The Tutorial BuilderThe Square
Customers
Meet Our FamilyUsers & Testimonials
Explore Use CasesSales Enablement
Resources
SupportSchedule DemoContact Us
HelpHelp CenterFAQIntegrationsBlogTrust Center
Pricing
Try it FreeSign In

Trust Center

Trust MattersTerms of UsePrivacy PolicyCookie PolicySubprocessorsDPAAccessibility

Introduction

This Privacy Policy covers how iorad collects, uses, discloses and stores information about you when you use our website or Application.

This Privacy Policy does not apply to any third-party websites or Applications that you may use, including any that are linked within our website, Application, or services. You should review the terms and policies for third-party websites and apps before clicking on any links.

What Information We Collect and How We Collect It

In order to provide our services to you and to ensure that our software and Application operate correctly, we collect various types of information, including information that identifies you or may identify you as an individual (“personal information”). When you use our website, sign up for our services, and use our Application, we collect the following information:

Information you provide to us:
  • If you use the contact information provided on the iorad.com website to contact us directly, we collect your contact information which includes your email address, name, and reason for contacting iorad.
  • When you sign up for a free account we collect your public name, email, and password. When you purchase a plan to use our services and application, we collect your name, email address, billing address, zip code, country, company, payment information when paying by purchase order, and any other information you voluntarily provide to us.
Information we automatically collect when you use our website or Application:
  • Internet Protocol Address (“IP address”)
  • Usage Data: Information collected automatically through this Application (or third-party services employed in this Application) including the domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
  • Information collected by cookies and other similar technologies. We use various technologies to collect information that include saving cookies to Users’ computers. These tools help us understand and improve the performance of the iorad website and Application. Our Cookie Policy can be found here.
Information we collect from third parties:

We may receive personal information about you from partners, external organizations, social media websites, and other third-party sources.

How We Use the Information We Collect

  • Services

    We use the information we collect in connection with the services we provide. We use the information we collect to set up User accounts; provide, operate, and maintain services; process and complete transactions; provide customer service and support and respond to inquiries; send communications; prevent fraudulent activity; for registration and authentication purposes; for any other purpose based on our legitimate interest.

  • Website

    We use the information we collect to administer and improve the iorad website and Application.

  • Analytics

    We use aggregated information that is collected to understand general information and trends related to our website, such as how many Users have visited our website during a given period of time and the types of devices the visitors use. This information cannot be used to identify an individual. We use this information to help improve our website and Application.

  • Respond to Inquiries

    If you choose to contact us directly using the methods posted on our website (by email, website form, chat bot, postal mail, or voicemail), we will respond to you using the contact information you provided in your inquiry.

  • Handling Payments:

    We use payment processing services to process payments by credit card, bank transfer or other means. iorad does not process or store your payment information. The transaction occurs directly between you and the payment processing service. Some of these services may also enable the sending of timed messages to the User, such as emails containing invoices or notifications concerning payments.

  • Tag Management:

    Tag management allows us to manage the tags or scripts needed on the Application in a centralized fashion.

  • User Database Management:

    This allows us to build user profiles starting with an email address, personal name, or other pieces of information provided by the User, and to track user activities through analytics features. This Personal Data may also be combined with publicly available information about the User (such as social networks' profiles) and used by the Owner to build expanded private profiles, which can be used to display information and improve this Application. Some of these services may also enable the sending of timed messages to the User, such as emails based on specific actions performed on this Application.

  • Communications and Marketing:

    When you sign up for our services or application we use your information to send you communications, including those for marketing purposes. You can opt-out of receiving certain marketing or promotional communications from iorad at any time using the unsubscribe link in the email communications we send.

Who We Share Your Information With

We do not rent, sell or share information about you with other people or non-affiliated companies. We share and disclose information (including personal information) in the following instances:


  • Vendors and Service Providers

    We share your information with vendors and service providers with whom we engage to perform tasks on our behalf. The vendors and service providers are bound by agreement to not further disclose any personal information. You can find more details about the subprocessors we use here.

  • Business transactions

    If iorad is acquired or merged with another company, we will transfer collected information to the acquiring company.

  • Public or Government Authorities

    Under certain circumstances, we may be required to disclose personal information if necessary to comply with a subpoena or court order, to establish or exercise our legal rights or defend against legal claims, or to cooperate with government and/or law enforcement officials.

  • Consent

    We share your personal information if you have asked us to do so or have given consent. For example, with your consent, we post User testimonials that may identify you.


We share aggregated information (i.e., information that CANNOT be used to identify an individual) for a variety of reasons, including under the following circumstances:


  • To make our product better and foster transparency.
  • If iorad is acquired or merged with another company, we will transfer aggregate information to the acquiring company.
  • We may share aggregate information if necessary to comply with a subpoena or court order, to establish or exercise our legal rights or defend against legal claims, or to cooperate with government and/or law enforcement officials.
  • For any lawful basis.

Cookies

The iorad website and Application places cookies on your browser or, if you elect to use the iorad desktop Application, on your computer, in order to identify you when you return to our website, log in to our software, and for other reasons that can be found in iorad’s cookie policy here.

Data Retention

iorad will retain your data including personal information for as long as required by the purpose for which we collected the data or to the extent required by law.

Security

We take security very seriously.


To help protect the privacy of data and personal information you transmit through use of our website and Application:


  • We maintain physical, technical and administrative safeguards that are consistent with industry standards and applicable law.
  • We update and test our security technology on an ongoing basis.
  • We restrict access to your personal data to employees who need to know that information to provide benefits or services to you.
  • We train our employees about the importance of confidentiality and maintaining the privacy and security of your information.
  • We conduct background checks on our employees before hiring them.
  • We undergo SOC 2 Type II external audits of the effectiveness of our controls for security and confidentiality.
  • We use state-of-the-art data centers including Digital Ocean and Amazon Web Services to store the data we collect. Both cloud-based hosting companies maintain ISO/IEC 27001:2013 certifications and undergo SOC 2 Type II external audits of their controls. We understand our responsibilities in our cloud data centers’ shared security models.
  • We monitor our systems and threat information services, to evaluate and respond to threats that could impact systems and data.
Encryption

All data transmitted between visitors to the iorad website and users of the iorad application is encrypted in transit.

Database backups are made daily and are encrypted in transit to storage (TLS) and in storage.

Non-SSO application users register and set their own account passwords. Passwords are stored using a secure cryptographic one-way hash function (10 salt rounds), so no one else, including us at iorad, can read the passwords. We use a trusted library for this functionality . During tutorial capture by users all keystrokes (detected typing actions) in the recording frame are escaped using templates and encrypted. No keystrokes are logged during capture.

Encryption of tutorial data at rest is an option with our Enterprise Plan.

Physical Security

iorad’s technical infrastructure is hosted on SOC2 audited data centers. Physical security controls at these data centers include 24x7 monitoring, cameras, visitor logs, and entry requirements.

Access Control

All services related to operations and infrastructure are accessible only through secure connectivity (e.g., SSL, SSH). Privileged systems and accounts require multi-factor authentication. Our back-office, service, and infrastructure password policies require minimum lengths, complexity, and lockout. iorad grants access to personnel on the basis of least privilege rules, reviews permissions quarterly and revokes access immediately after employee termination.

Employees and Contractors

iorad employees and contractors undergo national background checks where legal, are required to sign non-disclosure agreements, and complete security training.

Vulnerability Management

Systems and Applications undergo regular penetration and vulnerability scanning using updated threat knowledge bases.

Incident Management

iorad maintains industry standard security incident response policies and procedures.

Legal Basis For Processing Your Information

If you are a User of the iorad website or Application located in the European Economic Area (EEA), we rely on the following basis for processing:

Consent:

Where we have your consent to do so.

Perform Contract:

Where we need the personal information to perform a contract with you.

Legitimate interest:

Where the processing is in our legitimate interests, as described in the “How We Use Collected Information” section of this document, and not overridden by your data protection interests or fundamental rights and freedoms.

Legal Obligation:

Where we have a legal obligation to collect or retain personal information or need the personal information to protect your vital interests or those of another person(s).

Controller and Processor

iorad, inc. is the Owner of this website and the Application. iorad is both Controller and Processor of personal data covered by the Privacy Policy for purposes of European data protection legislation.

Data Storage & Data Transfer

iorad may transfer your personal data to countries other than the one in which you live. To the extent that Personal Data is transferred abroad, iorad will ensure compliance with the requirements of the applicable laws in the respective jurisdiction in line with iorad’s obligations. We will ensure that an adequate level of protection is provided for the information by using industry-standard security practices and standard contractual clauses where required.

Children

To the extent prohibited by applicable law, iorad does not allow use of our Application and Website by anyone younger than 18 years old. If you learn that anyone younger than 18 has unlawfully provided us with personal information, please contact us, and we will take steps to delete such information.

For users under the age of 18, teachers are permitted to create accounts for their students when in accordance with school policies, and only after teacher and/or school has obtained parental consent. It is the teacher and/or school’s responsibility to obtain parental consent.

"Do Not Track"

Do Not Track (“DNT”) is a privacy preference that Users can set in certain web browsers. DNT is a way for Users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do not respond to or honor DNT signals or similar mechanisms transmitted by web browsers.

Your Rights

iorad will take reasonable steps to allow you to access, review, update, rectify, or delete any personal data we hold about you. We will uphold these rights even if you are a resident outside of the EEA.

You have the following data protection rights:


  • Right of access

    The right to obtain access to your personal data.

  • Right to rectification

    The right to erase or rectify inaccurate or incomplete data.

  • Right to erasure

    The right to obtain the deletion and erasure of your personal data in certain circumstances.

  • Right to portability

    The right to move, copy, or transfer personal data.

  • Right to restrict processing

    The right to restrict processing of personal data.

  • Right to object to processing

    The right to object to processing of personal data for certain purposes.


  • If you wish to exercise one of these rights, please contact us by using the contact details below. We will ask you to verify your identity before responding to these requests.

  • EEA residents also have the right to lodge a complaint to a data protection authority. For more information, please contact your local data protection authority.

Direct Marketing

When you sign up for our services or application you acknowledge that iorad can process your Personal Data to send you communications, including those for marketing purposes. You can opt-out of receiving certain marketing or promotional communications from iorad at any time using the unsubscribe link in the email communications we send.

How to Contact Us

If you have any questions or complaints about this Privacy Policy or its implementation, you can contact us at privacy@iorad.com or send correspondence to:

iorad, inc.
1 Canal Street, Unit 1119
Boston, MA 02214

Changes to this Privacy Policy

We may update this Privacy Policy from time to time based on changes to applicable laws and regulations or other requirements applicable to us, changes in technology, or changes to our business. Any changes we make to the Privacy Policy in the future will be posted on this page, so you should review it periodically.

Subprocessors

NameSubprocessing ActivityCountry of OriginLink to Subprocessor Website
Amazon Web Services, Inc.Cloud Hosting ProviderUnited Stateshttps://aws.amazon.com
DigitalOceanCloud Hosting ProviderUnited Stateshttps://www.digitalocean.com
Google LLCAnalytics, Registration and AuthenticationUnited States https://policies.google.com/privacy
Google LLCTag ManagementUnited Stateshttps://policies.google.com/privacy
HubSpot Inc.Customer Relationship Management ServiceUnited Stateshttps://www.hubspot.com
IntercomIn-application Customer ServiceUnited Stateshttps://www.intercom.com
LinkedInAnalyticsUnited Stateshttps://www.linkedin.com
MailgunEmail sending services used by iorad applicationUnited Stateshttps://www.mailgun.com
Stripe, Inc.Payment Processing GatewayUnited Stateshttps://stripe.com
TwilioUser multi-factor authentication serviceUnited Stateshttps://www.twilio.com
Last Updated: August 31, 2021
Current Privacy Policy
SupportSchedule DemoContact Us
HelpHelp CenterFAQIntegrationsBlog
PricingPersonal BusinessEducationNon-profit
CompanyLeadership HistoryCultureCareersPress Releases
PartnersAffiliateHelping Hands
Fine PrintTerms of UsePrivacy PolicyCookie PolicyAccessibilitySystem Status
Terms of UsePrivacy PolicyContact
© Copyright 2022 – iorad Inc. All rights reserved.