Last updated: Feb 19, 2021
Avora Holdings LTD complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework(s), as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union (EU) and Switzerland to the United States.
Avora Holdings LTD has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of the Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit http://www.privacyshield.gov.
Your privacy is important to us, as well as being transparent about how we collect, process, use, and share information about you.
Revenue Grid acts as the data controller with regard to Personal Information when we collect and determine the purposes and means of the processing of such Personal Information we collect. For example, we act as the data controller when we collect information on our websites, other channels for marketing purposes.
When we process Personal Information on behalf of our customers in connection with Revenue Grid products and services, Revenue Grid acts as the data processor.
Product-specific privacy terms are described in the respective section of this Policy. This section describes how we process customer data in connection with our specific product or service.
We collect information about you when you provide it to us directly or via our partners, after you give your consent while using our Services or when other sources (Data Controllers) provide it to us.
Information you provide to us
We collect/process information about you when you enter it into the Services or otherwise provide it directly to us.
Account and Profile Information: We collect and store information about you when you register an account on products sign up, set your product preferences, or make purchases through the Services. For example, the contact information you provided.
The content you provide through our websites: The Services include the websites owned or operated by us. We collect content that you submit on these websites. For example, you provide content to us when you share your Services use feedback or when you get engaged with any interactive features, download marketing materials, take part in surveys, promotions, or online events.
Information you provide through our support channels: The Services also include our customer support, where you may choose to submit information regarding a problem you are experiencing with the Service. Whether you identify yourself as a technical contact, open a support ticket, speak to one of our representatives directly, or otherwise engage with our support and CSM teams, you will be asked to provide your contact information, a summary of the problem you are experiencing, and any other relevant documentation, screenshots or other details helpful for resolving the issue.
Information we collect automatically when you use the Services
We collect information about you when you use our Services, that includes browsing our websites and performing certain actions within the Services.
Your use of the Services: We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use and how you interact with others using the Services.
Device and connection information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and the settings applied when you install, access, update, or use our Services. We also collect information from your device about your operating system, browser type, URLs of the referring/exit pages, device identifiers, and crash data, if relevant. We use your IP address and/or region preference in order to approximate your location to provide you with a better Service experience. The scope of collected information depends on the type and settings of the device you use to access the Services.
Information we receive from other sources
We receive information about you from other Service users, from third-party services, from our related companies, and from our business and channel partners.
Other users of the Services: Other users of our Services may provide information about you when they submit content through the Services. For example, you may be mentioned by your CRM administrator when submitting an issue to our technical support. We also receive your email address from other Service users when they provide it in order to invite you to the Services. Similarly, an administrator may provide your contact information when they designate you as the billing contact for your company’s account.
Our Partners: Some of our partners help us to market and promote our products, generate leads for us, and resell our products. We sometimes receive contact information, company name, what Our products you have purchased or may be interested in, evaluation information you have provided, what events you have attended, and what country you are in.
Other partners: We receive information about you and your activities on the Services from third-party partners, that provide us with information about your interest in and engagement with our Services.
Our Services are responsible for transferring data between systems using API technologies.
How we use information we collect depends on what Services you use, how you use them, and on any preferences you may have communicated to us. Below are listed specific purposes of using information about you.
With your consent: We use information about you when you have given us your consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.
Legal basis for processing (for EU and EEA users):
If you are an individual in the European Economic Area (EEA), we collect and process information about you only when we have legal basis for doing so under applicable EU laws. The legal basis depends on the Services you use and how you use them. This means we collect and use your information only when we rely on one or more of the following grounds:
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. When we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use. However, in some cases, this may mean that you will no longer use the Services.
We do not sell or trade your information with any third parties.
Sharing with third parties
We share information with third parties that help us operate, provide, improve, integrate, customize, support, and market our services.
Service providers: We engage our contracted service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis, and other services for us, which may require them to access or use information about you. If a service provider needs to access some information about you to perform relevant services on our behalf, they do so under strict instruction from us, including a set of Policies and Procedures implemented to protect your information.
Third-party apps: You, your administrator, or other Services users may choose to add new functionality or change the behavior of the Services by installing third-party apps within the Services. Doing so may give these third-party apps access to your account and information about you, like your name and email address, and any content you choose to use in connection with those apps. We encourage you to review privacy policies of any third parties before connecting to or using their applications or services, to learn more about their privacy and information handling practices. If you object to information about you being shared with these third parties, please uninstall the app.
With your consent: We may share information about you with third parties if you have given us your consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your consent, we may post your name by a testimonial.
Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our Agreements, Policies and Terms of Service, (c) protect the security and integrity of our products and services, (d) protect Us, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
How we store and secure information we collect
Security and storage of information
We use data hosting service providers located in the United States and Europe to host the information we collect and process, and we use industry standard technical measures to secure your data.
We have taken steps to implement appropriate security, technical, and administrative measures to prevent unauthorized disclosure, use, or access to the information.
How long we keep information
We will keep the Personal information we collect about you only for as long as we need it for the purposes it was collected, or for the period of time as may be required by law.
How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
Account information: We retain your account information for as long as your account is active and for a reasonable period thereafter, in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services.
When we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.
Information you share on the Services: If your account is deactivated or disabled, some of your information and the content you have provided will remain.
Managed accounts: If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account.
Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or stopped using your account at Our Services. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
With regard to Personal Information we process on behalf of our customers in connection with Revenue Grid specific products and services, please, see Product-Specific Policy Terms below for more information.
Your Personal Information may be processed by us in the United States, by our affiliates, and by our service providers located in other countries, as disclosed in the respective section “How we share information we collect” and “Product-Specific Privacy terms” herein.
If we transfer Personal Information to other countries, we ensure that the recipient provides the necessary adequate level of protection. If your Personal Information is transferred outside the EEA to any countries that are not subject to an adequacy decision by the European Commission, we apply and enter into standard contractual clauses approved by the European Commission, or use other appropriate legal mechanisms to safeguard the transfer.
We comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework, as set forth by the U.S. Department of Commerce (the “Privacy Shield”) regarding the collection, use and retention of personal information transferred from the European Union (EU) and Switzerland to the United States. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. To learn more about the Privacy Shield program, and to view our certification, please visit http://www.privacyshield.gov.
Should you have any Privacy Shield-related complaints about our collection or use of your personal information or any inquiries, please, contact Avora Holdings LTD at: [email protected]. We will respond within 45 days.
If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, you may contact your relevant Data Protection Authority using the information provided at https://ec.europa.eu/info/law/law-topic/data-protection_en and/or the Swiss Federal Data Protection and Information Commissioner (FDPIC). Avora Holdings LTD commits to cooperate with the panel established by the EU DPAs and/or the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by the panel established by the EU DPAs and/or FDPIC with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and/or Switzerland.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration through the Privacy Shield Panel if neither we nor the panel established by the DPAs/FDPIC resolves your Privacy Shield complaint.
We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.
We may be required to disclose personal information in response to lawful requests by public authorities, including to meet the national security or law enforcement requirements.
Representation for data subjects in the EU/UK
We value your privacy and your rights as a data subject and have therefore appointed Prighter as our privacy representative and your point of contact.
Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative Prighter or make use of your data subject rights, please visit: https://prighter.com/q/17757937
There are several choices available to you for accessing and controlling your information that we collected. Below is a summary of these choices, the ways to exercise them, and limitations that might apply.
You have the right to
Below, we describe the tools and processes for making these requests.
In case the Services are administered for you by an administrator from your organization, you may first need to contact your administrator to assist with your requests. In other occasions, you may contact us as provided in the Contact Us section below.
Your requests and choices may have some limitations in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep. If you have asked us to share data with third parties, for example, by installing third-party apps, you will need to contact those third-party service providers directly to have your information deleted or otherwise restricted. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country you reside, work, or where you feel your rights were infringed.
Request to deactivate your account: If you wish to stop using our Services, please contact our Support team.
A Request to stop using your information: In some cases, you may ask us to stop accessing, storing, using, and otherwise processing your information where you believe we don’t have the appropriate rights to do so. In case you gave us the consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You can also opt out of our using of your information for marketing purposes by contacting us. If you make such request, we may need some time to investigate and facilitate it. If there is a delay or dispute as to whether we have the right to continue using your information, we will restrict any further use of your information until the request is honored or the dispute is resolved, provided your administrator does not object (where applicable). If you object to information about you being shared with a third-party app, please disable the app or contact your administrator to do so.
A Request to opt out of communications: You may opt out of receiving promotional communications from us by using the unsubscribe link included in each email. Not that after you opt out from receiving promotional messages from us, you will continue receiving transaction messages from us regarding our Services. You can also opt out of some notification messages via your Service account settings.
You may exercise your rights by contacting us using the information in the “Contact Us” section below.
This section provides information with regard to processing of data in connection with the use of our certain Services/Products by the customers/users. Hereinafter, “User Data” means data, including personal information, that is processed by the Services as specified below in the respective subsections.
The servers we use to host and run our Services’ infrastructure are located in secure data centers. Specifically, industry standard Microsoft Azure cloud hosting servers are used.
In order to provide technical support for our Services (exclusively for troubleshooting and incident resolution), we may provide access to telemetry and service logs data to our employees/contractors. All such individuals strictly adhere to our Privacy and Security policies and any such access is restricted to such specially trained individuals.
Our solution Revenue Inbox performs synchronization of business communication and CRM data between user’s CRM account and user’s mailbox. Revenue Inbox for Salesforce can synchronize data of the following types: Calendar items, Tasks, Contacts, Email messages, and Attachments of the authorized User. Using the solution’s Dashboard, the authorized User can define which record types to synchronize via the Service.
Revenue Inbox may store the following categories of User Data:
With regard to the Email Opens (“Magic Pixel”) and Link Clicks Tracking feature, please refer to the respective subsection below
Our Revenue Engage solution is intended for outbound mailing and replies processing automation within sales and other kinds of email campaigns. Revenue Engage also bi-directionally synchronizes Lead statuses within Salesforce.
Revenue Engage processes and stores the following categories of User Data, including Personal Data:
Revenue Engage User data is stored throughout the Service subscription term and then for three calendar months after the end or expiration of the subscription. Three calendar months after the end/expiry of the subscription, all the User Data gets permanently deleted from our servers.
The User may permanently delete the persisted data including Personal data of Revenue Engage emails recipients, using one of the following methods:
Revenue Engage Service logs and telemetry data may be stored for three calendar months.
With regard to the Email Opens (“Magic Pixel”) and Link Clicks Tracking feature please refer to the respective subsection below.
Revenue Guide consists of a range of solutions for the customer-facing teams. It includes business pipeline and team analytics, a system of playbook-based signals as well as automation means which recommend the best following steps to take or perform required actions automatically.
Revenue Guide processes and stores the following categories of User Data, including Personal Data:
Revenue Guide may also store additional data points per the customer’s demand, according to requested custom patterns.
Revenue Guide User data is stored throughout the Service subscription term and then for three calendar months after the end or expiration of the subscription. Three calendar months after the end/expiry of the subscription, all the User Data gets permanently deleted from our servers.
The User may delete the User data including Personal data of Revenue Guide emails recipients in the following way:
Email Opens And Link Clicks Tracking Feature
Our products Revenue Inbox and Revenue Engage include the Email Opens (“Magic Pixel”) and Link Clicks Tracking feature that allows users to track sent emails’ status (opened/not opened by a recipient) and clicking of links contained in emails’ bodies.
The user can disable or enable this feature in product Customization settings. If this feature is enabled, the following data categories get processed and stored by the Service:
The User may delete the User Data stored by the Services by submitting a respective request to our Customer Support.
Please note that when using the Email Opens and Link Clicks Tracking feature, the user (being the data Controller) needs to comply with the requirements of data protection laws, and some laws may require that the recipients have opted-in to the collection of the tracking data.
SAP Cloud for Customer Server-Side Integration for Groupware
Our Services performs synchronization of business communication and CRM data between user’s CRM account and user’s mailbox over API technologies, including Google APIs, as specified below.
SAP Cloud for Customer Server-Side Integration for Groupware (hereinafter for the purposes of this subsection referred as the “Service”) performs specific data processing between SAP Cloud for Customer and the user’s mailbox (“User Data” processing) and provides a sidebar pane for Microsoft Outlook (as an add-in) or Gmail (as a Chrome browser extension) that allows to interactively view and modify CRM context associated with the currently selected email message or calendar item. The Service can access and handle records of the following types: Calendar items, Tasks, Contacts, Email messages, and Attached files from the user’s mailbox, as well as various record types available in the CRM. Using the Service’s settings pages, the authorized CRM user can define which record types to synchronize or access via the Service.
Any User data including Personal data is processed or transferred by the Service solely to provide the Service to the users. User Data is only passed through the Service, temporarily kept in our servers’ memory for performing a specific operation (a records data synchronization session or user-initiated data access or update) and is not written to any persistent storage.
While processing the data including Personal Information in connection with this Service on behalf of our customers, we process such information in the capacity of data processor.
Google API Services User Data Policy Disclosure
Revenue Grid App’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.
If an end-user registers or accesses the Service(s) using an email address with a domain that is owned by end-user’s employer or organization, and such organization wishes to establish an account on the site, the name of that end-user, email address of that end-user, and dates of past use of end-user account with the Service may become accessible to that organization’s administrators so they would be able to perform their functions as administrators and adjust and/or customize the Service for users.
In order to provide our Products and Services to customers and run our platform, we may use and engage sub-processors, including the affiliates of AVORA HOLDINGS LTD.
The list of our Sub-Processors is available on Revenue Grid Sub-Processors Page.
Notice to End Users
Many of our products are intended for use by organizations. This implies that the Services are made available to you through an organization (e.g. your employer), and the organization is the administrator of the Services and is responsible for the user accounts and/or Service sites over which it has control.
If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization’s policies. We are not responsible for the privacy or security practices of an administrator’s organization, which may be differ from this Policy.
Administrators are able to:
In some cases, the administrators can also:
Please contact your organization or refer to your administrator’s organizational policies for more information.
The Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact our support services.
We have collected the following statutory categories of Personal information over the past twelve months:
The purposes for which we collect this information are described in the respective section of this Policy “How we use information we collect”. We do not trade or sell your personal information to any third parties. We may share or disclose the above information only in the ways that are described in the respective section in this Policy “How we share information we collect”, provided the involved parties have adopted the appropriate security and confidentiality measures.
Your Rights Under California Consumer Privacy Act of 2018
You have the right to request from us what information we have collected, used, and disclosed about you over the past twelve months.
You have the right to learn how we process your Personal Information.
You have the right to request from us the deletion of your Personal Information collected and maintained by us. Please, note that some exceptions may apply to this right.
You have the right not to be discriminated while you exercise one of your privacy rights.
Please kindly note that some exceptions to your rights specified above may apply, as permitted by laws.
You may designate your authorized agent to exercise the above rights on your behalf. We may need to verify your identity by the appropriate method if necessary or verify your authorized agent’s identity.
To exercise your rights, please contact us at the address provided in the section “Contact Us” of this Policy.
If you have questions or concerns about how your information is handled, please direct your inquiry to Avora Holdings LTD at:
Avora Holdings LTD. 650 Castro St, Suite 120/385 Mountain View, CA 94041
Company Communications; 13110 NE 177th Place, Suite 135 Woodinville, WA 98072.
E-Mail: [email protected]
Phone number: +1 866 684 9276