Unlock the power of cash
Accelerate your cash flow today.
Effective April 19, 2022
You can view our GDPR statement here
Where we provide the Services under contract with an organization (for example your employer) that organization may be the “controller” of the Personal Information processed by the Services. For more information, please see Notice to End Users below.
Personal Information or Personal Data refers to any information relating to an identified or identifiable natural person.
We collect Personal Information from you when you contact us regarding our Services, register on our site for support services, subscribe to our newsletter or webinar series, register for or attend our events, ask to be included on an email or other mailing list, participate in an online forum, blog, or voluntary survey, download content or fill out a form. We may collect all or some of the following information: name, email address, phone number, company name, title, department, country and/or industry. Alternatively, you may visit our site anonymously. Any data we request that is not required will be specified as voluntary or optional.
We may provide you the opportunity to participate in surveys on our site. If you participate, we will request certain personally identifiable information from you. Participation in these surveys is completely voluntary and you therefore have a choice whether or not to disclose this information. The requested information typically includes contact information such as name, email, and phone number, and demographic information such as job title, income, location, and company size.
We use this information to send notice(s) to you, monitor site traffic, personalize the site, send participants email newsletter(s), and better understand our customers and prospects. We may use a third-party service provider to conduct these surveys; that company will be prohibited from using our users’ personally identifiable information for any other purpose. We will not share the personally identifiable information you provide through a survey with other third parties unless we give you prior notice and choice.
When you use any of the Taulia hosted services, such as Electronic Invoicing or Working Capital Management, we collect information about you when you input it into the Services or otherwise provide it directly to us.
Account and Profile Information: We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the Services. For example, you provide your contact information and, in some cases, billing information when you register for the Services. You also have the option of adding job title, and other details to your profile information to be displayed in our Services. We keep track of your preferences when you select settings within the Services.
Content you provide through our products: The Services include the Taulia products you use, where we collect and store content that you post, send, receive and share. This content includes any information about you that you may choose to include, such as business contact information, and remittance information to be used by your customers. Content also includes the files and links you upload to the Services.
Information you provide through our support channels: The Services also include our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service. Whether you designate yourself as a technical contact, open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, so that we can update you on the status of your support request or seek further information that would be helpful in resolving the issue.
Your use of the Services: We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use; the links you click on; your election of invoicing or early payment options, and the type, size and filenames of attachments you upload to the Services.
Device and Connection Information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience. How much of this information we collect depends on the type and settings of the device you use to access the Services.
We receive information about you from other Service users, from third-party services, from our related companies, from your customers, and our business and channel partners.
Other users of the Services: Other users of our Services, including your customers, or your employer, may provide information about you when they submit content through the Services. We also receive your email address from other Service users when they provide it in order to invite you to the Services. Similarly, an administrator may provide your contact information when they designate you as the billing, technical, or other contact on your company’s account.
Taulia Partners: We work with a global network of partners who help us to market and promote our products, generate leads for us, and resell our products. We receive information from these partners, such as billing information, billing and technical contact information, company name, what Taulia products you have purchased or may be interested in, evaluation information you have provided, what events you have attended, and what country you are in.
Other Partners: We receive information about you and your activities on and off the Services from third-party partners, such as advertising and market research partners who provide us with information about your interest in and engagement with, our Services and online advertisements.
How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.
To market, promote and drive engagement with the Services: We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email. These communications are aimed at driving engagement and maximizing what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you.
For safety and security: We use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.
To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
With your consent: We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.
Legal bases for processing (for EEA and Brazilian users)
If you are an individual in the European Economic Area (EEA) or Brazil, we collect and process information about you only where we have legal bases for doing so under applicable EU or Brazilian law. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
Taulia Partners: We work with third parties who provide consulting, sales, and technical services to deliver and implement customer solutions around the Services. We may share your information with these third parties in connection with their services.
In cases of onward transfer to third parties of data of EEA, Swiss or Brazilian individuals, this is only done pursuant to the contractual arrangements we have with these third parties in accordance with applicable law.
Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our products and services, (d) protect Taulia, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
If Taulia is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
The security of your Personal Information is important to us. We use data hosting service providers in the United States and the European Union to host the Personal Information we collect, and we use technical measures to secure your data. These security measures include: password protected directories and databases to safeguard your information and PCI Scanning to actively protect our servers from hackers and other vulnerabilities. Taulia is also backed by security controls designed to protect your data, and we undergo an annual SSAE18 audit, resulting in SOC1/SOC2 Type 2 audit reports.
We implement these safeguards to protect your information, but no security system is impenetrable, and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. Please contact us at sec[email protected] with questions regarding our security measures.
You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to your email communications at all times.
We will retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. How long we keep the information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
Account information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. Personal Data associated with transactions on the Taulia Platform is retained for the period of time legally required for audit purposes, typically 7-10 years, depending on the applicable law.
We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.
Information you share on the Services: If your account is deactivated or disabled, some of your information and the content you have provided will remain in order to allow your team members or other users to make full use of the Services. For example, we continue to display messages you sent to the users that received them and continue to display content you provided.
Managed accounts: If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account.
Marketing information: We retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your Taulia account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
We collect information globally and primarily store that information at hosted data centers in the United States and European Union. We transfer, process and store your information outside of your country of residence, as required for Taulia or our third-party service providers to provide you the Services. Whenever we transfer your information, we take steps to protect it.
On July 16th, 2020, the CJEU has declared the EU-US Privacy Shield an invalid mechanism for transferring personal data from the E.U. to the U.S. To the extent that Taulia has relied on the EU-US Privacy Shield as the mechanism to transfer personal data across borders, Taulia will be converting to use of the EU Standard Contractual Clauses, or another approved transfer mechanism as a replacement for the EU-US Privacy Shield. In the meantime, Taulia intends to continue to maintain its status and compliance with the EU-US Privacy Shield Principles.
Under the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Framework, we are responsible for the processing of information about you we receive from the EU or Switzerland and onward transfers to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for such onward transfers and remain liable in accordance with the Privacy Shield Principles if third-party agents that we engage to process such information about you on our behalf do so in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage. We are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
We encourage you to contact us as provided below should you have a Privacy Shield-related (or general privacy-related) complaint. You may also contact your local data protection authority within the European Economic Area or Switzerland for unresolved complaints.
Under certain conditions, more fully described on the Privacy Shield website, including when other dispute resolution procedures have been exhausted, you may invoke binding arbitration. Please see “To Raise a Complaint,” and “How to access and control your information,” below.
You have the right to access your Personal Information. We provide you the opportunity to “opt-out” of having your information used for certain purposes or to unsubscribe from receiving future emails, when we ask for the information. If you no longer wish to receive emails, our newsletter and other promotional communications, you may opt-out of receiving them by following the detailed unsubscribe instructions at the bottom of each email or communication or by emailing us at [email protected].
If your Personal Information changes, to request removal of your personal information from our blog or community forum, or if you no longer desire our service, you may correct, update, amend, delete/deactivate it by emailing our Customer Support at [email protected] or by contacting us by telephone or postal mail at the contact information listed below. We will respond to your request to access within 30 days (or 15 days for users subject to Brazilian laws).
Your rights in relation to Personal Information and how to exercise them (for EEA and Brazilian users)
Under certain circumstances EEA and Brazilian users have the following rights:
If you wish to exercise any of the rights set out above, please contact us. You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
What we may need from you. We may need to request specific information from you to help us confirm your identity and right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time limit to respond. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Taulia Privacy Coordinator
95 Third Street #284
(415) 376 8280
According to the GDPR, you have the right to lodge a complaint with a supervisory authority. However, we recommend that you always first address a complaint to the Taulia Privacy Coordinator ([email protected]) so that we can resolve your concern as quickly as possible and in a customer-oriented manner. Taulia will take steps to remedy any issues arising out of a failure to comply with the the General Data Protection Regulation. If the complaint cannot be resolved through Taulia’s internal processes, it will be referred to Judicial Arbitration and Mediation Services, Inc., (JAMS) under the JAMS International Mediation Rules, which are accessible on the JAMS website at https://www.jamsadr.com/eu-us-privacy-shield/. JAMS mediation may also be commenced as provided for in the JAMS International Mediation Rules. Finally, you will also have the possibility to invoke binding arbitration under certain conditions.
Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your Personal Information to outside parties without your consent.
The Children’s Online Privacy Protection Act (“COPPA”) took effect on April 21, 2000, and imposes certain requirements on Services directed toward children under the age of 13 that collection information on those children, or on Services that know they are collecting personally identifiable information on children under the age of 13. We are in compliance with the requirements of COPPA and we do not knowingly collect any information from anyone under the age of 13. Our website, products and services are all directed to people who are at least 13 years old or older. If we find that we have collected information from a child under age 13, we will delete that information immediately.
We have taken the necessary steps to ensure that we are compliant with the CAN-SPAM Act of 2003.
The English version of this policy shall govern in the event of any conflict or substantive translation changes into a non-English language.
Our services and products are intended for use by businesses. Where the Services are made available to you through an organization (e.g. your employer), that organization is the administrator of the Services, is responsible for the accounts, and ultimately for your use of the Services. In such circumstances, the only Personal Information held in the Services for most end users will be the user’s name and email address at the organization’s domain name. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organization’s policies. We are not responsible for the privacy or security practices of an administrator’s organization, which may be different than this policy.
Please contact your organization or refer to your administrator’s organizational policies for more information.
Accelerate your cash flow today.