Last Updated: Dec 7, 2019
Basset and its licensors (collectively, “Basset”) is committed to protecting the privacy of individuals who visit our websites (“Visitors”), companies that subscribe to our Services (“Customers”) and individuals who use our Services via a Customer subscription (“Users”).
In this policy, the terms “we”, “us”, or “our” refer to Basset, and the terms “you” and “your” refer to Users, individually and collectively. The term “your company” refers to the Customer subscription through which a User accesses our Service. The term “Personal Information” means information about an identifiable individual.
1. Overview and Scope
Our Services are intended to be used by Customers (collectively, “Users”) to track, measure, manage and review visual regression differences on a continuous basis. We provide our Services via a subscription contracted with our Customers, and the information we collect in performance of those contracts is on behalf of and at the express instruction of our Customers. As a service provider, we require our Customers to ensure that they have obtained all authority to provide personal information to us in accordance with applicable privacy laws. We do not collect or use personal information of our Customers for any purpose other than to provide Services on behalf of our customers or as required by applicable law.
2. Types of Information We Collect and Use
2.1 Account Information
When you create or establish an account for the Services, we collect and store information about you based on information you or your company may provide, which may include your name, email address, your organization, a unique identifier, a profile picture, password, and any other information that may identify you individually. We use this information to set up your account, to give you the appropriate access and permissions, to communicate with you regarding your account, and otherwise for the provision of the Services on behalf of your company. We may also use your email address to send you updates in connection with the Services or Basset on behalf of your company.
2.2 Hosted Data
When you use and interact with the Services, any information that you post, upload, store, display, transmit, or submit on or through the Services will be collected and stored through your direct interactions with the Services as Hosted Data.
When you log in to, use and interact with the Service, we collect and store the information or content that you post, upload, store, display, transmit, or submit through the Service (collectively, “Hosted Data”). Except to the extent necessary to render the Services on behalf of your company or where required by applicable law, Basset does not access any Hosted Data. Basset only accesses the information to the extent necessary to provide the Services and any related support for the Services. By default most Hosted Data is public to other Users inside your organization using the Services. You are solely responsible for all Hosted Data that ou post, upload, store, display, transmit, or submit on the Services, including Personal Information, and the consequences thereof. Basset is not responsible and will not be liable for the Hosted Data you disclose while using the Services.
2.3 Third Party Integrations
When our Services are integrated with third party applications (“Third Party Integrations”), we may receive, collect, and store information via the applicable third party application, such as your user name, a unique user identifier, information you or your company have authorized such Third Party Integration to share (e.g., a set of artifacts in a tool, made available through the Integration), and related metadata for the purposes of facilitating the integration on behalf of your company.
2.4 Information Obtained from Third Party Authenticators
If you log in to the Services using a third party sign-in provider to authenticate your account for the Services (e.g., Github, GitLab or other SAML services) (“Third Party Authenticators”), we may receive, collect, and store information regarding your credentials for the applicable Third Party Authenticator, such as your user name, your email, your unique user identifier, profile picture, and other information you have authorized such Third Party Authenticator to share. This information is used for the purposes of creating and administering your account on behalf of your company.
2.6 Technical Data
We collect de-identified technical data about how Users interact with our systems. Basset may collect and use technical data about your session, application interactions, device, operating system, application software, and peripherals (collectively, “Technical Data”). We collect and use Technical Data to facilitate software updates, provide support, and continuously make improvements to the Services and our business. Basset may also aggregate the metadata and usage data of the Services, including Hosted Data, so that the resulting data and statistics are not personally identifiable to any individual User (“Aggregated Data”). We may collect and use Aggregated Data (i) for our own internal statistical analysis, (ii) to develop and improve the Services, (iii) to research trends and create predictive analysis; and (iv) to create and distribute aggregate reports and other materials regarding use of the Services.
2.7 Log Files
Basset uses log files on the server side. The data held in log files may include your IP address, browser type, e-mail application, Internet service provider (ISP), referring/exit websites, computer platform type, operating system, date/time stamp, and user activity. We use server log data to analyze trends in order to better understand use of the Services and to administer, manage and improve the Services. The software enabling the Services has associated temporary log files that are stored on Basset controlled servers, and these log files are copied into a third-party log aggregation tool. These logs may store your account information, preference settings, system notifications, and other data necessary to enable you to use the Services. Your information may also exist within regularly performed server backups. Our logs are retained for 90 days and our backups are retained for 30 days.
2.8 No Sensitive Personal Information
Basset does not intentionally collect or maintain, and we request that you do not post, upload, store, display, transmit, or submit Sensitive Personal Information on or through the Services. “Sensitive Personal Information” includes, but is not limited to, government-issued identification numbers, financial account numbers, credit or debit card numbers, consumer reports, financial information, background checks, biometric data, any code or password that could be used to gain access to personal accounts, or any information specifying medical and health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or the sex life of an individual.
We rely on our Customers to ensure that they have obtained all necessary authority and consent to provide Personal Information to us for the purposes of the Services and to not provide us with sensitive personal information. Customers are solely responsible for all information you post, upload, store, display, transmit, or submit on the Services, including Sensitive Personal Information, and the consequences thereof. Basset is not responsible for and will not be liable to you or another individual for any loss or damages you or another individual may experience due to your disclosure of Sensitive Personal Information while using the Services.
2.9 Questions and Inquiries
When you contact Basset, by email, written correspondence, telephone calls, web-based forms, or otherwise, any information that you provide in such forum may also be collected and stored by Basset in order to facilitate the provision of Services and any related support for the Services. You may be asked for information that identifies you (such as your name, address and a phone number) along with additional information we need to help us promptly answer your question or respond to your comment or complaint. We may also retain this information to assist you in the future and to improve our customer service, product and service offerings
2.10 Marketing Communications
If you submit your personal information to us through our website and consent to communication for the purpose of marketing, Basset will provide you with personalized communications regarding our products and services. For example, if you request a demo or fill out a “Contact Me” web form, we will use the information you provide us to contact you about your interest in our products and services. You can unsubscribe at any time by clicking the unsubscribe in any of our emails.
3. Website Information
When you use and interact with the Services, we use “cookies” or other similar technologies to collect and store information related to your access to or use of the Services. A cookie is a small piece of information that a website can store on your device for later retrieval. We place a cookie on your hard drive or in “local storage”, a feature of your browser, to retain information locally regarding your usage. Cookies are used to manage authentication/login, provide analytics, remember your preferences, and otherwise monitor the functionality of and improve the Services. You may set your web browser to notify you when you receive a cookie or to not accept certain cookies. However, if you decide not to accept cookies from our website, you may not be able to take advantage of all of the features of our websites.
Our websites may also use a technology called “tracer tags” or “Web Beacons”. This technology allows us to understand which pages you visit on our website. These tracer tags are used to help us optimize and tailor our website for you and other future visitors to our website.
We may use a third party such as Google Analytics to help us gather and analyze information about the areas visited on the websites (such as the pages most read, time spent, search terms and other engagement data) in order to evaluate and improve the user experience and the convenience of the websites.
4. How We Transfer and Disclose Information
4.1 Limitations of Use and Disclosure
Your personal information may be transferred (or otherwise made available) to our affiliates and other third parties who provide services on our behalf (e.g., email services, cloud computing services, data storage facilities, mailing services, logging, hosting, advertising and analytics services, payment processing). Our service providers are given the information they need to perform their designated functions, and are not authorized to use or disclose personal information for their own marketing or other purposes.
Legal and Compliance
We and our Canadian, US and other service providers may provide your personal information in response to a search warrant or other legally valid inquiry or order, or to another organization for the purposes of investigating a breach of an agreement or contravention of law or detecting, suppressing or preventing fraud, or as otherwise required or permitted by applicable Canadian, US or other law or legal process. Your personal information may also be disclosed where necessary for the establishment, exercise or defence of legal claims and to investigate or prevent actual or suspected loss or harm to persons or property
Sale of Business
Personal information may be provided to third parties in connection with an acquisition, debt financing, divestitures, financing, merger or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of Basset or as part of a corporate reorganization or stock sale or other change in corporate control, including for the purpose of determining whether to proceed or continue with such transaction or business relationship
4.2 International Transfer of Information Collected
Basset operates out of Canada and stores information with service providers located in the United States. Your Personal Information may be maintained and processed by us, our affiliates and other third-party service providers in Canada, the United States or other jurisdictions where our service providers are located.
4.3 Third Party Websites
6. Security Measures
We take your privacy and data security very seriously and strive to maintain the security of all Personal Information. Basset maintains appropriate physical, technical, and administrative safeguards to protect against loss, misuse, and unauthorized access, use, disclosure, modification, or destruction of Personal Information, including Hosted Data, in our custody and control. However, no website or transmission of information over the internet or common carrier lines is guaranteed to be completely secure, and we cannot guarantee that unauthorized access, hacking, data losses, or other breaches will never occur.
Basset servers are managed and located at a third-party Infrastructure-as-a-Service (IAAS) provider, and we have taken commercially reasonable steps to choose a qualified IAAS provider that operates according to industry standard terms of service and data security protocols. Basset uses commercially reasonable efforts to store and encrypt Personal Information in a secure location, encrypt passwords, and utilize a minimum of 128-bit Secure Socket Layer (SSL) certificates to protect transactions to and from the Services.
You will access and use the Services via a registered user account, which is also protected by a password for your privacy and security. You are responsible and liable for safeguarding your account and password that you use to access the Services, and for all activities or actions that occur under your account. You should take measures to prevent unauthorized access to your account and your information by selecting and protecting your password appropriately and limiting access to your computer (or other device) and browser by signing off after you have finished accessing your account. If you choose to authenticate your account through a Third-Party Authenticator, the security and privacy of your account is subject to the policies of such Third Party Authenticator and we have no liability for the applicable Third Party Authenticator’s security and privacy practices.
6. Access to Personal Information
If we receive a request from an individual to access, correct, update or delete Personal Information we have collected on behalf of a particular Customer in the course of providing the Services, we will direct that individual to the relevant Customer.
Basset will work with the tool administrators at your company to respond in a timely manner to all reasonable written requests to view, modify, or delete Personal Information, subject to applicable law.
If you submit Personal Information via our Website or otherwise directly provide us with Personal Information, you may request access, updating or correction of your personal information (subject to limited exceptions prescribed by law) by submitting a written request to us at the contact information below. We may request certain personal information for the purposes of verifying your identity.
9. Contact Basset
Basset can be contacted at: