Your privacy is critically important to us at Sympl, and we have a few fundamental principles we wanted to share with you up front:
- We are thoughtful about the personal information we will ask you to provide and the personal information that we will collect about you as a user of Sympl’s services.
- We do not store your financial information in our servers, as we rely on an external payment solution provider(s) for your payment processing.
- We aim for full transparency on how we gather, use, and share your personal information, and will use the data we collect to improve our services and offering to users.
What This Policy Covers
What We Collect
We only collect personal information about you if we have a reason to do so — for example, to provide our products and services to you, to communicate with you, or to improve our product or service offering to you. We collect this information from three sources: if and when you provide your personal information to us, automatically through a browser or device, and from outside or third-party sources after receiving your consent.
The information that you provide to us includes, but is not limited to, the following:
- Basic account information: this is information regarding your name, contact details and related contact information, telephone number, email address, and other identifying addresses for electronic communications, including date of birth.
- Transaction and general communication information: this is information about your transaction history, shopping behaviour, viewing history, and preferences for merchants and products. You may also provide us with information when you respond to surveys, communicate with us about a support question, or sign up for a newsletter. When you communicate with us via a form, email, phone, or otherwise, we store a copy of our communications (including any call recordings as permitted by applicable law).
The Information We Collect Automatically:
- Information that web browsers, mobile devices, and servers typically make available, including the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information.
- Other information typically made available includes information such as a Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, internet browser type and version and the name and version of the services (such as the app) being used. Your IP address, which is automatically assigned to a computer by an Internet Service Provider, will be identified and logged automatically in our server log files whenever a user accesses any of our services, along with the time of the visit and the page(s) that were visited.
- Usage information: we collect information about your usage of Sympl’s services, and we will use IP addresses for purposes such as calculating usage levels, diagnosing server problems and for other administration purposes.
- Location information: We may determine the approximate location of your device from your IP address. We may also collect information about your precise location via our mobile app, if you allow us to do so through your mobile device operating system’s permissions. We derive approximate location from IP address for such purposes and to analyze where users are using our website, apps and services, to improve the shopping experience when using Sympl.
Information We Collect from Other Sources
- In the future we may also elect to get information about you from other sources. For example, if you link your Sympl account through another service (like Google or Apple) or if you connect your website or account to a social media service (like Twitter or Facebook), we will receive information from that service (e.g., your username, basic profile information, friends list) via the authorization procedures for that service and after your personal consent. The information that we receive depends on which services you use or authorize and what options are available. Third-party services may also give us information, like mailing addresses for individuals who are not yet our users but could be in the future. We plan to use this information from third parties for marketing and advertising purposes.
How and Why We Use Information
We use information about you for the purposes listed below:
- To provide Sympl’s fundamental services to you, for example, to set up and maintain your account, process payments and orders, provide customer service, and verify user information. In the future, we look forward to expanding and personalizing Sympl’s offerings to you.
- To ensure quality, maintain safety, and improve Sympl’s products. For example, by providing automatic upgrades and new versions of Sympl where we release new features. Or, for example, by monitoring and analyzing how users interact with our existing features so we can test and create new features that we think our users will enjoy and that will help them manage their spending more efficiently or make Sympl easier to use.
- To market and advertise Sympl’s services and measure, gauge, and improve the effectiveness of our marketing strategies in partnership with merchants. For example, by targeting our marketing messages to groups of our users (like those who shop for particular products online), then advertising certain products, and analyzing the results of our marketing campaigns (like how many people completed a purchase), we can better understand and forecast user retention.
- To protect Sympl’s technology, our users, and the public. For example, by detecting security incidents; detecting and protecting against malicious, deceptive, fraudulent, or illegal activity; fighting spam; complying with our legal obligations; and protecting the rights and property of Sympl, which may result in us, for example, declining a transaction or temporarily closing a user’s account. Sympl has a legitimate interest in carrying out continuous credit and risk analysis to protect our business.
- To fix problems with our Services. For example, by monitoring, debugging, repairing, and preventing issues ahead of time, to ensure a great user experience.
- To customize the user experience, and personalize your experience by serving you relevant notifications and advertisements to use Sympl on more products that you would like with a wider range of merchants, and recommending content through our mobile applications, and providing new content for your pleasure.
- To communicate with you. For example, by emailing you and sending you text messages to ask for your feedback, share tips for getting the most out of our products, or keep you up to date on Sympl; texting you to verify your payment; or calling you to share offers and promotions that we think will be of interest to you. If you don’t want to hear from us, you can opt out of marketing communications at any time. (If you opt out, we’ll still send you important updates relating to your account, including for example: when certain payments are due.)
We share information about you in limited circumstances, and with appropriate safeguards on your privacy. These are spelled out below:
- Third-party vendors: We may share information about you with third-party vendors who need the information in order to provide their services to us, or to provide their services to you or your site upon your consent. This includes vendors that help us provide Sympl to you (like our payment providers, which powers payments, and will process your card transaction). Our payment providers assist us to improve Sympl’s security, operations, and efficiency, by developing further fraud prevention services that allow us to analyze fraudulent payment transactions. Other vendors include those that assist us with our marketing efforts (e.g., by providing tools for identifying a specific marketing target group or improving our marketing campaigns, and by placing ads to market our services); those that help us understand and enhance Sympl (like certain analytics providers); those that make tools to help us run our operations (like programs that help us with task management, scheduling, word processing, email and other communications, and collaboration among our teams); among other third-party tools that help us manage our internal operations; and companies that make products available on our websites who may need information about you in order to, for example, provide technical or other support services to you. We require vendors to agree to privacy commitments in order to share your information with them.
- Legal and regulatory requirements: We may disclose information about you in response to a subpoena, court order, or other governmental request from a regulator.
- To protect rights, property, and others: We may disclose information about you when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of Sympl, third parties, or the public at large.
- With your consent: We may share and disclose information with your consent or at your disrection. For example, we may share your information with third parties when you authorize us to do so, like when you connected your site to a social media service, or if we launch new features that refer you to banks or other financial institutions that may provide products or services outside of Sympl’s scope.
- Aggregated or de-identified information: We may share information that has been aggregated or de-identified, so that it can no longer reasonably be used to identify you. For instance, we may publish aggregate statistics about our users to facilitate customized advertising campaigns on other platforms.
- Published support requests: If you send us a request for assistance (for example, via a support email or one of our other feedback mechanisms), we reserve the right to publish that request in order to clarify or respond to your request, or to help us support other users.
How Long We Keep Information
We generally discard information about you when it’s no longer needed for the purposes for which we collect and use it as described in the sections above. For example, we keep the web server logs that record information about a visitor to Sympl’s website or application, like the visitor’s IP address, browser type, and operating system for a limited time until it is no longer needed. We retain the logs for this temporary period of time in order to, among other things, analyze traffic to Sympl’s website and applications and investigate issues if something goes wrong.
While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so. We monitor our Services for potential vulnerabilities and attacks, and to reiterate, we do not store your financial information on Sympl’s servers.
Subject to the conditions prescribed in applicable laws, you have the right: to access, rectify or request erasure of your personal data; to ask us to restrict processing of it; and to request portability of it. Subject to the conditions prescribed in applicable laws, you have the right to object, on grounds relating to your particular situation, to processing of your personal data which is based on our or a third party’s legitimate interests; and to object to processing of your personal data for direct marketing purposes.
The rights may be limited, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. We will inform you of relevant exemptions we rely upon when responding to any request you make.
You can exercise these rights by contacting us using the contact details provided below.
Contacting Us About These Rights
If you’d like to contact us about one of the other rights, scroll down to “How to Reach Us” to, well, find out how to reach us. When you contact us about one of your rights under this section, we’ll need to verify that you are the right person before we disclose or delete anything. For example, if you are a user, we will need you to contact us from the email address associated with your account. You can also designate an authorized agent to make a request on your behalf by giving us written authorization. We may still require you to verify your identity with us.
How to Reach Us