This Privacy Policy ("Policy") describes how Roxr Software Ltd ("Roxr", "we", "us", or "our") collects, uses, and shares information provided to us through our website clicky.com (the "Site"), and the services available through our Site ("Clicky", "Service", or "Services").

We collect information about users of our Service (our "Customers"), as well as our Customers' end users ("End Users") (collectively, "you", "your", or "yourself"). Note that Customers are also End Users, as we use our own Service to track itself. Some of the information collected may be Personal Data (defined as personal data of End Users that is processed by Roxr on behalf of Customers). Your rights regarding Personal Data are described in this Policy.

By using the Service, you agree that your information will be handled as described by this Policy, and that your usage and any disputes over privacy are subject to this Policy and our Terms of Service ("Terms") which are incorporated by reference into this Policy.


Information we collect

We collect information about you through your use of our Service and/or from the web sites and services provided by our Customers.

From Customers

When you create an account, you provide us with a username, password, real name, and email address, as well as one or more web sites that you own and want to monitor with the Service. If you make a purchase, you provide us with your billing information such as card number and address. This information is used for the purposes of having and maintaining your account. Your email is only used for important account notifications, such as a failed payment or a subscription about to expire.

End Users

We collect information from End Users under the instruction of our Customers, under which circumstance we have no direct relationship with the End Users.
The following information is sent to our servers by default when an End User visits a Customer's web site.
  • URL & Title of pages viewed
  • URL & Title of any links that are clicked on pages viewed
  • Referrer
  • User agent
  • Browser language
  • Screen resolution
  • x/y coordinates of mouse events
  • Unique ID tracking cookie ("UID")
    The GDPR considers this to be Personal Data, even though it is randomly generated and does not identify who you are or reveal anything else about you.
    Its sole purpose is to more accurately track unique visitors.
  • IP address ("IP")
    IPs are anonymized before processing, but our Customers have the option to disable this, in which case they are considered Personal Data.
  • Custom data
    This feature can be used by a site to attach additional data to a visitor, potentially including Personal Data such as a name or email address, but it is against our Terms to log Personal Data using this feature without disclosure or (depending on "legitimate interest") consent. This feature requires a small amount of configuration and coding by Customers, so only a small percentage of Customers use it.

Per Article 6 of the GDPR, processing of UID and IP Personal Data is lawful and does not require your direct consent because it is "necessary for the purposes of the legitimate interests" of web sites using the service. These legitimate interests include but are not limited to:
  • Assembling statistics regarding the use of a web site. (Accurately counting unique visitors is a vital statistic for any web site).
  • Preventing fraud and abuse, and maintaining information security. (Full IP addresses are necessary for this type of usage). Recital 47 of the GDPR states: "The processing of Personal Data strictly necessary for the purposes of preventing fraud also constitutes a legitimate interest".

As End Users of our service, the types of information listed above are also collected about our Customers when they are using our Service. The Personal Data that we log is as follows:
  • Your UID and IP address, per the legitimate interests above.
  • Your account username, per the legitimate interests above, as well as to help with customer service needs.


How we use your information


Customers

  • To provide and maintain our Service to you.
  • To help understand how Customers use our Service on an individual and aggregate basis in order to improve it.
  • To help with customer service needs, such as troubleshooting issues that you report to us.
  • To contact you with important account notifications, such as a failed payment or subscription about to expire.
  • Other research and analytical purposes such as Service performance, Customer behavior and retention, and common navigations through the Site.

End Users



How we share your information

We may share your information with service providers or contractors who perform actions or functions on our behalf, but only as necessary to provide and maintain the Service to you. For example, we must share your billing information with our merchant account provider in order to charge you for the Service.

We may also share your information for legal reasons, such as:
  • Meeting applicable laws, regulations, legal processes, or enforceable governmental requests.
  • In response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
  • Detecting, preventing, or otherwise addressing fraud, security, or technical issues.
  • Protecting against harm to the rights, property or safety of Roxr, our Customers, or the public as required or permitted by law.
  • Enforcing applicable Terms of Service.



Cookies

The following cookies are used with the Service. All cookies are first party unless otherwise noted. Temporary session cookies (that expire when you leave a web site) are not listed.

Customers

  • clicky_userdata -- If you check "remember me" on the login page, this cookie is set for 1 year to automatically log you in on future visits. Deleted if you manually "log out" of the Site.
  • osa -- Third party (attached to our tracking domains). Used to authenticate the on-site analytics widget when visiting your own web sites. Deleted if you manually "log out" of the Site.
  • ignore -- Third party (attached to our tracking domains). Used to ignore your own visits to your own web sites.

End Users

  • _referrer_og -- Stores external referrer for 90 days, for better long term attribution of traffic sources.
  • _utm_og -- Stores dynamic (UTM) campaign variables for 90 days, for better long term attribution of marketing efforts.
  • _custom_data_[key] -- Only set when a site is using custom data tracking and the site has flagged an End User as having fully consented to tracking Personal Data. These cookies cache certain custom data keys for 30 days so that they're attached to sessions even when a visitor is not logged in.
  • _jsuid -- Unique ID tracking cookie.
  • cluid -- Third party Unique ID tracking cookie (attached to our tracking domains). Used solely to identify the same visitor across multiple domains belonging to the same customer. The first party cookie is updated to match the third party one if both are set and the values don't match.

Customers can disable End User cookies by setting clicky_custom.cookies_disable.


Security

To the best of our ability, we protect all of our data from loss, misuse, and unauthorized access and destruction.

Secure (HTTPS) access is forced for our Site to help keep your information, including login credentials, secure in transit. You are responsible for using a strong and unique password for the Site to help keep your account secure. We are not responsbile for any unauthorized activity on your account because of lost, weak, or compromised passwords.


EU & Swiss Privacy Shield

Roxr Software Ltd complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Data from European Union member countries and Switzerland transferred to the United States pursuant to Privacy Shield. Roxr has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this Privacy Policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

The Federal Trade Commission has jurisdiction over Roxr's compliance with the Privacy Shield.

Roxr Software Ltd acknowledges that EU and Swiss individuals have the right to access, correct, amend, and delete their Personal Data. EU and Swiss Customers may contact us via email. End Users, with whom we we have no direct relationship, should send their inquiries directly to our Customer. If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized.

To limit the use and disclosure of your Personal Data, please contact us via email.

In the context of an onward transfer, Roxr has responsibility for the processing of Personal Data it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Roxr shall remain liable under the Principles if its agent processes such Personal Data in a manner inconsistent with the Principles, unless Roxr proves that it is not responsible for the event giving rise to the damage.

In compliance with the Privacy Shield Principles, Roxr commits to resolve complaints about your privacy and our collection or use of your Personal Data transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact us via email.

Roxr has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction


Personal Data rights

EU and Swiss citizens have the legal right to access, correct, and delete their Personal Data. Customers may contact us directly to do so, while End Users (with whom we we have no direct relationship) should send their inquiries directly to the Customer in question. End Users may also opt out of tracking.

If we receive a request from an End User in relation to Personal Data processed for a Customer, we will advise the End User to submit their request to Customer, and Customer will be responsible for responding to such request using the tools we have provided on our Site for handling Personal Data requests. Customer agrees to use all reasonable measures to verify the identity of an End User before sharing or modifying Personal Data.

Customers can export their data using the API or the export function within any report, or delete their account using the link at the top of the user preferences page. We try to protect information from accidental or malicious deletion, so there may be delays between when you delete something and when copies are deleted from our active and backup systems.

We retain Personal Data on behalf of our Customers for as long as needed to provide our Service to them, or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

Our Service is not designed for children under 13. If we discover that a child under 13 has provided us with Personal Data, we will delete their data from our systems.


Contact us

If you have any questions about this Policy or would like to make a complaint, please contact us by email.

Roxr Software Ltd
10883 SE Main St #201
Milwaukie, OR, 97222


Changes to this Policy

This Policy is active as of the date below and is updated from time to time. We will notify you via your registered email address or a notice on this website prior to any significant changes becoming effective regarding Personal Data. You should periodically review this page for the latest information.

May 25 2018