Privacy Policy

Privacy Policy

This Privacy Policy applies to the 15Five Materials, regardless of how the Services are accessed (e.g. browser or mobile app). 

Effective Date: February 24, 2023

Introduction.

This Privacy Policy describes how Personal Information is collected, protected, used, and shared in order to provide the 15Five services and Subscriptions (the “Services”).  15Five, Inc. (“15Five”) owns the 15Five Materials and distributes and licenses the Services, which are designed to provide a richly integrated, evidence-based approach to employee engagement and performance management. When we collect Personal Information we may be regulated by various Data Protection Laws in the United States and by the General Data Protection Regulation (“GDPR”) which applies to the European Union (as amended by the UK).   

Use of the Services are subject to this Privacy Policy (“Privacy Policy”), the End-User Terms of  Use (“Terms”) for the Services and any applicable written agreement executed by 15Five and an Employer (the “MSA”).

Some Services may reference or link to third-party sites or services that we do not own, control, or have any affiliation with (“Third-Party Sites”). Use of Third-Party Sites are subject to different terms and privacy policies, even if these Services link to them and we are not responsible for those websites’ or services’ content or information practices.

Definitions.

For purposes of this Privacy Policy:

  • “15Five”, “Us”, “We” means 15Five, Inc.
  • “15Five Materials” means the 15Five website (including all subdomains), 15Five mobile application(s), or any other websites, applications, or online services that link to this Privacy Policy.
  • “Customer” means a purchaser of the Services, including any institution, business, company or organization that adopts or uses the Services for its personal, internal, business needs.
  • “End-User Terms of Use” or “Terms” means the End-User License Agreement for the Services, available at: https://www.15five.com/terms/
  • “Master Service Agreement” or “MSA” means the written agreement executed by 15Five and an Customer for the Services, including all addenda, exhibits, amendments, and materials referred or linked to herein, including Subscription Order Form (Addendum 1), Transform Addendum (Addendum 2 – as applicable), and Data Processing Addendum (Addendum 3 – as applicable), and Addendum 4 – Consulting Services Addendum.
  • “Personal Information” means any information relating to an identified or identifiable individual where such information is protected similarly as personal information or personally identifiable information under applicable Data Protection Laws.
  • “Services” means the subscriptions purchased by Customer and set forth in the Subscription Order Form (if applicable) or the subscriptions purchased directly via the website.
  • “User” means an end-user of the Services.
  • “You”, “Your” refers to Customer and/or User, as context may require.
  • Any capitalized terms used in this Privacy Policy and not defined herein, shall bear the meaning defined in the MSA.

Authorization.

Authorization is given to 15Five and its processors to collect, process and otherwise handle Personal Information (listed below) under this Privacy Policy and the Terms when a Customer purchases the Services, as well as when an User establishes an end-user account and registers to use the Services. If you do not provide us with the Personal Information we ask for, it may delay or prevent us from providing the Services to you.

Personal Information We Collect About You.

Data is collected and processed in order to provide the contracted Services, to analyze and improve our Services, and to communicate with you. In the preceding 12 months, this data may include the Personal Information listed below:

Categories of Personal Information (as described by CCPA)

Specific Types of Personal Information Actually Collected

  • Email address
  • Hashed (unreadable & irreversible) password, unless your organization is using SSO (e.g. Okta, OneLogin, Google SSO)
  • First and last name
  • Job Title
  • Location (manually entered field on profile form)
  • Your image or avatar
  • Employee ID
  • Employer
  • IP Address
  • Operating system
  • Browser or mobile app version
  • A unique identifier for your phone (if you use our mobile apps)

Identifiers (e.g., a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers)

For Users and point of contact(s) for Customer: First and last name, alias, postal address, unique personal identifier, online identifier, IP address, email address, account name

Information that identifies, relates to, describes, or is capable of being associated with, a particular individual (e.g. his or her name, signature, social security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.)

For Users and point of contact(s) for Customer: First and last name, address, telephone number, employment.

Note: 15Five uses Zuora, Inc. as our payment processing vendor. We do not request or store any Customer (or Customer’s POC) financial information, such as your bank routing or account numbers, or your debit or credit card account numbers.

Characteristics of protected classifications under California or federal law.

Yes; demographic information (if turned on by employer)

Commercial information (e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies)

For Customers: we collect records of products or services purchased, obtained, or considered from 15Five.

For Individual Users: None.

Internet or other electronic network activity information (e.g., browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement)

  • IP Address
  • Operating system
  • Browser or mobile app version
  • A unique identifier for your phone (if you use our mobile apps)
  • Timezone
  • Clickstream Data

Geolocation data

Yes.

Professional or employment-related information

  • Job Title
  • Employee ID
  • Employer
  • Career goals
  • Strengths
  • Aspirational Job title and description
  • Wins and challenges
  • Feedback your organizations asks for in 15Five
  • Interactions with your colleagues (High Fives, 1-on-1s, Comments, Likes, Follow-ups)

Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes

Yes.

  • behavioral analytics

Sensitive Personal Information

  • Demographic Information (e.g. a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership) if the toggle is turned on by the Customer/employer.

How your Personal Information is Collected.

We collect most of this Personal Information directly from Users when a Customer purchases the Services from 15Five’s website and/or when a Customer’s Users create their individual accounts. However, we may also collect information from:

  • From Customer, when Customer purchases the Services;
    • When a Customer purchases the Services online from 15Five’s website, 15Five will collect information needed to process the order, including order details, name, Customer name and address (if applicable),  information about the Customer, email address, IP address, phone number, billing addresses, credit/debit card information, and any instructions (“Customer Information”). Payment data submitted by the Customer will be disclosed to the Customer’s financial institution and 15Five’s payment processing vendor for the purpose of processing payment for the Services ordered.
  • From you directly, when you set up a User Account
    • Account Data is collected and processed to set up, maintain and enable a User account to use the Services. This data may be collected by the User or the Customer, in order to provide the Services. Account Data may include a User’s first and last name, email address, username, profile photo (optional) and password, as well as the Customer’s name, and the User’s role within the Customer. If you fail to provide the necessary Account Data, you will be unable to use the Services. You have a right to change your mind and stop us from using your Account Data. Should you choose to withdraw your consent to process the Account Data, any processing we did before your consent was withdrawn will still be lawful. Also, please note that if you withdraw your consent, you will be unable to continue use of the Services.
  • User’s Usage Data
    • User’s Usage Data means data collected, generated or processed through use of the Services in connection with HR evaluations and interaction with the Services by User. User’s Usage Data includes responses to questions and interactive exercises, evaluations, assessment responses, scores, and grades.
  • HRIS Integrations
    • HRIS Integrations between Customer’s HRIS System and 15Five Materials. This integration will only occur with Customer’s consent.
  • Blogs and Community Posts
    • If a User voluntarily engages in joining 15Five’s community, HR Superstars, or interacts on any of 15Five’s official social media outlets.
  • Cookies and Related Technologies
    • The Services use cookies and related technologies, which may include an anonymous unique identifier. Users have a variety of tools to control the use of cookies, pixels and similar technologies, including browser controls to block and delete them. Disabling or blocking these technologies, however, may prevent or impair required functionality and use of the Services. Please see 15Five’s “Cookie Policy” (https://www.15five.com/privacy/cookie-policy), if you would like to learn more about 15Five’s use of cookies and types of data we collect through cookies.
  • Application and System Logs
    • Application and system logs are critical to ensuring the delivery, availability and security of the Services. Log data related to User interaction with the Services may be automatically collected through the Services. This data may include browser type, type of computer/device and technical information about the User’s means of connection to the Services, such as operating system, internet service provider and IP address. This data is collected and used for support purposes and to monitor the health of the Services, identify problems or crashes, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale the computing resources for the Services.
  • Feedback, De-Identified and Aggregate Data
    • 15Five may provide Users with the opportunity to evaluate and provide feedback on the Services on a voluntary basis. 15Five may use and disclose such data in de-identified form, as well as other de-identified data and de-identified aggregate data collected and processed through the Services, to deliver, maintain, support, evaluate and improve the Services, conduct research, develop new products and services and for other purposes. De-identified data is not considered Personal Information under this Privacy Policy.
  • From publicly accessible sources;
  • Directly from a third-party;
  • From a third party with your consent (e.g. your bank);
  • Via our IT systems, including:
    • Automated monitoring of our websites and other technical systems, such as our computer networks and connections, communications systems (e.g. phones), email and instant messaging systems.
  • Web Analytics
    • The Services may use third party web trend analytical services, to collect visitor information, such as IP addresses, date and time information, browser types and version, referring pages, pages visited while accessing the website or Services,  browser plug-in types and versions, type of computer/device (and its unique device identifier), and technical information about the User’s means of connection to the Services, such as operating system, mobile network information and platform, full Uniform Resource Locator (URL), clickstream to, through and from the Website and/or Services (including date and time),  page response time, download errors, length of visit to certain pages, page interaction information (such as scrolling, clicks and mouse-overs), and methods used to browse away from the page, and internet service provider. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information.  This information is used to measure traffic and usage trends for the Services, understand the demographics of our users, the pages you visit, your use of third party applications, and other information that assists us in analyzing and improving the Services.
  • Mobile Devices.
    • If you access the Services with a mobile device, the Application and Systems logs collected may include unique identification numbers associated with your device or our mobile application (including, for example, a Unique Device Identifier (UDID), Unique ID for Advertisers (IDFA), Google Ad ID, or Windows Advertising ID), device type, model and manufacturer, and mobile device operating system brand and model.

Do Not Track

The Services do not currently respond to Do Not Track signals.

Why We Use Your Personal Information.

Under the Data Protection Laws, we can only use your Personal Information if we have a proper reason to do so. Below is a list of what we use your Personal Information for and our legal bases for the processing of your Personal Information:

  • With your consent; To provide the 15Five Materials and Services to you; and To comply with our contractual agreements with Customers;
    • 15Five uses the personal information, with your consent, to deliver the Services to you and fulfill its contractual obligations to the Customer. In delivering the Services, 15Five may provide and disclose User Personal Information to the Customer and as otherwise directed by the Customer or the User. Users and Customers may export evaluations, notes, and other performance data from the Services for the purpose of maintaining HR records.
  • To prevent and detect fraud against you or 15Five;
    • 15Five may use and disclose Personal Information of a User to the User’s employer (i.e. Customer), law enforcement and other regulatory officials for the purpose of investigating and addressing suspected illegal conduct, misappropriation of password access, misconduct or any other conduct prohibited by law, the Terms or a Customer’s applicable regulatory authority.
  • Conducting checks to identify our customers and verify their identity;
  • Other processing necessary to comply with professional, legal and regulatory obligations that apply to our business;
    • 15Five may use and disclose Personal Information, as requested or authorized by a Customer or by an applicable governmental agency or authority, for administrative, audit and evaluation purposes, such as compliance with applicable laws.
  • Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies;
  • Ensuring the confidentiality of commercially sensitive information;
  • Statistical analysis to help us manage our business;
  • Preventing unauthorized access and modifications to systems;
  • Updating and enhancing customer records;
  • Marketing our services and those of selected third parties (e.g. partners and co-sponsors to our webinars) with your consent to:
    • existing and former customers;
    • third parties who have previously expressed an interest in our services; and
    • third parties with whom we have had no previous dealings; and
  • External audits and quality checks; Operational reasons, such as improving efficiency, training and quality control;
    • 15Five may use your Personal Information to  protect the vital interests of a natural person, such as in the event of an emergency or administer our business (e.g. customer service, quality control); manage corporate transactions; and/or understand and improve our Services and customer relationships.

The above list does not apply to special category personal information, which we will only process with your explicit consent.

Promotional Communications.

15Five may use Personal Information of Users to market products and services of 15Five and affiliated 15Five companies to Users together with any updates to the Services, provided that (a) such use and marketing is consistent with applicable law and 15Five’s legal obligations; (b) such Personal Information excludes Payment Data User Content; (c)  the Users have opted in to receiving marketing; and (e) where required by applicable law, express or implied consent to marketing exists and has not been withdrawn. 15Five may provide such Personal Information to a third-party service provider on a restricted basis to provide such marketing solely on behalf of 15Five and affiliated 15Five companies, but not for marketing of any third-party products or services. 15Five does not permit third-party ad networks or similar services to access or collect Personal Information within the Services. Users may change their marketing preferences at any time by (i) contacting [email protected]; (ii) Using the “unsubscribe” link in emails; or changing your preferences within the Services. 15Five will not knowingly direct or send marketing communications to a User who has expressed a preference not to receive marketing. Additionally, and only with your prior consent, We may share your Customer Information for marketing purposes to our affiliated companies, and selected third-parties (e.g. partners and co-sponsors). Those uses will be subject to such third party’s privacy policies.

We may ask you to confirm or update your marketing preferences if you instruct us to provide further products and/or services in the future, or if there are changes in the law, regulation, or the structure of our business.

Transaction Communications and User Feedback.

15Five will only send transactional and operational emails permitted by applicable law to Users who have expressed a preference not to receive email. For transactional emails, we may keep your message, email address, and contact information to respond to your message and audit purposes.

Who We Share Your Personal Information With.

We routinely share personal information with:

  • Our affiliates, including companies within the 15Five’s group;
  • Service providers we use to help deliver the 15Five Materials to you, such as payment service providers, warehouses and delivery companies;
  • Other third parties we use to help us run our business, such as marketing agencies or website hosts;
  • Third parties approved by you, including HRIS systems you choose to integrate our Services with; social media sites you choose to link your account to; or third-party payment providers;
  • Credit reporting agencies (this is Customer information not a User’s information);
  • Our insurers and brokers;
  • Our bank[s];
  • our professional advisors (e.g. lawyers and auditors); and
  • analytics and search engine providers that assist us in the improvement and optimization of the Website and/or Services

We only allow our service providers to handle your Personal Information if we are satisfied they take appropriate measures to protect your Personal Information consistent with the terms of this Privacy Policy and applicable law. We also impose contractual obligations on service providers to ensure they can only use your Personal Information to provide services to us and to you.

We may further disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations (e.g. in response to a subpoena, court order or legal process, to the extent permitted or required by law); to protect the security and safety of the User and other persons, data, assets and systems, consistent with applicable law; to investigate or address actual or suspected fraud or other illegal activities by lawful request of public authorities and national security or law enforcement requirements, situations involving potential threats to the physical safety of any person, violations of the MSA or Terms, or as otherwise required by law. In such circumstances, you acknowledge 15Five may disclose such information to the extent necessary to comply with such legal requirement; or  in order to exercise 15Five’s legal rights, including enforcement of the Terms or MSA.

We may also need to share some Personal Information with other parties, such as potential buyers of some or all of our business or during a restructuring. We will typically anonymize information, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations. Additionally, we will use reasonable efforts to notify you before information about you is transferred and becomes subject to a different privacy policy.

Other than as listed in this Privacy Policy, we will not share your personal information with any other third party.

Personal Information We Disclosed for a Business Purpose.

In the preceding 12 months, we have disclosed for a business purpose to one or more third parties the following categories of personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household:

  • Identifiers (e.g., a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers);
  • Information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, address, telephone number, education, employment, employment history, bank account number, credit card number, debit card number;
  • Characteristics of protected classifications under California or federal law;
  • Internet or other electronic network activity information (e.g., browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement);
  • Geolocation data;
  • Professional or employment-related information; and
  • Inferences drawn from any of the information identified above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes; and
  • Sensitive information (i.e. demographic information if the toggle was turned on by the Customer).

Where Your Personal Information is Held.

Personal Information may be transmitted, stored, and processed in a country other than the one in which the User resides or the Customer is located. The authorization for 15Five to collect, process and otherwise handle Personal Information under this Privacy Policy includes authorization for the User’s Personal Information to be transferred and stored in countries outside of their residence, which may include the United States, the United Kingdom, or any country where the Customer may be located or the User may visit.

How Long Your Personal Information Will Be Kept.

We will keep your Personal Information while you have an account with us or while we are providing the Services to you. Thereafter, we will keep your personal information for as long as is necessary:

  • To respond to any questions, complaints or claims made by you or on your behalf;
  • To show that we treated you fairly; or
  • To keep records required by law.

We will not retain your Personal Information for longer than necessary for the purposes set out in this Privacy Policy. Different retention periods apply for different types of personal information. For more information about our retention schedules, please contact: [email protected].  When it is no longer necessary to retain your personal information, we will delete or anonymize it.

Transferring Your Personal Information Out of the EEA.

To deliver services to you, it is sometimes necessary for us to share your personal information outside the European Economic Area (EEA), e.g.:

  • With your and our service providers located outside the EEA;
  • With our sub-processors located outside the EEA; or
  • If you are based outside the EEA.

These transfers are subject to special rules under European and UK data protection law (see “Your Rights Under the GDPR”, below). We will ensure the transfer complies with data protection law and all personal information will be secure. Specifically, on request from our customers, 15Five will execute our Data Processing Agreement (“DPA”; (https://www.15five.com/terms/data-processing-addendum/)) and Standard Contractual Clauses (“SCC”) as set forth by the provisions of the European General Data Protection Regulation (“GDPR”) regarding the collection, use, and retention of Personal Information European Union, Switzerland, and the United Kingdom to the United States.

Additionally, as required by GDPR, 15Five has executed SCCs with our subcontractors who process our customer’s Personal Information in response to the Schrems II case decision. If there is any conflict between the terms of this privacy policy and the SCC, SCC shall govern.

If you would like further information, please contact us.

Your Rights Under the GDPR.

Right to Access

The right to be provided with a copy of your Personal Information

Right to Rectification

The right to require us to correct any mistakes in your Personal Information

Right to be Forgotten

The right to require us to delete your Personal Information –in certain situations

Right to Restriction of Processing

The right to require us to restrict processing of your personal information—in certain circumstances, e.g. if you contest the accuracy of the data

Right to Data Portability

The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations

Right to Object

The right to object:

  • at any time to your personal information being processed for direct marketing (including profiling);
  • in certain other situations to our continued processing of your personal information, e.g. processing carried out for the purpose of our legitimate interests.

Right Not to be Subject to Automated Individual Decision-Making

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

Your Rights Under the CCPA and CPRA.

You have the right under the California Consumer Privacy Act of 2018 (CCPA), as amended and expanded by the California Privacy Rights Act of 2020 (CPRA), and certain other privacy and data protection laws, as applicable, to exercise free of charge:

Right to Know/Access

You have the right to know:

  • The categories of personal information we have collected about you;
  • The categories of sources from which the personal information is collected;
  • Our business or commercial purpose for collecting, or sharing personal information;
  • The categories of third parties with whom we share personal information, if any; and
  • The specific pieces of personal information we have collected about you.

Please note that we are not required to:

  • Retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained;
  • Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; or
  • Provide the personal information to you more than twice in a 12-month period.

Personal Information Sold or Used for a Business Purpose

In connection with any personal information we may sell, share, or disclose to a third party for a business purpose, you have the right to know:

  • The categories of personal information about you that we shared and the categories of third parties to whom the personal information was shared; and
  • The categories of personal information that we disclosed about you for a business purpose.

Right to Opt-Out of the Sale or Sharing of Personal Information.

15Five does not sell your Personal Information

Right to Limit Use and Disclosure of Sensitive Personal Information

You have the right to opt-out of the use and disclosure of your sensitive personal information for anything other than supplying requested goods or services.

Right to Deletion

Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:

  • Delete your personal information from our records;
  • Direct any service providers to delete your personal information from their records; and
  • Direct third parties to whom the business has sold or shared your personal information to delete your personal information unless this proves impossible or involves disproportionate effort.

Please note that we may not delete your personal information if it is necessary to:

  • Complete the transaction for which the personal information was collected, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, provide a good or service requested by you, or reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform a contract between you and us;
  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity;
  • Debug to identify and repair errors that impair existing intended functionality;
  • Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law;
  • Comply with the California Electronic Communications Privacy Act;
  • Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when our deletion of the information is likely to render impossible or seriously impair the achievement of such research, provided we have obtained your informed consent;
  • Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us;
  • Comply with an existing legal obligation; or
  • Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Right to Correction.

You have the right to request correction of inaccurate personal information maintained by us about you. Upon receipt of a verifiable request from you, we will use commercially reasonable efforts to correct the inaccurate personal information.

Right to Portability.

A consumer has the right, upon request, to obtain their personal information by mail or electronically without charge and in a readily usable format that allows the consumer to transmit the information from one entity to another entity without hindrance.

Protection Against Discrimination

You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:

  • Deny goods or services to you;
  • Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
  • Provide a different level or quality of goods or services to you; or
  • Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

Please note that we may charge a different price or rate or provide a different level or quality of Services to you, if that difference is reasonably related to the value provided to our business by your personal information.

15Five does not sell, lease, or rent your Personal Information.

Your Rights Under California’s “Shine the Light”

California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected] or write us at: 3053 Fillmore Street, #279, San Francisco, CA 94123.

Your Rights Under the Senate Bill No. 220 (Nevada).

Nevada state residents may have additional rights under the Senate Bill 220. If you have any questions regarding your rights, please do not hesitate to contact us at: [email protected].

Keeping Your Personal Information Secure.

Personal Information will be protected and secured from unauthorized access, use and disclosure through a comprehensive information security program that includes reasonable and appropriate physical, administrative and technical safeguards. However, we cannot guarantee the security of our systems 100% and any transmission is at your own risk.  In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and where appropriate, notify those Users whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.

We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality and are provided training regarding their confidentiality obligations and applicable privacy laws. We continually test our systems and are SOC 2 Type II certified, which means we follow top industry standards for information security.

To protect Personal Information, Educator Users should protect and never share their passwords.  If there is a suspicion that a password has been compromised, Users should immediately change the password and contact [email protected].  In addition, Customers and Users are urged to:  (a) only access the Services using secure networks; (b) maintain updated internet security and virus protection software on their devices and computer systems; and (c) contact 15Five if there is another security or privacy concern or issue.

Access, Modification and Deletion.

Users

  • Users should direct access, modification and deletion requests to the Customer who licensed the Services (i.e. their employer). Access, correction, or deletion may be limited by restrictions to maintain the validity of the User Content, security, and intellectual property rights in the 15Five Materials and any applicable restrictions or requirements of the Customer or law. In many cases, Customers will be able to use the built-in functionality of the Services in order to address access, amendment and export requests. Upon request of a Customer, 15Five will provide reasonable assistance to the Customer, consistent with the terms of its agreement with the Customer. In certain cases, 15Five may not be able to fully satisfy such requests, such as a request for confidential 15Five company information or requests in a specific or proprietary format that 15Five is unable to support or requests that are prohibited by law.

Customers

  • Customer may assign a User administrator rights. Admin Users may be able to take the following actions for such accounts:  (a) change passwords; (b) suspend or terminate access; (c) view account use statistics; (d) access, delete or copy User Content.  If a Customer needs assistance, they may contact [email protected] and should provide the applicable email address for the Customer account when doing so.

Personal Information will be retained for as long as an User has a user account or when 15Five is requested to delete the Personal Information by an User or their respective Customer (i.e. employer) because the Personal Information is no longer necessary to complete the purposes for which it was collected, whichever is later. If your Subscription is not renewed, and your account is deactivated, we may keep Customer Information, including Personal Information, to comply with applicable law, prevent fraud, resolve disputes, troubleshoot problems, assist with any investigation, enforce our rights under our agreements with you, for backup, audit or regulatory purposes, and for other actions permitted by law.   

The removal or deletion of a Customer Account will result in the deletion of all User accounts, reports, and data associated with its Users. After deletion of a Customer account, 15Five cannot provide assurances that any User Content or Personal Information within the account may be retrieved from 15Five or through the Services in the future.

The amount of time any Personal Information is kept, will depend on the amount, nature and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information, and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

How to Exercise Your Rights.

If you would like to exercise any of your rights as described in this Privacy Policy, please contact us at [email protected] or via mail at: 3053 Fillmore Street, #279, San Francisco, CA 94123, with any questions or concerns about this Privacy Policy.

Please note that you may only make a CCPA-related data access or data portability disclosure request twice within a 12-month period.

If you choose to contact directly by email, you will need to provide us with:

  • Enough information to identify you;
  • Proof of your identity and address; and
  • A description of what right you want to exercise and the information to which your request relates.

We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf.

Any personal information we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.

How to file a GDPR Complaint.

15Five conducts self-assessed compliance audits of its relevant privacy practices to verify adherence to this Privacy Policy. Any employee that 15Five determines is in violation of this policy will be subject to disciplinary action. In compliance with the GDPR, 15Five commits to resolve complaints about our collection or use of your personal information. EU and UK residents with inquiries or complaints regarding our Privacy Policies should first contact us at: [email protected] or 3053 Fillmore Street, #279, San Francisco, CA 94123; attention: Data Privacy Officer. In addition, you may contact our European Data Supervisory Authority: Ireland Data Protection Commissioner; Canal House, Station Road, Portarlington. R32 AP23. www.dataprotection.ie.

Children’s Privacy.

15Five’s website and services are meant just for adults. We do not intentionally or knowingly request or collect Personal Information of children under sixteen (16) years old. If we are notified that we collected Personal Information from a child under the age of sixteen (16), we will delete it as soon as possible.  Please contact us at [email protected] to let us know that we may have a child’s information.

Changes to the Policy.

This Privacy Policy may be revised from time to time through an updated posting. 15Five will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, 15Five will endeavor to provide notice of the revision through a notice conspicuously posted on the Services, an email to Users or other appropriate way. Continued use of the Services after the effective date of a posted revision evidences acceptance. Please contact 15Five with any questions or concerns about the Privacy Policy or any objection to any revisions.

Contact Us.

Please contact us at: [email protected] or via mail at: 3053 Fillmore Street, #279, San Francisco, CA 94123, with any questions or concerns about this Privacy Policy.