At Over the Shoulder, we take privacy and security very seriously. After all, if people don't feel safe downloading our app and participating in our studies, then we don't have a business.
Here's what we believe:
Nobody should be putting software on your phone that uses, shares, accesses, or uploads any of your data unless you’re explicitly aware of what's being shared, and you've agreed to share that information.
In that spirit, here's what the Over the Shoulder app does and does not do.
The Over the Shoulder app was built so that we can ask you questions through your smartphone, and you can answer those questions.
The only information Over the Shoulder uploads or records is:
- The answers you give to the questions we ask.
- The time you submitted each answer.
- The location you submitted your answer from.
- The device model of the phone you are using.
That's it. Period.
Over the Shoulder does NOT ever access, use, or upload any of the following:
- OTS does NOT access, use or upload your contacts or address book.
- OTS does NOT monitor other apps on your phone or any usage information about them.
- OTS does NOT access use, record or upload ANY information about your phone calls, the texts you send or receive, or the websites you visit.
- OTS does NOT track where your smartphone is, with the exception of when you upload the answer to a question we’ve asked you (as detailed above).
Over the Shoulder does not continuously run your phone's GPS location chip. On the Android operating platform, Over the Shoulder will run the background and check for connections while it is trying to upload answers you’ve recorded on it. Once they’re submitted, Over the Shoulder goes inactive.
OTS was specifically designed to avoid any activity that could cause wear on your battery.
When you finish the study, you delete the app, and it's gone. OTS leaves no active or passive software on your phone, and the memory it was using is freed up immediately.
1. Information Collected
Over the Shoulder’s primary interactions involve conducting market research surveys for clients from a wide variety of industries. Over the Shoulder is based in the United States and its operations take place in the United States. In Over the Shoulder’s role as a market researcher for transactions involving Over the Shoulder survey participants (“Participant(s)” or “You”), Over the Shoulder regularly receives voluntarily provided personal information about the participant.
We collect two categories of information from our survey participants: aggregate data and personal information. As used herein, aggregate data is information about a group or category of services or users, which has been made anonymous so that it does not identify a specific user. Personal information means information that can directly or indirectly lead to the identification of a living person, such as an individual's name, address, email, telephone number, license number, medical identification number, a person’s geolocation, photograph, or other identifying characteristics. The identification can occur by reference to one or more factors specific to the individual's physical, physiological, mental, economic, cultural or social identity. Personal information does not include information that has been anonymized, encoded or otherwise stripped of its identifiers, or information that is publicly available, unless combined with other nonpublic personal information.
The personal information collected by Over the Shoulder from participants will primarily consist of name, email address photographs, audio recordings and video recordings. In addition, Over the Shoulder will collect geolocation information (as described above) and usage data from participants who use Over the Shoulder’s Over the Shoulder application (Application) unless they have opted-out of participating in the geolocation aspect of the application.
Over the Shoulder does not receive, collect or process any sensitive personal information without explicit consent; Sensitive personal information is information relating to a person's race, religion, ethnic origin political opinions, trade union membership, sex life or health or medical conditions.
A. Aggregate Data
Data collected from the application may be combined with similar information about other users which has been anonymized to exclude personal information. We use such information to help manage the effectiveness of Over the Shoulder app, perform analytics, and for purposes such as compiling aggregated statistics about services usage. Over the Shoulder does prepare individual reports based on aggregated or consolidated statistical data of survey results. These reports do not contain any data specifically pertaining to an individual or that would enable the recipient to identify an individual, except that the reports may use photos, audio recordings and video recordings that have been sent to us by participants. We may also use individual photos to illustrate aggregate data.
This policy does not limit our collection and use of aggregate data. We may disclose non-personal information, in aggregate form, to potential strategic partners, advertisers, investors, customers, and others. You may not opt-out of the sharing of aggregate data.
B. Personal Information
Activation of the application is by invitation only and possible only by using login and password information (provided by Over the Shoulder) after entering into a separate agreement. Participation is completely voluntary. You will be asked to use different types of media on your phone, such as text answers, taking pictures, recording audio or video. By installing and activating the application, and by voluntarily providing your personal information you agree that we may collect some or all of the following types of information and use it as explained below:
- Contact information - your name, address, phone, email, and other similar information.
- Information you give to us on applications, surveys, registration forms, etc.
- Services activity information - we keep track of some of the actions you take with the application, such as the frequency of use or number of answers submitted, and the fact that you provided information to us. For example, if you send us a video, in addition to storing the actual content you shared, we might log the fact that you shared it.
- Photographs, audio, and video recordings, answers to text and multiple choice questions that you send us.
- Your point-in-time geolocation information at the time you submit an answer to a question we’ve asked you through the Over the Shoulder application (unless you have opted-out of that aspect of the application).
2. Information Use and Sharing
A. Use of Personal Information
Our primary purpose in gathering personal information is for research and marketing purposes. We may use your personal information to:
- Provide you with information or services you request;
- Resolve disputes;
- Comply with laws and regulations;
- Facilitate your use of, and our operation of, our Services;
- Analyze trends and statistics for marketing, research, and development;
- Prepare reports for our clients;
- Deliver targeted Service updates;
B. Information Sharing
We reserve the right to share aggregate data about our customers, sales, and traffic with our partners and advertisers. Additionally, we may share your personal information with:
Our affiliates (members of our corporate family) or companies that perform services on our behalf, and our clients who have asked us to gather data for them. We share information to perform business operations, process transactions, respond to your inquiries, provide information about the products or services that we offer, or to disseminate information that you provide to us through your use of the application.
Law enforcement, government officials, or other third parties when compelled by a subpoena, court order or similar legal instrument; in order to comply with law or credit card rules; and when necessary to prevent fraud, physical harm or financial loss.
Please also note that merchants you purchase from and contract with have their own privacy policies; Over the Shoulder is not liable for their operations, including their data collection and use practices.
3. Information Protection and Storage
We will take reasonable efforts to prevent the unauthorized release of your personal information. We store and process your data on our computers and servers in the United States and elsewhere in the world, subject to physical, electronic, and procedural safeguards in compliance with applicable governmental regulations. We use computer safeguards such as firewalls and data encryption where appropriate.
While we take measures to guard your personal information, we cannot guarantee that your data will not be disclosed or accessed accidentally or through the unauthorized actions of others. To protect your confidential information, we urge you to keep your passwords confidential. You are responsible for all uses of our application and services by any person using your account password. Please inform us immediately if you believe your account has been compromised. Please note that we will never ask you to disclose your password via an unsolicited phone call, SMS text message, or email.
5. California Privacy Rights
California residents may request certain information about the disclosure of their personal information to third parties for direct marketing purposes. We do not provide your personal information to any non-affiliated third party for their direct marketing purposes without your consent. If you would like more information with respect to your rights under California law, you may contact us at the address provided below. Please reference California disclosure information in your request.
6. Notice to Parents
The services are intended for use by survey participants. Over the Shoulder obtains parental consent before authorizing access for children between the ages of 13 and 17. The application is not intended for children under 13.
If you are under age 17, please do not attempt to register for Over the Shoulder or provide any personal information about yourself to us without written parental consent. In addition, if we learn that we have collected personal information from someone under age 13, we will delete that information as quickly as possible. If you believe that we might have any information from someone under age 13 or information from someone between ages of 13 and 17 without parental consent, please contact us through at email@example.com.
7. European Citizen Privacy Rights
A. EU Safe Harbor
Over the Shoulder will not use or share any personal information collected, either within Over the Shoulder or with a third party, for our own direct marketing purposes.
Over the Shoulder collects personal information from and about individuals for use generally in connection with the operation of its business. Such personal information may be used by Over the Shoulder to provide market research services to its clients.
Over the Shoulder may disclose personal information to third parties when such disclosure is necessary or appropriate for Over the Shoulder’s provision of such services to its clients or otherwise for Over the Shoulder’s operation of its business.
As part of our market research process, all Over the Shoulder questionnaires provide respondents with choices related to personal information. The choice to provide personal information is purely voluntary. If a respondent chooses not to provide personal information, the person may be automatically excluded from the study. In addition, Over the Shoulder reviews and communicates results to clients in a consolidated format and as such, no one individual’s personal information is reported separately, except that photos of and provided by individual participants may be used from time to time.
D. Onward Transfer to Third Parties
Over the Shoulder will disclose personal information to a third party if (a) Over the Shoulder has received the participant’s permission to make the disclosure, (b) the disclosure is required by law, (c) the disclosure is reasonably related to the sale or disposition of all or part of Over the Shoulder’s business, (d) the information in question is publicly available, and/or (e) the disclosure is reasonably necessary for the establishment of a legal claim.
Additionally, Over the Shoulder may disclose personal information to an Over the Shoulder affiliate or to persons or entities providing services on behalf of Over the Shoulder, an Over the Shoulder client, or the individual (each a "Transferee”), consistent with the purpose for which the information was obtained, if the Transferee, with respect to the personal information in question (a) is subject to law providing an adequate level of privacy protection including, without limitation, transferees that are located within the EU or transferees that are otherwise subject to an “adequacy” finding, (b) has agreed in writing to provide an adequate level of privacy protection, and/or (c) subscribes to the principles.
E. Data Integrity
Over the Shoulder takes reasonable steps to ensure that personal information is accurate, complete, current and relevant for the purposes for which it was collected.
F. Access to Data
Upon request, Over the Shoulder will permit EU citizens to access personal information collected by Over the Shoulder and will give them the opportunity to correct, amend, modify or delete inaccurate data upon request. Such access may be denied or limited by Over the Shoulder, however, if providing such access is unreasonably burdensome, time-consuming or would result in significant and/or unreasonable monetary cost, or if the rights of persons other than the individual requesting amendment would be violated.
Over the Shoulder will respond to such requests within a reasonable time period. Depending on the nature of the request, Over the Shoulder reserves the right to charge a reasonable fee to cover the costs of providing access. Over the Shoulder may delete personal information if the personal information is not complete, current, and accurate or is inappropriate for its original intended use. Any deletion or modification may be subject to the consent of the participant that originally submitted the personal information. In order to request access to information or to request amendment, modification or deletion of data, or if you believe that Over the Shoulder is not complying with the Safe Harbor Principles, or this policy, please contact Over the Shoulder by email at the email address provided below.
In the event that any citizen of the European Union is not entirely satisfied with the resolution of a complaint proposed by Over the Shoulder, Over the Shoulder will cooperate with the relevant European data protection authorities to resolve that individual's complaint.
Over the Shoulder has a Privacy Administrator who is responsible for the internal supervision of Over the Shoulder’s privacy policies. Over the Shoulder educates its employees about compliance with the Safe Harbor Principles and has self-assessment procedures in place to ensure its compliance.
9. Effective Date
10. Contacting Us
If you have any questions about this policy, send an email with your questions to firstname.lastname@example.org