Privacy Policy

Policy Scope

Last updated: September 13th, 2023 — Currently Effective

This privacy policy applies to all FastField Software Services, applications and websites offered by FastField, Inc. ("FastField") and customer service interactions, training sessions and user conferences. We refer to those products, services and websites collectively as the "Services" in this policy.

This privacy policy explains our policies and procedures for handling your personal information and data you collect using our software services and tools. Your privacy is extremely important to us and if you have any questions regarding the contents of this policy document, please contact us at info@fastfieldforms.com.

‍This Privacy Policy in not applicable to any third party applications software that integrate with the Services through the FastField platform ("Third Party Services"), or any other third party products, services or businesses. In addition, a separate agreement governs delivery, access and use of the Services (the "Terms of Use Agreement"), including the processing of any forms, files or other content submitted using our Services (collectively, "Customer Data").

The organization (e.g., your employer or another entity or person) that entered into the Agreement ("Customer") controls their instance of the Services ("Organization Account") and any associated Customer Data. If you have any questions about specific Organization Account settings and privacy practices, please contact the Organization Account Owner of which you are registered under.

Unless otherwise noted, our services are provided by FastField Inc. inside of the United States.

.If you do not agree with the terms, do not access or use the Services or any other aspect of FastField's business.

Information We Collect

‍When you use our Services, we collect information relating to you and your use of our products and services from a variety of sources as listed below:

User Registration Information. To use our Services you must have a FastField account. When you confirm/register your account, we collect your username, password, phone number and email address.

‍Billing Information. When you make a payment for our Services, we require you to provide your billing details, such as a name, address, email address and financial information corresponding to your selected method of payment. For example, this information may include a credit card number and expiration date or a bank account number. If you provide a billing address, we will regard that as the location of the account holder.

‍Organization Account Settings. Our services provide screens to control account preferences and personal profile information. For example, your account time zone and communication templates can all be configured through our online administration portal.

‍Form Data. We store your form data and form configuration settings for you. If you chose to have data submissions directly posted to your private web services, your form data will not be stored on our servers. Unless stated under a separate agreement, FastField is not responsible for the content of the forms you create or the data your forms collect.

‍Usage Data. We collect usage data about you and your users whenever you interact with our Services. This may include webpages you visit, what you click on, when you performed those actions. Additionally, like most applications today, our servers keep log files that record data each time a device accesses those servers. The log files contain data about the nature of each access, including originating IP addresses.

‍Device Data. We collect data from the device and application you use to access our services, such as your IP address, browser, hardware information, settings and unique identifiers and application crash data.

‍Location Data. We may infer your geographic location based on your IP address. Our Services may also collect location information from devices in accordance with the consent process provided by your device and applications you are using.

‍Referral Data. If you arrive at one of our websites (including fastfieldforms.com, fastfield.com) or from an external source (such as a link on another website or in an email), we record information about the source that referred you to us.

‍Third Party Services and Integrations. Through the use of our Services you have the option to connect or integrate with other third party services. For example, when configuring a Form’s workflow and Form Delivery options you may choose to send your form submissions to a third party system. You or your administrative users can enable and disable these integrations within your Organization’s Account. Once enabled the third party may also share certain information with our Services. We recommend that you review the privacy policies of these third party service providers to understand what may be disclosed through integrations with Services such as ours. We do not sell or share your form data in any way with third party advertisers or marketers.

‍Cookies. We use cookies on our websites. Cookies are small bits of data we store on the device you use to access our services so we can recognize repeat users. Each cookie expires after a certain period of time, depending on what we use it for. We use cookies for several reasons:

- To make our site easier to use. If you use the "Remember me" feature when you sign into your account, we may store your username in a cookie to make it quicker for you to sign in whenever you return to our websites.

- For security reasons. We use cookies to authenticate your identity, such as confirming whether you are currently logged into our Services.
‍
-To provide you with personalized content. We may store user preferences, such as your default language, in cookies to personalize the content you see.

-To improve our services. We use cookies to measure your usage of our websites and track referral data, as well as to occasionally display different versions of content to you. This information helps us to develop and improve our services and optimize the content we display to users.

-You can choose to remove or disable cookies via your browser. Refer to your web browser's configuration documentation to learn how to do this. Please note that doing this may adversely impact your ability to use our services. Enabling cookies ensures a smoother experience when using our websites. By using our websites and agreeing to this privacy policy, you expressly consent to the use of cookies as described in this policy

-Information from page tags. We use third party tracking services that employ cookies and page tags (also known as web beacons) to collect aggregated and anonymized data about visitors to our websites. This data includes usage and user statistics.
‍How we use data we collect
‍Customer Data will be used by our Services in accordance with Customer’s instructions, including any applicable terms in the Terms of Use Agreement and Customer’s use of Services functionality, and as required by applicable law.

FastField is a processor of Customer Data and Customer is the controller. The Customer may, for example, use the Services to grant and remove access to the Organization’s Account, assign roles and configure settings, access, modify, export, share and remove Customer Data and otherwise apply its policies to the Services. FastField uses Other Information in furtherance of our legitimate interests in operating our Services, Websites and business. More specifically, we use Other Information for the following reasons:

‍Customer Support. Providing customer support requires us to access your information to assist you (such as with form setup, design and technical troubleshooting). Your data may be required to access to contact you to provide these services. Your form data may be required to access to provide troubleshooting and issue investigation.

‍To Prevent Potentially Illegal Activities or as Required by Law. To respond to legal requests and prevent harm or we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

‍To Manage and Enhance Our Services. We internally use your information for the following limited purposes including:

‍To monitor and improve our services and features. We internally perform statistical and other analysis on information we collect (including usage data, device data, referral data, and information from page tags) to analyze and measure user behavior and trends, to understand how people use our services, and to monitor, troubleshoot and improve our services.

‍Screening for undesirable or abusive activity. For example, we have automated systems that screen content for phishing activities, spam, and fraud.

‍To contact you about your service or account. We occasionally send you communications of a transactional nature (e.g. service-related announcements, billing-related matters, changes to our services or policies, and other email communication about your account). You can't opt out of these communications since they are required to provide our services to you.

‍To contact you for marketing purposes (unless you opt out). We may contact you for promotional purposes. You may opt out of these communications at any time.

‍For billing and account management and administrative purposes. FastField may need to contact you for invoicing, account management and similar reasons and we use account data to administer accounts and keep track of billing and payments.

‍To investigate and help identify, prevent and resolve security issues and abuse.If Information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, we may use it for any business purpose. To the extent Information is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection law, it is referred to in this Privacy Policy as "Personal Data."

Data Retention

FastField will retain Customer Data in accordance with a Customer’s instructions, including any applicable terms in the Terms of Use Agreement and Customer’s use of Services functionality, and as required by applicable law. Depending on various account settings, Customer may be able to customize its retention settings and apply those customized settings at the Organization Account level. For example, our Services can be configured to remove collected data after a period of time within the mobile application data storage sandbox.

Upon deletion or cancellation of your account, we retain Customer Data for 180 days unless you specifically request to purge the data at the point of cancellation. Unless you request to remove all your data upon cancellation of your account, we retain your contact info to keep you informed of upcoming product announcements and communication.

FastField  may retain Other Information pertaining to you for as long as necessary for the purposes described in this Privacy Policy. This may include keeping your Other Information after you have deactivated your account for the period of time needed for FastField to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.

‍We will NOT sell your data. Under no circumstances does FastField sell your data for any reason. If you are a California resident, you have the right to opt out of having your data sold under the California Consumer Pricay Act (CCPA). FastField does not sell your data, so there is no need to opt out of having your data sold.

How we Share and Disclose Information

Customers determine their own policies and practices for the sharing and disclosure of Information, and FastField does not control how they or any other third parties choose to share or disclose Information. Customers control how their form data is distributed to external sources through account and form level settings. For more information on how to configure your form delivery options, please visit our Help Center.

The following list outlines how we share and disclose information:

‍• Customer’s Instructions. FastField will solely share and disclose Customer Data in accordance with a Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and in compliance with applicable law and legal process.

‍• Displaying the Services. When an Authorized User submits Other Information and Customer Data, it may be displayed to other Authorized Users in the same or connected Organization account. For example, an Authorized User’s email address may be displayed with their user profile. You can configure various access levels or roles for each individual user in your account. Roles can be used to specify the actions your users can perform and the scope of data they can view in your Organization’s account.

‍• Customer Access. Account Owners, Administrators, Authorized Users and other Customer representatives and personnel may be able to access, modify or restrict access to Information and form data. This may include, for example, your employer using Service features to export form data, or accessing or modifying your profile details.

‍• Third Party Service Providers and Partners. We may engage third party companies or individuals as service providers or business partners to process Other Information and support our business.

We rely upon these types of 3rd party service providers to provide our Services to you:

Cloud Hosting Provider – to provide hosting facility and infrastructure to house our Services.
Payment Processors - to process your subscription fees.Email Service Providers - to send account related notifications and alerts to you.
Web Traffic Analytics Providers – to analyze web traffic patterns and Ad performance.
‍App Crash Analytics Providers – To identify and troubleshoot application crashes.
‍App Logging Providers – to analyze usage patterns for security purposes, troubleshooting and tuning of our services.
‍Help Desk Providers – to provide Help Center and Support ticketing services.

If you wish to receive a list of third parties who handle personal data for FastField, please send a request to security@fastfieldforms.com. If you object to a particular third party or sub-processor, who we cannot disassociate from your Services, your sole remedy will be to cancel your subscription relating to the Services that cannot be reasonably provided without the objected-to new sub-processor. Such termination will be without a right of refund for any fees prepaid by you for the period following termination.

‍• Third Party Services. Customer may enable or permit Authorized Users to enable Third Party Services. When enabled, our Services may share Other Information and Customer Data with Third Party Services. Third Party Services are not owned or controlled by FastField and third parties that have been granted access to Other Information may have their own policies and practices for its collection and use. Please check the privacy settings and notices in these Third Party Services or contact the provider for any questions.

‍• Corporate Affiliates.  FastField may share Other Information with its corporate affiliates, parents and/or subsidiaries.•

During a Change to FastField's Business. If FastField engages in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of FastField’s assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence), you expressly consent to FastField transferring your information to the new owner or successor entity so that we can continue providing our services. If required, FastField will notify the applicable data protection agency in each jurisdiction of such a transfer in accordance with the notification procedures under applicable data protection laws.•

Aggregated or De-identified Data. We may disclose or use aggregated or de-identified Other Information for any purpose. For example, we may share aggregated or de-identified Other Information with prospects or partners for business or research purposes, such as telling a prospective FastField’s customer the average amount of forms processed over a period of time.

‍• To Comply with Laws. If we receive a request for information, we may disclose Other Information if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process.

‍• To Enforce Our Rights, Prevent Fraud, and for Safety. To protect and defend the rights, property or safety of FastField or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.

‍• With Consent. FastField may share Other Information with third parties when we have consent to do so.

‍• Your account details to your billing contact. If your details (as the account holder) are different to the billing contact listed for your account, we may disclose your identity and account details to the billing contact upon their request (we also will usually attempt to notify you of such requests). By using our services and agreeing to this privacy policy, you consent to this disclosure.

Age Restrictions and Limitations

‍To the extent prohibited by applicable law, we do not allow use of our Services and Websites by anyone younger than 16 years old.

FastField does not knowingly collect personal data from minors or allow them to register. If it comes to our attention that a Customer has collected personal data from a minor, we may delete this information without notice. If you have reason to believe that this has occurred, please contact us at support@fastfieldforms.com.

Identifying The Data Controller And Processor
‍
Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information. In general, the Customer is the controller of Customer Data and FastField is the processor of Customer Data and the controller of Other Information.

Your Rights to Your Information

Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information. You can usually do this using the settings and tools provided in your Services account.

If you cannot use the settings and tools, contact us or the Controller / Owner of your Organization account for additional access and assistance.To the extent that FastField’s processing of your Personal Data is subject to the General Data Protection Regulation, FastField relies on its legitimate interests, described above, to process your data. FastField may also process Other Information that constitutes your Personal Data for direct marketing purposes and you have a right to object to FastField’s use of your Personal Data for this purpose at any time.
At any point you can perform the following actions:

‍Update your account details. You can update your account preferences and information using our online administration portal found https://portal.fastfieldforms.com.
‍
‍Download/backup your form data. We provide you with the ability to export data in a variety of formats including Excel, CSV, and PDF.

‍Delete your form data. Deleting form data can be accomplished via our online administration portal and will permanently delete form data immediately. To the extent permitted by law, we will permanently delete your data if you request to when cancelling your account.

‍Cancel your account. To cancel your account, please do so through our online Administration portal at https://portal.fastfieldforms.com/Account or contact us at support@fastfieldforms.com.

Upon cancellation, you will have the option to permanently delete your Account data. Deleting your account will cause all the form data in the account to be permanently deleted, as permitted by law, and will disable your access to any other services that require a FastField account. We will promptly fulfill requests to delete personal data unless the request is not technically feasible, or such data is required to be retained by law (in which case we will block access to such data, if required by law).

Privacy Rights for California Residents
‍
‍The following provides additional details about the personal information we collect about California residents and the rights afforded to them under the California Consumer Privacy Act(CCPA).

For more details about the personal information we have collected on you over the last 12 months, including the categories of sources, please see the Information We Collect section above. We collect this information for the purposes described in the How We Use The Data We Collect section above. We share this information with the categories of third parties described in the How We Share and Disclose Information section above.

According to the terms of CCPA, we do not sell the personal data we collect. Please note that we do use third-party cookies for our advertising purposes as described in the Cookies section above under Information We Collect. Subject to certain limitations, the CCPA provides California residents the right:

- to request to know more details about the categories or specific pieces of personal information we collect
- to request how we use and disclose the personal information we collect
- to request to delete their personal information
- to opt out of the sale of personal data collected on them
- to not be discriminated against for exercising these rights

California residents may initiate a request pursuant to their rights under the CCPA by contacting us via the Data Subject Access Request link below, or once logged in by clicking 'Help - DSAR'. In order to protect the security of our users, the request must include your account registration information so we can properly verify your identity (Account name, First and Last name, email address, and phone number you used to register with us). We will verify your request using the information associated with your account, including email address and phone if necessary. California residents can also designate an authorized agent to exercise these rights on their behalf.

GDPR Representative Contact

DataRep has now been appointed as the EU representative for FastField. Please see the attached document for contact details.



Data Subject Access or Deletion Request
‍This process allows individuals to know what personal data is being processed and how it is being used. We take Data Subject Access Request's seriously and will respond promptly and transparently to any requests in accordance with applicable laws and regulations. To request data access or deletion please visit, https://privacyportal.onetrust.com/webform/cf63d618-7c1b-4229-b4fa-d1a55ca380c4/e134b247-a499-4af0-984e-85220162e5f8 .

Privacy Shield - Framework Commitment

FastField complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. FastField has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

‍Privacy Shield - Data Processing for Customer

‍We provide the Services to allow organizations to collect, store and distribute their custom form data. In providing these Services, we process data our customers submit to our Services or instruct us to process on their behalves in connection with the Services ("Customer Data").
‍
To fulfill these purposes, we may access data to provide the Services, to prevent or resolve technical or system issues, to respond to customer support requests, to follow the instructions of our customer who submitted the data, or in response to contractual requirements with our customers.

Privacy Shield - Data Shared with Third Parties

‍In providing our Services to you, we rely upon a limited number of third party providers. These third party providers perform operations such as data storage, application hosting, application logging, payment processing and customer support software tools and services. These third parties may access, process or store personal data in the course of providing these services, but based on our instructions only.

If we receive personal data subject to our certification under the Privacy Shield and then transfer it to a third-party service provider acting as an agent on our behalf, we have certain liability under the Privacy Shield if the following conditions exist:The agent processes the personal data in a manner inconsistent with the Privacy ShieldWe are responsible for the event giving rise to the damage.

Privacy Shield - Lawful Disclosure Requirements

We are required disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Privacy Shield - Compliance Complaints

In compliance with the Privacy Shield Principles, FastField commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact FastField at:

‍Email: legal@fastfieldforms.com FastField, Inc 1311 Calle Batido Suite 240, San Clemente, CA 92673
‍

Privacy Shield U.S. Federal Trade Commission Enforcement

Our Privacy Shield compliance is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

Privacy Shield - Arbitration

You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of a European country participating in the Privacy Shield must first:

1. Contact us and afford us the opportunity to resolve the issue.
2. Seek assistance from EU Data Protection Authorities (DPAs) or the Swiss Federal Data Protection and Information Commissioner (FDPIC).
3. Contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees.

Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the resident.

Standard Contractual Clauses
‍
On July 16, 2020, the European Union Court of Justice (CJEU) invalidated the EU-US Privacy Shield as a valid means of verifying data protection outside of the EU. This does not absolve FastField of any Privacy Shield obligations, and the Privacy Shield commitment shall continue to be maintained. However, in addition to the Privacy Shield Framework, FastField also offers a Data Processing Agreement that includes the European Standard Contractual Clauses, which are still regarded as valid by the CJEU. If your organization is required to operate under Standard Contractual Clauses, please request a Data Processing Agreement by contacting us at support@fastfieldforms.com. 

Security
We are committed to handling your personal information and data with integrity and care. FastField works hard to protect Information you provide from loss, misuse, and unauthorized access or disclosure. We leverage the top cloud-hosting providers in the world to security store and process your data. We also transmit your data encrypted over the Internet using Secure Socket Layers, an industry standard for data encryption.

However, regardless of the security protections and precautions we undertake, there is always a risk that your personal data may be viewed and used by unauthorized third parties as a result of collecting and transmitting your data through the Internet. Given the nature of communications and information processing technology, FastField cannot guarantee that Information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others.

Consent

By clicking "I Agree" or any other button indicating your acceptance of this privacy policy, you expressly consent to the following:You consent to the collection, use, disclosure and processing of your personal data in the manner described in this privacy policy, including our procedures relating to cookies, IP addresses and log files.

Unless otherwise stated and agreed upon, our servers are based in the United States, so your personal data will be primarily processed by us in the United States.

You consent and agree that we may transfer your data to data processors located in countries, including the United States, which do not have data protection laws that provide the same level of protection that exists in countries in the European Economic Area.

Your consent is voluntary, and you may revoke your consent by opting out at any time. Please note that if you opt-out, we may no longer be able to provide you our services.You consent to us sharing your personal data with relevant persons working for service providers who assist us to provide our services. If you have enabled cookies on your web browser, you consent to our use of cookies as described in this privacy policy.

Privacy Policy Changes

‍We may modify this privacy policy at any time, but if we do so, we will notify you by publishing the changes on this website. If we determine the changes are material, we will provide you with additional, prominent notice as is appropriate under the circumstances, such as via email.

For any changes to this privacy policy for which you are required to provide prior consent, we will provide you with reasonable notice of such changes before they become effective and provide you with the opportunity to consent to those changes. If you do not cancel your subscription and continue to use our services beyond the advance-notice period, you will be considered as having expressly consented to the changes in our privacy policy. If you disagree with the terms of this privacy policy or any updated privacy policy, you may close your account at any time.


‍