1.2 Responsible entity (data controller). The entity that is responsible for processing personal data through SharpLaunch is SharpLaunch, Inc., a C-corporation having a registered place of business at PO Box 504 Portsmouth, NH 03802, the United States of America (“we”, “us”, and “our”).
1.3 About SharpLaunch. SharpLaunch is a software-as-a-service product for commercial real estate companies (the “Customers”) that facilitates marketing operations. By using SharpLaunch, the Customers may create branded property websites, track engagement activity of Customers’ clients and prospects (collectively, the “End-Users”), conduct marketing analytics, use templates for confidentiality agreements, store documents, and create email marketing campaigns. The Website provides information about the SaaS and allows the Customers to sign up, login to, and manage their user accounts.
1.5 Our role as data controller and data processor. When handling personal data, we act as a data controller and a data processor in terms of the GDPR. Our role depends on the specific situation involving personal data as explained in detail below:
2.1 Types of personal data. We collect personal data in the situations, which are described below. We comply with data minimization principles and we collect only a minimal amount of personal data that is necessary for ensuring your use of SharpLaunch:
2.2 Additional data. We may receive certain additional data if you participate in a focus group, contest, activity or event, request support, interact with our social media accounts or otherwise communicate with us. Please note that the provision of such data is optional and you may choose what personal data you would like to share with us.
2.3 Sensitive Data. We do not collect any special categories of personal data, such as such as your health information, opinion about your religious and political beliefs, racial origins, membership of a professional or trade association, or information about your sexual orientation, unless you decide, in your sole discretion, to provide such data to us.
2.4 Failure to provide personal data. If you fail to provide us with the personal data when requested, we may not be able to perform the requested operation and you may not be able to use the full functionality of SharpLaunch, receive the services provided through SharpLaunch, or get our response.
2.5 Confidentiality of communication and End-Users’ data. We put reasonable efforts to ensure that any communication data transmitted through the SaaS between the Customers and the End-Users remains confidential and properly protected. Moreover, we do not intentionally and directly access, manage, correct, delete, share, or disclose End-Users’ personal data, unless (i) we are requested or authorized by the Customers to do so or (ii) such End-Users’ data is strictly necessary for ensuring the provision of SharpLaunch.
2.6 Payment processing. When the Customers make payments through SharpLaunch, the payments are processed by our third-party payment processor Stripe or Xero (the “Payment Processor”). The Payment Processor is solely responsible for handling Customers’ payments. The Customer agrees not to hold us liable for payments that do not reach us because the Customer has quoted incorrect payment information or the Payment Processor refused the payment for any other reason. Please note that the Payment Processor may collect some personal data, which allows it to process the payments (e.g., Customer’s name and credit card details). The Payment Processor handles all the steps in the payment process on its website, including data collection and data processing. We do not store your credit card details in our systems.
2.7 Social media plugins. SharpLaunch may contain social media plugins (e.g., “like” and “share” buttons). When you click on such buttons, your browser will establish a direct connection to the respective social media service provider. As a result, you social media provider may be able to track your activity on SharpLaunch. Please note that we do not control and have no influence over such social media plugins. We are not responsible for the personal data that your social media provider collects about you when you use such plugins; however, we may receive general analytics reports about your use of SharpLaunch. Thus, we strongly encourage you to review carefully and adjust, if necessary, your social media account settings that permit or disable personal data collection through such plugins.
|Personal data||Purpose||Legal basis|
|When the Customer requests a demo or creates a user account on the Website:
|When the Customer uses SharpLaunch
|When the End-User interacts with the Customer through the SaaS, we process End-Users’:
|When you visit the Website:
|When you contact us by email:
|When you comment on a blog post:
|When the Customer makes a payment:
4.1 Types of non-personal data. While you are using SharpLaunch, we may automatically collect certain technical non-personal data about your use of SharpLaunch. Such non-personal data does not allow us to identify you in any manner. The non-personal data collected by us includes information about: (i) the type of your device; (ii) operating systems and browsers used by you; (iii) your browsing patterns; (iv) URL addresses of websites clicked to and from SharpLaunch; and (v) your other online behavior data. Similarly, when End-Users browse the websites created by using SharpLaunch, we generate and provide to the Customers analytics reports that may contain information about End-Users’ online behavior, such as End-Users’ (i) visits to the Customer’s website, (ii) access to the Customer’s document portal, (iii) the documents downloaded by the End-Users, (iv) information about confidentiality agreements concluded by the End-Users, and (v) emails opened and clicked by the End-Users.
4.2 Purposes of non-personal data. We will use non-personal data in furtherance of our legitimate interests in operating SharpLaunch, conducting our business activities, and developing new products. More specifically, we collect the non-personal data for the following purposes:
4.3 Aggregated data. In case your non-personal data is combined with certain elements of your personal data in a way that allows us to identify you, we will handle such aggregated data as personal data. If your personal data is aggregated or de-identified in a way that it can no longer be associated with an identified or identifiable natural person, it will not be considered personal data and we may use it for any business purpose.
5.1 Marketing messages. From time to time, we may send the Customers marketing messages, such as newsletters, brochures, promotions and advertisements, informing the Customers about our new services. The Customers can be contacted by us for marketing purposes only if:
6.3 Retention as required by law. Please note that, in some cases, we may be obliged by law to store your personal data for a certain period of time (e.g., for accountancy purposes). In such cases, we will store your personal data for the time period stipulated by the applicable law and delete the personal data as soon as the required retention period expires. For example, we may be obliged to keep our company’s financial records for several years. Thus, if you have made a payment for your use of SharpLaunch, we will keep payment-related data until that time period expires. As soon as we do not have a legitimate basis for storing your personal data, we will securely delete it.
7.1 Sharing of personal data. In some circumstances, we disclose your personal data to third-party service providers (data processors and sub-processors) and other third parties. For example, we may share your personal and non-personal data with entities that provide technical support services to us, such as web analytics, data processing, advertising, email distribution, and hosting services, or if you explicitly request us to disclose your personal data. The disclosure of your personal data is limited to the following situations:
7.3 Sharing of non-personal data. We may disclose or use non-personal data and de-identified data for any purpose. For example, we may share it with prospects or partners for business or research purposes, for improving SharpLaunch, or developing new products and services.
7.4 Legal requests. If necessary, we will respond to lawful requests from public authorities to disclose information about the users of SharpLaunch to the extent necessary for pursuing a public interest objective, such as national security or law enforcement.
9.1 Our security measures. We put our best efforts to keep your personal data safe and secure and implement organizational and technical information security measures to protect your personal data from loss, misuse, unauthorized access, and disclosure. In order to ensure the security of your personal data, we kindly ask you to use SharpLaunch through a secure network only. The security measures taken by us include (i) secured networks, (ii) encryption, (iii) firewalls, (iv) backups, (v) limiting access to your personal data by our staff, and (vi) anonymization of personal data (when possible).
9.2 Handling security breaches. Although we put our best efforts to protect your personal data, given the nature of communications and information processing technology and the Internet, we cannot be liable for any unlawful destruction, loss, use, copying, modification, leakage, and falsification of your personal data caused by circumstances that are beyond our reasonable control. In case a personal data breach occurs, we will inform our local data protection authority without undue delay and immediately take reasonable measures to mitigate the breach, as required by the applicable law. Our liability for any security breaches will be limited to the highest extent permitted by the applicable law
To the extent prohibited by applicable law, we do not allow anyone who is under the age of minority in his/her jurisdiction to use SharpLaunch. Thus, we do not knowingly collect personal data of persons below the age of 16. If you learn that anyone younger than 16 has unlawfully provided us with personal data and you are a parent or legal guardian of that person, please contact us and we will take immediate steps to delete such personal data.
11.1 What rights do you have? Individuals located in certain countries, including the EU, have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law and only when we act in the capacity of a data controller with regard to your personal data, you may ask us to:
11.2 How can you exercise your rights? If you would like to exercise your rights listed above, you need to contact us by email and explain in detail your request. In order verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information, so that we would be able to identify you in our system. We will answer such requests within a reasonable timeframe but no later than 2 weeks. Your requests can be submitted free of charge once per calendar year; we reserve the right to charge a small administrative fee for accommodating more frequent requests.
11.3 How can you exercise your rights as End-User? We act in the capacity of a data processor with regard to End-Users’ personal data. Therefore, we do not accommodate End-Users’ requests related to access, rectification, and deletion of their personal data and other rights the End-Users have. The End-Users that would like to exercise their rights with regard to the personal data processed by us through SharpLaunch are requested to contact the respective data controller (i.e., the Customer that uses SharpLaunch to collect personal data). In case we receive such requests directly from the End-Users, we will not take action and inform the respective Customer without undue delay so that the Customer could act accordingly.
11.4 How to launch a complaint? If you would like to launch a complaint about the way in which we handle your personal data, we kindly ask you to contact us first and express your concerns. After you contact us, we will investigate your complaint and provide you with our response as soon as possible. If you are a resident of the EU and you are not satisfied with the outcome of your complaint, you have the right to lodge a complaint with your local data protection authority.
13.2 What is a cookie? A cookie is a small piece of data, typically consisting of letters and numbers. When you visit a website, the website may send a cookie to your browser. Subsequently, the browser may store the cookie on your computer or mobile device. Cookies are designed to allow the recognition of your device and collection of certain information about your use of a website. Thus, over time, cookies allow websites to “remember” your actions and preferences. There are several types of cookies, namely, (i) persistent cookies, which remain valid until their expiration date or until deleted and (ii) session cookies that are stored on a web browser and remain valid until the moment the browser is closed. Cookies may also be (i) first-party cookies (set by the website itself) and (ii) third-party cookies (placed by third-party websites).
13.3 What cookies do we use? We use several types of cookies on SharpLaunch, including:
The table below provides an overview of the cookies used by us, including their purposes and expiration time.
Essential technical cookies
|Essential technical cookies|
|JSESSION ID||Third-party (LinkedIn) HTTP cookie||End of session||Preserves your states across page requests.|
|PHPSESSID||First-party HTTP cookie||End of session||Preserves your states across page requests.|
|lang||Third-party (cdn.syndicatio.twimg.com) HTTP cookie||End session||Remembers your selected language version.|
|lang||Third-party (LinkedIn) HTTP cookie||End session||Set by LinkedIn when a website contains an embedded “follow us” panel.|
|_ga||First-party HTTP cookie||2 years||Registers a unique ID that is used to generate statistical data on how you use the Website.|
|_gat||First-party HTTP cookie||1 day||Used by Google Analytics to throttle request rate.|
|_gid||First-party HTTP cookie||1 day||Registers a unique ID that is used to generate statistical data on how you use the Website.|
|Third-party (Twitter) HTML cookie||Persistent||Unclassified.|
|ads/ga-audiences||Third-party (Google) Pixel cookie||End of session||Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor’s online behaviour across websites.|
|Third-party (LinkedIn) HTTP cookie||2 years||Used by the social networking service, LinkedIn, for tracking the use of embedded services.|
|Third-party (Twitter) Pixel cookie||End of session||Sets a unique ID for the visitor, that allows third party advertisers to target the visitor with relevant advertisement. This pairing service is provided by third party advertisement hubs, which facilitates real-time bidding for advertisers.|
|IDE||Third-party (DoubleClick) HTTP cookie||1 year||Used by Google DoubleClick to register and report the website user’s actions after viewing or clicking one of the advertiser’s ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.|
|Third-party (LinkedIn) HTTP cookie||1 day||Used by the social networking service, LinkedIn, for tracking the use of embedded services.
|Third-party (Twitter) HTML cookie||Persistent||The cookie is used in context with the local-storage function in the browser. This function allows the website to load faster by pre-loading certain procedures.|
|Third-party (Google) Pixel cookie||End of session||Unclassified|
|Third-party (DoubleClick) HTTP cookie||1 day||Used to check if the user’s browser supports cookies.|
Post address: SharpLaunch, Inc.
PO Box 504
Portsmouth NH 03802
United States of America