Last Revised: 4/21/2023
BUMF cares about your privacy. For this reason, we collect and use personal information only as needed to deliver our products, services, websites and mobile applications, and to communicate with you about the same, or as you have requested (collectively, our “Services”). Your personal information includes information such as:
Date of birth
Billing and payment information
Candidate information (for job applicants)
Other data collected that could directly or indirectly identify you.
If at any time you have questions about our practices or any of your rights described below, you may reach our Data Protection Officer (“DPO”) and our dedicated team that supports this office by contacting us at firstname.lastname@example.org. This inbox is actively monitored and managed so that we can deliver an experience that you can confidently trust.
What information we collect, how we collect it, and why
Much of what you likely consider personal information is collected directly from you when you:
create an account or purchase any of our Services (ex: billing information, including name, address, credit card number, government identification);
request assistance from our award-winning customer support team (ex: phone number, voice recordings);
complete contact forms or request newsletters or other information from us (ex: email); or
participate in contests and surveys, apply for a job, or otherwise participate in activities we promote that might require information about you.
However, we also collect additional information when delivering our Services to you to ensure necessary and optimal performance. These methods of collection may not be as obvious to you, so we thought we’d highlight and explain a bit more about what these might be (as they vary from time to time):
Supplemented Data may be received about you from other sources, for example, from publicly available databases, social media platforms, or third parties from whom we have purchased data, in which case we may combine this data with information we already have about you so that we can update, expand and analyze the accuracy of our records, assess the qualifications of a candidate for employment, identify new customers, and provide products and services that may be of interest to you. If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us.
How we utilize information.
We strongly believe in both minimizing the data we collect and limiting its use and purpose to only that (1) for which we have been given permission, (2) as necessary to deliver the Services you purchase or interact with, or (3) as we might be required or permitted for legal compliance or other lawful purposes:
Delivering, improving, updating and enhancing our Services. We collect various information relating to your purchase, use and/or interactions with our Services. We utilize this information to:
Improve and optimize the operation and performance of our Services (again, including our websites and mobile applications)
Diagnose problems with and identify any security and compliance risks, errors, or needed enhancements to the Services
Detect and prevent fraud and abuse of our Services and systems
Much of the data collected is aggregated or statistical data about how individuals use our Services, and is not linked to any personal information.
Sharing with trusted third parties. We may share your personal information with affiliated companies within our corporate family, with third parties with which we have partnered to allow you to integrate their services into our own Services, and with trusted third party service providers as necessary for them to perform services on our behalf, such as:
Processing credit card payments
Serving advertisements (more on this topic below)
Conducting contests or surveys
Performing analysis of our Services, customer demographics, and sentiment
Communicating with you, such as by way of email or survey delivery
Customer relationship management
Security, risk management and compliance
Recruiting support and related services.
These third parties (and any subcontractors they may be permitted to use) have agreed not to share, use or retain your personal information for any purpose other than as necessary for the provision of Services.
We will also disclose your information to third parties:
in the event that we sell or buy any business or assets (whether a result of liquidation, bankruptcy or otherwise), in which case we will disclose your data to the prospective seller or buyer of such business or assets; or
if we sell, buy, merge, are acquired by, or partner with other companies or businesses, or sell some or all of our assets. In such transactions, your information may be among the transferred assets.
Advertisements. We want to serve you ads that are most relevant and useful to you, so we may use the personal information you provided us in Account Settings or those collected through cookie technologies to personalize ads and improve your overall experience with us on our site and other sites. We call this ad personalization (formerly, interest-based advertising) because the ads you see are based on previously collected or historical data to determine which ad will be most relevant to you, including data such as previous search queries, activity, visits to sites or apps, demographic information, or location. To illustrate ad personalization that is audience-based, let’s say you registered a domain with us and created a website using our website builder product. The next time you navigate to our advertising partner’s platform or website, they may recognize that you are a BUMF customer via a matched email and may use that data to help us display an ad about our latest promotion for website security. Alternatively, if you already purchased our website security product, then we may exclude you from future ad campaigns for this product because it wouldn’t be relevant to you. Other ad personalization could be activity-based. For example, using data about your page views on our site to determine whether an ad would be of interest to you. The information we share with our advertising channel partners to deliver you personalized ads is done securely and cannot be used by them for any other purpose. We do not sell your data to any third parties. In addition, the data we share is hashed and encrypted, which means that it does not directly identify you. We do not sell your data in any way to our partners or other third parties.
For more information about ad personalization on your desktop or mobile browser, and to opt out of this type of advertising by third parties that participate in self-regulatory programs, please visit one of the following: the Network Advertising Initiative website, the Digital Advertising Alliance (“DAA”) website or the European Interactive Digital Advertising Alliance Website. To learn more about ad personalization in mobile apps and to opt out of this type of advertising by third parties that participate in the DAA’s AppChoices tool, please use this URL: https://youradchoices.com/appchoices to download the version of AppChoices for your device. Please note that any opt-out choice you exercise through these programs will only apply to ad personalization by the third parties you select but will still allow the collection of data for other purposes, including research, analytics, and internal operations. You may continue to receive ads, but those ads may be less relevant to you.
Communicating with you. We may contact you directly or through a third party service provider regarding products or services you have signed up or purchased from us, such as necessary to deliver transactional or service related communications. We may also contact you with offers for additional services we think you’ll find valuable if you give us consent, or where allowed to contact you based on legitimate interests. You don’t need to provide consent as a condition to purchase our goods or services. These contacts may include:
Text (SMS) messages
Messenger applications (e.g. WhatsApp, etc.)
Automated phone calls or text messages.
You may also update your subscription preferences with respect to receiving communications from us and/or our partners by signing into your account and visiting your “Account Settings” page.
If you make use of a service that allows you to import contacts (ex. using email marketing services to send emails on your behalf), we will only use the contacts and any other personal information for the requested service. If you believe that anyone has provided us with your personal information and you would like to request that it be removed from our database, please contact us at email@example.com.
Transfer of personal information abroad. If you utilize our Services from a country other than the country where our servers are located, your personal information may be transferred across international borders, which will only be done when necessary for the performance of our contract with you, when we have your consent to do so, or subject to the appropriate standard contractual clauses. Also, when you call us or initiate a chat, we may provide you with support from one of our global locations outside your country of origin.
Compliance with legal, regulatory and law enforcement requests. We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (such as subpoena requests), to protect our property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity we consider to be illegal or unethical.
To the extent we are legally permitted to do so, we may take reasonable steps to notify you if we are required to provide your personal information to third parties as part of legal process. We will also share your information to the extent necessary to comply with any ICANN, registry or ccTLD rules, regulations and policies when you register a domain name with us. For reasons critical to maintaining the security, stability and resiliency of the Internet, this includes the transfer of domain name registration information to the underlying domain registry operator and escrow provider, and publication of that information as required by ICANN in the public WHOIS database or with other third parties that demonstrate a legitimate legal interest to such information.
How we secure, store and retain your data.
The criteria used to determine our retention periods include the following:
The length of time we have an ongoing relationship with you and provide Services to you (for example, for as long as you have an account with us or keep using our Services);
Whether account owners modify or their users delete information through their accounts;
Whether we have a legal obligation to keep the data (for example, certain laws require us to maintain records of your transactions for a certain period of time before we can delete them); or
Whether retention is advisable in light of our legal position (such as in regard to the enforcement of our agreements, the resolution of disputes, and applicable statutes of limitations, litigation, or regulatory investigation).
If you have any questions about the security or retention of your personal information, you can contact us at firstname.lastname@example.org.
How you can access, update or delete your data.
To easily access, view, update, delete or port your personal information, or to update your subscription preferences, please sign into your Account and visit “Account Settings.” Please visit our Trust Center for additional information and guidance for accessing, updating or deleting data.
If you make a request to delete your personal information and that data is necessary for the products or services you have purchased, the request will be honored only to the extent it is no longer necessary for any Services purchased or required for our legitimate business purposes or legal or contractual record keeping requirements.
If you are unable for any reason to access your Account Settings or our Trust Center, you may also contact us by one of the methods described in the “Contact Us” section below.
The E.U-U.S and Swiss-U.S. Privacy Shield Frameworks.
On July 16, 2020, the Court of Justice of the European Union issued a judgment declaring as “invalid” the European Commission’s Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield. As a result of that decision, the EU-U.S. Privacy Shield Framework is no longer a valid mechanism to comply with EU data protection requirements when transferring personal data from the European Union to the United States.
BUMF, LLC is responsible for the processing of personal information it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. BUMF, LLC complies with the Privacy Shield Principles for all onward transfers of personal information from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal information received or transferred pursuant to each Privacy Shield Framework, BUMF, LLC is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, BUMF, LLC may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact us at email@example.com. Under certain conditions, more fully described on the Privacy Shield Website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
BUMF, LLC has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU and Switzerland in the context of the employment relationship.
‘Do Not Track’ notifications.
Some browsers allow you to automatically notify websites you visit not to track you using a “Do Not Track” signal. There is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, we currently do not alter our practices when we receive a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” you may visit www.allaboutdnt.com.
Our Services are available for purchase only for those over the age of 18. Our Services are not targeted to, intended to be consumed by or designed to entice individuals under the age of 18. If you know of or have reason to believe anyone under the age of 18 has provided us with any personal information, please contact us per the instructions below.
We will not discriminate against you for exercising any of your privacy rights. Unless permitted under applicable laws, we will not:
Deny you goods or services.
Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
Provide you a different level or quality of goods or services.
Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Changes to this policy.
United States: Attn: BUMF SUPPORT: 2110 K Street Sacramento, CA 95816
By Phone: 1-415-213-2010
We will respond to all requests, inquiries or concerns within thirty (30) days.
If you are not satisfied with our response, you may direct privacy complaints to your local data protection authority. BUMF, LLC is the data controller for https://bumf.co.