Privacy Policy

Last updated: October 27, 2023

Your privacy is important to us, and so is being transparent about how we collect, use, and share information about you. 

Disarea, LLC ("We") offers a range of products, including Firefly Design Annotation service (www.FireflyApp.com), 5pm Project Management service (www.5pmweb.com), smartQ Workflow Management service (www.getsmartQ.com), 8am Contact Management and Calendar service (www.8amweb.com) and SpiderScribe Mind Mapping and Brainstorming service (www.SpiderScribe.net).  We refer to all of these products, together with our other services and websites as "Services" in this policy.  Our data collection and use policies with respect to the Services are set forth in this statement. By using these Services, you signify your acceptance of this policy. We may periodically make changes to this Privacy Policy. These changes will be effective when posted on our web sites. If you do not agree with this policy, do not access or use our Services or interact with any other aspect of our business.  

The purpose of this privacy policy is to inform you what personally identifiable information or personal information we may collect from you when you use our Services, how we use such information, and the choices you have regarding our use of, and your ability to review and correct, the information.

 

Collecting and Using Information About You

We collect information about you when you provide it to us, when you use our Services, and when other sources provide it to us, as described below.  

We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make payments through the Services. For example, you provide your contact information and billing information when you register for our Services. You also have the option to add a display name, profile picture, job title, and other details to your profile information to be displayed in our Services.

The Services include our products that you use, where we collect and store content that you post, send, receive and share. Examples of content we collect and store include: the name and description of a project or a task in 5pm, mind maps created in SpiderScribe, notes posted to tickets in smartQ, design annotations posted in Firefly, and any feedback you provide to us.  Content also includes the files and links you upload to the Services.

The Services also include our websites. We collect other content that you submit to these websites, which include social media or social networking websites operated by us. For example, you provide content to us when you provide feedback or when you participate in any interactive features, surveys, contests, promotions or events.  

The Services also include our customer support, where you may choose to submit information regarding a problem you are experiencing with our Services.

We collect certain payment and billing information when you register for our paid Services. This includes the name and contact information of a billing representative. You might also provide payment information, such as payment card details, that are collected and processed via secure payment processing services. We do not store or have access to your credit card information.

We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Services. This information includes the features you use and how you interact with others on the Services. 

We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data.

We and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different Services and devices.

We receive information about you when you or your administrator integrate or link a third-party service with our Services.  For example, if you create an account or log into the Services using your Google credentials, we receive your name and email address as permitted by your Google profile settings in order to authenticate you. You or your administrator may also integrate our Services with other services you use, such as to allow you to access, store, share and edit certain content from a third-party through our Services.  For example, you may authorize our Services to access, display and store files from a third-party document-sharing service within the Services interface.  The information we receive when you link or integrate our Services with a third-party service depends on the settings, permissions and privacy policy controlled by that third-party service. You should always check the privacy settings and notices in these third-party services to understand what data may be disclosed to us or shared with our Services.

We will never sell your personal info to third parties, and we will not use your name or company in marketing statements unless you have publicly shared the information or expressly provided us permission.

We are a data processor with respect to content and other user information we collect in providing the Services to our customers. You can store any type of information in our Services, but we do not share that data or generally know what type of data you or other users are storing. The data is only used by the account owner and invited users as they intend to use it.

Even though we do not transfer data to non-agent third parties, if we were to, we will provide EU and Swiss individuals with opt-out before we share their data with third parties or before we use it other than which it was originally collected or subsequently authorized. To limit the disclosure of your personal information, please submit a written request to support@fireflyapp.com.

The only times we will ever share your info:

  • To provide products or services you have requested, with your permission
  • To investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law

You always have the right to access the personal information we store about you. You can review the personal information you provide to us and make any desired changes to the information, or to the settings, at any time by logging into your account. You can also contact us via email at support@fireflyapp.com.

We will collect, process, and use your personal data and other data in particular for the following purposes:

  • to provide the Services and personalize your experience
  • for research and development to improve our Services
  • to communicate with you about the Services
  • for customer support to respond to your questions and inquiries
  • to provide you with information about services that may be of interest to you
  • to manage awards, surveys, winning games, lotteries, or other promotional activities or events
  • to comply with our legal obligations to prevent any unlawful use of our Services
  • for safety and security to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies
  • for any other purposes to which you have consented in a particular case, or otherwise as permitted by applicable law

If required by law, we will ask for your consent before collecting, processing, or using your personal data for any of the aforementioned purposes.

We will also notify you if we want to use your personal data for a new or different purpose. We will use your personal data for such other purposes only if and to the extent necessary or permitted by applicable law or with your consent.

If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:

  • We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services
  • It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests
  • You give us consent to do so for a specific purpose
  • We need to process your data to comply with a legal obligation

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.

 

Editing, Updating, Correcting and Deleting Information About You

We want to communicate with you only if you want to hear from us. If you prefer not to receive information from us via email, please let us know by sending an email. Please be sure to include your email address and full name. If you would like to update or correct your name, email address or other personal information with us, please contact us the same way.

Because we need to update our records, sometimes these requests may take up to 30 days to be effective. We may need to contact you via email to address questions specific to your order, even if you have opted to not receive communications.

Disarea, LLC acknowledges that EU and Swiss individuals have the right to access the personal information that we maintain about them.  An EU or Swiss individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to support@fireflyapp.com.  If requested to remove data, we will respond within a reasonable timeframe.

 

Spam

Disarea, LLC never sells, rents or shares your email address. We are very concerned about the growth of spam email messages, and we know that you are, too. We believe that spam jeopardizes the right of legitimate companies to conduct business electronically, both now and in the future. The purpose of our email messages is to provide you with ideas or offers that will help you conduct business more successfully. Our emails are designed to be timely and relevant.

 

Cookies

We use cookies on our website to distinguish you from other users of our Services. This helps us to provide you with a good experience when you use our Services. Generally, we use cookies to remind us of who you are, tailor our products and services to suit your personal interests, estimate our audience size and to process your order, track your status in our promotions, and/or analyzing your visiting patterns. You can set your browser to notify you when you are sent a cookie, giving you the chance to decide whether or not to accept it.

 

Security

We use sophisticated encryption and authentication tools to protect the security of your personal information that you share with us. Unfortunately, however, no data transmission over the Internet can be guaranteed to be 100% secure. We will do our best to protect your data security on our Services.

Please make sure not to provide your login data to any third parties.

All data is encrypted via SSL when transmitted from our servers to your browser. We use Liquid Web for hosting our data. Our Services are delivered from SSAE-16 (formerly SAS70) Compliant data centers located in the United States.

We may be required to disclose personal information in response to lawful requests by public authorities, including national security or law enforcement.

 

Deleted Data

When you cancel your account, we keep your data on our servers for at least 30 days in case you change your mind. Beyond that we purge account data from our servers on a regular basis. You can specifically request to have your data deleted by contacting us at support@fireflyapp.com. Anything you delete on your account while it is active will also be purged within 30 days (up until then it is available for restoring, in case you deleted it by mistake).

 

If you are under 16 years of age

The Services are not directed to individuals under 16 and we do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact our support team.

 

International Transfer of Data

We are based in the United States and the information we collect is governed by U.S. law. The information we collect may be transferred to, used from, and stored in the United States or other jurisdictions in which we or our service providers are located; these jurisdictions (including the United States) may not guarantee the same level of protection of personal information as the jurisdictions in which you reside. By using the Services, you acknowledge and agree to any such transfer of information outside of the jurisdiction in which you reside.

 

EU-U.S. DPF, THE UK EXTENSION, AND THE SWISS-U.S. DPF

Disarea, LLC complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Disarea, LLC has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Disarea, LLC has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Disarea, LLC commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Disarea, LLC. 

Disarea, LLC has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

The Federal Trade Commission has jurisdiction over Disarea, LLC’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Disarea, LLC is obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to Disarea, LLC and following the procedures and subject to conditions set forth in Annex I of Principles.

Disarea, LLC does not plan to transfer personal information to third parties. If, in the future, such transfer of personal information to a third party acting as an agent on its behalf will occur, Disarea, LLC shall remain liable under the DPF Principles if their agent processes such personal information in a manner inconsistent with the DPF Principles, unless Disarea, LLC proves that it is not responsible for the event giving rise to the damage.

 

Policy Changes

If we decide to change our privacy policy in whole or in part, we will inform you by posting a notice on our website and/or on our Services. Those changes will go into effect on the date posted in the notice. The new policy will apply to all current and past users of our Services and will replace any prior policies which are inconsistent.

 

Contact us

If you have any questions you can email us at support@fireflyapp.com.