We cannot control the actions of other users with whom you share your information. We cannot, and do not, control the information you share with other users using the Services, the SendBird Website (including via blogs, dashboards, forums), or how such other users will use or share such information. For example, if you share your information via forums, blogs, or dashboards where other users may have access to such information, we are not responsible for other users using such information. Also, if you share information with other users by using the Services such as message function or chat, SendBird do not control the information you share with other users or how such other uses will use or share such information. SendBird is not liable for such shared information with other users.
CALIFORNIA DATA SUBJECTS
Starting January 1, 2020, the California Consumer Privacy Act (CCPA) provides additional privacy protections for California data subjects and users, including: a) the right to see what data we have about you, your computer or device (i.e., the right to know), b) the right to delete the data we have about you, your computer or device (i.e., the right to delete) and c) the right to opt-out of the sale of data about you, your computer or device to certain third parties (i.e., the right to opt-out from sales of your information). We do not discriminate against you if you exercise any of the above rights. Moreover, we may not be able to honor a right if doing so would violate applicable law.
If you are a customer or partner and have questions about your ability to see the data used to login to our systems, we ask that you direct your question to the person that owns the business relationship. If you are a consumer and want to see what data we may have on behalf of one of our customers, kindly reach out to that individual customer. SendBird is contractually prohibited from honoring such requests without specific written instructions from the applicable customer.
You may access those rights with respect to SendBird by sending us an email to firstname.lastname@example.org. As a California consumer, if you make a subject access request as set out in this policy, you are entitled to see and delete the personal information that we have about you. We will confirm your request within 10 days and make a good faith attempt to fulfill your request within 45 days.
The CCPA defines the term personal information broadly and as such, it includes pseudonymous identifiers such as cookie IDs and mobile advertising IDs. Under the CCPA, your request to see the personal information that we have about you may include: (1) specific pieces of personal information that we may have about you; (2) categories of personal information we have collected about you; (3) categories of sources from which the personal information is collected; (4) categories of personal information that we sold or disclosed for a business purpose about you; (5) categories of third parties to whom the personal information was sold or disclosed for a business purpose under the CCPA; and (6) the business or commercial purpose for collecting or selling personal information.
We may take reasonable steps to verify your request. We will fulfill requests we are able to verify so long as we are not prohibited from doing so by applicable law and/or the information is not essential for us for billing, fraud prevention or security purposes. We will share our reason(s) for denying your request in the event that we are unable to fulfill your request.
You may make an access or deletion request via an authorized agent by having such agent follow the process below. Please note that we will request any authorized agent demonstrate that they have been authorized by you to make a request on your behalf. And we will attempt to verify your request. We require any authorized agents to provide us with contact details such as an email address and phone number so that we may ensure a timely response.
INDIVIDUALS IN THE EEA
Individuals located in the European Economic Area (“EEA”) are granted additional privacy rights under the General Data Privacy Regulation (“GDPR”). For example, an EU (or Swiss) individual who seeks access, or who seeks to correct, amend, port over and/or delete inaccurate data, or who wishes to limit the use and disclosure of their personal data, should send us an email at email@example.com. With respect to EU data subjects, personal data includes pseudonymous data such as an IP address, a mobile advertising ID or a cookie ID as well as data which will enable SendBird to identify you directly such as an email address, postal address or telephone number.
With the exception of the Website, SendBird provides the Services as a “data processor” under the GDPR. That means SendBird only processes data via our development platform as directed by our Clients and for no other purpose. We process certain Personal Data provided by Clients and partners under contractual necessity. For example, we require the billing details of our Clients located in the EU to process payment for the Services. Our sales and marketing team may obtain additional contact details for current and prospective Clients via our legitimate interest so long as they are not overridden by your data protection interests or fundamental rights and freedoms.
SendBird utilizes valid data transfers mechanisms such as the Standard Contractual Clauses for cross-border data transfers where we deem appropriate.