Last updated August, 2019
Building Engines, Inc. (“Building Engines”) is committed to protecting the privacy of individuals who visit Building Engines’ Web sites (“Visitors”), individuals who register to use the Services as defined below (“Clients”), and individuals who register to attend Building Engines’ corporate events (“Attendees”). This Privacy Statement describes Building Engines’ privacy practices in relation to the use of Building Engines’ Web sites and the related applications and services offered by us (the “Services”).
1. Web Sites Covered
This Privacy Statement covers the information practices of Web sites that link to this Privacy Statement, including: http://www.buildingengines.com; http://www.RDM1.com; http://www.awaremanager.com; https://www.requestcom.com; www.buildingadvantage.com (collectively referred to as “BuildingEngines.com Web sites” or “Building Engines’ Web sites”).
Building Engines and affiliates Web sites may contain links to other Web sites. The information practices or the content of such other Web sites is governed by the privacy statements of such other Web sites. Building Engines encourages you to review the privacy statements of other Web sites to understand their information practices.
2. Information Collected
When expressing an interest in obtaining additional information about the Services or registering to use the Services, Building Engines requires you to provide us with personal contact information, such as name, company name, address, phone number, and email address (“Required Contact Information”). When purchasing the Services, Building Engines may require you to provide us with financial qualification and billing information, such as billing name and address, contact and purchasing information, and the size of the company real estate portfolio, the number of assets to be stored by services along with the number of employees within the organization that will be using the Services (“Billing Information”). Required Contact Information, Billing Information, and Optional Information about Clients are referred to collectively as “Data About Building Engines’ Clients”, or in the case of Attendees, “Data About Company’s Attendees”.
As you navigate Building Engines’ Web sites, Building Engines may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on Building Engines’ Web sites (such as the Web pages viewed and the links clicked).
3. Use of Information Collected
The Company uses Data About Building Engines’ Clients to perform the services requested. For example, if you fill out a “Contact Me” Web form, Building Engines will use the information provided to contact you about your interest in the Services.
The Company also uses Data About Building Engines’ Clients to plan and host corporate events, host online forums and social networks in which event attendees may participate, and to populate online profiles for Attendees on Building Engines’ Web sites.
The Company may also use Data About Building Engines’ Clients and Data About Building Engines’ Clients for marketing purposes. For example, Building Engines may use information you provide to contact you to further discuss your interest in the Services and to send you information regarding Building Engines, its affiliates, and its partners, such as information about promotions or events.
Building Engines does not collect and store credit card information from “Visitors”, “Clients” or “Attendees”.
4. Web Site Navigational Information
Cookies, Web Beacons and IP Addresses
Building Engines uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate Building Engines’ Web sites (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information used on Building Engines’ Web sites and how this information may be used.
4.2 Web Beacons
Building Engines uses Web Beacons alone or in conjunction with cookies to compile information about Clients and Visitors’ usage of Building Engines’ Web sites and interaction with emails from Building Engines. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Building Engines may place Web beacons in marketing emails that notify Building Engines when you click on a link in the email that directs you to one of Building Engines’ Web sites. Building Engines uses Web beacons to operate and improve Building Engines’ Web sites and email communications.
4.3 IP Addresses
When you visit Building Engines Web sites, we collect your Internet Protocol (“IP”) addresses to track and aggregate non-personal information. For example, Building Engines uses IP addresses to monitor the regions from which Clients and Visitors navigate Building Engines’ Web sites.
Building Engines also collects IP addresses from Clients whey they log into the Services as part of Building Engines’ “Identity Confirmation” and “IP Range Restrictions” security features.
5. Public Forums and Client Testimonials
Building Engines may provide bulletin boards, blogs, or chat rooms on Building Engines’ Web sites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Building Engines is not responsible for the personal information you choose to submit in these forums.
Building Engines posts a list of Clients and testimonials on Building Engines’ Web sites that contain information such as Client’s. Building Engines obtains the consent of each Client prior to posting any information on such a list or posting testimonials.
6. Sharing of Information Collected
6.1 Service Providers
Building Engines may share Data About Building Engines’ Clients and Attendees with Building Engines’ contracted service providers so that these service providers can provide services on our behalf. Without limiting the foregoing, Building Engines may also share Data About Building Engines’ Clients and Attendees with Building Engines’ service providers to ensure the quality of information provided, and with third-party social networking and media Web sites, such as Facebook, for marketing and advertising on those Web sites. Unless described in this Privacy Statement, Building Engines does not share, sell, rent, or trade any information with third parties for their promotional purposes.
Occasionally, Building Engines may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Building Engines, we may share Data About Company’s Clients collected in connection with your purchase or expression of interest with our joint promotion partner(s). Building Engines does not control our business partners’ use of the data about Building Engines’ clients we collect, and their use of the information will be in accordance with their own privacy policies. If you do not wish for your information to be shared in this manner, you may opt not to purchase or specifically express interest in a jointly offered product or service. Building Engines does not share data about Building Engines’ attendees with business partners.
Building Engines, Inc reserves the right to use or disclose information provided if required by law or if Building Engines reasonably believes that use or disclosure is necessary to protect Building Engines’ rights and/or to comply with a judicial proceeding, court order, or legal process.
7. Communication Preferences
Building Engines offers Visitors, Clients, and Attendees who provide contact information a means to choose how Building Engines uses the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of Building Engines’ marketing emails. Additionally, you may send a request specifying your communications preferences to email@example.com. Clients cannot opt out of receiving transactional emails related to their account with Building Engines or the Services. Mobile carriers are not responsible or liable for undelivered or delayed messages.
8. Correcting and Updating Your Information
Clients may update or change their registration information by editing their record. For additional information please email your inquiry to firstname.lastname@example.org.
9. Client Data & Building Engines Data
Building Engines Clients may electronically submit data or information (activity data) to the Services for hosting and processing purposes (“Client Data”). Building Engines will not, share, distribute, or reference any such Client Data except as provided here; in the Building Engines Master Subscription Agreement executed with Client, or as may be required by law. In accordance with the terms and conditions of each Client Software License Agreement, or Building Engines Master Subscription Agreement, Building Engines may access Client Data only for the purpose of providing the Services, preventing or addressing service or technical problems, at a Client’s request in connection with client support matters, or as may be required by law.
Building Engines may also electronically collect Client Data or information (activity data) through the Services and may compile such data and information while eliminating Personal Identifiable Information (“Cleansed Data”) and combining it with the Cleansed Data and information from other clients. This de-identified or anonymized data is “Building Engines Data” and may be co-mingled with other non-Systems data for reporting, portfolio and market baselining and for other analytical purposes.
Building Engines uses robust security measures to protect Client Data from unauthorized access, maintain data accuracy, and help ensure the appropriate use of Client Data. When the Services are accessed using Internet Explorer version 10.0 or later, or the latest version of Google Chrome, Firefox, or Safari, Transport Layer Security (TLS) technology protects Client Data using both server authentication and data encryption. These technologies help ensure that Client Data is safe, secure, and only available to the Client to whom the information belongs and those to whom the Client has granted access. Building Engines also implements an advanced security method based on dynamic data and encoded session identifications, and Building Engines hosts its Web sites in a secure server environment that use firewalls, intrusion detection systems, and other advanced technology to prevent interference or access from outside intruders. Building Engines also offers enhanced security features within the Services that permit Clients to configure security settings to the level they deem necessary. Clients are responsible for maintaining the security and confidentiality of their Building Engines usernames and passwords.
11. Changes to Privacy Statement
Building Engines reserves the right to change this Privacy Statement at any time and will provide notification of the material changes to this Privacy Statement through Building Engines’ Web sites, and/or directly to its Clients at least thirty (30) business days prior to the change taking effect.
12. Contacting Us
Questions regarding this Privacy Statement or the information practices of Building Engines’ Web sites should be directed to Building Engines by emailing us at the following address: email@example.com or by mailing your question to Building Engines at the following address: Building Engines, Inc., Legal Department, 33 Arch Street, Suite 3200, Boston, MA 02110
13. General Data Protection Regulations (“GDPR”) – Specific Disclosures
This section applies to data processing activities of data subjects residing in the European Economic Area regardless of residence, to the processing of any Personal Data in the European Economic Area.
- “Personal Data,” for purposes of this section, means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
- “Services” means any of our products, services, or deliverables.
- “Site” means any website operated and controlled by us.
Pursuant to the European Union General Data Protection Regulation (GDPR), we function as a “processor” for the Services we offer to our clients. The scope of applicable data protections and processing for those Services are set forth in contractual agreements with our clients and are therefore not covered by this Privacy Notice.
We may process certain Personal Data in order to maintain and provide the Services to our clients, such as names, addresses, email addresses, and other contact information for designated client representatives or personnel (“Client Relationship Data”). In addition, we may send marketing materials or communications to potential or existing clients (“Marketing Activities”). For purposes of Client Relationship Data and Marketing Activities, we function as a “controller.” Our disclosures with respect to our processing of data as a controller are set forth in this section.
13.1 How we Collect Personal Data
We describe how we collect and use Personal Data in the Information Collected section of the Privacy Notice. The Information Collected section is expressly incorporated by reference herein.
Our disclosure is limited to circumstances where we are permitted to do so under applicable European and national data protection laws and regulations. A list of companies with whom we share data for purposes of marketing our Services to potential and existing clients is available here:
- Amazon Web Services Inc.
- ClientSuccess, Inc.
- Constant Contact, Inc.
- Engagio, Inc.
- Google, Inc.
- Marketo, Inc.
- Mixedpanel Inc.
- Pendo.io Inc
- QuickBase Inc
- Salesforce, Inc.
- Survey Monkey, Inc.
- Zendesk Inc.
13.3 Legal Basis for Processing
We collect and process your Personal Data for a variety of different purposes which are set out in further detail in this section.
In some cases, we will ask for your consent so that we may process your Personal Data. However, in certain circumstances, applicable data protection laws allow us to process your Personal Data without needing to obtain your consent.
13.3(a) Processing Personal Data Where Consent Not Required
In certain cases, separate consent is not required, including:
For the performance of a contract
To perform our contractual obligations to you, including our fulfilling orders or purchases you have made, contacting you in relation to any issues with your order or use of our Services, in relation to the provision of our Services, or where we need to provide your Personal Data to our service providers related to the provision of the Services, including for license activation and management.
To comply with legal obligations
To comply with laws, regulators, court orders, or other legal obligations, or pursuant to legal process.
To operate our business and provide our Services (other than in performing our contractual obligations to you) for our “legitimate interests” and for the purposes of applicable law, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Legitimate interests may include:
- To communicate with you regarding the Services, including to provide you important notices regarding changes to our Online Services Agreement (OSA) and to address and respond to your requests, inquiries, and complaints.
- For our direct marketing purposes.
- To send you surveys in connection with our Services.
- To assist in the investigation of suspected illegal or wrongful activity, and to protect and defend our rights and property, or the rights or safety of third parties.
- To develop, provide, and improve our Services.
- To enforce our OSA, License Agreements, this Privacy Notice, or agreements with third parties.
13.3 (b) Consent for Processing
In cases where we are not already authorized to process the Personal Data under applicable law, we may ask for your consent to process your Personal Data, including:
We may ask for your consent for [Client Name] or our partners or vendors to contact you by telephone, SMS, post and/or email about other offers, products, promotions, developments or Services which we think may be of interest to you and for other marketing purposes.
A “cookie” is a small text file that a web server stores in browser software. A browser sends cookies to a server when the browser makes a connection to the server (for example, when requesting a web page from the same domain that created the cookie). The purpose of cookies is to remember the browser over time and distinguish one browser instance (or user) from all others. Some cookies and other technologies may serve to track Personal Data previously entered by a web user on our site. Most browsers allow you to control cookies, including whether or not to accept them, and how to remove them. Cookies can remember login information, preferences, and similar information.
Cookies, as well as other tracking technologies such as HTML5 local storage, and Local Shared Objects (such as “Flash” cookies), and similar mechanisms, may record information such as a unique identifier, information you enter in a form, IP address, and other categories of data.
We also use web beacons or “pixels,” and in certain circumstances may collect IP address, screen resolution and browser software and operating system types; clickstream patterns; dates and times that our site is accessed, and other categories of data.
If you want to block the use and saving of cookies from the Site on to their computers hard drive, you should take the necessary steps within your web browser’s settings to block all cookies from the Site and its external serving vendors, or use the cookie control system, which, if available upon your first visit, will be linked here. Please note that if you choose to erase or block your cookies, certain parts of our Site may not function correctly. For information on how to disable cookies, refer to your browser’s documentation.
13.4 Interest-based Advertising
The opt-outs for interest-based advertising require that strictly necessary cookies are not blocked by the settings in your web browser. We support the Self-Regulatory Principles for Online Behavioral Advertising of the Digital Advertising Alliance in the U.S., the Canadian Digital Advertising Alliance in Canada, and the European Digital Advertising Alliance in the EU. If you live in the United States, Canada, or the European Union, you can visit Ad Choices (US), Your Ad Choices (Canada), or Your Online Choices (EU) to find a convenient place to opt-out of interest-based advertising with participating entities for each region. These websites also provide detailed information about how interest-based advertising works. Opting out does not mean that you will no longer receive advertising from us, or when you use the Internet. It just means that the data collected from our website will not be used for interest-based advertising and that the advertising you see displayed on websites will not be customized to your interests.
13.5 Withdrawing Your Consent
You may at any time withdraw the consent you provide for the processing of your Personal Data for the purposes set forth in this Privacy Notice by emailing us at firstname.lastname@example.org, provided that we are not required by applicable law or professional standards to retain such information.
If you want to stop receiving future marketing messages and materials, you can do so by clicking the “unsubscribe” link included in our email marketing messages or by emailing us at email@example.com.
13.6 Data Subject Rights
You have the right in certain circumstances to request confirmation from us as to whether or not we are processing your Personal Data. Where we are processing your Personal Data, you also have the right to request access to, modification of, or deletion of such Personal Data.
You also have the right in certain circumstances to receive the Personal Data concerning you that you provided to us, to restrict processing of your Personal Data, or to transmit such data to another controller.
To exercise your rights with respect to your Personal Data, please email us at firstname.lastname@example.org. As permitted by law, certain data elements may not be subject to access, modification, portability, restriction, and/or deletion. Furthermore, where permissible, we may charge for this service. We will respond to reasonable requests as soon as practicable and as required by law.
13.7 De-identified or Anonymized Data
We may create de-identified or anonymous data from Personal Data by removing data components (such as your name, email address, or linkable tracking ID) that make the data personally identifiable to you or through obfuscation or through other means. Our use of anonymized data is not subject to this Privacy Notice.
13.8 Data Retention
We will retain your Personal Data for as long as long as you maintain an account or subscription agreement or as otherwise necessary to provide you the Services. We will also retain your Personal Data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
13.9 Right to Lodge a Complain with a Supervisory Authority
You may have a right to lodge a complaint with a supervisory authority.
13.10 Contact Us
For questions regarding this Privacy Notice, please contact us by sending an email to email@example.com or by mailing your question to Building Engines at the following address: Building Engines, Inc., Legal Department, 33 Arch Street, Suite 3200, Boston, MA 02110.