Espressive Privacy Policy

This Privacy Policy explains our practices regarding the collection, use and disclosure of information that we receive through our website, our mobile application (“App”) and our service platform (collectively, our “Services”). This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services.

Revisions to this Privacy Policy

Any information that is collected via our Services is covered by the Privacy Policy in effect at the time such information is collected. We may revise this Privacy Policy from time to time. If we make any material changes to this Privacy Policy, we’ll notify you of those changes by posting them on the Services or by sending you an email or other notification, and we’ll update the “Last Updated Date” above to indicate when those changes will become effective.

Collection and Use of Information

Information Collected or Received from You
Our primary goals in collecting information are to provide and improve our Services, to administer your use of the Services (including your User Accounts, if you are an Administrator), and to enable you to enjoy and easily navigate our Services.

Account Information. For the purposes of this Privacy Policy, “Administrator” means the person or persons at your company designated to oversee your company’s implementation of the Services (typically an employee in your IT department). “User” means a non-Administrator who accesses the Services through the Espressive account registration procedure effected by your Administrator. To access the Services, whether you are an Administrator or User, you will need to create an account (both types of accounts, an “Account”). There are two types of Accounts: User Accounts and Administrator Accounts. Once an employee account has been activated, either through the administrator or the HR system, we’ll collect (a) certain information that can be used to identify you, such as your name, email address, postal address and phone number (“PII”); and (b) other information such as your gender, as well as day and month of birth, that is not considered PII because it cannot be used by itself to identify you.

Instances. Information collected in Account creation for User Accounts is stored with your company’s instance of the Services (an “Instance”), and is fully accessible by your Administrator. Information within an Instance is not accessible to Espressive by default. However certain circumstances like troubleshooting may necessitate making some of this information available to Espressive at the discretion of your Administrator and Espressive.

Information Related to Use of the Services. Like many website owners and operators, we use automated data collection tools such as Cookies, Web Beacons and Log Data to collect certain information.

“Cookies” are small text files that are placed on your device by a Web server when you access our Services. We may use both session Cookies and persistent Cookies to identify that you’ve logged in to the Services and to tell us how and when you interact with our Services. We may also use Cookies to monitor aggregate usage and web traffic routing on our Services and to customize and improve our Services. Unlike persistent Cookies, session Cookies are deleted when you log off from the Services and close your browser. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don’t accept Cookies, you may not be able to access all portions or features of the Services. Some third-party services providers that we engage may also place their own Cookies on your device. Note that this Privacy Policy covers only our use of Cookies and does not include use of Cookies by such third parties.

“Web Beacons” (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that may be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services, to monitor how many visitors view our Services, and to monitor the effectiveness of our advertising. Unlike Cookies, which are stored on the user’s device, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).

“Log Data” means certain information automatically recorded by our servers about how a person uses our Services, including both Administrator and User Accounts. Log Data may include information such as a person’s Internet Protocol (IP) address, browser type, operating system, interactions with our chat bot (Barista), the web page that a user was visiting before accessing our website, the web pages or features of our Services to which a person browsed and the time spent on those pages or features, search terms, the links on our Services that a person clicked on, how our App is being used, and other statistics. We use Log Data to administer the Services and we analyze (and may engage third parties to analyze) Log Data to improve, customize and enhance our Services by expanding features and functionality and tailoring them to our Users’ needs and preferences. We may use a person’s IP address to generate aggregate, non-identifying information about how our Services are used.

Information Related to your Device. We collect certain information that your desktop, laptop, and mobile device send when you use our Services, like a device identifier, user settings, browser settings, operating system, other applications installed on your device, and information about your use of our Services.

Location Information. When you use our App, we may collect and store information about your location by converting your IP address into a rough geo-location or, with the user’s explicit permission, by accessing your mobile device’s GPS coordinates or coarse location if you enable location services on your device. This information is stored within your company’s instance and only shared with Espressive with your consent (such as when a support technician needs to access your individual runtime instance for troubleshooting).

General Information. Since our Services are designed to help you solve issues with your system, your company may elect to integrate its Instance and our Services with other services from your company (such as identity systems and human resources) and store several pieces of information which are not normally accessed or tracked by Espressive. Some information not listed as accessible herein may be nonetheless accessible where circumstances require or you authorize such access.

Natural Language Processing Phrases. Our Services are designed to help your employees get the answers to their questions or issues through our conversational virtual agent. Our artificial intelligent algorithms translate employee phrases into intent. Espressive collects these phrases in an anonymized fashion. However, responses from our virtual agent to your employees are stored within your company’s instance and not shared with Espressive.

System Access and Services Functionality. The Services are designed to be integrated with several other programs which enable you to share information with other Users and your Administrator. For example, you can import data from spreadsheets, HR systems, and third party programs for which the Services are specifically designed. Users can collaborate with other Users so long as they both belong to the same Instance (e.g., a user from “Company A” cannot collaborate through the Services with a user from “Company B”). All functionality of the Services and how they are accessed can be tracked and accessed by your Administrator.

Analytics Tools. We use the below analytics tools for our Services. Individual Users may also select to not have their data tracked by visiting the opt-out links of our third party providers. For details on these analytics services and how to opt out of their tracking of your website behaviors, please see below:

Rollbar. We use Rollbar to collect anonymized information about software defects, ensuring we can quickly identify and address software issues.

Google. We use Google Analytics, a service provided by Google, Inc. (“Google”), to gather information about how users engage with our Services. For more information about Google Analytics, please visit www.google.com/policies/privacy/partners/. You can opt out of Google’s collection and processing of data generated by your use of the Services by going to http://tools.google.com/dlpage/gaoptout.

Mixpanel. We also use Mixpanel to gather information about how users engage with our Services. Users can opt-out of Mixpanel’s automatic retention of data collected by visiting https://mixpanel.com/optout. Please note however that getting a new computer, new Internet browser, or erasing your stored cookies will require you to re-opt-out again at the link above. For more information please see i

Information that We Share with Third Parties

We will not share any PII that we have collected from or regarding you except as described below:

Information Shared with Our Services Providers. We may engage third-party services providers to work with us to administer and provide the Services.

Information Shared with Third Parties. We may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes.

Information Disclosed in Connection with Business Transactions. Information that we collect from our users, including PII, is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your PII, may be disclosed or transferred to a third party acquirer in connection with the transaction.

Information Disclosed for Our Protection and the Protection of Others. We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable.

Your Choices

We offer you choices regarding the collection, use and sharing of your PII and we’ll respect the choices you make. Please note that if you decide not to provide us with the PII that we request, you may not be able to access all of the features of the Services.

Opt-Out. We may periodically send you free newsletters, e-mails, and other messages that directly promote our Services. When you receive such communications from us, you will have the opportunity to “opt-out” (either through your Account, your mobile device’s settings, or by following the unsubscribe instructions provided in the e-mail you receive). We do need to send you certain communications regarding the Services and you will not be able to opt out of those communications – e.g., communications regarding updates to our Terms of Service or this Privacy Policy or information about billing.

Push and SMS Notifications. As part of providing the Services to you, we may periodically send you push notifications or SMS messages for system-related information, such as to inform you of system updates or if you as a User have your issue marked as resolved by your IT team. You may opt out of push notifications through your mobile device’s settings or from within your Account settings.

Modifying Your Information. Users can access and modify the information you input (including PII) and information that we collect that is associated with their Espressive profile. User modifications to their Account information and records hides any removed content but does not delete it. Espressive will retain most data however on backups for purposes of archiving and protecting from inadvertent deletion. If you wish to permanently delete your data (i) if you are a User, contact your Administrator and (ii) if you are an Administrator, contact us at privacy-policy@espressive.com with your request. With Administrator approval, we will either, at your discretion (a) permanently delete your information or (b) archive it in case you wish to come back in the future.

Responding to Do Not Track Signals

Our Site and our service does not have the capability to respond to “Do Not Track” signals received from various web browsers.

The Security of Your Information

We take reasonable administrative, physical and electronic measures designed to protect the information that we collect from or about you (including your PII) from unauthorized access, use or disclosure. When you enter sensitive information on our forms, we encrypt this data using SSL or other technologies. Authentication into our Services requires your company’s credentials, or a credential you have created on our service. Such authentication may also be accomplished through a third party (e.g., Okta, www.okta.com/authentication) at your Administrator’s election. Please be aware that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information.

Links to Other Sites

Our Services may contain links to websites and services that are owned or operated by third parties (each, a “Third-party Service”). Any information that you provide on or to a Third-party Service or that is collected by a Third-party Service is provided directly to the owner or operator of the Third-party Service and is subject to the owner’s or operator’s privacy policy. We’re not responsible for the content, privacy or security practices and policies of any Third-party Service. To protect your information we recommend that you carefully review the privacy policies of all Third-party Services that you access.

International Transfer

Your PII may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you’re located outside the United States and choose to provide your PII to us, we may transfer your PII to the United States and process it there.

Our Policy toward Children

Our Services are not directed to children under 13 and we do not knowingly collect PII from children under 13. If we learn that we have collected PII of a child under 13 we will take steps to delete such information from our files as soon as possible.

Questions?

Please contact us at privacy-policy@espressive.com if you have any questions about our Privacy Policy.

Third-parties and customers may also contact ADP TotalSource at MyLife Advisor at 844-448-0325 to make a confidential report.