Effective Date: 8/30/19
- The Information We Collect
- How We Use Your Information
- Legal Bases for Use of Your Information
- Cookies and Similar Technologies
- Online Analytics
- How We Share and Disclose Your Information
- Information About Raftr Pro and Raftr Enterprise
- Retention of Your Information
- Your Rights and Choices
- Third Party Links and Features
- Children’s Privacy
- International Users
- How We Protect Your Information
- Contact Information
THE INFORMATION WE COLLECT
We obtain a variety of information from and about you as you use the Services. Please note that we need certain types of information so that we can provide the Services to you. If you do not provide us with certain information, or ask us to delete it, you may no longer be able to access or use our Services. For example, if you are a customer but do not provide us with your billing information, we won’t be able to fulfill your orders.
- Information You Provide to Us
Raftr collects information directly from you through your use of our Services. For example, Raftr collects information from you through:
- Your account registration and administering your account
- Processing your orders
- Communicating with you and listening to your feedback
- Your participation in Raftr sweepstakes, contests, or research
- Your reviews, comments, and other posts to our Services
- Your requests for customer support and technical assistance
We will collect any information that you provide to us through your use of the Services. To use the Services, we need to collect at a minimum your name, your university email address (we require that you use the email address given to you by your university in order to gain access to your campus’ private Raftr ecosystem), and your class year. After creating an account, you will also have the option to add additional information to your profile. Information you can add after creating your account includes, but is not limited to: a biography, profile picture, your user handles for other social media platforms.
- Information We Collect Through Automated Means
- Usage Data. We collect and analyze information about how you use our Services. This information includes the dates and times you access our Services, which features you use and which pages you visit, the type of browser through which you access our Services, the content that you upload or post to our Services, error logs and other system activity, and the websites or applications through which you access our Services.
- Device Data. We collect and analyze information about the device(s) you use when you access our Services. This information includes your IP address, your coarse (city-level) location, information about your device’s hardware, the operating system on your device and the version of that operating system, your language preferences, unique device identifiers, advertising identifiers, and information about the mobile network you use.
- Information We Collect from Others
We may also receive additional information, such as demographic and statistical information, from third parties, such as business partners, marketers, researchers, analysts, and other parties that we may attribute to you based on your assignment to certain statistical groups.
HOW WE USE YOUR INFORMATION
We and our service providers use the information described above to:
- Administer your account, including to process your registration and verify your information
- Provide, manage, and improve the Services, such as by composing your Posts and Events feed, populating your Messages tab, and rendering the Explore page
- Provide you with updates and information about your orders, purchases, or deliveries
- Respond to your requests for information and provide you with more effective and efficient customer service
- Conduct internal business operations in support of our Services, such as auditing, security, resolving crashes, preventing fraud, invoicing and accounting, sales and marketing, analytics, and research and development
- Contact you by email regarding Raftr and third-party products, services, surveys, research studies, promotions, special events, and other subjects that we think may be of interest to you
- Customize content on the Services, such as by generating recommendations of content you might be interested in
- Comply with the laws, regulations, and other legal process and procedures
- Establish, exercise, or defend our legal rights
- Take steps that we reasonably believe to be necessary to protect the safety, security, and rights of Raftr, its employees, service providers, and others.
We may also aggregate and/or anonymize any information collected through the Services in such a way that we cannot reasonably link information to you or your device. We may use such aggregate or anonymous information for any purpose, including without limitation for research and marketing purposes.
LEGAL BASES FOR USE OF YOUR INFORMATION
Some countries require that companies only process your “Personal Data” (as that term is defined in the EU General Data Protection Regulation) if they have a “legal basis” (or justifiable need) for processing your Personal Data. To the extent those laws apply, our legal bases for processing Personal Data are as follows:
- Where your Personal Data is necessary for our legitimate interests or the legitimate interests of others. For example, we will process your Personal Data to provide security for our Services; operate our business and our Services; comply with legal requirements and defend our legal rights; and prevent fraud).
- Where use of your Personal Data is necessary for us to comply with our legal obligations. For example, we will process your Personal Data to comply with tax laws.
- Where we have your consent. For example, where a country requires that we obtain your consent before directly marketing to you, we will process your Personal Data on the basis of your consent.
COOKIES AND SIMILAR TECHNOLOGIES
To collect the information in the “Information We Automatically Collect” section above, we and our service providers use Internet server logs, cookies, tags, tracking pixels, and other similar tracking technologies. We use these technologies in order to offer you a more tailored experience in the future by understanding and remembering your particular browsing preferences.
- A web server log is a file where website activity is stored.
- A cookie is a small text file that is placed on your computer or mobile device when you visit a website, and it enables us to: (i) recognize your computer; (ii) store your preferences and settings; (iii) understand the web pages of the Services you have visited; (iv), enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests; (v) perform searches and analytics; and (vi) assist with security and administrative functions. Cookies are placed in your browser cache.
- Tracking pixels (sometimes referred to as web beacons or clear GIFs) are tiny electronic tags with a unique identifier embedded in websites, online ads, and/or email that are designed to: (i) collect usage information like ad impressions or clicks and email open rates; (ii) measure popularity of the Services and associated advertising; and (iii) access user cookies.
As we adopt additional technologies, we may also gather information through other methods.
Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). Please note that by blocking, disabling, or managing any or all cookies, you may not have access to certain features or offerings of the Services.
We may use third-party web analytics services (such as those of Google Analytics and MixPanel) on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here. To opt out of analytics by MixPanel, please click here.
If you receive email from us, we may use certain analytics tools, such as clear GIFs to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.
HOW WE SHARE AND DISCLOSE YOUR INFORMATION
We and our service providers will share your information in the following ways:
- Service Providers. We provide access to or share your information with select third parties who perform services on our behalf, such as billing, sales, marketing, product content and features, advertising, analytics, research, customer service, delivery, data storage, security, fraud prevention, and legal services.
- Business Transfers. As we continue to develop our business, we may buy, merge, or partner with other companies. In such transactions, (including in contemplation of such transactions) user information may be among the transferred assets. If a portion or all of our assets are sold or transferred to a third-party, customer information (including your email address) would likely be one of the transferred business assets. If such transfer is subject to additional mandatory restrictions under applicable laws, Raftr will comply with such restrictions.
- Your Consent. If you have consented to our sharing of your information, we will also share your information consistent with your consent.
From time to time, Raftr may share aggregate or anonymous information about use of the Services, such as by publishing a report on usage trends. We may share or disclose such aggregate or anonymous information freely in our discretion.
INFORMATION ABOUT RAFTR PRO AND RAFTR ENTERPRISE
Some campuses have a paid subscription to a suite of tools and services called ProRaftr. These tools and services are primarily geared towards increasing efficiency for departments that post frequently.
Universities with ProRaftr subscriptions will receive copies of flagged content report in the following circumstances:
- If the flagged content was posted on a Pro Raft managed by the university, the university will get a copy of the flag report.
If you are unsure whether your university is a ProRaftr campus, please contact us at email@example.com to find out.
Additionally, some Enterprise universities may support either automated account creation or Single Sign On (SSO) via their internal authentication or credentialing system. In this case, we may retrieve some information (such as your name, email address, and possibly club affiliations) from the university, instead of from you directly. Any information we retrieve from the university will be editable by you, or you can contact us at firstname.lastname@example.org if there is a mistake that you would like to rectify. In the instances when we collect data directly from a university, it is done so to further improve the continuity of your experience on Raftr. All of your rights as outlined above still apply.
If you are unsure whether your university is an Enterprise campus, please contact us at email@example.com to find out.
RETENTION OF YOUR INFORMATION
We keep your information for no longer than necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and/or as required to comply with applicable laws.
YOUR RIGHTS AND CHOICES
- Opting Out of Marketing Communications
If we send you marketing email messages, they will include instructions about how to unsubscribe, which you can use to limit or stop those communications. Opt-out processes may take some time to complete, but we will work to meet your request as quickly as possible. Please note that even if you opt out of receiving promotional messages from us, we will continue to send you transactional and operational emails, such as order confirmations, information about updates to our policies and practices, or other communications regarding our relationship or transactions with you.
- Individual Rights
The law of your jurisdiction (for example, within the European Economic Area (“EEA”)) may give you additional rights to request access to, correction of, or deletion of certain Personal Data we handle. In some cases, you may be entitled to receive a copy of the Personal Data in portable form or to request that we share it with a third party. The law may also give you the right to request restrictions on the use of your Personal Data, to object to our use of your Personal Data, or to withdraw your consent to use your Personal Data. You can exercise these rights by emailing us at firstname.lastname@example.org.
You may contact us with any concerns or complaints regarding our privacy practices, and you also may submit a complaint to the relevant governmental authority.
We will consider all requests and provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. As required or permitted by applicable law, we may request that you provide us with information necessary to confirm your identity or otherwise verify your request before responding.
- Privacy Rights for California Residents
The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the manner in which we share certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share personal information with third parties for their own marketing purposes.
THIRD-PARTY LINKS AND FEATURES
The Services contain links to third-party websites and third-party plug-ins and may allow you to integrate with third-party services. If you choose to use these websites, features, or plug-ins, you may disclose your information not just to those third parties, but also to their users and the public more generally depending on how their services function.
The Services are intended for general audiences and not for children. If we become aware that we have collected “personal information” (as defined by the United States Children’s Online Privacy Protection Act) from children under the age of 13 without parental consent, we will take reasonable steps to delete it as soon as possible. We also do not knowingly process Personal Data of EU residents under the age of 16 without parental consent. If we become aware that we have collected data from an EU resident under the age of 16 without parental consent, we will take reasonable steps to delete it as soon as possible. We also comply with other age restrictions and requirements in accordance with applicable local laws.
Please note that in providing services to you, Raftr is located in the United States and processes your data in the United States. In addition, Raftr may subcontract the processing of your data to, or otherwise share your data with, service providers and trusted business partners in countries other than your country of residence, including the United States, in accordance with applicable law. Such third parties may be engaged in, among other things, the provision of Services to you, the processing of transactions, and/or the provision of support services. By providing us with your information, you acknowledge any such transfer, storage, or use.
Please note that Raftr does not require users to submit any special categories of data about themselves, including information about race, religion, political preferences, or other potentially sensitive subjects (as further described in Article 9 of the EU General Data Protection Regulation).
However, it is possible that your activity within the Services could result in you disclosing such information about yourself voluntarily. Examples include uploading a photo of yourself (which may divulge information about your race) or joining politically-themed rafts. We make no effort to infer any information about you based on such activity in Raftr, and by voluntarily choosing to submit such data, you give your explicit consent to this data being submitted to the Services.
HOW WE PROTECT YOUR INFORMATION
We take measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure, or access. However, no method of transmission over the internet, and no means of electronic or physical storage, is absolutely secure. By using our Services, you acknowledge and accept that we cannot guarantee the security of your information transmitted to, through, or on our Services and that any such transmission is at your own risk.
3020 Issaquah-Pine Lake Rd.
Sammamish, WA 98075