Last Updated: April 2024
Thank you for your interest in AppDirect, Inc. This Privacy Notice describes how AppDirect, Inc. (together with its subsidiaries and affiliates, "AppDirect," "we," "us," or "our"), collects, uses, discloses, and stores your information.
This Privacy Notice applies to information obtained through www.appdirect.com and our other websites (the "Websites"), and our service offerings (collectively, the “Services”), including our application marketplace ("AppDirect Marketplace").
This Privacy Notice covers various uses of our Services and your use of the Services in any capacity, including as a user, advisor, partner, provider, or end-customer, may implicate some or all of the practices described in this Privacy Notice.
Third parties who promote and market AppDirect branded or white-labeled instances of the AppDirect Marketplace are referred to in this Privacy Notice as “Platform Customers.” The AppDirect Marketplace also allows independent software and application vendors (each, a “Developer”) to make certain features of their applications, or other products or services owned and operated by the Developer (each, a “Developer Application”) available through the AppDirect Marketplace. This Privacy Notice does not cover the collection, use, and disclosure of your information by Platform Customers or Developers. These entities have their own privacy policies describing their practices that we encourage you to read.
By using the Services, you are agreeing to the practices described in this Privacy Notice. If you do not agree to the practices described in this Privacy Notice, please do not access or use the Services.
Our customers may choose to use the Services to process some of their data, which may contain personal information. The data that we process through our Services for our customers is processed by us purely as a data processor, on behalf of our customers and in accordance with our customers’ instructions, and our privacy practices governing the processing of such data will be in accordance with contracts that we may have in place with our customers.
If you have any questions or concerns about how such data is handled or would like to exercise your rights as a data subject, you should contact the person or entity who has contracted with us to use the Services to process your data (i.e., the data controller). Our customers control the personal information in these cases and determine the details regarding their account, including without limitation, how and for what purpose the data collected on their behalf should be processed. We will, however, assist our customers in addressing any concerns you may have, in accordance with the terms of our contract with them.
We offer a number of Services through our Websites, including:
AppMarket. To launch a white-label software marketplace to sell your own core offerings and third-party products.
AppReseller. To launch, scale, and optimize indirect channels faster with commerce capabilities for your reseller and referral partners.
AppDistribution. To reach untapped markets across the globe by distributing your products through a network of SaaS marketplaces.
AppBilling. Robust recurring billing software to power worldwide sales of any product or service.
Digital Engagement Services. To drive efficiencies and increase customer lifetime value by managing identities and information across your digital commerce solutions, consisting of AppWise, AppInsights, AppIdentity.
AppHelp. In addition to this Privacy Notice, please refer to the AppHelp Privacy Notice.
Procurement AppDirect Marketplace. Streamline procurement and spend management with a single location to find and buy all the technology services that power your business.
We collect information in multiple ways, including:
Information you provide. We collect any information that you provide us when you use the Services, including:
Information we collect through automated means. We and our vendors (which are third party companies that work on our behalf) may collect certain information automatically when you use our Services or otherwise interact with us.
Information We Collect From Others. We may also obtain information from third parties and sources other than the Services, such as advertisers, Platform Customers, Developers, referral or reseller partners, which we combine with information collected through the Services. The types of information we collect from third parties include contact information, company roles, and system identification numbers and we use the information we receive from these third parties to the extent necessary to provide the Services, maintain and/or improve the accuracy of the records we hold about you, and send you communications which may be of interest to you.
We, or our vendors, use your information (including any information that we collect, as described in this Privacy Notice) for various business and operational purposes depending on the types of information we have collected from and about you and the specific Service you use, in order to:
Combined Information. For the purposes discussed in this Privacy Notice, we may combine the information that we collect through the Services with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Privacy Notice.
Aggregate/Anonymous Data. We may aggregate and/or anonymize any information collected through the Services so that such information can no longer be linked to you or your device (“Aggregate/Anonymous Information”). We may use Aggregate/Anonymous Information for any purpose, including without limitation for research and marketing purposes, and may also disclose such data with any third parties, including advertisers, promotional partners, and sponsors.
The laws in some jurisdictions require companies to tell you about the legal ground relied on to use or disclose your information. To the extent those laws apply, our legal grounds are as follows:
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contact Information” section below.
Analytics. We may use third-party web and mobile application analytics services (such as those of Google Analytics) on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. The information collected by the technology will be disclosed to or collected directly by these vendors, who use the information to evaluate your use of the Services. We also use Google Analytics for certain purposes related to advertising, as described in the following section. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on.
Online Advertising. The Services may integrate third-party advertising technologies that allow for the delivery of relevant content and advertising on the Services, as well as on other websites you visit and other applications you use. These third parties may place their own cookies, pixel tags and similar technologies to collect information about your use of the Services. We also allow third parties (e.g., ad networks and ad servers, such as Google Analytics, DoubleClick and others) to access their own cookies and tracking technologies on your computer, mobile phone, or other device you use to access the Services. These third parties may use this and other information they have collected about you to deliver targeted advertisements for products and services in which you might be interested.
We neither have access to, nor does this Privacy Notice govern, the use of cookies or other tracking technologies that may be placed on your device you use to access the Services by such non-affiliated third parties. If you are interested in more information about tailored browser advertising and how you can generally control cookies from being put on your computer to deliver tailored advertising, you may visit the Network Advertising Initiative’s Consumer Opt-Out link, the Digital Advertising Alliance’s Consumer Opt-Out link, or Your Online Choices to opt-out of receiving tailored advertising from companies that participate in those programs. To opt out of Google Analytics for display advertising or customize Google display network ads, visit the Google Ads Settings page. We do not control these opt-out links or whether any particular company chooses to participate in these opt-out programs. We are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms.
Please note that even if you choose to remove your information (opt-out), you will still see advertisements. Additionally, many network advertising programs allow you to view and manage the interest categories they have compiled from your online browsing activities. These interest categories help determine the types of targeted advertisements you may receive. For example, the DAA Opt-Out Page provides a tool that identifies its member companies that have cookies on your browser and provides links to those companies.
Marketing. We may use information we collect for marketing purposes, such as providing you with promotional materials that may be useful, relevant, valuable or otherwise of interest to you, in accordance with your marketing preferences. Where required under applicable law, we will obtain your prior opt-in consent to send you electronic marketing communications. You will have the ability to opt-out of receiving any such communications, either through unsubscribe links provided in the messages, by updating your account preferences, or by contacting us using the contact details provided under the "Contact Information" section below.
Notice Concerning Do Not Track. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with meaningful choices about the information collected on our website for third party purposes, and that is why we provide the variety of opt-out mechanisms listed above. However, we do not currently recognize or respond to browser initiated DNT signals. Learn more about Do Not Track. Please note that Do Not Track is a different privacy mechanism than the Global Privacy Control browser choice referenced below.
We may disclose your information in a variety of circumstances in connection with the operation of our business:
The Services contain links to and integrate with websites and services provided by third parties, including without limitation Developers and Platform Customers (where applicable). Any information you provide on third party sites or services is provided directly to that third party and is subject to that third party's policies, if any, governing privacy and security. We are not responsible for the content or privacy and security practices and policies of third party sites or services to which links are displayed on the Services. We encourage you to learn about third parties’ privacy and security policies before providing them with your information.
If you use AppHelp and use specific cybersecurity programs that make cybersecurity software available on an ongoing basis (as opposed to during a support session), then your personal information is processed by Bitdefender. For more information, please see https://www.appdirect.com/legal/monetization/apphelp-privacy-notice.
AppDirect utilizes a combination of physical, technical, and organizational security measures designed to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access. However, the Internet is not a fully secure environment, and we cannot ensure or warranty the security of any information transmitted to or generated by AppDirect in connection with the Services or any other service offered by AppDirect. You play a critical role in protecting your information by maintaining up-to-date computer security protections. Steps you take to ensure the security of your computer, computer passwords, or other personal identifier authentication mechanisms are key components of the protection of your personal information. You agree that you are responsible for any additional verification procedures and security you deem necessary.
We will retain your information for as long as necessary to provide the Services and for the other purposes set out in this Notice. We also store information when necessary to comply with contractual and legal obligations, when we have a legitimate interest to do so (such as improving and developing our Services, and enhancing the safety, security, and stability of our Services). We may also store your information in order to defend or ascertain our legal rights, respond to valid legal requests, in the context of a merger/acquisition or in order to implement our Terms.
In all cases, in addition to the purposes, we consider the amount, nature and sensitivity of the personal data, as well as the potential risk of harm from unauthorized use or disclosure of your personal data, in determining how long to retain personal data.
The Services are intended for general audiences and not for children under the age of 16. If we become aware that we have collected “personal information” (as defined by the United States Children’s Online Privacy Protection Act) from children under the age of 16 without legally valid parental consent, we will take reasonable steps to delete it as soon as possible. We do not knowingly process data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible. We also comply with other age restrictions and requirements in accordance with applicable local laws.
We respect your right to make choices about the ways we collect, use, and disclose your information.
Your legal rights. Applicable law (such as the GDPR) may give you various rights regarding your information. If these rights apply to you, they may permit you to request that we:
We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation.
To exercise any of these rights, please contact us using the contact details provided under the “Contact Information” section below. We may request you provide us with information necessary to verify your identity before responding to your request as required or permitted by applicable law, such as your name, email address, and account information.
You may be able to designate an authorized agent to make requests on your behalf. In order for an authorized agent to be verified, you must provide the authorized agent with signed, written permission to make such requests or a power of attorney. We may also follow up with you to verify your identity before processing the authorized agent’s request as permitted by applicable law.
You have the right to complain to a data protection authority about our collection and use of your personal information. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.
Marketing. You may instruct us not to use your contact information to contact you by email, postal mail, or phone regarding products, services, and promotions that might appeal to your interests through unsubscribe links provided in the messages, by updating your account preferences, or by contacting us using the contact details provided under the "Contact Information" section below.
Please note that, regardless of your request, we may still use and disclose certain information as permitted by this Notice or as required by applicable law. For example, you may not opt out of certain operational emails, such as those reflecting our relationship or transactions with you.
Please revisit this page periodically to stay aware of any changes to this Privacy Notice, which may be revised from time to time at AppDirect's sole discretion. If we modify the Privacy Notice, we will make it available through the Services, and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder, we will notify you as may be required by law. By continuing to access and use the Services, you are confirming that you have read and understood the latest version of this Policy. If you do not agree with any changes to the Privacy Notice, you may terminate your account ceasing use of the Services.
Our amended Privacy Notice will automatically take effect 30 days after it is made available through the Services.
If you have any questions, concerns or complaints regarding the use or disclosure of your information or if you would like to review, delete or update information we have about you or your preferences, you can contact us at privacy@appdirect.com.
a. Information For California Residents
This section applies only to “personal information” about California residents, as that term is defined in the California Consumer Privacy Act (“CCPA”), and it supplements the information in the rest of our Privacy Notice. Data about individuals who are not residents of California may be handled differently and is not subject to the same California rights described below. This section does not apply to personal information we collect from employees or job applicants in their capacity as employees or job applicants.
CCPA Categories Of California Personal Information We Collect. Throughout this Notice, including the “Information We Collect” section, we discuss in detail the specific pieces of personal information we collect from and about our users. Under the CCPA, we are also required to provide you with the CCPA “categories” of personal information and sensitive personal information we collect. The categories we collect are: identifiers (such as name, address, email address); commercial information (such as transaction data); financial data (such as credit card information); internet or other network or device activity (such as browsing history or IP address); location information (e.g., your city and state based on IP address or precise location, with your consent); professional or employment related data; audio information (e.g., call recordings if you don’t opt out); and other information that identifies or can be reasonably associated with you. We also may collect certain categories of information that you choose to disclose as part of your use of the Services. The categories of sensitive personal information are account log-in and password, financial data, or other credentials allowing access to your account.
How We Use These Categories of Personal Information. We and our vendors may use and disclose all of the personal information we collect for the purposes described in this Notice, and in accordance with our disclosures in the “How We Use Your Information” section above.
This includes the following business and commercial purposes (as those terms are defined in applicable law):
We collect the categories of personal information identified above from the following sources: (1) directly from you; (2) through your use of the Services; (3) affiliates; and (4) third parties such as advertisers, Platform Customers, Developers, referral or reseller partners.
How We Disclose These Categories of Personal Information. We describe our information sharing practices in the “How We Disclose Your Information” section above. We may disclose certain categories of personal information with third parties (as defined by the CCPA) for business purposes. For example, we may disclose identifiers and commercial information with Platform Customers and Developers.
Your California Privacy Rights. If you are a California resident, the CCPA allows you to make certain requests about your personal information. Specifically, the CCPA allows you to request us to:
You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right not to be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the Services to you. If you ask us to delete it, you may no longer be able to access or use the Services.
If you would like further information regarding your legal rights under California law or would like to exercise any of them, please contact us at privacy@appdirect.com. You will need to provide us with information sufficient to verify your identity before we can satisfy your request. To do so, you will need to provide us with certain information regarding yourself and/or your usage of the Services, such as name, email address, and account information. You may also designate an authorized agent to make a request on your behalf. To do so, you need to provide us with written authorization or a power of attorney for the agent to act on your behalf. You will still need to verify your identity directly with us.
“Sharing” and “Selling” Information. The CCPA requires businesses that “sell” personal information, as the term “sell” is defined under the CCPA, to provide an opt-out from such sales. Some people have taken the position that when a website uses third parties’ cookies or similar technology for its own analytics or advertising purposes, the website is engaged in a “sale” under the CCPA if the third parties have some ability to use, disclose or retain the data to improve their service or to take steps beyond the most narrowly drawn bounds of merely providing their service to the website/app. Some take this position even when the website pays the third party (not vice versa), and in most cases merely provides the third party with an opportunity to collect data directly, instead of providing personal information to the third party. As part of these analytics and advertising services, these technologies may access identifiers (like IP addresses), internet or other electronic network activity information (like information regarding an individual’s browsing interactions on our Site), and commercial information (like the fact that a browser visited a page directed to people who are considering purchasing the Services) to those sorts of companies. While we do not believe these are “sales” as that term is defined under the CCPA, you can opt out of this activity by visiting your cookie settings on our website to manage your preferences.
The CCPA also requires businesses that "share“ personal information to provide an opt out from such sharing. Under the CCPA,” sharing” is defined as the targeting of advertising to a consumer based on that consumer’s personal information obtained from the consumer’s activity across websites. We may “share” information for these purposes to provide more relevant and tailored advertising to you regarding our Services. As part of this advertising, we may "share“ identifiers (like IP addresses and email addresses), internet or other electronic network activity information (like information regarding an individual’s browsing interactions on our Site), and commercial information (like the fact that a browser visited a page directed to people who are considering purchasing the Services) with advertising platforms and advertising networks. To opt out of such “sharing,” please visit your cookie settings on our website to manage your preferences.
Please note that we also respond to and abide by opt-out preference signals sent through the Global Privacy Control. Any opt out preferences you have exercised through these methods will only apply to the specific device/browser on which you made them. For more information on how to use the Global Privacy Control, see www.globalprivacycontrol.org.
We do not knowingly “sell” or “share” the personal information of children under 16. We will only “sell” or “share” such personal information if we receive express consent to do so from those aged 13 to 16 years of age.
Sensitive Personal Information. The CCPA also allows you to limit the use or disclosure of your “sensitive personal information” (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.
Data Retention. Please see the “Data Retention” section above.
California “Shine the Light” Disclosure
The California “Shine the Light” law gives residents of California the right under certain circumstances to opt out of the disclosure of certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not disclose your personal information with third parties for their own direct marketing purposes.
b. Information for Brazil
This section applies to personal data processing activities under Brazilian law. If you are a resident of Brazil, you may have certain rights. Brazilian law may permit you to request that we:
To exercise your rights, please contact us at privacy@appdirect.com. You may be required to verify your identity before we fulfill your request. To do so, you will need to provide us with certain information regarding yourself and/or your usage of the Services, such as your name, email address, and account information.
c. Information For International Users
Please note that in providing services to you, we may subcontract the processing of your data to, or otherwise disclose your information to, other members within the AppDirect group, trusted vendors, and trusted business partners in countries other than the country in which the information was originally collected, including the United States of America. Such third parties may be engaged in, among other things, the provision of the Services to you, the processing of transactions and/or the provision of support services.
Where required, we will use appropriate safeguards for transferring data outside of the EEA. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these safeguards, please contact us as at privacy@appdirect.com.