We are VueLab, Inc. (“VueLab”). This Privacy Policy describes how we protect your data and respect your privacy. Any questions or concerns with respect to your data or privacy should be directed to info@vuelab.com.
1. Applicability of this Privacy Policy
This Privacy Policy applies to VueLab’s website located at https://www.vuelab.com and other VueLab websites and domains (collectively, the “Websites”), VueLab’s online performance management tools and platform, including web and mobile applications (collectively, the “Services”), and any other interactions (e.g., customer support inquiries, etc.) you may have with VueLab.
This Privacy Policy does not apply to any third party applications or technology that integrate with the Services, or any other third party products, services, or businesses (“Third Party Services”). While using the Services, you may be directed to a third party website via links or other references, which may take you to that third party website (“Third Party Websites”). This Privacy Policy does not apply to you or any other data collected from or provided by you to Third Party Websites. You should review such Third Party Services’ or Third Party Websites’ privacy policy (and such other terms and conditions) to determine how your data will be used before sharing any Personal Data.
2. Notice to End Users
By visiting the Websites, accessing or using the Services, or interacting with any aspect of our business, you accept the terms of this Privacy Policy and expressly consent to our collection, use, and disclosure of data, including Personal Data, provided to or otherwise received by us for the purposes and in the manner described in this Privacy Policy and the applicable Client Agreement.
A separate agreement governs the delivery, access, and use of the Services (the “Client Agreement”), including the processing of any “Client Data,” which is defined in the applicable Client Agreement but generally includes all data, files, messages, content, or information that Client and/or Authorized Users transmit, upload, transfer, process, store, or submit on or through the Services. The organization (e.g., your employer or another entity or person) that entered into the Client Agreement (“Client”) controls their instance of the Services (their “Workspace”) and any associated Client Data. Client, and individuals who have been authorized by Client, who access or use the Services via their Workspace (e.g., Client’s employees, managers, and human resources administrators) are “Authorized Users”. Your use of the Services may be subject to your Client’s (e.g. your employer’s) policies, if any. If you have any questions about your specific Workspace settings and privacy practices, please contact the Client with whom you have a direct relationship and whose Workspace you use. VueLab is not responsible for the privacy or security practices of our Clients, which may differ from those set forth in this Privacy Policy.
3. Data We Collect and Receive
Sometimes you provide us with data and sometimes data about you is collected automatically. To the extent data is associated with an identified or identifiable natural person and is protected as personal data or personal information under applicable data protection and privacy laws, it is referred to in this Privacy Policy as “Personal Data.” You acknowledge and agree we may collect, process, store, access, and disclose Personal Data disclosed by you or your Client (e.g., your employer) to facilitate the provision of Services and related support for the Services in the manner described in this Privacy Policy and the applicable Client Agreement.
3.1 Client Data
Clients and Authorized Users routinely submit Client Data to VueLab when using the Services. Client Data is governed by the Client Agreement. Client Data may include Account Information, Hosted Data, Sync Data, or any Client Data otherwise defined in the Client Agreement. If you have any questions about your Personal Data with respect to Client Data, please contact the Client with whom you have a direct relationship and whose Workspace you use.
3.2 Other Information
VueLab may collect Other Information from Clients and Authorized Users related to their usage of the Services and interactions with VueLab. Other Information may include Metadata, Log Data, Technical Data, Cookie Data, Third Party Services, and Additional Information Provided to VueLab. If you have any questions about your Personal Data with respect to Other Information, please contact VueLab at privacy@hellonuvue.com.
3.3 No Sensitive Personal Data
VueLab does not intentionally collect, process, or store, and we request that you do not post, upload, store, display, transmit, or submit Sensitive Personal Data on or through the Services or in Client Data. “Sensitive Personal Data” includes, but is not limited to, government-issued identification numbers; financial account numbers; credit or debit card numbers; consumer reports; background checks; any code or password that could be used to gain access to personal accounts; genetic data or biometric data; any Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership; or data concerning health or sex life or sexual orientation. VueLab is not responsible and will not be liable for any loss or damages you or another individual may experience due to your disclosure of Sensitive Personal Data while using the Services.
3.4 No Children’s Data
VueLab’s business activities are directed to other businesses and the Services are intended for use only by those who are 18 years of age and over. The Services are not directed to or intended for children, and VueLab does not intentionally collect, process, or store any Personal Data from any person under 13 years of age. In the event we discover we have inadvertently collected, processed, or stored any Personal Data from a person under 13 years of age, we will promptly take the appropriate steps to delete such data or seek the necessary verifiable parental consent for that collection in compliance with the Children’s Online Privacy Protection Act (“COPPA”).
4. How and Why We Use Data
Client Data will be used by VueLab in accordance with Client’s instructions, including any applicable terms in the Client Agreement and Client’s use of Services functionality, and as required by applicable law. Client may, for example, use the Services to grant and remove access to a Workspace, create Authorized Users accounts, assign roles and configure settings, access, modify, share, restrict, export, and remove Client Data and otherwise apply its own policies to the Services.
Other Information will be used by VueLab to operate our business and provide the Websites and render the Services with a lawful basis for processing, such as with your express consent for a specific purpose, to perform our contractual obligations, to comply with legal obligations, or otherwise in furtherance of our legitimate interests. Specifically, VueLab may use Other Information for these purposes and legal bases:
5. How We Share and Disclose Data
Except as described in this Privacy Policy or the applicable Client Agreement, VueLab will not use, share, or disclose your Personal Data for any purpose other than to the extent necessary to provide the Websites and render the Services and related support for the Services, unless you expressly consent to any other use or disclosure. VueLab may share and disclose data with respect to:
6. Retention
VueLab will retain Client Data in accordance with a Client’s instructions, including any applicable terms in the Client Agreement and Client’s use of the Services functionality, and as required or permitted by applicable law. VueLab may retain Other Information and any data pertaining to you, including Personal Data, for as long as your Authorized User account is active and thereafter for as long as necessary for the purposes described in this Privacy Policy, including for the period of time needed to pursue our legitimate business interests, provide your Client (e.g., your employer) with the Services, conduct audits, resolve disputes, comply with contractual obligations (including but not limited to Client Agreements), and comply with (and demonstrate compliance with) legal obligations.
7. Security Measures
VueLab maintains physical, technical, and administrative procedures to safeguard and secure the data we collect.
Please remember:
8. Identifying the Data Controller and Data Processor
Data protection and privacy laws in certain jurisdictions differentiate between the “controller” and “processor” of data. In general, Client is the controller of Client Data. In general, VueLab is the processor of Client Data and the controller of Other Information.
9. International Data Transfers
VueLab is established in the United States and primarily processes and stores data in connection with the Services in the United States. However, the Services are global and all data, including Personal Data, may be processed and stored in any country where we have operations or where we engage Third Party Service Providers. We may transfer data, including Personal Data, to countries outside of your country of residence, which may have data protection and privacy laws that are different from those of your country. We will take measures to ensure that your Personal Data remains protected to the standards described in this Privacy Policy and any such transfers comply with applicable data protection and privacy laws. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data.
9.1 Transfer Mechanisms for Restricted International Data Transfers
VueLab does not transfer Personal Data from the European Union (EU), the European Economic Area (EEA), the United Kingdom (UK), or Switzerland to, or process such Personal Data in, a location outside of the foregoing, without Client’s prior written consent. However, VueLab may transfer Personal Data from the EU, the EEA, the UK, and Switzerland to, or process such Personal Data in, the United States where VueLab has implemented an international data transfer mechanism compliant with applicable data protection and privacy laws, which for example may include an international data transfer: (i) subject to an adequacy decision by the European Commission; (ii) to a recipient certified under Privacy Shield; (iii) subject to the Standard Contractual Clauses for the transfer of Personal Data to processors, which are incorporated herein by reference; (iv) where another appropriate safeguard pursuant to Article 46 of the the General Data Protection Regulation (“GDPR”) applies; or (v) where a derogation pursuant to Article 49 of the GDPR applies.
10. Your Rights
Individuals located in certain countries and jurisdictions have certain statutory rights in relation to their Personal Data. Subject to any exemptions provided by law, you may have the right to exercise your rights and request certain actions with respect to your Personal Data.
10.1 General Privacy Rights
VueLab is committed to maintain accurate information that you share with us and will use commercially reasonable efforts to allow you to access your Personal Data. Upon request we will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Data. To request this information or if you wish to access, modify, or remove your Personal Data, please contact us as privacy@vuelab.com. VueLab will endeavor to respond to all reasonable written requests to access, modify, or remove Personal Data in a timely manner within thirty (30) days.
If you seeks to access, modify, or remove Personal Data held or processed by us on behalf of a Client, you should direct your inquiry to your Client (e.g., your employer). Upon receipt of a request from one of our Clients for us to access, modify, or remove the data, we will respond to their request in a timely manner within thirty (30) days.
If you consent to receiving communications from a third party, such third party may have its own privacy policy which will apply to you and you will need to communicate with them directly if you wish to access, modify, or remove the Personal Data you provided to them, or later decide that you no longer wish to receive such third party’s communications.
10.2 Additional Rights for Europe
Individuals located in the EU, the EEA, the UK, and Switzerland, have certain statutory rights under the GDPR. To the extent that VueLab’s processing of your Personal Data is subject to the GDPR, VueLab relies on its legitimate interests set forth in this Privacy Policy to process your Personal Data. If you are located in the EU, the EEA, the UK, or Switzerland, you may have the right to exercise additional rights available to you under the GDPR, including:
When offering Services to its Clients, VueLab acts as a “processor” under the GDPR and our receipt and collection of any Personal Data is completed on behalf of our Clients in order for us to provide the Services. Please direct any data subject requests under the GDPR to the Client with whom you have a direct relationship and whose Workspace you use.
For any other requests related to your applicable rights under the GDPR, please contact us at privacy@hellonuvue.com. We will consider your request in accordance with applicable laws. To protect your privacy and security, we may take steps to verify your identity before complying with the request.
10.3 Additional Rights for California
10.3.1 California Consumer Privacy Act
California residents have certain statutory rights under the California Consumer Privacy Act of 2018, as amended (“CCPA”) regarding their personal information (as defined by the CCPA). If you reside in California, you may have the right to exercise additional rights available to you under the CCPA, including:
VueLab will not discriminate against you for exercising your rights under the CCPA. Specifically, if you exercise your rights, we will not deny you services, charge you different prices for services, or provide you a different level or quality of services.
When offering Services to its Clients, VueLab acts as a “service provider” under the CCPA and our receipt and collection of any consumer personal information is completed on behalf of our Clients in order for us to provide the Services. Please direct any requests to exercise your rights under the CCPA to the Client with whom you have a direct relationship and whose Workspace you use.
For any other requests related to your rights under the CCPA, please contact us at privacy@vuelab.com. We will consider your request in accordance with applicable laws. To protect your privacy and security, we may take steps to verify your identity before complying with the request.
10.3.2 California “Shine the Light” Notice
VueLab does not disclose Personal Data to third parties for any third parties’ direct marketing purposes, and will not do so unless the Client or Authorized User affirmatively consents to such disclosure. Since VueLab provides its California users with notice of its rights as described above, pursuant to Section 1798.83(c)(2) of the California Civil Code, VueLab is in compliance with California’s “Shine the Light” law and is not obligated to provide California users with the names and addresses of all the third parties that received Personal Data from VueLab for the third parties’ direct marketing purposes during the preceding calendar year.
11. Enforcement
VueLab will actively monitor its relevant privacy and security practices to verify adherence to this Privacy Policy. Any agents, contractors, service providers, or other third parties subject to this Privacy Policy that VueLab determines is in violation of this Privacy Policy or applicable data protection and privacy laws will be subject to disciplinary action up to and including termination of such services. If you believe there has been a violation of this Privacy Policy or applicable data protection and privacy laws, please contact us immediately at privacy@vuelab.com.
12. Changes to this Privacy Policy
VueLab may change, modify, or update this Privacy Policy from time to time, in whole or in part, in VueLab’s sole discretion, at any time without prior notice by posting updated versions on the VueLab website. When we do, we will revise the “last updated” date at the bottom of this page. If and when we make such changes, we will make commercially reasonable efforts to notify you by email, through the Services, or by posting a prominent notice on our Website. We encourage you to visit this page at https://www.vuelab.com/privacy to stay informed on our privacy practices and review our most current Privacy Policy. Any changes, modifications, or updates to this Privacy Policy will become effective immediately upon such posting. Your continued use of the Services constitutes your agreement to be bound by such changes to this Privacy Policy. If you disagree with the changes to this Privacy Policy, your only remedy is to discontinue use of the Services and deactivate your account.
13. Contact VueLab
We encourage you to contact us with any questions, complaints, or requests with respect to your Personal Data, this Privacy Policy, and/or our privacy practices.
You may contact us at:
Email: privacy@vuelab.com
Version 1.0
Last Updated: May 6, 2021