Droplet Solutions Inc operates both the web application at https://app.droplet.io as well as the public website at https://droplet.io, which together will be hereafter referred to as the Service. This page is used to inform visitors regarding our policies concerning the collection, use, and disclosure of personal information. If you choose to use the Service, then you agree to the collection and use of information in relation to this policy. The personal information that we collect is used for providing and improving the Service. We will not use or share your information with anyone except as described in this Privacy Policy. The terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, unless otherwise defined in this Privacy Policy.
Information Collection and Use
Droplet collects data of two main types:
- directly from our public website for sales and marketing purposes
- through our web application on behalf of our customers via digital forms and workflows
Data Collected by Droplet
You may provide your name, email, and phone number through our public website's contact forms to learn more about our Service. By providing this information, you agree to being contacted by us. We may use the information collected through our public website's contact forms in our marketing efforts to promote the Service. You can choose to opt-out by clicking "unsubscribe" in our marketing emails or by contacting us at support@droplet.io.
Droplet allows customers to login using their preferred Single Sign On (SSO) provider. In order to use the Service, you will be required to provide your name and email. If you choose to use Google OAuth to sign in to your Droplet account, we will ask for your consent to collect your email, Google profile, and Google OpenID from Google. If you give your consent, Google will provide us with this information. Droplet's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
In order to provide the Service, we will store your email address in our database. This email will be used as an identifier for your account to enable future logins and may be used to send transactional emails as part of the Service. It will not be shared with third parties except as necessary to provide the Service. Your account data will not be shared under any other circumstance.
Data Collected by Our Customers
Droplet enables our customers to collect data through customizable forms and workflows. Our customers define the type of data collected according to their operational needs, which may include personally identifiable information (PII).
Droplet provides the Service on behalf of and at the direction of our customers and as such is considered a “data processor". Our customers are the "data controller" and control the collection, input, use, retention, disposal, and disclosure of data stored in the Service. Our customers are solely responsible for obtaining the right to collect, use, and share the data they collect using the Service.
Droplet does not own any of the data that our customers collect through utilization of the Service. Except as required by law or by our customers, Droplet cannot delete, change, or disclose any data controlled by our customers from the Service. Data subjects who have concerns about data that may have been collected through the Service should contact the customer who collected the data.
Droplet retains all data collected on behalf of our customers pursuant to contractual terms as long as the account is active and in good standing. Expired account data will be retained for a period of 30 days after which it will be permanently deleted (except when required by law to retain). Any data deletion requests initiated by our customers will be honored within a commercially reasonable timeframe.
Cookies
Cookies are text files with small pieces of data — like an account ID or email — that are used to identify your computer as you use a computer network. Cookies are commonly used to keep you logged in to a website or to identify you for advertising purposes. The files are sent to your browser from the websites that you visit and are stored on your computer's hard drive.
Droplet uses cookies as necessary in order to provide the Service and for Google Analytics. For more information about how we use Google Analytics, please see the section below about advertising.
Service Providers
Droplet thoroughly evaluates and utilizes third parties in order to provide the Service. All third parties are obligated not to disclose or use any data they receive for any other purpose. Droplet does not rent, sell, or otherwise provide access to customer data to third parties for marketing or advertising purposes. Droplet may update the third parties we use from time to time in order to better provide the Service and will notify customers of any material changes. Please reach out to us at support@droplet.io if you have any concerns or would like to opt out of data sharing. Please note that opting out may require discontinuing the use of certain features or the Service entirely.
Security
Droplet uses physical, operational, and technological measures to ensure data security and privacy, including application firewalls, data encryption, physical access controls, annual security trainings, and criminal background checks of all employees. These safeguards are designed to protect against the loss, misuse, and unauthorized access or disclosure of customer data. All of the data collected as part of the Service is encrypted in transit and at rest. Droplet verifies its operational security on an annual basis by undergoing an independent SOC 2 Type II audit. Over the course of the audit, Droplet demonstrates its adherence with the principles set forth in Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality and Privacy (AICPA, TSP Section 100).
Advertising
Droplet does not display any advertising as part of the Service. Droplet does not sell or otherwise use or disclose customer data for behavioral or targeted advertising. Google Analytics cookies are used on our public website for purposes of retargeting, analytics, and marketing attribution. You can opt out of Google Analytics services here.
Children's Privacy
Droplet does not provide the Service to anyone under the age of 13. We do not knowingly collect personally identifiable information (PII) from children under 13. In the case we discover that a child under 13 has provided us with PII, this information is immediately and permanently deleted from our Service. If you are a parent or guardian and you are aware that your child has provided us with PII, please contact us at support@droplet.io so that we can perform the necessary actions.
Changes to This Privacy Policy
We may update our Privacy Policy and its last updated date to reflect changes in our policies. We will notify you of any material changes by posting the new Privacy Policy on this page prior to any change taking effect.
Contact Us
If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at support@droplet.io.