Advise.Us Privacy Policy
About this privacy policy
This privacy policy has been compiled to better serve those who are concerned with how their personal information is being used on the Advise.Us website. "Personal information" is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read this privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your personal information in accordance with our website.
We may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified when you registered for this site. It is strongly recommended that you check this page periodically when you visit our website, referring to the date of the last time we modified the policy (on the bottom of this page).
Note that throughout this document we refer to you either creating and/or participating in an "advisory board." These may also be referred to as an advisory "panel," "committee," "group," "community," and/or "council." For the sake of simplicity in reading this document, we will refer to it as an "advisory board" from this point forward.
What personal information do we collect from the people that visit this website?
When registering on our site you will be asked for your first name, last name, email address, bio and profile picture to help you with your experience participating in advisory boards or creating your own advisory board. Note that only your first name, last name and email address are required in order to register for the service - a bio and profile picture are not required to participate.
As a Advise.Us customer (i.e., someone who runs advisory boards on this website) you may also be asked to provide additional personal information in the form of billing information (e.g., credit card number, billing address, expiration date, card security code). You will only be asked to provide this information if you choose to upgrade your account to any one of our paid products or annual subscription plans. We do not store your credit card information on our servers, and instead use a third-party service (Stripe.com) as a secure, PCI-compliant credit card processor.
Within each advisory board that you join, you may be asked for additional personal information as part of your participation in the advisory board. Please check with the administrator/moderator of the advisory board before you join to learn more about the personal information they may wish to collect as part of your participation in that advisory board.
Advise.Us does not control the personal information that is collected within individual advisory boards, although the information is stored on our servers. Please refer to the sections on hosting and security (in this document) to learn more about how we store and secure the personal information you choose to share in any advisory board on this site.
What personal information do we collect automatically?
In addition to the personal information that we collect from you directly, there is additional personal information that is collected automatically. This information includes the IP address of the computer you use to access this service.
We also automatically collect information regarding frequency that you access the service, the last time you signed in, the device you are using to access the service, the server on which the service operates and your internet service provider or mobile network. This processing is necessary for the legitimate interest of monitoring and resolving issues with the service, as well as for security/fraud prevention purposes.
When do we collect or process personal information?
We collect or process information from you when you register on our site, fill out a form (e.g., when registering for or creating an advisory board) or enter information on our site (e.g., when participating in an advisory board and/or when upgrading your account). We also collect or process information if you choose to upgrade an advisory board you are conducting to a paid version of the software.
Why do we collect or process personal information?
Personal information is necessary to facilitate discussion among members, moderators and/or observers in an advisory board. Without the ability to collect the personal information outlined above, our website would be unable to fulfill its intended purpose (i.e., to facilitate a discussion among people in an online advisory board).
How do we use your personal information?
We may use the information we collect from you when you register, sign up for an account, create an advisory board, participate in an advisory board, moderate an advisory board, observe an advisory board, respond to email communications related to an advisory board, surf the website, or use certain other site features in the following ways:
- To display information (replies, comments, media) provided in the context of an advisory board discussion.
- To personalize your experience and to allow us to deliver the type of content in which you are interested.
- To send necessary emails regarding your account and/or the advisory boards you are part of.
- To manage the distribution of participant honorariums (if applicable) on behalf of a customer.
- To provide technical support to customers and advisory board members.
- To administer an advisory board or other site feature.
How can you update or delete your personal information?
Please email us at [email protected] if you would like us to update and/or delete any of your personal information. Requests to have information updated/deleted are prioritized and the requested update/deletion will happen no later than 30 days after the request is made.
How long is your personal information retained?
If you have not signed in within a period of 2 years our system will automatically (and permanently) delete your account and all related personal information. If you wish to prevent this from happening, simply login to the site on a regular basis.
As a creator/moderator of an advisory board(s), how long is the information in your advisory board(s) retained?
Your advisory board(s) will be automatically deleted if there has not been any activity in the advisory board in the past 2 years. "Activity" is defined as any new discussions or replies posted in that advisory board. You will receive an email automatically from our system 30 days before your board is scheduled to be deleted to give you sufficient time to either add a new discussion or reply. Adding a new discussion or reply to an existing board will extend the time before your board would be deleted by 2 years.
Am I anonymous when participating in any advisory board on this site?
By default your first name and the first letter/initial of your last name will appear next to any replies/comments you leave in any advisory board. This is done to provide you with a degree of anonymity while participating. However, you can optionally choose to have your full name displayed when participating in any advisory board. Follow the steps below to optionally have your full name displayed alongside your replies:
- Sign-in to your account
- Click on the icon for your account (in the upper right corner of every page once you are signed in)
- Click "Edit Profile"
- Click the checkbox next to "Display my full name while participating (optional)"
- Click "Save & Continue" to save changes
Note that for some advisory boards the admins/moderators for the board may choose to enforce that only your first name and last initial are used. In this case you will not have the option to display your full name when participating in that particular advisory board.
How is your personal information secured?
The Advise.Us website and application is hosted at Heroku.com, with additional hosting and storage provided by Amazon Web Services (AWS). More information about the AWS infrastructure and security policies can be found at https://aws.amazon.com/security, while information on Heroku's infrastructure and security policies can be found at https://www.heroku.com/policy/security.
In addition to the security provided via Heroku and AWS, Advise.Us.com uses a security and content delivery solution provided by CloudFlare to provide additional security protections against a range of potential threats, including cross site scripting and DDoS attacks, SQL injection, comment spam, excessive bot crawling and email harvesting.
All information transferred to and from Advise.Us.com (including unauthenticated pages) are secured by end-to-end 128 bit SSL connections via GlobalSign Organization Validation CA. Backups of our production database are made automatically on a daily basis and retained for 7 days, after which point they are automatically and permanently deleted.
Where is your personal information processed/stored?
Advise.Us is located in the United States, and most/all of the third party services we use store/process data in the United States as well. As such, the personal information you share on this site may be transferred to countries other than the one in which you live. Please see the list of third-party providers in this Privacy Policy (below) for a complete list of these providers.
Who from the Advise.Us organization will have access to your personal information?
Selected Advise.Us staff that have a clear justification for accessing personal information will only access your account information to provide technical or administrative support, and to the least extent needed to solve a technical or administrative issue. We will not disseminate or share data other than you have directed, in accordance with the policies outlined in this Privacy Policy and our Terms of Service. All staff members and/or contractors have signed non-disclosure and confidentiality agreements, and have been instructed on how to handle personal information to comply with relevant guidelines and regulations.
Is my personal information ever sold or rented to a third party?
No. Advise.Us does not sell or rent customer or advisory board member information to any third-party advertisers or marketers. Advise.Us provides a platform for collecting feedback online in exchange for software access fees paid by Advise.Us customers, and as such does not have a business model that relies on selling the personal data of our users to third parties. Your personal information is only shared with selected third parties (outlined below in this Privacy Policy) for the purposes of providing the services as outlined in this Privacy Policy.
Is my personal information ever shared with a third party?
We may share selected personal information with third-party service providers who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety.
In addition, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses. For example, we may release information on our overall site statistics for marketing purposes. This non-personally identifiable visitor information is only shared at an aggregate level.
Which third parties may receive my personal information in order to provide this service?
Below is a list of the specific third parties that we use to assist us with providing services to you, along with the purpose(s) for which we may share your personal information with these third parties and the specific personal information that is shared with these services.
- Heroku (https://heroku.com) - Heroku (a wholly-owned subsidiary of Salesforce.com) is a cloud platform where we host the Advise.Us application and database. Since it is our hosting and database provider, all personal information shared on the Advise.Us site is hosted at Heroku. Processing of data on Heroku happens in the United States.
- Amazon Web Services (https://aws.amazon.com) - Amazon Web Services are used to store selected files and attachments shared in any advisory board. Any files uploaded through forms on this website (e.g., avatars, photos, documents and file attachments to topics or replies) are stored using the S3 service at Amazon Web Services. Processing of data on Amazon Web Services happens in the United States.
- Cloudflare (https://cloudflare.com) - Cloudflare is a Content Delivery Network (CDN) service we use to cache content delivered to users around the world to improve site performance. Cloudflare is also used to improve site security. All traffic to and from this website is filtered through Cloudflare. Processing of data on Cloudflare happens in the United States.
- Google Analytics (https://google.com/analytics) - Google Analytics is a web analysis service provided by Google Inc. Advise.Us uses this service to monitor and analyze the use of the service. Google uses the data collected to track and examine the use of this application, prepare reports on its activities and share them with other Google services. Google may also use the data collected to contextualize and personalize the ads of its own advertising network. Processing of data on Google Analytics happens in the United States. Note that if you wish to opt-out of Google Analytics tracking on this website, please visit this page: https://tools.google.com/dlpage/gaoptout
- Adobe Typekit (https://typekit.com) - Typekit (a product of Adobe Systems Incorporated) is a typeface (font) visualization service that enables the Advise.Us website to display specialized fonts to users of the website. Usage data may be shared with Typekit as specified in their privacy policy. Processing of the data on Typekit happens in the United States.
- Stripe (https://stripe.com) - Stripe is a service that provides secure payment mechanisms to websites like Advise.Us. The personal information shared with Stripe includes your name, email address and billing information (note that billing information is not stored on our server - when entered on our site it is transferred directly to Stripe). Processing of data through Stripe happens in the United States.
- New Relic (https://newrelic.com) - New Relic is a monitoring service provided by New Relic Inc. We use this service to monitor application performance and track errors that may occur in the application for technical support purposes. As part of this monitoring, New Relic filters all communication between your browser and our application. Processing of data on New Relic happens in the United States.
- MailChimp (https://mailchimp.com) - MailChimp is an email address management and message sending service provided by The Rocket Science Group, LLC. We use MailChimp to send notices to advisory board moderators regarding changes to the service and new features. MailChimp is also used to notify advisory board members of any changes to this privacy policy. Personal data sent to MailChimp may include your first name, last name and email address. Processing of personal data on MailChimp happens in the United States.
- SendGrid (https://mandrill.com) - SendGrid is a transactional email service provided by SendGrid, Inc. We use SendGrid to send "transactional" email notices from the application, including emails when you register, join/create an advisory board, receive a reply in an advisory board and/or receive updates on activity happening in advisory board(s) you are part of. Personal information sent to SendGrid may include your email address, first name and last name, as well as the content of a reply/comment you have left on the site (if applicable). Processing of personal data on SendGrid happens in the United States.
Will you encounter third-party links on our website?
We do not include or offer third party products or services directly on our website. However, each advisory board is run independently by organizations (customers of Advise.Us) that are not be directly affiliated with Advise.Us. In these advisory board you may be solicited with offers for third-party products or services, which Advise.Us will not be aware of. Advise.Us does not endorse these third-party products and services posted in advisory boards not directly run by Advise.Us.
Do we use 'cookies' on the Advise.Us website?
Yes. Please click the link below to view our Cookie Policy:
How does our site handle do not track signals?
We do not honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. We don't honor them because:
- Capabilities do not currently exist to track signals.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation's consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.
We do not specifically market to children under 13.
CAN-SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information related to your account and/or the advisory board(s) you are part of, respond to inquiries (e.g., for customer or advisory board member support), and/or other requests or questions. If you decide to run an advisory board on this site, we may from time-to-time email you with information related to new features, how-to and assistance/advice and (very occasionally) company news. This information is never sent to your advisory board members. You may unsubscribe at any time from these advisory board admin/moderator-related communications.
To be accordance with CANSPAM we agree to the following:
- NOT use false, or misleading subjects or email addresses
- Identify the message as an advertisement in some reasonable way
- Include the physical address of our business or site headquarters
- Monitor third party email marketing services for compliance, if one is used
- Honor opt-out/unsubscribe requests quickly
- Allow users to unsubscribe by using the link at the bottom of each email
If at any time you would like to unsubscribe from receiving future emails, you can:
- Follow the instructions at the bottom of each email; or
- Email us at [email protected]
How can you contact Advise.Us?
If there are any questions regarding this privacy policy you may contact us by mail or email using the information below:
Advise Us, LLC260 East Main Street, Suite #6317
Rochester, NY 14604
[email protected]
Last Updated on September 30th, 2018