IngeniousIO, Inc. (hereafter “Ingenious”, “we”, “our”, and “us”), also doing business as INGENIOUS.BUILD, is a company with its primary offices in Nashville, TN USA. We have developed a website and a suite of proprietary construction project management software applications, tools and service platform elements which we use to provide services to users on a ‘subscription as a service’(SaaS) basis (the “Service” or “Services”, as applicable). Our proprietary websites include but are not limited to https://www.ingenious.build and https://ingeniousio.com (the “Website” or “Websites”). Also, please understand that, in this Policy, all visitors and users are addressed and referred to as “you”, “your”, and related terms.
Next, please understand, that, in operating the Website and the Services, Ingenious may collect and process certain kinds of information from you and about you. The information so collected may vary depending on how you access and use our Website and Services, and this is explained in detail below. In all cases, by accessing and/or using the Website and/or the Services, and regardless of how you do so, you acknowledge and agree that you have read, understand, and agree to be bound by the terms of this Policy.
If you do not agree with any of the terms in this Policy, please do not access or use the Website(s), the Services or any other part of our service offerings.
If you have any questions or concerns about the terms of this Policy, please contact us at:
473 Dunham Road, Suite 200
St. Charles, IL 60174
California Residents, CCPA and “Do Not Sell or Share”
With regard to California (USA) law, the CCPA/CPRA and “Do Not Sell”: For specific information relating to our practices regarding the sale and sharing of personal information and the principles of the CCPA/CPRA, please see our Do Not Sell or Share policy statement, which can be found in Section 5 of Addendum 2 to this Policy.
I. How our Service Works
II. User Categories – What category applies to you (Visitor, Customer, Authorized User)?
III. Website Visitors - What data are collected, and how are those data processed?
IV. Customers and Authorized Users - What data are collected, and how are those data processed?
V. All Users - Additional Policy terms applicable to all users
Addendum 1: Privacy Rights of California (USA) Residents, and Do Not Sell or Share Data Policy
Addendum 2: Privacy Rights of Nevada (USA) Residents
This Policy describes how we collect, use, and disclose information collected from Website Visitors Customers and Authorized Users through our Websites and Services. This Policy also explains the choices and rights that you have with respect to such information.
I. How our Service Works
Ingenious provides a unique online service which is designed to allow our Customers and their Authorized Users (as these terms are defined below) to access our Services via the Internet on a subscription ‘software as a service’ (SaaS) basis. Our Services consist of proprietary construction management software applications, tools, service architecture elements and other features. While our Websites can be viewed via the Internet by visitors without taking any further action, you will be required to register (create an account, agree to our terms and policies, etc.) as a Customer or Authorized User in order to access our proprietary Service features. Services may be free or paid. Your use of our Website and Services is also subject to our Terms of Service, which you can review at: Terms of Service
You should review all of the terms of this Policy that apply to your use(s) of the Websites and Services, including Section V, which contains general policy terms applicable to all users.
II. User Categories –What Category Applies to You (Visitor, Customer, Authorized User
A. Website Visitors
We refer to users who visit our Websites but who do not register or take any other material actions as Website “Visitors”. Visitors are often individuals who are simply browsing the Websites but who do not register or otherwise use the Services.
• For users in the EU: Ingenious is the data controller of the information collected through the Websites about Website Visitors.
B. Customers, Authorized Users
We refer to users (individuals or companies) who register with us via the Websites (or via a separate registration process) to use the Services (paid or free) as “Customers”. Each Customer will be given access to a discrete “Workspace” (which may include access to certain non-public application features as specified in a Subscription Agreement (defined below)).
In addition, we refer to all individuals who are granted access by a Customer to a Workspace as “Authorized Users.” Authorized Users include but are not limited to employees of a Customer, independent contractors providing services to a Customer, and/or individual ‘guests’ of a Customer who are not affiliated with a Customer but who are invited by that Customer to participate in a given Workspace.
• For users in the EU: In all cases, our Customers control the access to and use of our Services by Authorized Users. Accordingly, our Customers function as the data controllers of the information collected through the Services about Authorized Users (and Ingenious is a data processor of such information). Similarly, under certain US laws we act as a service provider to our Customers in these circumstances.
III. Website Visitors – What Data are Collected, and How are Those Data Processed?
If you are a Website Visitor, regardless of whether you are also a Customer and/or Authorized User, the following policy terms apply to you. To eliminate any confusion, please note that the terms in this section apply only to your use of our Websites, not to your use of the Services (which require registration, etc.).
B. Collection and Processing of Visitor Information/Data
1. Information/Data Collected from Website Visitors.
When you visit the Websites, we collect the following:
• Contact Information: If (and only if) you submit a request for information or a question through the Websites, you may be asked to provide us with basic information including your name, email address, phone number, and postal address. We will also keep records of the communications, the question/request you raised, and how it was resolved.
• Location Information: We collect and process general information about the location of the device from which you are accessing the Service (e.g., approximate geographic location inferred from an IP address).
2. How we Use Data that is Collected from Website Visitors
We use the data collected from Website Visitors to:
• Maintain, provide, and improve the Websites and the Services;
• Respond to your requests for information;
• If you share contact information with us, in accordance with applicable legal obligations, we may communicate with you about promotions, offers, and news about us. You have the ability to unsubscribe from such ‘promotional’ communications;
• Prevent or address technical or security issues;
• Investigate in good faith any alleged violations of our Terms of Service;
• Help us better understand visitor interests and needs; and/or
• Engage in analysis and research regarding use of the Websites and the Services.
C. Legal Bases
If you are located in the EU, please note that the legal bases under the GDPR for using the information we collect through your use of the Websites as a Website Visitor are as follows:
1. Where use of your information is necessary to perform our obligations under a contract with you (for example, to comply with the Terms of Service which you accept by browsing the Websites) or to a Customer (if you are an Authorized User);
2. Where use of your information is necessary for our legitimate interests or the legitimate interests of others (for example, to provide security for our Websites; operate our Websites; prevent fraud, analyze use of and improve our Websites, and for similar purposes);
3. Where use of your information is necessary to comply with a legal obligation; and/or
D. Anonymized Data: Aggregated and De-Identified Information
We may aggregate and/or de-identify (anonymize) Visitor information collected through the Services so that such information can no longer be linked to you or your device (“Anonymized Data”). We may use Anonymized Data for any purpose, including without limitation for research and analytics, and may also share such data with any third parties, including Service Partners, affiliates, and others.
E. Combined Information
You agree that, for the purposes discussed in this Policy, we may combine the information that we collect from Visitors with information that we receive from other sources, both online and offline, and use such combined information in accordance with this Policy.
F. Sharing of Website Visitor Information
We share Website Visitor information with the following:
1. Affiliates. We may share the information we collect with companies which are affiliated with us (e.g., subsidiaries);
2. Service Partners. We may provide access to or share your information with select third parties that use the information only to perform services on our behalf (hereafter “Service Partners”). These third parties provide a variety of services to us, including without limitation sales, marketing, provision of content and features, advertising, analytics, research, data storage, security, fraud prevention, and other services. For additional information on our Service Partners please see Section V.B, below;
3. Business Transfers. If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner so that the Websites can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Policy until such time as this Policy is updated or amended by the acquiring party upon notice to you. If such transfer is subject to additional mandatory restrictions under applicable laws, we will comply with such restrictions;
4. Public Forums. The Websites may make it possible for you to upload and share comments or feedback publicly with other users. Any information that you submit through such public features is not confidential, and we may use it for any purpose (including in testimonials or other marketing materials). Any information you post openly in these ways will be available to the public at large and potentially accessible through third-party search engines. Such information can be read, collected and/or used by other users, and it could be used to send you unsolicited messages. Accordingly, please take care when using these features of the Websites; and
5. Consent. We may also disclose your information to third parties with your consent to do so.
G. Retention of Your Information
We will retain your information for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law.
IV. Customers and Authorized Users - What Data are Collected, and How are Those Data Processed?
A. Information/Data that we Collect: “Workspace Content”
For Customers and Authorized Users, when individuals are using the Services, we collect and process “Workspace Content” (as defined below) in accordance with the applicable Customer’s instructions, as required by applicable law, and as set forth in this Policy.
• Please be aware: In each case, the Customer, and not Ingenious, determines its own internal policies regarding the access, modification, deletion, sharing, and retention of Workspace Content within a Workspace. For example, a Customer may provide or remove access to the Services, enable or disable third party integrations, manage permissions, manage data retention and export settings, transfer or assign teams, or share projects. If you are an Authorized User, and you have concerns or questions, please check with the Customer to understand the policies and settings that they have instituted with respect the Workspace Content that you provide when using the Service.
• EU-based Individuals: If you are located in the European Union, please note that the Customer is the data controller with respect to the processing of your Workspace Content pursuant to the EU General Data Protection Regulation (“GDPR”). When processing data of EU data subjects governed by this Policy, Ingenious is the data processor, meaning that we collect and process such information solely on behalf of the Customer.
B. What is Included in Workspace Content?
“Workspace Content” includes information about Customers and Authorized Users, as well as project-related data that is associated with (or generated within) a particular Workspace; and it may include names, email addresses, messages, attachments, files, tasks, projects and project names, team names, channels, conversations, and other kinds of content added to or generated by a Customer within that Workspace. In addition, for the sake of clarity, Workspace Content will include:
(1) Account Information. To set up your account, you (or the Customer) must provide us with basic information about you which may include your name, address, telephone number, email address, and password. You may also be asked to provide optional profile information, such as a photograph or basic demographic data.
(2) Service Usage Information. We collect a limited amount of information via our systems about how you use and interact with the Services (“Service Usage Information”). Such information includes:
• Device Information: We may collect certain device information, including the type of device you are using, its operating system, and mobile network information, which may include your mobile phone number. We may also collect your MAC address and other unique device identifiers.
• Log files: When you use the Service our servers automatically record information in server log files. These log files may include information such as your web request, IP address, browser type and settings, referring/exit pages and URLs, number of clicks, date and time stamp information, language preferences, data from cookies and similar technologies, and other such information.
• Workspace Use Metadata: When you interact with the Services, metadata is generated that provides high-level (non-content) information about the way you work in your Workspace. For example, we may log the number of Workspaces you work in; the number of tasks to which you are assigned; the features and embedded Services content you interact with; the types of files you share; and what, if any, third party services and integrations you use.
(3) Other Information. You may provide us with other kinds of information when you interact with us in other ways, such as when you voluntarily submit requests or questions to us via customer support forms, email or telephone calls (collectively, “Other Information”).
(4) Information Collected from Third-Party Integrations. If you choose to use or connect to third-party services which are integrated with the Services or via a Customer application (e.g., OneDrive, Slack), referred to herein as “Third-party Integrations”, or if you are required or permitted to do so by a Customer, such third parties may ask us or allow us to have access to and store additional information about your interaction with those services as it relates to your use of the Services. By enabling these connections, you authorize us to connect and access the information provided through these connections, and you understand that the privacy policies of these third parties govern such connections.
C. How Do We Process Workspace Content?
In keeping with the foregoing, we may process Workspace Content as follows
(1) Site Administration and Legal Compliance. Ingenious may view and use Workspace Content as necessary to:
• Maintain, provide and improve the Services;
• Respond to your requests for information from us;
• Prevent or address technical or security issues and resolve support requests;
• Investigate, when we have a good faith belief, or have received a complaint alleging, that Workspace Content is in violation of this Policy or our Terms of Service;
• Comply with a valid legal subpoena, request, or other lawful process;
• Take actions expressly permitted or required in writing by the Customer;
• Prevent or address technical or security issues and resolve support requests;
• Engage in analysis, research, and internal reporting regarding use of the Services;
• Communicate with you via email and through the Services about important notices and updates regarding the Services, such as to inform you about changes in the Services, our service offerings, and important services-related notices, such as about security and fraud. Because these communications are an important part of the Services, you may not opt out of them;
• Communicate with you about promotions, offers, and news about us. You have the ability to unsubscribe from such ‘promotional’ communications;
• Administer those data as otherwise provided for in this Policy; and/or
• Provide cross-device management of your account.
(2) Limited Sharing of Workspace Content. We may share Workspace Content as follows:
• Affiliates. We may share the information we collect with companies which are affiliated with us (e.g., subsidiaries);
• Service Partners. We may provide access to or share information with select third parties that use the information only to perform services on our behalf (“Service Partners”). These third parties provide a variety of services to us, including without limitation sales, marketing, provision of content and features, advertising, analytics, research, data storage, security, fraud prevention, and other services. For additional information on our Service Partners please see Section V.B, below.
• Business Transactions. If the ownership of all or substantially all of our business changes, we may transfer your information to the new owner so that the Services can continue to operate. In such case, your information would remain subject to the promises and commitments contained in this Policy until such time as the acquiring party modifies it. If such transfer is subject to additional mandatory restrictions under applicable laws, Ingenious will comply with such restrictions.
• Consistent with your settings within the Service. Please note that the Workspace Content you submit through the Service may be viewable by other users in your Workspace and within your organization, depending on the specific settings you and your organization have selected.
• Third-party Integrations: If you initiate or use Third-party Integrations you also understand that we will share information about you that is required to enable your use of the Third-party Integrations through the Services. If you do not wish to have this information shared, do not initiate or use these kinds of connections.
D. Anonymized Data: Aggregated and De-Identified Information
We may aggregate and/or de-identify general information collected through the Services so that such information can no longer be linked to you or your device (“Anonymized Data”). We may use Anonymized Data for any purpose, including without limitation for research and analytics, and may also share such data with any third parties, including Service Partners, affiliates, and others.
E. Data Retention
We will retain your information for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law, or where we have agreed with a Customer to specific retention period.
V. ADDITIONAL PRIVACY TERMS APPLICABLE TO ALL USERS
The following additional information about our privacy practices apply to all users of the Services and Websites (Visitors, Customers, Authorized Users).
A. Cookies and Related Technologies
We may use the following types of cookies on the Websites:
1. “Convenience” cookies: These cookies can store ‘persistent’ information like registration information for use on later visits to the Websites. You may be able to configure your browser to block/delete these cookies; but if you do, you will have to (e.g.) input the account-related information every session.
• You may have the option to opt out of convenience cookies (if applicable) when you visit our Websites.
2. “Analytics” Cookies: Cookies which help us to determine usage patterns of our web pages by collecting information about how visitors use our Site.
More specifically, we use a tool called Google Analytics for aggregated and anonymized website traffic analysis. In order to track your session usage, Google places a cookie with a randomly generated Client ID number in your browser. This ID number is anonymized and contains no identifiable information like email, phone number, name, etc. Google also has access to your IP address. In addition, Google may install additional cookies (e.g. Google fonts, Google tag manager). We use Google Analytics to track aggregated website behavior, such as what pages you looked at, for how long, and so on. This information is important to us for improving the user experience and determining site effectiveness.
3. “Necessary” Cookies: These cookies are essential for you to browse a website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies.
4. “Third-party” Cookies: These cookies are set by other online services that run content on the page you view on your browser. For example, if you click on a Facebook "like" button, the underlying code may store a cookie on your computer that can later be accessed by Facebook and may be able to track other Websites that you visit.
Service Partners include the following:
• Google (Cloud/Compute Engine; Analytics): https://cloud.google.com/terms/cloud-privacy-notice
• FullStory: https://www.fullstory.com/legal/privacy-policy/
• Mixpanel: For questions regarding privacy and data protection by Fullstory please email email@example.com
• Heap.io: https://heap.io/privacy
• MongoDB: https://www.mongodb.com/legal/privacy-policy
• Segment: https://segment.com/legal/privacy/; and
C. Third Party Features and Links
We reserve the right to amend this Policy at any time to reflect changes in the law, our data collection and use practices, the features of our Services or Websites, or advances in technology. We will make the revised Policy accessible through the Services and Websites, so you should review the Policy periodically. If we make a material change to the Policy, we will comply with applicable legal requirements regarding providing you with notice and/or consent.
E. How We Protect Your Informationy
Ingenious has implemented technical and organizational measures to protect your information against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access. However, no method of transmission over the Internet, and no means of electronic or physical storage, is absolutely secure, and thus we cannot ensure or warrant the security of your information.
F. Marketing Practices and Choicesy
You may instruct us not to use your contact information to contact you by email, postal mail, or phone regarding products, services, promotions and special events that might appeal to your interests by contacting us at the “Contact Information” section below. In commercial email messages, you can also opt out by following the instructions located at the bottom of such emails. Please note that, regardless of your request, we may still use and share certain information as permitted by this Policy or as required by applicable law. For example, you may not opt out of certain operational or service-related emails, such as those reflecting our relationship or transactions with you.
G. Minors and Privacy
The Websites are not directed toward individuals under age 18; we do not knowingly collect information from anyone under age 18 (a “Minor”); and if we find out that we have collected information from a minor under age 18, we will delete that information immediately.
H. Do Not Track
The Websites may not respond to web browser-based “do not track” signals.
I. Biometric ID Processing
We do not use any technologies (e.g., facial recognition) that are designed to identify an individual based on data (e.g., photographs, videos) collected/processed by our systems.
J. Geographic Aspects of our Privacy Practices; International Transfer
Ingenious is based in Nashville, TN USA. Please be aware that your personal data may be transferred to, and be processed in, states and/or countries other than the state and/or country in which you are a resident. These countries may have data protection laws that are different to the laws of your country.
Further, please understand that elements of our service platform (including servers) are located in the United States, and our third-party service providers (including cloud service providers and partners) operate around the world. This means that when we collect personal information, we or our customers may process it in foreign jurisdictions.
We have implemented measures (including Privacy Shield certification) to assure that transfers of data between us and our customers are compliant with applicable laws. If you have concerns, please contact us.
Your use of the Services and Websites is also subject to the terms contained in our Terms of Service.
L. Data Subject Rights
Local legal requirements (such as those in the EU) may afford you certain legal rights. If you would like further information in relation to your legal rights under applicable law or would like to exercise any of them, please contact us at any time. Your local laws (such as those in the EU) may permit you to request that we:
1. provide access to and/or a copy of certain information we hold about you;
2. prevent the processing of your information for direct marketing purposes (including any direct marketing processing based on profiling);
3. update information which is out of date or incorrect; 4. delete certain information which we are holding about you;
5. restrict the way that we process and disclose certain of your information;
6. transfer your information to a third-party provider of services; and
7. revoke your consent for the processing of your information.
We will evaluate all requests of these kinds and we will provide our response within the time period stated by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. We may request that you provide us with information necessary to confirm your identity before responding to your request.
For additional information on our privacy practices under applicable laws, please see the addendums to this Policy, below.
M. Contact Information
If you wish to contact us or have any questions about, or complaints in relation to, this Policy, please contact us at: Privacy Officer, IngeniousIO Inc., 473 Dunham Road, Suite 200, St. Charles, IL 60174, or firstname.lastname@example.org.
Privacy Rights of California (USA) Residents, and
Do Not Sell or Share Data Policy
The following supplemental terms may apply to residents of California, USA:
1. California "Shine the Light" Law/California Privacy Rights
2. CCPA Privacy Rights and Choices
California residents may have certain rights under the CCPA, many of which are subject to limitations or exceptions under applicable law. These include:
A. Right to Know about Personal Information Collected or "Sold"
B. Right to Request Deletion of Personal Information
You may have the right to request that we delete any of your Personal Data that we collected from you and retained, subject to certain exceptions, including if we need the Personal Data for a reason related to our business, such as:
• providing goods or Services to you;
• detecting and resolving issues
related to security or functionality;
• complying with legal obligations;
• conducting research in the public interest;
• exercising free speech or ensuring another’s exercise of free speech; or
• using the information for internal purposes that a consumer might reasonably expect.
3. Exercising Your Rights
We will not discriminate against you for inquiring about any rights relating to your data under any law, or for making any related request to us. In particular, we will not:
• Deny you goods or services
• Charge you different prices for goods or services, whether through denying benefits or imposing penalties
• Provide you with a different level or quality of goods or services
• Threaten you with any of the above
5. Do Not Sell and Do Not Share Personal Information
We use and share the categories of personal information we collect from and about you consistent with the business purposes we discuss in the Policy, depending on which type of user you are (i.e., Customer, Authorized User or Website Visitor). See the relevant section(s) above for more information.
Please note that California law sets forth certain obligations for businesses that “sell” personal information to, or “share” personal information with, certain third parties. In regards to these principles, please note the following:
• With regard to the sale of personal information to third parties: We do not engage in such activity and have not engaged in such activity in the twelve months prior to the effective date of this Policy.
• With regard to the sharing of personal information with third parties: Except for the necessary sharing of information with Service Partners (see above), we do not engage in such activity and have not engaged in such activity in the twelve months prior to the effective date of this Policy.
6. Inquiries (Questions, Concerns, Service Requests)
If you have concerns, questions, or requests related to your privacy rights please contact us via the following:
473 Dunham Road, Suite 200
St. Charles, IL 60174
Privacy Rights of Nevada (USA) Residents
Under Nevada law, certain Nevada consumers may opt out of the sale of “personally identifiable information” for monetary consideration (as such terms are defined under Nevada law) to a person for that person to license or sell such information to additional persons.