website collects various types of information, such as:
- Voluntarily provided information when you provide user-generated content or when you contact us, which includes
- Your name
- Your email address
- Your replies to a post
- Your likes to a post or others' comment
- Your messages
- Basic information from your device, including your computer’s Internet Protocol ("IP") address, your operating system type and version, and browser type and version.
Please rest assured that this site shall only collect personal information that you knowingly and willingly provide by way of comments, surveys, completed application forms, and emails. It is the intent of this site to use personal information only for the purpose for which it was requested and any additional uses specifically provided on this site.
It is highly recommended and suggested that you review the privacy policies and statements of any website you choose to use or frequent as a means to better understand the way in which other websites garner, make use of and share information collected.
The data may include but not limited to
- Your credit card information. Securely protected by Stripe under PCI compliance.
- Your billing address
- Your bill-to name
- The time, the IP address, the operating system type and version and browser version when you make payments
Data from social networks
If you interact with us on social networks (e.g. Facebook, Twitter or LinkedIn), your social network information may be available to us. The information may include
- Your social network username
- Your social network profile picture
- Your public shared contacts or messages
USE OF YOUR INFORMATION
For our Services
We may collect and may make use of personal information to assist in the operation of our website and/or services and to ensure delivery of the services you need and request. These business activities include but not limited to
- Confirm your requests and comments
- Create and manage your account
- Inform essential changes to your account using our services
- Fulfill and manage purchases, orders, payments, refunds and other transactions related to our services
- Prevent fraudulent transactions, monitor again theft, and protect against criminal activity
- Respond to support or sales questions
- Increase the efficiency, operation, user experience of our site and services with your anonymous usage data
- Troubleshoot problems in our services
- Enable user-to-user communications, e.g. joining our communities, receiving replies from other users.
For marketing and events-related communications
We may be occasionally in contact with you with optional marketing related messages. We usually communicate with you via emails. You have the rights to stop marketing communications by contacting us. The topics may include
- Completing surveys or newsletters
- Our site or service updates
- Discounts, price change and other information regarding promotions
- New products, tips, free tools etc.
DISCLOSURE OF YOUR INFORMATION
We do not now, nor will it in the future, sell, rent or lease any of our customer data to any marketers or unaffiliated third parties. We may share information we have collected about you in certain situations. Your information may be disclosed as follows.
By Law or to Protect Rights
We may disclose your personal information, without prior notice to you, only if required to do so in accordance with applicable laws and/or in a good faith belief that such action is deemed necessary or is required in an effort to:
- Comply with applicable law, rule, or regulation
- Respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities
- Maintain, safeguard and/or preserve all the rights and/or property of xFanatical
- Perform under demanding conditions in an effort to safeguard the personal safety, privacy, property and rights of you and/or the general public.
- Enforce our contractual rights
We share Personal Data with third party service providers that provide necessary services on our behalf, including
- payment processing
- identity verification
- website hosting
- data storage
- data processing
- information security
- data analysis
- emailing delivery
- customer service
- marketing assistance
We authorize such service providers to use or disclose the Personal Data only as necessary to perform services on our behalf or comply with legal requirement. We require service providers to protect the security and confidentiality of our users' Personal Data.
If you interact with other users of the site or our services, those users may see your name, profile photo, signature, title or affiliations from your posts. If your posts are public, the information may be also be publicly visible and indexed by search engines. For example, if you post comments on our site, social network accounts, or our communities of services, it's your responsibility to manage your own data.
With your consent, we may refer you to our business partners who can provide the correct services you demanded.
CHILDREN UNDER AGE OF 13
We do not knowingly collect personal identifiable information from children under the age of thirteen (13) without verifiable parental consent. If it is determined that such information has been inadvertently collected on anyone under the age of thirteen (13), we shall immediately take the necessary steps to ensure that such information is deleted from our system's database. Anyone under the age of thirteen (13) must seek and obtain parent or guardian permission to use this website.
We maintain our site and services in the US, so your personal information may be transferred outside of the country where you live. Different countries have different data protection regulations. We take measures to ensure that any such transfers are safeguarded from unauthorized access, disclosure, loss or alternation.
UNSUBSCRIBE OR OPT-OUT OR DELETE PERSONAL INFORMATION
All users and/or visitors to our website have the option to discontinue receiving communication from us and/or reserve the right to discontinue receiving communications by way of email or newsletters. To discontinue or unsubscribe to our website please send an email that you wish to unsubscribe to [email protected]. If you wish to unsubscribe or opt-out from any third party websites, you must go to that specific website to unsubscribe and/or opt-out.
You also have the rights to erase personal data in our website and services, such as website comments, product usage records or community posts etc. To delete your personal information from the service you use, please first follow the instructions in the service to terminate your account. Then please email us at co[email protected] to request a complete removal of your data.
However, we typically retain personal information related to our contract and business transactions with you for seven years after you last interaction with us for legal and tax purposes. We may also keep certain personal information, such as fraudulent users or malicious IP addresses, for legitimate business purposes (e.g. fraud and abuse prevention or security).
LINKS TO OTHER WEBSITES
We shall endeavor and shall take every precaution to maintain adequate physical, procedural and technical security with respect to our offices and information storage facilities so as to prevent any loss, misuse, unauthorized access, disclosure or modification of the user's personal information under our control. We also use Secure Socket Layer (SSL) for authentication and private communications in an effort to build users' trust and confidence in the internet and website use by providing simple and secure access and communication of credit card and personal information. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.
In the rare case of personal data breach, email notifications will be sent to you within 72 hours of learning of the breach. We will provide you specific details of the breach and instruction to help you minimize the lost.
CONTROLS FOR DO-NOT-TRACK FEATURES
We do not currently respond to Do-Not-Track ("DNT") web browser signals or any other mechanism that automatically communicates your choice not to be tracked online, since no uniform technology standard for recognizing and implementing DNT signals has been finalized.
CALIFORNIA PRIVACY RIGHTS
The California Consumer Privacy Act (CCPA) permits our users who are California residents more control over personal information that we collected.
As a user of our site or services, a California consumer and subject to certain limitations under the the CCPA, you have choices regarding our use and disclosure of your personal information.
Exercise the rights to know. You may request up to twice in a 12-month period, the following information about the personal information we collected about you during the past 12-month.
- The categories and specific pieces of personal information we have collected about you
- The categories of sources from which we collected the personal information
- The business or commercial purposes for which we collected the personal information
- The categories of third parties with whom we shared the personal information
- The categories of information that we disclosed to third parties
Exercise the right to delete. You may request that we delete the personal information we have collected from you, subject to certain limitations under applicable law.
Exercise the right to opt-out from a sale. You may request to opt out of any sales of your personal information. As described in Disclosure of your information section, we do not sell or rent the Personal Data of our users' data for profitability.
Exercise the right to non-discrimination. The CCPA provides that you may not be discriminated against for exercising these rights.
If you are a California resident and would like to make such a request, please submit your request by emailing us ([email protected]). We may need to verify your email identity before responding to your request against the record in our system. We may also request a government-issued valid ID to verify your California residency.
EU PRIVACY RIGHTS
The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). As an EU resident, you are entitled to the following rights.
The right to access. You have the right to request us for copies of your personal data. We may charge you a small fee for this service.
The right to rectification. You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete information you believe is incomplete.
The right to erasure. You have the right to request us to erase your personal data collected by our site or services you use, under certain conditions. You understand erasure of essential user data could mean terminating the service.
The right to restrict processing. You have the right to request us to restrict processing of your personal data, under certain conditions. You understand restrict processing for essential user data for the service you use could mean terminating the service.
The right to data portability. You have the right to request us to transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you are an EU resident and would like to make such a request, please submit your request by emailing us ([email protected]). We may need to verify your email identity before responding to your request against the record in our system. We may also request a government-issued valid ID to verify your EU residency.
ACCEPTANCE OF TERMS
HOW TO CONTACT US
Email: [email protected]
Phone: +1 (909)833-0188
8780 19th St, Ste 458
Rancho Cucamonga, CA 91701 USA
PRODUCT SPECIFIC PRIVACY POLICIES
Permissions to access your information
When you use Foresight product, you will be prompted with accessing permissions to retrieve and modify certain information based on your on-demand in-app services. The permissions may include but not limited to:
- Your Google Workspace domain information, including user names, emails, and other personal information.
- Permission to send emails on behalf of you.
- Access and modify your Google Drive files.
- Update your Gmail settings.
- Read your Google Calendars.
At anytime, you can cancel these permissions at Your Google Account Permission Page so no further data is shared with Foresight.
Foresight's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
Due to the nature of SaaS (Software as a Service), all transaction data is stored and secured on the Google Cloud Platform (GCP) in the US. All data is encrypted during network transition between you and our server and never shared with outsiders. Your Google service access permission is granted via OAuth2 protocol on the minimum basis. Other than the data needed to perform automation for you, we do not retrieve and store excess information from your Google account. High sensitive information like passwords are encrypted.
We maintain organizational, technical and administrative measures to protect your personal data from unauthorized use, alternation, disclosure or destruction.
Nonessential data collected by Foresight
- Triggers and actions you used
- Product pages you visited
- Buttons you clicked
- Your operating system type and version
- Your browser type and version
- Your IP address
- The context of error, e.g. buttons clicked or pages visited within the application before the error occurs.
You are able to opt out these data collection in the Settings > Privacy page within Foresight.
Delete your data
We do not automatically delete your Foresight account data as long as you have an active Professional subscription.
You have rights to erase your personal data. To delete your Personal Data in Foresight, please follow the instructions in close my Foresight account. Your data will be permanently deleted from Foresight, logs and backups in 30 days.
When you use Form Merger product, you granted permissions for the application to access and modify information, as below
- Read and write Google Forms in your Google Drive
Your personal assets in Google Drive will not be stored in our server.
Safe Doc is a chrome extension that manages inappropriate features in Google Workspace for Education to protect K-12 students from harmful content.
No Student Personal Data is collected
Safe Doc is compliant with COPPA, FERPA, PPRA and SOPIPA. We do NOT transmit, process, collect and sell any personally identifiable information (PII) of your students. All student data required by Safe Doc is encrypted and cached locally in students' school managed devices. By uninstalling Safe Doc from your students' managed devices, all cached data is deleted.
De-identified data (e.g. crash reporting) may be collected for Safe Doc troubleshooting and improvement. We ensure NO PII will be included in the de-identified data. We also do not attempt to re-identify de-identified data and do not disclose or transfer any of the de-identified data to third parties. As school officials, you may opt out such de-identified data collection using the Safe Doc configuration policy OptOutAnonymousErrorReporting.
For school accounts, we only store your students' domain name to verify your school license keys.
School Representative Data
If you're the school representative who applied for the trial or annual license, the information you provided is stored in our system for service purposes. We do not disclose, sell or rent your Personal Data to any unaffiliated third parties. Personal data collected from you may include but not limit to
- Your full name
- Your contact email
- Your school's student email domain(s)
- Your school's billing address, including an optional phone number
- Your school's purchase orders
If you use Safe Doc customer portal, you are subject to an additional data privacy term. We use Google reCaptcha to protect our software application from unauthorized accesses. Apart from the information provided you provide, consider visiting the Google reCaptcha privacy policies. Your data is protected by encryption-in-transit and encryption-at-rest.
To remove your Safe Doc account data permanently from our system, you need to request us ([email protected]) in writing from the authorized email addresses in your Safe Doc account. We do not accept unauthorized requests.
Free Apps Scripts
When you download and use free apps scripts, you granted permissions for the applications to perform their work. Depending on the functionalities of apps scripts, these permissions may include but not limited to:
- Read and write Google Drive files
- Read and write Google Docs files, Docs, Sheets, Slides, Forms etc.
- Read your profile's information
- Access external services
Since apps scripts run on your end, we collect no information from you.