THINKSPAN
PRIVACY POLICY

‍

1. Overview of Our Services

Thinkspan’s applications provide you with a next-generation personal data vault (we call this your “Personal Vault”) on your device; and each Personal Vault is secured with advanced ‘zero-knowledge’ encryption technologies (see Section 1(a) for more details). 

In addition, each Personal Vault may feature a private ‘Edge AI’ personal assistant which operates within the secure envelope of your Personal Vault (please see Section 1(b)).

1(a) Security Features 

Our applications are built from the ground up on a deep commitment to “zero-knowledge” end-to-end (“ZKE”) security principles. Each vault incorporates three core security technologies: (1) zero-knowledge end-to-end encryption, which is used to secure your Personal Vault (so that you are the only one who can see and access your information), (2) two-layer (secure envelope) encryption to secure your data encryption key - so that only your password can be used to decrypt the secure envelope which protects your Personal Vault; and (3) a patented data abstraction technology that structures your information into a universal semantic data layer which can be parsed securely by your Edge AI Assistant (this term is defined in Section 1(b)). In addition, your information can be securely backed up (in encrypted format) from your device to the cloud, so that you can recover your information if you lose access to your device. 

The result is that your Personal Vault is so private that no one -- not even Thinkspan -- can see your information or even the types of information you are storing, even with a court order. 

‍However, you need to understand the following: This level of security incorporates a very important tradeoff. If you forget your password, it will not be possible (for you or for us) to recover your ZKE data (even from cloud backups). Again, if you lose your password, you will lose access to your information, and you will need to create a new account and upload your information again. 

Account registration information, such as your name, email address, phone number, and any other user profile data you provide when you create or update your account. We only use Account information to administer and secure your account, to communicate with you, and as otherwise described in this Policy.

• A Note on Passwords, and Secure Access to Personal Vaults: You may be required to submit a password in order to create an account (or to authorize all service features) on our Service, and you will also need to use your password to access your Personal Vault within our application(s). However, we do not store your password. When your account is created, your password is used to generate an encrypted key that secures access to another randomly generated key which encrypts your Personal Vault (your password is not stored or retained by our Service). In addition, the key that encrypts your Personal Vault data is never stored in a decrypted state off of your device. When you use your password to access your Personal Vault, the password that you enter is converted by the application into a key, and that key is used to decrypt the randomly generated key that encrypts your data. Again, the password itself is not stored or retained on our systems, and if you lose your password, you will lose access to your account.
• Payment information, we partner with a third-party payment processor (this is one our Service Providers, as described below) to process payments on our Service. When you make a payment through our Service Partner, we only collect confirmation that a payment has been received, the amount of the payment, and the account for which the payment was received.

‍

4(b) Sensitive Information

We do not collect sensitive personal information via our Service, with the exception that, under certain laws, account credentials can in certain circumstances be considered to be Sensitive Information. As noted above, we collect and store your Account Information, but we do not store your password (see Section 4(a), above). 

4(c) Device Information

We may automatically collect device information (“Device Information”) regarding how you access and use our website(s), such as:

• The type of device you use;
• The date and time you access the website(s);
• The type of web browser you use; and the Internet Protocol address used;
• The sections within our websites that you access;
• The user language; and
• The operating system of your device.

‍

4(d)  Interaction Information  “Interaction Information” may include:  

(i) Our communications with you: If you receive an email, SMS or other message from us, we may collect information you share in response to voluntary user surveys, and we may use certain tools to capture data which you share, or which are related to when you respond, or when you open our message or click on any links or banners it contains, etc.

(ii) Your communications with us: These data may include information you submit when you contact us for support or for other purposes, including if you respond to a survey, or other communication from us.  

(iii) Website interactions: These data may include how you interact with our website(s), links you can click on in our website(s), and/or information that you type into online forms.

(iv) System information collected when you visit our websites: These data may include browser type, operating system, IP address, domain name, referring website, and/or a date/time stamp for visitors.

(v) Information about how you interact with our mobile applications and secure web applications (when available): These data may include access dates and times, app crashes and other system activity, type of browser and third-party sites or services used before interacting with our Service, and related kinds of data.

(vi) Information generated when you interact through our applications with a mobile operating system or third party service:  For technical reasons, we may have access to general information such as file size and time of transmission (if applicable) when a file is uploaded to a Personal Vault, but we can’t view or collect any other information relating to the data and materials within a Personal Vault (e.g., the type of files, the content of files, how files are used, etc.). Similarly, if you schedule a reminder or alarm which requires the functionality of a mobile operating system to be delivered, then (again, technically) we may have access to limited information about the reminder/alarm, including the time and the contents of a subject field that is included in the notification. And if you transmit a query to an integrated cloud-based third-party AI service, for technical reasons we may have temporary access to the queries you submit in order to proxy them to the AI service. It is not possible for us to encrypt these queries end-to-end, but they are encrypted in transit and never stored. We only use cloud LLM partners with whom we have zero data retention agreements.

(vii) Information generated if you respond to a ZK Offer(s):  As described above, we have developed a unique Service feature which allows us to share ZK Offers with our users (see Section 1(b)). Thinkspan does not receive any information about ZK Offers when they are sent and/or received (these messages are generated and delivered by our Edge AI, privately, within your Personal Vault). If you choose to respond to a ZK Offer, then we may have limited access to and/or may collect (but we do not store) information relating to the fact that you received the ZK Offer. In addition, the information in your Personal Vault which generated the ZK Offer may be implied and thus may be apparent either to Thinkspan or to a third party partner making the commercial offer.

‍

4(e) No Biometric Information

Thinkspan does not collect biometric information (as that term is defined in relevant laws) for authorized user identification or any other purpose. Note: You may be able to use certain features (e.g., facial recognition) which are available in third-party operating systems or applications (e.g., Apple’s iOS) to access our mobile applications (but not your Personal Vault), but we do not collect or store any biometric information from such processes and features. 

‍

5.  SOURCES OF PERSONAL INFORMATION

We collect your Personal Information in the following ways, pursuant to applicable law:

• Directly from you, when you use our Sites or Service, register for an account or create a profile, contact us, send support requests, sign up to receive emails, text messages, and/or other communications, submit survey responses, or otherwise provide us with information or request information from us.
• Through our use of cookies or other marketing or service management technologies, when you visit our website(s), open or click on emails we send you, or interact with our advertisements. 
• From our third-party partners, including third parties that we have partnered with to provide you the Service that you have requested from us.
• Other sources, including data analytics providers or publicly available sources.
• ‍From your website and application interactions, as described in Sections 4(c) and 4(d), above.

‍6. HOW WE USE PERSONAL INFORMATION ‍

We may use Personal Information for the following business purposes:

• To create and administer accounts for authorized users, and to facilitate and provide services.
• For everyday business purposes, such as account management, contract administration, Site management, corporate governance, and legal and regulatory reporting obligations.
• To assist you in using and accessing our Service and Sites. This means that we may use your Personal Information to respond to your questions, operate the Service and Sites, perform our obligations to you, and perform other actions based on your consent (including Edge AI Assistant features, and assisting you in responding to ZK Offers).
• To respond to feedback or requests for support.
• To send you marketing or informational communications that promote Thinkspan products, programs or services and/or those of our partners (with your consent, where required) and to determine the types of marketing communications to send.
• To analyze your needs and help improve, develop, and evaluate the services, and to develop new products and services.
• To comply with laws and regulations and legal processes.
• To monitor compliance with our policies, procedures and applicable terms of service, for fraud prevention, to detect and address illegal activities and/or to protect Thinkspan and its employees, authorized users and property.
• For customer and authorized user relationship management and administration.
• Where permitted, to create de-identified data sets. Such information is generally not considered Personal Information and can be used for various purposes, such as statistical and research analysis, in accordance with applicable law.
• We may use Device Information to monitor the effectiveness and improve the functionality of the Sites, to help personalize your experience, to consider potential improvements to the Sites, for statistical and research purposes, and for other administrative purposes including, without limitation, to troubleshoot and resolve problems with the Sites. We may rely on third-party partners to collect and analyze Device Information.

‍

7. DISCLOSURE OF YOUR PERSONAL INFORMATION 

In addition to specific situations discussed elsewhere in this Policy, we may disclose, or have disclosed in the prior 12 months, the Personal Information listed above for the following business purposes, as permitted by applicable law:

‍

(a) Disclosures to Service Providers which we Engage as Part of the Service:

Thinkspan may disclose your Personal Information or make it accessible to certain companies which we engage to perform services on our behalf (“Service Providers”), such as cloud service partners and mobile messaging service providers (e.g., SMS, MMS, chat). All Service Providers’ access to Personal Information is strictly limited to the purpose of providing the relevant services to Thinkspan, and in certain circumstances, our Service Providers’ privacy policies may also apply to your use of the Services. 

To see a list of our current AI Service Providers, and/or for a current list of other Service Providers, please contact us at privacy@thinkspan.com, and we will provide you with a then-current list(s).  

In addition, we may from time to time engage a third party/ies to communicate with you on our behalf about our services or related service offerings, in accordance with the terms above in this Policy. 

(b) Disclosures to Third-Party Professional Service Providers which Support Thinkspan:

We may also disclose Personal Information to third party professional service providers, such as our external auditors, attorneys, accountants, and similar professionals based on our legitimate interest in the operation of our business and our obligations to comply with applicable laws and regulations. These service providers may use your Personal Information to provide services to us and to comply with their legal, regulatory and/or fiduciary obligations.

(c) Disclosures to Third-party Services which may be Engaged by our Service Users (Including You):

You can choose if, when and how you share (disclose) information from your Personal Vault with third parties (meaning, individuals and companies). If you choose to share information directly with a third party service or company (such as a cloud-based AI service), then please understand the following: (a) we do not have any control over third-party services, and you will be responsible for reviewing and understanding the privacy practices of the third party with which you choose to engage and/or to disclose information, and (b) certain Personal Information may be exposed to the third-party service provider, and (c) we are not responsible for any acts or omissions of such third party services (and you agree that you bear full responsibility for enforcing your rights). 

(d) Disclosures to Third Parties when a User Responds to a ZK Offer:  

As explained in Section 1(b), we may share ZK Offers with you, and if you choose to respond to a ZK Offer which contains a commercial offer for a product or service provided by a third party, then you expressly agree that we may share certain Account Information (and/or other personal information) with such third party (e.g., so that you and the third party can communicate directly about the offer or services involved). In these circumstances, you agree that you have expressly consented to the disclosure of your Personal Information to such third party(ies). 

‍(e) To Comply with Legal Obligations and to Respond to Authorities:

We may disclose your Personal Information to satisfy applicable laws or regulations, and in response to legal processes or enforceable government or law enforcement requests.

We may also disclose your Personal Information if disclosure is reasonably necessary to monitor compliance with our policies and applicable terms of service, to detect, prevent, or otherwise address fraud, security or technical issues, or to protect against the rights, property or safety of Thinkspan, our authorized users or the public, as required or permitted by law.

(f) Disclosures to Affiliated Companies, and to a Subsequent Owner or Operator:

We may share Personal Information with parent companies, subsidiaries or affiliated entities.

We may transfer your Personal Information to a successor entity upon a merger, consolidation or other corporate reorganization of our company, to a purchaser of all or a portion of our assets, or pursuant to a financing arrangement. The Personal Information we have about you may be transferred to parties to the transaction based on our legitimate interest in preparing for and completing the transaction.  

(g) Social Media Platforms and Networks:

Some of our Sites may include links (or other ways to connect) to features such as plugins, widgets, or other tools and/or related services which (a) are made available to the public by social media platforms and networks (“Platforms”), and which (b) may result in information being collected by these Platforms if you use these links or other tools. These Platforms’ use of your information is not governed by this Policy. If you use the services provided by any Platform(s), you do so solely at your own risk. 

(h) De-identified or Aggregate Information:

We may aggregate and anonymize information you provide to us, or which we collect as described in this Policy, in such a way as to ensure it will no longer be identifiable to you. This aggregated/anonymized data may be used for statistical, analytic, and administrative purposes, including analyzing our website traffic and trends, tailoring our services, or conducting product analysis. We may use or disclose anonymized or aggregated data at our discretion, in accordance with applicable laws.

(i) No Other Disclosures Without Your Consent:

Except as expressly provided in this Section 7, we will not disclose (meaning, we will not sell or share) your Personal Information to any third-party companies, organizations or individuals for any purpose including (without limitation) third-party general marketing or promotional purposes unless we have your express consent to do so. 

(j) Mobile Messaging Services (SMS, MMS, Chat)

Except as may be expressly provided above in this Section 7, and except as may be necessary to send you communications via SMS, MMS or chat: (1) we will not share your mobile telephone number(s) with third parties or affiliates for third-party marketing or promotional purposes; and (2) we will not share your SMS/MMS text messaging opt-in/opt-out data and/or consent with any third parties, unless we are required to do so in order to administer the service. Your use of mobile messaging service features is expressly subject to Thinkspan’s Mobile Messaging Terms and Conditions (https://thinkspan.com/mobile-terms ).  

• With Your Consent: In certain instances, we ask for your consent to process your Personal Information for specific purposes. Provision of your consent is voluntary, and you have the right to withdraw your consent at any time. As noted above, by accessing or using any of the Sites, you acknowledge that you have read and agree to the terms of this Policy and the terms of our Terms of Service.
• When Pursuing Legitimate Interests: We process your Personal Information for our legitimate interests and those of third parties, while applying appropriate safeguards that protect your privacy, and as further described in this Policy (and we use such data in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals).
• To Perform a Contract With You: We will process your Personal Information when processing of your Personal Information is necessary for the execution or performance of a contract with you.
• When We Have Legal Obligations: We will process your Personal Information when we have a legal obligation to do so, for example, if we are responding to a legal process or an enforceable government request, including law enforcement.

‍

9. CHILDREN’S PRIVACY

The Sites are not directed toward individuals under the age of 18; and we do not knowingly collect information from anyone under the age of 18 (each, a “Minor”). Minors are not permitted to use the Sites, and we request that Minors not submit any Personal Information to or through the Service. If you believe a Minor (child) has impermissibly submitted Personal Information, please contact us. Once we are aware of information impermissibly entered by a Minor, we will exercise commercially reasonable efforts to remove such information from our systems.  

‍

10. COOKIES AND OTHER ONLINE INTERACTIONS

Thinkspan may, from time to time, use cookies (small text files placed on your computer or device, which help our Site or Applications function better) in connection with our websites (but not our applications); and we may analyze the information derived from these cookies for the same purposes as set forth elsewhere in this Policy. 

We differentiate between cookies that are essential for the technical features of the services and optional analytics and advertising cookies.

Depending on your location and applicable laws, you may have the option of adjusting your preferences with regard to the categories of cookies we use on our Service. When this option is available, you can configure your personal settings on our Cookies Banner under “Settings” or via other options that may be available on the relevant Sites. If you use a different device to access the same Sites, you may need to manage your settings for each separate device you use.

In addition, you may be able to limit the use of cookies on your computer or mobile device in general by modifying the settings of your web browser, although that may affect certain functions on the Sites.

‍

11. YOUR CHOICES AND RIGHTS

Depending on where you live, you may have certain rights with respect to your Personal Information. Your rights will vary depending on where you are located. Specifically, you may have the following rights:

• Correction (Rectification): You may have the right to request that we correct or supplement any inaccurate or incomplete Personal Information we process about you. Depending on the purposes of the processing, you may have the right to have incomplete Personal Information completed, including by means of providing a supplementary statement.
• Deletion (Right to be Forgotten): You may have the right to request that we delete your Personal Information. If required by law, we will grant your request to delete information. However, when we delete Personal Information it will be removed from our active database, but it may remain in archives where it is not practical or possible to delete it. In addition, we may keep your Personal Information as needed to comply with our legal obligations, resolve disputes, and/or enforce any of our agreements.
• ‍Access: You may have the right to request access to the Personal Information we hold about you, along with other information such as the purposes of the processing, the recipients or categories of recipients to whom the Personal Information has been or will be disclosed, the sources of the Personal Information, retention, and transfers of Personal Information.
• Data Portability: In certain circumstances, you may have the right to request that we provide the Personal Information which you provided to us in a structured, commonly used and machine-readable format; and you have the right to transmit such Personal Information to another entity.
• Consent Withdrawal: Where our processing is based on your consent, you have the right to withdraw such consent at any time; however, you may not be able to use the Sites or features for which you are withdrawing your consent. Withdrawing your consent will not affect the lawfulness of the processing we conducted prior to your withdrawal.
• Opt-Out of Targeted Advertising, or the Sale or Sharing of Personal Information: Subject to certain exceptions, you may have the right to opt-out of the sale/sharing of your Personal Information. However, Thinkspan only shares Personal Information as described in Section 7.
• Restriction of Processing: You have the right to request that we restrict the processing of your Personal Information in certain cases. Where applicable, the respective Personal Information will be marked accordingly and may only be processed by us for certain purposes. 
• Objection to Processing: In certain circumstances, you may have the right to object to our processing of your Personal Information.
• Automated Processing: Under certain circumstances, you may have the right to object to a significant decision based solely on automated processing (i.e., without human intervention) unless that decision is required or authorized by law. We do not engage in automated decision-making without human intervention for any significant decisions (as defined in relevant laws), but we do use automated processing in connection with ZK Offers (defined in Section 1(b)).
• Right of Non-Discrimination/Retaliation: We do not discriminate against individuals who exercise any of their rights described in this Policy, nor do we retaliate against individuals who exercise these rights.
• Right to Opt-Out of our Use of your Sensitive Information (in certain instances and if permissible under applicable law): We do not currently use or disclose Sensitive Information for purposes other than those which are described in this Policy. If you wish to opt out of the use of your Account Information (as defined above), you can delete your account - or contact us and we will delete your account for you. Please understand that the deletion of your account will result in the permanent loss of information in your Personal Vault (so please back up all such information).
• ‍Commercially Recognized Opt-Out Signal (Global Privacy Controls, Do Not Track): Thinkspan takes commercially standard measures to seek to recognize commercially recognized opt-out preference signals (e.g., Global Privacy Controls, Do Not Track) on its website(s). Recognition of this signal applies only to the specific device and/or browser that communicates the signal and does not apply to other devices/browsers you use to access our Sites.

• Promotional Emails: You may choose to provide us with your email address for the purpose of allowing us to send free newsletters, surveys, offers, and other promotional materials to you, as well as targeted offers from third parties. You can stop receiving promotional emails by following the unsubscribe instructions in emails that you receive, or by contacting us as provided in this Policy. If you decide not to receive promotional emails, we may still send you service-related communications.

• Promotional Mailings: Generally, we do not send physical mailings to our customers. If, however, we do so at some in the future, and if at any time you do not want to receive such physical mail offers and/or circulars from us, you can remove yourself from our mailing lists by emailing us (our contact information is below) or mailing us a request along with your name, address and ZIP code. 

• Promotional Text Messages: If you receive a text message from us that contains promotional information you can opt-out of receiving future text messages by replying “STOP” (or as otherwise directed in the message).

Please note that many of the above rights are limited to certain jurisdictions and may be subject to exceptions and limitations; and some rights may not apply to you. Your rights and our responses will vary based on the circumstances of your request. If you choose to assert any of these rights under applicable laws, we will respond within the time period prescribed by applicable law. In some cases, we may limit or deny your requests to access or delete your information if applicable law permits or requires us to do so, if we are unable to adequately verify your identity, or if the law in question does not apply to us. If we are not able to provide the requested information or make the change you requested, you will be provided with the reasons for such decisions. 

If you designate an authorized person to submit requests to exercise privacy rights on your behalf, we will require verification that you provided the authorized agent with such authorization. We will use the information we have about you to verify your identity (and if applicable, your authorized agent’s identity and authority). If our verification process is successful, we will respond to your request within the time and in the manner required by applicable law. If not, we will attempt to contact you to inform you. 

In any circumstances, your request must: (i) provide sufficient information that allows us to reasonably verify that you are the person about whom we collected Personal Information or an authorized representative of that person; and (ii) describe the request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

To submit a request to exercise any such rights, please use the contact information provided for in the “Contact Us” section of this Policy. 

‍

12. SECURITY AND RETENTION

We strive to maintain the security of your information by using appropriate measures designed to protect our systems. However, we cannot guarantee the security of any information that is disclosed online. Further, no online system can be made entirely impenetrable, and by continuing to use our Service, you acknowledge that despite the measures we employ, we cannot guarantee that our Service and Sites are invulnerable to security breaches or immune from viruses, security threats or other risks. To help protect the security of your Personal Vault information, you should be sure to maintain the security of your login credentials at all times. 

Important: If you lose your credentials, it will not be possible to recover access to your account or your account information!

How long we retain your Personal Information depends on the context in which, and purposes for which we collected it. We generally retain Personal Information for as long as necessary for achieving the purposes for which it was collected or processed, unless a different retention period is required by applicable law.

‍

13. LINKED THIRD-PARTY SITES

We are not responsible for the privacy practices and/or security practices employed by any third-party website or service, including but not limited to any such sites or services that may be linked to or referred to in any way on the Sites.

We may provide links to other third-party websites through the Sites solely as a convenience to you. However, such linking does not mean, and should not be interpreted to mean, that Thinkspan endorses, is affiliated with or makes any representations concerning such third-party websites. Thinkspan neither reviews, controls, nor is responsible for these third-party sites or any content therein. By using such links, you will leave the Sites. Please note that any Personal Information that you provide to such third parties will be governed by their privacy policies, and we have no control over or responsibility for their privacy practices. If you decide to access any of the third-party sites linked to the Sites, you do so entirely at your own risk. Thinkspan shall not be liable for any consequences arising from use of any third-party websites to which the Sites link. We encourage you to review the privacy policies of any third-party website or application for details about what information is collected and how it is used and/or disclosed prior to providing any Personal Information.

‍

14. INTERNATIONAL TRANSFERS; US-EU DATA PROTECTION FRAMEWORK (“DPF”) 

14(a): General Principles: 

Thinkspan is a Delaware (USA) corporation with operations in San Francisco, CA, USA and Chicago, IL, USA. As an Internet-based service, our Sites may be accessed by individuals outside the United States. By visiting our Sites and/or providing us with any data from a non-US location, you agree we may collect, process, use, and store your personal information as discussed in this Policy, outside your resident jurisdiction (such as the U.S.). 

Our service partners and third-party service providers may also be located outside of your jurisdiction. As a result, your information may be subject to access requests from governments, courts, or law enforcement agencies in other jurisdictions according to the laws in those jurisdictions. Please note that U.S. law and those of other countries where your information may be stored and processed may offer different levels of protection for your information than your home country. We will take all reasonable steps to ensure that such personal information is treated securely and in accordance with this Policy.

Further, please understand that elements of our service platform (including servers) are located in the United States, and our third-party service providers (including cloud service providers and partners) operate around the world. This means that, when we collect Personal Information, we or our Customers may process it in foreign jurisdictions. However, we will handle your Personal Information in accordance with this Privacy Policy regardless of where your Personal Information is stored or processed.

14(b)  US-EU Data Protection Framework (“DPF”) Program: EU/UK/Swiss Data Transfers to the US:  

When we transfer Personal Information from the European Economic Area (EEA), the United Kingdom (UK) or Switzerland to other countries, including to the United States, we use a variety of legal means to help ensure that the data is appropriately protected. For transfers of data to the United States we have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (“DPF Principles”) with regard to the processing of Personal Information received from the European Union (per the “US-EU DPF”); from the United Kingdom (in accordance with the “UK Extension” to the US-EU DPF); and from Switzerland (in accordance with the Swiss-US Data Protection Framework (“Swiss-US DPF”)) - collectively, the “DPF Regulations”).

• If there is any conflict between the terms in this Privacy Policy and the DPF Principles or DPF Regulations, the relevant DPF Principles or DPF Regulations shall govern.  

• To learn more about the Data Privacy Framework (DPF) program in general, and to view our certification, please visit https://www.dataprivacyframework.gov/.

• Onward Transfer: We shall remain responsible for the European Personal Information that we disclose under the Onward Transfer Principle to third parties for processing on our behalf, as described in this policy.

• Thinkspan and the Sites are fully subject to the investigatory and enforcement power of the U.S. Federal Trade Commission (FTC).

• Standard Contractual Clauses: The use of Standard Contractual Clauses is an example of a mechanism which has been approved under EU and UK law to ensure adequate safeguards for personal information transferred from the EU or UK to countries not found to offer adequate protection for personal information. In addition to the other provisions described herein, in some circumstances, we may rely upon such standard clauses to lawfully transfer personal information.

• If you have an inquiry regarding our privacy practices in relation to our DPF certifications, we encourage you to contact us using the information set out below in the “Contact Us” section. 

‍

15. DISPUTE RESOLUTION; BINDING ARBITRATION

15(a) Concerns Related to our Privacy Practices: Written Notice, and Good Faith Resolution

If a claim, complaint or dispute arises from the terms of this Policy or Thinkspan’s privacy practices, or if a claim, complaint or dispute arises in regards to Thinkspan’s compliance with the DPF Principles (in each case, a “Privacy Claim”), you agree that you will first submit your Privacy Claim(s) to us in writing, for our review (you can contact us as set forth in Section 17) before taking any other action. We will attempt in good faith to investigate each Privacy Claim, and to respond to you, within a reasonable time period. In all cases we will attempt in good faith to resolve Privacy Claims to the satisfaction of the individual submitting the Privacy Claim(s). 

15(b) Claims or Disputes Relating to DPF Principles: 

In compliance with the DPF Principles and DPF Regulations, Thinkspan will refer unresolved complaints concerning our handling of Personal Information under DPF Principles/Regulations to our designed third-party DPF dispute resolution provider (as identified below, our “Privacy Dispute Resolution Provider”), which is based in the United States. In addition, you may also file a complaint free of charge with your local data protection authority and we will work with that authority to resolve your complaint. 

If you do not receive a timely acknowledgment of your DPF-related complaint from us, or if (following review) we have not addressed your DPF-related complaint to your satisfaction, then please visit our Privacy Dispute Resolution Provider for more information, or to file a complaint. The services of our Privacy Dispute Resolution Provider are provided at no cost to you. 

Privacy Dispute Resolution Provider:  

• International Centre for Dispute Resolution/American Arbitration Association
• http://go.adr.org/dpf_irm.html.  Also: ICD DPF IRM Service Website

15(c) Binding Arbitration (For All Other Claims or Disputes):

For any claim, complaint or dispute which does not qualify as a Privacy Claim, and/or for any Privacy Claim which is not fully resolved in accordance with the terms of the preceding sections (Sections 15(a) and 15(b)), you expressly agree that such claim, complaint or dispute shall be considered to be a “Dispute” under the terms of Section XIII of our Terms of Service, and such Dispute shall be finally and exclusively resolved by binding arbitration in accordance with the terms and conditions set forth in Section XIII of our Terms of Service.

16. MODIFICATIONS TO OUR POLICY

From time to time, we may update and post revisions to this Policy. Any changes will be effective immediately upon the posting of the revised Policy. We encourage you to review this page periodically for the latest information on our privacy practices. This Policy was updated as of the effective date listed above.

17. CONTACT US

If you have concerns or questions about our privacy practices, the terms of this Policy, or your Personal Information, please contact us at privacy@thinkspan.com, or via US mail at:  

Thinkspan, LLC

ATTN: Privacy Officer

2057 Green Bay Rd., Ste A 

Highland Park, IL 60035-6101

+1 800 218 2810

Privacy Rights: If you wish to exercise any individual rights you may have, please submit your privacy-related requests by emailing us at privacy@thinkspan.com.

‍If you are located in the EU, UK or Switzerland, and you have a concern or question relating to our privacy practices or your rights under applicable law, you can contact our Europe-based agent using the following contact information:  

Rickert Rechtsanwaltsgesellschaft mbH

Thinkspan LLC

Colmantstraße 15

53115 Bonn

Germany

art-27-rep-ThinkspanLLC@rickert.law

‍

‍

‍

‍

‍

‍

‍

‍

‍