Privacy Policy
Description of Recent Changes:
Consistent with Cvent’s comment to privacy, iCapture has updated its privacy policy in anticipation of fully integrating into Cvent’s platform. Highlights of this updated Privacy Policy:
- Disclosures required by GDPR, CCPA, and other applicable privacy laws.
- Editorial and administrative changes to improve transparency.
Last modified March 21, 2024
Summary
iCapture is now a wholly-owned subsidiary of Cvent, Inc., which will not only improve our ability to bring our products and services to market, but also provides benefits as the result of having access to Cvent’s expertise and resources for our customers, including privacy.
As before, Cvent respects each person’s right to privacy and endeavors to follow all applicable privacy laws as well as this policy. This Privacy Policy is designed to assist you in understanding how iCapture collects, uses, processes, and safeguards the personal information of our customers and their users and visitors.
iCapture’s Privacy Commitments:
- We apply a consistent level of privacy protection to all personal data collected by iCapture;
- We endeavor to comply with the EU’s General Data Protection Regulation and privacy laws in effect in the United States (for example, the California Consumer Privacy Act).
- Our customers own and control their data on iCapture’s systems and can request its deletion at any time.
Introduction
To provide and improve the iCapture’s lead capture services (“Services”), we collect, store, and otherwise process Personal Information (defined below), of a customer or of a customer's trade show visitor.
This Privacy Statement describes our practices for collecting, storing, and otherwise processing Personal Information and the controls available to manage it within our Services including exercising your rights over your personal information such as the right to object to certain kinds of processing. Importantly, although you use the Services, you retain all rights to your data.
iCapture provides the same standard of privacy protection to all our users around the world, regardless of their country of origin or location, and we are proud of the levels of notice, choice, accountability, security, data integrity, access, and recourse we provide. Additionally, we require that if our vendors or affiliates have access to User Personal Information, they must comply with our Privacy Policy and Terms of Use.
Information Collected
A note about Personal Information: Consistent with the California Consumer Privacy Act (“CCPA”) and the General Data Protection Regulation (“GDPR”), “Personal Information”, as used in this policy, is information that can identify a person, directly or indirectly. Personal Information includes name, address, email, and any information that could reasonably be linked back to a person. For purposes of clarity under the GDPR, iCapture is the Data Controller for Customer Personal Information, as described below, for purposes of operating the Services, and the Data Processor for all data collected through customer’s use of iCapture Services.
iCapture’s collects and processes the following Personal Information:
- Customer Personal Information (“CPI”): First and last name, email address, physical address, phone numbers, payment details, username, and password (which iCapture encrypts), as well as certain log data and Cookie data as described in 3. and 4. below.
- Visitor Personal Information (“VPI”): First and last name, email address, physical address, phone numbers, responses to questionnaires or forms offered through the Services associated with VPI., as well as certain log data and Cookie data as described in 3. and 4. below.
- Web Server Logs: iCapture gathers certain information automatically from visitors’ web browsers that load our web pages and stores it in log files. These log files contain standard information collected by web servers, such as IP addresses, device type, browser type, internet service provider (ISP), operating system, etc. This information is only used internally by iCapture and is not sold to a 3rd party. iCapture uses this information to analyze trends, to administer the iCapture website, and to gather demographic information about its user base. iCapture does not link its Web Server Logs to personally identifiable information.
- Cookie and similar technologies: A “cookie” is a small text file containing a unique identifier that our web server sends to a user’s browser and may be stored on a user’s hard drive. Similar technologies include web beacons, and pixels. Some of these tracking technologies are required to use iCapture Services. If you have your browser set to reject cookies, your use of the iCapture Services is likely to be interrupted. The cookies we use are not permanent.
Information Use and Processing
iCapture processes CPI and VPI in the context of providing the Services as follows and without limitation:
- To operate, maintain, enhance, and provide all features of the Services;
- To provide support to iCapture Customers;
- To understand and analyze the usage trends of iCapture Customers; and,
- To improve the Services, and to develop new products, services, features, and functionality.
iCapture may also use CPI, more specifically, your email address, phone number, and other details to contact you for administrative or customer service purposes, and to send other business communications to you, such as updates about our Services.
Additionally, iCapture uses cookies and similar tracking technologies (web beacons, pixels, etc.) to gather information about the Services, how they perform, and to analyze traffic. In addition, some of these tracking technologies allow iCapture to show you ads for the Services when you visit other sites on the internet. If you are visiting our Website from the EEA, UK or Switzerland, then we do not set non-essential cookies unless you accept via the cookie banner that launches when you land on our Website. You can choose not to allow some types of cookies using the “Cookie Settings” link below. Strictly necessary cookies cannot be disabled.
Information Sharing
iCapture will share your CPI and VPI with third parties as described below:
- To Service Providers. We work with service providers to provide application development, hosting, maintenance, and other services for us. We may transfer, and these service providers may have access to or process, information about you as part of providing those services for us.
Generally, we limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such information. - To Comply with Laws. We may disclose information about you if required to do so by law or in the good-faith belief that such action is necessary to comply with laws, in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.
- To Protect Our Legal Rights. We also reserve the right to disclose information about you that we believe, in good faith, is appropriate or necessary to: (i) take precautions against liability; (ii) protect ourselves or others from fraudulent, abusive, or unlawful uses or activity; (iii) investigate and defend ourselves against any third party claims or allegations; (iv) protect the security or integrity of the Services and any facilities or equipment used to make the Services available; or (v) protect our property or other legal rights (including, but not limited to, enforcement of our agreements), or the rights, property, or safety of others.
- In Corporate Reorganizations. Information may be disclosed during due diligence or in preparation for or after an acquisition or merger, consolidation, change in control, transfer of substantial assets, financing, reorganization or similar corporate transactions with requirements for the receiving party to maintain the confidentiality of such information, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
- To Analytics Providers. We use analytics services to help us operate, understand, and improve the Services.
- For cross-contextual advertising on other sites across the web. In certain cases, for example, when you visit iCapture’s website, we will place a tracker in your browser that allows us to show you iCapture content on other websites. This is called ‘remarketing’ and iCapture uses third party vendors, including Google, to show iCapture ads on other sites on the internet. In addition to opting out of iCapture’s sharing data with third parties, users may also opt out of a third party vendor’s use of cookies by visiting the Network Advertising Initiative opt out page: https://optout.networkadvertising.org/?c=1.
Retention and Deletion
When we collect CPI or VPI, we keep it for as long as we need it for the purpose of providing the Services to our customers over time unless otherwise specified in individual contracts with customers. After that, we will keep the Personal Data for a period which enables us to handle or respond to any complaints, queries or concerns relating to your use of the Services. You can request that iCapture delete your CPI or VPI by contacting us at help@icapture.com or by clicking here.
Cancellation or termination of your account
If you choose to cancel your account and leave the iCapture service, or your account is terminated because of your breach of the Terms of Service, please be aware that iCapture may for a time retain residual information in our backup and/or archival copies of our database. We will make reasonable commercial efforts to delete your information
as soon as reasonably practical.
Your Choices
Customers or Visitors may contact iCapture to request access, deletion, or correction of their CPI or VPI at any time by emailing iCapture at help@icapture.com or by submitting a request here. You may also call 1-833-724-0821 (when calling, please note that your query is with respect to information processed by iCapture) or send a letter to:
2323 S Vista Ave.
Suite 103
Boise, Idaho 83705 USA
Third Party Integrations
You may use the Services with third-party mobile apps and other services provided by third parties. Any information you provide on third party mobile apps and services is provided directly to the operators of such mobile apps and services and is subject to those operators’ policies, if any, governing privacy and security. We are not responsible for the content or privacy and security practices and policies of such third parties. We encourage you to learn about third parties’ privacy and security policies before providing them with information.
Please note that iCapture securely stores your Login Credentials long enough to enable integration to the Third-Party Service. We also may retain certain information related to your Third-Party Integrations (for example: date sent, link configuration, names of the Third-Party Services), for the purpose of improving our Services.
Data Security
iCapture maintains a comprehensive information security program designed to protect CPI and VPI using administrative, physical, and technical safeguards. The specific security measures used are based on the sensitivity of the Personal Information collected. We have measures in place to protect against inappropriate access, loss, misuse, or alteration of Personal Information under our control. iCapture also maintains a SOC2 certification which it renews annually.
The iCapture (and Cvent) security team regularly reviews and updates our security and privacy practices as necessary to help ensure the integrity of our systems and your Personal Information. Further, as no security measures 100% effective, it is important that you also guard against unauthorized access to your Personal Information by maintaining strong passwords and protecting against the unauthorized use of your own computer or device.
Compliance with Children’s Online Privacy Protection Act
As a business service, iCapture does not target its offering toward and does not knowingly collect any personal information from users under thirteen (13) years of age.
International Data Transfer
All data collected through the Services is transferred to the United States, unless the iCapture customer chooses to not have the data stored within the iCapture database and arranges for alternative storage options. iCapture relies on established international data transfer mechanisms such as the EU Standard Contractual Clauses available through our Data Processing Addendum.
Complaints/Contact Us
If you have concerns about the way iCapture is handling CPI or VPI, please let us know immediately. We want to help. You may also email us directly at privacy@cvent.com. You may also reach us by phone or by mail at the numbers and address stated at https://www.icapture.com/contact/.
In the unlikely event that a dispute arises between you and iCapture regarding our handling of your User Personal Information, we will do our best to resolve it. If we cannot, we offer an independent dispute resolution provider at no cost to you.
CCPA Addendum
Introduction
This CCPA Addendum supplements the information contained in iCapture’s Privacy Policy above and applies solely to those of you who reside in the State of California. We adopt this supplemental notice to comply with the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (the “CCPA”). Any terms defined in the CCPA have the same meaning when used in this Addendum, unless otherwise noted.
“Personal Information” under the CCPA
Under the CCPA, “personal information” is information that identifies, relates to, describes, or is capable of being associated with a particular consumer or household. Personal information does not include:
- Publicly available information;
- Deidentified or aggregated consumer information; or,
- Information excluded from the CCPA’s scope, such as:
Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 and the California Confidentiality of Medical Information Act or clinical trial data; or,
Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act or California Financial Information Privacy Act, and the Driver’s Privacy Protection Act of 1994.
Information We Collect
The table below sets forth the categories of personal information that we have collected within the last twelve (12) months since this notice was last updated:
CATEGORY | EXAMPLES | COLLECTED FROM iCapture Customers or their Visitors |
Identifiers | A real name, unique personal identifier, online identifier, Internet Protocol address, email address, account name or other similar identifiers. | YES |
Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) | A name, address, telephone number, bank account number, credit card number, debit card number, or any other financial information | YES |
Protected classification characteristics under California or federal law | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information) | NO |
Commercial information | Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies | YES |
Biometric Information | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data | NO |
Internet or similar network activity | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement | YES |
Geolocation data | Physical location or movements | NO |
Sensory data | Audio, electronic, visual, thermal, olfactory, or similar information | NO |
Professional or employment- related information | Current or past job history or performance evaluations | NO |
Non-public education information (as defined in the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99) | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records | NO |
Inferences drawn from other personal information | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes | NO |
Sensitive Personal Information (Identifiers) | A consumer’s social security, driver’s license, state identification card, or passport number | NO |
Sensitive Personal Information (Log-in and Financial Information) | Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account | NO |
Sensitive Personal Information (Precise Geolocation) | Geolocation data used to locate a consumer within a geographic area that is equal to or less than the area of a circle with a radius of 1,850 feet | NO |
Sensitive Personal Information (Group Membership) | Racial or ethnic origin, religious or philosophical beliefs, or union membership | NO |
Sensitive Personal Information (Contents of Communications) | The contents of a consumer’s mail, email, and text messages unless the business is the intended recipient of the communication | NO |
Sensitive Personal Information (Genetic Data) | NO | |
Sensitive Personal Information (Identifying Biometric Information) | NO | |
Sensitive Personal Information (Personal Information Collected and Analyzed Concerning a Consumer’s Health) | NO | |
Sensitive Personal Information (Personal Information Collected and Analyzed Concerning a Consumer’s Sex Life or Sexual Orientation) | NO |
Categories of Sources from Which Personal Information is Collected
We obtain CPI and VPI listed above from the following categories of sources:
- Directly from you (for example, when you create an account or when a visitor fills out a questionnaire or contact form, scans an event badge); and,
- Automatically when you interact with our Services, such as, without limitation, as enabled by cookies, pixels, or other tools.
Business or Commercial Purpose Which Personal Information Will Be Used
iCapture does not disclose personal information to any third parties, other than as described in this Privacy Policy or with your consent.
As described in more details in our Privacy Policy under “Information Use and Processing:”
- We use the information collected for our business, including, without limitation, to operate, maintain, enhance, improve, and provide the features of the Services.
- We may also use your email address or other information to contact you for administrative or customer service purposes, and to send other business communications to you.
Disclosure, Sale, and Sharing of Personal Information
As described in more details our Privacy Policy, under “Information Sharing,” iCapture iCapture does not sell customer data to third parties – where “sell” means to disclose personal information to third parties for monetary or other valuable consideration. This does not include, for example, the transfer of personal information as an asset that is part of a merger or other disposition of all or any portion of our business.
iCapture may, however, disclose the following categories of personal information to the following categories of third parties:
- Analytics Providers
- Categories we disclose: Identifiers, Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), Commercial information, Internet or similar network activity.
- Other Service Providers
- Categories we disclose: Identifiers, Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), Commercial information, Internet or similar network activity.
- Certain Cross-Context Behavioral Advertising Vendors
- Categories we disclose: Identifiers, Internet or similar network activity.
Rights under the CCPA
Access to Specific Information; Deletion
If you are a California resident, you have the right to:
- Request that we disclose to you the following information covering the 12 months preceding your request:
- The categories of personal information that we have collected about you;
- The categories of sources from which the personal information was collected;
- The business or commercial purpose for collecting personal information about you;
- The categories of third parties to whom we disclosed personal information about you, the categories of personal information that was disclosed, and the purpose for disclosing the personal information about you (if we have made any such disclosures);
- The specific pieces of personal information we collected about you; and,
- Request that we delete personal information we collected from you, unless the CCPA recognizes an exception.
- Request that we correct inaccurate personal information that we maintain about you; and,
- Opt-out of the “sale” or “sharing” of your personal information.
Exercising Your Rights
To request access to your personal information or request deletion, or correction, please submit a verifiable request through one of the following methods:
- Online form: https://www.cvent.com/personal-data-requests
- Email: help@icapture.com or
- Toll-free number: 1-833-724-0821 (when calling, please note that your query is with respect to information processed by iCapture)
Only you or a person authorized to act on your behalf may make a consumer request related to your personal information.
You may only request a copy of your data twice within any 12-month period. The request must:
- Provide sufficient information to allow us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and,
- Describe your request with sufficient details to allow us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Global Privacy Control: Some browsers and browser extensions support the Global Privacy Control (“GPC”) that can send a signal to the websites you visit indicating your choice to opt-out from certain types of data processing, including data sales. If your browser supports it, you can turn on the Global Privacy Control to opt-out of the “sale” or “sharing” of your personal information.
Response Timing and Format
Our goal is to respond to a verifiable request within 45 days of its receipt. If we require more time, we will inform you of the reason and extension period in writing. Any disclosures we provide will cover only the 12-month period preceding the request. If applicable, the response we provide will also explain the reasons we cannot comply with the request. We will provide your personal information in a format that is readily usable and should allow you to transmit the information without hindrance.
We will not charge a fee to process or respond to your request unless it is excessive or repetitive. If we determine that the request warrants a fee, we will provide you with the basis for that decision and a cost estimate before completing your request.
Non-Discrimination
We will not discriminate against you for exercising any of your rights under the CCPA, including if you are an employee, applicant, or independent contractor of our business. Unless permitted by the CCPA, we will not, because of your exercise of such rights:
- Deny you goods or services;
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties;
- Provide you a different level or quality of goods or services; or,
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
Changes to Our Privacy Notice
We reserve the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will notify you through our website.
Contact Information
If you have any questions or comments about this notice, the ways in which we collect and use your personal information, your choices and rights regarding such use, or wish to exercise your rights under California law, please contact us at:
- Email: help@icapture.com or
- Toll-free number: 1-833-724-0821 (when calling, please indicate that your query is with respect to information processed by iCapture)
- Mailing address:
- 2323 S Vista Ave.
- Suite 103
- Boise, Idaho 83705 USA
GDPR ADDENDUM
Your Rights
We respect your privacy rights and provide you with reasonable access and rights to the Personal Information, as this term is referred to for individuals located in the European Economic Area (EEA), pursuant to the European Directives 95/46/EC and 2002/58/EC (EU General Data Protection Regulations Legislation, also known as GDPR), that you may have provided through your use of the Services. If you live in one of those countries, and wish to access, amend, delete, or transfer any Personal Information we hold about you, you may contact us as set forth in the “Contact Us” section in the Privacy Policy.
You may access, correct, or delete your Personal Information and preferences at any time by request to us. Please note that iCapture processes personal data of it’s customer’s trade show visitors on behalf of and under the direction of our customers. Any customer trade show visitors that seek to access, correct, or delete their personal data, should direct their query to the applicable iCapture customer, and iCapture will assist the customer with fulfilling the request. While any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
You may decline to disclose certain Personal Information to us, in which case we may not be able to provide to you some of the features and functionality of the Platform Services.
At any time, you may object to the processing of your Personal Information, on legitimate grounds, except if otherwise permitted by applicable law. If you believe your right to privacy granted by applicable data protection laws has been infringed upon, you may contact Cvent’s (EU Based) Data Protection Officer at dpo@cvent.com. as set forth in the “Contact Us” section in the Privacy Policy. You also have a right to lodge a complaint with data protection authorities in the country where you live or are accessing iCapture Services.
Legal Basis for Processing Personal Data; Retention
iCapture will only collect and process Personal Information when we have lawful bases for doing so. These lawful bases include when you provide consent (such as when you agree to use iCapture’s services, which are hosted in the United States, or, when we have a contractual obligation or legitimate business interest in the collection or processing your Personal Information.
When we collect Personal Information, we keep it for as long as we need it for the purpose for which it is being processed. We will periodically review the Personal Information we hold and delete it securely when there is no longer a legal, business, or consumer need for it to be retained.
Transfers
Where we transfer your Personal Data outside the EEA, we rely on approved standard EEA Model Clauses so these transfers are conducted in accordance with applicable laws and using adequate and appropriate safeguards unless you consent to the transfer, as in the case where you sign up for and use iCapture Services directly.
Processors and Subprocessors
You can view iCapture’s list of data processors and subprocessors here.