Last updated: Feb 2022
We process your personal information as set forth in this Policy or otherwise with your consent or as permitted or required by law. In case we base our Processing of your personal information on your consent, you may withdraw your consent at any time. However, withdrawing consent may result in our inability to continue providing you with some or all of the Services.
1. Information We Collect About You
We may collect information, including personal information (as defined by applicable privacy law), directly from you, or automatically through your use of the Services. We may combine certain information we collect from these various sources.
Information We Collect Directly from You.
We collect information (including personal information) from you directly as set out below.
Account and Registration Information. We collect personal information from you when you sign up for an account with us, including your name and email address. We may also ask or allow you to submit additional account information, such as your phone number, company name, location etc. You may browse parts of our Site without creating an account, however, if you would like to use Ayraa’s Services, we ask you to create an account.
Customer Support. We collect personal information you provide, when you submit a request through our Site, such as your email address, or if you otherwise contact our customer support services via email, phone, or chat, related to your enquiry or complaint. We keep a copy of such records in our customer files.
Newsletters and Updates. You can also sign up to receive emails and offers from us by submitting your name, email address, and zip code or area code. For information on how to opt-out of receiving newsletters and updates via email please see below.
Other Information We Collect Regarding Your Usage of Our Services. We collect personal information about your use of our Services, such as your purchase history, internal messages posted on our platform, engagement activities like Likes, Comments, etc. In this regard, our data collection is similar to a typical company intranet or social engagement service. We also collect information about your device & operating system to ensure compliance with the company IT & Security policy. In this regard, our data collection is similar to a typical MDM (Mobile Device Management) service companies use.
Information We Collect from Third-Party Sources We may also collect information about you from third parties, which we append to the information we have collected.
Information We Collect Automatically. We automatically collect information about you through your use of our Services, including log files, IP address, app identifier, advertising ID, location info, browser type, device type, domain name, the website that led you to our Services, the website to which you go after leaving our Services, the dates and times you access our Services, and the links you click and your other activities within the Services (“Usage Data”). If you authorize us to collect your geolocation information, we will collect it while our App is running on your device. You can disable our access to your location services by changing your device’s location settings. For more information please see the Cookie and Other Tracking Mechanisms Section further below.
2. Purposes and Legal Bases of Use
Certain laws, including the EU General Data Protection Regulation (“GDPR”), require that we inform you of the legal bases for our processing of your personal information. Pursuant to the GDPR (and other similar laws), we process personal information for the following legal bases:
Performance of Contract: as necessary to enter into or carry out the performance of a contract with you, for example creating your customer account and processing your payments, or with a company or other institutional customer.
Our Legitimate Business Interests: in furtherance of our legitimate business interests, which are not overridden by your interests and fundamental rights, including:
Performance of contracts with customers and other parties
Implementation and operation of support services for our business operations
Improving our Site and Services, developing reports, and similar purposes
Customer relationship management and improving our Site and Services, including other forms of marketing and analytics
Fraud detection and prevention, including misuse of Services
Physical, IT, and network perimeter security
Mergers, acquisitions, and reorganization, and other business transactions, including related negotiations
Compliance with Laws: for compliance with legal obligations and/or defense against legal claims, including those in the area of labor and employment law, social security, and data protection, tax, and other corporate compliance laws.
With your consent: where we have your consent - for example for some forms of direct marketing, or for the setting of certain cookies - (the GDPR (where it applies)) and other applicable laws give you the right to withdraw your consent, which you can do at any time by contacting us using the details set out at the end of this Policy.
Vital Interest: In addition, in rare cases we may process your personal information where necessary to protect the vital interests of any individual.
3. How We Use Your Information
Providing and Improving Services. To provide you with, maintain, and improve our Services; to develop new features, products, or services; to perform technical operations, such as updating software; to authenticate you as a valid user; to help train our Services to avoid false positives and bias; to prevent fraudulent activity on our platform; and for other customer service purposes. (Legal bases: performance of our contract with you; and/or our legitimate interests).
Responding to requests. To respond to your enquiries, fulfill your orders and requests. (Legal basis: performance of our contract with you).
Personalizing Content and Ads. We may use the information we collect about you to personalize the information and content we display to you, including to tailor the content and information that we may send or display to you, and to otherwise personalize your experiences while using Services, including providing you with more relevant ads. (Legal basis: our legitimate interests).
Marketing and Communications. We may use information about employees and other company personnel to communicate with you about your account and use of our Services; to send you product or service, updates; to respond to your inquiries; to provide you with news, special offers, promotions, and other information we think may interest you; and for other informational, marketing, or promotional purposes. Our communications with you may include communications via email. Please see our section regarding Your Choices for more information about how to change your communications preferences. If you are located in a jurisdiction that requires opt-in consent to receive electronic marketing messages, we will only send you such messages if you opt-in to receive them. (Legal bases: our legitimate interests; and/or with your consent).
Research and Analytics. To analyze how you interact with our Services; to monitor and analyze usage and activity trends; and for other research, analytical, and statistical purposes. (Legal basis: our legitimate interests).
Complying with legal obligations. To comply with the law or legal proceedings. For example, we may disclose information in response to subpoenas, court order, and other lawful requests by regulators and law enforcement, including responding to national security or law enforcement disclosure requirements. (Legal bases: our legitimate interests; and/or compliance with laws)
Related to our general business operations: to consider and implement mergers, acquisitions, reorganizations, and other business transactions, and where necessary to the administration of our general business, accounting, recordkeeping and legal functions. (Legal bases: our legitimate interests; and/or compliance with laws)
Aggregate, De-identified or Anonymous Data. We also create and use aggregate, anonymous and de-identified data to assess, improve and develop our business, products and services, and for similar research and analytics purposes. This information is not generally subject to the restrictions in this Policy, provided it does not identify and could not be used to identify a particular individual.
4. How We Disclose Your Information
In general, we disclose the personal information we collect as follows:
Affiliates. We may share your personal information with our affiliates, whose handling of personal information is subject to this Policy.
Service Providers. We may disclose the information we collect from you to our third-party vendors, service providers, marketing partners, third parties, contractors or agents who perform functions on our behalf so we can provide you with the Services. These may include companies who send emails to our customers and prospective customers; help us to track email response rates, views and forwards; to serve visitor advertisements and to provide advertisements about products of interest to them; and to collect data about how customers and prospective customers interact with our products over time.
Business Transfers. We may disclose information to another entity in connection with, including during negotiations of, an acquisition or merger, sale or transfer of our assets, a, bankruptcy proceeding or as part of any other similar business transfer, including during negotiations related to such transactions.
In Response to Legal Process. We also may disclose the information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
Aggregate and De-Identified Information. We may share aggregate or otherwise de-identified information about users with third parties for marketing, advertising, research or similar purposes.
Cookies. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Site and Services, while others are used to enable a faster login process or to allow us to track your activities at our Site and Service. There are two types of cookies: session and persistent cookies.
Disabling Cookies. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Site who disable cookies will be able to browse certain areas of the Site, but some features may not function. Please keep in mind that without cookies you may not have access to certain features of our products and services on this site, including access to your account or profile and certain personalized content.
Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Services to, among other things, track the activities of Site visitors, help us manage content, and compile statistics about Site usage. We and our third party service providers may also use clear GIFs in HTML e-mails to you, to help us track e-mail response rates, identify when our e-mails are viewed, and track whether our e-mails are forwarded.
Geolocation Information. We may use geolocation information for the purpose of administering our Services to you.
Do-Not-Track Signals. Our Site does not currently respond to do-not-track signals. For more information about do-not-track signals, please click here. You may, however, disable certain tracking as discussed in the Cookies and Other Tracking Mechanisms section above (e.g., by disabling cookies).
6. Interest-Based Advertising
We may work with third parties such as network advertisers to assist us in displaying advertisements on third-party websites, and to evaluate the success of our advertising campaigns. We may use information about your visit to our Site for these purposes; however, we do not use personal information collected from the Services for these purposes.
You may opt-out of many third-party ad networks, including those operated by members of the Network Advertising Initiative (“NAI”) and the Digital Advertising Alliance (“DAA”). For more information regarding this practice by NAI members and DAA members, and your choices regarding having this information used by these companies, including how to opt out of ad networks operated by NAI and DAA members, please visit their respective websites:
Opting-out of participating ad networks does not opt you out of being served advertising. You may continue to receive generic or “contextual” ads on our Services for example, based on the particular website that you are viewing (i.e., contextual advertising). You may also continue to receive targeted ads on other websites, from companies that do not participate in the above programs. Please note, that opt-out mechanisms are cookie based; so, if you delete cookies, configure your browser to block, or reject cookies or use another device, your opt-out will no longer be effective.
7. International Transfers
Ayraa, Inc. is headquartered in the United States of America and has operations and service providers in the United States and other jurisdictions. As such, we and our service providers may transfer your personal information to, or access it in, jurisdictions (including the United States, India, and Mexico) that may not provide levels of data protection equivalent to your home jurisdiction. We will take steps to ensure that your personal information receives an adequate level of protection in the jurisdictions in which we process it in accordance with applicable laws, including through appropriate written data processing terms and/or data transfer agreements.
If you are in the European Economic Area (“EEA”), and we process your personal information in a jurisdiction that the European Commission has deemed to not provide an adequate level of data protection (a “third country”), we rely upon legal measures to adequately protect your personal information, such as putting in place standard contractual clauses approved by the European Commission or another measure that has been approved by the EU Commission as adducing adequate safeguards for the protection of personal information when transferred to a third country. You have a right to obtain details of the mechanism under which your personal information is transferred outside of the EEA; you may request such details by contacting us as set forth in the “Contact us” section below.
8. Security of Your Personal Information
The security of your personal information is important to us. We have implemented a security program designed to protect the information we collect from loss, misuse, unauthorized access, disclosure, alternation, and destruction. However, no transmission over the Internet is 100% secure, and we cannot guarantee that our services will always be secure,.
We encourage you to help protect the security of your personal information. For instance, never give out your personal credentials when you are using the Services, so that other people will not have access to your personal information. Furthermore, you are responsible for maintaining the security of any personal computing device on which you utilize the Services. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.
9. Your Choices
Correcting or Deleting Personal Information. You may modify or delete certain of your personal information that you have submitted by logging into your account and updating your profile information, including your user name and password. Please note that we may retain certain information about you as required by law or as permitted by law for legitimate business purposes (e.g., in accordance with our record retention policies or to enforce our Terms of Service).
If you wish to make an access or correction request regarding your personal information, please contact the Privacy Director, as referenced below.
Opting out of Email Communications. We may send periodic promotional or informational emails to company users. You may opt-out of such communications at all times by following the opt-out instructions contained in the e-mail. Please note that it may take up to 10 business days for us to process opt-out requests. If you opt-out of receiving emails about recommendations or other information we think may interest you, we may still send you transactional e-mails, such as about your account or any Services you have requested or received from us.
10. Additional Rights for EEA individuals
According to the GDPR, individuals in the EEA have the below rights with respect to their personal information. Please note that your ability to exercise certain rights (objection; portability) will depend on the basis on which your personal information is processed (see section ii), and the exercise of all rights may be subject to exemptions or restrictions under applicable law – we will advise you if we rely on these. We may also need to ask you to provide evidence of your identity before complying with a request.
Right of access: You can ask us to: confirm whether we are processing your personal information; give you a copy of that information; provide you with other information about your personal information such as what data we have, what we use it for, who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it for, what rights you have, how you can make a complaint, where we got your information from and whether we have carried out any profiling, to the extent that such information has not already been provided to you in this Policy.
Right to rectify and complete personal information: You can ask us to rectify inaccurate information. We may seek to verify the accuracy of the data before rectifying it.
Right of erasure: You can ask us to erase your personal information, but only where: it is no longer needed for the purposes for which it was collected; you have withdrawn your consent (where the data processing was based on consent); following a successful right to object (see ‘Objection’ below); it has been processed unlawfully; or to comply with a legal obligation to which we are subject. We are not required to comply with your request to erase your personal information if the processing of your personal information is necessary: for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims. There are certain other circumstances in which we are not required to comply with your erasure request, although these two are the most likely circumstances in which we would deny that request.
Right of restriction: You can ask us to restrict (i.e., keep but not use) your personal information, but only where: its accuracy is contested, to allow us to verify its accuracy; the processing is unlawful, but you do not want it erased; it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; you have exercised the right to object, and verification of overriding grounds is pending. We can continue to use your personal information following a request for restriction, where: we have your consent; to establish, exercise or defend legal claims; or to protect the rights of another natural or legal person.
Right to object to our use of your personal information for direct marketing purposes: You can request that we change the manner in which we contact you for marketing purposes. You can request that we not transfer your personal information to unaffiliated third parties for the purposes of direct marketing or any other purposes.
Right to object for other purposes: You have the right to object at any time to any processing of your personal information which has our legitimate interests as its legal basis. You may exercise this right without incurring any costs. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms. The right to object does not exist, in particular, if the processing of your personal information is necessary to take steps prior to entering into a contract or to perform a contract already concluded.
Right to (data) portability: You can ask us to provide your personal information to you in a structured, commonly used, machine-readable format, or you can ask to have it ‘ported’ directly to another Data Controller, but only where our processing is based on your consent and the processing is carried out by automated means.
Right to withdraw consent: You can withdraw your consent in respect of any processing of personal information which is based upon a consent which you have previously provided.
Right to obtain a copy of safeguards: you can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside the EU/EEA. We may redact data transfer agreements to protect commercial terms.
Right to lodge a complaint with your local supervisory authority: You have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal information. We ask that you please attempt to resolve any issue with us first, although you have a right to contact your supervisory authority at any time.
Submitting a GDPR Request: please contact us as set out in the “Contact Us” section below to exercise one of these rights. If we receive any requests from individuals related to the Platform Data, we will forward the request to the relevant clients.
We will generally keep personal information only for as long as it remains necessary for the identified purposes for which it was collected or as authorized or required by law. We may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated data, account recovery, or if required by law. All retained personal information will remain subject to the terms of this Policy.
12. Changes to this Policy
This Policy is current as of the date set forth above. We may change this Policy from time to time, so please be sure to check back periodically. We will post any changes to this Policy on our Site. If we make any changes to this Policy that materially affect our practices with regard to the personal information we will endeavor to provide you with notice in advance of such change by prominently highlighting the change on our Site or make other appropriate notice to you.
13. Contact Us
If you have any questions, comments or concerns about the privacy aspects of our Services or would like to make a complaint, please contact:
3031 Tisch Way, Suite 110PW
San Jose, California 95128
1 (877) 297-2224 (ext. 2)