Table of Contents
- Key terms
- What about other apps and integrations?
- What about your organization?
- Who is the controller and who is the processor?
- What personal information do we collect?
- What about cookies?
- How is this personal information collected?
- How and why do we use your personal information?
- Promotional Communications
- With whom do we share your personal information?
- Where is your personal information held?
- Transferring your personal information outside of your country or region
- What about transfers outside of the European Economic Area?
- How long will your personal information be kept?
- A note about children
- Your rights
- Keeping your personal information secure
- How to complain
- How to contact us
- Notice to California Residents
- Online Tracking Opt-Out Guide
|We use the term…||Which means…|
|We, us, our, Lupl||Lupl, Inc. with our registered office address at One Freedom Square, Reston Town Center, 11951 Freedom Drive, Reston, VA 20190-5656, United States|
|Customer Terms||The legal agreement applicable to the Services entered into between you or your organization and us, as applicable|
|Our data protection officer||The Data Protection Officer: One Freedom Square, Reston Town Center, 11951 Freedom Drive, Reston, VA 20190-5656, United States (email: privacy@Lupl.com)|
|Personal information||Any information relating to an identified or identifiable individual, and any equivalent terms under local protection laws shall have the meaning given to such terms under those laws|
|Lupl Platform||The Lupl platform, across mobile and / or web, as more specifically defined in the Customer Terms|
|Lupl Websites||Lupl.com and other Lupl websites from which the Services are promoted, supported or delivered|
|Services||The Lupl Platform, the Lupl Websites and/or any other services that you have access to, as set out in the Customer Terms|
What about other apps and integrations?
What about your organization?
If you use the Services on behalf of or via your organization or their systems, your organization may be able to control, monitor and administer all or any part of your use of the Services, including access by you or others within your organization, certain privacy-related settings, and integrations with Third Party Systems. Your organization may also be able to access and process your data, including interaction data, metadata and the contents of your communications associated with your use of the Services. If you no longer have access to the work account you use to access the Services, you might lose access to the relevant Services. Lupl isn’t in control of or responsible for the privacy policies and practices of your organization. In relation to your use of the Services on behalf of or via your organization or their systems, your organization is required to make you aware of their policies and practices that they have, and you should contact them for details.
Who is the controller and who is the processor?
Data protection law in some countries draws a distinction between the “controller” and “processor” of personal information. Other countries might use similar terms like “organization” (instead of controller) and “intermediary” (instead of processor), but we use controller and processor for consistency.
The “controller” is the main decision-maker which exercises overall control over the purposes and means of the processing of personal information. The processor acts on behalf of, and only on the instructions of, the relevant controller.
Lupl is generally a data controller with respect to the processing of your profile information (e.g. name, email address, etc.) to enable us to provide you with an account and provide the Services to you (see below ‘What personal information do we collect?’).
In all other cases, Lupl generally acts as processor of personal information on behalf of the persons and organizations using the Lupl Platform. For example, if you or someone in your organization creates a matter on the Lupl Platform (i.e. the “Matter Owner”), you are in control of that matter and of the personal information of that matter, and Lupl simply processes any personal information associated with that matter on behalf of you or your organization. You can find out who is the Matter Owner for a given matter on the Lupl Platform by looking at the People tab.
What personal information do we collect?
• your name, profile picture and contact information, including email address, telephone number and company details (these will also visible to other users of the Lupl Platform as part of your user profile, to enable them to contact you via the Lupl Platform);
• personal information you provide to us on or via the Services, such as if you submit a webform, raise a support ticket or otherwise contact us;
• any user-generated content submitted by you on or via the Services (including files and messages that you create using your account). This type of content will be visible to you and other users who are within the relevant matter or chat group on the Lupl Platform. You can check who will see content via the People tab within the Lupl Platform. We only process this information as a processor and do not access this type of content unless specifically authorized by you or, where applicable, your organization, and we never use it for our own purposes;
• information about how you use the Services, such as how many matters you create and who you are connected with on the Lupl Platform;
• log files relating to your use of the Services, such as your IP address, the address of the website you visited before accessing the Services, your browser type, version and settings, the date and time you used the Services, your language preferences and cookie data;
• device information, including the type of device, what device operating system you use, your device settings, application IDs, unique device identifiers and troubleshooting information;
• information from Third Party Systems that are linked to the Lupl Platform. For example, if you, your organization or someone you work with connect an identity provider, document management system, cloud services provider, messaging application or video conferencing application to the Lupl Platform, Lupl may receive personal information that the Third Party System makes available to Lupl in order to facilitate the integration; you or your organization are in control of setting up this functionality and we only process this as a processor;
• information you provide to us if you submit a job application to join the Lupl team, such as professional, educational or employment related information;
• information you provide to us during other interactions, such as via calls or meetings you have with members of the Lupl team, if you interact with us via social media or other channels, if you participate in a workshop or focus group, or if you submit a job application to join the Lupl team;
• cookie information – the Services may include cookies and similar tracking technologies – for more on which, see “What about Cookies?” below; and
• information to enable us to check and verify your identity for security purposes, e.g., your date of birth, IP address.
We don’t generally collect any special category personal information (also known as sensitive personal data), such as personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. Any special category data that you submit in user generated content via the Services will be your and your organization’s responsibility, as we do not generally have access to this information.
What about cookies?
In limited situations, we may collect information using cookies. Cookies are small data files stored on the hard drive of your computer or mobile device by a website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer or mobile device until you delete them) to provide you with a more personal and interactive experience on our Services.
We use two broad categories of Cookies: (1) first party Cookies, served directly by us to your computer or mobile device, which are used only by us to recognize your computer or mobile device when it revisits Services; and (2) third party Cookies, which are served by service providers on Services, and can be used by such service providers to recognize your computer or mobile device for the purposes of things like Single Sign On.
Our Services use(s) the following types of Cookies for the purposes set out below:
|Type of Cookies||Purpose|
|Essential Cookies||These Cookies are essential to provide you with the Services and to enable you to use some of its features. For example, they allow you to log in to a given matter and recognize you as having logged in. Without these Cookies, the Services that you have asked for cannot be provided, and we only use these Cookies to provide you with those Services.|
|Functionality Cookies||These Cookies allow the Services to remember choices you make when you use our Services, such as remembering your login details and remembering the changes you make to other parts of our Services which you can customize. The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Services.|
We do not currently respond to “do not track” signals or other mechanisms that might enable users to opt out of tracking on our Services where that tracking is necessary for the purpose of operating the Services.
How is this personal information collected?
Most of the personal information we process via the Services comes directly from you. However, we may also collect personal information:
• if your organization provides it to us;
• from publicly-accessible sources;
• from Third Party Systems, as outlined above;
• from other users, e.g. if someone else you know uses the Lupl Platform, and they send you an invitation to join the Lupl Platform and/or a specific matter, they might provide your information to facilitate this, just as you may provide theirs. In these situations, we rely on the relevant users or their respective organizations to obtain whatever consents are required for the sharing of this information with us;
• from any other third party to whom you have given your consent; and
How and why do we use your personal information?
Under data protection law, where we are a controller, we can only use your personal information if we have a proper legal basis for doing so, such as:
• to comply with our legal and regulatory obligations;
• for the performance of our contract with you or to take steps at your request before entering into a contract;
• where you have given consent;
• for our legitimate interests or those of a third party; or
• where you have given consent.
A legitimate interest is when we have a business or commercial reason to use your information and includes our own interests or the interests of third parties, and can cover commercial interests as well as wider societal benefits, so long as this is not overridden by your own rights and interests.
For clarity, where under law or regulation we are required to obtain your consent to the processing of your personal information (for example, in countries that do not provide for legitimate interests as a legal basis), we will obtain your consent.
The table below explains what we use (process) your personal information for and indicate which legal basis is relied upon for doing so.
|Reasons for which we use your personal information||Our legal basis for processing your personal information|
|To provide the Services to you and/or your organization including setting up our products and services for you and providing you with support, onboarding, integration to our platform, helping you with Platform settings, processing payments and completing other actions which need to be taken to establish or perform our contract with you or your organization.||For the performance of our contract with you for our legitimate interests or those of a third party, i.e., to provide the Services to you and your organization|
|To improve and develop our Services, and customize your experience||For the performance of our contract with you for our legitimate interests or those of a third party, i.e., to provide the Services to you and your organization For our legitimate interests or those of a third party, i.e., to improve our services, enable us to understand our customers better and ensure the commercial viability of our business|
|To enable other users of the Services to communicate with you||For the performance of our contract with you for our legitimate interests or those of a third party, i.e., to provide the Services to you, your organization and other users|
|To provide analytics and reporting to your organization on usage and other aspects of the Services||For our legitimate interests or those of a third party, i.e., to support the provision of the Services to you and your organization|
|To enable the Lupl team to communicate with you||For our legitimate interests or those of a third party, i.e., to provide the Services to you and your organization, and communicate with you about the Services|
|To prevent and detect fraud against you, your organization, other organizations on the Lupl Platform, or Lupl||For our legitimate interests or those of a third party, i.e., to minimize fraud that could be damaging|
|To gather and provide information required by or relating to audits, enquiries or investigations by regulatory bodies, law enforcement agencies or jurisdictions||To comply with our legal and regulatory obligations, such as regarding sanctions, KYC, anti-corruption and taxation obligations|
|For operational reasons, such as to manage our internal administration, improving efficiency, training and quality control where you contact our Support desk||For our legitimate interests or those of a third party, i.e., to be as efficient as we can so we can deliver the best service for you|
|To ensure the confidentiality of relevant information||Where we have a legal or regulatory obligation, to comply with that legal and regulatory obligation. Where we don’t have a legal and regulatory obligation, for our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable information|
|To prevent unauthorized access or modifications to the Services||Where we have a legal or regulatory obligation, to comply with that legal and regulatory obligation. Where we don’t have a legal and regulatory obligation, for our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity|
|To update and enhance user records||For the performance of our contract with you or to take steps at your request before entering into a contract. To comply with our legal and regulatory obligations|
|To ensure safe working practices, staff administration and assessments||To comply with our legal and regulatory obligations|
|Marketing the Services to: —existing and former customers; —third parties who have previously expressed an interest in our services; —third parties with whom we have had no previous dealings.||Based on your consent, where required by law. Otherwise, for our legitimate interests in marketing and promoting our products, services and business|
|Marketing the Services to you.||For our legitimate interests, i.e. to promote our business to you|
|External and internal audits and quality checks, e.g. for ISO certification and the audit of our accounts||Where we have a legal or regulatory obligation, to comply with that legal and regulatory obligation. Where we don’t have a legal and regulatory obligation, for our legitimate interests or a those of a third party, i.e. to obtain and maintain relevant certifications and accreditations so we can demonstrate we operate at the highest standards|
|Contemplated or actual reorganization, merger, sale, joint venture, assignment, transfer or other operations regarding all or any portion of our business||For our legitimate interests or those of a third party, e.g., for our legitimate interest to sell all or part of our business|
|Meet any legal obligations (e.g., tax, accounting and administrative obligations)||To comply with our legal and regulatory obligations|
|Enforcement, exercise or defense of legal claims||For our legitimate interests or those of a third party, i.e. to defend our rights and interests|
|Essential cookies and functionality cookies||For our legitimate interests or those of a third party, i.e., to provide you with the Services and give you access to our website/platform|
|Targeted advertising or audience measurement cookies||Based on your consent|
|To evaluate and progress your job application, including taking preliminary steps to your potential employment with us||For the performance of our contract with you or to take steps at your request before entering into a contract. To comply with our legal and regulatory obligations. For our legitimate interests in protecting our business and commercial interests|
The above table does not apply to special category personal information, which is described above in the section titled “What personal information do we collect?”
From time to time, we may use your personal information to send you updates (by email, chat message, telephone or post) about our services, including offers, promotions or new products and/or services. These promotional communications are sent on a business to business basis to the customer organization that you work for or represent.
We have a legitimate interest in processing your personal information for promotional purposes (see above ‘How and why do we use your personal information?’). However, where consent is needed, we will ask for this consent separately and clearly before sending you the communication.
You have the right to opt out of receiving promotional communications at any time by:
• contacting us at privacy@Lupl.com; or
• using the ‘unsubscribe’ link in emails.
We may ask you to confirm or update your marketing preferences if you instruct us to provide further products and/or services in the future, or if there are changes in the law, regulation, or the structure of our business.
With whom do we share your personal information?
We share personal information with:
• your organization, if you use the Services on behalf of or via your organization or their systems (see ‘What about your organization?’ above);
• other users and invited users designated by you (e.g. when you use the Services to send or share communications, documents, or other information to third parties, such as your business contacts, we will share that communication or other information with the relevant third party. You are in control and should ensure that you only send communications or other information to people you trust);
• third parties we use to help deliver the Services to you, e.g. cloud services providers, software developers of the Lupl Platform, support services providers, or independent contractors who work with us to provide the Services to you;
• other third parties we use to help us run our business or support our activities, e.g. marketing agencies or website hosts and recruitment agencies;
• our group companies where necessary for the provision of the Services and the operation of our business;
• Third Party Systems (e.g. if a matter has a chat bridge into a Slack channel, we may share content from the Lupl matter into the bridged Slack channel) (see ‘What about other apps and integrations?’ above);
• our professional advisors, such as external auditors, accountants and legal counsel, and insurers;
• law enforcement agencies and regulatory bodies to comply with our legal and regulatory rights or obligations; and
• other parties, such as potential investors or buyers of some or all of our business or counterparties to a M&A transaction or during a re-structuring.
We only allow our service providers to handle your personal information if they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory rights or obligations.
We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymized, but this may not always be possible. The recipient of the information will be bound by confidentiality obligations to ensure they can only use personal information strictly in compliance with applicable law.
Where is your personal information held?
The Lupl Platform is hosted in the European Economic Area (the Netherlands). We use Microsoft Azure cloud services (see https://www.microsoft.com/en/trust-center for more information).
Information may also be held at our offices and those of our group companies, third party agencies, service providers, representatives and agents as described above (see above: ‘With whom do we share your personal information?’).
Some of these third parties may be based outside the European Economic Area. For more information, including on how we safeguard your personal information when this occurs, see below: ‘Transferring your personal information outside of your country or region’.
Transferring your personal information outside of your country or region
To deliver services to you, it is sometimes necessary for us to share your personal information outside of your country or region, e.g.:
• with our offices and group companies;
• with our service providers and those of your organization;
• with users who are located outside of your country or region;
• where there is an international dimension to the Services we are providing to you.
These transfers may be subject to special rules under applicable data protection laws, including where relevant the EU’s General Data Protection Regulation and data protection laws applicable in the United Kingdom. We will ensure that such transfers are compliant with the requirements under the applicable data protection law and this may entail taking such necessary measures to ensure that such overseas recipients are bound by legally enforceable obligations to ensure that these overseas recipients provide a standard of protection to the personal information so transferred that is equivalent to the protection under the applicable data protection law. See ‘What about transfers outside of the European Economic Area or the United Kingdom?’
What about transfers outside of the European Economic Area?
The transfers described above include transfers outside of the European Economic Area (“EEA”) and the United Kingdom (“UK”).
Some of the countries to which we may transfer personal information have been assessed by the European Commission or the UK approving authority as providing an adequate level of protection for personal information: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en
Except for the countries listed above, countries outside the EEA or the UK do not always provide the same level of protection for personal information as data protection laws as the EEA or the UK, respectively. We will, however, ensure the transfer and subsequent processing complies with data protection law.
Our standard practice is to use standard contractual clauses (“SCCs”) that have been approved by the European Commission or the UK approving authority, as relevant. Where required by data protection laws (in particular, the Schrems II decision), we carry out pre-transfer assessments and supplement those clauses with additional measures. From time to time, we may update the specific versions of the SCCs that we rely on to transfer personal information, for example, to take into account changes in law and good practice.
To obtain a copy of the SCCs or for further details about transfers, please contact email@example.com.
If you would like further information, please contact us or our Data Protection Officer at firstname.lastname@example.org.
How long will your personal information be kept?
We will keep your personal information while you have an account with us or we are providing products and/or services to your organization. Thereafter, we will keep your personal information:
• to respond to any questions, complaints or claims made by you or on your behalf and/or exercise a legal claim, for a period starting from the end of the provision of the Services as per the contract concluded with your organization and corresponding to the time period in which it is possible to take a legal action in accordance with applicable law;
• to keep records required by law and regulation applicable to us and/or the industries in which we operate.
In addition, any personal information within or relating to a matter on the Lupl system will be retained in line with our standard archiving policies, which are designed to help users manage their compliance with record-keeping obligations under applicable law and regulation (e.g. law firms are required to keep records for certain specified periods of time). Please contact us at privacy@Lupl.com to learn more about these archiving policies.
We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information.
When it is no longer necessary to retain your personal information, we will delete or anonymise it to the extent permitted by applicable law.
A note about children
The Services are designed for business users, and we do not intentionally gather personal information from users who are under the age of 16. If a child under 16 submits personal information to us and we learn that the personal information is the information of a child under 16, we will attempt to delete the information as soon as possible to the extent required by law. If a parent or guardian becomes aware that his or their child has provided us with information without their consent, he or she should contact us at email@example.com.
You have certain rights in relation to your personal data, which are described in general terms below. Your specific rights may vary depending on where you are located, and most rights are subject to exceptions and exemptions.
Please note that any requests to exercise rights in relation to Customer Information (i.e., data and information provided or submitted by you and/or your organization through the Lupl Platform in a Matter Space) will need to be directed to your organization as the controller of any such personal information.
|Access||The right to be provided with a copy of your personal information being processed (the right of access), and details of how we have used or disclosed your personal information in a relevant period|
|Rectification||The right to require us to correct any mistakes in your personal information|
|To be forgotten||The right to require us to delete your personal information—in certain situations|
|Restriction of processing||The right to require us to restrict processing of your personal information—in certain circumstances, e.g., if you contest the accuracy of the data so that we can verify this|
|Data portability||The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations|
|To object||The right to object: —at any time to your personal information being processed for direct marketing (including profiling); —in certain other situations to our continued processing of your personal information, e.g., in case that processing is carried out for the purpose of our legitimate interests and you state individual grounds for objection relating to your particular situation|
|Not to be subject to automated individual decision making||The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you. We don’t make decisions based solely on automated processing|
|To withdraw your consent||The right to withdraw, at any time, your consent to the processing of your personal information with effect for the future, in cases where you have given your consent. However, this will not affect the lawfulness of any processing up to the point when consent was withdrawn.|
|Post-mortem consent to privacy||Where we have a legal or regulatory obligation, to comply with that legal and regulatory obligation. Where we don’t have a legal and regulatory obligation, for our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity. The right to set instructions regarding the storage, deletion or communication of your personal data after your death|
For further information on each of those rights, including the circumstances in which they apply, please contact us at firstname.lastname@example.org.
If you would like to exercise any of those rights, please:
• email, call or write to us or our Data Protection Officer—see below: ‘How to contact us’; and
• let us have enough information to identify you– we may request additional proof of your identity and address; and
• let us know what right you want to exercise and the information to which your request relates.
Keeping your personal information secure
We have appropriate security measures to prevent data security breaches involving personal information.
We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.
We regularly test our systems, which means we follow industry standards for information security.
Amongst other things, your information is protected during transmission and at rest in our data systems by cryptographic algorithms.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
How to complain
We hope that we or our Data Protection Officer can resolve any query or concern you may raise about our use of your information. You may also have a right to lodge a complaint with the data protection regulator in your country or state. If you’re in the EU, this means you have a right to lodge a complaint with a supervisory authority in the place of your habitual residence, place of work, or place of an alleged infringement of GDPR.
How to contact us
|Our contact details||Our Data Protection Officer’s contact details|
|Lupl, Inc. One Freedom Square, Reston Town Center, 11951 Freedom Drive, Reston, VA 20190-5656, United States||Lupl, Inc. The Data Protection Officer One Freedom Square, Reston Town Center, 11951 Freedom Drive, Reston, VA 20190-5656, United States email: privacy@Lupl.com|
We have appointed a partner called Verasafe as Lupl’s representative in the European Union for data protection matters, pursuant to Article 27 of the GDPR. If you are in the European Economic Area, VeraSafe can be contacted in addition to Lupl’s DPO on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contactdata-protection-representative or via telephone at: +420 228 881 031. Alternatively, VeraSafe can be contacted at: VeraSafe Ireland Ltd. Unit 3D North Point House North Point Business Park New Mallow Road Cork T23AT2P Ireland.
Notice to California residents
We are required by the California Consumer Privacy Act of 2018 (“CCPA”) to provide to California residents an explanation of how we collect, use and share their personal information, and of the rights and choices we offer California residents regarding our handling of the personal information. This notice does not apply to information related to our business contacts.
|Personal information we collect||CCPA-defined* categories||Sources of personal information||Purposes for which we may collect and use the personal information||Data sharing|
|Contact information||Identifiers Online Identifiers||You Third party service providers||To provide, operate and improve the Service For research and development To send you communications related to the Lupl Platform||Other users on the Lupl Platform|
|Profile information Demographic Information||Identifiers Online Identifiers Protected Classification Characteristics (if you choose to provide it)||You Third party service providers||To provide, operate and improve the Lupl Platform For research and development To send you communications related to the Lupl platform or other service providers||Other users on the Lupl Platform|
|Content supplied by you (including user-generated content)||Identifiers Online Identifiers||You||To provide, operate and improve the Service For research and development||Other users on the Lupl Platform, subject to your control and direction|
|Device data Online activity and usage data||Identifiers Inferences Internet or other network activity information||Your Automatic collection||To provide, operate and improve the Service For research and development To display messages to you||None|
*Click here for details.
Privacy Rights. Except as excluded above, the CCPA grants California residents the following rights:
• Access. You can request a copy of the personal information that we maintain about you.
• Deletion. You can ask us to delete the personal information that we collected or maintain about you.
Please note that the CCPA limits these rights by, for example, prohibiting us from providing certain sensitive information in response to an access request and limiting the circumstances in which we must comply with a deletion request. If we deny your request, we will communicate our decision to you.
You are entitled to exercise the rights described above free from discrimination.
How to Submit a Request. To request access to or deletion of personal information:
• Call: +1 346 388 0769
• Email: email@example.com
Identity verification. The CCPA requires us to verify the identity of the individual submitting a request to access or delete personal information before providing a substantive response to the request. We may attempt to verify your identify by asking you to confirm information that we have on file about you or your interactions with us. Where we ask for additional personal information to verify your identity, we will only use it to verify your identity or your authority to make the request on behalf of another consumer.
Authorized agents. California residents can empower an “authorized agent” to submit requests on their behalf. We will require the authorized agent to have a written authorization confirming that authority.
Online Tracking Opt-Out Guide for California Residents
Like many companies online, we use services that use tracking technology. These services rely on tracking technologies – such as cookies and web beacons – to collect directly from your device information about your browsing activities, your interactions with websites, and the device you are using to connect to the Internet.
There are a number of ways to opt out of having your online activity and device data collected through these services, which we have summarized below:
• Blocking cookies in your browser. Most browsers let you remove or reject cookies, including cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.
• Blocking advertising ID use in your mobile settings. Your mobile device settings may provide functionality to limit use of the advertising ID associated with your mobile device for interest-based advertising purposes.
• Using privacy plug-ins or browsers. You can block our websites from setting cookies used for interest-based ads by using a browser with privacy features, like Brave, or installing browser plugins like Privacy Badger, Ghostery or uBlock Origin, and configuring them to block third party cookies/trackers.
• Advertising industry opt-out tools. You can also use these opt-out options to limit use of your information for interest-based advertising by participating companies:
o Digital Advertising Alliance: http://optout.aboutads.info
o Network Advertising Initiative: http://optout.networkadvertising.org/?c=1
Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt-out on every browser and device that you use.
You should print a copy of these terms or save them to your computer for future reference.
1. DEFINITIONS. Capitalized terms will have the meanings set forth in this section, or in the section where they are first used.
1.1 “Access Protocols” means the passwords, access codes, technical specifications, connectivity standards or protocols, or other relevant procedures, as may be necessary to allow You to access the Platform and use the Services.
1.2 “Applicable Privacy Laws” means, to the extent applicable to the Services, all worldwide data protection and privacy laws and regulations, including where applicable, the California Consumer Privacy Act Cal. Civ. Code §§ 1798.100 et seq. (“CCPA”), the EU GDPR, the UK GDPR, the UK Data Protection Act 2018, the Personal Data Protection Act 2012 of Singapore, and any U.S. state or national data protection laws as superseded, amended or replaced.
1.3 “EU GDPR” means the EU General Data Protection Regulation, Regulation (EU) 2016/679 (including as further amended or modified);
1.4 “Lupl Materials” means the Platform, Application, and Reports, and all worldwide intellectual property rights in and to each of the foregoing but excluding Personal Data.
1.5 “Matter Space” means the collaboration and matter coordination space created by You or any authorized Lupl user on the Platform or Application.
1.6 “Personal Data” means any personal data or personally identifiable information provided by or collected from You in connection with Your use of the Platform that is: (A) nonpublic personal information, (B) information covered by state or federal law which requires the protection of information related to natural persons, (C) other personal information identifiable to a natural person protected now or in the future by applicable state or federal law, or (D) to the extent that the EU GDPR or the UK GDPR applies, any information relating to an identified or identifiable natural person.
1.7 “Platform” means the Lupl software-as-a-service software, platform, and Application that allows You to access certain features and functions through a web interface (or the interface of any integrated service, including without limitation connected communications or document tools) and the Application, together with any relevant user instructions, support, onboarding and customer success materials and related user materials and documentation.
1.8 “Processing” (including “Process”, “Processes”, “Processed”, and other variants of the term) means any operation or set of operations that is performed upon Personal Data, whether or not by automatic means, such as collection, collation, recording, organization, storage, adaptation or alteration, retrieval, consultation, analysis, interpretation, compilation, aggregation, use, disclosure by transmission, dissemination, viewing, copying, deleting, or otherwise making available, alignment or combination, blocking or erasure, or destruction.
1.9 “Reports” means results, reports, materials, and documentation made available to You as part of the Services, including through the Platform.
1.10 “UK GDPR” means the United Kingdom version of the GDPR as it forms part of the law of each applicable jurisdiction of the United Kingdom pursuant to the European Union (Withdrawal) Act 2018.
2.2 Registration Data. In registering an account on the Platform, you agree to (a) provide true, accurate, current and complete information about yourself as prompted by the Platform (the “Registration Data”); and (b) maintain and promptly update the Registration Data to keep it true, accurate, current and complete. You represent that you are (l) of legal age to form a binding contract; and (m) not a person barred from using Platform under the laws of the United States, your place of residence / domicile or any other applicable jurisdiction.
2.3 Your Account. You are responsible for all activities that occur under your Account. You may not share your Access Protocols with anyone, whether within or outside your organization, and you agree to notify Lupl immediately of any unauthorized use of your Account or Access Protocols. If you provide any information that is untrue, inaccurate, not current or incomplete, or Lupl has reasonable grounds to suspect that any information you provide is untrue, inaccurate, not current or incomplete, Lupl has the right to suspend or terminate your Account and refuse any and all current or future use of Platform (or any portion thereof). You agree not to create an Account using a false identity or information, or on behalf of someone other than yourself. Lupl reserves the right to remove or reclaim any usernames at any time and for any reason, including but not limited to, claims by a third party that a username violates the third party’s rights. You agree not to create an Account or use Platform if you have been previously removed by Lupl, or if you have been previously banned from Platform.
2.4 Necessary Equipment and Software. You must provide all equipment and software necessary to connect to Platform, including but not limited to, a mobile, laptop or other device that is suitable to connect with and use Platform. You are solely responsible for any fees, including Internet connection or mobile fees, that you incur when accessing Platform.
4. RESPONSIBILITY FOR CONTENT; INTERACTIONS WITH OTHER USERS
4.1 Types of Content. You acknowledge that all information, data, text, software, music, sound, photographs, graphics, video, messages, tags and/or other materials accessible through the Lupl Materials (collectively, “Content”) is the sole responsibility of the party from whom such content originated. This means that you, and not Lupl, are entirely responsible for all Content that you upload, post, transmit, sync or otherwise make available (“Make Available”) through the Platform (“Your Content”), and that you and other Registered Users of Platform, and not Lupl, are similarly responsible for all Content that you and they Make Available through Platform (“User Content”).
4.2 Content. You acknowledge that Lupl does not review Your Content. Lupl has no responsibility or liability for the deletion or accuracy of any Content, including Your Content. Certain Services may enable you to specify the level at which such Services restrict access to Your Content. You are solely responsible for applying the appropriate level of access to Your Content. If you do not choose, the system may default to its most permissive setting. You agree that Lupl retains the right to create reasonable limits on use and storage of the Content, including Your Content, such as limits on file size, storage space, processing capacity as determined by Lupl in its sole discretion.
4.3 User Responsibility. You are solely responsible for your interactions with other Registered Users and any other parties with whom you interact. You agree that Lupl will not be responsible for any liability incurred as the result of such interactions.
4.4 Content Provided by Other Users. Platform may contain User Content provided by other Registered Users. Lupl is not responsible for and does not control User Content. Lupl has no obligation to review or monitor, and does not approve, endorse or make any representations or warranties with respect to User Content. You use all User Content and interact with other Registered Users at your own risk.
5. INTELLECTUAL PROPERTY; PROPRIETARY RIGHTS.
5.1 Personal Data. Your Personal Data is Your exclusive property.
5.3 Your Content. Lupl does not claim ownership of Your Content. However, when you as a Registered User post or publish Your Content on or via Platform, or sync or provide any other data or information to Lupl, you represent that you own and/or have the right to share Your Content, data and information. Without limitation, you must ensure that you clear any third-party intellectual property rights and obtain any necessary third-party privacy or other consents before sharing Your Content, data or information via the Platform and/or with Lupl.
5.4 License to Your Content. Subject to any applicable account settings that you select, you grant Lupl a fully paid, royalty-free, perpetual, irrevocable, worldwide, royalty-free, non-exclusive and fully sublicensable right (including any moral rights) and license to use, license, distribute, reproduce, modify, adapt, publicly perform, and publicly display Your Content (in whole or in part) for the purposes of operating and providing the Services to you and to our other Registered Users. However, Lupl will not share your Content with any third party or other person you have not authorized, unless required by law.
5.5 Aggregated/Anonymized Data. You acknowledge and agree that notwithstanding anything to the contrary, Lupl may use and disclose Personal Data in aggregated or anonymized form: (a) to improve the Services and Lupl’s related products and services; (b) to provide analytics and benchmarking services; or (c) to generate and disclose statistics regarding use of the Services; provided, however, that such use shall in no way identify You.
5.6 Feedback. You hereby grant to Lupl a royalty-free, worldwide, transferable, sublicensable, irrevocable, perpetual license to use or incorporate into the Services any suggestions, enhancement requests, recommendations or other feedback provided by You relating to the Services. Lupl will not identify You as the source of any such suggestions, enhancement requests, recommendations or other feedback unless (a) otherwise agreed with You; or (b) you submit such suggestions, enhancement requests, recommendations or other feedback via a public ideas platform without specifically marking the idea as anonymous.
6. User Conduct.
6.1 Conduct Generally. You agree that you will not, under any circumstances:
(a) Allow any third party to access the Lupl Materials except as expressly allowed herein;
(b) Modify, adapt, alter or translate the Lupl Materials;
(c) Sublicense, lease, sell, resell, rent, loan, distribute or transfer the Lupl Materials for the benefit of any unauthorized third party;
(d) Modify, copy or make derivative works based on any part of the Lupl Materials;
(e) Access or use the Lupl Materials to build a similar or competitive product or service;
(f) Remove, alter, or obscure any proprietary notices (including copyright and trademark notices) of Lupl or its licensors on the Reports or any copies thereof;
(g) Make available any Content, information or data that you do not have a right to Make Available under any law or under contractual or fiduciary relationships;
(h) Make Available any Content that infringes the rights of any person or entity, including without limitation, any patent, trademark, trade secret, copyright, privacy, publicity or other proprietary or contractual rights;
(i) Interfere with or damage the Lupl Materials, including, without limitation, through the use of viruses, cancel bots, Trojan horses, harmful code, flood pings, denial-of-service attacks, packet or IP spoofing, forged routing or electronic mail address information, or similar methods or technology;
(j) Disrupt, overburden, or aid or assist in the disruption or overburdening of: (i) any computer or server used to offer or support the Lupl Materials; or (ii) the enjoyment of the Lupl Materials by any other person;
(k) Attempt to gain unauthorized access to the Lupl Materials, accounts registered to others, or to the computers, servers or networks connected to the Lupl Materials by any means other than the user interface provided by Lupl, including, but not limited to, by circumventing or modifying, attempting to circumvent or modify, or encouraging or assisting any other person to circumvent or modify, any security, technology, device or software that is part of the Lupl Materials;
(l) Attempt to probe, scan, or test the vulnerability of any Lupl system or network, or breach any security or authentication measures;
(m) Disrupt or interfere with the security of, or otherwise cause harm to, the Lupl Materials, systems, resources, accounts, passwords, servers or networks connected to or accessible through e Lupl Materials or any affiliated or linked sites;
(n) Avoid, bypass, remove, deactivate, impair, descramble, or otherwise circumvent any technological measure implemented by Lupl or any of Lupl’s providers or any other third party (including another user) to protect the Lupl Materials;
(o) Impersonate someone else;
(p) Send illegal, impermissible, unauthorized or spam communications, such as bulk messaging, auto-messaging, auto-dialing, unsolicited commercial communications, and the like; or
(q) Otherwise interfere in any manner with the operation of the Lupl Materials, or the hardware and network used to operate the Lupl Materials.
6.2 Unauthorized Use or Access. You agree that you will not, under any circumstances:
(b) Systematically retrieve data or other Content from the Lupl Materials to create or compile, directly or indirectly, in single or multiple downloads, a collection, compilation, database, directory or the like, whether by manual methods or through the use of bots, crawlers, spiders, or otherwise, except as permitted through the functionality of the Lupl Materials;
(c) Use, display, mirror or frame the Lupl Materials, or any individual element within the Lupl Materials, Lupl’s name, any Lupl trademark, logo or other proprietary information, or the layout and design of any page or form contained on a page, without Lupl’s express written consent;
(d) Use any unauthorized software that accesses, intercepts, “mines” or otherwise collects information from or through Platform or that is in transit from or to the Lupl Materials, including, but not limited to, any software that reads areas of RAM or streams of network traffic used by the Lupl Materials;
(e) Intercept, examine or otherwise observe any proprietary communications protocol used by a client, a server or the Lupl Materials, whether through the use of a network analyzer, packet sniffer or other device;
(f) Bypass any robot exclusion headers or other measures Lupl takes to restrict access to Platform, or use any software, technology or device to send Content or messages, scrape, spider or crawl the Lupl Materials, or harvest or manipulate data;
(g) Use, facilitate, create, or maintain any unauthorized connection to the Lupl Materials, including, but not limited to: (i) any connection to any unauthorized server that emulates, or attempts to emulate, any part of Lupl Materials; or (ii) any connection using programs, tools or software not expressly approved by Lupl;
(h) Reverse engineer, decompile, disassemble, decipher or otherwise attempt to derive the source code (or the underlying ideas, algorithms, structure or organization) of the Lupl Materials or any underlying software or other intellectual property used to provide Platform or the Services;
(i) Forge headers or otherwise manipulate identifiers in order to disguise the origin of any Content transmitted through the Lupl Materials;
(j) Upload, post, e-mail, transmit or otherwise Make Available any material that contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer software or hardware or telecommunications equipment;
(k) Forge any TCP/IP packet header or any part of the header information in any e-mail or newsgroup posting, or in any way use the Lupl Materials to send altered, deceptive or false source-identifying information;
(l) Attempt to access the Lupl Materials through any unapproved interface; or
7. DATA SECURITY; PRIVACY.
7.3 Data Security. Lupl uses reasonable and appropriate data safeguards and procedures designed to prevent the authorized use or disclosure of Personal Data as required under Applicable Privacy Laws (“Data Safeguards”). However, it is important to recognize that no security is perfect and all we can do is take the steps set forth above to try and protect Personal Data. Personal Data may be stored on media or hardware containing other Lupl user data both during and after the Term, provided such media and hardware are subject to the Data Safeguards.
8. FEES AND EXPENSES; PAYMENTS.
8.3 Taxes. The Fees are exclusive of all applicable sales, use, value-added and other taxes, and all applicable duties, tariffs, assessments, export and import fees, or other similar charges, and You will be responsible for payment of all such taxes (other than taxes based on Lupl’s income), fees, duties, and charges and any related penalties and interest, arising from the payment of the Fees, the provision of the Services, or the license of the Platform to You. You will make all payments of Fees to Lupl free and clear of, and without reduction for, any withholding taxes; any such taxes imposed on payments of Fees to Lupl will be Your sole responsibility, and You will provide Lupl with official receipts issued by the appropriate taxing authority, or such other evidence as the Lupl may reasonably request, to establish that such taxes have been paid.
8.4 Interest. Any amounts not paid when due will bear interest at the rate of one percent (1%) per month or the maximum legal rate if less (or the mandatory legal rate, whether more or less than this contractual rate, to the extent it automatically overrides any contractual rate by operation of applicable law), from the due date until paid. Moreover, You may automatically be liable to Lupl for certain lump-sum compensation for recovery costs under any mandatory provision of applicable law if a payment is late. If the recovery costs incurred by Lupl are higher than this amount, Lupl may request additional compensation upon justification.
9. YOUR RESPONSIBILITIES. You are solely responsible for any and all obligations with respect to the accuracy, quality and legality of Personal Data. You will obtain all licenses, consents and permissions needed for Lupl to use the information to provide the Services to You and others invited to a Matter Space by You.
10. WARRANTIES AND DISCLAIMERS.
10.1 Mutual Warranties. Each party represents and warrants that (a) it has all rights, authorizations, consents, and permission necessary to perform its obligations or grant the rights and licenses hereunder and (b) it shall perform all of its obligations and exercise all of its rights hereunder in accordance with all laws, rules and regulations applicable to such party.
10.3 Additional Disclaimers. Each Matter Space is Your and any invited third parties’ private work space. Lupl does not monitor the Content or information in Matter Spaces. Lupl shall not be responsible for any actions, or lack thereof, taken by You, any Lupl user, or any other party as a result of, or in connection with, the Services or the information exchanged in a Matter Space. In addition, the Platform allows You to connect third party software and services to Lupl. Lupl does not control these third-party software or services and as a result makes no promises about such third-party software or services, including whether or not they are available or will interoperate with Lupl in the future (or, in the case of Content, such as via the Knowledge Hub, whether the Content is accurate, complete or up-to-date). In addition, You may be required to have a separate agreement with the third party to use such third-party software and services. Nothing in the Lupl Materials constitutes or shall be construed as legal or other professional advice.
11. LIABILITY AND INDEMNIFICATION.
11.5 Beta features. From time to time, Lupl may offer new “beta” features or tools with which its users may experiment. Such features or tools are offered solely for experimental purposes and without any warranty of any kind and may be modified or discontinued at Lupl’s sole discretion. The provisions of this section apply with full force to such features or tools.
12.1 Confidential Information. “Confidential Information” means any nonpublic information of a party (the “Disclosing Party”), whether disclosed orally or in written or digital media, that is identified as “confidential” or with a similar legend at the time of such disclosure or that the receiving party (the “Receiving Party”) knows or should have known is the confidential or proprietary information of the Disclosing Party. The Lupl Materials and all enhancements and improvements thereto will be considered Confidential Information of Lupl.
13. TERM AND TERMINATION.
14. THIRD-PARTY SERVICES.
14.2 Accessing and Downloading the Application from iTunes. The following applies to any Application accessed through or downloaded from the Apple App Store (“App Store Sourced Application”):
(b) You acknowledge that Apple has no obligation whatsoever to furnish any maintenance and support services with respect to the App Store Sourced Application.
(c) In the event of any failure of the App Store Sourced Application to conform to any applicable warranty, You may notify Apple, and Apple will refund the purchase price for the App Store Sourced Application to You and to the maximum extent permitted by applicable law, Apple will have no other warranty obligation whatsoever with respect to the App Store Sourced Application. As between Lupl and Apple, any other claims, losses, liabilities, damages, costs or expenses attributable to any failure to conform to any warranty will be the sole responsibility of Lupl.
(d) You and Lupl acknowledge that, as between Lupl and Apple, Apple is not responsible for addressing any claims you have or any claims of any third party relating to the App Store Sourced Application or your possession and use of the App Store Sourced Application, including, but not limited to: (i) product liability claims; (ii) any claim that the App Store Sourced Application fails to conform to any applicable legal or regulatory requirement; and (iii) claims arising under consumer protection or similar legislation.
15. DISPUTE RESOLUTION.
16.2 Export. You agree not to export, reexport, or transfer, directly or indirectly, any U.S. technical data acquired from Lupl, or any products utilizing such data, in violation of the United States export laws or regulations.
16.6 Compliance with Law. You will always comply with all international and domestic laws, ordinances, regulations, and statutes that are applicable to its purchase and use of the Services, Report and Documentation.
16.8 Independent Contractors. Your relationship to Lupl is that of an independent contractor, and neither party is an agent or partner of the other. You will not have, and will not represent to any third party that it has, any authority to act on behalf of Lupl.
17. INTERNATIONAL USERS. The Services can be accessed from countries around the world and may contain references to Services and features that are not available in your country. These references do not imply that Lupl intends to announce such Services or features in your country. Lupl makes no representations that the Services are appropriate or available for use in other locations. Those who access or use the Services from other countries do so at their own volition and are responsible for compliance with local law.
[End of Terms]