Privacy Policy
Ushahidi is committed to protecting your privacy.
It is your right to be informed about how Ushahidi manages your personal information. We’re providing this Privacy Policy to explain how we collect, receive, use, store, share and disclose your data through our Services. To make this policy easier to read, the Sites, our services, platforms, and Apps are collectively called the “Services.” If you have any questions about your personal data and our policies, please email privacy@ushahidi.com
This Privacy Policy does not apply to any Third-Party Services (as defined below), even if they are accessible through our Services. Also, please note that unless we define a term in this Privacy Policy, all capitalized terms used in this Privacy Policy have the same meanings as in our Terms of Service. So, please make sure that you have read and understand our Terms of Service.
Included In Our Policy
- Who We Are
- Collection And Use Of Information
- The Ways We Use Your Information
- Information That We Share With Third Parties
- Data Protection Laws
- Your Rights
- Your Choices
- Responding To Do Not Track Signals
- The Security Of Your Information
- How Long We Keep Your Data
- Links To Other Sites
- International Transfer
- Our Policy Toward Children
- Contacting A Regulator
- Revisions To This Privacy Policy
Who We Are
Ushahidi creates technology to help people raise their voice and those who serve them to listen and respond better.
Ushahidi Inc is incorporated in Florida, USA.
- Our registered address is: 12472 Lake Underhill Road, No. 330 Orlando FL 32828 United States
- Our address in Kenya is: P.O. Box 58275 00200, Nairobi, Kenya
Privacy enquiries can be sent to privacy@ushahidi.com and personal data requests can be made to data@ushahidi.com.
Collection And Use Of Information
Data Collected or Received from You
Our primary goals in collecting information are
- to provide and improve our Services,
- to administer your use of the Services (including your Account, if you are an Account holder),
- to provide you with updates, security alerts and support and administrative notices and
- to otherwise enable you to enjoy and easily navigate our Services.
Personally Identifiable Information. If you use our services we may collect certain information that can be used to identify you, such as your name, email address, profile photo, location and phone number (“PII”).
Account Information. If you create an Account to use our Services we will collect your name and email address. Optionally we may also collect your profile photo and, if you sign up for notifications, your phone number.
Information You Provide to Us When Using the Services. We will also collect any information and PII that you choose to submit via the Services, whether you hold an Account with us or not. For example, if you are an Ushahidi user, we will collect any PII that you provide when you post a report or fill out a survey created by a Primary Account Holder through the Ushahidi Services. Depending on the information you choose to submit, this information may be information that can be used to identify you, such as your name, photo, email address, phone number or location; or it may be information that is not considered PII because it cannot be used by itself to identify you.
Information from TenFour Users. If you are a TenFour user, as the Controller of your data, your employer may share your PII with us, including your name, phone number, address, emergency contact, location and email address, so that we can provide the TenFour Services.
Billing Information. When you purchase a paid subscription to any of our Services, we will collect via Chargebee and Braintree, our third-party payment processors, your credit card number, credit card expiration date and billing address to complete your order. The information provided to Chargebee is subject to the Chargebee Privacy Policy (available at https://www.chargebee.com/privacy.html). You should read the Chargebee Privacy Policy to learn about Chargebee’s information collection and usage.
Information Related to Use of the Services. Our software or servers automatically record certain information about how a person uses our Services (we refer to this information as “Log Data”), including both Account holders and non-Account holders. Log Data may include information such as a user’s Internet Protocol (IP) address, URL request, browser type, operating system, the web page that a user was visiting before accessing our Services, the pages or features of our Services to which a user browsed and the time spent on those pages or features, search terms, the links on our Services that a user clicked on and other statistics. We use Log Data to administer the Services and we analyze (and may engage third parties to analyze) Log Data to improve and enhance our Services by expanding their features and functionality. We may use a person’s IP address to generate aggregate, non-identifying information about how our Services are used.
Information Sent by Your Mobile Device. We collect certain information that your mobile device sends when you use our Services, like the manufacturer, model, operating system, and version of your device, as well as information about your use of our Services. We use this information in order to debug flaws in our software, identify device profiles we need to better serve, and identify versions of our software we need to support.
Location Information. When you use our Apps, we may collect and store information about your location by converting your IP address into a rough geo-location or by accessing your mobile device’s GPS coordinates or coarse location if you enable location services on your device. We may use location information to improve and personalize our Services for you. If you do not want us to collect location information, you may disable that feature on your mobile device. You may also choose to send your location to us when you use certain of our Services, such as Ushahidi, TenFour, SMSsync or CrowdMap.
Information Collected Using Cookies and other Web Technologies. Like many website owners and operators, we collect certain information when you visit one of our Sites or use our Services, even when you are not logged in. We use automated data collection tools such as Cookies and Web Beacons to collect certain information.
Use of Cookies and Web Beacons:
“Cookies” are small text files that are placed on your hard drive by a Web server when you access our Services. We may use both session Cookies and persistent Cookies to identify that you’ve logged in to the Services and to tell us how and when you interact with our Services. We may also use Cookies to monitor aggregate usage and web traffic routing on our Services and to customize and improve our Services. Unlike persistent Cookies, session Cookies are deleted when you log off from the Services and close your browser. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don’t accept Cookies, you may not be able to access all portions or features of the Services. Some third-party services providers that we engage (including third-party advertisers) may also place their own Cookies on your hard drive. Note that this Privacy Policy covers only our use of Cookies and does not include use of Cookies by such third parties.
“Web Beacons” (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services, to monitor how many visitors view our Services, and to monitor the effectiveness of our advertising. Unlike Cookies, which are stored on the user’s hard drive, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).
The Ways We Use Your Information
Ushahidi uses your data in various ways to provide our Services to you. The use of this data depends on how you interact with our Services:
How you interact with Ushahidi
How Ushahidi uses your data
Why we use personal data
When we collect personal data
Visit our websites
We use your data to track how our site is performing and see how users use the site.
If you fill our a form on the website we use your data to respond to you enquiry, or deliver the services requested.
We maintain tracking data to improve our website.
To effectively respond to your requests we need some personal data.
When you visit a page on our website.
When you input data into a form on the website.
Contact support
We send your personal information to our support system. When you submit a support request we use this to respond to you, and to see what Services you use.
To help you with your enquiries we need to be able to contact you and understand what services you have access to.
We collect your personal information when you first sign up for a user account.
Download our open source software
We use your data to contact you about Ushahidi products, to understand who is using our software and what they use it for.
To inform you about changes or fixes to our software.
To enable us to improve our products and services.
We collect information when you fill out the survey prior to downloading our software.
Purchase a plan
We use your personal data to create your deployment, and user account. We send your payment details to our payment processor and subscription management service.
To process your payment for services
We collect your name, email and organization when you sign up for our Services
We collect your payment information when you fill out the payment form.
Create a user account
We use your personal data to allow you to log in to our Services.
If you sign up for notifications, we use your data to send you notifications about new content.
Your personal data is necessary to enable your use of our services.
We collect your user data when you fill in the user registration form.
If you sign up for notifications, we collect some contact information.
Submit a bug
We use your personal data to respond to your bug report, and to help us fix the bug report.
We may need your personal data to understand and resolve your bug report.
If you submit a bug on Github, we will see your github username and public profile.
We may ask for additional information if needed
Sign up for marketing
We use your data to send you relevant marketing materials
We use your personal data to send customized and relevant messages to you
We collect your name and email when you subscribe to our email newsletters or sign up for our Services.
Participate in a user test
We use your data when you conduct a user test to improve our Services
We use you data to communicate directly with you, but do not pass this data to other user testers
We collect your contact details when you register for a user test and/or give written consent
Information That We Share With Third Parties
We will not share any PII that we have collected from or regarding you except as described below:
Information Shared with Our Services Providers. We may engage third-party services providers to work with us to administer and provide the Services. These third-party services providers have access to your PII only for the purpose of performing services on our behalf and are expressly obligated not to disclose or use your PII for any other purpose.
Information Shared with Third Parties. We may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes.
Without limiting the foregoing, we utilize the following services, among others, to gather information about how our users engage with our Services:
Service
What is it?
What do we use it for?
Privacy Information
Chargebee
Customer subscription management platform
To manage custom subscriptions and billing information
https://www.chargebee.com/privacy.html
Braintree
Payment processor
To process customer payments
https://www.braintreepayments....
Google Analytics
A suite of analytics tools
To analyze information about how users engage with our Services in order to improve them
www.google.com/policies/privacy/partners/
You can opt out of Google’s collection and processing of data generated by your use of the Services by going to http://tools.google.com/dlpage/gaoptout
Google G Suite
Email office software
To communicate, survey and exchange documents with our customers
https://policies.google.com/pr...
Google Firebase
Mobile development platform
To analyze our mobile apps, and send crash reports
https://firebase.google.com/su...
Dropbox
Cloud storage platform
To host documents and customer contracts
https://www.dropbox.com/en_GB/...
Intercom
Customer support platform
Messaging and emailing with our customers and potential customers to provide Service support
Campaign Monitor
Email marketing platform
Pushing newsletters and marketing materials to users
https://www.campaignmonitor.co...
Help Scout
Email support platform
To route customer support emails to support team
https://www.helpscout.net/comp...
PipeDrive
Sales CRM
To communicate and follow development with our leads and customers
https://www.pipedrive.com/en/p...
Wufoo by Survey Monkey
Cloud form platform
To receive support requests, requests for services and to collect customer surveys about our Services
https://www.surveymonkey.com/m...
Amazon AWS
Cloud hosting and services platform
To host our Services, as well our website, as backups, monitoring
https://aws.amazon.com/privacy...
Rackspace
Cloud hosting and services platform
To host our Services, as well our website as backups, monitoring
https://www.rackspace.com/info...
DigitalOcean
Cloud hosting and services platform
To host our Services, as well our website as backups, monitoring
https://www.digitalocean.com/l...
Slack
Enterprise communications application
To communicate with our staff and customers about our Services
https://slack.com/privacy-poli...
Apple App Store
Apple’s mobile app platform and store
To publish the mobile app for iOS users, helps track user analytics and crash reports
https://www.apple.com/legal/pr...
Android Play Store
Google mobile app platform and store
To publish the mobile app for Android users, helps track user analytics and crash reports
https://policies.google.com/pr...
Recurly
Customer subscription management platform
To manage custom subscriptions and billing information for Crowdmap
https://recurly.com/legal/priv...
Mapbox
Map hosting platform
To render and deliver map base layers
https://www.mapbox.com/privacy...
Information Disclosed in Connection with Business Transactions. Information that we collect from our users, including PII, is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your PII, may be disclosed or transferred to a third party acquirer in connection with the transaction.
Information Disclosed for Our Protection and the Protection of Others. We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.
Information Shared with Other Users. The information you list about yourself or choose to upload on our Services, including, but not limited to, your profile photo, website, location, contact information and your name, may be published and viewable to other users of the Services. In some circumstances, you may adjust the permissions on your posts to make them private or to limit their visibility to others. Outside of these circumstances, posting or updating any content on our Services is a public action, and all content may be publicly visible by other users of the Services. Public identification of all contributed content may include, but is not limited to, display of your Account name and your location.
Data Protection Laws
Under Regulation (EU) 2016/679, the General Data Protection Regulation or “GDPR,” we rely on the following legal basis to process personal data:
Your consent
Processing your data is done with your explicit consent. You provide your consent by signing a contract or agreeing to a check-boxes that describe how your data will be used. We do not use opt-out methods for gaining consent.
Performance of contract
Processing your data is required by a contract. Your personal data may be used to take next steps in entering into a contract. When you enter into contract, your personal data may be used to fulfill contractual obligations.
Legal obligation
Processing is necessary for compliance with a legal obligation according to Applicable Laws and Regulations.
Your Rights
Under Regulation (EU) 2016/679, the General Data Protection Regulation or “GDPR”, you have the right to:
- Access to the personal data we hold about you
- Correct any personal data we hold if it is incorrect or out of date
- Request the removal of any personal data we hold about you. In some cases, we may need to hold certain information for legal reasons or for performance of contract
- Object to the processing of information if you feel we have made an incorrect assumption, based on the data that we hold about you
- Restrict any processing of your data until we can verify your information
- Request the transfer of your data to another third-party of your choice where technically feasible
- Where your data is processed on the basis of your consent, you may withdraw your consent at any time
If you would like to exercise any of your rights, please email data@ushahidi.com. If you are not an EU citizen, we will still honor these rights wherever possible.
Please note for multiple requests within a short time-frame or requests for the same information, we may charge you an admin fee. If a third-party is making a request on your behalf, we will require proof of your permission before acting. All requests will be processed and completed within one month.
Your Choices
We offer you choices regarding the collection, use and sharing of your PII and we’ll respect the choices you make. Please note that if you decide not to provide us with the PII that we request, you may not be able to access all of the features of the Services.
Opt-Out. We may periodically send you free newsletters and e-mails that directly promote our Services. When you receive such promotional communications from us, you will have the opportunity to “opt-out” (either through your Account or by following the unsubscribe instructions provided in the e-mail you receive).
We do need to send you certain communications regarding the Services and you will not be able to opt out of those communications – e.g., communications regarding updates to our Terms of Service or this Privacy Policy or information about billing.
If you would like to delete your account completely, contact us at data@ushahidi.com.
Modifying Your Information. If you have an Account, you can access and modify the PII associated with your Account. You can also delete your Account at any time. Editing your content or deleting your Account may alter the displayed state of the content, but will not permanently delete the content from our Services and some information may remain in archived/backup copies for our records or as otherwise required by law. If you would like your data permanently deleted contact us at data@ushahidi.com.
Responding To Do Not Track Signals
Our Sites do not have the capability to respond to “Do Not Track” signals received from various web browsers.
The Security Of Your Information
We take reasonable administrative, physical and electronic measures designed to protect the information that we collect from or about you (including your PII) from unauthorized access, use or disclosure. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information. For more information about how we keep your data secure see our Data Security documentation.
How Long We Keep Your Data
Deployment data
Ushahidi deployment data - including users, contacts (sms, email, twitter), and survey data - are retained as long as the deployment exists. If a paid plan is cancelled, your deployment and data is kept on a free plan. If you wish your deployment deleted entirely, contact data@ushahidi.com.
User data
Deployment user data is maintained as long as the deployment and user exist. If the user is deleted by the deployment administrator, all their data is removed. Data may remain in offline backups indefinitely.
Customer and payment data
We will retain your billing and payment information as needed to provide you services. Even if you close your account with Ushahidi, we will still retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. However, we will identify your account in our database as “deleted” or “closed".
Support requests
If you contact our support team - through support@ushahidi.com or the in application chat - we retain those messages indefinitely, unless you request we delete them.
Links To Other Sites
Our Services may contain links to websites and services that are owned or operated by third parties (each, a “Third-Party Service”). Any information that you provide on or to a Third-Party Service or that is collected by a Third-Party Service is provided directly to the owner or operator of the Third-Party Service and is subject to the owner’s or operator’s privacy policy. We’re not responsible for the content, privacy or security practices and policies of any Third-Party Service. To protect your information we recommend that you carefully review the privacy policies of all Third-Party Services that you access.
International Transfer
Your PII may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your PII to us, we may transfer your PII to the United States and process it there.
Our Policy Toward Children
Our Services are not directed to children under 16 and we do not knowingly collect PII from children under 16. If we learn that we have collected PII of a child under 16 we will take steps to delete such information from our files as soon as possible.
Contacting A Regulator
If you are based in the EU, you have the right to levy a complaint with the Information Commisoner’s Office (ICO) if you believe that your data has not been handled correctly, or if you are unsatisfied with how we have responded to your requests about your personal data. You can reach the ICO visiting their website: www.ico.org.uk/concerns.
Revisions To This Privacy Policy
Any information that is collected via our Services is covered by the Privacy Policy in effect at the time such information is collected. We may revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we’ll notify you of those changes by posting them on the Services or by sending you an email or other notification, and we’ll update the “Last Updated Date” above to indicate when those changes will become effective.
Questions?
Please contact us at privacy@ushahidi.com if you have any questions about our Privacy Policy.