Espresa Privacy Policy

Last updated 21, February 2020

This privacy policy (“Policy”) describes how Espresa, Inc. (“Company”, “Espresa”) collects, uses and shares personal information of consumer users of this website, espresa.com (the “Site”) and how you can exercise your rights as a visitor and user.

Espresa is the “Data Controller” for operational data, such as telemetry and logs and the “Data Processor,” while our users are the controllers, for all other data that the users provide as they use our product.

Espresa cares and so do you about how your Personal Information is used and shared, and we take your privacy seriously. By using the Espresa services or by visiting espresa.com (collectively, the “Services”) you accept the practices outlined in this Privacy Policy.

This Policy also applies to any of our other websites that post this Policy. This Policy does not apply to websites that post different statements.

The scope

This Privacy Policy covers Espresa’s treatment of personally identifiable information (“Personal Information”) that Espresa gathers when you access or use the Services in any format, including electronic, paper or verbal.

What and how we collect your information

We gather information about you in these specific ways.

Information you provide us

We collect your name, postal address, email address, phone number, fax number, username, password, employer, demographic information (such as your gender and occupation), as well as other information you directly give us on our Site. But we do not store your credit or debit card information. We use an authorized trusted third party service to process card payments, and Espresa does not save such sensitive personal identifiers within our system.

Information we receive from others

We may get information about you from other sources, including your employer and our provider partners, which may be added to information previously provided to Espresa by you and the Site.

Information automatically collected

We automatically log information about you and your computer. For example, when visiting our Site, we log your computer operating system type, browser type, browser language, pages you viewed, how long you spent on a page, access times, and information about your use of and actions on our Site. In addition, we may use trusted third-party services such as Google Analytics that collect, monitor, and analyze logged information.

Cookies

We may log information using “Cookies.” Cookies are small data files stored on your hard drive by our Site. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you or your browser deletes them) to provide you with a more personal and interactive experience on our Site. This type of information is collected to make our Site more useful to you, and to tailor your experience with us to meet your special interests and needs.

Use of personal information

We use your personal information to:

  • Operate, maintain, and improve our Sites, products, and services.
  • Process and deliver contest entries and rewards (where applicable).
  • Respond to comments, questions, and provide customer service.
  • Send information including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages.
  • Communicate promotions, upcoming events, and other news about products and services offered by our selected partners and us.
  • Protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
  • Provide, deliver, further develop and improve products and services customers request, including through our provider partners.

Privacy policy

Where the Company collects personal information directly from individuals in the European Union and Switzerland, it will inform them about the type of personal information collected, the purposes for which it collects and uses the personal information, and the types of non-agent third parties to which the Company discloses or may disclose that information, and the choices and means, if any, Espresa offers Individuals for limiting the use and disclosure of their personal information.  Notice will be provided in clear and conspicuous language when Individuals are first asked to provide personal information to the Company or as soon as practicable thereafter, and in any event, before the Company uses or discloses the information for a purpose other than that for which it was originally collected.

Where the Company receives personal information from its subsidiaries, affiliates, or other entities in the European Union and Switzerland, it will use and disclose such information in accordance with the notices provided by such entities and the choices made by the Individuals to whom such personal information relates.

Sharing of personal information

We may share personal information as follows:

  • With your consent. For example, you may let us share personal information with your employer, provider partners, and others. Those uses will be subject to their privacy policies. We may also share personal information with our provider partners who offer service(s) to you.
  • When we do a business deal or negotiate a business deal. Involving the sale or transfer of all or part of our business or assets, we may share details regarding a merger, financing, acquisition, or bankruptcy transaction or proceeding.
  • For legal, protection, and safety purposes:
    • To comply with laws
    • To respond to lawful requests and legal processes
    • To protect the rights and property of the Company, our agents, provider partners, and others. This includes enforcing our agreements, policies, and Terms of Use.
    • We may share information in an emergency. This includes protecting the safety of our employees and agents, our provider partners, or any person.
  • We may share information with those who need it to do work for us, such as website hosting, the processing and delivery of mailings, providing customer support, or providing credit card processing services.
  • We may also share aggregated and/or anonymized data with others for their own uses.

Third-party partners and integrations

The Site may contain links to third-party agents, websites or services, such as third-party integrations and identity providers (‘Third Party Partner’).

Espresa may contract with other companies and individuals to perform functions or services on our behalf. The companies and individuals may have access to Personal Information but only as needed to perform their functions.

Espresa will obtain assurances from its agents that they will only process the data for the limited and specified purposes consistent with the consent provided by the individual, and will safeguard personal information consistently with this Policy.

It is our responsibility to take steps to ensure that the Third Party Partner processes Personal Information appropriately.  Where Espresa becomes aware that an agent is using or disclosing Personal Information in a manner contrary to this Policy, we will take reasonable steps to prevent and/or stop the use or disclosure.  If the agent will no longer meet its obligation to provide adequate protection, we require that agent to promptly notify Espresa; and at such time Espresa will take reasonable and appropriate steps to stop and remediate unauthorized processing.

Information choices and changes

You are the owner of your Personal Information.

Our marketing emails tell you how to “opt-out.” If you opt-out, we may still send you non-marketing emails. Non-marketing emails include emails about your accounts and our business dealings with you.

Prior to sharing any information with non-agent third parties, or sharing information for a purpose other than the purpose for which it was originally collected or subsequently authorized for use, Espresa will offer individuals clear, conspicuous, and readily available mechanisms to choose:

In the case of personal information, to “opt-out” of having personal information (a) be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

In the case of sensitive personal information, to affirmatively and explicitly “opt-in” consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.

If your Personal Information that we hold is inaccurate and you cannot update it, please let us know and we will update the relevant information.

You may send requests about Personal Information copy or deletion to our Contact Information below.

We will notify you within 30 days of your valid request about the relevant action taken.

We will retain your information for as long as your account is active or as needed to provide you services.

You may view and modify your personal information through your account settings.

We may not be able to modify or delete your information in all circumstances, as federal and state law may require that we maintain certain types of information for a set period.

You may not be able to delete or modify certain information that your employer requires that we maintain.

If you have any questions about reviewing, modifying or deleting your account information, you can contact us directly at the address below.

You can typically remove and reject cookies from our Site with your browser settings. Many browsers are set to accept cookies until you change your settings. Removing or rejecting our cookies may affect how our Site works for you.

Conditions of use for residents of California and Vermont

If you decide to access or use the Services, any possible dispute over privacy is subject to this Privacy Policy and our Terms of Use, including limitations on damages, arbitration of disputes, and application of your state’s law.

Data storage

We use third-party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run our services. Although we own the code, databases, and all rights to our Site and our applications, you retain all rights to your data.

Our Site will use Personal Information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. Our Site will take reasonable steps to ensure that Personal Information is relevant to its intended use, accurate, complete, and current.

Personal information security

The security of your personal information is important to us. When you enter sensitive information (such as a credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL).

We follow generally accepted standards to protect the Personal Information submitted to us, both during transmission and once we receive it.

The Espresa team and its contractors are continuously implementing and updating administrative, technical, and physical security measures to help protect your Personal Data against unauthorized access, loss, misuse, destruction, unavailability or unauthorized changes. Espresa takes into account the risks associated with processing and the nature of personal data.

If you have any questions about security on our Website, you can contact us at the address below.

Personal data breach

As a Data Processor, Espresa will notify a Customer (‘Data Controller’) without undue delay after becoming aware of a personal data breach.

Additional information for California residents

This section provides information organized in accordance with the California Consumer Privacy Act (“CCPA”) for residents of California about how we handle certain personal information we have collected over the past 12 months.

Categories of Personal Information​. This Privacy Policy discloses the categories of personal information that we collect, use, and disclose in order to operate our business over the past 12 months.

Collect​: The section above entitled “WHAT AND HOW WE COLLECT” discloses the categories of personal information that we collect.

Use​: The section above entitled ​“USE OF PERSONAL INFORMATION” discloses how we use your personal information.

Disclose: The sections above entitled “SHARING OF PERSONAL INFORMATION” and “THIRD-PARTY PARTNERS & INTEGRATIONS” discloses how we may share your personal information.

Espresa does not sell your personal information to third parties​.

Since Espresa sells enterprise products to businesses, and not directly to consumers, we do not knowingly collect any information from children.

Requests for Deletion, Copy and Right to Know Your Information​ – California consumers have the right to make the following requests, which we endeavor to honor from non-California residents as well:

Deletion​: You have the right to request the deletion of personal information that we have collected about you.

Copy and Right to Know​: You have the right to request a copy of the specific pieces of personal information that we have collected about you over the past 12 months, including the categories of information, sources, and purposes of collection, as well as categories of third parties we have shared it with.

Designated Agent​: You may designate an agent to make a request on your behalf. That agent must have access to your account in order for us to verify the request.

You may submit deletion, copy and right to know requests by calling us at +1 (844) 377-7372 or emailing support@espresa.com.

Non-Discrimination: Espresa will not discriminate against you, including by denying or providing a different level or quality of goods or services should you choose to exercise your options under the CCPA.

Questions or concerns

Espresa commits to resolving complaints about our collection or use of your Personal Information.

European Union and Swiss Individuals with inquiries or complaints regarding our policy should first contact Espresa at:

Espresa, Inc.

2225 E. Bayshore Rd., Suite 231. Palo Alto, California 94303, USA

Email: info@espresa.com

We will make every effort to resolve your concerns and questions.

Espresa has further committed to cooperate with the panel established by the EU data protection authorities (DPAs).

Changes to this privacy policy

Espresa may change this privacy policy. If Espresa makes any changes, we will change the Last Updated date above.