Iron Software - Privacy Statement
We are Iron Software. Formally, we are Iron Software LLC (“Iron Software”, “we”, “us” and “our”). Among other things, we build software libraries to solve real world problems. As part of this effort, we provide our services online, including via the website at https://ironsoftware.com/ (the “Iron Software Site”), as well as our occasional newsletter (collectively, the “Services”).
Each person or entity who uses our Services is referred to as a “user” or “you” or “your”. This Privacy Statement and our Terms of Service (“Terms”) apply to each user.
This document is our statement of our privacy practices (“Privacy Statement”). Among other things, it explains how we and some of the companies we work with collect, use, share and protect the information you provide to us (“your Content” or “User Content”). The User Content may include any personally-identifiable information, including without limitation name, address, telephone numbers, electronic mail and postal addresses, and other sensitive information that identifies or is uniquely associated with an individual (collectively, “Personal Data”). This Privacy Statement also discusses your choices about the collection, storage and use of your Personal Data.
Any Content that is not Personal Data is referred to as “Non-Personal Data.” Non-Personal Data may include without limitation information about how users use the Services, what Services users select, how users respond to service offerings, how users share information with others, what users say they like and dislike, all of which we aggregate into larger data sets that do not identify individuals (collectively, “Behavioral Data” which is a type of Non-Personal Data).
As part of the Services, Iron Software may share data or reference tools that complement our libraries and other software provided by other parties, including third parties with whom we have contractual or affiliate relationships (collectively, “Partners”). In addition, our Partners may directly license or administer the licensing of our products and Services on our behalf. Please note that this Privacy Statement does not apply to any other websites, mobile applications, or businesses. This Privacy Statement applies to any Personal Data and other Content we collect or process via any means, including via our Services; although the focus of this Privacy Statement is on Content we collect via our Services. By using our Services, you consent to the collection, transfer, analysis, transformation, storage, disclosure and other uses of your Content, including your Personal Data, as described in this Privacy Statement.
For the purpose of any privacy laws which use the terms “controller” and “processor” with regard to Personal Data, Iron Software is the “Data Controller”, meaning that Iron Software is the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data. Our service providers and contractors who process Personal Data are each the “Data Processor”, meaning that they process Personal Data at our direction.
1. Information We Collect
As noted above, we collect Content from you while providing the Services. Some of the Content is Personal Data that we may use to contact you and connect you with other users, and which is necessary to provide the Services. Other Content we collect from you includes Behavioral Data and other Non-Personal Data that we aggregate, share, and use to improve our Services, and the services of others. We collect many different types of information from you, both directly and indirectly.
Information you provide us directly
We may collect the following information from you.
Profile information: You may provide us with your name, address and other profile information that you choose to make public or share with other users.
Location Information: We may ask for your postal address or your geographic location information, especially if you place an order for Services with us. When you post User Content to our website or to social media, you may provide your location information, including global positioning system (“GPS”) data or other location information embedded in or accompanying the User Content (e.g., in tags or captions).
- Communications between you and Iron Software: We may send you emails, SMS or text messages, and other electronic communications for sales and delivery, notices of changes/updates to features of the Services, technical and security notices, and for other purposes. We may collect and store these communications.
Information we gather from your use of our Services
We collect the following information from your use of our Services.
- Emails: We may save private emails sent to us by users, and we may share your emails with any third parties or other users. Any public posts on Services may be viewed by any user and is public to anyone who visits the Services. You may elect to disclose certain Personal Data and Non-Personal Data. The information you submit in any public forums is not confidential or private, and Iron Software does not protect it. All information you choose to provide publicly, including information that identifies you or others, can be read, collected, or used by other users and by other third parties, and could be used to send you unsolicited messages and for other purposes.
- Social Media: In addition to media that we control, you may post comments, photographs, drawings and other User Content on third party social media, such as YouTube, Facebook, Instagram and X (formerly Twitter), each of which enforces its own terms of use and privacy policy for its service. As noted in the Terms, we may use and copy the User Content you post. More to the point, your User Content may contain Personal Data about you and other people in the form of names, email addresses, and location information. You should also be aware that a photograph or drawing of a person may be Personal Data to the extent the person may be recognized in and identified by the photograph or drawing, and medical or other healthcare information may be gleaned from any medical conditions, disorders or diseases are discussed or portrayed in the User Content, such as dietary restrictions. We may collect and use User Content and the Personal Data contained in the User Content to market our Services.
- Licensing Validation and Diagnostic Data: To validate, enforce, and support the use of our licensing terms and conditions, we may collect limited information from customer environments. This may include machine and user-level diagnostic data, which helps us identify unauthorized usage, monitor installation limits, and improve reliability. Examples of such data may include:
- Device information such as machine name, operating system version, and encrypted device identifiers
- User environment information including username and domain name
- Encrypted project or installation identifiers
- General location metadata
- Analytics: We may use third-party analytics tools to help us measure traffic and usage trends and other Non-Personal Data (as that term is defined in our Privacy Statement) for the Services. These tools collect information sent by your device or our Services, including the web pages you visit, add-ons, and other information that assists us in improving our Services. We collect and combine this analytics information with analytics information from other users so that it cannot be used to identify any particular individual user. One of the analytics tools we use is Google Analytics. For more information and steps you can take to control the collection and use of your data, see the “Controlling the Collection and Use of Your Data” section below.
- Use of Session Replay Tools: We (or our third-party vendors on our behalf) may collect certain categories of personal information from you when you interact with our Services through the use of session replay tools. Session replay is a tool that recreates your sessions from our websites or applications (including visual elements), giving us (or our third-party vendors on our behalf) a better understanding of how you interact with our Services to help maximize the customer’s experience. Session replay tools that we may utilize include, but are not limited to, video-like playback, error tracking integration, application performance monitoring (APM) integration, real user monitoring (RUM) session timeline, and speed controls. Depending on your interaction with our website (for example, chat functionality, submitting a “Contact Us” form, or other interaction), the categories of personal information we may also capture include, but are not limited to, name, phone number, email, mailing address, and other identifiers that you may provide. By interacting with our Services, you are consenting to us (or our third-party vendors on our behalf) capturing any interactions and any information (including personal information) you provide.
- Metadata: Metadata is usually technical data that is associated with other data, including User Content. For example, metadata can describe how, when and by whom an item of User Content was collected and how that User Content is formatted. Iron Software may collect and store metadata, including about each user’s public posts on the Services.
- Log Data: Our servers automatically record information ("log data”) created by your use of the Services. Log Data may include information such as your Internet Protocol (“IP”) address, browser type, operating system, the referring web page, pages visited, location, your mobile carrier, device identifier, application identifier, and advertising identifier, search terms, and cookie information. We receive log data when you interact with our Services, for example, when you visit our website, sign into our Services or interact with our email notifications. Iron Software uses log data to review how we provide our Services and to measure, customize, and improve the Services.
2. How We Store Your Information
We currently provide the Services from within the United States, and we store all User Content, including Personal Data, that we currently collect and retain on servers inside the United States.
Certain types of User Content you submit to us might reveal your gender, ethnic origin, nationality, age, religion, sexual orientation, or other Personal Data about you or others. By using our Services, or by submitting your personal information to us, you consent to the collection, storage, processing and onward transfer of your personal information as stated in the current version of this Privacy Statement and the current version of our other online documents, including the Terms of Service.
3. How We Use Your Information
We share and use your Personal Data in the following circumstances:
- To provide and maintain the Services: including to monitor the usage of our Services.
- To manage Your Account: to manage your registration as a user of the Services. The Personal Data You provide can give you access to different functionalities of the Services that are available to you as a registered user.
- To validate and improve the licensing experience: Data used for licensing validation and diagnostic information is collected securely and used only internally to validate and improve the licensing experience. It is never sold and is only shared when required for legal compliance or technical support.
- Opt-in with Your Consent: We may ask for your permission to share your Personal Data with other people and organizations outside of Iron Software, including to provide you with Services. As with any opt-in procedure, you are under no duty to agree to a request that you opt-in.
- Partners and Affiliates of Iron Software: We may share your Personal Data with Partners to sell and provide the Services and with our Iron Software affiliates (meaning entities controlled by, controlling or under common control with Iron Software).
Cookies:
General: Cookies are unique identifiers that we transfer to your device to enable our systems to recognize your device and to provide features and remember your personalization choices. We use cookies to make it easier to access and use our Services. Cookies are also used to display particular Content and to set session identifiers for visitors who voluntarily join user areas.
- Advertising: If your device permits analytics and advertising cookies, these identifiers can then be used to create a profile of your interests, which allows advertisers to display targeted ads that are more likely to be of interest to the individual. They are also used to limit the number of times an ad is shown and to help measure the effectiveness of advertising campaigns. Targeting cookies can also be used for retargeting, where ads for previously viewed products or services follow the user across different websites. The purpose of targeting cookies is to improve the effectiveness of online advertising by showing users ads that are more aligned with their preferences and interests.
Controlling the Collection and Use of Your Data.
Cookies: The help feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Additionally, you can disable or delete similar data used by browser add-ons, by changing the add-on's settings or visiting the website of its manufacturer. Because cookies allow you to take advantage of some of the Services’ essential features, we recommend that you leave them turned on.
- GPC: We honor general opt-out preference signals on users’ devices, such as Global Privacy Control (GPC). Several state privacy laws require that online platforms implement a “universal opt-out signal” such as GPC. More information about GPC is available at https://globalprivacycontrol.org/.
- DNT: The "Do Not Track" setting has been found to enable the fingerprinting of user devices, and companies have generally moved away from this standard. Therefore, we do not honor the “Do Not Track” setting on users’ devices.Global Privacy Control / Do not Track.
- Google: For more information on how to control Google's collection and use of your data, please visit Google's page, "How Google uses information from sites or apps that use our services". Google also provides an opt-out plugin for web browsers, located at: https://tools.google.com/dlpage/gaoptout/.
- Other Options to Limit Personalized Advertising: The Network Advertising Initiative (NAI) and the Digital Advertising Alliance (DAA) each enable you to opt out of receiving personalized advertising in the future from their member organizations. NAI’s opt-out page is located at: https://thenai.org/opt-out/. DAA’s opt-out page is located at: https://optout.aboutads.info/.
- Opt-out Email or Postal Address: If you supply us with your postal or email address you may receive periodic mailings from us with information on new products and services or upcoming events. If you do not want to receive such mailings, please let us know by sending an email to us at the “opt-out” address, below. We will remove your name from the list we use internally. Opting-out of these emails does not mean we remove your email from our system entirely, because we still retain your email addresses for other purposes.
- Required by Law: We may access, preserve and share your Personal Data in response to a legal request (like a search warrant, court order or subpoena). We may also access, preserve and share Personal Data when we have a good faith belief that it is necessary to: help to ensure security and integrity generally to the extent that your Personal Data is reasonably necessary and proportionate for those purposes; detect, prevent and address fraud and other illegal activity; to protect ourselves, you and others, including as part of investigations; and to prevent death or imminent bodily harm. Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies, or otherwise to prevent harm.
- Change of Control: If we sell or otherwise transfer part or the whole of Iron Software or our assets to another organization (e.g., a merger, acquisition, or reorganization), your Personal Data such as user name and email address, User Content and any other information collected through the Services may be among the items sold or transferred. You will continue to own your User Content, but the license you grant to us in the Terms may be transferred to others at Iron Software’s sole discretion.
- Non-Personal Data: We may share Non-Personal Data publicly and with publishers, researchers or connected sites. For example, we may share aggregated Non-Personal Data publicly to show trends about the general use of our Services. Non-Personal Data includes aggregated or collective information about multiple users that does not reflect or reference an individually-identifiable user.
- Other: In addition to some of the specific uses of information we describe in this Privacy Statement above, we may use Personal Data that we receive to:
- help you efficiently access your information after you sign in.
- remember information so you will not have to re-enter it during your visit or the next time you visit the Services.
- provide personalized Content and information to you and others, which, in the future, could include online ads or other forms of marketing.
- provide, improve, test, and monitor the effectiveness of our Services.
- develop and test new products and features.
- monitor metrics such as total number of visitors, traffic, and demographic patterns.
- diagnose or fix technology problems.
4. Your Right to Review, Request Changes, and Disclose Personal Data
Where required by applicable laws and regulations, each user may inspect and receive a copy of his or her Personal Data as stored in the Services. In rare circumstances, we may deny a request, and we may provide you with an explanation. If we deny your request, you may request a review by another professional, who will be chosen by Iron Software, and we will comply with the outcome of the review.
Subject to applicable laws and regulations, the Personal Data you provide to us remains completely under your control. If you believe the Personal Data we have is incorrect or incomplete, you may in writing request an amendment to your Personal Data. We will approve or deny each request, and notify you of our decision. If approved, we will amend the Personal Data. We will also make a reasonable effort to notify people to whom the Personal Data was released. In the case of a denial, we will provide the reason for the denial and instructions on how to appeal.
Any information or User Content that you voluntarily disclose for use of the Services, such as your user name, your Personal Data or other User Content, may become available to the public if you release it to other users or to the general public. Once you have shared your Personal Data or your User Content with other people, or otherwise made it public, that Personal Data and your User Content may be re-shared by others.
5. Changes to this Privacy Statement
We may modify our Privacy Statement from time to time on prior written notice sent to the email address we have for you. For any user who has not provided us with an email address, the revised Privacy Statement will become effective ten (10) calendar days after posting on the Services. If you choose not to be subject to a revised version of this Privacy Statement, then you may terminate your use of our Services.
6. Different Locations, Different Laws
The laws and regulations that address privacy rights and responsibilities (collectively, “Laws”) are different from one to another. Indeed, some of the Laws do or do not apply depending on different factors, including:
- Location or residence of the user.
- Location or residence of the individual that is the subject of the Personal Data (“Data Subject”).
- Location or residence of the person or organization that employs or contracts with the Data Subject.
- Location of each server or other machine where the Personal Data is received, stored, processed or forwarded to.
- Location of the relevant office of Iron Software or any company that processes Personal Data.
Several of the Laws that concern users and Iron Software are discussed in this Section, but these are not all of the Laws that may apply. In addition, if there is any conflict or ambiguity between the statements made in this Privacy Statement and an applicable Law, then the Law will control.
6.1 Consent to United States Law
All Personal Data and other data provided by users will be stored in the United States under United States law. Accordingly, United States law will apply to all users. All users consent to the application of the law of the United States in connection with the Services.
6.2 United States Federal and State Laws
Several of the federal Laws in the United States may apply to the Personal Data collected by us. Congress has passed several federal information privacy and security laws, while each state in the United States has passed and enforces information privacy and security laws that apply to data subjects, data, and businesses resident in that state. Currently, all Personal Data of Iron Software users is stored on servers and other machines physically located within the United States. From time to time, Personal Data may be moved between servers in the same location or may be moved to a different location. When we receive a verified request by a user, we will provide the user with information required by applicable laws regarding the location and storage of their Personal Data.
6.2.1 Children’s Online Privacy Protection Act (“COPPA”)
Currently, COPPA should not apply to the Services. Each user must be 18 years of age or older. As noted in this Privacy Statement, if we learn any user is under the age of 18 (“Minor User”), or if any parent or guardian contacts us, we will delete all information provided by the individual from our Services. Moreover, users of the Services are responsible and liable for compliance under COPPA and are prohibited from collecting, using, and/or disclosing personal information from and about children in connection with the use of the Services, or assisting any third party in doing so. If you are the parent or guardian of a Minor User, and you become aware that your Minor User has provided us with Personal Data or User Content, please contact us at legal@ironsoftware.com and we will delete the information or User Content.
6.2.2 Your Privacy Rights Under State Laws
This section supplements the information contained elsewhere in our Privacy Statement and applies to all visitors, users, and others (“consumers” or “you”). This notice of privacy rights has been adopted in order to comply with United States state and federal laws, and any terms defined in such laws have the same meaning when used in this notice. California residents: Please see our document titled Your California Privacy Rights for additional rights which may apply to you.
6.2.3 California: Rights of Minors
As stated in the section titled “Children’s Online Privacy Protection Act (“COPPA”)”, minors are not permitted to register to use our site. However, if you are under the age of 18, and a registered user of any site where this Privacy Statement is posted, California Business and Professions Code Section 22581 permits you to request and obtain removal of content or information you have publicly posted. Also, if you are a minor 16 years of age or older (whether you’re a registered user or not), you have the right to opt-out from the collection and sale of your Personal Data. To make such a request, please send an email or letter with a detailed description of the specific content or information to the addresses provided in the section below titled “How to Exercise Your Rights.” Please be aware that such a request does not ensure complete or comprehensive removal of the Content or information you have posted and that there may be circumstances in which the law does not require or allow removal, even if requested.
6.2.4 Specific Rights Under State Laws
Under several state privacy and data protection laws, residents of those states may have one or more of the following rights and may exercise these rights free of charge. Since these state laws are generally modeled on the GDPR, the following list mirrors the GDPR section below:
- Right to lawfulness, fairness and transparency: Requires that we follow these principles when processing your personal information
- Right to Access: Access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
- Right to Rectification: Require us to correct any mistakes in your information which we hold
- Right to Be Forgotten: Require the erasure of personal information concerning you in certain situations
- Right to Data Portability: Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- Right to Object to Direct Marketing: Object at any time to processing of personal information concerning you for direct marketing
- Right to Object to Automated Individual Decision Making: Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- Right to Restriction of Processing:
- Object in certain other situations to our continued processing of your personal information
- Otherwise restrict our processing of your personal information in certain circumstances
You may also have the right to claim compensation for damages caused by our breach of any data protection laws.
6.2.5 Rights Regarding Sensitive Data
Under state laws, you may have the right to opt-out of our processing Sensitive Personal Data, or the right to prevent our processing your Sensitive Personal Data without your affirmative consent. “Sensitive Personal Data” is defined differently by each state, but generally includes Personal Data relating to one or more of the following categories:
- Social security, driver's license, state identification card, or passport number.
- Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
- Precise geolocation.
- Racial or ethnic origin, religious or philosophical beliefs, or union membership.
- Genetic data.
- Biometric and health information.
- Information regarding a consumer's sex life or sexual orientation.
- Citizenship or immigration status
- Personal Data regarding a known Minor User.
6.3 Your Rights under the GDPR and UKDPA
If you are covered by the GDPR or by the United Kingdom Data Protection Act 2018 (“UKDPA”), you may have a number of important rights. In summary, those include:
- Right to lawfulness, fairness and transparency: Requires that we follow these principles when processing your personal information
- Right to Access: Access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
- Right to Rectification: Require us to correct any mistakes in your information which we hold
- Right to Be Forgotten: Require the erasure of personal information concerning you in certain situations
- Right to Data Portability: Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- Right to Object to Direct Marketing: Object at any time to processing of personal information concerning you for direct marketing
- Right to Object to Automated Individual Decision Making: Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- Right to Restriction of Processing:
- Object in certain other situations to our continued processing of your personal information
- Otherwise restrict our processing of your personal information in certain circumstances
You may also have the right to claim compensation for damages caused by our breach of any data protection laws.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation, available at: https://ico.org.uk/for- organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.
If you would like to exercise any of those rights, please:
- Email, call, or write to us
- Provide us enough information to identify you: account number, user name, registration details, order number
- Provide us proof of your identity and address (a copy of your driver’s license or passport and a recent utility or credit card bill)
- Provide us with the information to which your request relates including any account or reference numbers, if you have them.
If you make requests which are manifestly unfounded or excessive, we may charge a reasonable fee based on administrative costs, or may refuse to act on the request.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred. The EU maintains a website which you may use to locate your supervisory authority, at https://edpb.europa.eu/about-edpb/about-edpb/members
6.4 Use and Transfer of Your Information Out of the EEA
The Services are operated in the United States and third parties with whom we might share your personal information as explained above are located in the United States. If you are located in the European Economic Area (“EEA”) or elsewhere outside of the United States, please be aware that any information you provide will be transferred to the United States. By using the Services, participating in any of its services or providing your information, you consent to this transfer.
The United States and many other countries do not have the same data protection laws as the United Kingdom and EEA. While the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, if you live in the EEA or the United Kingdom, any transfer of your personal information will be subject to the derogation in Article 49 permitting non- repetitive transfers that concern only a limited number of data subjects, as permitted by Article 49 of the GDPR that is designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your Personal Data. If you would like further information, see “Contact Us” below.
7. Use of Email Addresses and Other Contact Information
We collect the email addresses of those who voluntarily provide them to us. You may receive subscription, editorial and other messages from the Services or from us. If you do not want to receive email from us in the future, please let us know at legal@ironsoftware.com.
8. How to Exercise Your Rights
If you would like to exercise any of your rights as described in this Privacy Statement, please:
- Complete a data subject request form available on our website;
- Call us toll-free at +1 (855) 515-3060;
- Email us at legal@ironsoftware.com.
9. Verifying Your Identity
If you choose to contact us directly, you will need to provide us with:
- Enough information to identify you (e.g., your full name, address and customer or matter reference number);
- Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and
- A description of what right you want to exercise and the information to which your request relates.
We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf. Any Personal Data we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.
10. Contact Us
If you have questions or concerns about this Privacy Statement, please contact us online at legal@ironsoftware.com.
11. Revision Date and History
This Privacy Statement was last revised: 4/10/2025 Prior versions of this Privacy Statement are listed below:
- 4/11/2021
- 4/10/2025
Appendix
California Privacy Rights
This notice to California residents supplements the Iron Software Privacy Statement and is provided under California law, including the California Consumer Privacy Act of 2018 (“CCPA”), as amended by the California Privacy Rights Act of 2020 (“CPRA”). Capitalized terms not defined in this document have the meaning stated in the Privacy Statement or the Terms of Service.
1. Your Privacy Rights
This notice supplements the Iron Software Privacy Statement and applies to all visitors, users, and others, who are California residents (“consumers” or “you”). Any terms defined in the CCPA have the same meaning when used in this notice. For further information about your rights under California’s privacy laws, please see California’s “Privacy and Data Security” website at https://oag.ca.gov/privacy or any website that supplements or replaces it.
The CCPA applies to “information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device,” which we refer to as “Personal Data” in this Privacy Statement.
You have the right under the CCPA and other privacy and data protection laws, as applicable, to exercise these rights free of charge:
1.1 Disclosure of Personal Data We Collect About You
You have the right to know:
- The categories of Personal Data we have collected about you, including sensitive Personal Data;
- The categories of sources from which the Personal Data is collected;
- Our business or commercial purpose for collecting, selling, or sharing Personal Data;
- The categories of third parties with whom we share Personal Data, if any; and
- The specific pieces of Personal Data we have collected about you.
Please note that we are not required to:
- Retain any Personal Data about you if, in the ordinary course of business, that information about you is not retained;
- Reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered Personal Data; or
- Provide the Personal Data to you more than twice in a 12-month period.
1.2 Disclosure of Personal Data Sold, Shared, or Disclosed for a Business Purpose.
In connection with any Personal Data we may sell, share, or disclose to a third party for a business purpose, you have the right to know:
- The categories of Personal Data about you that we sold or shared and the categories of third parties to whom the Personal Data was sold or shared; and
- The categories of Personal Data that we disclosed about you for a business purpose and the categories of persons to whom the Personal Data was disclosed for a business purpose.
- We have provided a list below with the type of information that you are entitled to receive upon request to us.
1.3 Disclosure of Personal Data to Third Party for Direct Marketing
If you are a California resident, California Civil Code Section 1798.83 permits you to request information regarding the disclosure of your Personal Data by us to third parties for the third parties’ direct marketing purposes. To make such a request, see the section “How to Exercise Your Rights,” below.
- Pursuant to California Civil Code Section 1798.83(c)(2), we do not share users’ Personal Data with affiliate companies or others outside Iron Software for those parties’ direct marketing use, if a user has exercised an option that prevents that information from being disclosed to third parties for those purposes.
1.4 Right to Opt-Out of the Sale or Sharing of Personal Data
You have the right to opt-out of the sale or sharing of your Personal Data. To do so, use this link or the link on our main page titled "Do Not Sell or Share My Personal Information"
1.5 Right to Limit Use and Disclosure of Sensitive Personal Data
You have the right to opt-out of the use and disclosure of your sensitive Personal Data for anything other than supplying requested goods or services. To do so, use this link or the link on our main page titled “Limit the Use of My Sensitive Personal Information.”
Under the CCPA, Sensitive Personal Data is personal information which reveals a consumer’s:
- Social security, driver's license, state identification card, or passport number.
- Account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account.
- Precise geolocation.
- Racial or ethnic origin, religious or philosophical beliefs, or union membership.
- Genetic data.
Also considered Sensitive Personal Data are:
- The contents of a consumer's mail, email, and text messages unless the business is the intended recipient of the communication.
- Biometric and health information.
- Information regarding a consumer's sex life or sexual orientation.
1.6 Right to Correction
You have the right to request correction of inaccurate Personal Data maintained by us about you. Upon receipt of a verifiable request from you, we will use commercially reasonable efforts to correct the inaccurate Personal Data.
1.7 Right to Deletion
Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:
- Delete your Personal Data from our records.
- Direct any service providers or contractors to delete your Personal Data from their records.
- Direct third parties to whom the business has sold or shared your Personal Data to delete your Personal Data unless this proves impossible or involves disproportionate effort.
In addition to the exceptions set forth in the Privacy Statement, please note that we may not delete your Personal Data if it is necessary to:
- Comply with the California Electronic Communications Privacy Act; or
- Enable solely internal uses that are reasonably aligned with your expectations based on your relationship with us and compatible with the context in which you provided the Personal Data.
1.8 Protection Against Discrimination
You have the right to not be discriminated against by us because you exercised any of your rights under the CCPA. This means we cannot, among other things:
- Deny goods or services to you;
- Charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
- Provide a different level or quality of goods or services to you; or
- Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
Please note that we may charge a different price or rate, or provide a different level or quality of goods or services to you, if that difference is reasonably related to the value provided to you by your Personal Data.
2. Categories of Information We Collect, Disclose for a Business Purpose, Share, or Sell.
The following list details categories of Personal Data and indicates whether we have collected this Personal Data in the past 12 months, the commercial or business purpose behind the collection, and whether the Personal Data was shared with, or sold to, a third party. If the Personal Data was shared with or sold to a third party, the list details categories of the third parties. Additionally, we can provide this information in connection with your own Personal Data upon written request from you.
A. Identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, social security number, driver’s license number, passport number, or other similar identifiers.
Collected: Yes. Business Purpose: Required in order to verify the user of the Services. Shared With or Sold to 3rd Party in Past 12 months?: No.
B. Personal information categories in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), including: Signature, social security number, physical characteristics or description, address, phone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information.
Collected: Yes. Business Purpose: Financial information is required when a User engages in financial transactions. Shared With or Sold to 3rd Party in Past 12 months?: No.
C. Characteristics of protected classifications under California or federal law, such as age, race, religion, military status. California provides a list of its classes at https://www.senate.ca.gov/content/protected-classes. The Federal EEOC provides a list of Federal classes at https://www.eeoc.gov/employers/small-business/3-who- protected-employment-discrimination. Collected: No.
D. Commercial information, including records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. Collected: No.
E. Biometric information. Collected: No.
F. Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website application, or advertisement.
Collected: Yes. Business Purpose: Improving the website’s functionality and ensuring security. Shared With or Sold to 3rd Party in Past 12 months? No.
G. Geolocation data. Collected: Yes. Business Purpose: Improving the website’s functionality and ensuring security. Shared With or Sold to 3rd Party in Past 12 months?: No.
H. Audio, electronic, visual, thermal, olfactory, or similar information. Collected: No.
I. Professional or employment-related information. Collected: No.
J. Education information, defined as information that is not publicly available personally identifiable information as defined in the Family Educational Rights and Privacy Act (20 U.S.C. section 1232g, 34 C.F.R. Part 99). Collected: No.
K. Inferences drawn from any of the information in the categories above to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, preferences, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. Collected: Yes. Business Purpose: Improving the website’s functionality and ensuring security. Shared With or Sold to 3rd Party in Past 12 months? No.
L. Sensitive personal information. Collected: No.
3. Why We Collect Your Personal Data
We use your Personal Data for the following reasons:
- Auditing related to a current interaction with the consumer and concurrent transactions, including, but not limited to, counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards;
- Detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible for that activity;
- Debugging our software and systems to identify and repair errors that impair existing intended functionality;
- Short-term, transient use, provided the Personal Data that is not disclosed to another third party and is not used to build a profile about a consumer or otherwise alter an individual consumer’s experience outside the current interaction, including, but not limited to, the contextual customization of ads shown as part of the same interaction;
- Performing services on behalf of the business or service provider, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing advertising or marketing services, providing analytic services, or providing similar services on behalf of the business or service provider;
- Undertaking internal research for technological development and demonstration; and
- Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.
4. Parties With Whom We Share Your Personal Data
We routinely share Personal Data with:
- our affiliates, including companies within our group;
- service providers and contractors whom we use to help deliver our goods and services to you, such as payment service providers, warehouses and delivery companies;
- other third parties we use to help us run our business, such as marketing agencies or website hosts;
- third parties approved by you, including social media sites you choose to link your account to or third-party payment providers;
- credit reporting agencies;
- our insurers and brokers; and
- our banks.
5. How to Exercise Your Rights
If you would like to exercise any of your rights as described in this Privacy Policy and Policy Statement, please:
- Complete a data subject request form available on our website;
- Call us toll-free at +1 (855) 515 3060
- Email us at legal@ironsoftware.com
Please note that you may only make a data access or data portability disclosure request twice within a 12-month period.
6. Verifying Your Identity
If you choose to contact us directly, you will need to provide us with:
- Enough information to identify you (e.g., your full name, address and customer or matter reference number);
- Proof of your identity and address (e.g., a copy of your driving license or passport and a recent utility or credit card bill); and
- A description of what right you want to exercise and the information to which your request relates.
We are not obligated to make a data access or data portability disclosure if we cannot verify that the person making the request is the person about whom we collected information, or is someone authorized to act on such person’s behalf. Any Personal Data we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification.
7. Contact Us
If you have questions or concerns about this Privacy Statement, please contact us online at legal@ironsoftware.com.
8. Revision Date and History
This Privacy Statement was last revised: 4/10/2025 Prior versions of this Privacy Statement are listed below: 4/11/2021