Docs Pricing

Last Updated: August 2020

Your privacy is important to us. This privacy statement explains our collection, use, and disclosure of personal information. This privacy statement applies to Chatlio LLC dba Roomlio dba Roomlio and to our controlled affiliates and subsidiaries (“Roomlio”). References to our “products” in this statement include our websites, apps, software, and services. This statement applies to our products that display or reference this statement, but it does not apply to any products that display or reference a different privacy statement.

PERSONAL INFORMATION WE COLLECT

We collect and process personal information about you with your consent and/or as necessary to perform our contractual obligations, provide our services, meet our legal obligations, protect the security of our systems, or fulfill other legitimate interests.

Information you provide directly. If you are a customer or partner of Roomlio, we typically collect the personal information necessary to carry out our relationship with you, such as your name and contact information. We collect billing and payment information where appropriate, and retain only the last four digits of the credit card, as well as authorization or validation tokens. As a Roomlio customer, you may also choose to provide additional information about your own customers (“visitors”) using our API.

Information we collect automatically. When you visit our website, as further described in the Cookies and Similar Technologies section below, or when you use our products, some information is collected automatically. For example, our web servers automatically log your computer's operating system, Internet Protocol (IP) address, access times, browser type and language, the website you visited before our site, and your activity on our website. We also collect information about your visitors necessary to provide the Roomlio service, such as visitor IP address, user agent, current page information. We may derive additional information about you and your visitors from the information provided, such as a location based on IP address.

Third-party sources. We also obtain information from third-party data sources. Additionally, we may obtain data from other sources such as:

We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of the data.

When you are asked to provide personal information, you may decline. But if you choose not to provide information that is necessary to enter into a contract or for certain services or features to function correctly, you will not be able to take full advantage of our offerings.

COOKIES AND SIMILAR TECHNOLOGIES

We use cookies and similar technologies to operate our websites and online services and to help collect data. Cookies are small text files placed on your device to store data that can be recalled by a web server in the same domain that placed the cookie. The text in a cookie often consists of a string of numbers and letters that uniquely identifies your device, but it can contain other information as well.

We use cookies to store your preferences and settings, enable you to sign-in, combat fraud, analyze how our products perform, and fulfill other legitimate purposes.

Our web pages may contain electronic images known as web beacons (also called single-pixel gifs) that we use to help deliver cookies on our websites, count users who have visited those websites, and gather usage and performance data. We also include web beacons in our email messages or newsletters to determine whether you open and act on them.

Our websites may include web beacons and cookies from third-party service providers. In some cases, that is because we have hired the third party to provide services on our behalf, such as site analytics. In other cases, it is because our web pages contain content or ads from third parties, such as videos, news content, or ads delivered by other ad networks. Because your browser connects to those third parties' web servers to retrieve that content, those third parties are able to set or read their own cookies on your device and may collect information about your online activities across websites or online services.

The third-party analytics providers we use include: Customer.io (https://customer.io/gdpr.html). Many third-party analytics providers allow you to opt-out from their collection or use. For more information, click on the links above.

You can also use browser controls to limit how the websites you visit are able to use cookies. Instructions for blocking or deleting cookies may be available in each browser's privacy or help documentation. Please be aware that if you choose to block cookies, certain website features that depend on cookies may no longer function. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, may be deleted and may need to be recreated.

OUR USE OF PERSONAL INFORMATION

We use each of the categories of personal information collected through our products for the business purposes described in this privacy statement or otherwise disclosed to you. For example, we use personal information to:

In carrying out these purposes, we combine data we collect from different sources to give you a more seamless, consistent and personalized experience.

OUR SHARING OF PERSONAL INFORMATION

We share personal information with your consent or as necessary to complete your transactions or provide the products you have requested or authorized. For example, when you provide payment data to make a purchase, we will share that data with banks and other entities as necessary for payment processing, fraud prevention, credit risk reduction, or other related financial services.

In addition, we also share personal information with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we've hired to provide customer service support or assist in protecting and securing our systems and services may need access to personal information to provide those functions. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal information they receive from us for any other purpose. We may also disclose personal information as part of a corporate transaction such as a merger, transfer, divestiture, or sale of all or a portion of our business or assets.

Finally, we will access, transfer, disclose, and preserve personal information when we have a good faith belief that doing so is necessary to:

CHOICE AND CONTROL OF PERSONAL INFORMATION

Access, correction, and deletion. If you wish to request access to, or correction or deletion of, personal information about you that we hold, contact us at privacy@roomlio.com. However, to the extent permitted by applicable law, we reserve the right to decline requests that are unreasonable, excessive, or prohibited by law, could adversely affect the privacy or other rights of another person, or where we are unable to authenticate you as the person to whom the data relates. If you are a visitor to the website or service of a Roomlio customer, you should first contact them to request access to, or correction or deletion of, any such personal information.

Communications preferences. You can choose whether you wish to receive promotional communications from us by email, SMS, physical mail, and telephone. If you receive promotional email, in-app messages, chat messages or SMS messages from us and would like to stop, you can do so by following the directions in that message. These choices do not apply to mandatory service communications that are part of certain of our products, or to surveys or other informational communications that may have their own unsubscribe method.

Cookie controls. Most web browsers are set to accept cookies by default. If you prefer, you can set your browser to delete or reject cookies. If you choose to delete or reject cookies, this could affect certain features or services of our website. See the Cookies section of this privacy statement for more details.

Advertising and analytics. Our third-party analytics and advertising partners typically provide options to opt-out of certain information collection or use. See the Cookies section of this privacy statement for more details.

Do Not Track. Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not a common understanding of how to interpret the DNT signal, our websites do not currently respond to browser DNT signals. Instead, you can use the range of other tools to control data collection and use, including the cookie controls and advertising controls described above.

EUROPEAN DATA PROTECTION RIGHTS

If the processing of personal information about you is subject to European Union data protection law, you have certain rights with respect to that data:

To make such requests, contact us at privacy@roomlio.com or review https://roomlio.com/legal/eu-privacy-summary/ for more details on contact options. When we are processing data on behalf of another party that is the “data controller,” you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.

CALIFORNIA PRIVACY RIGHTS

If you are a California resident and the processing of personal information about you is subject to the California Consumer Privacy Act (“CCPA”), you have certain rights with respect to that information.

You have a right to request access to or deletion of the personal information we have collected about you, and to receive additional information about our collection, use, disclosure, or sale of such personal information. To provide or delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law.

To make requests, please contact us at privacy@roomlio.com or by using the contact information provided at the bottom of this policy. When we are processing visitor’s data as a service provider to a business that is a Roomlio customer, you should direct your request to that business. You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.

You also have a right to opt-out from sales of personal information. However, we do not sell personal information and have not done so in the past 12 months. Finally, you have a right to not be discriminated against for exercising these rights set out in the CCPA.

RETENTION OF PERSONAL INFORMATION

We retain personal information for as long as necessary to provide the products and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. For example, to meet our legal compliance obligations, we maintain minimal account information for 7 years. This includes the email of the user who signed up for Roomlio, and the billing information including invoices at our payment processor. For all other data we delete as soon as practicable. For example, we purge all web access logs in no more than 90 days, including records of visitors who did not start a chat conversation.

LOCATION OF PERSONAL INFORMATION

The personal information we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. Currently, we primarily use data centers in the United States of America. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps designed to ensure that the data we collect under this statement is processed according to the provisions of this statement and applicable law wherever the data is located.

We transfer personal information from the European Economic Area and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections. To learn more about the European Commission’s decisions on the adequacy of personal information protections, please visit: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.

We also participate in the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. Although the EU-U.S. Privacy Shield has been ruled invalid as a legal basis for data transfers to the U.S., we continue to comply with the Privacy Shield Principles with respect to personal information transferred from the EEA, UK, and Switzerland to the United States. Our controlled U.S. subsidiaries, as identified in our self-certification submission, also adhere to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov.

We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. If third-party agents process personal data on our behalf in a manner inconsistent with the Privacy Shield Principles, we remain liable unless we prove we are not responsible for the event giving rise to any damages. If you have a question or complaint related to our complaince with the Privacy Shield Principles, please contact us as indicated at the bottom of this privacy statement. For any complaints related to the Privacy Shield that cannot be resolved with us directly, you may refer the unresolved matter to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus, at https://www.bbb.org/EU-privacy-shield/for-eu-consumers/. The services of Council of Better Business Bureaus are provided at no cost to you. Finally, as a last resort and under limited circumstances, a binding arbitration option is available to address certain residual complaints under the Privacy Shield not resolved by other means.

SECURITY OF PERSONAL INFORMATION

We take reasonable and appropriate steps to help protect personal information from unauthorized access, use, disclosure, alteration, and destruction. All traffic and data is encrypted in transit and we leverage Amazon AWS for hosting Roomlio infrastructure. Access to internal systems are tightly controlled and only those people that require access are given access. Services only expose the ports that are necessary. We monitor logs for abuse and misuse. All backups are encrypted and purged after a short amount of time.

CHANGES TO THIS PRIVACY STATEMENT

We will update this privacy statement when necessary to reflect changes in our products, how we use personal information, or the applicable law. When we post changes to the statement, we will change the "Last Updated" date at the top of the statement. If we make material changes to the statement, we will provide notice or obtain consent regarding such changes as may be required by law.

HOW TO CONTACT US

If you have a privacy concern, complaint, or a question for Chatlio LLC dba Roomlio or our data protection officer, please contact us at privacy@roomlio.com.

Our address is 1329 N 47TH ST #31231, Seattle, WA 98103 United States. Telephone: +1 206-438-3846