Privacy Policy

This Cloverleaf.me, Inc. (“Cloverleaf” or “Company” or “we” or “us”) “Privacy Policy” applies to https://cloverleaf.me/ (“Site”) as well as Cloverleaf’s service (which includes its features and other Cloverleaf branded or co-branded websites and applications, including sub-domains, international versions, widgets and chat bots, mobile versions and mobile apps) (together, the Site and service referred to collectively as the “Service”), each of which is owned and operated by Cloverleaf. This Policy applies to information and data collected directly by us, (“Personal Information”) and does not apply to any data collection by third-parties that are not affiliated or otherwise acting under the direction and control of Cloverleaf. If our privacy practices for a certain application differ from those explained in this Privacy Policy, we will let you know at the time we ask for or collect your information. We recognize and respect your privacy. 

It is our policy to comply with all applicable privacy and data protection laws, which may include the General Data Protection Regulation, Regulation (EU) No. 2016/279 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”). This commitment reflects the value we place on earning and keeping the trust of our customers, business partners, and others who share their data with us.

Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. We may make changes to the Privacy Policy from time to time. We, therefore, encourage you to check the Privacy Policy periodically for updates.

Data Controller

In some situations in which Cloverleaf collects Personal Information, Cloverleaf is the data controller responsible for your Personal Information. As such, we determine the purpose and means of processing your Personal Information and have the primary responsibility for ensuring your Personal Information is processed in accordance with GDPR regulations. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact us at support@cloverleaf.me.

We may utilize data processors to process your data on our behalf, or may at times act as a Data Processor processing your data on behalf of a Data Controller. These data processors are listed here. To view a list of our subprocessors, click here.

Types of Personal Information Collected Through the Service

We may collect the following types of Personal Information through the Service:

• Your contact information such as first and last names, email address, job title, affiliate organization (if any), phone number, reporting relationships, and any applicable Self-Assessment Data (see below);
• Personal information contained in legal agreements (such as invoices and orders);
• Information posted by you to the Service such as comments, suggestions, feedback, opinions, or media; 
• Any other Personal Information you submit through the Service or to us in the form of an email; and
• Information that you provide to the Service by enabling the Service to retrieve data from other systems (e.g., Calendar systems, etc.)

Self-Assessment Data

Utilizing our Service involves you taking one or more self-assessment tests and providing information about yourself (collectively, “Self-Assessment Data”). For more information about our self-assessment tests and information that we will collect from you during that submission process, please visit this link https://help.cloverleaf.me/en/collections/1757272-assessments.

Any Self-Assessment Data that you provide through the Service becomes a part of your user profile which may also be shared with your associated organization(s) and their authorized consultants, if any, and applicable self-assessment test providers. If you share Self-Assessment Data with an organization, other users within that organization will have access to your Self-Assessment Data. Your Self-Assessment Data will be displayed along with your profile to that organization. You and your organizations may also place your profile into teams or groups, and the users of such teams and groups will have access to your profile and Self-Assessment Data. Our Service dashboard enables users to manage their information (e.g., keep their information up to date, re-take self-assessment tests if they choose, share information and results with others and delete information upon request). Your user profile and Self-Assessment Data may be shared with third parties and members of your organization, subject to your privacy settings. We are not responsible for the accuracy of your Self-Assessment Data or any information that you post to your profile. We cannot prevent such information from being used by others in a manner that may violate this Privacy Policy, the law or your personal privacy. Taking self-assessment tests and posting of any information or content to the Service are subject to our Terms of Use. 

Types of Uses of Information & Personal Information

We collect, store and use all information including Personal Information you provide to us in various ways always in accordance with this Privacy Policy and as follows:

• To provide and improve the Service and offerings or services provided by us to better understand how users access and use the Service and offerings provided by us;
• To process product orders received through the Service or other ways you communicate them to us (e.g., email, phone);
• To evaluate business opportunities; 
• To effectuate or enforce a transaction or agreement; 
• To adjust offerings or services provided by us to you;
• To provide you with information about our products and services that we believe you may find of interest, including to send you mailing lists, and marketing and promotional e-mails;
• To authenticate visitors to the Service; 
• To be able to respond to requests or inquiries, and for similar, customer-service-related purposes; and
• We automatically collect through the Service information that is often not personally identifying, such as the website from which visitors came to the Service, Service visitors’ IP address, browser type and other information relating to the device through which they access the Service. We may combine this information with the Personal Information we have collected from you.

For clarity, we do not make any warranty, express, implied or otherwise, that we will be able to prevent loss, misuse, unauthorized access to, or alteration of personally identifiable information you provide to us. You make any disclosure of personally identifiable information to us at your own risk.

Types of Sharing of or Disclosures of Personal Information

We may share or disclose Personal Information to third parties for the following purposes:

• In aggregated, or non-personally identifying, forms of information about Service users for marketing, advertising, research, statistical analysis or other reasonable business purposes;
• To provide you with information relating to products or services that we believe you may find of interest;
• In response to a subpoena or other legal process by a governmental entity or third party, or if otherwise required by law;
• To protect or enforce our rights including with respect to our assets and properties; 
• In the event of the sale or dissolution (bankruptcy) of assets, in whole or in part, of our business or any of its affiliates;
• In the process of fulfilling orders, providing, or performing functions on our behalf (e.g., such as third-party service providers, contractors, payment processors, banks, and collection agencies); and 
• To provide products or services requested including the self-assessment test providers.
• When such third parties act as subprocessors enabling Us to provide the Service.  To view a list of our subprocessors, click here.

In some instances in which subprocessors are used, Cloverleaf may act as a data controller. Cloverleaf respects the rights of all users to delete their data when Cloverleaf is the data controller, and will duly forward request to the data controller if Cloverleaf is acting as a data subprocessor and act on it when the request from the controller is received. For all non-organization users, Cloverleaf is the data controller. For some organization users, Cloverleaf may act as a subprocessor to the organization. Cloverleaf respects the rights of all users to access their data. Cloverleaf provides users management capabilities and access to their assessment results and other data in the platform and will export this data when duly requested. Cloverleaf retains the data of users while they maintain an account, and/or while their organization maintains an account and for up to 30 days afterward, unless the users discontinues use and requests deletion under the terms outlined above. Cloverleaf maintains activity logs for technical and legal purposes which are retained for 1 year and deleted thereafter. Upon full data deletion, Cloverleaf will totally delete Personal Information and irreversibly de-reference (anonymize) any other information that may be retained for aggregate usage in platform improvement. Such data will only be retained if it can be totally severed from any possible connection to the originally attached identity.

Cookies, Beacons and Analytics

When you interact with the Service, we strive to make your experience easy and meaningful. Our Service uses technology, or those of third-party service providers, such as cookies, web beacons (clear GIFs, web bugs) and similar technologies to track user activity and collect site data. We may combine this data with the Personal Information we have collected from you.

COOKIES

We (including our subprocessors) use cookies for Service functionality and to track visitor activity on the Service. A cookie is a text file that a website transfers to your computer’s hard drive for record-keeping purposes. Our cookies assign a random, unique number to each visitor’s computer. They do not contain information that would personally identify the visitor, although we can associate a cookie with any identifying information that is or has been provided to us while visiting the Service. We use cookies that remain on your computer for a specified period of time or until they are deleted (persistent cookies). We may also use cookies that exist only temporarily during an online session (session cookies) – these cookies allow us to identify you temporarily as you move through the Service. Most browsers allow users to refuse cookies but doing so may impede the functionality of some portions of our Service.

WEB BEACONS

Web beacons are tiny graphics with a unique identifier, similar in function to cookies, that are used to track the online movements of Web users. In contrast to cookies, which are stored on your computer’s hard drive, Web beacons are embedded invisibly on webpages or e-mails and may not be disabled or controlled through your browser. 

Third Parties

We may also engage third parties to track and analyze Service activity on our behalf. To do so, these third parties may place cookies or web beacons to track user activity on our Service. We use the data collected by such third parties to administer and improve the quality of the Service, analyze usage of the Service, and provide a more enhanced user experience on the Service, such as personalizing and delivering relevant offers and content based on user activity on the Service. In cases where such third parties are engaged, they act as our subprocessors and are bound by applicable agreements concerning usage of personally identifiable information. 

User Content

The Service may allow users to post information. Any information that you post to the Service becomes public information and may be viewable by other users, as well as visitors to the Service. In addition, your name, as well as other optional information you choose to submit along with the information you post, will be publicly displayed along with your comment or blog. We are not responsible for the privacy of any information that you choose to post to the Service, or for the accuracy of any information contained in those postings. We cannot prevent such information from being used by others in a manner that may violate this Privacy Policy, the law, or your personal privacy. Your posting of any content to any of the Service is subject to our Terms of Service (located here: https://cloverleaf.me/terms).

Third-Party Links

The Service contains links to other, third-party websites. Any access to and use of such linked websites is not governed by this Privacy Policy, but, instead, is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites. 

Email Policy

In addition to usage of your e-mail to provide you with Service, we may use your email address to communicate with you about orders you have placed, inquiries you have made about our products and services, or information you have shared with us through the Service or email. We may send you emails from time-to-time, about information that we believe may be of interest to you. We may also send you news and offers about our products and services, or those of our chosen partners. Examples include, but are not limited to, our blog, newsletter, information about special offers, or other products or offerings.

If, at any time, you would like to stop receiving promotional e-mails, you may follow the opt-out instructions contained in any such e-mail. Please note that it may take a few business days for us to process opt-out requests. If you opt-out of receiving emails or promotions, we still may send you e-mails to you in accordance with this Privacy Policy, as requested by you, or in reference to other customer service purposes.

We may transfer your personal information outside the European Economic Area (EEA) to countries that do not provide the same level of protection for personal information. In such cases, we will ensure that appropriate safeguards are in place to protect your personal information, such as using standard contractual clauses approved by the European Commission.

Children

Our website and Services are not intended for children under 16 years of age. We will not knowingly solicit or collect personal data from children under 16, or the relevant minimum age under applicable local legal requirements, except as permitted under applicable law. If we learn that we have received information directly from a child under 16 without his or her parent’s or legal guardian’s consent, we will make commercially reasonable efforts to delete such information. 

Reasons for Processing Your Personal Information

We may process the personal data you provide for the following reasons and legal bases: