Bowtie Privacy Policy

Last Updated 05/25/2018

This privacy policy has been compiled to better serve those who are concerned with how their 'Personally Identifiable Information' (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. We have also provided the required guidance to address the EU’s data protection law (GDPR). Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

In this document, ‘client businesses’ refers to direct customers of Bowtie. ‘Clients’ refers to customers of our client businesses.

What personal information do we collect from the people that visit our blog, website or app, and how is it used?

We collect and store the following pieces of personal information from clients using Bowtie’s AI receptionist:

This information is securely shared with the following third party services:

When do we collect information?

We collect information from our client businesses when they register on our site, fill out a form or enter information on our site.

We collect information from clients when they complete a booking through our AI receptionist and when they call one of our client businesses. When completing a booking we prompt clients with a form and clear instructions.

How do we protect your information?

Personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.

In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a client places an order to maintain the safety of your personal information.

All payment transactions are processed through a secure gateway provider and are not stored or processed on our servers.

Do we use 'cookies'?

Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to:

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser's Help Menu to learn the correct way to modify your cookies.

If you turn cookies off, some features will be disabled. It won't affect the client's experience that make your site experience more efficient and may not function properly.

However, you will still be able to place orders.

Third-party disclosure

We do not sell or trade to outside parties your Personally Identifiable Information.

Third-party links

We do not include or offer third-party products or services on our website.

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.

We do not specifically market to children under the age of 13 years old.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

We will notify you via email

We will notify you via phone call

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data clients, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:

To be in accordance with CANSPAM, we agree to the following:

If at any time you would like to unsubscribe from receiving future emails, you can email us at


Sub-Processors:

To support Bowtie in delivering its Services, Bowtie may engage third party service providers to assist Bowtie with its data processing activities. When we work with these service providers in our capacity as a data processor, the third-party service provider is a sub-processor of Bowtie (“Sub-processor”).

This page identifies the Sub-processor, describes where they are located, and what services they provide to us. Before engaging any Sub-processor, we perform extensive due diligence, including detailed security and legal analysis. We do not engage a Sub-processor unless our quality standards are met. Our Sub-processors are all subject to contract terms that enforce compliance with applicable data protection laws.

Bowtie currently uses the following Sub-processors:

Sub-processor

Service Provided

Location of Sub-Processor

Amazon Web Services

Cloud service provider

United States of America

Google

Email, file storage

United States of America

Sendgrid

Email

United States of America

Twilio

SMS/VoIP provider

United States of America

Mindbody

Scheduling API Integration

United States of America

Stripe

Payment Processor

United States of America

Our business needs may change from time to time. For example, we may deprecate a Sub-processor to consolidate and minimize our use of Sub-processors. Similarly, we may add a Sub-processor if we believe that doing so will enhance our ability to deliver our Services. We will periodically update this page to reflect additions and removals to our list of Sub-processors.

Cross-Border Transfers of Personal Data

Customer authorizes Bowtie and its Third Parties to transfer Customer Personal Data across international borders, including from the European Economic Area to the United States. Any cross-border transfer of Customer Personal Data must be supported by an approved adequacy mechanism.

Client rights:

For your protection, we may only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will try to comply with your request as soon as reasonably practicable. Moreover, where you are an End User, Bowtie may need to forward your request and refer you to your Subscriber who may be better placed to address your request.

Please note that we may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion (e.g., when you make a purchase or enter a promotion, you may not be able to change or delete the Personal Information provided until after the completion of such purchase or promotion). We may retain residual information, such as records to document that your request has been fulfilled.

Any client may exercise their rights by contacting our Data Protection Officer using the form below or by contacting compliance@bowtie.ai:

https://bowtie.gdprform.io/en

Sensitive Information

We ask that you not send us, and you not disclose, any sensitive Personal Information (e.g. information related to racial or ethnic origin, political opinions, religion or other beliefs, biometrics or genetic characteristics, trade union membership or criminal background) on or through the Bowtie Services or otherwise to us, except where explicitly requested or consented to. This includes but is not limited to: communicating Personal Information through the business chat portal, or you are an End User communicating through any chat interfaces provided by Bowtie.

Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below.

bowtie.ai

155 west 70th st

new york, NY 10023

United States

compliance@bowtie.ai

(614) 626-9843