PRIVACY NOTICE
Available from Nov 20, 2023
Last updated Nov 17, 2023
Previous Privacy Notice
This privacy notice for using and accessing the EvoluteMessage Messages (“The App”, “App”) provided by EVOLUTEMESSAGE ("Company," "we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your("Customer", "you") information and yours end-user("The end-user") information when use our services ("Services"), such as when you:
-
Use our App after the installation in your salesforce organization.
-
When you enabled the Cookie Filter or Message Events
​
This privacy does not include the EvoluteMessage website, which has its own privacy and you can check this by accessing https://www.evolutemessage.com/privacy-policy-site.
​
Information that we collect from you
Data Collection from Salesforce AppExchange:
When you install The App from the Salesforce AppExchange, we collect specific Personal Information provided by Salesforce at the time of installation. This information includes First Name, Last Name, Phone Number, Email, Title, Email Address, State, and Country.
​
Purpose of Data Collection:
The Personal Information we collect during installation is used exclusively for two purposes: providing support and conducting email marketing. Our data usage complies with the terms and conditions outlined in the Salesforce Program Agreement.
Data Storage Location:
The Personal Information we collect is securely stored on a Salesforce Partner Business Org located in the United States.
​
Data Sharing: We want to emphasize that we do not sell or transfer this information to any other parties. Your data privacy is a top priority for us.
​
Information that the App collects from yours end-user.
​
1. What Personal Information do we collect?
​
In short: The app, starting from version 1.12.0 and beyond, will collect personal information if the customer enables the Cookie Filters or Message Events. By default, we do not collect any personal information.
​
We have two features that collect Personal Information: Cookies Filter and Message Events.
​
The Cookie Filter does not collect any Personally Identifiable Information. However, it registers a cookie in end-users' browsers to track several user interactions, including the number of times the user has accessed the Advanced Message, their last login time, and the frequency of access to record pages. This feature is disabled by default, meaning that no cookies are collected or registered in the end-user's browser unless you have enabled the feature.
​
Message Events collect the end-user's IP address when the end-user accesses a message. This information is used solely for the purpose of identifying whether the user has accessed the message previously. We do not use this information for any other purposes, and it is not exported to any other location. This information is collected from Salesforce using Apex Code and is stored within your organization in the Message Event Object.
​
Sensitive Information:
The App collects the end-user's IP Address if the Message Event is enabled.
Payment Data:
The App does not process any payment data.
Personal information provided by Third-Party:
The App gets the end-user IP's address from Salesforce using Apex Code(getCurrentUserSession). This information is stored in your organization into the Message Events Objects. This information is only used to identify if the user has accessed the message before.
Information automatically collected
In short: The App does not collect any information automatically.
The App does not collect any information automatically. All the process where we collect any information from you or your end-user, you will need to enable the feature. We have only two feature that we collect the information which is The Cookie Filter and the Message Events. Any collected information always stays in the end-user's computer or in your Salesforce Org.
​
2. How do we process your Personal Information?
We process Personal Information only if you enabled the features, currently we have two features that we process the Personal Information and you can find how they work on these documentation:
Both features you can always enable and disabled and once disabled the process to process and collect will stop right away.
​
3. What legal bases do we rely on to process your Personal Information?
In our data processing practices, we rely on the following legal bases to process your Personal Information:
​
Consent: We inform our customers that, after enabling specific features within our App, personal information may be collected. By enabling these features, our customers are providing explicit and informed consent for the processing of personal information as described in our privacy policy. Additionally, our customers are responsible for ensuring that they obtain any necessary consent or permissions from their end-users who may be affected by the data collection.
​
Customer Responsibility: It is the responsibility of our customers to inform their end-users that we register and collect cookies and personal information such as the end-user's IP Address. We provide clear guidance to our customers on how to enable and use these features, along with detailed explanation on which information we collect and how we store.
​
End-User Responsibility: The App itself is not responsible for directly informing end-users that a feature to register a cookie is enabled, neither that we are collecting the end-user's IP Address. This responsibility falls on our customers, who should ensure that their end-users are aware of and understand the data processing activities related to the use of our App.
​
By utilizing our services and enabling specific features, our customers acknowledge and agree to our terms and conditions, which include information about the legal bases for data processing, consent requirements, and customer and end-user responsibilities.
4. When and with whom do we share your Personal Information?
We do not share your Personal Information with any third parties. All the information collected, whether it remains in your organization's objects or is stored as a cookie on the end-user's computer, is used solely for the purpose of delivering our services and is accessed only at the moment of loading the message. We prioritize the privacy and security of your data and do not engage in data-sharing activities with external parties.
​
5. Is your Personal Information transferred Internationally?
No, we do not transfer any personal information. All the information collected, it remains in your organization's objects or is stored as a cookie on the end-user's computer.
​
6. How long do we keep your Personal Information?
The retention periods for the two features that collect personal information differ:
Cookie Filter: You have the option to define how long the cookie will expire in days. Additionally, you can choose to disable the cookie, which will result in the deletion of the cookie from the end-user's browser once they access the message. The duration of data retention for this feature is customizable, depending on your specific settings.
Message Events: The IP Address collected as part of the Message Events is saved in your organization's data, specifically within Message Event objects. There is no predetermined expiration date for this data. However, you have the flexibility to delete the records at any time using Salesforce's out-of-the-box layout or our app. This allows you to manage the retention of Messages or specific Message Event Records, which may contain the IP Address of the end-user, in accordance with your preferences and requirements.
​
7. How do we keep your Personal Information Safe?
We employ different security measures for each feature to ensure the safety of your Personal Information:
Cookie Filter: This feature operates exclusively on the end-user's computer and is tightly linked to the Salesforce domain. This means that the data collected by the Cookie Filter remains within the user's browser environment and is associated only with the Salesforce domain, enhancing its security and limiting exposure.
Message Events: The IP Address collected as part of Message Events is stored within your organization's Salesforce environment. We adhere to all standard Salesforce security practices, ensuring that access to the records is restricted. To access the records, individuals require the appropriate permissions not only at the object level but also at the record and field levels. This security framework is provided by Salesforce out of the box, enhancing the protection of your Personal Information.
​
8. Do we collect Personal Information from Minors?
If you have enabled one of the features, Cookie Filters or Message Events, please note that our system does not incorporate logic to specifically target minors. The system does not possess the capability to determine whether the individuals accessing the message are minors or not. It is essential for you, as our customer, to be knowledgeable about your end-users and to communicate appropriately with them regarding the data processing activities related to these features.
​
9. What are your privacy rights?
In Short: In some regions, such as the European Economic Area (EEA), United Kingdom (UK), and Canada, you have rights that allow you greater access to, and control over, your personal information. You may review, change, or terminate your account at any time.
In some regions (like the EEA, UK, and Canada), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. You can make such a request by contacting us by using the contact details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below.
We will consider and act upon any request in accordance with applicable data protection laws.
If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: ARTICLE29 - National Data Protection Authorities .
If you are located in Switzerland, the contact details for the data protection authorities are available here: Startseite .
Withdrawing your consent: If we are relying on your consent to process your personal information, which may be express and/or implied consent depending on the applicable law, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below.
However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
Opting out of marketing and promotional communications: You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, Asking Support to cancel the Subscription, or by contacting us using the details provided in the section "HOW CAN YOU CONTACT US ABOUT THIS NOTICE?" below. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.
If you have questions or comments about your privacy rights, you may email us at privacy@evolutemessage.com.
10. Controls for DO-NO-TRACK feature
Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage no uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this privacy notice.
11. CCPA Privacy Notice
We do not subject to California Consumer Privacy Act (CCPA). The CCPA applies to any for-profit legal entity doing business in California that collects and controls personal information regarding California residents. Additionally, it must meet any of the following thresholds:
-
Have $25 million or more in annual gross revenue; or
-
Derive more than 50% of its annual income from the sale of consumer personal information; or
-
Buy, sell, or share the personal information of more than 50,000 consumers annually.
None of the threshold above meets our current status.
12. Do we make updates to this Notice?
In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update and review this privacy from time to time. The review should happen every January of each year. The updated version will be shared by an app notification or an email. We encourage you to always review this policy.
13. How can you contact us about this notice?
If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO), Rogerio Honorio da Silva Junior, by email at privacy@evolutemessage.com or by post to:
EVOLUTEMESSAGE
Rogerio Honorio da Silva Junior
51 Stonehenge Road
London, Ontario N5V4M6
Canada