Background image

Privacy Policy

Last updated 25th November 2023

AGREEMENT TO OUR PRIVACY POLICY AND GDPR

We are Retentional LTD, company number: 14972417, trading as Retentional, retentional.net ('Company', 'we', 'us', or 'our'). (“Retentional,” “we,” “us,” or “our”) respects the privacy of our Users (“User,” “your,” “Authorized User,” “Data Subject,” or “you”). This Website Privacy Policy (the “Privacy Policy”) explains how we collect, use, disclose, and safeguard your information when you access our Platform or use Retentional’s services (the “Services”) through Retentional’s website at www.retentional.net / www.app.retentional.net (the “Website”). The capitalized terms used herein have the same meaning as ascribed in our Terms of Service , unless otherwise noted here.Retentional is committed to protecting the privacy of its Users whose information is collected and stored while using Retentional’s Services through our Website. We intend to comply with all applicable consumer privacy laws and regulations with respect to our processing, storing, and use of your Personal Information.

PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT. BY REGISTERING AS A USER, OR ACCESSING OR USING OUR WEBSITE, YOU AGREE TO ACCEPT ALL THE TERMS CONTAINED IN THIS PRIVACY POLICY AND ACKNOWLEDGE AND AGREE WITH THE PRACTICES DESCRIBED HEREIN. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT REGISTER, ACCESS, OR USE OUR WEBSITE. WE DO NOT SELL YOUR PERSONAL INFORMATION. WE DO NOT GIVE ACCESS TO YOUR PERSONAL INFORMATION TO THIRD PARTIES EXCEPT TO SUBPROCESSORS TO ASSIST US IN THE PROVISION OF OUR SERVICES TO YOU.

If you have any questions regarding this Privacy Policy, please contact us as set at hello@retentional.net.

Retentional provides success planning software for B2B mid-market customer success teams to track their clients rate of product adoption and create tailored insights as actions for clients to implement in order to perceive value from the products they purchased.

Our Platform and Services are hosted on DigitalOcean facilities in the EU.

1. What information do we collect?

WE DO NOT SELL YOUR PERSONAL INFORMATION. WE DO NOT GIVE ACCESS TO YOUR PERSONAL INFORMATION TO THIRD PARTIES EXCEPT TO SERVICE PROVIDERS / SUBPROCESSORS TO ASSIST US IN THE PROVISION OF OUR SERVICES TO YOU.

When you register, use or access our website or our Platform, we collect personal information (“Personal Information” also referred to as personally identifiable information (“PII”) or “Personal Data,” as defined in the GDPR), which may include your full name, work email address, and company information such as company name, location, and number of employees. We use the terms Personal Information, Personally Identifiable Information, and Personal Data interchangeably. For the purpose of this Privacy Policy, they all have the same meaning.  

The Personal Information that we collect will be stored on our servers. Users are able to change their Personal Information via their account on the Retentional application at https://app.retentional.net or via email at hello@retentional.net. We collect the following information when you register on our Website:

Account Information: When you register, use our Website, access our Platform, or use our Services, we will collect your Personal Information. We may also collect information that does not personally identify you such as usage details and geolocation (via third party tools on our website and platform).

Financial Information: We currently do not collect or store any credit cards or bank information.  We will update this Privacy Policy when we start using and storing such information. We will also inform you by email or a change to this Privacy Policy if we start collecting such information from you. We currently do not have any plans to store this information ourselves, however, we reserve the right to use third party payment processing services to provision this data in a GDPR compliant manner. You will be notified prior to this coming into effect with relevant details.

2. How do we collect information?
  • Usage details (with PostHog, third party tool, EU usage and user data is anonymised via Property Filter provided by PostHog so we remain GDPR compliant)
  • Information obtained through browser cookies
3. How do we use your information?

We use the information that you provide to:

  • Provide Users with information, products, or services requested from us;
  • Notify Users about changes to our Website and any products or services;
  • Allow Users to participate in interactive features on our Website;
  • Improve the Website;
  • Improve our customer service;
  • Contact Users for other purposes with Users’ consent;
  • Contact Users about our products and services that may be of interest; and
  • Send User periodic emails, in accordance with the The Privacy and Electronic Communications (EC Directive) Regulations 2003 (and other similar anti-spam legislation such as CAN-SPAM Act of 2003) via the email address provided by User to (i) send information, respond to inquiries, and/or other requests or questions; (ii) send additional information related to User’s product and/or service; and (iii) market to our mailing list.
4. Our Cookie Policy

Cookies are small pieces of text used to store information on web browsers. Cookies are used to store and receive identifiers and other information on computers, phones, and other devices. Other technologies, including data we store on your web browser or device, identifiers associated with your device, and other software, are used for similar purposes. In this Privacy Policy, we refer to all of these technologies as “Cookies.”

We use Cookies on our Website to compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future, and allow trusted third-party services that track this information on our behalf.  You can set your browser to refuse all or some browser Cookies, but it may affect User experience. We honor Do Not Track signals and, if one is in place, we will not track, plant cookies, or use advertising.

We allow third party behavioral tracking and links to third-party web pages.  Occasionally, at our discretion, we may include or offer third-party products or services on our Website.  These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. If you have any feedback you'd like to share, please email us on hell@retentional.net.

5. How do we protect information we collect?

Our Platform receive regular security scans and monitoring using third party services. In addition, our Website uses an SSL certificate as an added security measure. We require username and passwords for our employees who can access the Personal Information of Users that we store and/or process on our servers, we've also added multi-factor authentication as an additional security measure.

Further to this, we actively prevent third parties from getting access to the Personal Information of Users that we store and/or process on our servers.  We will implement reasonable security measures every time you (a) enter or submit your information, and (b) access our Website. We transmit, transfer, and store your data in an encrypted format in secure servers behind firewall. Access to your Personal Information is restricted to our employees who have a legitimate business reason to access such Personal Information. We use a User Name and Password for those who do have to access such Personal Information.

6. Data Security Measures

Security Measures: We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls.  Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Platform. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Website. We do not collect any information that we do not need in the provision of our services to you.

Fair Information Practice Principles:  In the event of a personal data breach, we will notify the User within 72 hours of becoming aware of the breach via (i) email and/or (ii) on our Website.  We agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

Location of the Data Subject: We use DigitalOcean which has facilities in the EU. We will comply with the new Standard Contractual Clauses (the “New SCCs”), adopted by the European Union, which replaced the old Standard Contractual Clauses (the “Old SCCs”) and became effective  on September 27, 2021 for European Union users, following the standard processes also adopted by DigitalOcean.

7. Disclosure of Personal Information
  • We do not sell, trade, rent, or otherwise transfer Personal Information to others, unless we provide you with advance notice.  This does not include our hosting partners and other parties who assist us in operating our Website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.
  • We may disclose aggregated, de-personalized information about our Users that does not identify any individual to other parties without restriction, such as for marketing, advertising, or other uses.
  • We disclose Personal Information to our subsidiaries and affiliates.
  • If we require all contractors, service providers, and other third parties to whom we disclose  Personal Information to be under contractual obligations to keep Personal Information confidential and to use it only for the purposes for which we disclose them.
  • Use any information obtained from the Services in order to harass, abuse, or harm another person.
  • We will disclose Personal Information in the event of a merger, sale of business, etc. to the successor in interest, who agrees to protect the privacy of such Personal Information.
  • We require all other third parties, to whom we disclose Personal Information, to be under contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to such third parties.
  • We disclose Personal Information to fulfill the purpose for which the User provided it.
  • We disclose Personal Information for any other purpose for which the User provided it.
  • We will only disclose Personal Information as described in this Privacy Policy or with the written consent of the User.
8. Other Disclosure of Personal Information
  • We will disclose Personal Information (i) to comply with any court order, law, or legal process, including to respond to any government or regulatory request, (ii) to enforce or apply our Terms of Service and other agreements, (iii) if we believe it is necessary or appropriate to protect the rights, property, or safety of EdCast, our customers or others, and/or (iv) if it is necessary or appropriate to protect the rights, property, or safety of EdCast, our customers, or others, and this includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
  • We may choose to work with Google AdWords, Doubleclick, AdRoll, or other advertising networks. Each of these companies has its own privacy policy, which we encourage you to review. For more information about advertising and tracking online, visit the Network Advertising Initiative.
9. Choices Users Have About How Retentional Uses and Discloses Information

Tracking Technologies and Advertising: Users can set their browser to refuse some or all the browser cookies, but if the Users disable or refuse cookies, some parts of our Website may not be accessible or function properly.

Disclosure of Users’ Information for Third-Party Advertising or Targeted Advertising: Users can opt-out by emailing us their opt-out request at hello@retentional.net.  Users receiving promotional email can opt-out by sending a return email requesting to be omitted from future promotional email distributions. This opt-out will not apply to information provided by EdCast for product purchases, warranty registration, or other transactions.

10. Children’ Online Privacy Protection Act (OPPA) (For Children Under 13 Users Only)

The Children’s Online Privacy Protection Act (“COPPA”) is a federal legislation that applies to entities that collect and store “Personal Information,” as the term is defined under COPPA, from children under the age of 13. We are committed to ensure compliance with COPPA.

Our Website is not meant for use by children under the age of 13. Our Website does not target children under the age of 13, but we do not age-screen or otherwise prevent the collection, use, and personal disclosure of persons identified as under 13. If you would like to know more about our practices and specifically our practices in relation to COPPA compliance, please email us at hello@retentional.net.

IF YOU ARE UNDER 13, PLEASE DO NOT ACCESS OR USE OUR WEBSITE. WE WILL DE-REGISTER YOU WHEN WE FIND OUT THAT YOU HAVE REGISTERED AND ARE UNDER THE AGE OF 13.

11. Your California Privacy Rights

Retentional does not sell, trade, or otherwise transfer to third parties your Personal Information as the term is defined under the California Civil Code Section §1798.82(h) (“CCPA,” as amended by the California Privacy Rights Act “CPRA” and, with CCPA, collectively the “CCPA”)).  Additionally, the CCPA permits Users of our Website, who  are California residents to request certain information regarding our disclosure of their Personal Information to third parties for their direct marketing purposes. To make a request for such disclosure, or identification and/or deletion of Personal Information in all our systems that we store on you, please send an email to hello@retentional.net . Note that (i) if we delete your Personal Information as requested, we will no longer be able to provide you access to Our Platform and our Services to you and (ii) we may need to keep such Personal Information for a while during the shutting down and billing process. If you would like to discuss our Personal Information storage and processing process with us, please send an email to hello@retentional.net see below for other privacy rights for California residents under the California Consumer Privacy Act.

12. General Data Protection Regulation and SCCs

12.1. For European Visitors, Consumers, and Customers:

  • If you are a resident of or a visitor to Europe, you have certain rights with respect to the processing of your Personal Data, as defined in the General Data Protection Regulation (“GDPR”).
  • Please note that in some circumstances, we may ask you to provide us with additional information in connection with your request, which may be Personal Data, for example, if we need to verify your identity or the nature of your request.
  • In such situations, however, we will still respond to let you know of our decision.
  • As used herein, “Personal Data” means any information that identifies you as an individual, such as name, address, email address, IP address, phone number, business address, business title, business email address, company, etc.

12.2. EU Standard Contractual Clauses:  

On June 4, 2021, the EU promulgated a new set of SCCs (the “New SCCs”), which replaced the old SCCs which had been in place for over a decade. We now comply with the New SCCs with respect to the transfer of Personal Data from the EU to the US and other countries for Processing, as defined in the GDPR. If there is any conflict between the terms and conditions in this Privacy Policy and your rights under the New SCCs, the terms and conditions in the new SCCs will govern.

12.3. The New SCCs:

  • The New SCCs took effect on June 27, 2021.
  • The Old SCCs may still be used for new data transfers in new contracts during a three-month transition period that ends on September 27, 2021.
  • Existing data transfers contracts that rely on the Old SCCs can be used until December 27, 2022, by which time all data transfers relying on the Old SCCs must be transitioned to the New SCCs.
  • As of now, we and our customers are using the New SCCs to transport Personal Data from the EU to other countries including the US for processing by us.
  • You are the Controller, as defined in the GDPR, and the Exporter, as defined in the New SCCs, of the Personal Data and we are a processor, as defined in the GDPR, and the Importer of such Personal Data.
  • In such situations, however, we will still respond to let you know of our decision.
  • You agree to comply with the GDPR rules that apply to Controllers and the New SCCs rules that apply to Data Exporters. We agree to comply with the GDPR rules that apply to Processors and the New SCCs rules that apply to Data Importers.

12.4. Our GDPR Compliance Commitment:

  • We agree to fully comply with the letter and the spirit of the GDPR and the New SCCs with respect to the transfer or your Personal Data for Processing outside the EU.
  • As a Data Importer, a User may contact us with respect to the Personal Data we store and process on you.
  • We hereby notify you that we will be processing, as defined in the GDPR, the Personal Data of your Authorized Users (i.e., those individuals whom you have authorized to access our Platform and to use our Services) in the US for us to be able to provide the Services to you that we have agreed to do in our definitive service agreement between you and us.
  • Upon request, we will provide you with a list of your Personal Data that we will process.
  • We hereby warrant that, at the time of agreeing to the SCCs for the transport of your Personal Data, we have no reason to believe that the laws and practices applicable to us as a data processor and a data importer, including those of the US , are not in line with the requirements of the New SCCs.
  • If we cannot satisfy any request or dispute to your satisfaction, we will agree to arbitrate or litigate the dispute in the UK jurisdiction of London.
  • We will only transfer your Personal Data to a third country in accordance with documented instructions from you.
  • Your Personal Data will be transferred and stored in an encryption format.
  • Only our employees, who have a need to access your Personal Data to enable us to meet our contractual and legal obligations to you, will be given access to your Personal Data.
  • Such employees will be given a User Name and Password to access your Personal Data.
  • We will retain your Personal Data for as long as we need it to fulfill our obligation to you or as required by applicable law.
  • We will delete y our Personal Data if we no longer need it or as required by applicable law.  
  • You may ask to delete your Personal Data at any time and we will do.  
  • We will keep a record of all persons who have accessed your Personal Data.

12.5. Rights of the Data Subjects.:  
To make any request of us with respect to this Privacy Policy, our Terms of Use, and/or Personal Data, please contact us (i) via email at hello@retentional.net

  • Access:  You can request at any time information about the Personal Data we hold about you.
  • Copy of Personal Data: You can at any time request a list of the categories of Personal Data we maintain or a copy of the Personal Data.
  • Rectification: If you believe that any Personal Data that we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
  • Direct Correction: You can also correct some of the Personal Data directly by logging into your service account. Please contact us as soon as possible upon noticing any such inaccuracy or incompleteness.
  • Objection: You can contact us to let us know that you object to the collection or use of your Personal Data for certain or any purposes.
  • Erasure:  You can request that we erase some or all of your Personal Data from our systems.
  • Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
  • Portability: You have the right to ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another entity where technically feasible.
  • Withdrawal of Consent.: If we process your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, it may limit your ability to use some/ all of our Services and you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services.
  • Right to File Complaint:  You have the right to lodge a complaint about our practices with respect to your Personal Data with the supervisory authority of your country or EU Member State. Please go to https://ec.europa.eu/justice/article-29/structure/data-protection- authorities/index_en.htm to locate your Data Protection Authority.
13. Can-Spam Act Of 2003

The CAN-SPAM Act establishes requirements for commercial messages, gives recipients the right to have businesses stop emailing them, and spells out penalties for violations.  Per the CAN-SPAM Act, we will:

  • not use false or misleading subjects or email addresses;
  • identify the email message as an advertisement in some reasonable way;
  • Rectification: If you believe that any Personal Data that we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data.
  • monitor third-party email marketing services for compliance, if one is used;
  • honor opt-out/unsubscribe requests quickly; and
  • give an “opt-out” or “unsubscribe” option.

If you wish to opt out of email marketing, follow the instructions at the bottom of each email or contact us at hello@retentional.net and we will promptly remove you from all future marketing correspondences.

14. Territorial Restriction

Our Website is available for use and access worldwide.  Please ensure compliance with all applicable local, state, and country laws prior to using our Website, in addition to the terms of this Privacy Policy.

If you have any questions regarding this Section, please email us at hello@retentional.net.

15. Modifications To Our Privacy Policy

Retentional reserves the right, at its sole discretion, to change or modify this Privacy Policy at any time. In the event we modify this Privacy Policy, such modifications shall be binding on you only upon your acceptance of the modified Privacy Policy. We will inform you about the modifications on our Privacy Policy page via email, on our Website by posting a modified version of the Privacy Policy page, or by a comparable means within a reasonable time period.  Your continued use of our Website shall constitute your consent to such changes.

16. DISCLAIMER

tHE SERVICES ARE PROVIDED ON AN AS-IS AND AS-AVAILABLE BASIS. YOU AGREE THAT YOUR USE OF THE SERVICES WILL BE AT YOUR SOLE RISK. TO THE FULLEST EXTENT PERMITTED BY LAW, WE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, IN CONNECTION WITH THE SERVICES AND YOUR USE THEREOF, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. WE MAKE NO WARRANTIES OR REPRESENTATIONS ABOUT THE ACCURACY OR COMPLETENESS OF THE SERVICES' CONTENT OR THE CONTENT OF ANY WEBSITES OR MOBILE APPLICATIONS LINKED TO THE SERVICES AND WE WILL ASSUME NO LIABILITY OR RESPONSIBILITY FOR ANY (1) ERRORS, MISTAKES, OR INACCURACIES OF CONTENT AND MATERIALS, (2) PERSONAL INJURY OR PROPERTY DAMAGE, OF ANY NATURE WHATSOEVER, RESULTING FROM YOUR ACCESS TO AND USE OF THE SERVICES, (3) ANY UNAUTHORISED ACCESS TO OR USE OF OUR SECURE SERVERS AND/OR ANY AND ALL PERSONAL INFORMATION AND/OR FINANCIAL INFORMATION STORED THEREIN, (4) ANY INTERRUPTION OR CESSATION OF TRANSMISSION TO OR FROM THE SERVICES, (5) ANY BUGS, VIRUSES, TROJAN HORSES, OR THE LIKE WHICH MAY BE TRANSMITTED TO OR THROUGH THE SERVICES BY ANY THIRD PARTY, AND/OR (6) ANY ERRORS OR OMISSIONS IN ANY CONTENT AND MATERIALS OR FOR ANY LOSS OR DAMAGE OF ANY KIND INCURRED AS A RESULT OF THE USE OF ANY CONTENT POSTED, TRANSMITTED, OR OTHERWISE MADE AVAILABLE VIA THE SERVICES. WE DO NOT WARRANT, ENDORSE, GUARANTEE, OR ASSUME RESPONSIBILITY FOR ANY PRODUCT OR SERVICE ADVERTISED OR OFFERED BY A THIRD PARTY THROUGH THE SERVICES, ANY HYPERLINKED WEBSITE, OR ANY WEBSITE OR MOBILE APPLICATION FEATURED IN ANY BANNER OR OTHER ADVERTISING, AND WE WILL NOT BE A PARTY TO OR IN ANY WAY BE RESPONSIBLE FOR MONITORING ANY TRANSACTION BETWEEN YOU AND ANY THIRD-PARTY PROVIDERS OF PRODUCTS OR SERVICES. AS WITH THE PURCHASE OF A PRODUCT OR SERVICE THROUGH ANY MEDIUM OR IN ANY ENVIRONMENT, YOU SHOULD USE YOUR BEST JUDGEMENT AND EXERCISE CAUTION WHERE APPROPRIATE.

17. LIMITATIONS OF LIABILITY

IN NO EVENT WILL WE OR OUR DIRECTORS, EMPLOYEES, OR AGENTS BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY DIRECT, INDIRECT, CONSEQUENTIAL, EXEMPLARY, INCIDENTAL, SPECIAL, OR PUNITIVE DAMAGES, INCLUDING LOST PROFIT, LOST REVENUE, LOSS OF DATA, OR OTHER DAMAGES ARISING FROM YOUR USE OF THE SERVICES, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. NOTWITHSTANDING ANYTHING TO THE CONTRARY CONTAINED HEREIN, OUR LIABILITY TO YOU FOR ANY CAUSE WHATSOEVER AND REGARDLESS OF THE FORM OF THE ACTION, WILL AT ALL TIMES BE LIMITED TO THE AMOUNT PAID, IF ANY, BY YOU TO US DURING THE SIX (6) MONTH PERIOD PRIOR TO ANY CAUSE OF ACTION ARISING. CERTAIN U.S. STATE LAWS AND INTERNATIONAL LAWS DO NOT ALLOW LIMITATIONS ON IMPLIED WARRANTIES OR THE EXCLUSION OR LIMITATION OF CERTAIN DAMAGES. IF THESE LAWS APPLY TO YOU, SOME OR ALL OF THE ABOVE DISCLAIMERS OR LIMITATIONS MAY NOT APPLY TO YOU, AND YOU MAY HAVE ADDITIONAL RIGHTS.

18. USER DATA

We will maintain certain data that you transmit to the Services for the purpose of managing the performance of the Services, as well as data relating to your use of the Services. Although we perform regular routine backups of data, you are solely responsible for all data that you transmit or that relates to any activity you have undertaken using the Services. You agree that we shall have no liability to you for any loss or corruption of any such data, and you hereby waive any right of action against us arising from any such loss or corruption of such data.

20. Third-Party Service Providers

Retentional uses the following third party services/subprocessors, as defined in the GDPR, for provision of services as detailed in our Terms of Services.

‍PostHog (US)
Sentry (US)
Resend (US)

21. CONTACT US

In order to resolve a complaint regarding the Services or to receive further information regarding use of the Services, please contact us at:
hello@retentional.net