Chrome Extension Privacy Policy

Effective: August 20, 2022

Introduction

ATeam Technologies Inc. ("ATeam Technologies", "Native Current", "our", "us", and "we") provides a service that helps organizations meet diversity and inclusion goals through inclusive search practices ("Native Current Service", "Service").

We value the privacy of consumers ("Users", "you", "your") who use our Service. Protecting your privacy is very important to us. This Privacy Policy describes Native Current’s policies and procedures regarding the collection, use and disclosure of your information when you use the Native Current Service ("Native Current Privacy Policy", "Privacy Policy"). We will not use or share your information with anyone except as described in this Privacy Policy.

While we encourage you to read all of our Privacy Policy, here's a quick summary:

• When you use our Chrome extension, you import data from Google Sheets into local storage. The extension does not transmit or receive data from our servers.
• We will not sell your information. We're a mission-oriented company determined to create equitable opportunity at work. Selling ads (with your data) will not help us get there.
• We offer a free tier to help you start making changes where you work. We only make money when you or your company upgrades to one of our paid subscriptions.
• We use a small number of trusted third parties to help provide our products.
• We use cookies to provide, protect, and promote our products.
• You can exercise your GDPR and CCPA rights at any time.

A description of our policies is below. Note: capitalized terms that are not defined in this Privacy Policy shall have the meaning given to them in our Chrome Extension Terms of Service.

Our business model

We offer a subscription-based product with a free tier. Our hope is that users of the free service will promote the paid service to their organizations for purchase. After all, organizational change is not and cannot be an individual effort. In providing our service, we will never sell your information to 3rd parties or allow them to advertise through the service.

Information Collection and Use

When you interact with our Site, Software, and/or Services, we collect information that could be used to identify you ("Personally Identifiable Information"). Some of this information is stored in a manner that cannot be linked back to you ("Non-Personal Information").

Information you provide at registration

If you register for a member account with the Service, we will ask you to voluntarily provide us with information about yourself for your account:

Your name and e-mail address: If you sign in with a social networking credential, such as your Google account, we will ask permission to access basic information from that account, such as your name and email address. This Personally Identifiable Information will be made private on the Service.

Your payment information: Paying customers will be asked to complete a commercial transaction on the Site. We use this information to enable and fulfill your transaction. You will provide your credit card number directly to Stripe for processing. The privacy policy of Stripe will apply to the information you provide to Stripe.

Aggregated information

In an ongoing effort to better understand and serve our users, Native Current often conducts research on user demographics, interests behavior, and other areas based on user-provided information and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and Native Current may share this aggregate data with its affiliates, agents and business partners. This aggregate information does not identify you personally. Native Current may also disclose aggregated user statistics to current and prospective business partners, and to other third parties for other lawful purposes.

Cookies: When you visit the Service, we may send one or more small data files ("cookies") to your computer to uniquely identify your browser and enhance your navigation through the site. A cookie may convey anonymous information to us about how you use the Service, but it does not collect personally identifiable information about you such as your name or email address. A persistent cookie ("persistent cookie") remains on your computer after you close your browser so that it can be used by your browser on subsequent visits to the Service. Persistent cookies can be removed by following your web browser's directions. A session cookie ("session cookie") is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to indicate when a cookie is being sent. However, some features of the Service may not function properly if the ability to accept cookies is disabled.

Log files: Log file information is automatically reported by your browser each time you access a web page. When you use the Service, our servers automatically record certain information that your web browser sends whenever you visit any website. These server logs may include information such as your web request, Internet Protocol ("IP") address, browser type, referring / exit pages and URLs, number of clicks, domain names, landing pages, pages viewed, and other such information. Clear GIFs Information: When you use the Service, we may employ clear GIFs (also known as web beacons) which are used to anonymously track the online usage patterns of our users. No personally identifiable information from your Native Current account is collected using these clear GIFs. In addition, we may also use clear GIFs in HTML-based emails sent to our users to track which emails are opened by recipients. This information is used to enable more accurate reporting and make Native Current better for our users.

Third Party Services

Native Current may use third party services such as Google Analytics to help understand your use of the Service ("Third Party Services"). These Third Party Services collect the information sent by your browser as part of a web page request, including cookies and your IP address. Their use of this information is governed by their respective privacy policies.

How We Use Your Information

We may use your information as necessary to perform our contract with you and for our legitimate business interests, including:

• To help us provide and administer our Site, Software, and/or Services, process transactions, conduct research, develop new features, and improve the features, algorithms, and usability of our Site, Software, and/or Services.
• To communicate with you about your use of our Site, Software, and/or Services, product announcements, and software updates.
• To send you direct marketing emails and special offers about Native Current, from which you can unsubscribe at any time.
• To calculate aggregate statistics on the number of unique devices using our Site, Software, and/or Services, and to detect and prevent fraud and misuse of those.

Information Access and Disclosure

We only disclose personal data to third parties in the following circumstances:

• We have your explicit consent to share data with third parties.
• We use service providers who assist us in meeting business operations needs, including hosting, delivering, and improving our Services. We also use service providers for specific services and functions, including email communication, customer support services, and analytics. These service providers may only access, process, or store Personally Identifiable Information pursuant to our instructions and to perform their duties to us.
• We need to investigate potential violations of the Terms of Service, to enforce those Terms of Service, or to investigate, prevent, or take action regarding illegal activities, suspected fraud, or potential threats against persons, property, or the systems on which we operate our Site, Software, and/or Services.
• We are required to do so by law or subpoena or if we believe that it is reasonably necessary to comply with a law, regulation or legal request; to protect the safety of any person; to address fraud, security or technical issues or to protect Native Current's rights or property.
• We are bound by a merger, acquisition, bankruptcy, reorganization, sale of some or all of our assets or stock, public offering of securities, or steps in consideration of such activities (e.g., due diligence). In these cases some or all of your Personally Identifiable Information may be shared with or transferred to another entity, subject to this Privacy Policy.

We may disclose Non-Personal Information publicly and to third parties—for example, in public reports about search or to partners under agreement with us.

Native Current does not share your Personally Identifiable Information with third parties for the purpose of enabling them to deliver their advertisements to you. It does not sell or rent your Personally Identifiable Information either.

Emails

We may use your email address to send you Service-related notices (including any notices required by law, in lieu of communication by postal mail); you can control receipt of certain Service-related messages on your Settings page. We may also use your contact information to send you marketing messages. If you do not want to receive such messages, you may opt out by following the instructions in the message. If you correspond with us by email, we may retain the content of your email messages, your email address and our responses.

How We Protect Your Information

Native Current is committed to protecting the security of your Information and takes reasonable precautions to protect it. We use industry-standard and commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your information. However, internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure, and as a result, we cannot ensure the security of Information you transmit to us, including Personally Identifiable Information; accordingly, you acknowledge that you do so at your own risk.

Service-level

When you visit the Native Current website, the transmission of information between your device and our servers is protected with SSL/TLS encryption. At rest, Native Current encrypts data using AES-256 encryption. To maximize your privacy and security, our Chrome extension does not transmit or receive information from our servers.

Servers are located in the United States, in data centers that are SOC 1, SOC 2 and ISO 27001 certified. These data centers have round-the-clock security, automatic fire detection and suppression, fully redundant power systems, and strict controls for physical access. If you post or transfer any Information to or through our Site, Software, and/or Services, you are agreeing to such Information, including Personally Identifiable Information, being hosted and accessed in the United States. Please note that the laws of the United States may be different from the privacy laws applicable to the place where you are resident.

Product-level

We regularly install security updates and patches to keep servers up to date. Servers are segmented based on role and protected using restrictive firewalls.

In the event that personally identifiable information about you such as your name or email address is compromised as a result of a breach of security, Native Current will promptly notify you via email or as otherwise required by applicable law.

Your Choices About Your Information

You may, of course, decline to submit Personally Identifiable Information through the Service, in which case Native Current may not be able to provide certain services to you. You may update or correct your account information and email preferences at any time by logging in to your account.

Children's Privacy

Protecting the privacy of young children is especially important. Native Current does not knowingly collect or solicit personal information from anyone under the age of 13 or knowingly allow such persons to register with the Service. If we become aware that we have collected personal information from a child under age 13 without verification of parental consent, we will take steps to remove that information.

Links to Other Web Sites

We are not responsible for the practices employed by websites linked to or from the Service, nor the information or content contained therein. Please remember that when you use a link to go from the Service to another website, our Privacy Policy is no longer in effect. Your browsing and interaction on any other website, including those that have a link on our website, is subject to that website's own rules and policies.

Changes to Our Privacy Policy

If we change our Privacy Policy or procedures, we will post those changes on this page to keep you aware of what information we collect, how we use it and under what circumstances we may disclose it. Changes to this Privacy Policy are effective when they are posted on this page.

If you have any questions about our practices or this privacy policy, please contact us at legal@nativecurrent.com.

EEA, Swiss, and UK Users

Native Current uses, processes, and stores Personally Identifiable Information, including what is listed in the Information Collection and Use section, as necessary to perform our contract with you, and based on our legitimate interests in order to provide the Services. We rely on your consent to process Personally Identifiable Information to send promotional emails and to place cookies on your devices. In some cases, Native Current may process Personally Identifiable Information pursuant to legal obligation or to protect your vital interests or those of another person. When Native Current transfers the personal data of EEA, Swiss, and UK residents outside of those regions it does so via appropriate safeguards of user privacy, such as standard contractual clauses.

Rights

Individuals located in the European Economic Area (EEA), Switzerland, and the UK have certain rights in respect to their personal information, including the right to access, correct, or delete Personally Identifiable Information we process through your use of the Site, Software, and/or Services. If you’re a user based in the EEA, Switzerland, or the UK, you can:

• Request a Personally Identifiable Information report by emailing legal@nativecurrent.com. Please note that Native Current may request additional information from you to verify your identity before we disclose any information.
• Have your Personally Identifiable Information corrected or deleted. Some Personally Identifiable Information can be updated by you: You can update your name through your account settings. If you registered for Native Current using Google, or if you otherwise have problems updating this information, please email us.
• Object to us processing your Personally Identifiable Information. You can ask us to stop using your Personally Identifiable Information, including when we use your Personally Identifiable Information to send you marketing emails. We only send marketing communications to users located in the EEA, Switzerland, and the UK with your prior consent, and you may withdraw your consent at any time by clicking the "unsubscribe" link found within emails and changing your contact preferences. Please note that you will continue to receive transactional messages related to our Services, even if you unsubscribe from marketing emails.
• Complain to a regulator. If you’re based in the EEA, Switzerland, or the UK and think that we haven’t complied with data protection laws, you have a right to lodge a complaint with your local supervisory authority.

If you have other questions or do not have a Native Current account, contact us by emailing legal@nativecurrent.com.

Data transfers

As stated in the How We Protect Your Information section above, information submitted to Native Current will be transferred to, processed, and stored in the United States. When you use the Software on your computing device, search content will be stored locally on that device but not transmitted to our servers. If you post or transfer any Information to or through our Site, Software, and/or Services, you are agreeing to such Information, including Personally Identifiable Information, being hosted and accessed in the United States. Please note that the privacy laws of the United States may be different from those in the place where you are a resident.

Where required, we will use appropriate safeguards for transferring data outside of Europe, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us at legal@nativecurrent.com.

California Users

Supplemental Privacy Notice for California residents

This Supplemental Privacy Notice supplements the information in our Privacy Policy above and applies to California residents only.

Summary of information we collect

California law requires us to provide residents with some additional information about how we collect, use, and disclose your "personal information" (as defined in the California Consumer Privacy Act ("CCPA")).

This Privacy Policy details the specific pieces of personal information we collect from and about users, the sources of that information, and how we share it. Under the CCPA, we're also required to provide you with the "categories" of personal information we collect and disclose for business purposes (as defined by applicable law). Those categories are: identifiers (such as name, email address, or social network account and profile data); commercial information (such as transaction data for a paid account); financial data (such as payment method or financial account information); internet or other network or device activity (such as IP address and usage information); location information (e.g., the general location where you use your device when interacting with the Site, Software, and/or Services); sensory information (such as audio recordings if you call our customer service); inference data about you; and other information that identifies or can be reasonably associated with you. We collect these categories of personal information from different sources, as described in the section titled Information Collection and Use above.

We and our service providers may use the categories of personal information we collect from and about you consistent with the various business and commercial purposes we discuss throughout this Privacy Policy. Please see the section titled "Information access and disclosure" above for more information.

We may also use the categories of personal information for compliance with applicable laws and regulations, and we may aggregate the information we collect or de-identify the information to limit or prevent identification of any particular user or device.

Rights

California law may permit residents to request that we:

• Provide access to and/or a copy of certain information we hold about you.
• Provide you a summary of the categories of personal information we have collected or disclosed about you in the last twelve months; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared personal information.
• Delete certain information we have about you.

You may have the right to receive information about the financial incentives that we offer to you (if any). You also have the right not to be discriminated against (as provided for in applicable law) for exercising certain of your rights. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide the Site, Software, and Services to you. If you ask us to delete it, you may no longer be able to access or use the Site, Software, and Services.

To exercise these rights, you can:

• Request the summary described above by emailing legal@nativecurrent.com.

You'll need to provide us with information sufficient to verify your identity before we can satisfy your request. To do so, you’ll need to log into your account or provide us with certain information regarding yourself and/or your usage of the Site, Software, and Services. You can also designate an authorized agent to make a request on your behalf. To do so, you need to provide us with written authorization for the agent to act on your behalf. You will still need to verify your identity directly with us.

The CCPA sets forth certain obligations for businesses that "sell" personal information. Based on the definition of "sell" under the CCPA and under current regulatory guidance, we don’t believe we engage in such activity and have not engaged in such activity in the past twelve months. We do share certain information as described in the Information Access and Disclosure section above, and we allow third parties to collect certain information about your activity, for example through cookies, as explained in our Cookie Policy. You can control these cookies through browser settings and other controls; for more information, see our Cookie Policy.