Thank you for accessing and/or using our Services. bipp respects the privacy of its users. This Privacy Policy describes how bipp collects, stores, uses, and discloses information, and in particular your personal information (if any), and what choices you have with respect to such information. Any capitalized words or phrases that are not given a meaning in this Privacy Policy shall have that meaning given to them in the Terms of Service, which you may find here. Please read this Privacy Policy carefully, as it may affect your rights or provide you with important information regarding your rights.

If you have any questions regarding this Privacy Policy or our privacy practices after reading this Privacy Policy, please contact us at: privacy@bipp.io.

Changes to this Privacy Policy

bipp may modify this Privacy Policy from time to time as it deems necessary to reflect its data protection procedures or as required by applicable law, and by accessing or using the Services, or continuing to access or use the Services, you agree to be bound to any modification to this Privacy Policy. Please review this Privacy Policy regularly as its terms may change from time to time.

Scope

This Privacy Policy applies to all Services and governs any information you may provide to bipp in connection with your access to or use of the Services. You must inform any persons to whom you invite or allow to access or use the Services that any information they provide to bipp will be subject to this Privacy Policy.

In many cases bipp, which is a processor, may not have access to, use, or disclose any information used in connection with the Services, especially regarding Non-bipp Products, in which case the collection, use, storage, and disclosure of such information shall be the responsibility of the person or company collecting, using, storing, or disclosing such information. This Privacy Policy does not apply to any third party applications or software that integrate with the Services, or any third party products, services, or businesses.

Children under 13

You may not access or use the Services if you are under the age of 13. If you become aware that a user is under the age of 13 or has unlawfully provided bipp with personal information regarding any individual under the age of 13, please contact bipp immediately at privacy@bipp.io so that bipp can take steps to delete such information. bipp may, but is not obligated to, monitor the information provided by users and may delete any user information if bipp becomes aware that such user is under the age of 13.

What Information We Collect, Store, Use, or Disclose

More specific information about what information we collect and how we use it when you use a particular Service, such as the Platform, is available below.

bipp may collect, store, and use information you provide to bipp by accessing or using the Services. By accessing or using the Services, you voluntarily agree to provide such information to bipp. Information may include personal information, which is information that can be used, whether individually or in the aggregate, to identify you. Specific practices and rights regarding your personal information are described in more detail in this Privacy Policy.

No one is under an obligation to provide any information, and the user may choose to utilize privacy and security tools available on the user’s device or software. Please note, however, that failure to provide information may result in your inability to access or use the Services, or may hinder your access or use of the Services.

The user information we collect, store, use, and disclose include the following:

  • Names
  • Username and password
  • Email addresses
  • Addresses and geographic location
  • Employer information and employment positions
  • Billing information (if payment is handled directly by bipp and not a third party)
  • IP Addresses
  • Information regarding the device used to access or use the Services
  • Phone numbers
  • User purchase history of bipp products and services
  • Any other information you provide bipp; and

bipp will receive information about organizations, industries, customers, visitors to websites or the Services, vendors, and other similar business information when such information is provided to bipp by users when users access or use the Services, which may include information regarding individuals. By providing such information to bipp, the user represents that the user is authorized to do so and bipp shall have no responsibility for any unauthorized provision of information.

Why We Collect, Store, Use, and Disclose Information

In general, information is collected, stored, used, and disclosed for the following purposes:

  • To provide you with the Services you request
  • To improve or modify the Services
  • To personalize or customize the Services
  • To respond to user questions, comments, and other communications
  • To provide you with information regarding the Services
  • To process user payments, to provide credits or refunds, and to manage and administer accounts;
  • To enforce any Applicable Policy
  • To protect bipp intellectual property rights and any intellectual property rights asserted by a third-party
  • To investigate and help prevent security issues and abuse, or to prevent fraud
  • For any purpose to which the user provides prior consent; or
  • To comply with any applicable law or to cooperate with law enforcement

How We Collect, Store, Use, and Disclose Information

To create or update your subscriptions, you and/or your users supply bipp with the information requested on the user account or subscription page. Additionally, when a user interacts with the Services, metadata is generated that provides additional context about the way the user uses or accesses the Services. For example, bipp may track the Services you access, when you access them, and how you access them.

bipp uses cookies and similar technologies in its Services to help bipp collect information for the purposes described above. The Services may also include cookies and similar tracking technologies of third parties, which may collect information about you via the Services you access or use, or via other websites and online services you may access or use. Please note that the use of cookies and similar tracking technologies by third parties may be subject to such third parties’ privacy policies and practices, and bipp shall have no responsibility for such third parties’ privacy policies and practices.

The user may share or disclose information to other users or third parties through the Services, and by doing so the user acknowledges and agrees that the user is solely responsible for the information it discloses, how it discloses such information, and why it discloses such information.

bipp may disclose information to any of its affiliates or successors in interest for the purposes described above.

bipp may disclose or use aggregated or de-identified information for any purpose; provided, however, that such information does not identify the individual user.

bipp does not sell any information to any third parties.

Some information we collect, and how it is used, is based on the Services you use:

The bipp Platform

To use the bipp Platform, you will need to provide bipp with access to your company’s databases. The bipp Platform analyzes data in your databases to fulfill our contractual commitments to you, our customer. The bipp Platform acts as a data Processor to you, our customer, and you are the data controller and the owner of your data.

The bipp Platform processes the following information, some of which is personal information:

  • End-user login/registration information (business email and password) for both bipp users or External Business Users (embedded bipp users, more on this below) as well as metadata about the Customer’s use of bipp Services.
  • Login information. Login information, such as username and password.
  • Database metadata, which is used to facilitate product improvements, customer support, and license auditing.
  • We will also collect customer data when the customer makes a query in connection with that customer’s use of the Platform, and the type of data that is collected may depend on whether the customer has enabled caching. In cases where the customer has enabled caching, the platform cache retains data from the customer's database that is fetched in response to its Users' queries. In cases where the cache is enabled, customer data is encrypted and stored by bipp for a maximum of 7 days. You can also take additional steps to reduce the amount of time that query results are held in cache by contacting us using the contact information provided in this Privacy Policy or any agreement you have with us.

When you or your authorized user(s) create an account to use the Platform, additional information about your use is collected, and is collected for the purposes listed below:

  • Unique identifier(s) allow us to monitor user experience.
  • Device information may include the hardware model, operating system and version, unique device identifiers, network information, IP address, and/or Platform version.
  • Information about all of your interactions with the Platform and training content and how the Platform is performing. Customers may access information about their use of the Platform, which is retained for 90 days, with a longer retention available to customers pursuant to any agreement between bipp and the customer.
  • License credentials to ensure that usage is in compliance with the customer's licensing terms. This information includes metadata about users, roles, database connections, server settings, features used, API usage, and Platform version.
  • Information contained in your database that you connect with the Platform, to which we have access when we automatically back it up and encrypt it for you.
  • Logins that use external directory or single sign-on services share with us certain information to authenticate your identity and pre-populate certain forms (e.g. user registration) on the Platform. Note that even if you subsequently stop using the services, we will retain the information you have shared with us, subject to this Privacy Policy.
  • If a bipp customer uses the Platform to analyze personal information in their databases, bipp will process the categories of personal information analyzed (e.g. via reports, query strings, embedded messages), which may include special categories of data as determined by the customer, including without limitation factors specific to the individual's physical, physiological, genetic, mental, economic, cultural or social identity. bipp users should avoid using special or sensitive data categories, PHI (personal health information), or other protected consumer information as part query strings, looks, embedded messages or similar, and shall remove such information whenever such information is not necessary for bipp to provide Services to the customer.

The bipp Platform uses a read-only connection for its users, which enables bipp to access the minimum amount of data needed to answer questions and only returns the relevant result set.

Embedded bipp

Embedded bipp is a version of the bipp Platform that is embedded into third party workflows or applications. Such third parties are considered “External Business Users.” This allows customers to white label BIPP’s BI platform or embed analytics in SaaS applications or build custom applications.

Security Measures

bipp takes security of information seriously and will utilize commercially reasonable safety and security precautions common to the industry in order to protect user information. Given the nature of online communications and information processed using technology, bipp cannot guarantee that information transmitted through the Internet or while stored on systems connected to the Internet will be absolutely safe from intrusion or unauthorized access by others. Please employ your own common-sense security measures to protect your information.

Third Party Services, Links, and Websites

The privacy practices set forth in this Privacy Policy are for the Services only. If you link to other web sites, please review the privacy policies posted at those sites. We do not control or manage the activities of any third-party, its website(s), or any of their data collection practices, and are therefore not responsible for any of their policies or practices. We do not necessarily endorse any third-party for which a link is provided through the Services. We may use third-party data storage providers to store our data, which data may include user personal information. These third-party data storage providers do not access data unless necessary for maintenance or other similar purposes.

Retention, Modification, and Deletion of Information

We will retain information only for so long as it is necessary to provide the user with the Services requested by the user. Any user may request that we modify or delete user information by either: (i) using the online tools or features made available to the user to modify or delete the user’s information, if any; or (ii) contacting your point of contact as set forth in an agreement between you and bipp, or by email at contact@bipp.io. If you request that we delete any information, such information, subject to the paragraph below, will be removed within 15 days. Please note that if you are using the Services, the removal of certain information may impact your ability to use the Services, and bipp shall not be responsible for any issues you may have using such Services due to the deletion of information as requested by the user. bipp may retain information in accordance with a user’s instructions, including any instructions requested or required by a user in any agreement made between bipp and the user, and as required by applicable law.

It is the user’s responsibility to keep all information current, accurate, and complete, and to notify bipp in the event that any information needs to be modified. It is the user’s responsibility to delete or request the deletion of any of the user’s information. The user acknowledges and agrees that not all information may be capable or required to be deleted, and bipp reserves the right to retain any information if required by law, bipp has the legal right to retain such information, or deletion is impractical. bipp may require that any user verify the user’s identify before deleting or modifying any user’s information, and bipp shall not be required to modify or delete any user information if the user does not verify the user’s identify to the reasonable satisfaction of bipp.

California Residents

Our practices and this policy are designed to comply with the California Consumer Privacy Act ("CCPA"). If you are a resident of California, you may have certain rights with respect to your personally identifiable information. In addition to the other rights set forth herein, if you are a California resident, then you also have the right to:

  • If you believe that your privacy rights under the CCPA have been violated, you may notify us in writing so that we may cure the violation, if a violation does indeed exist;
  • While we do not sell your data to third-parties or intend to do so, you may opt out of this practice by using the link at the bottom of our website labeled “Do Not Sell My Personal Information”;
  • Request information about how and why your personally identifiable information is collected, used, and stored;
  • Request copies of your personally identifiable information that is collected, used, or stored;
  • Request the categories or names of third-parties with whom your personally identifiable information is shared; and
  • Subject to certain exceptions, request the deletion of all personally identifiable information held by us.

In the event that you would like to inquire about or enforce any of your rights under the CCPA, please contact us at privacy@bipp.io and we will promptly respond. You may also call us at (408) 782-4842.

If you are a California resident, then California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your personal information by us to third-parties for the third-parties’ direct marketing purposes. To make such a request, please send an email to privacy@bipp.io.

If you are a California resident under 18, and a registered user of any site where this policy is posted, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you have publicly posted . To make such a request, please send an email with a detailed description of the specific content or information to privacy@bipp.io. Please be aware that such request does not ensure complete or comprehensive removal of the content or information you have posted and that there may be circumstance in which the law does not require or allow removal even if requested.

The Company has the right to verify the identity of any user making any request described above, and the Company shall have no obligation to address a request if the user making such request does not provide reasonable verification.

General Data Protection Regulation

Our practices and this policy are designed to comply with the General Data Protection Regulation ("GDPR"). We are a “processor,” as such term is defined and used under the GDPR. If you are a resident of the European Union or the European Economic Area, we are required to inform you that you have certain rights regarding the personally identifiable information you provide to us. In addition to the other rights set forth herein, if you are a resident of the European Union or the European Economic Area, you also have the right to:

  • Request a copy of the personally identifiable information held by us
  • Request that we provide you access to and/or rectify personally identifiable information that is inaccurate or out-of-date
  • Request erasure of your personally identifiable information where it is no longer necessary for us to retain it
  • Withdraw consent to the processing of your personal information at any time
  • Request that the data controller provide you with your personally identifiable information and, where possible, to transmit that data directly to another data controller, where applicable. This right of portability only applies where the processing is based on consent or is necessary for the performance of a contract and if we process the personal information by automated means
  • Request a restriction on further processing, if applicable
  • Object to processing of your personal information if the processing is based on a legitimate interest, is for direct marketing, or is for scientific research and statistics
  • Lodge a complaint with a supervisory authority; and
  • Be notified of a security breach affecting your personal information within 72 hours.

Our Data Protection Officer is Shubham Sharma and may be reached at dpo@bipp.io.

More information regarding the GDPR and your rights under the GDPR may be obtained from the European Commission.

Privacy Contact Information

If you have any questions, concerns, or comments about our privacy policy you may contact us using the information below:

By e-mail: privacy@bipp.io

By Phone: : (408) 782-4842

We reserve the right to make changes to this policy. Any changes to this policy will be posted and the date of the most recent change will be posted above.