Effective Date: August 10, 2020
Last Updated: August 10, 2020
Rainforest QA (“Rainforest”) understands and respects our users’ need for privacy. This Privacy Notice (“Notice”) describes the types of information we collect, the purposes for which it is used, and the choices you have with respect to its use.
This Notice applies to personal information we collect when you use our Rainforest QA (“Rainforest”) Platform, and the Rainforest website (collectively “Services”). We encourage you to read this Notice in full to understand our privacy practices before using our Services.
About Rainforest QA
Rainforest QA is an on-demand Quality Assurance (“QA”) service that provides modern testing for web and mobile apps. Rainforest combines a crowd of human testers (“Tester” or “Testers”) with algorithmic management and virtual machines (“VMs”) to execute web and mobile regression testing for continuous deployment. The platform delivers all the resources needed for fast, efficient QA. For more information about our Services, check out the “Platform“ section on our website.
Information We Collect and Receive From You
We collect the following information through your use of our Services, and otherwise, with your consent. In some cases, we receive information directly from you, such as your name, the company you work for, and your work email address when you sign up for our Services. We also receive information directly from you when you send us an email inquiry, or when you set up an account as a Tester. In other cases, we receive information through your use of our Services, or through your work as a Tester.
Information You Provide to Us
- Rainforest account information – We collect personal information about you and your Rainforest account. This information includes your name, address, telephone number, email address, username, User ID, and occupation information, such as organization name and job title, and a profile picture URL (if you are a Tester). You provide this information to us directly during the account registration process. Rainforest requires your name and work e-mail address to create an account.
- Information you provide at Rainforest-hosted events – When you attend Rainforest-hosted professional education events or conferences, and with your consent, we collect your first and last name, email address, job title, company name, and phone number during the registration process.
- Information you provide in surveys – For our research purposes, we collect information such as your first and last name, email address, phone number, job title, and company name when you complete Rainforest surveys.
- Webinars – When attending our webinars online, you provide us with your email address, first and last name, phone number, job title, and position within your company or organization.
Information We Collect Automatically
- Geolocation information – We collect your geographical location when you interact with our support team through our website chat box.
- Device information – We collect your browser name and version, operating system, manufacturer, and unique device identifiers, such as your username. We collect this information automatically when you visit our website, use our Services, and/or send us customer service inquiries.
- Tester information and usage analytics – When you sign up to be a Rainforest Tester, you provide us with your email address, IP Address, browser type, operating system, network connectivity data, your personal image if you have uploaded it using our avatar feature, and testing terminal usage details, such as mouse movements, keystrokes, and the amount of time spent performing a task. We use this information to gauge your performance as a Tester, and to improve our Services. We collect usage details information automatically when you perform testing.
To learn about your information collection choices and to opt-out of data collection, see the “Your Choices” section below.
Information We Receive from Other Sources
We also collect information about you from other sources, including:
- Other users of our Services – We receive your first and last name, company name, and work email address from other users when they provide this information to invite you to our Services. Similarly, an administrator may provide your contact information when they designate you as the billing or technical contact on your company’s account, or when they grant you access to your company’s Rainforest account.
- Other partners – We receive information from third parties such as sales lead and analytic companies to help us find potential customers. We also use third party service providers to send and distribute e-mail and to perform other marketing and support functions. This includes information such as your name, email address, and phone number.
How We Use Your Information
We use collected information to:
- Communicate with you – We may contact you to respond to your inquiries, requests, and/or send important notices via email. This includes, for example, sending surveys to understand how you are using our services, providing you with customer support, or sending updates about new Service features. See “Your Choices” below to learn how to manage your communication preferences.
- Provide and improve our Services – We use collected information to provide and analyze how you use our Services, develop new products and services, and improve functionality, quality, and user experience. For more information, see the definition of usage analytics in the “Information We Receive From You” section above.
- Market our Services – We use your collected information to market our Services. We also combine personal information collected on our website with other information we collect online or offline about users to better tailor marketing or website content, including to measure the effectiveness of our advertising, or for other purposes, such as internal research. To learn more about how we track and use your information, see our Cookie Notice.
- Gauge Tester performance—We use the Tester information to gauge your performance, and to improve our Services.
- Store data – We store data on servers hosted by the Google Cloud Platform (“GCP”) and Amazon Web Services (“AWS”) in the United States. We use appropriate technical, administrative, and physical measures to secure your data during storage.
Some of the collected information is necessary for us to deliver our Services to you. If you do not provide this information, we will not be able to deliver our Services to you.
How We Share Information
We share information we collect about you in the ways discussed below. We do not sell information about you to advertisers or other third parties.
- Sharing with other users of our Services – When you use our Services, we may share certain information about you with other users.
- Managed accounts and administrators: If you register or access our Services through an organization such as your employer, certain information about you, including your name, contact info, content, and past use of your account may become accessible to that organization’s administrator or to other individuals with whom the administrator shares access. If you are an administrator for a particular group of users within our Services, we may share your contact information with current or past users, for the purpose of facilitating Services-related requests.
- Sharing with third parties – We share information about you with third parties only as described below:
- Consent provided: We do not currently share your information with third parties for marketing purposes, but if that changes, we will obtain your consent first.
- External processing: We provide your information to other third parties to help us with our business activities, and to deliver our Services. For example, we use Zendesk to manage any customer support questions sent via email. These companies are authorized to use your information only as necessary to provide these services or perform them on our behalf.
- Mergers and acquisitions: If your personal information is transferred to a party unaffiliated with Rainforest as part of merger, acquisition, or sale of all or a portion of our assets, we will provide you with notice prior to transferring your personal information to the new entity. Notice will be provided directly through our Services.
- Legal purposes: We disclose your information when we believe that disclosure is (1) reasonably necessary to comply with any applicable law, regulation, subpoena, legal process, or enforceable governmental request; (2) necessary to enforce the provisions of the Notice; (3) required to enforce our Terms of Service, including investigation of potential violations; or (4) necessary to protect against harm to the rights, property, or safety of Rainforest, our users, or the public as required or permitted by law.
- Sub-processors – We use the following sub-processors to operate our Services. This list was last updated on August 10th, 2020.
Compute & Storage:
Where appropriate or legally required, we will describe how we use personal information collected, so you can make choices about how your data is used. You can notify us of your preferences during the information collection process and change your selection at any time by contacting us directly.
- Geolocation – We collect your IP address and geographic location when you inquire about our Services. You can restrict our access to and collection of your location information by disabling location-sharing on your device, located in your device (e.g., mobile phone) settings.
- Marketing emails – You can choose to stop receiving marketing emails by following the unsubscribe instructions included in these emails, or by using the email address listed in the “Contact Us” section below.
Accessing, Correcting, and Updating Your Information
You may have certain rights in connection with the personal information we obtain about you. To update your preferences, correct your information, limit the communications you receive from us, or submit a request to exercise your rights, please contact us as specified in the “Contact Us” section below.
As required by law, you may have the right to:
- Request access to certain personal information we maintain about you;
- Request that we update, correct, amend, erase or restrict certain personal information; and
- Exercise your right to data portability.
Where our Services are administered for you by an administrator (such as your employer or organization), you may need to first contact your administrator to assist with your requests. For all other requests, you can contact us as provided in the “Contact Us” section below.
In some circumstances you can withdraw consent you previously provided to us or object to the processing of your personal information, and we will apply your preferences moving forward.
To help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to your information. We may also decline your access request, but if we do, we will provide an explanation for our decision. Your request and choices may be limited in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information that we or your administrator are permitted by law to retain. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, where you work, or where you feel your rights were infringed.
Data Transfers and Storage
We use data hosting service providers in the United States to host the information we collect from you, and we use technical measures to secure your information. We may transfer the personal information we obtain about you to other countries, which may have different data protection laws than the country in which you initially provided the information. To the extent required by applicable law, we will take measures to protect the cross-border transfer of your information.
If you are located outside the U.S., by submitting personal information to us, you understand that this information will be transferred to Rainforest in the U.S.A., which may not have equivalent privacy and data protection laws to the country in which you reside. If you do not want your personal information transferred to the U.S., please do not submit any information to us or use our Services. In the event that we transfer information about EU citizens outside the EEA, we make use of European Commission-approved standard contractual data protection clauses or other appropriate legal mechanisms to safeguard the transfer.
How Long We Retain Information
The period for which we keep your information depends on the type of information, as described in further detail below. We will either delete or anonymize your information or, if this is not immediately feasible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from further use until we can delete your data.
- Account information – We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate our Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for the improvement and development of our Services, we take steps to eliminate information that directly identifies you.
- Managed accounts – If our Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account. For more information, see the “How We Share Information” section above.
- Marketing information – If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your Rainforest account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date the information was created. See our Cookie Notice for additional information.
How We Protect Your Information
We use reasonable and appropriate physical, technical, and administrative safeguards to protect your information from unauthorized use, access, loss, misuse, alteration, or destruction. We also require that third party service providers acting on our behalf or with whom we share your information also provide appropriate security measures in accordance with industry standards.
Notwithstanding our security safeguards, it is impossible to guarantee absolute security in all situations. If you have any questions about security of our Services, please contact us at firstname.lastname@example.org.
Legal Bases for Processing (for EEA users)
If you are an individual from the European Economic Area (“EEA”), we collect and process your personal information only where we have legal basis for doing so under applicable EU laws. The legal basis depends on the Services you use and how you use them. This means we collect and use your personal data only:
- To fulfill our contractual obligations to you;
- To operate our business, including to improve and develop our services, for fraud prevention purposes, improve user experience, or other legitimate interest; and/or
- As otherwise in compliance with law.
If you have any questions about the legal basis for processing, please refer to the “Accessing, Correcting, and Updating Your Information” section above or contact us at email@example.com.
The Children’s Online Privacy Protection Act (“COPPA”)
Our Services are not directed to children under the age of 13, and we do not knowingly collect information from children under the age of 13.
Third Party Services, Applications, and Websites
Certain third-party services, websites, or applications you use, or navigate to and from our Services may have separate user terms and privacy policies that are independent of this Notice. This includes, for example, websites owned and operated by our customers or partners. We are not responsible for the privacy practices of these third-party services or applications. We recommend carefully reviewing the user terms and privacy statement of each third-party service, website, and/or application prior to use.
Changes to This Privacy Notice
We periodically update this Notice to describe new features, products, or services, and how those changes affect our use of your information. If we make material changes to this Notice, we will provide notification through our services and/or notify you directly. We encourage you to review this Notice for updates each time you use our Services.
If you have questions about this Notice or our information handling practices, please contact us at firstname.lastname@example.org.
Confidential and Proprietary.