In order to provide our Site and Services (collectively, "Platform"), we collect personal data from our customers ("Customers"). We also collect and/or host the personal data of our Customer's end users ("End Users") when our Customers' websites are hosted by TxPipe or our Customers use our Services.
TxPipe collects several types of information to provide and improve the user experience. What personal information we collect and process depends on how and why you use our Platform.
This is information that is received directly from you when you provide it to us, such as in connection with our Services registrations.
This information is collected when you sign up for an account with Demeter, including our free tier services. This can include your name, email address and profile picture, which are required for account creation. We provide the option to sign up and log in to our services using third-party integrations with Google and Github. If you choose to use this method, we receive your email address and name from these platforms. The information we receive is governed by the privacy policies and settings of those third-party platforms.
You are not required to enter your credit card information unless and until you decide to continue with a paid subscription to our Services or if you decide to make any online purchase through our Platform. When you sign up for one of our paid Services, you must provide billing information. The information you will need to submit depends on which billing method you choose. In order to process your payment Information, we use a PCI-compliant third-party processor called Stripe.
This information is processed by our payment service provider and we receive a confirmation of payment, which we then associate with your Account Information and any relevant transactions. While our administrators are able to view and track actual transactions via customer portals, we do not have access to, or process, your credit card information.
This is information about the devices and software you use to access the Site — primarily the internet browser or mobile device that you use, the website or source that linked or referred you to the Site, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device on the Internet), the operating system of your computer or mobile device, device screen size, and other similar technical information.
Information about your interactions with the Platform, including access dates and times, hardware and software information, device event information, log data, crash data, cookie data. This information allows us to understand the screens that you view, how you've used the Platform (which may include administrative and support communications with us), and other actions on the Platforms. We, or authorized third parties, automatically collect log data when you access and use the Platform, even if you have not created an account or logged in. We use this information to administer and improve the Services, analyze trends, track users' use of the Platform, and gather broad demographic information for aggregate use.
We use Google Analytics to map the general location to which each IP address corresponds ("Location Information"). The Location Information that is mapped from an IP address is limited to country and city – we do not identify precise location. We use Location Information in order to more effectively provide our Services to our Customers. In addition, as part of our Services, we also share Location Information (based on End Users’ IP addresses) to our Customers, so that they may also more effectively provide their products and services to their End Users.
As noted above, we deploy and host websites and provide other analytics tools for our Customers. These Customers may collect personal information from their End Users in connection with the products or services that they offer to End Users.
Because we host our Customers' websites and provide other analytics tools, we process End Users' information when they use our Customers' websites, web applications, and APIs. This information may also include, but is not limited to, IP addresses, system configuration information, and other information about traffic to and from Customers' websites (collectively, the "Log Data"), as well as Location Information derived from IP addresses.
We do not, however, collect or process End Users’ IP addresses through the use of our analytics Services. All of this information is stored on our Platform as part of our Services, but Customers are responsible for the content transmitted across our network (e.g., images, written content, graphics, etc.), as well as any personal information they collect. Customers are also solely responsible for notifying their End Users of their personal information collection, use, and disclosure.
With respect to Log Data, we collect and use Log Data to operate, maintain, and improve our Services in performance of our obligations to our Customers. For example, Log Data can help us to detect new threats, identify malicious third parties, and provide more robust security protection for our Customers.
We use your personal information for a number of different reasons, as further explained below.
In addition, for users located in the EEA and the UK, we must have a valid legal basis in order to process your personal data. The main legal bases under the European Union's General Data Protection Regulation (GDPR) that justify our collection and use of your personal information are:
Below are the general purposes and corresponding legal bases (in brackets) for which we may use your personal information:
We only disclose your personal information as described below.
TxPipe discloses users' information to our third party agents, contractors, or service providers who are hired to perform services on our behalf. These companies do things to help us provide the Platform, and in some cases collect information directly, for example as explained in Payment Processing above.
Below is an illustrative list of functions for which we may use third-party service providers:
When we act on behalf of our Customers (as a data processor or service provider), we may provide End Users' personal information to our Customers in order to comply with their requests, End Users' requests and/or regulator requests, among others.
Occasionally, we will provide our Customers with aggregated information that does not identify End Users directly, in order to provide information about usage, demographics (such as location) or other general information. Anonymized Information We share aggregated, automatically-collected or otherwise non-personal information with third parties for various purposes, including (i) compliance with reporting obligations; (ii) for business or marketing purposes; (iii) to assist us and other parties in understanding our users' interests, habits and usage patterns for certain programs, content, services, marketing and/or functionality available through the Platform. We do not share personal identifiable information in this case.
The Platform’s primary storage of information is in the United States and the EEA. To facilitate our global operations, we may process personal information from around the world, including from other countries in which TxPipe has operations, in order to provide the Platform.
If you are accessing or using our Platform or otherwise providing personal information to us, you are agreeing and consenting to the processing of your personal information in the United States and other jurisdictions in which we operate.
If you are a Customer, you are responsible for informing your End Users of how and where their personal data will be processed at the time of collection.
We retain personal information for as long as needed to provide our Services. Note, however, that with respect to our Customers with active accounts, we may retain certain essential account information, but otherwise regularly delete other information that is less essential to the provision of our Services in order to minimize our storage of data.
We also will retain personal information that we've collected from you where we have an ongoing legitimate business need to do so (for example, to comply with applicable legal, tax or accounting requirements). Additionally, we cannot delete information when it is needed for the establishment, exercise or defense of legal claims (also known as a "litigation hold"). In this case, the information must be retained as long as needed for exercising respective potential legal claims.
When we no longer have an ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible.
We take steps that are reasonably necessary to securely provide our Platform. We have put in place reasonably appropriate security measures designed to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We limit access to personal data only to those employees, agents, contractors and the third parties who have a business need-to-know.
We also have procedures in place to deal with any suspected data security breach. If required, we will notify you and any applicable regulator of a suspected data security breach. We also require those parties to whom we transfer your personal information to provide acceptable standards of security.
Notwithstanding, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, take special care in deciding what information you send to us via email.
If the GDPR applies to you because you are in the EEA or the UK, you have certain rights in relation to your personal data:
If you are located in the EEA or the UK and you are a Customer or Site Visitor, and wish to exercise any of the rights set out above, you may contact us at email@example.com.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under those circumstances.
If we cannot reasonably verify your identity, we will not be able to comply with your request(s). We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. Note that this is especially true when you engage a third party to assist you in exercising your rights.
We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law. In addition, we will always balance your rights against those of other data subjects in connection with any requests, and in some cases this may require us to redact our responses or deny a request.
Customers also can access, correct or update their Account Information by editing their profile or organization record at https://demeter.run. We ask that Customers use this option as a first step when rectifying information.
If you no longer wish to receive our marketing/promotional information, we remind you that you may withdraw your consent to direct marketing at any time directly from the unsubscribe link included in each electronic marketing message we send to you. If you do so, we will promptly update our databases, and will take all reasonable steps to meet your request at the earliest possible opportunity, but we may continue to contact you to the extent necessary for the purposes of providing our Services.
You have the right to make a complaint at any time to the supervisory authority for data protection issues in your country of residence. We would, however, appreciate the chance to address your concerns before you approach the supervisory authority, so please contact us directly first.
If you are a California resident, you have certain rights with respect to your personal
information pursuant to the California Consumer Privacy Act of 2018 (“CCPA”).
We are required to inform you of: (i) what categories of information we collect about you, including during the preceding 12 months, (ii) the purposes for which we use your personal data, including during the preceding 12 months, and (iii) the purposes for which we share your personal data, including during the preceding 12 months.
You have the right to: (i) request a copy of the personal information that we have about you; (ii) request that we delete your personal information; and (iii) opt-out of the sale of your personal information. You can limit the use of tracking technologies, such as cookies, by following instructions in the “Your choices” section. These rights are subject to limitations as described in the CCPA.
If you are a California resident and you are a Customer or Site Visitor, and wish to exercise any of the rights set out above, you may contact us at firstname.lastname@example.org. We will not discriminate against any consumer for exercising their CCPA rights.
TxPipe has no direct relationship with End Users (as described in the Data Collection section). Our Customers are solely responsible for ensuring compliance with all applicable laws and regulations with respect to their End Users, and this includes handling all data subject requests. We rely on our Customers to comply with the underlying legal requirements and respond directly to End Users when End Users wish to exercise the rights set forth above.
However, if an End User sends a request to TxPipe to access, correct, update, or delete his/her information, or no longer wishes to be contacted by a Customer that uses our Services, we will direct that End User to contact the Customer's website(s) with which he/she interacted directly, and cooperate with our Customers as required by applicable law in order to ensure that our Customers satisfy their End Users' requests.
TxPipe is a Delaware LLC with the following contact information:
2810 N Church St
Wilmington, Delaware, 19802-4447