A. User Privacy
- how we gather information about our Users;
- how we use the information gathered about our Users;
- protection of database information;
- process for reviewing/changing information;
- limits on PBT’s abilities;
- procedure for initiating a complaint; and
- use of customer data.
A.3. How We Gather Information About Our Users. When a User enters information onto PBT’s UI or website or creates or provides information to create or edit an existing account with PBT, the registration or amendment process will collect and store company names, designated contact names, designated signatories, addresses, phone numbers, service providers, email addresses, referral sources, software types and information, and other third-party service providers, and information about the company’s demographics. The registration process for group administrators will collect their names, group names, addresses, phone numbers, service providers, email addresses, and information regarding the type, location, and demographics of the group, and any other information PBT considers necessary to set up, maintain, or create an account with PBT (“Personal Information”).
A.4. How We Use the Information Gathered About Our Users.
- PBT will not sell or rent Personal Information provided to PBT by Users. We review and process the User’s Personal Information to keep track of the Users’ specific utilization of PBT Services, to statistically analyze site usage, improve our content and product offerings, and customize our site’s content and layout. PBT collects this information to improve our site and better tailor it to meet our Users’ needs. We use information in the file we maintain about our Users, and other information we obtain from our Users’ current and past activities on our website, to resolve disputes, troubleshoot problems, enforce or perform any obligations under the Agreement, or in response to a request from User. PBT may use any User contact information including, but not limited to, email addresses, landline numbers, business numbers, wireless numbers, and/or physical addresses that Users provide to PBT to communicate from time to time regarding administrative notices, account information, updates and upgrades to PBT, and other PBT products that become available. In addition, we must comply with court orders, information requests from government agencies and regulators, and other legal and regulatory processes that may require the disclosure of our Users’ Personal Information.
- Wireless numbers will not be shared or sold to third parties, affiliates, or any other business outside of PBT, unless permitted hereunder, permitted by Users, or required by law. Any information collected as part of a communication campaign opt-in process, or by any other method PBT collects information, will not be shared or sold to third-parties outside of PBT unless required to do so by law or when permissible under this Section. Wireless numbers will not be shared or sold for marketing purposes.
- If PBT or all PBT’s assets are acquired, either by merger, acquisition, or sale, PBT may transfer our Users’ Personal Information to purchaser, partners, or acquirers. Otherwise, we will not share Personal Information with any third-party except to our service providers as required to provide PBT Services to User, required to do so by law, or when otherwise described or permissible under this Section or the Agreement.
A.6. Process of Reviewing/Changing Information. If a User, at any time, would like to change any information that PBT has, the User can contact PBT by telephone, email, or the User can access its online account, if applicable, and review and/or change any relevant information.
Powered By Text, LLC
6841 Virginia Parkway, Ste 103-#371
McKinney, TX 75071
A.9. PBT’s Privacy Representations. PBT represents that, in the course of providing any information that is directly from PBT, authored by PBT, and/or sent to PBT Users, that PBT will not:
- send information electronically that has falsified sender domain names, IP addresses, and company information;
- send information that has confidential, misleading, deceptive, or inaccurate whether in a subject line or within the content itself;
- send information routed through servers that PBT does not have express authority to use;
- prevent Users from opting out of receiving such communications, and process any opt out requests in a diligent manner; and
- send proprietary, confidential, or any type of information that PBT does not have the right to send.
THIS SECTION DOES NOT APPLY TO INFORMATION THAT PBT SENDS IN THE COURSE OF PROVIDING PBT SERVICES ON BEHALF OF PARTNERS. PARTNERS HAVE AND RETAIN ALL RESPONSIBILITY FOR ALL CONTENT OF PARTNER MESSAGES SENT TO USERS.
B. California Privacy Addendum
B.1. California Consumer Privacy Act. The California Consumer Privacy Act (“CCPA”) gives California residents the right to know what information is collected about them and the right to access and delete that information within certain limitations. They also have the right to tell companies not to sell personal information about them. PBT does not sell any personal information. Consumers may not be discriminated against for invoking these rights. PBT is aware of and complies with all rights and obligations of the CCPA and other relevant law.
B.5. User Right to “Do Not Sell.” The CCPA gives California residents the right to say no to the sale of Personal Information.
PBT does not sell User Personal Information, as that term is defined based on our understanding of the CCPA and its implementing regulations, except when required by law or otherwise permissible under the Agreement. We also do not provide Personal Information to third parties for monetary or other valuable consideration. We share certain information with third parties doing work on our behalf for business purposes described herein.
B.6. Discrimination. If a User exercises any of the rights described herein, PBT will not discriminate against the User by denying PBT Services, charging different prices or rates for PBT Services, or altering the quality of the PBT Services provided.
B.8. Do Not Track Notice. PBT does not track its Users over time and across third-party websites to provide targeted advertising and therefore does not respond to Do Not Track (DNT) signals. However, some third-party sites do keep track of a user’s browsing activities when they provide content. Most web browsers allow a user to set the DNT signal on your browser so that third parties know you do not want to be tracked.
Nevada and Vermont Privacy Addendum
C.1. Nevada Privacy Rights. Nevada law allows Users to opt out of the sale of Personal Information by online service providers such as website operators. Nevada law defines “sale” as the exchange of certain personally identifiable information for money, where the recipient also intends to sell that information. Personal identifiable information includes name, address, phone number, Social Security number, or any identifier that can be used to contact a consumer electronically. To submit a written request for PBT refrain from selling any personal information collected, please email [email protected].
General Data Protection Regulation Addendum
The General Data Protection Regulation (“GDPR”) is a collection of guidelines that creates a legal framework for the collection and processing of personal information belonging to individuals who live in countries within the European Economic Area (EEA) including, but not limited to, member states of the European Union (EU), Norway, Iceland, Liechtenstein, and the United Kingdom.
D.1. Applicability. This GDPR Addendum shall apply only to the extent Partner is established within the areas references above or any territories for which the GDPR applies.
D.2. Parties’ Roles. Partner is the original custodian (“Controller”) of the Partner’s Customers’ Personal Information (“Customer Data”), and Partner appoints PBT (“Processor”) to process Customer Data on the Partner’s behalf. In some circumstances Partner may be a Processor, in which case Partner appoints PBT as the Customer Data’s sub-processor, which shall not change the obligations of either Partner or PBT under this GDPR Addendum, as PBT will remain a Processor with respect to the Partner in such event.
D.3. Purpose Limitation. PBT shall process Customer Data for the purposes set forth in the Agreement and only in accordance with the lawful, documented instructions of Partner, except where otherwise required by applicable law. The Agreement and this GDPR Addendum set out Partner’s complete instructions to PBT in relation to the processing of Customer Data on behalf of Partner’s Customers (“Data Subjects”) and any processing required outside of the scope of these instructions (inclusive of the rights and obligations set forth under the Agreement) will require prior written agreement of the parties.
D.4. Training. PBT shall ensure that its relevant employees, agents and contractors receive appropriate training regarding their responsibilities and obligations with respect to the processing, protection and confidentiality of Customer Data.
D.5. Compliance. Partner, as Controller, shall be responsible for ensuring that, in connection with Customer Data and the PBT Services, it has complied, and will continue to comply with all applicable laws relating to privacy and data protection and it has, and will continue to have, the right to transfer, or provide access to, the Personal Information to PBT for processing in accordance with the Agreement, including this Addendum.
D.6. Security. PBT shall implement appropriate technical and organizational measures designed to protect the Customer Data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, access or use (each a “Security Incident”) and in accordance with PBT’s security standards set forth in the Agreement.
D.7. Confidentiality or Processing. PBT shall ensure that any person or entity that it authorizes to process the Customer Data (including its staff, agents, and subcontractors) shall be subject to a duty of confidentiality (whether a contractual or a statutory duty) that shall survive the termination of their employment and/or contractual relationship.
D.8. Security Incidents. Upon becoming aware of a Security Incident, PBT shall notify Partner without undue delay and pursuant to the Agreement, but within no more than seventy-two (72) hours, and shall provide such timely information as Partner may reasonably require to enable Partner to fulfil any data breach reporting obligations under EU Data Protection Legislation. PBT will take steps to immediately identify and remediate the cause of such Security Incident.
D.9. Sub-Processors. Partner agrees that PBT may engage PBT affiliates and third-party sub-processors (collectively “Sub-Processors”) to process the Customer Data on PBT’s behalf. The Sub-Processors currently engaged by PBT and authorized by Partner are listed on PBT’s Vendor List. The List shall include a mechanism for Partner to subscribe to notifications of any new Sub-Processors or changes to the Sub-Processor List. PBT shall impose on such Sub-Processors data protection terms that protect the Customer Data to the same standard provided for by this GDPR Addendum and shall remain liable for any breach of GDPR Addendum caused by a Sub-Processor.
D.10. Changes to Sub-Processors. PBT may, by giving no less than thirty (30) days’ notice to Partner, add or make changes to the Sub-Processors. Partner may object to the appointment of an additional Sub-Processor within fourteen (14) calendar days of such notice on reasonable grounds relating to the protection of the Customer Data, in which case PBT shall have the right to cure the objection through one of the following options (to be selected at PBT’s sole discretion): (a) PBT will cancel its plans to use the Sub-Processor with regard to Customer Data or will offer an alternative to provide the PBT Services without such Sub-Processor; or (b) PBT will take the corrective steps requested by Partner in its objection (which remove Partner’s objection) and proceed to use the Sub-Processor with regard to Customer Data; or (c) PBT may cease to provide or Partner may agree not to use (temporarily or permanently) the particular aspect of the PBT Services that would involve the use of such Sub-Processor with regard to Customer Data, subject to a mutual agreement of the parties to adjust the remuneration for the PBT Services considering the reduced scope of the PBT Services. Objections to a Sub-Processor shall be submitted to PBT by following the directions set forth in the Vendor List. If none of the above options are reasonably available and the objection has not been resolved to the mutual satisfaction of the parties within thirty (30) days after PBT’s receipt of Partner’s objection, either Party may terminate the Agreement.
D.11. Emergency Replacement. PBT may replace a Sub-Processor if the reason for the change is beyond PBT’s reasonable control. In such instance, PBT shall notify Partner of the replacement as soon as reasonably practicable, and Partner shall retain the right to object to the replacement Sub-Processor pursuant to Section D.10 (Changes to Sub-processors) above.
D.12. Subject’s Rights. PBT shall provide commercially reasonable assistance, including by appropriate technical and organizational measures as reasonably practical, to enable Partner to respond to any inquiry, communication or request from a Data Subject seeking to exercise his or her rights under EU Data Protection Legislation, including rights of access, correction, restriction, objection, erasure or data portability, as applicable. In the event such inquiry, communication, or request is made directly to PBT, PBT shall promptly inform Partner by providing the full details of the request. For the avoidance of doubt, Partner is responsible for responding to the Data Subject’s requests for access, correction, restriction, objection, erasure or data portability of that Data Subject’s Customer Data.
D.13. Data Protection for Impact Assessments and Prior Consultation. PBT shall, to the extent required by EU Data Protection Legislation, provide Partner with reasonable assistance with data protection impact assessments or prior consultations with data protection authorities that Partner is required to carry out under EU Data Protection Legislation.
D.14. Security Reports and Audits. Any provision of security attestation reports (such as SOC 2, Type II or equivalent report) or audits shall take place in accordance with Partner’s rights under the Agreement. PBT shall provide a copy of its most current security attestation report upon Partner’s written request no more than once annually. PBT reserves the right to charge a fee (based on its reasonable costs) for any such audit. PBT will provide further details of any applicable fee and the basis of its calculation to Partner in advance of such audit.
D.15. Deletion or Return of Data. PBT will process and store Customer Data only for the period necessary to achieve the purpose of the storage, or as permitted by law. In the event PBT is required by law to retain some or all of the Customer Data, the protections of the Agreement and this GDPR Addendum shall extend to such Customer Data and limit any further processing of such Customer Data to only those limited purposes that require the retention for so long as PBT maintains the Customer Data.
D.16. Miscellaneous. Except as amended by this GDPR Addendum, the Agreement will remain in full force and effect. If there is a conflict between the Agreement and this GDPR Addendum, the language of this GDPR Addendum will control. Any claims brought under this GDPR Addendum shall be subject to the Agreement, including, but not limited to, the exclusions and limitations set forth herein.
Canada’s Anti-Spam Legislation (CASL) Commitments
E2. Notices. PBT will notify Partner of any unsubscribe requests received from a Data Subject on a regular basis.
E3. Records. PBT agrees to maintain records in compliance with CASL and agrees to allow Partner to inspect and/or audit any records related to PBT’s compliance with CASL.
E4. Commercial Electronic Messages (“CEMs”). PBT will urge Partner to send Commercial Electronic Messages (“CEMs”), as defined in CASL, that contain the following information within each CEM transmitted:
- Identity of who the CEM is sent on behalf of;
- Provide information enabling the Data Subject to contact the entity in (a) supra;
- Provide a clear, simple unsubscribe mechanism in each CEM using the same electronic means by which the CEM was sent. Specifically, the unsubscribe mechanism must:
- Allow a Data Subject to unsubscribe from any CEM by providing the option in each CEM transmitted;
- Require only the Data Subject’s email address to process the unsubscribe request;
- Not request the Data Subject wishing to unsubscribe to log into the sender’s website or visit more than one webpage to complete the unsubscribe request; and
- Be processed and in effect within ten (10) business days of receiving same.
PBT IS NOT RESPONSIBLE FOR THE CONTENT OF CEMS OR ANY OTHER MESSAGES SENT TO DATA SUBJECTS. PARTNER HAS THE ULTIMATE APPROVAL FOR THE CONTENT OF ANY MESSAGE. PARTNER MAY CHOOSE TO SEND CONTENT THAT IS IN CONFLICT WITH THE ADVICE AND RECOMMENDATION OF PBT. AS SUCH, PBT IS NOT RESPONSIBLE FOR THE CONTENT OF ANY MESSAGES SENT.
E5. Consent. PBT will and is entitled to rely on Partner’s representation as to whether a Data Subject receiving a CEM has given the required consent, whether express or implied, to receive the CEM.
PBT IS NOT RESPONSIBLE FOR SENDING A CEM TO A DATA SUBJECT WHO DID NOT PROVIDE THE REQUIRED CONSENT TO RECEIVE SAME IF PBT RELIED ON THE PARTNER’S REPRESENTATION THAT THE REQUIRED CONSENT WAS PROVIDED TO PARTNER.
E6. Proof of Opt-In. To the extent that PBT has the information in its possession, custody, and/or control, PBT will save the following information pursuant to the Agreement or applicable law:
- Data User’s email address;
- Data User’s IP address;
- The date and time of the Data User’s opt-in;
- The specific URL of the acquisition source (or, if no longer live, a screenshot of same).
Powered By Text, LLC SMS Policy
By subscribing, you have provided us with consent to send you text messages regarding reminders, account notices, updates, and offers from Powered By Text companies. Message frequency varies by events/preference. Message and data rates may apply. Carriers are not liable for delayed or undeliverable messages. If your phone does not support MMS, you’ll receive SMS instead.
Opt-Out or Stop
If you wish to stop receiving text messages from Powered By Text, reply STOP to any text message from 77007. You may also stop text messages by calling us at 888-470-2116 or emailing us at [email protected].
Help or Support
If at any time you need our contact information on how to stop text messages, reply to any text message from 77007 and in the reply, text HELP. Upon receiving your text message, we will send you a text message with our contact information. In general, the messages we send provide you with information about our upcoming events, new content, and other announcements. Some of the text messages we send may include links to websites. To access these websites, you will need a web browser and internet access.
This program is supported by Alltel, AT&T, Boost, Sprint, Verizon Wireless, Virgin Mobile, MetroPCS, T-Mobile and U.S. Cellular. T-Mobile is not liable for delayed or undeliverable messages. Products & services are compatible with AT&T handsets.