Effective Date: May 22nd, 2024
This Privacy Notice describes how Flatfile (“our,” “we”) collects, uses, and shares personal information. In particular, this Privacy Notice applies to:
Our website at https://flatfile.com as available to the general public (our “Website”). This Privacy Notice applies to all visitors to our Website (“Visitors”).
Our customers (“Customers”) who utilize our services (“Services”). As a central part of our Services, we support the exchange of Customer data across platforms. Sometimes, that exchanged data includes personal information related to individual consumers (“Consumers”) collected and processed by our Customers.
For all individuals who interact with us online (collectively, “Users”), we collect information you choose to give us and other information that may be collected from your use of our Website and Services, including from your device. We use that information to operate our business and for purposes set forth below. Below, we also describe choices we offer with respect to your information.
This Privacy Notice does not apply to information which is not processed by Flatfile. If you are a Consumer who wants to understand the information practices of your Customer you should contact them directly or refer to their privacy notice(s). This Privacy Notice does not apply to information that cannot be identified to any individual, household, or their devices, such as de-identified or anonymized information.
The sections of this Privacy Notice are hyperlinked below for your convenience:
Information Collection on our General Website Other Information Collection, Logging, and Automatically Collected Information |
Personal information may be freely provided by the User, or, in case of Usage Data (as defined below), collected automatically when using Flatfile. Unless specified otherwise, all data requested by Flatfile is necessary in order to provide you our Services. In cases where Flatfile specifically states that some data is not mandatory, Users are free not to communicate this data without consequences to the availability or the functioning of the Service. Users who are uncertain about which personal information is mandatory are welcome to contact us. Any use of cookies or other tracking tools by Flatfile or by the owners of third-party services used by Flatfile serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy, if available.
Customers are responsible for any third-party personal information obtained, published or shared through Flatfile. If you are a Consumer who wants to understand how a Customer uses your data, you should contact that Customer directly.
We collect information about individuals from a variety of sources, including:
Directly from you when you provide it to us.
Automatically as you utilize the Website or Services.
From third parties.
We may collect information from advertisers, marketing service providers, affiliates, promotional partners, and application providers. We may use this information to provide you with interest-based advertising or other targeted content, and for other purposes (such as to better understand our Website’s and Service’s audience).
Category of User | Personal Information Collected | Key Information Uses |
Visitors | Data you communicate to us while using the Website. Information you provide in response to a survey, which may include: First and last name; Email address; Phone number; and/or Job title. Usage Data, as defined below. | Permit you to login to the Services. Provide Service functionality, including facilitating your interactions with others on the Service. Measure Website traffic and analyze user behavior to improve the Service. Manage your account and provide support. Provide information about new or related services we may offer. For other general purposes noted below (e.g., to maintain records, enforce legal terms or comply with law) (see Other Ways We Use Information We Collect). |
Customers | First and last name. Email address. Phone number. Mailing address. Job title. Data you communicate to us while using the Website. Information you provide in response to a survey. Login credentials. Credit card or bank account Information. Usage Data, as defined below. | Manage the business relationship and Services. Permit you to login to the Services. Provide Service functionality, including facilitating your interactions with others on the Service. Measure Website traffic and analyze user behavior to improve the Service. Process transactions and payments. Manage your account and provide support. Provide information about new or related services we may offer. For other general purposes noted below (e.g., to maintain records, provide service updates, enforce legal terms or comply with law) (see Other Ways We Use Information We Collect). |
Consumers | Flatfile Customers may provide certain data relating to Consumers in the course of business with Flatfile. Please contact our relevant Customer directly to learn more about their particular data collection and sharing through our Services. | We may use such data to provide Services to our Customers or for other legal purposes, including as set forth in Other Ways We Use Information We Collect; However, for Consumers who do not visit our website, generally, we will not directly target marketing communications and we will not automatically collect usage data from our website. |
If you are a Visitor, we may collect your name, email address, and other information you choose to submit when you browse our Website, complete forms, fill in surveys, request information from us, sign up for our mailing list or newsletters, or otherwise visit or interact on our Website.
If you interact with any of our websites or online services, your browser or device will be subject to collection of logging and other automatically collected information. This includes information collection via cookies, web beacons, and other automatically collected information. The information we automatically collect may include your IP address, date and time you access our websites or online services and the pages and content you access during your visit, language preferences, websites that you link to or from, whether you receive or open an email or other communication from us (or via our Services), and the links you click on within those emails, information from your mobile device or your computer about how you interact with our website or online services, including the time of arrival and length of visit, unique device identifier, mobile network information, the type of device used and the operating system on that device, browser type, a list of files downloaded or pages viewed, and any errors encountered (collectively, “Usage Data”).
If you are a Visitor on our Website, please note that other parties may collect personal information about your online activities over time and across third-party websites and online services. These third parties may collect information from these sources when you use our Website. We do not control any personal information once collected by these parties. We do not respond to “Do Not Track” signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personal information about an individual consumer’s online activities over time and across third-party websites or online services. However, our Cookie Policy provides information on how to manage your cookie and tracking preferences. Please note that these preferences may be limited to the device or computer you used to access our Website when setting such preferences.
We use information as described above. In addition, we may use all of the information we collect in order to:
Support access to the Website and Services and to manage accounts with us.
Maintain, analyze, customize, and improve your experience on our Website and Services.
Support business development, research, marketing and promotional purposes, press inquiries or aggregate statistical analysis and site customization.
Communicate with Visitors and Customers about our Website and Services,
including receipts, technical notices, security alerts, and support and administrative messages. We may also p
rovide customer and technical support, including notices about accounts and subscriptions and changes to our service.
Send promotional and marketing materials, support contests and other promotions, notify you about incentives and rewards, and to provide you information that you request from us.
Monitor and enforce our contracts, legal terms, acceptable use or other policies or similar terms.
Comply with law and satisfy our regulatory and compliance obligations. Additionally, to support compliance efforts on behalf of others and ourselves that support our provision of services to you.
Provide a personalized experience. Automatically collected and device information may also be used to help us estimate our audience size, usage patterns, and analyze trends and administer our services, and used for research and marketing purposes.
Help detect and prevent fraudulent use of our Services and other prohibited, illicit or illegal activity. We may use information to compare information for accuracy, and to very identity.
Monitor information security, manage and protect our technical infrastructure (servers, networks, etc.), detect and prevent fraud and other prohibited, illicit or illegal activity, and to protect the rights and vital interests of you, others, and ourselves.
Manage the website and other Services we provide you, including gathering aggregated information about engagement.
Address existing or anticipated disputes and to protect our legal interests.
Otherwise operate our business, including support for transactions impacting our company as a whole (such as mergers, acquisitions, reorganizations, underwriting or asset purchases).
Fulfill any other purpose for which you provide your information to us and for other purposes disclosed to you in connection with our Services.
Other purposes or permitted by law or to which you consent.
To enhance our services, we may also retain and use your information in an anonymized or de-identified format where your identity is not recognizable. Such information is not subject to the same usage restrictions as personal information and can be used to improve our products and services, conduct research, or for our other business purposes.
As permitted by law, we may combine the information we gather about you in identifiable form, including information from third parties. We may use this information, for example, to improve and personalize our services, content and advertising.
We are committed to maintaining measures to protect the security of your personal information maintained in our systems. To that end, Flatfile maintains compliance with publicly recognized security frameworks such as SOC2, and privacy standards such as GDPR.
However, no network or system is ever entirely secure and we cannot guarantee the security of networks and systems that we operate or that are operated on our behalf. If we face a security breach, we will notify you as required by law via email.
The safety and security of your personal information also depends on you. Where you have chosen a password for access to certain parts of our Services, you are responsible for keeping this password confidential. You should not share your password with anyone.
We may share your information with third parties as reasonable to operate our business (including for the purposes described above), to provide the Website and Services to you and others, as permitted or required by law, or as directed or authorized by you. For example:
Affiliated Companies. We may share some or all of your information with our parent companies, subsidiaries, affiliates, joint ventures, or other companies under common control with us.
Third Party Sharing. We work with third parties to help us provide our Website and Services and to support internal operations. In some cases, they may use your information subject to their own privacy policies and to comply with their own legal and regulatory obligations. We work with different types of third parties, presently including but not limited to:
Data hosting, storage and cloud service providers;
Platform and/or application security service providers;
Technical and customer support providers;
and, Marketing and analytics providers.
Below is a table of third-party providers with which we share data, the purpose for sharing, and the categories of data shared.
Provider | Purpose | Personal Data Processed | Place of Data Processing | Applicable to |
Application hosting | First and last name Email address Data you communicate to us while using the Website Usage Data | USA, unless otherwise specified in your Service Agreement | Customer / Consumers | |
Cookie policy administration & consent tracking | Usage Data | USA | Visitors / Customer / Consumers | |
Application authentication | Login credentials. First and last name Email address | USA, unless otherwise specified in your Service Agreement | Customers | |
Application authentication and SSO | Email address Login credentials | USA | Customers | |
Marketing, analytics | First and last name Email address Phone number Mailing address Job title Data you communicate to us while using the Website Information you provide in response to a survey Usage Data Geolocation data | USA | Visitors / Customer / Consumers | |
Marketing, analytics | Data you communicate to us while using the Website Usage Data Geolocation data | USA | Visitors / Customer/ Consumers | |
Marketing, analytics | Data you communicate to us while using the Website Usage Data Geolocation data | USA | Visitors / Customer / Consumers | |
Marketing, analytics | Data you communicate to us while using the Website Usage Data Geolocation data | USA | Visitors / Customer / Consumers | |
Marketing, analytics | Data you communicate to us while using the Website Usage Data Geolocation data | USA | Visitors / Customer / Consumers | |
Marketing, analytics | Usage Data Geolocation data | USA | Visitors / Customer/ Consumers | |
Application billing | First and last name Email address Mailing address Credit card or bank account Information | USA | Customer/ Consumers | |
Application support | First and last name Email address Data you communicate to us while using the Website Information you provide in response to a survey Usage Data Geolocation data | USA | Visitors / Customer/ Consumers | |
Application Support | First and last name Email address Data you communicate to us while using the Website Information you provide in response to a survey Usage Data Geolocation data | USA | Visitors / Customer/ Consumers | |
Application training | Usage Data Geolocation data | USA | Customers/ Consumers | |
Video hosting | First and last name Email address Information you provide in response to a survey | USA | Visitors / Customer / Consumers | |
Marketing, analytics | Data you communicate to us while using the Website Usage Data Geolocation data | USA | Visitors / Customer / Consumers | |
Marketing, analytics | First and last name Email address Phone number Mailing address Job title Data you communicate to us while using the Website Information you provide in response to a survey Usage Data Geolocation data | USA | Visitors / Customer / Consumers | |
Application support | Geolocation data | USA | Customer | |
Application support | Login Credentials | Germany | Customer |
Professional Advisors, Law Enforcement and Regulators. We share information with our professional advisors who provide legal, compliance, auditing, accounting, banking, consulting, or other professional services, and with regulators, law enforcement, or government agencies to:
Comply with our legal and regulatory obligations, including those compliance obligations of federal, state or local regulators;
Protect our interests, property or legal rights, or those of our customers or third parties;
Respond to a subpoena, court order, or similar law enforcement request, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity, or to investigate violations of this Privacy Notice or other applicable terms; and
For other legal purposes, such as to enforce our terms and conditions, or to exercise or defend legal claims.
Corporate Transaction. In the event of a corporate transaction or reorganization, we may share your personal information. We may share your information in connection with, or during the negotiation of, any merger, sale of company stock or assets, financing, acquisition, restructuring, divestiture or dissolution of all or a portion of our business, or other similar event.
Other Disclosures. In addition to the above disclosures, we may disclose personal information in the event that we believe such disclosure is (i) necessary to provide our services or operate our business; (ii) in accordance with purposes we describe when you share it with us; (iii) permitted by law; or (iv) with your consent or at your direction.
We may disclose aggregated or de-identified information that does not identify any individual without restriction.
Update personal information. If you are a Customer who holds an online account with us, you can adjust certain information you have provided about yourself by logging into your account. You may also request changes to your information by emailing us at support@flatfile.com. As permitted by law, we may deny a request to change information if we believe the change would violate any law or legal requirement, cause the information to be incorrect, or prevent the provision of our Services.
Marketing communications. You may receive marketing communications from Flatfile, including if you sign up for marketing or other communications. You may opt out of receiving marketing emails by following the unsubscribe link in each email. Please note that you may continue to receive non-marketing emails from us after you opt-out. We do not control communications from others, including your employer Customer. If you are a Consumer, you should contact these entities directly to understand communication choices they may provide you.
Cookies. You have a choice regarding certain cookies. Most web browsers automatically accept cookies, but you may modify your browser’s setting to notify you of cookie placement or decline cookies. If you choose to decline cookies, certain features of our website may not function properly or at all as a result. More information is available on Flatfile’s Cookie Policy here.
Flatfile is not responsible for any practices employed by websites linked to or from our website, nor their information or content. Please remember that when you use a link to go from our website to another website, this Privacy Notice is no longer in effect.
Our Services are not intended for anyone under the age of 13. Any access to or use of the Services by anyone under the age of 13 is unauthorized. If you are under 13, and you provide any information on or through our Services; we may contact your parent or guardian about your communications. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you are a parent or guardian or otherwise believe we might have any information from a child under 13, please contact us.
We may update this Privacy Notice from time to time in order to provide clarification or notice of changes to our practices. If we make changes, we will revise the Effective Date at the top of this Privacy Notice. Changes to this Privacy Notice will be effective once they are posted unless otherwise indicated. We may choose to notify you by email to the email address in our records. We encourage you to periodically review our Privacy Policy to be sure you are familiar with the most current version.
If you have any questions or concerns about this privacy notice or the privacy practices at Flatfile, please contact us at compliance@flatfile.com.