AT EQ LABS, WE BELIEVE THAT YOUR PRIVACY IS A FUNDAMENTAL RIGHT.
“Personal Information” is any information that enables us to identify you, directly or indirectly, such as your email address, name, shipping and billing address, telephone number, company name, credit card information, any form of identification number or one or more factors specific to your physical, physiological, mental, economic, cultural or social identity. We collect information, including personal information, that you submit when using our website or services and automatically collect information when you interact with us. This includes the following:
When you sign up for an account, either through the web application or the mobile app, we collect and store your email address. We use email addresses to map managers to their team-members, so that we can survey team members on how their managers are doing at adopting more inclusive practices. If we received a complaint about a specific user (through the “Help” interface within the app, or through email or chat), we might be under a legal obligation to share the details of that complaint with your HR department. This is the only case when we would break the confidentiality of your use of EQ Labs tools. We also use your email address to notify you of any changes to our policies.
Every five minutes, the EQ Labs servers will connect to the Google APIs and check for any events that might be starting in the next ten minutes. If you have an event starting that has other participants, we’ll send you a “nudge” notification of a practice you could use. We store the plain IDs (usually the same as your email address) of your calendars so that we can save having to call the Google API to get your list of calendars over and over again. When we send you a nudge, we store the plain ID of the event (a meaningless string like: “cs1rvmhcjth7logas89f462955_20200511T210000Z”) so that we can make sure we don’t accidentally send you the same nudge twice. If any of the attendees of that event are also EQ Labs users (like your manager or your team members), we store their email address, so that we can survey them after the meeting. We also save the ending time of the meeting, so that we know when to send out that survey. We don’t store any other information about the event - we don’t store the title or location or notes.
If you decide you’d like to receive notifications by SMS, we will store your cell phone number within your account record. This is used only to send you recommended practices or survey links, and not for any other purpose. You can disable it at any time from within the mobile app or the web interface. Your device token. By default, we will send practice nudges via push notification to your mobile device. We do this by storing an opaque token - it does not provide any information on your device ID or location, but it does indicate whether your device is an IOS or Android phone. You can disable this at any time within the mobile app, from the web interface, or through your mobile device settings.
When you’re using the mobile app, we measure which screens you’re looking at and for how long. This is so we can tell which parts of the app are getting used, and also to troubleshoot any bugs. We record when you watch training videos, so that we know which practices should be enabled. And we record when you commit to trying out a practice, so we know whether to survey folks on how it went. We also record when you decline a practice, so we can try and suggest practices that are more relevant for you. Based on those activities, we also give “badges” and awards.
Aside from ordinary web server logs (which contain IP addresses and not usually account IDs), we also record account IDs for when you’re using the browser plugins. This helps us see whether the browser plugins are also contributing to improvements in behavior, and which categories of users prefer which types of tools.
We do not currently use technology that recognizes a “do-not-track” signal from your web browser.
All of your authentication and application data is stored in the “Google Firestore” database. Access to this data is limited to yourself (as managed by the Firebase Authentication service) and the EQ Labs servers (as managed by a set of Google API Oauth credentials). Mobile app usage data is captured using Firebase Analytics. Web access data is captured using Mixpanel and Google Analytics. Web server logs may also be captured by Heroku, Netlify and Microsoft Azure CDN. We have made every effort to limit the amount of personal data that could be exposed in the web server logs, but they do contain IP addresses.
We use reasonable technical, administrative and physical measures to protect information contained in our system against misuse, loss or alteration. All of EQ Labs services use SSL certificates, so all data is encrypted in transit. Firestore uses a securely encrypted backend. Anonymous usage data might be stored in plain text in one of the analytic company datastores.
You can choose not to receive emails from us by “unsubscribing” using the instructions in any email you receive from us. This will not stop us from sending emails about your account or your transactions with us. You can unsubscribe from receiving text messages from us by replying STOP to any text and receive one final confirming message.
You can choose to delete or block cookies by setting your browser to either reject all cookies or to allow cookies only from selected sites. If you block cookies performance of the Site may be impaired and certain features may not function at all.
If you choose to delete your account, we delete all of your information. This does not include the answers to survey questions that were sent to your team members, since that is also their information.
You can update, amend or delete your information at any time by logging into your account to make the change.
We may disclose your non-private, aggregated or otherwise de-identified information to our affiliates and third parties.
We do not share your information with third parties for their marketing purposes.
Our website and application are not designed nor intended to be attractive to use by children under the age of 13. We do not knowingly collect information from children under the age of 13. If you are under 13 please do not submit any information to us.
We may permit others to link to this Site or to post a link to their site on ours. We do not endorse these sites and are not responsible for other sites or their privacy practices. Please read their privacy policies before submitting information.
Currently EQ Labs is not required to comply with the California Consumer Privacy Act (CCPA). When we are we will post a CCPA notice here.
We do not transfer personal information for monetary consideration. If you would like to tell us not to sell your information in the future please email us at email@example.com with your name, postal address, telephone number and email address with “Nevada do not sell” in the subject line.
For the purposes of the European Union General Data Protection Regulation 2016/679, (GDPR) the data controller is EQ Labs, Inc., 4326 3rd Ave NW, Seattle, WA 98107.
Chief Privacy Officer EQ Labs, Inc. 4326 3rd Ave NW Seattle, WA 98107
EFFECTIVE DATE: May 13th, 2020.