OpenRegulatory Formwork is committed to protecting your privacy. This Privacy Notice informs you how OpenRegulatory Formwork collects, uses, secures and shares your information (“Personal Data”, as defined under the applicable law) collected by us when you interact with us in the following ways (“Interactions”):
If you are a OpenRegulatory Formwork customer that uses the Service, please review the Service’s Privacy Notice. Personal Data does not include information that has been anonymized or aggregated so the information cannot be traced to a specific individual. If you do not feel comfortable with any part of this Privacy Notice, please cease your Interactions with us.
Please note that our website may include links to other organizations’ websites whose privacy practices may differ from those of OpenRegulatory Formwork. If you submit Personal Data to any of those sites, your information is governed by their privacy notices. We encourage you to carefully read the privacy notices of any website you visit.
This Privacy Notice may change from time to time. If we make a change to this Privacy Notice that we believe materially affects how we process your Personal Data, we will provide notice of such change on our website. By continuing your Interactions after those changes become effective, you accept the provisions of our revised Privacy Notice.
In addition, we may provide you with “just-in-time” disclosures or additional information about the data collection, use and sharing practices. These notices may provide more information about our privacy practices, or provide you with additional choices about how we process your Personal Data. The notices and information are subject to this Privacy Notice unless specifically indicated otherwise in the notice.
Except as described in this Privacy Notice, OpenRegulatory Formwork will not give, sell, rent or loan any Personal Data to any third party. We may collect and process the following Personal Data in connection with our Interactions with you:
Personal Data You Voluntarily Provide. We will collect Personal Data when you voluntarily provide it to us (including to our service providers or other parties who collect it on our behalf). The Personal Data we collect may include contact information (such as your name, address, telephone number or email address), professional information (such as your job title, department or job role), and contact preferences.
Log Data. When you use the Service, we automatically record information from your device, its software, and your activity using the Service (“Log Data”). This may include the device’s Internet Protocol (“IP”) address, browser type, the web page visited before you came to our website, information you search for on our website, locale preferences, identification numbers associated with your devices, your mobile carrier, date and time stamps associated with transactions, system configuration information, metadata concerning your Files, and other interactions with the Service. We may use your IP address to identify the general geographic area from which you are accessing the website. While an IP address may reveal your ISP or geographic area, we cannot determine your identity solely based upon your IP address.
Location Data. We may collect geolocation and proximity of your device if location services are enabled on your device ((e.g., GPS-based functionality on mobile devices used to access our website), and may use that information to customize the Interactions with location-based information and features. If you access our website through a mobile device and you do not want your device to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device, provided your device allows you to do this.
Cookies. We use “cookies” to collect information and improve our Interactions with you. A cookie is a small data file that we transfer to your device. We may use “persistent cookies” to save your registration ID and login password for future logins to our website, such as, to register for webinars. We may use “session ID cookies” to enable certain features of the Service, to better understand how your Interactions with us and to monitor aggregate usage and web traffic routing on our website. For more information on how we use Cookies and similar technologies, please see our Cookie Policy.
We collect information about you from the following third-party sources:
Third-Party Services. You may choose to register events sponsored by our partners where we will share your information with our marketing partners. To engage in marketing activities, we may collect Personal Data disclosed by you on message boards, chat features, blogs and other services or platforms to which you are able to post information and materials (including third party services and platforms). We process such information to better understand you, to maintain and improve the accuracy of the information we store about you, and to better promote or optimize our Interactions with you, including providing information about our Service.
Your Personal Data may be used for the following purposes:
Respond to Requests. We may process your Personal Data when you contact us, such as with questions, concerns, feedback, disputes or issues, to respond to your request or provide information requested by you. We share this information with third parties upon your request, or our service providers or partners to the extent necessary to facilitate the Interactions. Without your Personal Data, we cannot respond to you or ensure your continued use and enjoyment of the website.
Ensure the Security of the Service. We are committed to ensuring your safety and continued enjoyment of our website. To do so, we may process your Personal Data to help monitor, prevent and detect fraud, enhance security, monitor and verify identity or access, and combat spam or other malware or security risks. combat spam, malware, malicious activities or security risks; improve and enforce our security measures; and to monitor the security of our website.
Facilitate and Evaluate Use of the Online Properties. We may use your Personal Data to provide you with the online services, to facilitate your use of the online services (such as facilitating navigation and the login process, preserving information between sessions and enhancing security), to improve quality, to evaluate page response rates and determine content.
Improve the Accuracy of our Records. We may use the Personal Data we receive from you or third parties to better understand you and/or maintain and improve the accuracy of the records we hold about you.
Post Testimonials. We may use Personal Data to post testimonials on our website. Prior to posting a testimonial, we will obtain your consent to use your name and testimonial. You can request your testimonial be updated or deleted at any time by sending a request with your name, testimonial location and contact information.
Personalize your Experience. We may provide you plugins, and other options to personalize your experience. We also may use cookies and similar tracking technology for such purposes – please see our Cookie Policy for more information. By personalizing our Interactions, it enables to more easily use our website because we keep track of your preferences (e.g. your language selection, your time zone, etc.). Without processing your Personal Data for such purposes, you may not be able to access or personalize part or all of our Interactions.
Marketing: We may use information we obtain from you, your interactions with OpenRegulatory Formwork and our website, and from third party sources to provide you with marketing and promotional communications, to deliver targeted and relevant advertising and marketing to you, to determine the effectiveness of our marketing and promotional campaigns, to better understand you and your preferences, and to position and promote our Services. Our marketing will be conducted in accordance with your advertising / marketing preferences and as permitted by applicable law.
Quality Control and Training. OpenRegulatory Formwork may use or access Personal Data for the purposes of quality control related to the website and staff training.
Other Legitimate Business Purposes. We may use your Personal Data when it is necessary for other legitimate purposes such as protecting OpenRegulatory Formwork’s confidential and proprietary information.
If, in the future, we use your Personal Data in any way that is not described in this Privacy Notice, we will disclose this to you. At that time, you can choose not to allow us to use your Personal Data for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your consent. If you choose to limit the ways we can use your Personal Data, some or all of the website may not be available to you, and we may not be able to interact with you.
We only disclose your Personal Data to those who really need access to perform their tasks and third parties who have a legitimate purpose for accessing it. We may share Personal Data with third parties in the following situations:
Service Providers, Business Partners and Others. We may share your Personal Data with third parties, such as vendors, consultants, agents and other service providers who work on our behalf. Examples include vendors and service providers who provide assistance with marketing, billing, processing credit card payments, data analysis and insight, technical support and customer service. Unless described in this Privacy Notice, we do not share, sell, rent, or trade any of your Personal Data with third parties for their own promotional purposes.
Compliance with Laws and Law Enforcement Requests; Protection of OpenRegulatory Formwork’s Rights. We may use or disclose Personal Data stored in your OpenRegulatory Formwork account and other Personal Data about you to third parties when we have a good faith belief that disclosure is reasonably necessary to: (a) comply with a law, regulation or legal requests including to meet national security or law enforcement requirements; (b) protect the safety of any person from death or serious bodily injury; (c) prevent fraud or abuse of OpenRegulatory Formwork or its user, or (d) protect OpenRegulatory Formwork’s property rights.
Vital Interests: We may disclose information when we believe it necessary to protect the vital interests of any person.
Business Transfers. If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction, but we will notify you (for example, via email and/or a prominent notice on our website) of any change in control or use of your Personal Data, or if either become subject to a different Privacy Notice. We will also notify you of choices you may have regarding the information.
Optional automatic generation of technical documentation: You can automatically generate drafts of your technical documentation with Formwork. For that purpose, your short intended use and other related items are submitted to OpenAI LP. This process is optional and explicit - no data is transferred by default, only when you click "auto-generate". As an example, if you click "auto-generate" in the software requirements section of Formwork, your short intended use and software requirements (for the same product) will be submitted to OpenAI to generate more software requirements.
With Your Consent: We may disclose your Personal Data for any purpose with your consent.
If you sign up to receive marketing or informational announcements from us, such emails will include the capability to opt-out of receiving such e-mails in the future. Marketing and informational announcements include any communications to you that are only based on advertising or promoting products and services. Transactional communications about an Interaction, or our Services are not considered “marketing” or “informational” communications.
If you Interact with us or provide your Personal Data to us, your Personal Data may be transferred to, processed and maintained on servers or databases located outside of the country or jurisdiction where you are located. Such countries or jurisdictions may have data protection laws that are less protective than the laws of the jurisdiction in which you reside. If you do not want your Personal Data transferred to or processed or maintained outside of the country or jurisdiction where you are located, you should not use this website, our resources, or the Services.
The security of your Personal Data is important to us. We employ appropriate technical and organizational measures to ensure a level of security that is appropriate for our Interactions with you. We follow generally accepted standards to protect the Personal Data submitted to us, both during transmission and once we receive it. No method of electronic transmission or storage is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our website, you can contact us at hello@openregulatory.com.
If you would like to correct or update the Personal Data you provided to us in relation to our Interactions with you or in connection with our Service, please contact hello@openregulatory.com. We will use responsible efforts to respond to your inquiry as soon as practicable. When updating your Personal Data, we may ask you to verify your identity before we can act on your requests.
Individuals located in the European Economic Area, Switzerland, or the United Kingdom during data collection, or that are California residents should refer to the relevant sections below for more information about their access, correction and other rights in relation to their Personal Data.
We may retain and use your Personal Data as necessary to comply with our legal obligations, or resolve disputes. Consistent with these requirements, we will try to delete your Personal Data within the time limits imposed by applicable law, if any upon request. When we have no justifiable business need to process your Personal Data, we will either delete or anonymize it, or, if this is not possible (for example, because your Personal Data has been stored in backup archives), then we will securely store your Personal Data and isolate it from any further processing until deletion is possible.
While retention requirements can vary by country, we generally apply the retention periods noted below.
Marketing. We store Personal Data used for marketing purposes indefinitely until you unsubscribe. Once you unsubscribe from marketing communications, we add your contact information to our suppression list to ensure we respect your unsubscribe request.
Web Behavior Data. We retain any information collected via cookies, clear gifs, flash cookies, webpage counters and other technical or analytics tools up to one year from expiry of the cookie or the date of collection.
Our website and Services are not directed to persons under 18. We do not knowingly collect Personal Data from children under 18. Any individuals under the age of 18 must have consent to Interact with us or use the Services from their parent or guardian. If a parent or guardian becomes aware that his or her child has provided us with Personal Data without their consent, he or she should contact us at hello@openregulatory.com. If we become aware that a child under 18 has provided us with Personal Data, we will take steps to delete such information from our files.
This section only applies to Interactions with individuals who are in the European Economic Area, United Kingdom or Switzerland (collectively, the “Designated Countries”) at the time of data collection.
We may ask you to identify which country you are in when you Interact with us, or we may rely on your IP address to identify which country you are located in. When we rely on your IP address, we cannot apply the terms of this section to any individual that masks or otherwise hides their location information from us so as not to appear located in the Designated Countries. If any terms in this section conflict with other terms contained in this Notice, the terms in this section shall apply Designated Countries users.
OpenRegulatory Formwork is a data controller with regard to any Personal Data collected from users pursuant to an Interaction. A “data controller” is an entity that determines the purposes and the manner in which the Personal Data is processed. Any third parties that handle your Personal Data in accordance with our instructions are our service providers and are “data processors.” You are a “user.” Users are individuals providing Personal Data to us via an Interaction, such as signing up for our newsletter(s), or otherwise accessing or using our resources that we provide.
Marketing. We will only contact individuals located in the Designated Countries by electronic means (including email or SMS) based on our legitimate interests, as permitted by applicable law, or the individual’s consent. To the extent we can rely on legitimate interest under the applicable law, we will only send you information about our Services and other materials that are similar to those which were the subject of a previous Interaction with you. If you do not want us to use your Personal Data in this way please go to the email settings for your account to opt out, click an unsubscribe link in your emails, or contact us at hello@openregulatory.com. You can object to direct marketing at any time and free of charge.
Additional Privacy Rights. We provide you with the rights described below when you Interact with us. We may limit these privacy rights requests (a) where denial of access is required or authorized by law, (b) when granting access would have a negative impact on others’ privacy, (c) to protect our rights and properties, or (d) where the request is frivolous or burdensome. If you would like to exercise your rights under applicable law, please contact us at hello@openregulatory.com. We may seek to verify your identity when we receive your privacy rights request to ensure the security of your Personal Data.
Right to withdraw consent.For any consent-based processing of your Personal Data, you have the right to withdraw your consent. A withdrawal of consent will not affect the lawfulness of our processing or the processing of any third parties based on consent before your withdrawal.
Right of access/right of portability.You may have the right to access the Personal Data that we hold about you, and in some limited circumstances, have the Personal Data provided to you so that you can provide that Personal Data to another controller.
Right to rectification. You may request to correct any of your Personal Data in our files.
Right to erasure. In certain circumstances, you may have a right to the erasure of your Personal Data that we hold on you.
Right to restriction.You have the right to request that we restrict our processing of your Personal Data win certain circumstances.
Right to object to processing.You have the right to object to our processing at any time and as permitted by applicable law if we process your Personal Data on the legal bases of: consent; contract; or legitimate interests. We may continue to process your Personal Data if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law.
Notification to third parties. When we fulfill your individual rights requests for correct (or rectification), erasure or restriction of processing, we will notify third parties also handling the relevant Personal Data unless this proves impossible or involves disproportionate effort. Upon your request, we will identify such third parties.
Right to Lodge Complaint. In compliance with the Privacy Shield Principles, we commit to resolve complaints about our collection or use of your Personal Data. European Union and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact OpenRegulatory Formwork at hello@openregulatory.com.
If you have questions, or would like to exercise any of the above rights you may reach our Data Protection Officer (“DPO”) at hello@openregulatory.com.
Legal Bases for Processing Personal Data. Our legal bases for collecting and using the Personal Data described above will depend on the type of Personal Data collected, the specific context in which we collect it and the purposes for which it is used. We rely on the following legal bases under the European Union’s General Data Protection Regulation in processing your Personal Data.
If you have any questions or complaints about this Privacy Notice, please contact OpenRegulatory Formwork’s DPO at hello@openregulatory.com.