Privacy Policy | StackShare

StackShare Privacy Policy

Last updated: June 19th, 2020

This Privacy Policy describes StackShare's (operated by StackShare, Inc.) policies and procedures on the collection, use and disclosure of your information when you use the StackShare Service, via the StackShare website. We will not use or share your information with anyone except as described in this Privacy Policy. This Privacy Policy does not apply to information we collect by other means (including offline) or from other sources. Capitalized terms that are not defined in this Privacy Policy have the meaning given them in our Terms of Service.

StackShare uses information we collect to analyze how the Service is used, diagnose service or technical problems, maintain security, personalize content, remember information to help you efficiently access your account, monitor aggregate metrics such as total number of visitors, traffic, and demographic patterns, and track User Content and users as necessary to comply with the Digital Millennium Copyright Act and other applicable laws.

What Personal Data Do We Collect From You?

Certain laws, such as the California Consumer Privacy Act (“CCPA”) require that we disclose certain information about the categories of personal information that we collect about individuals. We collect Personal Data about you when you provide such information directly to us, when third parties such as our business partners or service providers provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Services.

Information we collect directly from you

We receive Personal Data directly from you when you provide us with such Personal Data, including without limitation the following:

First and last name
Email address
Shipping address
T-shirt size
Location
Company Name
Company Title
Company Website
Social and third-party website profiles (GitHub, Bitbucket, GitLab, LinkedIn, AngelList, Twitter, Facebook)
User content, for example, your tech stack, comments and posts you submit publically, or files you upload (which can include Personal Data if you include Personal Data in such content)

Information we receive from third party sources

Some third parties such as software vendors provide us with Personal Data about you, such as the following:

Account information for third party services: If you interact with a third party service when using our Services, such as if you use a third party service to log-in to our Services (e.g., GitHub OAuth), or if you share content from our Services through a third party social media service, the third party service will send us information about you, such as information from your public profile, if the third party service and your account settings allow such sharing. The information we receive will depend on the policies and your account settings with the third party service.

Information we automatically collect when you use our Services

Some Personal Data is automatically collected when you use our Services, such as the following:

IP address
Device identifiers
Web browser information
Page view statistics
Browsing history
Usage information
Transaction information (e.g. transaction amount, date and time such transaction occurred)
Cookies and other tracking technologies (e.g. web beacons, pixel tags, SDKs, etc.)
Location information (e.g. IP address, zip code)
Log data (e.g. access times, hardware and software information)

Information we collect through Integrated Services

You may be given the option to access or register for the Service through the use of your user name and passwords for certain services provided by third parties (each, an “Integrated Service”), such as through the use of your Google account, or otherwise have the option to authorize a third party integrated service (an “Integrated Service”) to provide Personal Data or other information to us. By authorizing us to connect with an Integrated Service, you authorize us to access and store your name, email address(es), location, profile picture, and other information that the Integrated Service makes available to us, and to use and disclose it in accordance with this policy. You should check your privacy settings on each Integrated Service to understand what information that Integrated Service makes available to us, and make changes as appropriate. Please review each Integrated Service’s terms of use and privacy policies carefully before using their services and connecting to our Service.

Information we collect from other sources

We may obtain information, including Personal Data, from third parties and sources other than the Service, such as our partners, advertisers, and Integrated Services. If we combine or associate information from other sources with Personal Data that we collect through the Service, we will treat the combined information as Personal Data in accordance with this Policy

How Do We Use Your Personal Data?

We process Personal Data to operate, improve, understand and personalize our Services. For example, we use Personal Data to:

Create and manage user and company profiles
Communicate with you about the Services
Contact you about Service announcements, updates or offers
Provide support and assistance for the Services
Provide advertising, sponsorship, and other paid products to our customers (including, but not limited to our own Pay Per Click native advertising platform)
Personalize website content and communications based on your preferences
Meet contract or legal obligations
Respond to user inquiries
Fulfill user requests
Comply with our legal or contractual obligations
Resolve disputes
Measure and evaluate access to and traffic on the public area of the Site, and create user navigation reports for our site administrators
Protect against or deter fraudulent, illegal or harmful actions
Enforce our Terms of Service

We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.

Contractual Necessity: We process the following categories of Personal Data as a matter of “contractual necessity”, meaning that we need to process the data to perform under our Terms of Service with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.

Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.

Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.

How and With Whom Do We Share Your Data?

We share Personal Data with vendors, third party service providers and agents who work on our behalf and provide us with services related to the purposes described in this Privacy Policy or our Terms of Service. These parties include but are not limited to:

Analytics service providers
Staff augmentation and contract personnel
Hosting service providers

For a full list of the providers we utilize to operate our service, and thus have the potential to process customer data, please see section “List of Subprocessors” below.

We also share Personal Data when necessary to complete a transaction initiated or authorized by you or provide you with a product or service you have requested. In addition to those set forth above, these parties also include:

Other users (where you post information publicly or as otherwise necessary to effect a transaction initiated or authorized by you through the Services)
Social media services (if you interact with them through your use of the Services)
Third party business partners who you access through the Services
Other parties authorized by you

We also share Personal Data when we believe it is necessary to:

Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies
Protect us, our business or our users, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud
Maintain the security of our products and services

We also share information with third parties when you give us consent to do so.

Furthermore, if we choose to buy or sell assets, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party, and we would share Personal Data with the party that is acquiring our assets. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this policy.

This is a list of subprocessors who have the potential to process customer data from individuals located in the European Economic Area. Current as of May 25, 2018.

Third Party Service	Purpose	Entity Country	Website
Algolia	Search as a Service	USA	http://www.algolia.com/
Amazon Web Service	Cloud Hosting	USA	http://aws.amazon.com/
Amplitude	Mobile Analytics	USA	https://amplitude.com/
Clearbit	Customer Information API	USA	https://clearbit.com/
Crazy Egg	Heatmap Analytics	USA	http://www.crazyegg.com
Crisp	Customer Support	FR	https://crisp.chat/
Customer IO	Transactional Email	USA	https://customer.io/
Dropbox	File Storage	USA	https://www.dropbox.com/developers
FullStory	User Feedback as a Service	USA	https://www.fullstory.com/
G Suite	Productivity Suite	USA	https://gsuite.google.com/
Google Analytics	General Analytics	USA	http://www.google.com/analytics
Google Cloud Platform	Cloud Hosting	USA	https://cloud.google.com/
Intercom	Engagement/Lifecycle Marketing	USA	https://www.intercom.io
MailChimp	Email Marketing	USA	http://mailchimp.com
New Relic	Performance Monitoring	USA	http://newrelic.com
Segment	Analytics Integrator	USA	https://segment.com
SendGrid	Transactional Email	USA	https://www.sendgrid.com/
Sentry	Exception Monitoring	USA	https://sentry.io
Slack	Group Chat / Collaboration	USA	https://slack.com/
Streak	Customer Relationship Management	USA	https://www.streak.com/
Stream	Activity Feeds as a Service	USA	https://getstream.io/
Stripe	Payment Services	USA	https://stripe.com
Survicate	Survey Widget	PL	http://survicate.com
Trello	Project Management	AU	https://trello.com/
Uploadcare	File Uploads	UK	https://uploadcare.com
UserVoice	Help Desk	USA	http://www.uservoice.com
Yesware	Sales Automation	USA	https://www.yesware.com/

How Long Do We Retain Your Personal Data?

We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally. For example, if you verified your company’s stack profile, but delete your personal user account and user profile, the company stack profile you created will not automatically be deleted, unless you manually delete it.

What Security Measures Do We Use?

We seek to protect Personal Data using appropriate technical and organizational measures based on the type of Personal Data and applicable processing activity. For example, we use two-factor authentication for many services we use internally and have begun to use a central password management solution.

Personal Data of Children

We do not knowingly collect or solicit Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register for the Services or send any Personal Data about yourself to us. If we learn that we have collected Personal Data from a child under age 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us Personal Data, please contact us at privacy@stackshare.io.

What Rights Do You Have Regarding Your Personal Data?

You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email privacy@stackshare.io. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.

Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by emailing us at privacy@stackshare.io.
Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by editing your profile(s).
Erasure: You can request that we erase some or all of your Personal Data from our systems either by deleting your profile(s) yourself or by emailing us at privacy@stackshare.io.
Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible, by emailing us at privacy@stackshare.io.
Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes, by emailing us at privacy@stackshare.io.
Restriction of Processing: You can ask us to restrict further processing of your Personal Data, by emailing us at privacy@stackshare.io.
Right to File Complaint: You have the right to lodge a complaint about Company’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State, by emailing us at privacy@stackshare.io.

What If You Have Questions Regarding Your Personal Data?

If you have any questions about our data practices generally, please contact us using the following information:

Physical address:	Email address for contact:
Name:
Privacy Support
590 6th St	privacy@stackshare.io
Apt 212
San Francisco, CA 94103

Links to Other Web Sites

We are not responsible for the practices employed by websites linked to or from the Service, nor the information or content contained therein. Please remember that when you use a link to go from the Service to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our website, is subject to that website's own rules and policies.

Your California Privacy Rights

California Residents

In this section, we provide information for California residents, as required under California privacy laws, including the California Consumer Privacy Act (“CCPA”), which requires that we provide California residents certain specific information about how we handle their personal information, whether collected online or offline. This section does not address or apply to our handling of publicly available information made lawfully available by state or federal governments or other personal information that is subject to an exemption under the CCPA

California Residents’ Rights. California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.

Do-not-sell: California residents have the right to opt-out of our sale of their personal information. If you are a California resident, you may submit an opt-out request here. We do not sell personal information about residents who we know are younger than 16 years old without opt-in consent.
Notice before collection: We are required to notify California residents, at or before the point of collection of their personal information, the categories of personal information collected and the purposes for which such information is used.
Request to delete: California residents have the right to request, at no charge, deletion of their personal information that we have collected about them and to have such personal information deleted, except where an exemption applies. We will respond to verifiable requests received from California residents as required by law.
Request to know: California residents have the right to request and, subject to certain exemptions, receive a copy of the specific pieces of personal information that we have collected about them in the prior 12 months and to have this delivered, free of charge, either(a) by mail or (b) electronically in a portable and, to the extent technically feasible, readily useable format that allows the individual to transmit this information to another entity without hindrance. California residents also have the right to request that we provide them certain information about how we have handled their personal information in the prior 12 months, including:
- categories of personal information collected;
- categories of sources of personal information;
- business and/or commercial purposes for collecting and selling their personal information;
- categories of third parties/with whom we have disclosed or shared their personal information;
- categories of personal information that we have disclosed or shared with a third party for a business purpose; and
- categories of third parties to whom the residents’ personal information has been sold and the specific categories of personal in formation sold to each category of third party.

California residents may make a Request to Know up to twice every 12 months, at no charge. We will respond to verifiable requests received from California residents as required by law

Discrimination and financial incentives: The CCPA prohibits discrimination against California residents for exercising their rights under the CCPA. A business may offer financial incentives for the collection, sale or deletion of California residents’ personal information, where the incentive is not unjust, unreasonable, coercive or usurious, and is made available in compliance with applicable transparency, informed consent, and opt-out requirements. California residents have the right to be notified of any financial incentive offers and their material terms, the right to opt-out of such incentives at any time, and may not be included in such incentives without their prior informed opt-in consent. We do not offer any such incentives at this time

Submitting Verifiable Requests. Requests to Know and Requests to Delete may be submitted

By email at privacy@stackshare.io

We will respond to verifiable requests received from California residents as required by law. For more information about our privacy practices, you may contact us as set forth in the Contact Us section above.

Changes to Our Privacy Policy

If we change our privacy policies and procedures, we will post those changes on this page to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it. Changes to this Privacy Policy are effective when they are posted on this page.