Last Revised: June 2020
We Act as a Service Provider. We act as a service provider to organizations (“Clients”) who want to engage with individual consumers and audiences (“Consumers” or “Audiences”) through the Service. In providing the Service on behalf of our Clients, we collect and obtain information about Consumers to, among other services, deliver commercial text messages to Consumers’ mobile phones.
Information We Collect
Circle collects information from and about users of our Service in a variety of ways. This information includes:
Information You Provide. We collect information you provide when you use the Service or otherwise communicate with us. If you are a Client, we will collect the information you provide when you register for and use the Service. If you are a Consumer, the information you provide can include: (i) information you provide via the Service, such as your name, email address, phone number, and any required consents; (ii) your messaging history and any information included in your messages with Clients via the Service; and (iii) information you provide our customer support team.
Client Submitted Information about Consumers. Clients may provide us with information about their Consumers through the Service or offline for inclusion in the Service. Such information may include name, email address, and telephone number. Our Clients are responsible for providing notice and obtaining appropriate consents necessary for us to process this information.
Device and Usage Information. We automatically receive standard technical, information when you interact with our Service including browser and device information such as unique device identifiers, internet protocol (IP) addresses (which may identify your general geographic location), browser types, and the date and time. We also receive information about your interactions with our Service and webpages of our Clients that have incorporated features from our Service, such as which pages you visited and how much time was spent on the page.
We may collect this information using cookies or similar technologies. Cookies are pieces of information that are stored by your browser on the hard drive or memory of your device. Cookies enable us to personalize your experience on the Service (e.g. send you personalized text messages such as shopping cart reminders), maintain a persistent session, passively collect demographic information, and monitor advertisements and other activities. Our Service may use different kinds of cookies and other types of local storage (such as browser-based or plugin-based local storage).
From other Sources. We may receive information about you from third-party sources other than our Clients such as advertisers, partners, and other third parties we work with. We may combine this information with other information we received about you through the Service.
How We Use Your Information
We use information in a variety of ways to provide our Service and to operate our business, including the following:
Service Related Usage. We use the information we collect about and from you for a number of purposes, including: providing, supporting, and improving the Services, analyzing how you use the Service, and better tailoring content, advertisements, and features.
Communications. We use your information to communicate with you. For example, we may send email to the email address you provide to us, push notifications to your mobile device if they are enabled, or text messages, to verify your account and for informational and operational purposes, such as account management, customer service, system maintenance, and other Service-related purposes.
Improve our Services. We use the information that we collect (i) to understand and analyze usage trends and preferences; (ii) to monitor and analyze the effectiveness of our Service; and (iii) to improve our Service and develop new products, services, features, and functionality.
Marketing. We may use information we collect for marketing purposes, such as providing you with promotional materials that may be useful, relevant, valuable or otherwise of interest to you. Where required under applicable law, we’ll obtain your prior opt-in consent to send you electronic marketing communications.
How We Share Your Information
We may share, transfer, or disclose your information, if you consent to us doing so, as well as in the following circumstances:
Clients. If you are a Consumer, we may share information about you with a Client that you interact with, such as your messaging history with that Client.
Service Providers. We share information with third parties who provide services to us, such as analytics, web site management, information technology, and other similar service providers.
Corporate Transactions. We reserve the right to transfer your information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets.
Aggregate, De-Identified Information. We may use your data to create aggregate or statistical information that does not directly identify a specific person, and we may share that information. For example, we may share anonymous and aggregated reports and information on user demographics and traffic patterns with third parties.
Payment Information. When you make payments through the Service, you may need to provide financial account information, such as your credit card number, to our third-party service providers. We do not collect or store such information, though we may receive information about completed transactions that does not include credit card account numbers.
We do not knowingly collect, maintain, or use personal information from children under 13 years of age, and no part of the Service is directed to children under the age of 13. If you learn that your child has provided us with personal information without your consent, you may alert us at the contact information listed below. If we learn that we have collected any personal information from children under 13, we will promptly take steps to delete such information and terminate the child’s account.
You can opt-out of receiving further promotional emails from us by following the unsubscribe instructions provided in the promotional email you receive or by contacting us directly at the email address listed below.
You can opt-out of receiving further commercial text messages from us by responding to a Circle generated text message with STOP, UNSUBSCRIBE, CANCEL, or QUIT.
Participating carriers include: AT&T, Boost Mobile, T-Mobile, Metro PCS, Verizon Wireless, Sprint, U.S. Cellular, Nextel & Virgin Mobile. Carriers are not liable for delayed or undelivered messages. T-Mobile is not liable for delayed or undelivered messages.
Your Rights Under the California Consumer Privacy Act of 2018 (CCPA)
Under the California Consumer Privacy Act of 2018 (CCPA), if you are a California resident, you have the following rights: 1) Right to request disclosure of our data collection and sales practices, 2) Right to request a copy of personal information we’ve collected about you during the 12 months prior to your request, 3) Right to request that your personal information be deleted, 4) Right to request that your personal information not be sold to third parties, and 5) Right not to be discriminated against because you exercise any of the above rights.
You may only make a personal information request under the CCPA twice in a 12-month period. If you make such a request, we will need to collect information from you so that we can verify your identity. We will respond within 45 days of receiving your personal information request.
Circle does not sell Personal Information to third parties (pursuant to the CCPA).
Data Retention and Destruction
All employees, clients, vendors and contractors have a personal responsibility to keep information secure and confidential. This policy aims to prevent unauthorized disclosure of information assets by the controlled disposal and destruction of media storing confidential data.
All customer data should be disposed of when it is no longer necessary for business use, provided that the disposal does not conflict with our customers’ data retention policies, a court order, or any of our regulatory obligations such as FTC, FCC, and TCPA guidelines and laws, which require a minimum of four (4) years records kept documenting consent.
Daily backups of data persist for 30 days, unless otherwise requested.
- All employees, clients, vendors and contractors are instructed to not use the following media to store confidential information.
- paper-based media
- USB Drives or External Backup programs
- All cloud based (AWS) storage media being decommissioned should be sanitized when it is no longer necessary, provided that there is a backup of customer data on production systems to comply with our customers data retention and contractual obligations. AWS follows the techniques detailed in Department of Defense (DoD) 5220.22-M (“National Industrial Security Program Operating Manual”) or NIST SP 800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the decommissioning process.” P.39 AWS Security Best Practices White paper