EFFECTIVE DATE: February 1, 2024

Q2 Software, Inc. Privacy Policy

 

Q2 Software, Inc., with its affiliates and subsidiaries (“Q2,” “we,” “us,” or “our”), values your privacy. In this Privacy Policy (“Policy”), we describe how we collect, use, and disclose information that we obtain about visitors to our website www.q2.com (the “Site”) or that we may otherwise collect at events, such as conferences, or meetings in which we participate and those that we host, as well as information we may obtain through mobile applications, or social media.

You understand that your personal information will be handled as described in this Policy. Your use of our Site, and any dispute over privacy resulting from your use of our Site, is subject to this Policy.

The information we collect through this Site is controlled by Q2 Software, Inc., which is headquartered in the United States at 10355 Pecan Park Blvd, Austin, TX 78729.

 

The Information We Collect About You

We collect information about you directly from you and from third parties, as well as automatically through your use of our Site.

Information We Collect Directly From You. We collect information from Site visitors when they contact us or access certain content, such as whitepapers and other downloads, from our Site. If you contact us or access this content through our Site, we collect your name, your company name and job title, your business contact information (such as your business phone number and email address), your country, and your reason for contacting us.

We also collect the following information about your use of our Site through cookies, web beacons, and other technologies: your domain name; your browser type and operating system; web pages you view; links you click; your IP address; the length of time you visit our Site; the actions you take on our Site; and the referring URL, or the webpage that led you to our Site. We combine this information with other information that we have collected about you, including, where applicable, your name and other personal information. Please see the section “Cookies and Other Tracking Technologies” below for more information.

We also collect information from individuals at events, such as conferences, or meetings in which we participate and those that we host. This information includes names, job titles, business contact information, and company information.

Mobile Application Image Collection. Some of our services, accessed via a mobile application (“Mobile App”) such as MyQ2 Support, may also collect your personal information in the form of a captured image collected from the photo or camera roll on your mobile device, but only with your explicit permission when you grant the Mobile App such access. The Mobile App may also collect your personal information in the form of your name, email address, and login details, and any other personal information volunteered by you in your use of the Mobile App. We use the captured image for the same purposes that we use any of the other personal information shared by you (see How We Use Your Information, below). We retain the captured image for the same amount of time we retain any of the other personal information shared by you (see Retention of Personal Information, below). We do not disclose, transfer to, or share the captured image with any third parties. Under the User > My Profile settings within the Mobile App, you will have access to any such captured image as well as the ability to replace or delete the captured image, at any time.

Social Media. We may receive information about you from social network sites. If you access our Site through a third-party website, application, or social media platform (i.e. Facebook, LinkedIn, Twitter, Instagram), we may receive information about you from that third-party website, application, or social media platform, depending on the third-party’s data practices and your settings (for example, your name, username, email address, as well as comments or content you post). Any such information collected from such third-party websites, applications, or social media platforms will be handled as described in this Policy. We are not responsible for the content or practices of third-party websites, applications, or social media platforms. We urge you to read the privacy and security policies of any third-party websites, applications, or social media platforms you choose to use.

  • Public Forums. Any comments, or other content publicly shared with other users on any third-party websites, applications, or social media platforms is not confidential, and we may use it for any purpose (including in testimonials or other marketing materials).
  • De-identified Data. We may also collect information that is already in de-identified form (i.e. usage analytics data) from such third-party websites, applications, or social media platforms. Our use and disclosure of de-identified information is not subject to any restrictions under this Policy, and we may use and disclose it to others for any purpose, without limitation.

 

How We Use Your Information

We use your information, including your personal information, for the following purposes:

  • To tailor the content and information that we may send or display to you, to offer personalized help and instructions, and to otherwise personalize your experiences while using the Site.
  • For marketing and promotional purposes in accordance with applicable law. We may use your information, such as your email address, to send you news and newsletters, special offers, and promotions, or to otherwise contact you about products, events, or information we think may interest you. We also use the information that we learn about you to assist us in advertising our services on third party websites.
  • To better understand how users access and use our Site, both on an aggregated and individualized basis, in order to improve our Site, respond to user desires and preferences, and for other research and analytical purposes, such as evaluating product demand per market.
  • To administer surveys and questionnaires, such as for market research or customer satisfaction purposes.
  • To comply with legal obligations, as part of our general business operations, and for other business administration purposes.
  • Where we believe necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person or violations of any Site terms of service or this Policy.

 

How We Disclose Your Information

We disclose your information, including personal information, as follows:

  • Affiliates and Subsidiaries. We disclose the information we collect from you to our affiliates or subsidiaries; however, if we do so, their use and disclosure of your personally identifiable information will be subject to this Policy.
  • Service Providers. We disclose the information we collect from you to third party vendors, service providers, contractors or agents who perform functions on our behalf. These service providers include entities that host our Site, manage our database of customers, analyze visitor traffic, display advertisements, and send emails on our behalf. These service providers are carefully selected to ensure that they, and their related entities who may access your personal information, provide your personal information with equal protection to that stated in this Privacy Policy and required by applicable privacy laws.

We also will disclose information we collect in the following circumstances:

  • Business Transfers. If we are or may be acquired by or merged with another company, if any of our assets are transferred to another company, or as part of a bankruptcy proceeding, we will transfer the information we have collected from you to the other company.
  • In Response to Legal Process. We also may disclose the information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a court order or a subpoena.
  • To Protect Us and Others. We also may disclose the information we collect from you where we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of any Site terms of service or this Policy, or as evidence in litigation in which Q2 is involved.
  • Aggregate and De-Identified Information. We may disclose de-identified information about you with third parties for marketing, advertising, research, or similar purposes.

 

The Legal Bases for Using Your Personal Information

We collect and process your information as a data controller when we have a legal basis to do so. The following legal bases pertain to our collection of data:

  • Our use of your personal information is in accordance with your consent (for example, when you consent to sharing your personal information with a third party for their own marketing).
  • Our use of your personal information is in our legitimate interest as a commercial organization (for example in order to make improvements to our products and services and to provide you with information you request); you have a right to object to processing as explained in the section below titled Your Legal Rights;
  • Our use of your personal information is necessary to perform a contract or take steps to enter into a contract with you; and/or
  • Our use of your personal information is necessary to comply with a relevant legal or regulatory obligation that we have (for example, where we are required to disclose personal information to a court or tax authority).

If you would like to find out more about the legal bases on which we process personal information, please contact us at privacy@q2.com.

Retention of Personal Information. We may retain your personal information for a period of time consistent with the original purpose of collection, or for as long as required to fulfill our legal obligations. We determine the appropriate retention period for personal information on the basis of the amount, nature, and sensitivity of the personal information being processed, the potential risk of harm from unauthorized use or disclosure of the personal information, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation). We will delete or de-identify information when it is no longer needed to fulfill the original purpose of collection unless a longer retention period is required to comply with applicable laws.

 

Our Use of Cookies and Other Tracking Mechanisms

We and our third-party service providers use cookies and other tracking mechanisms to track information about your use of our Site. We combine this information with other personal information we collect from you (and our third-party service providers may do so on our behalf).

Cookies. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Site, while others are used to allow us to track your activities at our Site.

Disabling Cookies. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Site who disable cookies will be able to browse certain areas of the Site, but some features may not function.

Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web pages. We use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Site to, among other things, track the activities of Site visitors, help us manage content, and compile statistics about Site usage.

Third Party Analytics. We use automated devices and applications, such as Google Analytics, to evaluate usage of our Site. We also may use other analytic means to evaluate our Site and the services offered on our Site. We use these tools to help us improve our services, performance, and user experiences. These entities may use cookies and other tracking technologies, such as web beacons or local storage objects (LSOs), to perform their services. To learn more about Google’s privacy practices, please review the Google Privacy Policy at https://www.google.com/policies/privacy/. You can also download the Google Analytics Opt-out Browser Add-on to prevent your data from being used by Google Analytics at https://tools.google.com/dlpage/gaoptout.

Do-Not-Track. Currently, our systems do not recognize browser “do-not-track” requests. You may, however, disable certain tracking (e.g., by disabling cookies). You also may opt-out of targeted advertising by following the instructions in the Third-Party Ad Network section.

Third-Party Ad Networks. We use third parties such as network advertisers to serve advertisements on third-party websites or other media (e.g., social networking platforms). This enables us and these third parties to target advertisements to you for products and services in which you might be interested. Third-party ad network providers, advertisers, sponsors and/or traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs), Flash LSOs and other tracking technologies to measure the effectiveness of their ads and to personalize advertising content to you. These third-party cookies and other technologies are governed by each third party’s specific privacy policy, not this one. We provide these third-party advertisers with information, including personal information, about you.

Users may opt out of many third-party ad networks. For example, you may go to the Digital Advertising Alliance (DAA) Consumer Choice Page for information about opting out of interest-based advertising and their choices regarding having information used by DAA companies. You may also go to the Network Advertising Initiative (NAI) Consumer Opt-Out Page for information about opting out of interest-based advertising and their choices regarding having information used by NAI members. If you are in the EU, you may opt-out of certain third party cookies that we and other websites may use for targeted advertising through the European Interactive Digital Advertising Alliance (EDAA) Your Online Choices Page or www.aboutads.info.

Opting out from one or more companies listed on the DAA Consumer Choice Page, the NAI Consumer Opt-Out Page, or the EDAA’s Your Online Choices Page will opt you out from those companies’ delivery of interest-based content or ads to you, but it does not mean you will no longer receive any advertising through our Site or on other websites. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextually based ads). Also, if your browsers are configured to reject cookies when you opt out on the DAA, NAI, or EDAA websites, your opt out may not be effective.

 

Third-Party Links

Our Site may contain links to third-party websites. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the privacy policies of those third-party websites. We are not responsible for the information practices of such third-party websites.

 

Security of Your Personal Information

We have implemented reasonable precautions to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our efforts, no data security measures can guarantee security.

 

Your Legal Rights

Depending upon the jurisdiction in which you reside and subject to certain exceptions, and in some cases dependent upon the processing activity we are undertaking, you have the following rights:

Right to know. The right to know, at or before the point of collection, the categories of personal information we collect, the purpose for which such information is collected or used, and whether such information is sold or shared, the entities or categories of entities to whom your personal information may be transferred, as well as information regarding the length of time we intend to retain each category of personal information.

Right to access. The right to request access to the personal information that we hold about you.

Right to correct. The right to request that we correct any of your personal information, if you believe it is incorrect, incomplete, or inaccurate.

Right to delete. The right to request that we delete your information. Q2 will also send your request for deletion of your personal information to any third parties with whom we have disclosed said information in accordance with this Policy.

Right to restrict the processing of your personal information. The right to restrict the use of your personal information when: (i) you contest the accuracy of the data; (ii) the use is unlawful but you do not want us to erase the data; (iii) we no longer need the personal information for the relevant purposes, but we require it for the establishment, exercise, or defense of legal claims; or (iv) you have objected to our personal information use justified on our legitimate interests verification as to whether we have a compelling interest to continue to use your data.

Right to data portability. To the extent that we process your information: (i) based on your consent or under a contract; and (ii) through automated means, the right to receive such personal information in a structured, commonly used, machine-readable format, or to have it transferred directly to another data controller.

Right to object to the processing of your personal information. To object to any processing of your personal information which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.

Right to obtain a copy of personal information safeguards used for transfers outside your jurisdiction. If you reside in the European Economic Area (EEA), the right to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside of the EEA.

Right to lodge a complaint with your local supervisory authority. The right to lodge a complaint with your local supervisory authority, if you have concerns about how we are processing your personal information.

Right to opt out of sharing your personal information for online targeted advertising or selling your personal information. The right to opt out of “sharing” of your personal information for online target advertising purposes and the right to opt out of the “sale” of your personal information (although Q2 does not sell your personal information).

 

How to Exercise Your Rights. 

If you would like to exercise any of the rights described above, please send us a written request to privacy@q2.com. In your message, please indicate the right you would like to exercise and the personal information that you would like to access, review, correct, or delete (if applicable).

You may also make a request to exercise your right to know, right to access, right to delete, or right to correct by completing our online request form.

You may opt out of sharing of your personal information for online targeted advertising or selling your personal information (although Q2 does not sell your personal information) by visiting .

We may ask you for additional information to confirm your identity and for security purposes before processing your request. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.

We may not always be able to fully address your request, for example if it would affect the duty of confidentiality we owe to others or if we are legally entitled to deal with the request in a different way.

 

Additional Privacy Information for California Residents

If you are a California resident, the California Consumer Privacy Act (“CCPA”) requires us to provide you with additional information regarding your rights with respect to your “personal information” (as defined in the CCPA) and (1) the purpose for which we use each category of “personal information” we collect; and (2) the categories of third parties to which we (a) disclose such personal information for a business purpose, (b) “share” personal information for “cross-context behavioral advertising,” and/or (c) “sell” such personal information. This information is described in our California Privacy Notice.

 

Cross-border Transfer of Information

Q2 engages third party service providers which host our customer data and maintain servers and systems in the United States. Our European Union affiliates and customers may transfer personal information to us in the United States, and we also may subcontract the processing of your personal information to, or otherwise disclose your personal information to, other third parties in the United States or countries other than your country of residence. As a result, where the personal information that we collect through or in connection with the Site or services offered through our Site is transferred to and processed in the United States or anywhere else outside the European Economic Area (EEA) for the purposes described above, we will take steps to ensure that the personal information receives the same level of protection as if it remained within the EEA, including entering into data transfer agreements, using the EU Commission approved Standard Contractual Clauses, or by relying on certification schemes such as the EU - US Privacy Shield (to the extent applicable). You may have a right to details of the mechanisms under which your data is transferred outside the EEA.

What Choices Do I Have Regarding Promotional Emails?

In accordance with applicable law, we may send periodic promotional emails to you. You may opt-out of such communications by following the opt-out instructions contained in the email. Please note that it may take up to 10 business days for us to process opt-out requests.

 

Children Under 16

Our Site is intended for general audiences and is not directed at children. If we discover that a child under the age of 16 (or such other appliable age of consent for privacy purposes in relevant individual jurisdictions) has provided us with personal information, we will delete such information from our systems. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any use of such data.

 

Contact Us

If you have questions about the privacy aspects of our Site or would like to make a complaint, please contact us at privacy@q2.com.

 

Changes to this Policy

This Policy is current as of the Effective Date set forth above. We may change this Policy from time to time, so please be sure to check back periodically.