Privacy Policy - Cloverpop

Last Modified: 11 May 2021

Cloverpop is a product of Clearbox Decisions, Inc. We are committed to protecting the privacy of our users. This privacy policy describes how we will protect your personal and business information.

Plain English – Why do we care so much about privacy?

We are a values-driven company that helps with decisions at work. Many of these decisions are sensitive and involve private information. In order for us to help you, we have to earn and keep your trust. For you to trust us, we have to keep your information private and confidential. So it is not just the law that compels us to protect your privacy, it is also core to our values and our service.

Plain English – What you should know about the risks of using Cloverpop and how we reduce them.

We ask a lot of questions about your decisions. By policy and through technology described below, we protect that information and do not share it with any third parties without your explicit consent.
We encourage you to invite colleagues to weigh in on your decisions. Cloverpop is a collaborative app that depends in large part on teams of stakeholders weighing in with their perspectives. In order to maintain your privacy when you invite colleagues to weigh in on decisions, we only allow people to see decisions that: (1) they were specifically invited to weigh in on, or (2) are made by Teams that they are Members of. That also means that if you invite a colleague to one of your decisions, or make a decision on a Team that then they are Members of, they will know that you are the person making the decision, will be able to see certain information about that specific decision, and will know the identity and opinions of other colleagues who have also weighed in on it.
We analyze and publish aggregate information about the decisions in our Database. By policy and through technology described below, we protect that information and do not associate it with any information that could identify you, your company or specific information about your decisions.
We encourage you to ask us questions and give feedback via our customer support site. When you contact us via chat or email, we will know who you are and will ask questions as needed to respond to any concerns or feedback you give. Information from such inquiries is kept private unless you give us explicit permission to share it.
We encourage you to tell other people about Cloverpop. We post nothing about your decisions to Facebook, LinkedIn, Twitter or other social media services. But if you love your Cloverpop experience, we want to you tell everyone else about it. What you say is up to you.

What information do we collect?

Customer Relations Data: We collect information such as name, work email, company, department, company size and phone number on our marketing site in order to initialize customer relationships, deliver whitepapers, schedule demos and other customer relationship building interactions.
Customer Data: We collect information when you sign up for the Subscription Service, engage in a transaction, subscribe to communications from us, respond to a survey, fill out a form, engage with us for customer support, or use the Subscription Service. When using our site, registering on our site, or purchasing Subscription Services , as appropriate, you may be asked to enter information including (without limitation): name, e-mail address, gender, birthday, text boxes, questionnaire responses, location, phone number or credit card information.

What do we use your information for?

The information we collect from you may be used in the following ways:

To provide the Subscription Service to you – it is the nature of the app to collect information about your decisions, use that information to help you analyze and communicate about your decision, and provide a service based on the information you provide.
To improve our understanding of decisions – we are building the world’s largest database of business decisions, and using that information to improve the Cloverpop Subscription Service, provide data for scientific research and help you make such decisions more wisely.
To improve our website experience – we continually strive to improve our website offerings based on the information and feedback we receive from you.
To improve customer service – your information helps us to more effectively respond to any problems you find or needs you may have.
To process transactions – your information will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested.
To administer a contest, promotion, survey or other site feature.
To send periodic emails – the email address you provide when registering to use the Subscription Service may be used to send you information about your use of the Subscription Service and updates pertaining to any transactions on the site, in addition to receiving occasional company news, updates, related product or service information, etc.

Note: If at any time you would like to unsubscribe from receiving emails that are not required in the course of providing the Cloverpop service, just let us know by replying to an email, or using the unsubscribe instructions at the bottom of an email.

How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information or complete a transaction.

You may invite other people to weigh in on your decisions. Those people must verify their identity by demonstrating they own the email address you used when you invited them. There is no public view of Cloverpop Users or their decision information.

We use a secure server. All supplied sensitive information is transmitted via Secure Socket Layer (SSL) technology and then protected in our Database to be only accessed by those ized with special access rights to our systems, who are required to keep the information confidential.

Private financial information (credit cards, social security numbers, financials, etc.) is not stored on our servers after a transaction.

If you believe your information has been compromised in any way, please contact our Data Protection Officer immediately at privacy@shxmfdc.com. If we detect a data breach we will follow the notification guidelines established by the General Data Protection Regulation (GDPR) and may notify you depending on the nature of the breach.

Do we use cookies?

Our website may use “cookies,” which store many types of data, to make your experience easier and more enjoyable. You may set your browser to refuse these cookies by seeing the help section of your browser. We work with third parties for purposes of conversion tracking your clicks from our advertisements and social media posts on other websites, including storing and accessing cookies. Specifically, you may opt out of Twitter's interest-based advertising here and LinkedIn's website demographics here.

Do we disclose any information to outside parties?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information without your explicit consent in each case. This does not include trusted third parties who help us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. If we use or share other information, it will not include personally identifying information. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided in aggregate to other parties for scientific or academic research or other uses.

In addition, as we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, personally identifiable information may be part of the transferred assets.

How we share your information

We make collaborative decision software. This means sharing information through Cloverpop and with third parties. We share your information as discussed below.

Sharing with other Cloverpop users

When you use Cloverpop, we share certain information about you with other users.

For decision-making: You can create content which may contain information about you, and grant permission to others to use that content based on settings you or your administrator select. Some of the decision-making features of Cloverpop display your profile information to other users. For example, when you comment on a decision, we may display your name next to your comments so that other users with access to the decision understand who made the comment.
Community forums: We offer offer publicly accessible blogs, web forums, issue trackers and Slack and MS Teams communities. You should be aware that any information you provide on these websites -- including information associated with the account you use to post -- may be seen by others and may remain even after you terminate your account. Consider the sensitivity of any information you input into suchg forums. To request removal of your information from publicly accessible websites operated by us, please contact us as provided below.
Managed accounts and administrators: If you register or access Cloverpop using an email address owned by your employer or organization, and such organization wishes to establish an account, certain personal information about you including may become accessible to that organization’s administrator and other Cloverpop users in the organization.

Sharing with 3rd parties

We share information with third parties to help us operate, provide, improve, integrate, customize, support and market our Services.

Service Providers: We use service providers to provide hosting, messaging, payment processing, and other services for us, which may require them to access information about you. If a service provider accesses information about you to perform services on our behalf, they do so with our careful control to protect your information. For a list of our sub-processors, see /sub-processors.
Cloverpop Partners: We work with third parties who provide consulting services to deliver and implement customer solutions around the Services. We may share your information with these third parties in connection with their services, such as to deliver training services.
Third Party Links and Widgets: Occasionally, at our discretion, we may include links to third-party products or services on our website or blog, or include widgets to interact with third parties or social media sites. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.
Testimonials: When you give us consent, we may share personal customer testimonials on our website or in social media, and those testimonials may include your name.
Law Enforcement Requests and Applicable Laws: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements; or respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
Enforcing Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to enforce our agreements, policies and terms of service; to protect the security or integrity of our products and services; or to protect our company, our customers or the public from harm or illegal activities.
Privacy Shield: In cases of onward transfer to third parties of Personal Data received pursuant to the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, Cloverpop and Whitebox are potentially liable if its agent processes such personal information in a manner inconsistent with the Principles, unless we prove that we are not responsible for the action that caused the damage.

California Online Privacy Protection Act Compliance

Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.

As part of the California Online Privacy Protection Act, all users of our service who create a personal profile may make any changes to their information at anytime by logging in at shxmfdc.com.

Children’s Online Privacy Protection Act Compliance

We are in compliance with the requirements of COPPA (Children’s Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old, and are generally used by adult business people in management positions.

Managing Your Information

If you are an ized user of the Subscription Service you can update your Customer Data on the user profile page of the product. If you submitted data through our marketing site (see Customer Relations Data) and would like to update, delete or receive a copy of that data please contact privacy@shxmfdc.com.

EU-US and Swiss-US Privacy Shield

Cloverpop complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Cloverpop has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy ShieldPrinciples, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

In compliance with the Privacy Shield Principles, Cloverpop commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Cloverpop at privacy@shxmfdc.com.

Cloverpop has further committed to refer unresolved Privacy Shield complaints to JAMs, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim for more information or to file a complaint. The services of JAMs are provided at no cost to you.

Individuals may, under certain conditions, invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. Please visit Annex I for additional information: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Online Privacy Policy Only

This online privacy policy applies only to information collected through our website and via our Subscription Service and not to information collected offline.

Your Consent

By using our website and Subscription Service, you consent to our Privacy Policy and Customer Terms of Service.

Customer Terms of Service

You can review our Customer Terms of Service at /terms-of-service.

Changes to our Privacy Policy

If we decide to change our Privacy Policy, we will post those changes on this page, and/or update the Privacy Policy modification date. This policy was originally posted on 14 July 2014, received significant edits on 1 October 2015 and 7 June 2019, and received minor edits on 21 July 2016, 23 May 2018, 10 October 2018 and 2 April 2021.

SOC2 Compliance

The Cloverpop service is SOC2 compliant. A current audited report is available for prospective customers upon request.

Contact Us

If there are any questions about this Privacy Policy you may contact us using the information below.

Whitebox Decisions, Inc.
1212 N. Wells St. #904
Chicago, IL 60610
privacy@shxmfdc.com

Cloverpop Privacy Policy