Privacy Policy

INTRODUCTION

RapL Inc. (“RapL,” “we,” “us,” or “our”) respects the privacy of its Users (“User,” “your,” or “you”). This Privacy Policy (the “Privacy Policy”) explains how we collect, use, disclose, and safeguard your information when you use RapL Platform (the “Platform”) through RapL’s website at https://getrapl.com/ (the “Website”) or RapL’s mobile application (the “App”).

RapL is committed to protecting the privacy of its Users whose information is collected and stored while using RapL’s Platform through our Website or App.

The capitalized terms have the same meaning as ascribed in our Terms of Use or Terms of Service as applicable, unless otherwise noted here.

PLEASE READ THIS PRIVACY POLICY CAREFULLY TO UNDERSTAND OUR POLICIES AND PRACTICES REGARDING YOUR INFORMATION AND HOW WE WILL TREAT IT. BY ACCESSING OR USING OUR WEBSITE, APP, AND PLATFORM, YOU AGREE TO ACCEPT ALL THE TERMS CONTAINED IN THIS PRIVACY POLICY AND ACKNOWLEDGE AND AGREE WITH THE PRACTICES DESCRIBED HEREIN. IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY, PLEASE DO NOT ACCESS AND USE OUR WEBSITE, APP, AND PLATFORM.

IF YOU HAVE ANY QUESTIONS REGARDING THIS PRIVACY POLICY, PLEASE SEND US AN EMAIL AT PRIVACY@GETRAPL.COM.

WE DO NOT SELL YOUR PERSONAL INFORMATION, NOR DO WE INTEND TO DO SO. WE DO NOT GIVE ACCESS TO YOUR PERSONAL INFORMATION TO THIRD PARTIES EXCEPT TO SUBPROCESSORS TO ASSIST US IN THE PROVISION OF OUR SERVICES TO YOU.

 

TERRITORIAL RESTRICTION

Our Website, App, and Platform are only available for use and download outside the European. Our Website, App, and Platform are not available for use or download by residents of, visitors to, or your employees who reside in the European Union (collectively a “European”). If you are a European, please do not download, register, and/or use our Website, App, or Platform. If you are a resident of the United States (“US”), the laws of the State of Delaware, United States shall apply.  If you are a resident of any other country, please ensure compliance with all local laws prior to using our Website, App, or Platform.  You must comply with this Privacy Policy and our Terms of Use and Terms of Service, as applicable.

If you have any questions regarding this Section, please email us at privacy@getrapl.com.

 

WHAT INFORMATION DO WE COLLECT?

When you register to use our Website, App, or Platform, we collect personal information (also referred to as personally identifiable information or “PII”) which may include your name, online contact information such as your email address or username, phone number, and other personal information. The information so collected will be stored on our servers. You are able to change your personal information via email by contacting us at privacy@getrapl.com or through your profile or account settings on our Website, App, or Platform.

  1. Geolocation and Equipment Information. We may collect information that does not personally identify you such as (i) your geolocation, and (ii) information about your internet connection, the equipment you use to access our Website, App, or Platform, and usage details.
  2. Financial Information. We currently do not collect or store any credit cards or bank information, as we are using a third-party payment processor. However, we will update this Privacy Policy when we start using and storing such information. We will also inform you via reasonable means if we start collecting such information from you.

 

HOW DO WE COLLECT INFORMATION?

We collect personal information from you in the following ways:

  1. At registration on our Website, App, or Platform.
  2. In email, text and other electronic messages between you and our Website, App or Platform.
  3. Through mobile and desktop applications you download from our Website, App, or Platform, which provides dedicated non-browser based interaction between you and our Website, App, or Platform.
  4. When you subscribe to a newsletter.

We collect information from you automatically when you navigate through our Website, App, or Platform in the following ways:

  1. Usage details.
  2. IP addresses.

 

HOW DO WE USE YOUR INFORMATION?

We use the information that you provide to:

  1. Personalize your experience in using our Platform.
  2. Provide you with information, products, or services requested from us.
  3. Allow you to participate in interactive features on our Website, App, and Platform.
  4. Improve our customer service.
  5. Administer contests, promotions, and surveys or other Website, App, and Platform features.
  6. Anonymize data and aggregate data for statistics.
  7. Contact you about third parties’ goods and services.
  8. Send you periodic emails, in accordance with the CAN-SPAM Act of 2003 as detailed in Section 14, via the email address provided by you to (i) send information, respond to inquiries, and/or other requests or questions; (ii) process orders and send information and updates pertaining to such orders; (iii) send additional information related to your product and/or service; and (iv) market to our mailing list or continue to send email to you after the original transaction has occurred.
OUR COOKIE POLICY
HOW DO WE PROTECT THE INFORMATION WE COLLECT?

Our Website and App are reasonably scanned to meet or exceed PCI Compliance. Our Website and App receive regular security scans and penetration tests.  Our Website and App also receive regular malware scans.  In addition, our Website and App use an SSL certificate as an added security measure. We require username and passwords for our employees who can access your personal information that we store and/or process on our Platform and servers. In addition, we actively prevent third parties from getting access to your personal information that we store and/or process on our Platform and servers. We will implement reasonable security measures every time you (a) place an order, or (b) enter, submit, or access your information, (c) register, or (d) access our Platform, on our Website and App.

DATA SECURITY MEASURES.
  1. Security Measures. We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls.  The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, App, or Platform, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website, App, or Platform. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Website, App, or Platform.
  2. Fair Information Practice Principles. In the event of a personal data breach, we will notify you within fifteen (15) days via (i) email and/or (ii) our Platform notification system on our Website and/or App.  We agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
DISCLOSURE OF PERSONAL INFORMATION

There are times when we may share Personal Information that you have shared with us may be shared by RapL with others to enable us to provide you over Services, including contractors, service providers, and third parties (“Partners”). This section discusses only how RapL may share such information with Partners. We will ensure that our Partners protect your Personal Information. The following describe how and with whom we may share your Personal Information:

Disclosure of Personal Information.
  1. We may disclose aggregated, de-personalized information about you that does not identify any individual to other parties without restriction, such as for marketing, advertising or other uses.
  2. We may disclose personal information to our subsidiaries and affiliates.
  3. We may disclose personal information to contractors, services providers and other third parties.
  4. We require all contractors, service providers and other third parties to whom we disclose your personal information to be under contractual obligations to keep personal information confidential and to use it only for the purposes for which we disclose them.
  5. We may disclose personal information in the event of a merger, sale of business, etc.
  6. We may disclose to third parties to market their products and services to you if you have either consented or not opted out of these disclosures.
  7. We may disclose personal information to third parties to market their products and services if you have either consented or not opted out of these disclosures.
  8. We require all other Partners, to whom we disclose your personal information, to enter into contracts with us to keep personal information confidential and use it only for the purposes for which we disclose it to such Partners.
  9. We disclose personal information to fulfill the purpose for which you have provided it, for instance, if you gave us an email address to use the “email a friend” feature of the Platform.
  10. We may disclose personal information for any other purpose for which you have provided it.
  11. We may only disclose personal information as described in this Privacy Policy or your consent.

 

Other Disclosure of Personal Information.

  1. We will disclose personal information (i) to comply with any court order, law, or legal process, including to respond to any government or regulatory request, (ii) to enforce or apply our Terms of Use or Terms of Service and other agreements, including for billing and collection purposes, (iii) if we believe it is necessary or appropriate to protect the rights, property or safety of RapL, our customers or others, and/or (iv) if it is necessary or appropriate to protect the rights, property or safety of RapL, our customers or others, and this includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

 

Third Party Disclosure.
  1. We do not sell, trade, rent, or otherwise transfer personal information to others, unless we provide you with advance notice. This does not include our hosting partners and other parties who assist us in operating our Website, App, or Platform, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.
  2. We do not provide non-personally identifiable visitor information for marketing purposes.
Choices Users Have About How RapL Uses and Discloses Information.

Tracking Technologies and Advertising. You can set their browser to refuse some or all the browser cookies, but if you disable or refuse cookies, some parts of our Website may not be accessible or function properly.

GOOGLE ADSENSE AND GOOGLE ANALYTICS

Google, as a third-party vendor, uses Cookies to serve advertisements to Users on our Website, App, and Platform. Google uses first-party Cookies, such as Google Analytics Cookies, to compile data regarding User interactions with ad impressions and other ad service functions as they relate to our Platform. We currently use Google Analytics to collect and process certain Website and App usage data. To learn more about Google Analytics and how to opt-out, please visit https://policies.google.com/privacy/google-partners.

We use these Cookies to compile data regarding User interactions with ad impressions and other ad service functions as they relate to our Website or App.

 

FOR OUR CANADIAN USERS

This Section supplements the information contained in our Privacy Policy above and applies solely to all visitors, users, and others to our Website, App, or Platform, who reside in Canada (“consumers” or “you”). We ensure with the Personal Information Protection and Electronics Document Act of 2000 (“PIPEDA”) and any terms defined in the PIPEDA have the same meaning when used in this Section.

  1. Definition of Personal Information.  Any information about an identifiable individual. Whatever may be the physical form or characteristics of a particular regime for “business contact information” (name, position, title, address, professional phone number, etc.)
  2. Right to Access Personal Information.  You can request to access your personal information we hold about you. We will first confirm whether you have requested such information, explain how we have used your information, provide a list of names with whom your information has been shared and provide a copy of your information in an accessible format and make alternative formats available if requested.
  3. Right to Correction/Limited Right to Deletion.  You can request us to correct or delete your information IF you demonstrate that the personal information we hold on you is inaccurate. We will delete or correct your information within thirty (30) calendar days. When we delete/correct your personal information we will inform the third parties with whom we have shared your information.
  4. Right to be Forgotten.  Your information will be kept with us for as long as it is required for the fulfillment of the purposes of RapL platform. Unless we otherwise give you notice, we will retain your Information on the RapL Platform on your behalf until such times as you or we terminate your User Account.
  5. Data Breach Notification.  We will send a notification to you as soon as feasible regarding the information of any breach that creates a “real risk of significant harm” to you. We keep a record of every data breach and, on request, provide the Office of the Privacy Commissioner with access to the record.
  6. Canadian Privacy Officer.  We have appointed a Canadian Privacy and Data Protection Officer, privacy@getrapl.com, to make sure the privacy rights of our Canadian users are protected in compliance with PIPEDA.
  7. Two Factor Authentication. You may enable two-factor authentication on your account to help ensure that only you can access your account. If you do, in addition to entering your password to log in to your account to access the RapL Platform, we will send a code to your mobile number, which you will need to enter. This added security prevents anyone else from accessing your RapL account unless they have access to your login information.
  8. Contact Information. You may contact us (i) at privacy@getrapl.com, or (ii) by writing to us at Privacy Officer, at 32, 2nd Ave, #421 Burlington, MA 01803 USA, to (i) make a Personal Information Request, (ii) correct or delete your personal information, (iii) discuss our Privacy Policy and/or anything that has to do with it. We will respond within thirty (30) calendar days of receiving such a request or query. Additionally, in order for us to respond to your request or query, we will need to collect information from the requesting party to verify their identity.
YOUR CALIFORNIA PRIVACY RIGHTS

RapL does not sell, trade, or otherwise transfer to outside third parties your “Personal Information” as the term is defined under the California Civil Code Section § 1798.82(h).  Additionally, California Civil Code Section § 1798.83 permits Users of our Website, App, or Platform that are California residents to request certain information regarding our disclosure of their Personal Information to third parties for their direct marketing purposes. To make a request for such disclosure, or identification and/or deletion of Personal Information in all our systems that we store on you, please send an email to privacy@getrapl.com or write us at RapL, 32, 2nd Ave, #421 Burlington, MA 01803 USA.

Note that (i) if we delete your Personal Information as requested, we will no longer be able to provide our services to you and (ii) we may need to keep such Personal Information for a while during the shutting down and billing process. If you would like to discuss our Personal Information storage and processing process with us, please send us an email at privacy@getrapl.com or write us at RapL, 32, 2nd Ave, #421 Burlington, MA 01803 USA.

CAN-SPAM ACT OF 2003

The CAN-SPAM Act establishes requirements for commercial messages, gives recipients the right to have businesses stop emailing them, and spells out penalties for violations.  Per the CAN-SPAM Act, we will:

  1. not use false or misleading subjects or email addresses.
  2. identify the email message as an advertisement in some reasonable way.
  3. include the physical address of RapL, which is 32, 2nd Ave, #421 Burlington, MA 01803 USA.
  4. monitor third-party email marketing services for compliance, if one is used.
  5. honor opt-out/unsubscribe requests quickly; and
  6. give an “opt-out” or “unsubscribe” option.

If you wish to opt out of email marketing, follow the instructions at the bottom of each email or contact us at privacy@rapl.com and we will promptly remove you from all future marketing correspondences.

MODIFICATIONS TO OUR PRIVACY POLICY

RapL reserves the right, at its sole discretion, to change or modify this Privacy Policy at any time. In the event we modify this Privacy Policy, such modifications shall be binding on you only upon your acceptance of the modified Privacy Policy. We will inform you about the modifications on our Privacy Policy page via email, on our Website, App, or Platform by posting a modified version of the Privacy Policy page, or by a comparable means within a reasonable time period.  Your continued use of our Website, App, or Platform shall constitute your consent to such changes.

LIST OF THIRD-PARTY SERVICE PROVIDERS

RapL uses the following third-party service providers for the provision of services as detailed under the Terms of Use or Terms of Service, as applicable

Name of Third-Party Service Provider

Amazon Web Services Inc. (North Virginia, US)

Contact Information

Website:

https://aws.amazon.com/

premiumsupport/knowledge-center/aws-phone-support/

Address: 410 Terry Avenue North, Seattle, WA 98109-5210

Additionally, if you have any questions or concerns about our third-party service providers, please email us at privacy@getrapl.com.

COPYRIGHT INFRINGEMENT/DMCA NOTICE

If you believe that any content on our Website, App, or Platform violates your copyright, and you wish to have the allegedly infringing material removed, the following information in the form of a written notification (pursuant to the Digital Millennium Copyright Act of 1998 (“DMCA Takedown Notice”)) must be provided to our designated Copyright Agent.

  1. Your physical or electronic signature.
  2. Identification of the copyrighted work(s) that you claim to have been infringed.
  3. Identification of the material on our Website, App, or Platform that you claim is infringing and that you request us to remove.
  4. Sufficient information to permit us to locate such material.
  5. Your address, telephone number, and email address.
  6. A statement that you have a good faith belief that use of the objectionable material is not authorized by the copyright owner, its agent, or under the law; and
  7. A statement that the information in the notification is accurate, and under penalty of perjury, that you are either the owner of the copyright that has allegedly been infringed or that you are authorized to act on behalf of the copyright owner.

RapL’s Copyright Agent to receive DMCA Takedown Notices is
privacy@getrapl.com and at RapL,
Attn: DMCA Notice, 32, 2nd Ave, #421 Burlington, MA 01803 USA. You acknowledge that for us to be authorized to
take down any content, your DMCA Takedown Notice must comply with all the requirements of this Section. Please note that, pursuant to 17 U.S.C. § 512(f), any misrepresentation of material fact (falsities) in a written notification automatically subjects the complaining party to liability for any damages, costs and attorney’s fees incurred by RapL in connection with the written notification and allegation of copyright infringement. 

CONTACT US 

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at:

privacy@getrapl.com
Address: RapL, 32, 2nd Ave, #421 Burlington, MA 01803 USA.

PLEASE NOTE: IF YOU USE OUR WEBSITE, APP, OR PLATFORM, YOU HAVE AGREED TO AND ACCEPTED THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY AND THE TERMS AND CONDITIONS SET FORTH IN OUR TERMS OF USE OR OUR TERMS OF SERVICE, AS APPLICABLE.  IF YOU DO NOT AGREE WITH THE TERMS OF THIS PRIVACY POLICY OR OUR TERMS OF SERVICE, PLEASE DO NOT USE OUR WEBSITE, APP, OR PLATFORM.

Request Submitted

Your request for account deletion has been submitted. We will process your request shortly. Thank you for using our service

ISO 27001:2013

Overview

ISO/IEC 27001:2013 is a security management standard that specifies security management best practices and comprehensive security controls following the ISO/IEC 27002 best practice guidance. The basis of this certification is the development and implementation of a rigorous security program, which includes the development and implementation of an Information Security Management System (ISMS) which defines how RapL perpetually manages security in a holistic, comprehensive manner. This widely-recognized international security standard specifies that RapL do the following:

  • We systematically evaluate our information security risks, taking into account the impact of threats and vulnerabilities.
  • We design and implement a comprehensive suite of information security  controls and other forms of risk management to address customer and architecture security risks.
  • We have an overarching management process to ensure that the information security controls meet our needs on an ongoing basis.

RapL has certification for compliance with ISO/IEC 27001:2013. These certifications are performed by independent third-party auditors. Our compliance with these internationally-recognized standards and code of practice is evidence of our commitment to information security at every level of our organization, and that the RapL security program is in accordance with industry leading best practices.

SOC 2

Overview

SOC 2 compliance is a set of standards that organizations use to ensure the security, confidentiality, and integrity of their systems and data. SOC 2 compliance is often required by organizations that process or store sensitive data. RapL has compliance with SOC2 Type II report.

Thanks for your application

We appreciate your interest in RapL. If you are selected for an interview, we will contact you shortly.

You'll hear from us soon

We’ll be in touch via email or a brief phone call.
During the week, you’ll hear from us within 24 hours and if it’s a weekend, we’ll follow up on Monday morning.

If you have a question, please feel free to email at hello@getrapl.com