Updated March 18, 2021
You should read this policy in full, but there are a few key things that we hope you understand and take away from it:
- When you use our website, even if you are just browsing, or use our Services, we receive some personal information about you like the type of device you are using and your IP address.
- You may sign up for a user account to use our Services and provide additional information to us like your name, email address, company, and role within the company. We use this information to provide services to you, to administer our systems, and enable additional features of the Services.
- We do not market to or target persons in the European Union or EFTA States. REI has no presence or business relationships in the EU and is located solely in the United States of America, which does not provide the same rights as those specified in the General Data Protection Regulation (GDPR).
- You can contact us at email@example.com if you have questions about this Policy, or how we collect or process your Personal Data.
A separate agreement governs delivery, access, and use of the Services (the “Terms and Conditions”).
Data We Collect and Receive
In Short: We collect personal information that you provide to us such as name, address, passwords and security data.
When you interact with our website, marketing, and use our applications, we collect data that alone, or in combination with other data, could be used to identify you (“Personal Data”). Some of the data we collect is stored in a manner that cannot be linked back to you (“Non-Personal Data”).
Information You Disclose to Us
Our Services allow you to sign up for an account. When you do, we will ask for Personal Data, including the following:
Name and Contact Data: your name, email address(es), contact information, your company, and role within the company. We will also ask you to create a display name.
Credentials: passwords, password hints, and similar security information used for authentication and account access.
All information that you provide to us must be true, complete, and accurate. You must notify us of any changes to such personal information.
Data that you provide to us may be collected through our partners and service providers, such as our web hosting services.
Information Automatically Collected
In Short: We automatically collect certain information such as your IP address and device characteristics when you connect to our Services.
Certain data about the devices you use to connect to our Services, and your use of our Services are automatically logged in our system, including:
Location information. This is the IP address, geographic area, state, city where you use your computing devices and mobile devices when interacting with our website or using our Services.
Log data. As with most websites and technology services delivered over the internet, our servers automatically collect data when you access or use our website or Services and record it in log files. This log data may include your IP address, browser type and settings, date and time of use, language data, and cookie data.
Services data. This is information about our Services, how you use them, and how others using them interact with you. For example, we will know who you meet with using our Services, the meeting start and end times, and the amount of data transmitted and received during the meeting. We also assign unique identifiers to meetings and track these identifiers. We also track performance and error data, the Services version you use, a unique application number assigned to your installation, which applications you use while using our Services, and so forth.
Website data. This is information about our website and how you use it. We may also obtain data from our third-party partners and services providers to analyze how you use our website. For example, we will know how many users access a specific page on our website and which links they clicked on. We use this aggregated information to better understand and optimize our website.
Platform and device information. These are data from your computing or mobile device, such as the type of hardware and software you are using (for example, your CPU, graphic device(s), operating system, and so forth), and may include unique device identifiers for your devices.
Third Party Data
In Short: We receive information about you from our marketing partners, affiliates, and subsidiaries.
REI may receive data about website visitors, marketing campaigns, and other matters related to our business from affiliates and subsidiaries, our partners, or others that we use to make our own information better or more useful. This data may be combined with other information we collect and might include aggregate level data, such as which IP addresses correspond to zip codes or countries. Or it might be more specific, such as how well an online marketing or email campaign performed.
Additional Information Provided to REI
In Short: We receive information about you from other interactions with REI.
We receive other information when submitted to our website or if you participate in a focus group, contest, activity or event, apply for a job, request support, interact with our social media accounts or otherwise communicate with REI.
In addition, we collect Content you submit as defined and described in the REI User Agreement when you use our Services.
Information Collected from Children
In Short: We do not knowingly collect information from children.
REI does not knowingly collect personal information from children under the age of 13. Our website and Services are directed to persons who are at least 13 years old. If we determine that we have collected personal information from children under the age of 13, we will take reasonable measures to remove that information from our systems. We encourage parents and legal guardians to monitor their children’s Internet usage to help enforce this Policy by instructing their children never to provide personal information through our website without their permission.
No Rights Under the GDPR
In Short: If you live in the European Union or EFTA States you understand and agree that your data will be transferred to, stored in, and accessed in the United States, which does not have the same rights as specified in the GDPR.
We do not market to or target persons in the European Union or EFTA States. REI has no presence or business relationships in the EU and is located solely in the United States of America, which does not provide the same rights as those specified in the General Data Protection Regulation (GDPR). If you are located in a geographic region outside the United States of America and choose to use our Services, you understand that your data will be transferred to, accessed in, and stored in, the United States of America and you give your explicit consent to REI to transfer your data to the United States of America.
How We Use Your Data
In Short: We process your information for purposes based on legitimate business interests, in fulfillment to our contract with you, compliance with our legal obligations, and/or your consent.
We use, process, and store your data as necessary to provide services to you and for our legitimate business interests, in operating our website, and offering our Services, including:
- To provide our Services to you.
- To help us administer our Services, authenticate users for security purposes, provide personalized user features and access, conduct research, develop new features, and improve the features, algorithms, and usability of our Services.
- To calculate aggregate statistics on the number of unique individuals and/or devices using our Services.
- To send periodic emails and texts. We may send you service, technical, and administrative emails and texts. We may also contact you to inform you about changes in our Services, inform you of security and fraud events, and send you other Services-related information. We may also send you marketing materials through periodic emails and texts. You may opt out of marketing emails and texts.
- To improve our products and offerings. Using analytical platforms, we will map broader analytical trends and patterns, making sure our products align with what our customers need and improve marketing materials.
- To enhance product advertising campaigns. Your information is also used to inform advertising campaigns across a variety of platforms to help improve the accuracy of our delivery.
- To investigate and help prevent security issues, fraud, and abuse.
- As required by applicable law, legal process, or regulation.
How We Share and Disclose Your Data
In Short: We will only share your information with your consent, to comply with laws, to protect your rights, or to fulfill business obligations.
We only disclose Personal Data to third parties when:
- We use service providers who assist us in meeting business operation needs, including hosting and administering our website, and delivering and improving our products. We also use service providers for speciﬁc services and functions, including email communication, customer support services, and analytics.
- We have your explicit consent to share your Personal Data (if required).
- Using our Services to interact with others necessitates that certain information be disclosed to those you interact with, including your display name.
- We believe it is necessary to investigate potential violations of our Terms and Conditions, or where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, or potential threats against persons, property, or the systems on which we operate our Services.
- We determine that the access, preservation, or disclosure of your Personal Data is required by law, or to protect the rights, property, or personal safety of REI or users of our Services, or to respond to lawful requests by public authorities, including national security or law enforcement requests.
REI does not share your Personal Data with third parties for the purpose of enabling them to deliver their advertisements to you.
REI does not sell, trade, or rent your Personal Data.
Data Storage, Transfer, Retention, and Deletion
In Short: We process your data in the United States, keep your data only as long as necessary for legitimate business purposes, and safeguard your data using industry standard practices.
Data Storage and Transfers
Data submitted to REI will be transferred to, processed, and stored in the United States. When you use the Services on your computing device, user content you save will be stored locally on that device and synced with our servers. If you post or transfer any information to or through our Services, you are agreeing to such information, including Personal Data and user content, being hosted and accessed in the United States.
Duration of Storage
You can remove your Personal Data from REI at any time by contacting us at firstname.lastname@example.org. However, we may keep some of your Personal Data for as long as reasonably necessary for our legitimate business interests, including fraud detection and prevention and to comply with our legal obligations including tax, legal reporting, and auditing obligations.
When you give us personal information, we take steps to make sure that it’s treated securely.
Non-sensitive details (your name, email address, etc.) are sent normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best eﬀort to ensure its security on our systems.
We use industry standard encryption to protect your data in transit. This is commonly referred to as transport layer security (TLS) or secure socket layer (SSL) technology. Additionally, your data is stored with our third-party provider, Momentum Tools (https://www.momentumtools.io/) in order to provide you with file restoration and export functionality. Data collected and processed by third parties is subject to their own privacy policies. We encourage you to learn about the privacy practices of those third parties.
Once we receive your data, we protect it on our servers using a combination of physical, technical, and logical security safeguards. The security of data stored on your computing devices is solely within your control and we recommend you take the appropriate steps to secure your computing devices that you use in connection with our website and Services.