Find Arbor Incorporated Privacy Policy

Arbor Team
Last Updated: August 8, 2023

At Arbor, we take very seriously our responsibility to keep your data secure. Maintaining trust is our #1 goal. This Privacy Statement describes how Arbor collects, uses, shares or otherwise processes information relating to individuals (“Personal Data”) and the rights associated with that processing. A reference to “Arbor,” “we,” “us” or the “Company” is a reference to Find Arbor Incorporated and its relevant affiliates involved in the collection, use, sharing, or other processing of Personal Data.


1. Responsible Arbor Entity

Arbor is the controller of your Personal Data as described in this Privacy Policy, unless specified otherwise.

This Privacy Policy does not apply to the extent we process Personal Data in the role of a processor or service provider on behalf of our customers, including where we offer to our customers various software products and services through which our customers (or their affiliates) collect, use, share or process Personal Data via our analytics software products and services.

For detailed privacy information related to an Arbor customer or a customer affiliate who uses the Arbor software products and services as the controller, please contact our customer directly. We are not responsible for the privacy or data security practices of our customers, which may differ from those explained in this Privacy Policy.

For more information, please also see Section 10.5 below.

2. Processing Activities Covered

This Privacy Policy applies to the processing of Personal Data collected by us when you:

  • Visit our websites that display or link to this Privacy Policy;
  • Visit our branded social media pages;
  • Receive communications from us, including emails, phone calls, texts or fax;
  • Use our analytics software products and services as an authorized user where we act as a controller of your Personal Data; or
  • Apply for employment opportunities with us.

Our websites and services may contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any data to these websites.

‍3. What Personal Data Do We Collect?

The Personal Data we collect from you includes identifiers, professional or employment-related information, commercial information, visual information, internet activity information, and inferences drawn from any of these categories. We collect such information in the following situations:

  • If you express an interest in obtaining additional information about our services; request customer support; use our “Learn More” or similar features; or register to use our services, we may require that you provide to us your contact information, such as your name, job title, company name, address, phone number, email address or username and password;
  • If you obtain our products or services from us, we may require that you provide to us your billing information, such as billing name and address, and any additional information provided by your accounts payable department;
  • If you interact with our websites or emails, we automatically collect information about your device and your usage of our websites or emails (such as Internet Protocol (IP) addresses or other identifiers), which may qualify as Personal Data (please see the “What device and usage data do we process?” section, below) using cookies, web beacons, or similar technologies;
  • If you use and interact with our services, we automatically collect information about your device and your usage of our services through log files and other technologies, some of which may qualify as Personal Data (please see the “What device and usage data do we process?” section, below);
  • If you communicate with us via a phone call from us, we may record that call; and
  • If you voluntarily submit certain information to our services, such as submitting online forms or surveys, we collect the information you have provided as part of that request.


If you provide us or our service providers with any Personal Data relating to other individuals, you represent that you have the authority to do so, and, where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Privacy Policy. If you believe that your Personal Data has been provided to us improperly, or want to exercise your rights relating to your Personal Data, please contact us by using the information in the “Contact us” section below.

‍4. What Device and Usage Data Do We Process?

We use common information-gathering tools, such as tools for collecting usage data, cookies, web beacons, pixels, and similar technologies to automatically collect information that may contain Personal Data as you navigate our websites, our services, or interact with emails we have sent to you.

4.1. Device and Usage Data

As is true of most websites, we gather certain information automatically when individual users visit our websites. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server information), device and application information, identification numbers and features, location, browser type, plug-ins, integrations, Internet service provider, mobile carrier, the pages and files viewed, searches, referring website, app or ad, operating system, system configuration information, advertising and language preferences, date and time stamps associated with your usage, and frequency of visits to the websites.

This information is used to analyze overall trends, help us provide and improve our websites, offer a tailored experience for website users, and secure and maintain our websites.

In addition, we gather certain information automatically as part of your use of our software products and services. This information may include identifiers, commercial information, and internet activity information such as IP address (or proxy server), mobile device number, device and application identification numbers, location, browser type, Internet service provider or mobile carrier, the pages and files viewed, website and webpage interactions including searches and other actions you take, operating system and system configuration information and date and time stamps associated with your usage. This information is used to maintain the security of the services, to provide necessary functionality, to improve performance of the services, to assess and improve customer and user experience of the services, to review compliance with applicable usage terms, to identify future opportunities for development of the services, to assess capacity requirements, to identify customer opportunities, and for the security of Arbor generally (in addition to the security of our products and services). Some of the device and usage data collected by the services, whether alone or in conjunction with other data, could be personally identifying to you. Please note that this device and usage data is primarily used to identify the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the services to our customers.

4.2. Cookies, Web Beacons and Other Tracking Technologies

To make our websites and services work properly, we sometimes place small data files called cookies on your device. A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, shopping cart, or other preferences) over a period of time, so you do not have to keep re-entering them whenever you come back to the site or browse from one page to another. To learn more, please see our Cookie Policy.

Google Analytics. We use Google Analytics. We use the information we get from Google Analytics only to improve the Sites. We do not combine the information collected through the use of Google Analytics with personally identifiable information. Please refer to Google’s Privacy Policy for more information. You may also choose to download the Google Analytics opt-out browser add-on.

You may wish to restrict the use of cookies. Please be aware that some of the features of our website may not function correctly if you disable cookies.

Most modern browsers allow you to change your cookie settings. You can usually find these settings in the options or preferences menu of your browser. To understand these settings, the following links for commonly used browsers may be helpful:

4.3. Do-Not-Track Signals

Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. We do not recognize or respond to browser-initiated DNT signals, as the Internet industry is currently still working toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT.

5. Purposes for Which We Process Personal Data

We collect and process your Personal Data for the following purposes:

  • Providing our websites and services (including necessary functionality for both): We process your Personal Data to perform our contract with you for the use of our websites and services and to fulfill our obligations under the applicable terms of use and service;
  • Promoting the security of our websites and services: We process your Personal Data by tracking use of our websites and services, creating aggregated non-personal data, verifying accounts and activity, investigating suspicious activity, and enforcing our terms and policies to the extent it is necessary for promoting the safety and security of the services, systems and applications;
  • Managing user registrations: If you have registered for an account with us, we process your Personal Data by managing your user account for the purpose of performing our contract with you according to applicable terms of service;
  • Handling contact and user support requests: If you fill out a web form or request user support, or if you contact us by other means including via a phone call, we process your Personal Data to perform our contract with you and to the extent it is necessary for fulfilling your requests and communicating with you;
  • Managing payments: We process your Personal Data to verify and collect payments on our invoices to the extent that doing so is necessary to complete a transaction and perform our contract with you;
  • Developing and improving our websites and services: We process your Personal Data to analyze trends and to track your usage of and interactions with our websites and services to the extent it is necessary for developing and improving our websites and services and providing our users with more relevant content and service offerings;
  • Assessing and improving user experience: We process device and usage data as described in Section 4.1 above, which in some cases may be associated with your Personal Data, to analyze trends and assess and improve the overall user experience to the extent it is necessary for developing and improving the service offering;
  • Identifying customer opportunities: We process your Personal Data to assess new potential customer opportunities to ensure that we are meeting the demands of our customers and their users’ experiences;
  • Recording video and phone calls: We may record phone calls for training, quality assurance, and administration purposes. If required under applicable law, we will obtain your prior consent or give you the option to object to a call being recorded;
  • Displaying personalized advertisements and content: We process your Personal Data to conduct marketing research, advertise to you, provide personalized information about us and to provide other personalized content based upon your activities and interests (please see the "Your rights relating to your Personal Data" section below, to learn how you can control how the processing of your Personal Data by Arbor for personalized advertising purposes);
  • Sending marketing communications: We will process your Personal Data or device and usage data, which in some cases may be associated with your Personal Data, to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters) about us and our affiliates and partners, including information about our products or promotions (please see the “Your rights relating to your Personal Data” section below, to learn how you can control the processing of your Personal Data by Arbor for marketing purposes); and
  • Complying with legal obligations: We process your Personal Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws, to protect against misuse or abuse of our websites, protect personal property or safety, pursue remedies available to us, and limit our damages, comply with judicial proceedings, court orders or legal processes, respond to lawful requests, or for auditing purposes.


If we need to collect and process Personal Data by law, or under a contract we have entered into with you, and you fail to provide the required Personal Data when requested, we may not be able to perform our contract with you.

‍6. Who Do We Share Personal Data With?

We may share your Personal Data as follows:

  • Service Providers: With our contracted service providers and any subcontractors as required to offer you our products and services. The service providers we use help us to run, operate and maintain our Services through third party platform and software tools; perform content moderation and crash analytics; run email campaigns; perform marketing analytics; provide payment attribution; and provide technical and customer support. Some external service providers may also collect information directly from you (for example, a payment processor may request your billing and financial information) in accordance with their own privacy policy. Such external service provider does not share your financial information, like credit card number, with us, but it may share limited information with us related to you, like your contact information.
  • Third Party Networks and Websites: With respect to website cookies, with third-party social media networks, advertising networks and websites, so that Arbor can market and advertise our services and products to you;
  • Professional Advisers: In individual instances, we may share your Personal Data with professional advisers acting as service providers, processors, or joint controllers - including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance and accounting services; and,
  • Third Parties Involved in a Corporate Transaction: If we are involved in a merger, reorganization, dissolution or other fundamental corporate change, or sell a website or business unit, or if all or a portion of our business, assets or stock are acquired by a third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party.


We may also share anonymous or de-identified usage data with Arbor’s service providers for the purpose of helping Arbor in such analysis and improvements. Additionally, Arbor may share such anonymous or de-identified usage data on an aggregate basis in the normal course of operating our business; for example, we may share information publicly to show trends about the general use of our services.

For more information on the recipients of your Personal Data, please contact us by using the information in the “Contact us” section, below.

‍7. International Transfer of Personal Data

Any data that you provide to us may be accessed, shared or processed by our offices, located in the United States, and service providers located in the United States, if such data transfer is necessary for the specific purpose for which you submitted your data (such as the provision of goods or services under a written contract). 

This may entail a transfer of your personal information across international borders. The data protections standards may differ and be lower than the standards enforced in your jurisdiction. 

We maintain appropriate safeguards as required by applicable law for any personal information transferred internationally, including, where applicable, standard contractual clauses. For a copy of these clauses, please contact us as set forth in the “Contact Us” section below.

‍8. Children

Our websites are not directed at individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information, please contact us using the contact details provided in the “Contact Us” section below. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information.

‍9. How Long Do We Keep Your Personal Data?

We may retain your Personal Data for a period of time consistent with the original purpose of collection (see the “Purposes for which we process Personal Data” section above) or as long as required to fulfill our legal obligations. We determine the appropriate retention period for Personal Data on the basis of the amount, nature, and sensitivity of the Personal Data being processed, the potential risk of harm from unauthorized use or disclosure of the Personal Data, whether we can achieve the purposes of the processing through other means, and on the basis of applicable legal requirements (such as applicable statutes of limitation).

After expiry of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will implement appropriate measures to prevent any further use of or access to such data.

For more information on data retention periods, please contact us by using the information in the “Contact us” section, below.

‍10. Your Rights Relating to Your Personal Data

10.1. Your Rights

You may have certain rights relating to your Personal Data, subject to local data protection laws. Depending on the applicable laws these rights may include the right to:

  • Access your Personal Data held by us;
  • Know more about how we process your Personal Data;
  • Erase or delete your Personal Data, to the extent permitted by applicable data protection laws;
  • Restrict our processing of your Personal Data, to the extent permitted by law;
  • Object to our processing of your Personal Data. Where we process your Personal Data for direct marketing purposes or share it with third parties for their own direct marketing purposes, you can exercise your right to object at any time to such processing without having to provide any specific reason for such objection;
  • Opt-out of certain disclosures of your Personal Data to third parties; and
  • Not be discriminated against for exercising your rights described above.

10.2. Additional Disclosures for California, Colorado or Virginia Residents

We have listed the privacy rights for several U.S. state jurisdictions below, but we understand you may have additional rights in your jurisdiction. You may contact us directly at any time about exercising your data protection rights. We will consider your request in accordance with applicable laws.

Certain state laws require that we detail the categories of Personal Data that we disclose for certain “business purposes,” such as to service providers that assist us with securing our services or marketing our products.

We disclose the following categories of Personal Data for our business purposes:

  • Identifiers;
  • Personal information under California Civil Code section 1798.80;
  • Commercial information;
  • Internet activity information;
  • Visual information;
  • Professional or employment-related information; and
  • Inferences drawn from any of the above information categories.


Sensitive Categories of Personal Data:

  • Account log-in information

Several jurisdictions grant state residents certain rights, including the right to access specific types of Personal Data, the right to learn how we process Personal Data, the right to know whether and how we disclose or sell Personal Data, the right to opt out of any sale of Personal Data, the right to request deletion of Personal Data in certain circumstances, and the right not to be denied goods or services for exercising these rights.

California law further permits you to request information regarding the disclosure of your personal information to third parties for the third parties’ direct marketing purposes.

We do not disclose your personal information to third parties for the third parties’ direct marketing purposes.

In the preceding twelve months we have not sold personal information. We do not sell personal information, but we recognize that some state privacy laws define “personal information” in such a way that some sharing of personal information necessary to provide you with personalized ads may be considered a “sale,” even if no money is exchanged.

For information on how to exercise your rights, please refer to Section 10.4 below.

If you are an authorized agent wishing to exercise rights on behalf of a state resident, please contact us using the information in the “Contact us” section below and provide us with a copy of the consumer’s written authorization designating you as their agent. We may need to verify your identity and place of residence before completing your rights request.

10.3. Additional Disclosures for Data Subjects in the EEA, the U.K. and Switzerland

Residents in the European Economic Area, the United Kingdom and Switzerland (together, for purposes of this section of the Privacy Policy, “EEA”), as well as certain other jurisdictions, are entitled to certain rights and disclosures with respect to their Personal Data.

Our legal bases for collecting and using your Personal Data include:

  • The performance of your contract or to enter into the contract and to take action on your requests. For example, the processing of your account registration, providing our services and products to you, providing customer service to you.
  • Our legitimate business interests. For example, fraud prevention, maintaining the security of our network and services, direct marketing to you, and maintaining, analyzing, and improving our products and services. 
  • Compliance with a mandatory legal obligation. For example, maintaining administrative records which are subject to mandatory retention periods. We may also collect your Personal Data to record your requests to exercise your rights and to verify your identity for such requests.
  • Consent you provide where we do not rely on another legal basis. Consent may be withdrawn at any time.

In some countries, and in particular if you are located in the EEA, you may have the right to:

  • Access your personal information;
  • Correct inaccurate personal information;
  • Request erasure of your personal information without undue delay;
  • Request the restricted processing of your personal information;
  • Request portability of the personal information that you have given us; and
  • To object to the processing of your personal information.


To exercise any of these rights, please contact us as set forth in the “Contact Us” section below and specify which privacy right(s) you wish to exercise. We may need to verify your identity in order to honor your request.

10.4. Representative for data subjects in the EU and UK

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website. https://prighter.com/q/13006110715

10.5. Your Rights Relating to Customer Data

As described above, we may also process Personal Data submitted by or for a customer to our software products and services. To this end, if not stated otherwise in this Privacy Policy or in a separate disclosure, we process such Personal Data as a processor on behalf of our customer (and its affiliates) who is the controller of the Personal Data (see the “Responsible entity” section above). We are not responsible for and have no control over the privacy and data security practices of our customers, which may differ from those explained in this Privacy Policy. If your data has been submitted to us by or on behalf of an Arbor customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with them directly. Because we may only access a customer’s data upon their instructions, if you wish to make your request directly to us, please provide us the name of the Arbor customer who submitted your data to us. We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.

10.6. Your Preferences for Marketing Communications

We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt out of receiving any, or all of these communications from us by following the unsubscribe instructions provided in any email we send, or you can contact us using the contact details provided in the “Contact Us” section below. You will still continue to receive service-related messages concerning products and services you have purchased (unless we have indicated otherwise).

‍11. How We Secure Your Personal Data

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. For example, we adhere to GDPR standards when protecting our customers’ information.

However, no website, application, or transmission can guarantee security. Thus, while we have established and maintain what we believe to be reasonable procedures to protect the confidentiality, security, and integrity of personal information obtained through the Sites, we cannot ensure or warrant the security of any information you transmit to us.

‍12. Changes to This Privacy Policy

We may change our Privacy Policy at any time. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to periodically review this Privacy Policy to ensure you are familiar with the most current version. 

‍13. Contact Us

If you wish to contact us or have any questions about or complaints in relation to this Privacy Policy, please contact us hello@findarbor.com.