Last modified: February 17, 2022.
Please note: SAFR is provided to, and intended for use by, organizations such as schools and businesses. If an organization using SAFR collects personal information about individuals (including images and facial recognition data), that information is subject to that organization’s policies. If Real processes such data, it is because our customer (the organization that uses SAFR) has enabled cloud hosting and our processing is at the direction and on behalf of our customer. If you have questions about the processing of personal information collected through SAFR, or if you wish to exercise rights under the California Consumer Privacy Act (CCPA), the EU General Data Protection Regulation (GDPR), or similar privacy law, you should direct inquiries to that organization. Real is not responsible for the privacy or security practices of our customers, which may differ from ours.
If you are a SAFR customer or a user of the SAFR website, and have any questions about our policies and practices, we encourage you to contact us via the contact information provided at the end of this Policy.
Information We Collect About You.
We collect information that is necessary to provide and improve our Services, to communicate with you, to conduct our operations effectively, and to support customer relations. Information collected may include:
- Your contact information. This may include information you provide to us when you register for Services, such as: your name, username, and contact details—including your email address, mailing address, telephone number and information about the institution you represent.
- Information concerning your use of Services. This information may relate to your activities on our SAFR website, including pages visited.
- Information about your hardware. This information may include your unique device ID (persistent/ non-persistent, MAC or IMEI), hardware, software, platform, and Internet Protocol (IP) address.
How We Use Your Personal Information.
We use information to provide you with our Services, as well as to enable our operations. Such uses might include:
- Verifying your access rights;
- Determining whether your device meets our minimum system requirements;
- Enabling compatibility and interoperability;
- Initiating automatic updates to downloaded Services;
- Providing language and location customization;
- Developing aggregated statistics that help us better understand how our Services are used and how to market them;
- Improving our Services, such as fixing problems and continually improving the performance of features you may use; and
- Communicating with you, such as sending you messages concerning your account and customer service issues; asking you to participate in surveys; and delivering news, updates, promotions, and special offers.
When and How We Share Personal Information with Third Parties.
We will not share your personal information with third parties without your consent, except as necessary for the purposes set forth in this Policy. In order to effectively operate our services and also provide optimal customer experience we share personal information with the following partners.
We may disclose personal information about our customers to our service providers in order for them to provide specific services to us. For example, we share personal information with third-party data center service providers such as AWS for secure storage. Our service providers are bound to keep all personal information they process confidential.
We use third-party analytics providers such as Google Analytics to help us compile aggregated statistics about the operation and effectiveness of our websites. Analytics providers set or read their own cookies or other identifiers on your device, through which they can collect information about your use of our websites and those of other companies. You can learn more about Google Analytics, including how to opt-out, by visiting Google’s Privacy & Terms for Partners.
We may transfer personal information in connection with a sale, merger, transfer, exchange or other disposition (whether of assets, stock or otherwise) of all or a portion of a business of Real and/or its subsidiaries.
We may also disclose your personal information, if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law; (b) comply with the order of a competent judicial authority in any jurisdiction; or (c) comply with legal process served on Real.
How to Access, Update and Delete Your Personal Information.
We strive to give you autonomy over your personal information. To access, update or delete your personal information please contact us at firstname.lastname@example.org.
Please, also refer to the "Contact us on Privacy" section for additional ways of contacting us.
We will also delete your personal information when you delete your account or three years from your last interaction with our Services, whichever occurs first.
EU DATA PROTECTION RIGHTS
If the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:
- You may request access to, and rectification or erasure of, personal data;
- If automated processing of your personal data is based on a contract with you or your consent, you have certain rights to data portability;
- If the processing of personal data is based on your consent, you have a right to withdraw consent at any time (without affecting the lawfulness of processing that occurred before its withdrawal); and
- You have a right to object to, or obtain a restriction of, the processing of personal data under certain circumstances.
You may exercise those rights by contacting us as described below. When we are processing data on behalf of another party that is the “data controller,” you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
EU-U.S. And Swiss-U.S. Privacy Shield.
In absence of an adequacy decision, Real provides appropriate safeguards for the transfers personal data to a third country or an international organization such as, but not limited to, standard contractual clause, and binding corporate rules. In absence of an adequacy decision and appropriate safeguards, Real will only make an international transfer of personal data if the transfer is necessary for the performance of a contract between You, as the data subject, and the controller, or for the implementation of pre-contractual measures taken at Your request. In some cases, we may remain liable if a third party processes personal data on our behalf in a manner inconsistent with the Privacy Shield Principles. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.
If you have a question or complaint related to our participation in the Privacy Shield, we encourage you to contact us via our contact information below. For any complaints related to the Privacy Shield frameworks that cannot be resolved with us directly, you may seek resolution of your complaint by contacting the International Centre for Dispute Resolution, the international division of the American Arbitration Association (ICDR-AAA). As further explained in the Privacy Shield Principles, binding arbitration is available to address residual complaints not resolved by other means. We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
We revise this Policy as needed to keep it up-to-date with Services. When we do, we will update the date at the top of this Policy. If we make any material changes we will notify you by email (sent to the email address specified in your account) or by means of a notice on this page. We encourage you to periodically review this page for the latest information on our privacy practices.
To ask questions or comment about this Policy and our privacy practices, contact us at:
1501 First Avenue South, Suite 600
Seattle, WA 98134