EFFECTIVE AS OF Apr 1, 2019
If you have any questions concerning how we collect, use, process or share your personal data, you can contact us at firstname.lastname@example.org. (We have appointed a data protection officer to monitor our compliance with the GDPR and serve as a contact point for you and supervisory authorities. You may contact our data protection officer at email@example.com).
Generally, we need to process your personal data in order to:
Provide the Service to Publishers;
Meet our legal or contractual obligations;
Pursue our legitimate interests.
In particular, we process your personal data for the following purposes:
|Purpose||Legal basis||Our position & description|
|Audience experiences||Performance of contract pursuant to the Art. 6(1)(b) of the GDPR||We act as data processors on behalf of the Publishers. Publishers use Piano to enhance their services provided to you. Processing your personal data by us is required in order for Publishers to comply with their contractual obligations towards you. Publishers may rely on other legal basis at their controller discretion.|
|Billing & Accounting||Compliance with legal obligations pursuant to the Art. 6(1)(c) of the GDPR||We act as data processors on behalf of the Publishers. Publishers might use Piano for management and collection of their subscription towards you. Publishers use Piano to provide you with their services. Publishers may rely on other legal basis at their controller discretion.|
We acknowledge the value in your personal data, but we are not exploiting your privacy due to it. In particular, we are not:
Selling your personal data to anyone;
Monetizing your personal data by other means;
Claiming ownership over your personal data;
Bartering your personal data for other services or products.
We want to be transparent about all processing activities we undertake with your personal data. Primarily, we act as data processors on behalf of the Publishers. Please note that we are under no obligation to inform you about Publisher Purposes or obligation to handle your request in relation to Publisher Purposes. We nevertheless provide some basic information about Publisher Purposes to better explain our position towards personal data we process in general. If you have more questions about the Publisher Purposes, please contact your Publisher.
The legitimate interest pursued by Piano Software, Inc. is the ability to improve and develop its own software solutions. Recipients of your personal data include staff of Piano group entities located in the EU and the US and employees staff of other sub-contractors (mainly hosting and cloud providers for Piano software) located in the EU and the US. Such transfer to third countries is based on model clauses adopted between Piano and the above parties. Piano is also EU-US and Swiss – US Privacy Shield certified. Such processing will only occur as long as you continue to use our services.
As a data controller, Piano does not process any special categories of personal data, does not monetize personal data and does not perform automated individual decision-making. If you have any question about Piano’s processing of personal data, please visit www.piano.io/privacy or contact Piano directly at firstname.lastname@example.org. Please note we are not entitled to handle your request if your request is related to purposes pursued by Piano as a data controller. You may also lodge a complaint at the Office of Personal Data Protection in Slovakia, where the EU establishment of Piano is located (https://dataprotection.gov.sk/uoou/en).
Nothing prevents you to lodge compliant elsewhere. For clarity, we use Piano as a data processor to support our services we provide to you. When selecting Piano as a data processor, we have accessed the guarantees provided by Piano to comply with the GDPR. This information is required because Piano legitimately process your personal data for their own above mentioned purposes of processing as well.
We collect your personal data when you wish to access Publisher content or register on Publisher’s website through our Service. If you do not provide your personal data during the registration, you might not be able to complete the registration.
Provision of personal data by you is voluntary or presents either a requirement to enter into a contract or a contractual requirement (between you and the Publisher). Subsequent processing of personal data might be required by law (Billing & Accounting) or required by us in order to pursue our own legitimate interests.
We take the confidentiality of your Personal Data very seriously and share it only in the following ways:
Intragroup: We share your personal data within affiliated companies belonging to Piano group located in the U.S. and the EU. Our employees might have access to your personal data on a strictly need-to-know basis typically governed and limited by function, role and department of the particular employee. All affiliated companies belonging to Piano group concluded an intra-group processing agreement and follow the same internal rules and policies equivalent to the GDPR standard.
Service providers: We also use sub-contractors to support us in providing the Services who might process personal data for us. These sub-contractors include mainly hosting, cloud and similar software service providers located or with servers located in the EU or in the U.S. We ensure that selection of our sub-contractors and any processing of personal data by them is compliant with the GDPR and our arrangement with the Publishers.
Payment service providers: We share payment information with the third-party payment service providers we have engaged to process your payment transactions when you use the Service. These third parties are only authorized to use payment information as necessary to process your payments.
Employees: Naturally, employees of all the above recipients of your personal data might have access to it.
Your personal data is transferred to the U.S. and the E.U. under strict compliance with the GDPR. Piano is certified under the EU-US and Swiss – US Privacy Shield (see below) but also follows the GDPR as such. Any cross-border transfer of personal data outside the European Economic Area is subject to EU standard contractual clauses or similar safeguard to ensure high level of protection of your personal data. If you have any question about cross-border transfer of personal data to these countries, please feel free to contact us.
You may view the list of Privacy Shield companies here .
Where we process your personal data on behalf of the Publishers, the retention periods are set-out by the Publishers and we have no control over that. As soon as our contract with Publishers ends, we are under obligation to either return all personal data to the Publisher or securely erase all personal data, at the choice of the Publisher. The same applies to our own purposes of processing which are undertaken only on personal data currently processed by us for the Publisher. If our contract with Publisher ends – by default – we do not keep your personal data for our own purposes. This way, we comply with basic principles relating to processing of personal data such data minimization, storage limitation and purpose limitation.
If we process your personal data, you have so-called data subject rights under the Article 15 to 22 of the GDPR. Among others, you have right to request access to your personal data, rectification or erasure of personal data or restriction of processing or right to object to processing as well as the right to data portability. However, these are not absolute rights which only exist if the relevant conditions are met. Please note, that we are not obliged to handle or respond to your requests in relation to the Publisher Purposes – in that case we will only forward your request to the Publisher.
The security of your personal data is important to us. Piano follows generally accepted industry standards and has appropriate measures in place to ensure that your data is protected against unauthorized access or use, alteration, unlawful, or accidental destruction and accidental loss. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. We have adopted appropriate organizational and technical measures required under the GDPR to protect personal data.
Piano recognizes and has controls in place to ensure that the privacy of personal information about an “identifiable individual” used in the course of “commercial activity” is protected and managed in such a manner which meets or exceeds the guidelines set out in the Canadian statute known as PIPEDA and applicable Canadian provincial legislation.
Publishers and end users of the Piano Go self-service platform can view additional policies related to use of Piano Go at https://www.piano.io/privacy-go/
Effective 23 Aug 2017
Original Certification Date: 8/23/2017
Next Certification Due Date: 11/3/2019
Piano Software, Inc. (“We” or “Our”) has certified with the EU-U.S. Privacy Shield with respect to the personal data we receive and process on behalf of our customers through our content and subscription management service and platform (the “Services”). Piano Software certifies that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement for personal data submitted by our customers in participating European countries through the Services, and our Privacy Shield certification will be available here . We may also process personal data our customers submit relating to individuals in the EU via other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses.
If you are a resident of a European country or Switzerland participating in the Privacy Shield and you believe we maintain your personal data within the scope of this Privacy Shield certification, you may direct any questions or complaints concerning our Privacy Shield compliance to email@example.com or at our mailing address.
Piano Software Inc
If you are a resident of a European country or Switzerland participating in the Privacy Shield and you have not received timely response to your concern, or we have not addressed your concern to your satisfaction, you may seek further assistance, at no cost to you, from JAMS , which is an independent dispute resolution body in the United States.
We also commit to cooperate with competent EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDIC) with regard to our customers end users’ human resources data transferred from a European country participating in the Privacy Shield in the context of the employment relationship.
You may also be able to invoke binding arbitration for unresolved complaints but prior to initiating such arbitration, a resident of a European country participating in the Privacy Shield must first:
Contact us and afford us the opportunity to resolve the issue;
Contact the U.S. Department of Commerce (either directly or through a European Data Protection Authority) and afford the Department of Commerce time to attempt to resolve the issue.
If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that, pursuant to the Privacy Shield, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the Privacy Shield Principles with respect to the resident.
Our Privacy Shield compliance is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
We may disclose personal data when we have a good faith belief that such action is necessary to: conform to legal requirements or to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements; or to enforce our contractual obligations.
Piano Software’s AUP is the code of conduct guides the expected client and user behaviours while the Piano service. This code basically describes what clients/users can and can’t do with/within the service.
Use Piano to promote and sell subscriptions for your business;
Use Piano to manage your user experience;
Use Piano to manage your subscription.
Avoid illegal activities (fraudulent behavior);
Use Piano to display anything somehow harmful to minors;
Use Piano for anything unethical.
EFFECTIVE AS OF JAN 1, 2018
Piano may receive requests from users and government agencies to disclose or delete data other than in the ordinary operation and provision of the Services. This Data Request Policy addresses those issues and outlines Piano’s policies and procedures for responding to such requests for Customer Data. In the event of any inconsistency between the provisions of this Data Request Policy and the Master Service Agreement, the provisions of the Master Service Agreement will control.
Individuals who want access to Customer Data or want Customer Data to be removed should contact the Data Controller (typically the publisher) regarding such requests. The Data Controller owns the Customer Data and generally gets to decide what to do with all Customer Data stored in Piano products. Piano reserves the right to remove Customer Data that violates its policies or applicable law regardless of the decision of a Data Controller.
All requests by courts, government agencies, or parties involved in litigation for Customer Data disclosures should be sent to firstname.lastname@example.org and include the following information:
Requests should be prepared and served in accordance with applicable law. All requests should be narrow and focused on the specific Customer Data sought. All requests will be construed narrowly by Piano, so please do not submit unnecessarily broad requests.
Except as expressly permitted by the Contract or in cases of emergency to avoid death or physical harm to individuals, Piano will not disclose Customer Data, unless it is compelled by law to do so or is subject to a valid and binding order of a governmental or regulatory body.
Piano will notify Customer before disclosing any of Customer’s Customer Data so that the Customer may seek protection from such disclosure, unless Piano is prohibited from doing so or there is a clear indication of illegal conduct or risk of harm to people or property associated with the use of such Customer Data. If legally permitted, Data Controller will be responsible for any costs arising from Piano’s response to such requests.
Piano requires that any individual issuing legal process or legal information requests (e.g., discovery requests, warrants, or subpoenas) to Piano properly domesticate the process or request and serve Piano in a jurisdiction where it is resident or has a registered agent to accept service on its behalf. Any data request from law enforcement entities or other public institution is always thoroughly reviewed by Piano before any Customer Data is provided. Piano always seeks to protect its own customers against unlawful or excessive data requests.
In accordance with Annex VII of the EU Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 on the adequacy of the protection provided by the EU-U.S. Privacy Shield, there are several lawful data access mechanisms under the US law (listed below). These mechanisms have been reviewed by the EU Commission and assessed as adequate to the level of protection under the EU law. These mechanisms only apply to Piano Software, Inc. while other non-U.S. Piano affiliated companies may be subject to similar or equivalent rules under local law. Cross-border data access request must comply with respective Mutual Legal Assistance Treaties. For avoidance of doubt, all Customer Data is handled by Piano affiliated companies in the name of Piano Software, Inc. (which in turn handles it in the name of its customer). If any foreign agency requests Customer Data from local Piano affiliated company, it must follow Mutual Legal Assistance Treaty with the U.S. and request access from Piano Software, Inc. via Department of Justice of the United States of America.
Criminal Law Enforcement Authorities:
Federal prosecutors, who are officials of the Department of Justice (DOJ), and federal investigative agents including agents of the Federal Bureau of Investigation (FBI), a law enforcement agency within DOJ, are able to compel production of documents and other record information from corporations in the United States for criminal investigative purposes through several types of compulsory legal processes, including grand jury subpoenas, administrative subpoenas and search warrants, and may acquire other communications pursuant to federal criminal wiretap and pen register authorities.
Grand Jury or Trial Subpoenas: Criminal subpoenas are used to support targeted law enforcement investigations. A grand jury subpoena is an official request issued from a grand jury (usually at the request of a federal prosecutor) to support a grand jury investigation into a particular suspected violation of criminal law. Grand juries are an investigative arm of the court and are impaneled by a judge or magistrate. A subpoena may require someone to testify at a proceeding, or to produce or make available business records, electronically stored information, or other tangible items. The information must be relevant to the investigation and the subpoena cannot be unreasonable because it is overbroad, or because it is oppressive or burdensome. A recipient can file a motion to challenge a subpoena based on those grounds. See Fed. R. Crim. P. 17. In limited circumstances, trial subpoenas for documents may be used after the case has been indicted by the grand jury.
Administrative Subpoena Authority: Administrative subpoena authorities may be exercised in criminal or civil investigations. In the criminal law enforcement context, several federal statutes authorize the use of administrative subpoenas to produce or make available business records, electronically stored information, or other tangible items in investigations involving health care fraud, child abuse, Secret Service protection, controlled substance cases, and Inspector General investigations implicating government agencies. If the government seeks to enforce an administrative subpoena in court, the recipient of the administrative subpoena, like the recipient of a grand jury subpoena, can argue that the subpoena is unreasonable because it is overbroad, or because it is oppressive or burdensome.
Court Orders For Pen Register and Trap and Traces: Under criminal pen register and trap and trace provisions, law enforcement may obtain a court order to acquire real-time, non-content dialing, routing, addressing and signaling information about a phone number or e-mail upon certification that the information provided is relevant to a pending criminal investigation. See 18 U.S.C. §§ 3121-3127. The use or installation of such a device outside the law is a federal crime.
Electronic Communications Privacy Act (ECPA): Additional rules govern the government's access to subscriber information, traffic data and stored content of communications held by ISPs telephone companies, and other third party service providers, pursuant to Title II of ECPA, also called the Stored Communications Act (SCA), 18 U.S.C. §§ 2701–2712. The SCA sets forth a system of statutory privacy rights that limit law enforcement access to data beyond what is required under constitutional law from customers and subscribers of internet service providers. The SCA provides for increasing levels of privacy protections depending on the intrusiveness of the collection. For subscriber registration information, IP addresses and associated time stamps, and billing information, criminal law enforcement authorities must obtain a subpoena. For most other stored, non-content information, such as e-mail headers without the subject line, law enforcement must present specific facts to a judge demonstrating that the requested information is relevant and material to an ongoing criminal investigation. To obtain the stored content of electronic communications, generally, criminal law enforcement authorities obtain a warrant from a judge based on probable cause to believe the account in question contains evidence of a crime. The SCA also provides for civil liability and criminal penalties.
Court Orders for Surveillance Pursuant to Federal Wiretap Law: Additionally, law enforcement may intercept in real time wire, oral or electronic communications for criminal investigative purposes pursuant to the federal wiretap law. See 18 U.S.C. §§ 2510-2522. This authority is available only pursuant to a court order in which a judge finds, inter alia, that there is probable cause to believe that the wiretap or electronic interception will produce evidence of a federal crime, or the whereabouts of a fugitive fleeing from prosecution. The statute provides for civil liability and criminal penalties for violations of the wiretapping provisions.
Search Warrant — Rule 41: Law enforcement can physically search premises in the United States when authorized to do so by a judge. Law enforcement must demonstrate to the judge based on a showing of ‘probable cause’ that a crime was committed or is about to be committed and that items connected to the crime are likely to be found in the place specified by the warrant. This authority is often used when a physical search by police of a premise is needed due to the danger that evidence may be destroyed if a subpoena or other production order is served on the corporation. See U.S. Const. amend. IV (discussed in further detail above), Fed. R. Crim. P. 41. The subject of a search warrant may move to quash the warrant as overbroad, vexatious or otherwise improperly obtained and aggrieved parties with standing may move to suppress any evidence obtained in an unlawful search. See Mapp v. Ohio, 367 U.S. 643 (1961).
DOJ Guidelines and Policies: In addition to these Constitutional, statutory and rule-based limitations on government access to data, the Attorney General has issued guidelines that place further limits on law enforcement access to data, and that also contain privacy and civil liberty protections. For instance, the Attorney General's Guidelines for Domestic Federal Bureau of Investigation (FBI) Operations (September 2008) (hereinafter AG FBI Guidelines), available at http://www.justice.gov/archive/opa/docs/guidelines.pdf , set limits on use of investigative means to seek information related to investigations that involve federal crimes. These guidelines require that the FBI use the least intrusive investigative methods feasible, taking into account the effect on privacy and civil liberties and the potential damage to reputation. Further, they note that ‘it is axiomatic that the FBI must conduct its investigations and other activities in a lawful and reasonable manner that respects liberty and privacy and avoids unnecessary intrusions into the lives of law-abiding people.’ See AG FBI Guidelines at 5. The FBI has implemented these guidelines through the FBI Domestic Investigations and Operations Guide (DIOG), available at https://vault.fbi.gov/FBI%20Domestic%20Investigations%20and%20Operations%20Guide%20 (DIOG), a comprehensive manual that includes detailed limits on use of investigative tools and guidance to assure that civil liberties and privacy are protected in every investigation. Additional rules and policies that prescribe limitations on the investigative activities of federal prosecutors are set out in the United States Attorneys' Manual (USAM), also available online at http://www.justice.gov/usam/united-states-attorneys-manual .
Civil and Regulatory Authorities (Public Interest): There are also significant limits on civil or regulatory (i.e., ‘public interest’) access to data held by corporations in the United States. Agencies with civil and regulatory responsibilities may issue subpoenas to corporations for business records, electronically stored information, or other tangible items. These agencies are limited in their exercise of administrative or civil subpoena authority not only by their organic statutes, but also by independent judicial review of subpoenas prior to potential judicial enforcement. See, e.g., Fed. R. Civ. P. 45. Agencies may seek access only to data that is relevant to matters within their scope of authority to regulate. Further, a recipient of an administrative subpoena may challenge the enforcement of that subpoena in court by presenting evidence that the agency has not acted in accordance with basic standards of reasonableness, as discussed earlier.
There are other legal bases for companies to challenge data requests from administrative agencies based on their specific industries and the types of data they possess. For example, financial institutions can challenge administrative subpoenas seeking certain types of information as violations of the Bank Secrecy Act and its implementing regulations. See 31 U.S.C. § 5318, 31 C.F.R. Part X. Other businesses can rely on the Fair Credit Reporting Act, see 15 U.S.C. § 1681b, or a host of other sector specific laws. Misuse of an agency's subpoena authority can result in agency liability, or personal liability for agency officers. See, e.g., Right to Financial Privacy Act, 12 U.S.C. §§ 3401–3422. Courts in the United States thus stand as the guardians against improper regulatory requests and provide independent oversight of federal agency actions.
Finally, any statutory power that administrative authorities have to physically seize records from a company in the United States pursuant to an administrative search must meet the requirements of the Fourth Amendment. See See v. City of Seattle, 387 U.S. 541 (1967).
A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time, so you don’t have to keep re-entering them whenever you come back to the site or browse from one page to another.
You can control and/or delete cookies as you wish – for details, see aboutcookies.org . You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities related to the use of Piano software may not work.
According to Article 5(3) of the current “e-Privacy Directive” of 12 July 2002: “Member States shall ensure that the use of electronic communications networks to store information or to gain access to information stored in the terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user concerned is provided with clear and comprehensive information in accordance with Directive 95/46/EC, inter alia about the purposes of the processing, and is offered the right to refuse such processing by the data controller. This shall not prevent any technical storage or access for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network, or as strictly necessary in order to provide an information society service explicitly requested by the subscriber or user.”
The above has been implemented into individual EU member state laws differently. For example, in some EU member states the consent can be provided by setting of the internet browser (allow cookies), in other EU member states this there is a requirement for opt-in consent. It seems that the proposal for the e-Privacy regulation will regard web browser setting a cookies consent pursuant to the GDPR. Naturally, responsibility to comply with the relevant EU member state regulation of cookies remains on the Publisher who operates the website for which Piano Software is used.
Archive of Policies
Notifications should be sent to the following:
Piano Software, Inc.
Attn: Stuart Ashford
111 S Independence Mall East, Suite 950
Philadelphia, PA 19106