Last Updated: Dec 7, 2019
Basset and its licensors (collectively, “Basset”) is committed to protecting the privacy of individuals who visit our websites (“Visitors”), companies that subscribe to our Services (“Customers”) and individuals who use our Services via a Customer subscription (“Users”).
In this policy, the terms “we”, “us”, or “our” refer to Basset, and the terms “you” and “your” refer to Users, individually and collectively. The term “your company” refers to the Customer subscription through which a User accesses our Service. The term “Personal Information” means information about an identifiable individual.
1. Overview and Scope
This Privacy Policy applies to the Basset website located at https://www.basset.io, any related Basset websites and domains, Basset’s mobile applications, and any of the products or services owned, operated, or controlled by Basset, including without limitation, the Basset Software Services (collectively, the “Services”) located at https://app.basset.io.
Our Services are intended to be used by Customers (collectively, “Users”) to track, measure, manage and review visual regression differences on a continuous basis. We provide our Services via a subscription contracted with our Customers, and the information we collect in performance of those contracts is on behalf of and at the express instruction of our Customers. As a service provider, we require our Customers to ensure that they have obtained all authority to provide personal information to us in accordance with applicable privacy laws. We do not collect or use personal information of our Customers for any purpose other than to provide Services on behalf of our customers or as required by applicable law.
This Privacy Policy describes our privacy practices, such as the information we may collect, how we may collect this information, how we may use and disclose this information, who we might share this information with, the security measures utilized to secure this information, and how to contact us with any inquiries related to your information. This Privacy Policy is incorporated into the Master Subscription Agreement or other agreement entered into between Basset and the Customer.
2. Types of Information We Collect and Use
2.1 Account Information
When you create or establish an account for the Services, we collect and store information about you based on information you or your company may provide, which may include your name, email address, your organization, a unique identifier, a profile picture, password, and any other information that may identify you individually. We use this information to set up your account, to give you the appropriate access and permissions, to communicate with you regarding your account, and otherwise for the provision of the Services on behalf of your company. We may also use your email address to send you updates in connection with the Services or Basset on behalf of your company.
2.2 Hosted Data
When you use and interact with the Services, any information that you post, upload, store, display, transmit, or submit on or through the Services will be collected and stored through your direct interactions with the Services as Hosted Data.
When you log in to, use and interact with the Service, we collect and store the information or content that you post, upload, store, display, transmit, or submit through the Service (collectively, “Hosted Data”). Except to the extent necessary to render the Services on behalf of your company or where required by applicable law, Basset does not access any Hosted Data. Basset only accesses the information to the extent necessary to provide the Services and any related support for the Services. By default most Hosted Data is public to other Users inside your organization using the Services. You are solely responsible for all Hosted Data that ou post, upload, store, display, transmit, or submit on the Services, including Personal Information, and the consequences thereof. Basset is not responsible and will not be liable for the Hosted Data you disclose while using the Services.
2.3 Third Party Integrations
When our Services are integrated with third party applications (“Third Party Integrations”), we may receive, collect, and store information via the applicable third party application, such as your user name, a unique user identifier, information you or your company have authorized such Third Party Integration to share (e.g., a set of artifacts in a tool, made available through the Integration), and related metadata for the purposes of facilitating the integration on behalf of your company.
2.4 Information Obtained from Third Party Authenticators
If you log in to the Services using a third party sign-in provider to authenticate your account for the Services (e.g., Github, GitLab or other SAML services) (“Third Party Authenticators”), we may receive, collect, and store information regarding your credentials for the applicable Third Party Authenticator, such as your user name, your email, your unique user identifier, profile picture, and other information you have authorized such Third Party Authenticator to share. This information is used for the purposes of creating and administering your account on behalf of your company.
2.6 Technical Data
We collect de-identified technical data about how Users interact with our systems. Basset may collect and use technical data about your session, application interactions, device, operating system, application software, and peripherals (collectively, “Technical Data”). We collect and use Technical Data to facilitate software updates, provide support, and continuously make improvements to the Services and our business. Basset may also aggregate the metadata and usage data of the Services, including Hosted Data, so that the resulting data and statistics are not personally identifiable to any individual User (“Aggregated Data”). We may collect and use Aggregated Data (i) for our own internal statistical analysis, (ii) to develop and improve the Services, (iii) to research trends and create predictive analysis; and (iv) to create and distribute aggregate reports and other materials regarding use of the Services.
2.7 Log Files
Basset uses log files on the server side. The data held in log files may include your IP address, browser type, e-mail application, Internet service provider (ISP), referring/exit websites, computer platform type, operating system, date/time stamp, and user activity. We use server log data to analyze trends in order to better understand use of the Services and to administer, manage and improve the Services. The software enabling the Services has associated temporary log files that are stored on Basset controlled servers, and these log files are copied into a third-party log aggregation tool. These logs may store your account information, preference settings, system notifications, and other data necessary to enable you to use the Services. Your information may also exist within regularly performed server backups. Our logs are retained for 90 days and our backups are retained for 30 days.
2.8 No Sensitive Personal Information
Basset does not intentionally collect or maintain, and we request that you do not post, upload, store, display, transmit, or submit Sensitive Personal Information on or through the Services. “Sensitive Personal Information” includes, but is not limited to, government-issued identification numbers, financial account numbers, credit or debit card numbers, consumer reports, financial information, background checks, biometric data, any code or password that could be used to gain access to personal accounts, or any information specifying medical and health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or the sex life of an individual.
We rely on our Customers to ensure that they have obtained all necessary authority and consent to provide Personal Information to us for the purposes of the Services and to not provide us with sensitive personal information. Customers are solely responsible for all information you post, upload, store, display, transmit, or submit on the Services, including Sensitive Personal Information, and the consequences thereof. Basset is not responsible for and will not be liable to you or another individual for any loss or damages you or another individual may experience due to your disclosure of Sensitive Personal Information while using the Services.
2.9 Questions and Inquiries
When you contact Basset, by email, written correspondence, telephone calls, web-based forms, or otherwise, any information that you provide in such forum may also be collected and stored by Basset in order to facilitate the provision of Services and any related support for the Services. You may be asked for information that identifies you (such as your name, address and a phone number) along with additional information we need to help us promptly answer your question or respond to your comment or complaint. We may also retain this information to assist you in the future and to improve our customer service, product and service offerings
2.10 Marketing Communications
If you submit your personal information to us through our website and consent to communication for the purpose of marketing, Basset will provide you with personalized communications regarding our products and services. For example, if you request a demo or fill out a “Contact Me” web form, we will use the information you provide us to contact you about your interest in our products and services. You can unsubscribe at any time by clicking the unsubscribe in any of our emails.
3. Website Information
3.1 Cookies
When you use and interact with the Services, we use “cookies” or other similar technologies to collect and store information related to your access to or use of the Services. A cookie is a small piece of information that a website can store on your device for later retrieval. We place a cookie on your hard drive or in “local storage”, a feature of your browser, to retain information locally regarding your usage. Cookies are used to manage authentication/login, provide analytics, remember your preferences, and otherwise monitor the functionality of and improve the Services. You may set your web browser to notify you when you receive a cookie or to not accept certain cookies. However, if you decide not to accept cookies from our website, you may not be able to take advantage of all of the features of our websites.
Our websites may also use a technology called “tracer tags” or “Web Beacons”. This technology allows us to understand which pages you visit on our website. These tracer tags are used to help us optimize and tailor our website for you and other future visitors to our website.
3.2 Analytics
We may use a third party such as Google Analytics to help us gather and analyze information about the areas visited on the websites (such as the pages most read, time spent, search terms and other engagement data) in order to evaluate and improve the user experience and the convenience of the websites.
4. How We Transfer and Disclose Information
4.1 Limitations of Use and Disclosure
Basset will not sell, rent or otherwise disclose your Personal Information to any third party without your consent except as described in this Privacy Policy or as required or permitted by applicable law.
Service Providers
Your personal information may be transferred (or otherwise made available) to our affiliates and other third parties
who provide services on our behalf (e.g., email services, cloud computing services, data storage facilities, mailing
services, logging, hosting, advertising and analytics services, payment processing). Our service providers are given
the information they need to perform their designated functions, and are not authorized to use or disclose personal
information for their own marketing or other purposes.
Legal and Compliance
We and our Canadian, US and other service providers may provide your personal information in response to a search
warrant or other legally valid inquiry or order, or to another organization for the purposes of investigating a
breach of an agreement or contravention of law or detecting, suppressing or preventing fraud, or as otherwise
required or permitted by applicable Canadian, US or other law or legal process. Your personal information may also
be disclosed where necessary for the establishment, exercise or defence of legal claims and to investigate or
prevent actual or suspected loss or harm to persons or property
Sale of Business
Personal information may be provided to third parties in connection with an acquisition, debt financing,
divestitures, financing, merger or sale (including transfers made as part of insolvency or bankruptcy proceedings)
involving all or part of Basset or as part of a corporate reorganization or stock sale or other change in corporate
control, including for the purpose of determining whether to proceed or continue with such transaction or business
relationship
4.2 International Transfer of Information Collected
Basset operates out of Canada and stores information with service providers located in the United States. Your Personal Information may be maintained and processed by us, our affiliates and other third-party service providers in Canada, the United States or other jurisdictions where our service providers are located.
We take measures to ensure that any Personal Information transfers comply with all applicable data protection laws and that your Personal Information remains protected to the standards described in this Privacy Policy. In the event that Personal Information is transferred to the US or other foreign jurisdiction, it will be subject to the laws of that jurisdiction and may be disclosed to or accessed by the courts, law enforcement and governmental authorities in accordance with those laws.
4.3 Third Party Websites
While using the Services or the Website, you may be directed to a third-party website, such as third party integrations, third party authenticators, or other links or references, which may take you to a third party website or service that Basset does not own or operate. Once you have left the Services, this Privacy Policy will no longer apply to you or any other data collected from or provided by you, including Personal Information, and you will be subject to that third party website’s privacy policy (and such other terms and conditions). You should review such third party website’s privacy policy to determine how your data will be used. We do not have any control over such services or websites, and therefore we have no responsibility or liability for the manner in which the organizations that operate such linked services or websites may collect, use or disclose, secure and otherwise treat your Personal Information.
5. Retention
We have retention processes designed to retain Personal Information for no longer than necessary for the purposes of providing Services to our Customers or as otherwise instructed by our Customers or, with respect to the Website, for the purposes set out in this Privacy Policy. We may also retain personal information to meet legal requirements or as otherwise required by applicable law.
6. Security Measures
We take your privacy and data security very seriously and strive to maintain the security of all Personal Information. Basset maintains appropriate physical, technical, and administrative safeguards to protect against loss, misuse, and unauthorized access, use, disclosure, modification, or destruction of Personal Information, including Hosted Data, in our custody and control. However, no website or transmission of information over the internet or common carrier lines is guaranteed to be completely secure, and we cannot guarantee that unauthorized access, hacking, data losses, or other breaches will never occur.
Basset servers are managed and located at a third-party Infrastructure-as-a-Service (IAAS) provider, and we have taken commercially reasonable steps to choose a qualified IAAS provider that operates according to industry standard terms of service and data security protocols. Basset uses commercially reasonable efforts to store and encrypt Personal Information in a secure location, encrypt passwords, and utilize a minimum of 128-bit Secure Socket Layer (SSL) certificates to protect transactions to and from the Services.
You will access and use the Services via a registered user account, which is also protected by a password for your privacy and security. You are responsible and liable for safeguarding your account and password that you use to access the Services, and for all activities or actions that occur under your account. You should take measures to prevent unauthorized access to your account and your information by selecting and protecting your password appropriately and limiting access to your computer (or other device) and browser by signing off after you have finished accessing your account. If you choose to authenticate your account through a Third-Party Authenticator, the security and privacy of your account is subject to the policies of such Third Party Authenticator and we have no liability for the applicable Third Party Authenticator’s security and privacy practices.
6. Access to Personal Information
If we receive a request from an individual to access, correct, update or delete Personal Information we have collected on behalf of a particular Customer in the course of providing the Services, we will direct that individual to the relevant Customer.
Basset will work with the tool administrators at your company to respond in a timely manner to all reasonable written requests to view, modify, or delete Personal Information, subject to applicable law.
If you submit Personal Information via our Website or otherwise directly provide us with Personal Information, you may request access, updating or correction of your personal information (subject to limited exceptions prescribed by law) by submitting a written request to us at the contact information below. We may request certain personal information for the purposes of verifying your identity.
7. Enforcement
Basset will actively monitor its relevant privacy and security practices to verify adherence to this Privacy Policy. Any agents, contractors, service providers, or other third party’s subject to this Privacy Policy that Basset determines is in violation of this Privacy Policy will be subject to disciplinary action up to and including termination of such services.
8. Changes to this Privacy Policy
Basset may change, modify, or update this Privacy Policy from time to time, in whole or in part, in Basset’s sole discretion, at any time without prior notice by posting updated versions on the Basset website. When we do, we will revise the “last updated” date at the bottom of this page. If and when we make such changes, we will make commercially reasonable efforts to notify you by email, through the Services, or by posting a prominent notice on our Website. We encourage you to visit this page at https://basset.io/privacy-policy to stay informed on our privacy practices and review our most current Privacy Policy.
9. Contact Basset
We encourage you to contact us with any questions, complaints, or requests with respect to your Personal Information, this Privacy Policy, and/or our privacy practices (including our practices with respect to service providers located outside of Canada).
Basset can be contacted at:
