If you have questions about this or any Táve policy, please contact us at any time.
Privacy Shields & GDPR
Táve participates in and has self-certified compliance with the Swiss-U.S. and EU-U.S. Privacy Shield Frameworks. Táve is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Frameworks, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, visit the U.S. Department of Commerce’s Privacy Shield website. If there is any conflict between the Privacy Shield principles and this Policy, the principles will govern.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Táve is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
Pursuant to Article 27 of Europe’s General Data Protection Regulation (GDPR), Táve has appointed European Data Protection Office (EDPO) as its GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR by sending an email to firstname.lastname@example.org, using EDPO’s online request form, or writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium.
Sub-Processors and Onward Transfer
Táve is responsible for the processing and handling of personal data it receives under the Privacy Shield Framework, including the onward transfer liability provisions. Táve requires all sub-processors that receive personal information to comply with the Privacy Shield Principles and to execute a data processing agreement (DPA) compliant with the GDPR with Táve prior to acting as a sub-processor.
Táve currently uses the following sub-processors with personal data:
- Amazon Web Services, Inc.
- Google LLC
- SendGrid, Inc.
- Papertrail, Inc.
- Intercom R&D Unlimited Company
- The Rocket Science Group LLC d/b/a MailChimp
- Twilio, Inc.
- PayPal (Europe) S.á.r.l. et Cie, S.C.A. d/b/a Braintree
- Square, Inc.
- European Data Protection Office d/b/a EDPO
To be notified in writing when new sub-processors are going to be used with personal data, please subscribe to our New Sub-Processor Notification List.
Táve uses the online services of an additional outside company to retrieve the weather (or climate trends) at a certain location at a given time, but we anonymize the coordinates to a 1.1km grid inside the EEA as to not provide personal information to the subcontractor:
- The Dark Sky Company, LLC d/b/a Forecast.io for weather forecasts.
In addition, you or your clients may submit personal information to payment gateways while using the Service. The personal information is sent directly from the visitor’s browser to the payment gateway, bypassing the Service. Táve uses tokens, similar to cookies, that are not personally identifiable to subsequently access and use the payment information provided to the payment gateway. It is dependent on you to select a GDPR-compliant payment gateway and to enter into any necessary sub-processor agreements directly with them prior to inviting your clients to pay using a third party payment gateway.
Táve has committed to refer unresolved privacy complaints under the Privacy Shield to an independent dispute resolution mechanism, established by JAMS and conducted in English. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Táve, please contact them for more information and to file a complaint:
In addition, if Táve does not resolve the complaint, you can submit the matter to arbitration to a single arbitrator of the Privacy Shield Panel. The remedies from this arbitration are limited to individual-specific, non-monetary equitable relief (such as access, correction, deletion, or return of the individual’s data in question) necessary to remedy the violation of the Principles only with respect to the individual.
Data Processing Addendum
Information we collect and how we use it:
In order to provide our full range of services, we may collect the following types of information:
- Information you provide – When you sign up for a Táve account or other Táve service or promotion that requires registration, we ask you for personal information (such as your name, email address and an account password). You may also import or enter personal information about clients, leads, vendors, and other contacts.
- Information your client provides – Certain Táve features allow you to collect personal information directly from your clients and others, such as using a New Lead form, publishing a questionnaire, receiving an online payment, or connecting Táve to a third-party email system.
- Credit card information – While we store information relating to billing, such as your billing address and the last four digits of your credit card, we do not store your full credit card number. Instead, we request a special token from our merchant account provider that allows us to access, clone, modify, or void the transaction or monthly recurring billing subscription without needing to store or for our staff to later view your credit card information.
- Log information – When you use Táve services, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request, one or more cookies that may uniquely identify your browser, or details of any error encountered by our servers.
- User communications – When you send email or other communication to Táve, we may retain those communications in order to process your inquiries, respond to your requests and improve our services.
- Affiliated sites – We offer some of our services in connection with other web sites. Personal information that you provide to those sites may be sent to Táve in order to deliver the service. We process such information in accordance with this Policy. The affiliated sites may have different privacy practices and we encourage you to read their privacy policies.
Choices for personal information
When you sign up for a particular service that requires registration, we ask you to provide personal information. If we use this information in a manner different than the purpose for which it was collected, then we will ask for your consent prior to such use.
If we propose to use personal information for any purposes other than those described in this Policy, we will offer you an effective way to opt out of the use of personal information for those other purposes. We will not collect or use sensitive information for purposes other than those described in this Policy, unless we have obtained your prior consent.
You can decline to submit personal information to any of our services, in which case Táve may not be able to provide those services to you.
Táve only shares personal information with other companies or individuals outside of Táve in the following limited circumstances:
- We have your consent. We require opt-in consent for the sharing of any sensitive personal information.
- We provide such information to our subsidiaries, affiliated companies or other trusted businesses or persons for the purpose of processing personal information on our behalf. We require that these parties agree to process such information based on our instructions and in compliance with this Policy and any other appropriate confidentiality and security measures.
- We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against imminent harm to the rights, property or safety of Táve, its users or the public as required or permitted by law.
We may share with third parties certain pieces of aggregated, non-personal information, such as how many users clicked on a particular link or use certain features. Such information does not identify you individually.
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data.
We restrict access to personal information to Táve employees, contractors and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
Táve processes personal information only for the purposes for which it was collected and in accordance with this Policy. We review our data collection, storage and processing practices to ensure that we only collect, store and process the personal information needed to provide or improve our services. We take reasonable steps to ensure that the personal information we process is accurate, complete, and current, but we depend on our users to update or correct their personal information whenever necessary.
Accessing and updating personal information
When you use the Service, we make good faith efforts to provide you with access to your personal information and either to correct this data if it is inaccurate or to delete such data at your request if it is not otherwise required to be retained by law or for legitimate business purposes. We ask individual users to identify themselves and the information requested to be accessed, corrected or removed before processing such requests, and we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup storage media), or for which access is not otherwise required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
When your account is closed
Táve may delete the data of a customer who’s account is closed in accordance with the Terms of Service. Once the account has been deleted, some or all of it may reside for a period of time in backups, logs, server environments, correspondence or other locations.
Táve regularly reviews its compliance with this Policy. Please feel free to direct any questions or concerns regarding this Policy or Táve’s treatment of personal information by contacting us through this web site. When we receive formal written complaints at this address, it is Táve’s policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between Táve and an individual.
Changes to this policy
If you have questions about this or any Táve policy, please contact us at any time.