EU General Data Protection Regulation 2016/679.
Costello is a data “processor,” as defined by the EU General Data Protection Regulation (“GDPR”). Accordingly, Costello is only responsible for complying with GDPR provisions that apply to data processors. We process data on behalf of our customers, and we neither control nor have any responsibility over our customers’ use of the Services and the types of information our customers input into the Services.
Information We Collect
We collect different types of information from users of our Services.
We may collect personally identifiable information from users of our Services (collectively, “Personal Information”). Personal Information includes information provided to us by prospective and current Costello customers through the Site, including first and last names; email address; mailing address; and telephone number. Personal Information also consists of information provided to us by Costello customers through the Platform, such as the first and last names, telephone numbers, and mailing addresses of individuals included in the customers’ sales call contact lists.
We may collect additional information from users of our Services that may not by itself reasonably identify you as the source (collectively, “Usage Information”). Usage Information may include your IP address; “click stream” activity, such as when you click on a banner advertisement; the type of Internet browser and computer operating system you are using to access the Services; the URL of the website from which you linked to our Site; the areas of our Services that you visited; and the actions you performed using our Services. We will take reasonable measures to ensure that the Usage Information we collect is not personally identifiable and may not later be easily used to identify you except in the case of fraud checks or as otherwise required by applicable law.
How We Collect Information
We may collect Personal Information when you voluntarily provide such information to us by, for example, submitting an online form via the Site with requests, comments, or inquiries about our Services.
We also may collect Personal Information through our customers’ voluntary use of the Platform. Our customers can upload their sales call contact lists to the Platform. Our Platform is integrated with Salesforce’s customer relationship management (CRM) solution.
We may automatically record Usage Information on our server logs that your browser transmits when you use our Services. We may also collect Usage Information about how you access and interact with our Services through the use of automated tracking technology, such as cookies. A cookie is a small data file that is transferred to a web browser, which enables our Services to remember and customize your subsequent visits. You can instruct your browser to block the acceptance of cookies or to provide you with a warning prompt before you accept cookies from our Services. If you reject cookies, the functionality of our Services may be limited.
How We Use and Disclose Information
General Uses and Disclosures
We may use the information we collect from users of our Services for the purposes described below.
Provision of Services. We may use and disclose your Personal and Usage Information to facilitate the delivery of our Services. For example, we may store information contained in our customers’ sales call contact lists in our Platform to support our customers’ sales personnel’s efforts to efficiently place sales calls.
Contacting You. We may use your Personal Information to directly contact you in response to your inquiries about the Services and inform you about new features and products included in our Services.
Improving our Services. We may use your Personal and Usage Information to enhance our understanding of our users’ preferences and improve our Services accordingly. Further, we may analyze Usage Information to better understand our user’s preferences with respect to the Site and Platform’s content and functionalities.
Disclosures to Third Parties. We do not sell any Personal or Usage Information to third parties. Further, the information a customer inputs into the Platform will not be available to our other customers. We may, however, make such information accessible to third-party service providers that assist us with managing our daily business operations, providing our Services, and marketing our Services. For example, we use Salesforce’s CRM solution to enable our customers to use the Platform. For information regarding Salesforce’s privacy practices, please visit www.salesforce.com/company/privacy.
We also share your Usage Information with Google Analytics, a web analysis service provided by Google. Google Analytics plants a cookie on your web browser to identify you as a unique user each time you visit the Site, but the cookie cannot be used by anyone but Google. We use Google Analytics to analyze trends, research the effectiveness of the Site, track users’ movements around the Site, and gather demographic information about our user base.
Some Site users may have permitted Google to both link their web and app browsing histories with their Google accounts and use their Google account information to offer personalized advertisements. Google collects identifiers associated with such Site users’ Google accounts and combines them with other Google Analytics information to optimize the delivery of personalized advertisements across various user devices.
Law Enforcement, Safety, and Legal Processes. We may share your Personal Information and/or Usage Information with law enforcement or other government officials if it relates to a criminal investigation or alleged criminal activity. We may also disclose your Personal Information and/or Usage Information if required or permitted to do so by law; for fraud protection and credit risk reduction purposes, or in the good-faith belief that such action is necessary to protect and defend the rights or property of Costello or the users of the Services; and to act under urgent circumstances to protect the safety of Costello or its employees or a member of the public. We may also disclose your information to comply with a judicial proceeding, court order, subpoena, or legal process.
Security of Personal Information
Unfortunately, no data transmitted over or accessible through the Internet can be guaranteed to be 100% secure. As a result, while we attempt to protect all Personal Information, we cannot ensure or warrant that Personal Information will be completely secure from misappropriation by hackers or from other nefarious or criminal activities, or in the event of a failure of computer hardware, software, or a telecommunications network. We will notify you in the event we become aware of a security breach involving your personally identifiable information (as defined by the applicable state and federal laws) stored by or for us. By disclosing your email address to us for any reason, you expressly consent to receive electronic notice from us in the event of such a security breach.
The Services may contain links to websites not affiliated with us. Your use of an external website or any informational content found on an external website is subject to and governed by the privacy policies, terms, and conditions of that website. We do not endorse or make any representations or warranties concerning, and will not in any way be liable for, any informational content, products, services, software, or other materials available on an external website, even if one or more pages of the external website are framed within a page of our Services. We are not responsible for the privacy practices of any external website.
Our Services are not intended for use by a child under the age of 13. We do not knowingly collect any Personal Information from a child under the age of 13 through the Services. If you are aware of a child under the age of 13 using our Services, please alert us at the contact information listed below.
Accessing and Modifying Information
If you would like to access, modify, delete, or modify Personal Information, you may do so through the user account associated with our Platform. You may also reach us at the contact information listed below to request the access, modification, or deletion. Modifying, or deleting any information will not result in the modification or deletion of any such information that may reside in back-up or disaster-recovery storage.
If you would like to opt out of receiving communications directly from us, you may do so by following any instructions included in the communication or by contacting us at the contact information listed below. If you are a contact of one of our customers and would no longer like to be contacted by one of our customers that use our Services, please directly contact the customer with whom you interact.
Your California Privacy Rights
California law provides that California residents have a right to request businesses to tell them how their personal information has been shared, if at all, with third parties for the third parties’ direct marketing purposes. To make such a request, please contact us at the contact information listed below.
Do Not Track
Certain web browsers and other devices you may use to access the Site or App may permit you to submit your preference that you do not wish to be “tracked” online. We do not currently commit to responding to these submissions, in part, because no common industry standard for “do not track” has been adopted by industry groups, technology companies, or regulators. We will make efforts to monitor developments around Do Not Track browser technology and the implementation of a standard.
Comments and Questions