Privacy

This policy outlines the types of information we collect and how we use and protect that information. We may update this notice with or without notice. Please review regularly.

Updated August 6, 2020

Users

To comply with the Children’s Online Privacy Protection Act (COPPA), Confection is only available to users who are at least 13 years old. If you are under 13, please do not use Confection.

When you visit our website and sign up for an account, we’ll ask for your name, email address, credit card information, and other details to improve your experience and enable us to process your orders. For information on the ways we secure this information, please see the “Security” section below.

We may collect information about anyone who accesses the Confection site, whether they become a registered user or not. Example data-points include how often and for how long you are on the site, your search history, and other information related to your use of our service. We use this information internally to improve our service, but we will never publish this data or share it with (or sell it to) a third party.

Confection uses cookies to improve the quality of our services. A cookie is a small data file that we send to your computer when you first visit a website. Cookies usually include an identification number that is unique to the computer you are using. Such identifier can help us better understand our users and how they are using our website and our service. Cookies can also improve the quality of the service (eg., recognizing a user when s/he visits the site, displaying the site according to the user’s chosen language settings, and maintaining security). If you’d prefer not to allow cookies, you can adjust your browser settings so that your browser refuses all cookies and/or or notifies you when a cookie is being sent by any site, including Confection’s.

Confection uses links to third-party websites and embedded elements from third-party web services such as Google and Facebook. Search queries might be relayed to third-party data feeds to improve the search result.

If you use Confection or follow links to third-party websites, some information about you and your query may be visible to these services. Even if the third-party website or service is affiliated with us, we have no control over their content, services, or data feeds, each of which is relies on separate policies and data collection practices independent of Confection. As such, we are not responsible for, nor do we have any control over, the content or the privacy policies of those third-party websites or services. We encourage all users to read the privacy policies of each and every website linked to from or embedded in Confection. This privacy statement applies solely to information collected by Confection.

We reserve the right to disclose information to third parties if we believe we are required to do so by law or have a good-faith belief that such access or disclosure is reasonably necessary to:

  • satisfy any applicable law, regulation, legal process, or official governmental request;
  • enforce our terms of use, including the investigation of potential violations thereof;
  • detect, prevent, or otherwise address fraud, security, or technical issues;
  • respond to user support requests;
  • protect the rights, property, or safety of Confection, its users, and the public.

We may store and process the user information we collect in the United States or any other country in which Confection or its agents maintain facilities. By using Confection, you consent to such transfers. We also reserve the right to transfer information in the event of a transfer of ownership of Confection (acquisition, merger with another company, &c).

Opt-in Badge

Confection’s opt-in badge appears on any site where Confection is installed. It helps our product and our customers stay compliant with major data privacy laws like CCPA, GDPR, and LGPD. Customers who don’t want this badge to appear have the option of setting a custom opt-in condition or action (eg., a form submission or button click).

If a user doesn’t opt in to tracking using one of these methods, Confection just collects non-personally identifying information (NPII) from that user.

CCPA Compliance

Anyone can opt out of Confection.

Send an email to [email protected]

We respect the right to be forgotten.

.. but we preserve the information of people who opt out for auditing purposes. (How else could we ensure and demonstrate we aren’t using it?)

"What kinds of info do you collect?"

Send an email to [email protected]

No third-party information sharing.

We don’t sell any sort of data (user or visitor, individual or aggregate) to third parties.

"What information do you have on me?"

Send an email to [email protected]

We don't discriminate.

Confection doesn’t discriminate against anyone who exercises his/her CCPA rights.

We have a documented incident response plan.

If there’s a data breach, we’ll fix it and let you know what’s happening within 48 hours.

GDPR Compliance

We know what we have.

We have a list of all types of personal information we hold, the source of that information, who we share it with, what we do with it, and how long we keep it.

We know where it is.

We have a list of places where we keep personal information and the way data flows between them.

We have a personal data privacy policy.

It’s publicly-accessible. You’re reading it right now.

We have an appointed Data Protection Officer (DPO).

You’ll find contact information at the bottom of this page.

We're aware of GDPR.

Our team is aware of GDPR requirements.

We're up to date.

Our technical stack and its security protocols are up to date.

We're trained.

Our staff is trained in data protection best practices.

We're thorough.

We have a list of sub-processes, and we mention them in our privacy policy.

We don't have an office in the EU.

Our business operations occur outside the EU, and we do not have an appointed representative within the EU.

We keep you posted.

We report all data breaches to our local authorities and to everyone in our database. The latter will include steps individuals can take to mitigate personal fallout.

"What information do you have on me?"

Send an email to [email protected]

You're in control.

Users can manage all their own personal information.

We don't auto delete information.

Whether we’re using it or not, for diligence and auditing purposes, we preserve all data indefinitely.

We respect the right to be forgotten.

.. but we preserve the information of people who opt out for auditing purposes. (How else could we ensure and demonstrate we aren’t using it?)

Anyone can opt out of Confection.

Send an email to [email protected]

We're secure.

We store and process the information we collect in the United States and other countries in which our stack partners maintain facilities. To our knowledge, all countries involved offer appropriate levels of data protection.

LGPD Compliance

Brazil's LGPD is similar to the EU's GDPR. However, here are the ways we handle its unique requirements.

No full IP addresses.

We either truncate or avoid storing Brazilian IP addresses.

No data without user consent.

Unless a user opts in to Confection, we don’t collect or store the personally identifying information of Brazilians.

LGPD focuses on three unique types of data:

  • Non-Personally Identifying Information (NPII): any anonymous data or data related with companies (for example, your [email protected])
  • Personally Identifying Information (PII): any data related to a person (eg., name, address, IP and cookies)
  • Personally Sensitive Information (PSI): personal data that could be used for discrimination by race, religion, politics, health issues, sexual orientation, &c.

Confection has four key features:

  • Confection Cable: A fast, reliable way to send information to external servers without getting blocked by browsers. This can be used to send any data anywhere.
  • Confection Audience API: A reliable way to store and structure personal data so it can be used by our customers. Confection uses the Pipe to capture this data. Confection’s predictive algorithms and machine learning then unify different UUIDs into single, usable contact records.
  • Confection Input: A reliable way to capture user input automatically from forms and other kinds of user input. This feature relies on the Pipe to transmit data and the lead management and storage feature to make it useful.
  • Confection Metrics: A reliable way to track events and user metrics, to generate statistics. This product replaces data services, which will fail (or work less well) in a post-cookie environment.

Below, we outline the ways each feature manages data in a LGPD compliant way.

Confection Cable

Before Confection begins transmitting a user’s data, that user must opt in. A user can do this in one of two ways:

  • by submitting a form on a site where Confection is installed
  • by clicking the “Opt In” tab that appears on any site where Confection is installed

Either of these actions sends a “terms_approved” variable to Confection. Once received, user data will begin flowing to Confection. Specifically, Confection follows the following workflow:

  1. Initially, Confection (a) stores user data locally in a soft cache with a non-personally identifying UUID and (b) with one of the following tags: NPII, PII or PSI.
  2. Every few minutes, Confection puts the data into batches. If “terms_approved” has been sent, all data goes to Confection. If “terms_approved” has not been sent, only NPII data goes to Confection.
  3. Confection then clears all data from the cache.

We’ve optimized this system so that we always know what data is sensitive before sending it elsewhere. Moreover, by the time data arrives on the Confection server, it’s safe to assume it’s LGPD compliant.

Confection Audience API

At the moment, any user can email us at [email protected] and request a list of (and the removal of) his/her PII. Longer term, we’ll allow users to do this on their own via browser.

If an element of PII isn’t used by Confection or a customer for one month, it’s automatically removed from the system.

Confection encrypts all PII and PSI. If there is a leak, we notify all affected users, customers, and government authorities within 48 hours.

Confection Input

Confection’s input capture feature follows the same basic rules and protocols as the Cable.

Confection Metrics

Confection’s tracking and metrics feature follows the same basic rules and protocols as the Cable.

Security

Confection takes security very seriously. Our application uses a progressive, security-oriented stack that helps protect user information and other sensitive data. Here are a few highlights:

  • We use a crowdsourced, always-on, bounty-oriented pen testing and vulnerability disclosure program.
  • We store all data and host all application elements on Heroku.
  • We use Auth0 instead of traditional user accounts.
  • We use Stripe to process payments.

At a high level, this means we incentivize developers around the world to discover vulnerabilities for us, use no local passwords or credit card numbers, and store all data on a world-class cloud PaaS with engineered security controls at every layer.

We also place strict controls on our team’s access to application data. We’re committed to ensuring that sensitive data is not seen by anyone who should not have access to it. Routine operations require that some teammates have access to systems that store and process sensitive data (eg., to fix a bug). These individuals are prohibited from using these permissions to view sensitive data unless it is necessary to do so. Our technical controls and audit policies log any access to sensitive data.

We conduct background checks on all teammates before employment or contracting begins, and our team receives privacy and security training during onboarding as well as on an ongoing basis. All employees are required to read and sign our comprehensive information security policy covering the security, availability, and confidentiality of the Confection service.

We support the latest recommended secure cipher suites and protocols to encrypt all traffic in transit. Sensitive data is also encrypted at rest. We monitor the changing cryptographic landscape closely and work promptly to upgrade the service to respond to new cryptographic weaknesses as they are discovered and implement best practices as they evolve. For encryption in transit, we do this while also balancing the need for compatibility for older clients.

We store data in redundant ways at multiple locations: in our stack partners’ data centers and elsewhere. In the event of a breach or a system malfunction, we have well-tested backup and restoration procedures, which allow recovery from a major disaster. All data is automatically and continuously backed up. Our team is alerted if this system ever fails. We review and fully test backups at least every 90 days to confirm that our processes and tools work as expected.

Contact

For all privacy-, user-, compliance-, and security-related questions, please contact us using this information:

Confection
c/o Studio Hyperset
attn: DPO
PO Box 2859
Fremont, CA 94536
United States of America
[email protected]

Resources