Last updated 12 July 2019

Welcome to Abacus!

The privacy and security of your personal information is important to us. If you have any questions at all about this Privacy Policy, please do not hesitate to contact us at [email protected]

Applicability of this Privacy Policy

This Privacy Policy ("Privacy Policy") applies to the Services operated by us and explains how we collect, use, share and otherwise process information relating to natural persons ("Personal Information"). All capitalized terms not in this Privacy Policy defined will have the meaning set forth in our Abacus Terms of Service (the "Terms"). This Privacy Policy applies to any user or visitor to or of the Services. Abacus processes Personal Information in the role of a controller as described in this Privacy Policy. We may also process Personal Information in the role of a processor where your Personal Information was submitted to us by one of our business customers who have directed us to perform Services for them ("Clients") pursuant to services agreements or other contracts; in that case, if you wish to exercise any of your rights with respect to your Personal Information, please contact the applicable Client directly.

We may update this Privacy Policy from time to time to reflect changes in our privacy practices. If we do, we will notify you of any changes by posting notice on the Services or by sending notice to the primary email address specified in your account. Changes that materially affect your rights or our obligations will go into effect thirty (30) days following such notification, at which point we will update the "Last Updated" date at the top of the page. Non-material changes or clarifications will take effect immediately. We encourage you to periodically check the Services and this page for updates.

You acknowledge that your use of the Services indicates to us that you have read this Privacy Policy and consent to the privacy practices described, and your continued use of the Services after we publish or send a notice about any changes to this Privacy Policy indicates that you have read and consent to the updated Privacy Policy

What Information Do We Collect?

We collect information, including Personal Information, only where we have a lawful basis. Lawful bases on which we rely include your consent where you have given it, contract where processing is necessary for us to perform our obligations pursuant to a contract with you, and legitimate interests of our business such as operating and providing the Services to you.

We collect, store, and use the following categories of information, which includes Personal Information:

Information you give us:

• Identification information about yourself, including your name, email address, postal address, zip code, country, telephone number, date of birth, taxpayer identification number, social security number, wage and tax statements (Form W-2), passport information, and other information you may submit when you create an account on the Services.
• Information about your company, such as its name, description, email address, postal address, and employer identification number.
• Information about your assets, including information regarding your bank account (e.g., financial institution, account type, routing number, and account number), any 401(K) or IRA accounts, and information regarding your investments.
• Information about your liabilities, including information about loans, credit card statements, and mortgages.
• Your responses to surveys that we may ask you to complete for research purposes or to help direct Abacus activities.
• Any information you share when you contact us.

Information we get from your use of the Services:

• Details of how you use the Services.
• Your internet protocol address (i.e., IP address) and, if you access the Services from a mobile application, your unique mobile device ID number and non-email authentication.
• Details of financial transactions you participate in on the Services, including the amount, currency, and method of payment.
• Browser and device information and information collected through Tracking Technologies (defined below), such as cookies, pixel tags, and other technologies.
• If you use the Services from a mobile device, that device will send us data about your location based on your phone settings. We will ask you to opt-in before we use GPS or other tools to identify your precise location.

How Do We Use the Information We Collect?

We use the information we collect for a variety of purposes, including to improve the Services, optimize our technology, and refine and customize our offerings and user experience.

In particular, we use the information we collect to:

• Administer and provide the Services, enable you to use its features, and improve the overall user experience.
• Communicate with you through email, text, SMS, message via social media platforms, telephone, or any other medium for which we have contact information so that we can provide you with information and updates about us, our work, and our community, and to make it easier for you to share such information about us with your social networks.
• Send information including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages.
• Respond to comments and questions and provide technical support and customer support.
• Analyze how users use the Services using tools like Google Analytics and other tools to help us understand traffic patterns and know if there are problems with the Services.
• Create targeted advertising to promote the Services and engage the community and our users.
• Protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
• Link or combine user information with other Personal Information.
• Compare information for accuracy, update our records, and verify it with third parties.

Do We Share Your Personal Information?

We do not rent, sell, or share your Personal Information with other people or non-affiliated third parties except with your consent or as necessary to complete any transaction or provide with the Services or any specific service you have requested or authorized.

To help us do our work, we may provide limited access to some of your Personal Information to the following third parties:

• Clients: We may share your Personal Information with our Clients pursuant to services agreements or other contracts between us and such Clients.
• Service providers: We work with a wide range of third-party providers who provide services on our behalf, such as identity verification and screening providers, our database administrators, cloud computing services, advertising services, data analysts, application service providers, bulk SMS services, and other non-governmental organizations. We do not authorize them to use or disclose your Personal Information except in connection with providing their services.
• Payment processors: We work with payment processors to help process credit card transactions and other payment methods made through the Services. These payment processors will store certain information about you. Please refer to their privacy policies to learn more about how they use your Personal Information.

We may also transfer your Personal Information to a third party as a result of a merger, acquisition, reorganization or similar transaction; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of the Services; and to protect our rights or property. In such event, and to the extent legally permitted, we will notify you and, if there are material changes in relation to the processing of your Personal Information, give you an opportunity to consent to such changes.

We will also share Personal Information with companies, organizations or individuals outside of Abacus if we have a good-faith belief that access, use, preservation, or disclosure of your Personal Information is reasonably necessary to:

• Detect or protect against fraud or security issues, to enforce our Terms
• Meet any enforceable government request
• Defend against legal claims, or protect against harm our legal rights or safety, or that of our staff and/or users.

How Long Do We Keep Your Personal Information?

Subject to the section entitled "Your Rights Regarding Personal Information" below, we may retain your Personal Information for seven (7) years after our receipt of such Personal Information, in order to comply with applicable laws and/or regulations that govern our provision of the Services. We may also retain and use your Personal Information for as long as necessary to resolve disputes and/or enforce our rights and/or agreements.

Cookie Policy

Refer to our Cookie Policy to learn about how we use tracking technologies such as Cookies and Web Beacons.

How Do We Secure Your Personal information?

We take reasonable steps to protect your Personal Information against unauthorized access, alteration, disclosure, misuse, or destruction. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. The safety and security of your Personal Information also depends on you. If you are a user, you are solely responsible for keeping your membership details confidential, including any access credentials like passwords or mobile device PINs.

Your Rights Regarding Your Personal Information

You have certain rights with respect to the use of Personal Information on the Services. If your Personal Information was submitted to us by a Client pursuant to a services agreement or other contract, then please contact the applicable Client directly to exercise the below rights. Otherwise, please contact us at [email protected] to exercise any of the below rights.

• Delete or Correct Personal Information: You may review, access, correct, amend, or delete Personal Information we have about you by logging into your Account and navigating to your account page or by emailing us. For your protection, we may only share and update the Personal Information associated with the specific email address that you use to send us your request, and we may need to verify your identity before doing so. We will try to comply with such requests in a reasonably timely manner. If you wish to cancel your account, you may do so through your account page. If you do, personally identifiable information associated with your account will be deleted as soon as is reasonably practical or as required by applicable law. Please note that we may retain information that is otherwise deleted in anonymized and aggregated form, in archived or backup copies as required pursuant to records retention obligations, or otherwise as required by law.

• Delete or Correct User Content: You may access, correct, amend, or delete Your Content by accessing your user account (including any imported contacts). You control Your Content. Your Content that you delete (including Your Content containing Personal Information) may be retained in archived or backup copies in order to enable you to use certain features like revision history and base snapshots. For instructions on how to permanently delete Your Content from your account, please email us. Please note that permanent deletion of Your Content through this process will impair or disable those features with respect to Your Content.

• Download or Access Personal Information: You can ask us for a copy of your Personal Information, as well as information about its processing, and can ask for a copy of your Personal Information (including in machine readable form) by emailing us.

• Opting Out of Email Communications: If at any time you would like to unsubscribe from our email list, you may do so by following this link or following the unsubscribe instructions provided in the email you receive from us. Despite your indicated email preferences, we may send you Services-related communications, including notices of any updates to our Terms or this Privacy Policy.

• Opting Out of Marketing Communications: We may use some of the information we collect for marketing purposes, including to send you promotional communications about new Abacus features, products, events, or other opportunities. If you wish to stop receiving these communications or to opt out of use of your information for these purposes, please follow the opt-out instructions by clicking "Unsubscribe" (or similar opt-out language) in those communications. You can also email us to opt out.

Links to Third Party Websites

We may provide links to other websites. We have no control over these websites and they are subject to their own terms of use and privacy policies. As such, we do not endorse and are not responsible for the availability of, or for any content, advertising, products, or other materials on or available from, these third party websites.

By using the Services, you agree that we will not be liable for any damage or loss caused by your use of or reliance on any content, advertising, products, or other materials on or available from these third party websites.

How We Respond to Do Not Track Signals

Your browser settings may allow you to automatically transmit a Do Not Track signal to websites and other online services you visit. We do not alter our practices when we receive a Do Not Track signal from a visitor’s browser because we do not track our visitors to provide targeted advertising. To find out more about Do Not Track, please visit All About Do Not Track.

Children Under 16

The Services are not directed to individuals who are under age of sixteen (16) and we do not solicit nor knowingly collect Personal Information from children under the age of sixteen (16). If you believe that we have unknowingly collected any Personal Information from someone under the age of sixteen (16), please contact us immediately at [email protected] and the information will be deleted.

DMCA Notice

If you own a copyright or have authority to act on behalf of a copyright owner and want to report a claim that a third party is infringing that material on or through the Services, please send a notice to our copyright agent that includes all of the items below and we will expeditiously take appropriate action. Our designated copyright agent to receive such claims can be reached at [email protected] This process does not limit our ability to pursue any other remedies we may have to address suspected infringement.

1. A description of the copyrighted work that you claim is being infringed
2. A description of the material you claim is infringing and that you want removed or access to which you want disabled and the URL or other location of that material
3. Your address, telephone number, and email address
4. The following statement: "I have a good faith belief that the use of the copyrighted material I am complaining of is not authorized by the copyright owner, its agent, or the law (e.g., as a fair use)"
5. The following statement: "The information in this notice is accurate and, under penalty of perjury, I am the owner, or authorized to act on behalf of the owner, of the copyright or of an exclusive right that is allegedly infringed"
6. An electronic or physical signature of the owner of the copyright or a person authorized to act on the owner's behalf.

A Note to Users Outside the United States

Abacus is based in the United States. The Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States. Your Personal Information may be collected, transferred to, stored and otherwise processed in any country where we have facilities or in which we engage service providers, and by using the Services you consent to the transfer of information to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.

We will ensure that transfers of Personal Information are provided an adequate level of protection as required by law, such as by entering into appropriate contractual arrangements (such as, where applicable, the standard contractual clauses for the transfer of data as approved by the European Commission), or by asking for your prior consent.

Abacus complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Abacus has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

In instances where Abacus shares your information with third parties, Abacus shall remain liable under the principles of Privacy Shield if such third parties process such personal information in a manner inconsistent with the Principles, to the extent that Abacus’ actions were responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, Abacus commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Abacus at: [email protected] Abacus has further committed to refer unresolved Privacy Shield complaints to the JAMS Privacy Shield Program, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of the JAMS Privacy Shield Program are provided at no cost to you.

By participating in Privacy Shield, Abacus is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Depending on other governing agreements that have also been executed between Abacus and you, or based on JAMS Privacy Shield Program’s operating procedures, it may be possible for you to invoke binding arbitration.

Contact Us

If you have any questions about this Privacy Policy, your Personal Information, or the Services, you can contact [email protected]

Please contact us if you have any complaints or concerns with respect to your privacy. If you believe we are unable to assist you, you have the right to lodge a complaint with a supervisory authority in the relevant jurisdiction. However, we are committed to working with you to resolve any complaint or concern you may have with respect to your privacy.