Umso Software Inc.
(“umso”, “We”, “Us”, and “Our”)
Personal privacy is important and We acknowledge and respect the desire of individuals for personal privacy.
Our Privacy Policy is intended to comply with the British Columbia Personal Information Protection Act and the European Union (“EU”) General Data Protection Regulation (“GDPR”). It also has some provisions which are intended to apply to residents of other jurisdictions.
We intend to regularly review Our privacy policies and practices and reserve the right to change the provisions of this Privacy Policy at any time.
Notice that changes to our Privacy Policy have been made will be indicated on the Policy the date it was last updated.
Umso Software Inc., is a company formed under the laws of British Columbia, Canada (“Umso”, “Our”, “Us, and “We”) with a delivery address of #900-2025 Willingdon Avenue, Burnaby, B.C., Canada V5C 0J3.
We provide an online software application and related services enabling subscribers to build their own websites.
In this Privacy Policy, the terms below have the following meanings:
“Application” means Our proprietary Web-based software application called Umso™ and all associated documentation and other materials utilized by Subscribers or made available to you by Us for use in accessing the Website and using the Services to create a Subscriber Platform.
“End Users” refers to individuals who visit or use any Subscriber Platform and the related services of our Subscribers.
“personal information” refers to any information received, collected, or maintained by Us that identifies, or could be used to identify, an individual.
“Services” means the Application, the subscription to which provides you with an account or access to the functionality and feature set for the Application, to create a Subscriber Platform, whether the trial version, startup version, growth version, or business version or any other version available from time to time from Us, Our hosting services, or any other functions utilized by you or made available to you in conjunction with accessing the Website and the Application.
“Subscribers” are persons who have registered with Us to use Our Services.
“Subscriber Platform” means the website created by a Subscriber using the Application and Services.
“Users” means, depending on the context, unregistered visitors to Our Website and/or Subscribers.
“Web Site” means https://www.umso.com, any subdomains thereof, and any successor websites.
“you” and “your” refers to a User.
This Privacy Policy applies to all Users. This Privacy Policy is not intended to override the terms of any agreement you have with Us, nor any rights you may have under other applicable data privacy laws.
Prior to accessing or using Our Services, please read this policy and make sure you fully understand Our practices in relation to your personal information. If you read this Privacy Policy and do not agree to Our practices, you must immediately leave and discontinue all use of any of Our Services. If you have any questions or concerns regarding this Privacy Policy, please contact us at privacy@umso.com.
“Personal information” is personally identifiable information such as your name, residential address, business address, and e-mail address or any other information that can be used to identify an individual or about an identifiable individual.
We are not in the business of collecting anyone’s personal information except to the extent it’s needed in relation to using Our Services, supporting the use of Our Services by Users, and communicating with Users and prospective Users.
We collect personal information when you provide it to Us, such as if you choose to communicate or register with Us before or after Using any of Our Services. This information may include details about yourself, including your name, telephone number, business mailing address, and email address to participate in any Services We may offer.
If you register for Our Services, purchase and/or register domain names, use any of Our Services, or when you contact Us directly (by email or a support ticket), you may provide Us personal information, such as your name, email address, phone number, payment information (for Subscribers), Goods and Services Tax or VAT number identification information you include in your communications with Us, and personal information contained in scanned identification documents (such as an ID card, driver’s license, passport, or official company registration documents).
When you visit Our Website, or download and/or use any of Our Services, We may collect personal information regarding your usage for security or fraud prevention purposes.
We also collect personal information on an aggregated basis, such as Users’ browsing and click-stream activity on or relating to the Services, and non-identifying personal information regarding Users’ computing device, operating system, internet browser, country, city, screen resolution, language, and keyboard settings, internet service provider, referring/exit pages, and date/time stamps.
We may receive personal information about you from third-party sources, such as security providers or fraud detection and prevention providers who assist Us in screening out visitors to the Website associated with fraud; and social media platforms (if you log-in or sign-up using your social media account, We may receive personal information from that service including your username and basic profile personal information).
We may also collect personal information of End Users, solely for and on our Subscribers’ behalf (as further described in Section 8 below). The personal information of End Users will include the country, city, referring source, pages visited on a Subscriber’s Platform, the computing device, software operating system, and log data.
We also collect personal information to allow Us to contact Users or potential Users in the normal course of business, including providing technical support services, providing information on our latest software announcements and software updates, or if you apply for employment with Us.
In summary, we use personal information for providing the Services; enabling Us to improve and expand the Services; supporting Our Subscribers; contacting Users including for promotional purposes; analyzing Our performance; for security purposes; and to comply with applicable laws.
We also collect non-personally identifiable information about Users in a number of ways, including tracking visits to Our Website through your IP address, computer settings, or search keywords used which let Us know more about whether different aspects of Our Website are informative or of interest to potential Users and Subscribers.
We may collect, use, transfer, and disclose non-personally identifiable information for any purpose.
If We combine non-personally identifiable information with personal information, the combined information will be treated by Us as personal information for so long as it remains combined.
Anonymous or “non-personal” information gathered by Umso through accessing Our Website or communicating with Us may be used for technical, research, and analytical purposes. Information collected through surveys may be used by Us to analyze Our Services, target market, and to develop or enhance Our Services.
We may collect, store, and process certain personal information of End Users on behalf of Subscribers and at their direction. For example, each of our Subscribers can build their own forms to collect personal information of End Users and other data via their own website. Such personal information may then be stored with Umso, on the Subscriber’s behalf.
In this context, (a) We are considered a “Processor” and not a “Controller” (as both such capitalized terms are defined in the GDPR, and including their capitalized cognates) of such personal information of End Users; and (b) the Subscribers controlling and operating their own Subscriber Platforms are considered as the “Controllers” of such personal information of End Users, and are responsible for complying with all laws and regulations that may apply to the collection and control of such personal information of End Users, including all privacy and data protection laws of all relevant jurisdictions.
The Processing of the personal information of End Users occurs within the jurisdictions of the European Union, Canada, India, and/or the United States and such processing and transfer will be in accordance with our Data Processing Agreement for Users ("DPA").
Any transfer to and Processing in a third country outside the European Union that does not ensure an adequate level of protection according to the European Commission, shall be undertaken in accordance with the Commission Implementing Decision (EU) 2021/914 of June 4, 2021 on Standard Contractual Clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament set out in Schedule 1 of the DPA. For certainty, as used in this Privacy Policy, “Processing” (and its capitalized cognates) has the meaning given to that term in the DPA.
You are responsible for the security, integrity, and authorized usage of personal information of End Users, and for obtaining the required consent and providing any required data subject rights and fair processing notices required for the collection and usage of such personal information.
To the extent We may Process personal information of End Users, please see Sections 6, 9, 11, 14, and 17 of this Privacy Policy.
If you are a User or an End User, We confirm that Umso has no direct relationship with End Users whose personal information We Process.
If you are a visitor, user, or customer of any of Our Users, and have any request regarding your personal information, please contact such User directly.
For example, if you wish to request to access, correct, amend, or delete any personal information of yours which is inaccurate and which is Processed by Us on behalf of Our Subscribers, please direct your query to the relevant User (who is the “Controller” of such data).
If We are requested by our Users to remove any personal information of End Users, We will respond to such requests in a timely manner upon verification and in accordance with applicable law (for example, 30 days under the GDPR). Unless otherwise instructed by a User, We will retain personal information of the subject End Users for the period set forth in Section 22 below.
Unless you specifically authorize Us to release your personal information, or release is required or permitted by law, We will not sell, lease, license, or trade your personal information to any other third parties.
Personal information collected by Us is processed and stored in Oregon, in the United States of America. Subscribers’ websites and the personal information of End Users are Processed and stored in Toronto, Canada, Mumbai, India, and Frankfurt, Germany, and some of the personal information of End Users may also be Processed and stored in Oregon. To the extent We transfer personal information of residents of the EU anywhere outside of Europe, We will ensure that (a) there is a level of protection deemed adequate by the European Commission or (b) that the relevant Model Standard Contractual Clauses approved by the European Commission are in place.
Like other companies, we have business relationships with other service providers whose services complement our Services. We use:
(collectively, “Other Service Providers”).
We and Our Other Service Providers that store or process your personal information on Our behalf are contractually committed to keep it protected and secured, in accordance with industry standards and regardless of any lesser legal requirements which may apply in their jurisdiction.
Thus personal information may be subject to disclosure in accordance with the laws applicable in Canada, the United States, the EU, Germany, and India as well as the jurisdictions where the Other Service Providers physically locate their servers or store their data in relation to the services provided to Us.
Your personal information and the personal information of End Users may be accessible to regulatory, law enforcement, and national security authorities of those jurisdictions, and may be subject to disclosure in accordance with the laws of those countries or jurisdictions. Such laws may or may not provide the same level of protection for personal information as do the applicable laws of the jurisdiction in which you or your End Users ordinarily reside.
We only share personal information with our Other Service Providers in the normal course of using their software services offered to Us as a user/subscriber, ancillary to our business of providing our Services. The type of personal information we share includes the scope of personal information we receive including identifiers, such as your name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, or other similar identifiers; and commercial information, such as information regarding the type of Services subscribed for from Us.
You are responsible to inform your End Users of the extent to which We collect, process, and use their personal information in the course of our provision of Services to you and on your behalf.
If Umso is involved in a merger, acquisition, or any form of sale of some or all of Our assets, We may transfer any and all personal information We collect to the relevant third party.
If we have any bona fide reason, We may share personal information if we believe doing so will help protect the rights, property, or personal safety of Umso, any of our Users, any End Users, or any member of the general public, with or without notice to you.
For personal information of Our Users, We will only request personal information that We need and will only ask for it when it’s needed.
Generally, this is going to be in the context of doing business with Users or prospective Users interested in Our Services.
So if We ask you for personal information, it will either be self-evident why We’re asking for such information, or if not, We’ll explain to you why such personal information is needed and what We are going to do with it.
We will seek your prior consent to the collection, use, and disclosure of the information as required by applicable privacy legislation. Your consent may be provided orally, or through use of Our Website.
Some examples associated with Our processing of your personal information will relate to subscribing for our Services, technical support services, sending invoices, following up on payments, or responding to communications requesting more information about Us or Our Services.
You’ll always have the right at any time to remove your consent from any such processing or collection of your personal information by contacting Us by email at privacy@umso.com. But withdrawing your consent is subject to certain allowable exceptions (e.g., We need the personal information to provide or to continue to provide Our Services, or, if the withdrawal of your consent would frustrate the performance of a legal obligation We may have. This is explained in more detail below under Section 19).
Note that if you decide to withhold or withdraw your consent to certain uses of your personal information, We may not be able to provide Our Services to you.
Subject to applicable laws in British Columbia, in Canada, in the United States, and in the EU, We may collect, use, or store personal information without your consent in the following limited circumstances:
when the personal information is available from a public source (e.g. a telephone directory);
to protect Us, Our Users, and others with whom We may do business, from fraud;
to investigate an anticipated breach of an agreement or a contravention of law; or
when such collection, use, or disclosure of personal information is permitted or required by applicable law.
Yes, Umso and Our Other Service Providers use “cookies” to collect information, helping Us understand User behaviour and preferences insofar as Our Services are concerned.
A cookie is a small text file that is stored on the device you use to access a website.
“Cookies” contain a unique identification number that identifies your browser to Our computers each time you visit Our Website.
We may collect information about your mobile device, computer, or other hardware device from which you access Our Website including your IP address, operating system, and browser type. This is statistical data about Our Users’ browsing actions and patterns.
Our Website, email messages, and advertisements for Our Application or Services may use cookies and other technologies such as pixel tags and web beacons. These technologies help us better understand User behavior, make Our Website a bit more user-friendly by remembering site preferences and language settings, tell us which parts of Our Website people have visited, and facilitate and measure the effectiveness of advertisements and web searches. We treat information collected by cookies and other technologies as nonpersonal information. However, to the extent that Internet Protocol (IP) addresses or similar identifiers are considered personal information by local law, We also treat these identifiers as personal information.
Similarly, to the extent that non-personal information is combined with personal information, We treat the combined information as personal information for the purposes of this Privacy Policy.
Umso also uses cookies and other technologies to remember personal information when you use Our Website and Services. Our goal in these instances is to make your experience with Us more convenient, personal, and safe from security breaches. For example, keeping you signed in, keeping your preferences, providing you with the Service you have decided to obtain from Us, understanding how you use Our Website, monitoring and analyzing the performance, operation, and effectiveness of Our Services, and for security purposes and fraud-protection purposes and in order to identify and prevent cyber-attacks.
Knowing someone using your computer or device has downloaded Our Application or is interested in a particular Service helps Us make our marketing and email communications more relevant to your interests. We may provide you with customized advertisements, content, and information; monitor and analyze the effectiveness of Our Website content and third-party marketing activities; and monitor aggregate site usage metrics such as total number of visitors and pages viewed. And knowing your contact information helps Us provide you with better customer service.
We use the following types of cookies to help improve your engagement with Our Website, identify repeat visitors, and offer an improved personalized service than would otherwise be available without using cookies:
Essential Cookies: these enable you to browse the Website and use essential features like secure and private areas.
Analytical cookies: these allow Us to recognize and count Users and see how Users move around Our Website when using it. This helps us improve the way Our Website works, for example, by making it easier for Users to find what they are looking for.
Function cookies: these enable you to navigate Our Website and gain full access to its features and secure areas, including e-billing services. These are also used to recognize you when returning to Our Website. This may enable Us to personalize content (for example, greet you by name or acknowledge what region you are from).
Marketing cookies: are used to deliver advertisements more relevant to your personal interests, to limit the amount of times you see an ad and measure the effectiveness of ads.
Performance cookies: these allow Us to analyze and improve the performance of Our Website to provide you with a better visitor experience.
Preferences & Features cookies: these remember choices you made on previous visits to Our Website so We can provide enhanced, more personal features as well as enabling automated completion of forms with information previously provided.
Targeting cookies: these record your visits to Our Website, the pages you have visited, and the links you followed to affiliated Websites. We use this information to make Our Website more relevant to your interests.
Cookies We use include ones We design, as well as cookies from Our Other Service Providers. Information from cookies is retained by Us for up to two years.
The cookie table below provides you with information about the type, categories, purpose, and duration of cookies placed by Us and Our Other Service Providers.
The table below has information about cookies that are used by Us on Subscribers’ Platforms.
Generally, these cookies initially placed on a Subscriber’s Platform are categorized as essential cookies. But our Services enable the ability to add other components, software, and third-party applications, so your Subscriber Platform may include other types of cookies from other persons requiring settings customized to your requirements.
We use cookies on Subscribers’ Platforms to provide an improved experience for your visitors, customers, and End Users and to identify your End Users, to monitor and analyze the performance, operation, and effectiveness of your Subscriber Platform, and to manage risks around security and safety of use.
In accordance with the GDPR and the privacy laws of most other jurisdictions, Subscribers using our Services to create their own website must inform their visitors that you are using cookies on your website. This can be done by adding a section about your website's cookies in your privacy policy. Depending on the jurisdiction(s) to which you are subject, you may also be required to include details about the types of cookies your website uses.
You can also use the Umso Cookie Consent Solution to add a cookie banner to your site. This gives visitors to your website the option to accept or decline non-essential cookies on your website (which is required for GDPR compliance in any event).
If you want to disable cookies on Our Website (or otherwise) and you’re using a web browser, go to preferences and then to the privacy pane to manage your preferences. Different browsers and mobile devices will have different ways to access privacy settings to enable blocking cookies, disabling cookies, or preventing cookies from being installed on your device. Check with your provider if required. Please note that certain features of Our Website may not function as intended once cookies are disabled.
If you previously consented, passively or otherwise, to Our use of cookies with your device or browser, you may always change your mind and revoke that consent by clicking here [insert link].
As is true of most online internet services, We gather some information automatically and store it in server log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites and applications, operating system, date/time stamp, and clickstream data.
We use this information to understand and analyze trends, to administer Our Website, to learn about User behavior on the Website, to improve Our Services, and to gather demographic information about Our User base as a whole. We may use this information in Our marketing and advertising services.
In some of Our email messages, We use a “click-through URL” linked to content on Our Website. When Users click one of these URLs, they pass through a separate web server before arriving at the destination page on our Website. We track this click-through data to help Us determine interest in particular topics and measure the effectiveness of Our communications to Users. If you prefer not to be tracked in this way, you should not click text or graphic links in these email messages.
Pixel tags enable Us to send email messages in a format customers can read, and they tell Us whether mail has been opened. We may use this information to reduce or eliminate messages sent to customers.
At times, We may make certain personal information available to strategic partners that work with Us to provide Our Services, or that help Us market to prospective Users. Personal information will only be shared by Us to provide or improve our Services and advertising; it will not be shared with third parties for their marketing purposes.
It may be necessary − by law, legal process, litigation, and/or requests from public and governmental authorities within or outside your country of residence − for Umso to disclose your personal information. We may also disclose information about you if We determine that for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.
You have the right to make sure that the personal information that We have concerning you is accurate.
If you have questions about the accuracy of factual information We may have about you, you will have access to that information in order to verify and update it, or ask Us to delete it.
We take reasonable efforts to ensure that personal information We receive, use, and store is accurate and complete. If you are noted as a contact for a Subscriber or prospective Subscriber, you will always have the opportunity to modify the personal information you provided to Us by requesting correction of your personal information in order to ensure its accuracy and completeness.
Please send any request to access your personal information in writing, to privacy@umso.com and provide sufficient detail to identify the personal information sought.
If your personal information is demonstrated to be inaccurate or incomplete, We will, so far as practicable, and as soon as practicable, correct your personal information to the extent required.
Our web site has industry standard security measures in place to protect the loss, misuse, alteration, or unauthorized access or disclosure of the information under Our control.
We also use a variety of security technologies and procedures to help protect personal information such as encryption using Secure Socket Layer (SSL) technology, passwords, and physical security. Further, certain parts of Our Services offer HTTPS secure access; and the transmission of sensitive payment information (such as a credit card number) is through Stripe, which uses an industry standard SSL/TLS encrypted connection. We also regularly monitor our systems for possible vulnerabilities and attacks, and regularly seek new ways to improve and enhance the security of our Services and protection of our Users’ privacy.
While there is no such thing as "perfect security" on the Internet, We take all reasonable steps to ensure the safety of your personal information.
The transmission of information via the internet is not entirely secure and thus We can’t guarantee the security of your personal information transmitted to Us online.
Thus any transmission of personal information by you is at your own risk.
You have the right to request access to your personal information.
You also have the right to know how We use your personal information and to whom it has been disclosed, subject to certain limited exceptions.
You can avail yourself of this right by contacting Us and We will take all reasonable steps to assist you with any legitimate request for access.
Please send any request to access your personal information in writing, to privacy@umso.com and provide sufficient detail to identify the personal information sought.
We will make the requested information available within 45 calendar days. If We need more time, We’ll provide written notice of an extension to enable Us to fulfil the request.
If for any reason We are not in a position to respond to a data access request, We will let you know.
If a request is refused in full or in part, We will notify you in writing, providing the reasons for refusal, and the recourse available to you.
You have the right to request that your personal information is erased by Us.
Please provide any request to erase your personal information in writing, sent to privacy@umso.com and provide sufficient detail to identify the personal information sought.
We will respond to all requests for erasure within a reasonable amount of time or provide you with written notice of an extension where We need additional time to fulfil your request.
If you ask Us to erase your personal information, We’ll use commercially reasonable efforts to remove your personal information from Our files, however, We may not be able to delete some of your personal information to the extent that it’s still necessary in relation to the purposes for which it was collected, or in relation to a legal obligation We have. We may also retain, use, and share your “non-personal” information that We previously collected prior to your request for erasure.
And of course, if We do permanently delete your account with Us, all of your personal information will be gone from Our databases. After completing this process, you will no longer be able to use any of Our Services, and your account and all its data will be removed permanently, and We will not be able to restore your account or retrieve your data in the future.
If you ordinarily reside in California and use the Services, the California Consumer Privacy Act (“CCPA”) may provide you the right to request access to and deletion of your personal information.
Please review the information noted above in Section 19 if you intend to exercise the right to request that We delete your personal information.
Umso does not sell personal information of its Users to any third party for the intents and purposes of the CCPA.
As We noted in Section 8 above, We may collect, store, and Process personal information of End Users, solely on our Subscribers’ behalf and at their direction. For such purposes, We reserve and will be considered as a “Service Provider” and not as the “Business” (as both such capitalized terms are defined in the CCPA. Umso does not and will not sell personal information of End Users.
Users of the Services who are California residents and under 18 years of age may request and obtain removal of content they posted by emailing us at privacy@umso.com. All requests must be labeled “California Removal Request” on the email subject line. All requests must provide a description of the content you want removed and information reasonably sufficient to permit Us to locate that content. We do not accept California Removal Requests via telephone. We have no responsibility for notices that are not properly addressed or sent properly, and We may not be able to respond if you do not provide adequate information. Please note that your request does not ensure complete or comprehensive removal of the material. For example, materials that you have posted may be republished or reposted by another user or third party over whom We have no control.
Our Website contains links to other websites.
We will not be responsible for the privacy practices or the content of such other websites and We expressly disclaim all liability associated with your use of and the content of such other websites. Such other websites will probably also have their own cookies, which they control and over which we also disclaim all liability for.
We may retain your personal information (as well as the personal information of End Users) for as long as you continue to maintain an active subscription or as otherwise needed to provide you with our Services.
We may continue to retain your personal information after you cease being a Subscriber and/or cease using any particular Services, as reasonably necessary to comply with our legal obligations (including applicable privacy and tax legislation), to resolve disputes regarding our Users or personal information of End Users, to prevent fraud or abuse, to enforce our agreements and/or protect our legitimate interests.
We expect to revise this Privacy Policy from time to time, reflecting changes in technology, User feedback, and applicable legislation.
Please ensure that you refer to the current version of Our Privacy Policy.
All changes or replacements to this Privacy Policy are effective immediately upon posting on Our Website.
Except as required by law, We won’t use or disclose your personal information for any purpose for which you refuse Us consent or later withdraw your consent.
If you withdraw consent, you agree that in spite of this withdrawal We may continue to use the personal information previously provided to Us to the extent that We are contractually obligated to do so and to the extent necessary to enforce any contractual obligations you or your employer may have to Us.
You also understand that although you may be able to use Our Services for some purposes without providing Us with any personal information, We need personal information about you for some fundamental purposes, including particulars that may require technical support, invoicing, payment, or involve an ongoing business relationship with Us.
You have the right to communicate with Us about any issues that you may have relating to your personal information.
Our Privacy Officer is responsible for ensuring Our compliance with this Privacy Policy.
Please direct any complaints, concerns, or questions regarding Our compliance in writing to Our Privacy Officer by email at privacy@umso.com or to Umso Software Inc., #900-2025 Willingdon Avenue, Burnaby, B.C., Canada V5C 0J3.
Umso is a British Columbia corporation and to the extent applicable, the laws of the Province of British Columbia, Canada without regard to principles of conflict of laws, will govern this Privacy Policy and any dispute of any sort that might arise between you and Us, as well as any of Our successors and assigns.
