Uppler privacy policy

Privacy statement

The Uppler Privacy Policy (the “Privacy Policy”) relates to, and, to the extent necessary, supplements the Uppler Terms of Use. Unless otherwise provided herein, all terms starting with a capital letter shall have the meaning ascribed to them in such Terms of Use.

1. Definition and nature of Personal Data

During the use of the Uppler services (the “Services”) subscribed via the website https://uppler.com (hereinafter referred to as the “Site”), Uppler, Inc., a Delaware corporation, located at 535 Hudson St, New York, NY 10014 and its subsidiaries, in particular UPL France, a French Entreprise Unipersonnelle à Responsabilité Limitée (EURL) whose registered office is at3 Place Simone veil 54000 Nancy (France), registered with the Nancy Registre du Commerce et des Sociétés under No. 807 437 595 (“We”, “Us”, “Our” or “Uppler”) may require from Your organization which subscribed to the Services (“You”, “Your” or the “Subscriber”) to provide Us with Personal Data to access and use the Services, or You may need or happen to provide Us with Personal Data for the same purposes. For the purpose of this Privacy Policy, the term “Personal Data” means any data or information that enables the identification of an individual (whether directly or indirectly), such as their family name, first name, photograph, post address, email address, telephone number, data relating to their transactions with You, detail of their orders and subscriptions placed with You, IP address, voice, as well as any other information about them that You provide Us with. It also relates to any personal information of Your employees, agents or representatives provided to Us for the purpose of using the Services.

Our Services, this Site and other websites and apps are intended for businesses and their employees and other representatives, and not for personal, family or household use. Accordingly, we treat all Personal Data covered by this Privacy Policy -- including information about users of our websites and apps -- as pertaining to individuals acting as employees or other representatives of businesses, rather than to individuals acting in their personal capacity.

2. Purpose of this Privacy Policy

This Privacy Policy applies to any individual accessing and using the Services directly or indirectly, whether You make or receive a call. By using the Services, You, Your employees, agents and representatives shall be deemed to agree to, and be obligated to comply with, the terms of this Privacy Policy. We may amend the terms of this Privacy Policy from time to time and shall give You notice thereof by email or via a pop-up on the Site. If You do not agree with the amended version of the Privacy Policy, You should stop using the Services as any use of the Services following such notice constitutes Your acceptance of the new Privacy Policy. All amended terms automatically become effective on the sooner of: a) the day You use the Services; or b) ten (10) days after the new Privacy Policy is posted on the Site, provided that You did not inform Uppler of Your refusal of the new version of it, which would amount to a termination notice of the Services with immediate effect, with all due consequences as provided in the Terms of Use. Should We add new consent-based processing of Personal Data, We shall ensure to obtain Your consent therefor prior to processing such Personal Data (e.g. via a box to tick). You shall remain at all times responsible for complying with all laws and regulations, in particular those regarding Personal Data, and personally liable for any breach thereof. We may indeed process Personal Data We collect for the limited purposes described in this Privacy Policy, and thereby act as Data Controller for those limited purposes only. However, and outside of the scope of these limited instances, You shall be considered the Data Controller, and we shall act solely as a Data Processor, as regards the processing of Your information for the purpose of providing the Services. In that capacity and within the scope of the Services, You are exclusively responsible in particular for:

  • making any declarations necessary to the relevant data protection authority;
  • complying with its obligations as Data Controller under all applicable laws and regulations informing you about their Data Processing practices and, if required, obtaining your explicit consent when collecting your Personal Data;
  • ensuring they have the authority to use any Personal Data collected in accordance with the defined purposes and refraining from any unauthorized use.

3. Purposes

The table below indicates the different purposes Personal Data may be processed for, as well as their different categories, the legal basis the processing is based on, their recipients* and applicable retention period.

You may contact Us to obtain the list of Our sub-processors.

We will inform You, upon request, whether it is compulsory or optional to provide certain Personal Data. Failure to comply with a compulsory request for Personal Data shall result in Your access to the Services being denied or suspended, it being understood however that it shall not affect any of Your financial obligations towards Uppler.

4. Recipients of the collected Personal Data

Only Our personnel, the services in charge of control (especially: external auditor) and Our recipient subcontractors listed in the above table may have access to any Personal Data. Personal Data may also be disclosed in response to lawful requests made by government agencies or public authorities, including public officers or debt collection organizations, to meet national security, law enforcement or any other legal requirements. In any event, Uppler shall remain liable in cases of onward transfers to third parties. Depending on where You are located, we might have to enforce local regulations and requirements where the use of a local phone number requires to keep user details (in particular, first/last name and address) in the event we should receive an official request from a competent local authority.

5. Transfer / sale of personal databases

We shall not, without Your agreement, sell or let Personal Data to third parties. We shall only transfer Personal Data to another location, whether physical or numerical, if we deem it necessary to provide the Services, or if You specifically agree with it.

6. Retention of Personal Data

6.1 General provisions

Where Uppler is the Data Controller of Personal Data (for example, Personal Data relating to the Site visitors, or individuals who register to use our Services), then we retain the Personal Data we collect where we have an ongoing legitimate business need to do so (for example, to provide them with our Services, to enable their participation in an event, and to comply with applicable legal, tax or accounting requirements). When we have no ongoing legitimate business need to process Personal Data, we will either delete or aggregate it or, if this is not possible (for example, because Personal Data has been stored in backup archives), then we will securely store it and isolate it from any further processing until deletion is possible. If Personal Data is processed for, on behalf of, or for the purpose of the Services taken out by, any Subscriber, we will process Personal Data for as long as we are instructed to do so by the relevant Subscriber that is the Data Controller of such Personal Data. Personal Data shall be stored for the duration of Your use of the Services as well as for the different renewal periods, and for the purposes listed above. We may retain Personal Data to comply with Our legal or regulatory obligations. In any case, upon ceasing or lifting of such obligations, Personal Data shall be removed from our systems and records, as well as that of our subcontractors, if any, or otherwise archived or anonymized so that they can no longer be identified.

6.2 Provisions specific to credit / debit card and bank account details

We do not store any bank information or credit details on Our servers, provided that they are handled by a trusted third party independent and different from Uppler.

6.3 Notice to end-users

Our Services are intended for use by enterprises. Where our Services are made available to you through a Subscriber of ours, that enterprise is the Data Controller of your personal information. Your data privacy questions and request should initially be submitted to said Subscriber in its capacity as your Data Controller. Uppler is not responsible for our Subscribers’ privacy or security practices which may be different than this Privacy Policy.

Uppler’s Subscribers are able to:

  • restrict, suspend or terminate your access to the Services;
  • access and describe your personal information that you provided to them;
  • access and export your personal information processed by them; and
  • amend your personal information, including your end-user profile.

7. Personal Data Transfer outside of the European Union

Personal Data may be transferred, accessed to and stored in a country located outside the European Economic Area, Switzerland or the United Kingdom (collectively, “Europe”). Personal Data can also be processed by individuals working outside Europe who work for Us or for one of Our trusted service providers, such as Our hosting providers (Amazon). In any case, we have implemented measures designed to transfer Personal Data in a secure manner and in compliance with the applicable regulations. As some countries may not have laws governing the use and transfer of Personal Data, we require third parties to comply with the terms and conditions set out in this Privacy Policy. These measures may include controlling the standards applied by such third parties with respect to Personal Data protection and security, and/or the execution of appropriate agreements to deal with such transfers (e.g. the standard contractual clauses adopted by the Commission of the European Union).

Whenever we transfer personal information out of Europe to countries not deemed by the European Commission to provide an adequate level of personal information protection, we will transfer the information as permitted by applicable European requirements, such as pursuant to the standard contractual clauses or as necessary to fulfil our contractual obligations to You.

Uppler commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities.

8. Security

We undertake to implement precautions, as well as organizational and technical measures, designed to maintain the security, integrity and confidentiality of Personal Data, and in particular to help prevent them from being modified or damaged and stop any unauthorized third party from accessing them. In particular, our employees’ accounts are secured by strong passwords, and they are all bound by confidentiality obligations. However, You agree that no data transmission over the Internet, or information storage technology, can be guaranteed to be 100% secure.

9. Cookies

Cookies are alphanumeric identifiers / trackers that are transferred to the device You use to access the Services via Your browser. We may implement two types of cookies: technical cookies and advertising cookies. We use technical cookies to facilitate Your browsing experience (such as session cookies so that You do not have to retype Your login and password when You connect to Your account for example). They simplify Your visit and enhance Your experience of the Services. You can refuse the installation of technical cookies in Your browser settings. However, You acknowledge that this refusal could prevent You from using the Services.

In addition, we also implement advertising cookies which result in the display of targeted advertising on websites that matches Your previous/current browsing activity on the Site. Advertising cookies enable the use of the retargeting technique which is a marketing model purporting to propose tailored advertisements to the end user. As You browse on the Site, advertising cookies will be placed in Your computer so that we can understand what You are interested in. Our display advertising partners enable Us to present You with retargeting advertising on other websites based on Your previous interaction with the Site. The techniques Our partners do not collect personal information such as Your name, email address, post address or telephone number but only Your IP address.

The cookies used by the Site are the following:


10. Third parties links on the Site

Our Site and Services may include links to and from the websites of Our partners, advertisers and affiliates. If You follow a link to any of these websites, please note that these companies have their own privacy policies and that Uppler is not responsible or liable for any use of Personal Data by such third parties. We recommend that You check their policies before You visit these websites.

11. Your rights and choices

Your rights and choices When You choose to provide Personal Data, You expressly consent to the collection and use thereof, in accordance with the provisions of this Privacy Policy and applicable laws and regulations. Any data subject shall have the following rights:

  • To access and obtain a copy of Personal Data that we process;
  • To rectify the Personal Data if inaccurate or outdated and/or supplement them if incomplete;
  • To object to the processing of Personal Data that is based on legitimate interests;
  • To erase Personal Data and to be forgotten;
  • To withdraw their consent, at any time, to any processing of their Personal Data that is solely based on their consent (for they may object to receiving Our marketing emails at any time by clicking on the "unsubscribe" link in any email or communication we send them);
  • To file a complaint before a supervisory data protection authority;
  • To portability: they have the right to move, copy or transmit Personal Data relating to them;
  • To restrict or limit the processing of Personal Data;
  • To set guidelines to organize the use of Personal Data after their death.

To exercise any of the above rights of if You have questions regarding this Privacy Policy or about the security measures we implement, please contact Us by email at contact@uppler.com

In the event of any dispute, claim, question or disagreement arising from or relating to this Privacy Policy or breach thereof (the "Dispute"), and without prejudice to the claimant’s right to seize the CNIL, the French data protection authority (https://www.cnil.fr/en/home), in accordance with the provisions of the EU General Data Protection Regulation (GDPR), the claimant should first seek an amicable resolution thereof by contacting Uppler in writing, stating its grounds and providing any supporting evidence.