Last Updated: October 7th, 2018
CUSTOMER ACKNOWLEDGMENT AND UPDATES
All personal data that is collected and used will be processed in compliance with the General Data Protection Regulation and other EU and Swiss data protection requirements for the European Economic Area (“EEA”). Users from the EEA please review the sections for EEA users below.
INFORMATION WE MAY COLLECT
1. Information You Provide to Us.
Information of this type (“Personal Data”) is information that can be used to personally identify. This information includes:
Registration Information. When you sign up for an account or use the Services, you give us your name, email address, phone number, credit card information, business information, and any other information deemed relevant. If you decide to sign up for the Services through your place of business or through a third party account, we will also get basic information from that third party profile, which may include like your name, gender, profile photo, and contacts.
Survey, Profile, and Additional Information. Information you provide when you complete a survey, update your dashboard, or provide additional information related to the Services through our online platform or another channel. If you provide additional survey information you may share information and facts about yourself. Filling out a survey is optional, and you can share as little or as much as you want.
Payment Method. If you add a credit card or payment method to your account, a third party that handles payments for us will receive your card information. To keep your financial data secure, we do not store full credit card information on our servers, but we keep information sufficient to track payments and transactions through the Website.
Communications. If you contact us directly, we may receive additional information about you. For example, when you contact our customer support team, we will receive your name, email address, phone number, the contents of a message or attachments that you may send to us, and other information you choose to provide.
2. Information We Collect When You Use the Website.
As is true of most websites, we automatically collect certain information when you visit our Website. Information of this type (“Traffic Data”) is anonymous information that does not personally identify you but is helpful for us to improve the business performance and user experience of the Website.
This information includes:
Location information. This is the geographic area where you use your computer and mobile devices (as indicated by an Internet Protocol “IP” address or similar identifier) when interacting with our Website, software, and/or Services. We may collect precise location data from your device when the app is running in the foreground or background. If you label certain locations, such as “home” or “work,” we receive that information too. Your location information is necessary in order for us to provide the Services.
Log data. As with most websites and technology services delivered over the internet, our servers automatically collect data when you access or use our Website, software, and/or Services and record it in log files. This log data may include the IP address, browser type and settings, the date and time of use, information about browser configuration, language preferences, and cookie data.
Usage information. This is information about the Website or Services you use and how you use them. We may also obtain data from our third-party partners and service providers to analyze how users use our Website and Services. For example, we will know how many users access a specific page on the Website and which links they clicked on, information they entered, and related user data. We use this aggregated information to better understand and optimize the Website.
Device information. These are data from your computer or mobile device, such as the type of hardware and software you are using (for example, your operating system and browser type), the application installations, operating system, phone carrier and manufacturer, mobile advertising identifiers, push notification tokens, as well as unique device identifiers for devices that are using our software.
Cookies. Data obtained from cookies are described in the section titled Cookie and Traffic Data below.
LINKS TO OTHER WEBSITES
Our Website may contain links to other websites or partner organizations that may provide benefits or information. We are not responsible for their privacy practices or information collected. We encourage you to learn about the privacy policies of those organizations when you visit those sites.
HOW DOES COMMUTIFI USE MY PERSONAL DATA
We use, process, and store your information as necessary to perform our contract with you and for our legitimate business interests, including:
to help us administer our Website and Services, authenticate users for security purposes, provide personalized user features and access, process transactions, conduct research, develop new features, and improve the features, algorithms, machine learning, predictive models, and usability of our Website or Services.
to communicate with you about your use of our Website, product announcements, and software updates, as well as respond to your requests for assistance, including providing account verification support if you’re having difficulty accessing your account.
to communicate with any of your affiliated organizations and entities that provide commuter services through our Website and Services in order for us to assist the organizations, entities, and individual users with and provide the Website and Services.
to send you direct marketing emails and special offers through our Website or email, from which you can unsubscribe at any time. For more information, please see the section entitled, “How do email communications work?” If you are located in the European Economic Area, we will only send you marketing information if you consent to us doing so at the time you create your account or any point thereafter.
to display user content and information associated with your account and make sure it is available to you when you use our Services.
to administer the commuter and other planning information related to the data you have entered in order to serve you and connect you with related services.
COOKIE AND TRAFFIC DATA?
We do not control these third parties’ tracking technologies or how they may be used. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION.
IS MY PERSONAL DATA KEPT CONFIDENTIAL?
Service Providers. We use service providers who assist us in meeting business operations needs, including hosting, delivering, and improving our Services. For more information see the section on, “Who Has Access to my client’s Personal Data below.” We also use service providers for specific services and functions, including email communication, customer support services, and analytics. These service providers may only access, process, or store Personal Data pursuant to our instructions and to perform their duties to us.
Consent. We have your explicit consent to share your Personal Data.
Law Enforcement. Occasionally we may be required by law enforcement or judicial authorities to provide Personal Data to the appropriate governmental authorities. We will disclose Personal Data upon receipt of a court order, subpoena, or to cooperate with a law enforcement investigation. We fully cooperate with law enforcement agencies in identifying those who use our Services for illegal activities. We reserve the right to report to law enforcement agencies any activities that we in good faith believe to be unlawful.
Safety. We determine that the access, preservation, or disclosure of your Personal Data is required by law to protect the rights, property, or our personal safety and that of users of our Website, or to respond to lawful requests by public authorities, including national security or law enforcement requests.
Governments, Marketing, and Other Organizations. We may provide general location data (e.g., the city, or the state, in which a device is located) and information about your commute, surveys, individual trip data, or usage history to third parties that want to use the data to provide and create new solutions, subsidies and programs. This general data may be used to provide you with marketing opportunities to participate in these programs and improve commute times, experiences, etc. Unless we have your permission, we will only provide such parties with non-personally identifiable information. In other words, while this information may be provided in conjunction with a randomly assigned number, or a number assigned to your account, it will not be provided in conjunction with your name.
Enterprise Partners. If you participate in an enterprise program and provide information regarding your commute to your organization, we will provide your organization’s account holder with information about your use of the Website and Services, including commuter details such as date, time, amount, and pick up and drop off locations. If you create a business profile, we will provide that information as well. If you change organizations, it is your responsibility to update your business profile with the new information. (Please remember to check and set your designation settings accordingly.) If you integrate your account with an expense platform we will share the details to your expense account.
HOW SECURE IS MY INFORMATION?
Please keep in mind that while we take reasonable precautions to safeguard your Personal Data no amount of protection can guarantee its security. Unfortunately, no data transmission over the Internet or any wireless network can be guaranteed to be 100% secure. As a result, while we strive to protect your Personal Data, you acknowledge that: (a) there are security and privacy limitations of the Internet which are beyond our control; (b) the security, integrity and privacy of any and all information and data exchanged between you and us through this site cannot be guaranteed; and (c) any such information and data may be viewed or tampered with in transit by a third party.
To safeguard against unauthorized access to Personal Data by third parties, all electronic Personal Data we hold is maintained on systems that are protected by up-to-date secure network architectures that contain firewalls and intrusion detection devices. The Personal Data saved in servers is “backed up” (i.e. the data are recorded on separate media) to avoid the consequences of any inadvertent erasure, destruction or loss otherwise. The servers are stored in facilities with high security, access restricted to unauthorized personnel, fire detection and response systems. We employ reasonable physical and administrative safeguards to protect your Personal Data.
If we learn of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us or by posting a notice on the Website. Depending on where you live, you may have a legal right to receive such notices in writing.
HOW DO EMAIL COMMUNICATIONS WORK?
We send out various emails to clients and others who interact with the Website, such as emails about new blog posts, product releases or special events or promotions (“Marketing Emails”). Users that register with the Website will automatically be subscribed to receive certain Marketing Emails. Aside from those registering with the Website, you must opt in to receive Marketing Emails.
Marketing Emails contain an unsubscribe option which you can follow at any point if you wish to stop receiving some or all of the Marketing Emails. If you have received our Marketing Emails mistakenly, or wish to stop receiving them, you can also contact us at and we will remove you from our list.
For EEA users: We only send marketing communications to users located in the EEA with your prior consent. Please see the section “For EEA users” below.
CHOICES ABOUT HOW WE USE AND DISCLOSE YOUR INFORMATION
We strive to provide you with choices regarding the personal information you provide to us. We have created mechanisms to provide you with the following control over your information:
Disclosure of Your Information for Third-Party Advertising. If you do not want us to share your personal information with unaffiliated or non-agent third parties for promotional purposes, you can opt-out by emailing us at [email protected]
Promotional Offers from the Company. If you do not wish to have your contact information used by the Company to promote our own or third parties’ products or services, you can opt-out by sending us an email stating your request to [email protected] If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions. This opt out does not apply to information provided to the Company as a result of a product purchase, warranty registration, Service experience or other transactions.
Targeted Advertising. If you do not want us to use information that we collect or that you provide to us to deliver advertisements according to our advertisers’ target-audience preferences, you can opt-out by emailing us at [email protected]
HOW LONG WILL WE HOLD YOUR DATA?
HOW CAN I DELETE OR CORRECT MY PERSONAL DATA?
If you have created a profile and provided information through the Website, you can update your information by clicking on “Account Settings” which is accessible at the top of your screen once you’ve logged in. You can update and remove some your Personal Data from the Website at any time by logging into your account, accessing the “Account Settings” page, and then deleting your account. If you would like to update your information on the Website and Services please contact us directly at [email protected]
FOR EEA USERS
WHAT RIGHTS DO EEA USERS HAVE, AND HOW TO EXERCISE THEM?
Individuals located in the EEA have certain rights in respect to their personal information, including the right to access, correct, or delete Personal Data we process through your use of the Website. If you’re a user based in the EEA, you can:
Request a Personal Data report by submitting an email to [email protected] This report will include the Personal Data we have about you, provided to you in a structured, commonly used, and portable format. Please note that we may request additional information from you to verify your identity before we disclose any information.
Have your Personal Data corrected or deleted. Some Personal Data can be updated by you: You can update your name and email address, as well as language preference, through your individual account settings. You can also remove your Personal Data from our Website by deleting your account.
Object to us processing your Personal Data. You can ask us to stop using your Personal Data, including when we use your Personal Data to send you marketing emails. We only send marketing communications to users located in the EEA with your prior consent, and you may withdraw your consent at any time by clicking the “unsubscribe” link found within our emails and changing your contact preferences. Please note you will continue to receive transactional messages related to our Services, even if you unsubscribe from marketing emails.
Complain to a regulator. If you’re based in the EEA and think that we haven’t complied with data protection laws, you have a right to lodge a complaint with your local supervisory authority.
CALIFORNIA PRIVACY RIGHTS
California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email to or write us at: PO Box 1070, Boulder, Colorado 80306.
WHAT DO I DO IF MY DATA IS LOST OR STOLEN?
If you know, or suspect, that your credit card, user name, or password has been lost, stolen or used without your authorization you need to contact us immediately ([email protected]). Upon notification, we will take reasonable steps to mitigate any damage, which may have been caused. You are responsible for the safety and security of your user name and password. You should logout after each session you have with the Website and you shouldn’t share this information.
CAN CHILDREN USE THIS WEBSITE?
Our Website is not intended for children under 13 years of age. No one under age 13 may provide any information to or on the Website. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Website or on or through any of its features/register on the Website, make any purchases through the Website, use any of the interactive or public comment features of this Website or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at [email protected]