Privacy policy
Effective date: September 4th, 2024
U.S. Privacy Notice
TripleSession, Inc.
1. OUR PRIVACY PLEDGE
We strive to be transparent about how we collect and use your information. This Privacy Notice (“Notice”) is meant to help you understand what information TripleSession, Inc. (“TripleSession”, “us”, “our” or “we”) collects, why we collect it, and what we do with it. This Notice applies to this website, our products, services, and technologies (we'll collectively refer to these as "Services").
For purposes of this Notice, “personal information” means information that relates to an identified or identifiable individual (such as a name, email address, or photograph), or as otherwise defined under applicable law. Some information that is automatically disclosed to us or collected by us through your use of our Services meets this definition.
2.YOUR RIGHTS
Starting on January 1, 2020 the California Consumer Privacy Act (CCPA) provides consumers (California residents) with specific rights regarding their personal information. Alternatively, you may have privacy rights in Colorado, Utah, Virginia, Connecticut, or other states. W**e are extending these rights to all U.S. residents.**
You shall have the right to request from TripleSession:
- A copy of all the personal information (as that term is defined under state privacy laws) about you that is retained by us
- That we correct any information that is incorrect, outdated or inaccurate
- The right to confirm if data is being processed
- The right to data deletion or the 'right to be forgotten'
- The right to data portability
- The right to understand how we use third-party services. We do not transfer or sell your personal information to third parties for their own use. However, we do use third-party analytics and service providers to help us improve our product and user experience. These services process your data on our behalf and in accordance with our instructions.
Important Note on Data Usage: We want to emphasize that any data we collect, especially data obtained through integrations like Google Workspace, Zoom, and HubSpot, is used exclusively to enhance the experience for the individual user. We do not use this data for any other purpose beyond providing and improving our services for that specific user. This includes data from video calls, CRM interactions, or any other information gathered through these integrations. While we use third-party analytics services to help us improve our product, these services only process data on our behalf and do not have independent rights to your information. Your data is not shared, sold, or used to benefit other users or third parties. Our sole aim is to provide you with a personalized and improved service experience.
Moreover, you have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or sharing that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you (also called a data portability request)
- If we shared your personal information for a business purpose, two separate lists disclosing:
- Shares, identifying the personal information categories that each category of recipient shared; and
- Disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
We will not discriminate against you for exercising any of your rights. Unless permitted by law, we will not:
- Deny you Services.
- Charge you different prices or rates for goods or Services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of Services.
- Suggest that you may receive a different price or rate for Services or a different level or quality of Services. time.
Any requests to receive your personal information or to correct personal information should be directed to the following: support@triplesession.com.
TripleSession will destroy personal information upon your request (by telephone
and/or by email) or when the personal information is no longer required. The exception
to this is if the personal information is required in order to fulfil the purpose of
TripleSession or is required to be maintained and/or stored in accordance with the
law.
3. WHO CAN MAKE A RIGHTS REQUEST, AND HOW?
A rights request can be made by you or your legal representative. You may only make a verifiable consumer request twice within a 12-month period. The verifiable request must:
- Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
- Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that personal information relates to you.
Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your account sufficiently verified when the request relates to personal information associated with that specific account.
4. How To Complain About A Breach Of Privacy, And How The Complaint Will Be Dealt With
You can make a complaint to Triple Session's internal dispute resolution team (IDR) regarding an interference with and/or misuse of your personal information by
contacting Triple Session via mail, telephone, or email.
Any complaints should be directed to the following contact details in the first instance:
Matt Doyon
368 Boyleston St
Unit B
Newton, MA 02459
561-497-5428
In your communication you should detail to TripleSession the nature of your
complaint and how you would like us to rectify your complaint.
We will confirm receipt of that complaint within 7 days of receipt and will take all reasonable
steps to make a decision as to the complaint within 30 days of receipt of the complaint.
In the event that you are not satisfied with the resolution provided, then you can make
a complaint to your state's Attorney General's Office.
5. Types of Personal Information That is Collected, Used, Processed & Held
Information You Give Us Directly
TripleSession collects personal information for a variety of reasons. This personal information will be collected in the normal course of business and will relate to the Services that are provided by TripleSession. Some of this is information you voluntarily provide to us, for instance, when you fill in forms on our website, purchase a plan, or contact us for support or service. This information collected will be done so in the course of business where the client is a customer of TripleSession or when the client acts as a guarantor for another person or company that is a client of TripleSession. TripleSession will not collect information that is sensitive in nature unless it is required in the normal course of business.
Information we collect directly from you includes the following:
- Name
- Country
- Company Name
- Role
- Experience in Sales
- Email Address
- City
- Photograph
- About You (an open field which may contain personal information)
We use this data to customize the user experience. For example, we use the role to indicate the type of content most in line with your profession. Additionally, the photograph helps to personalize your individual profile page. We do not process biometrics.
Information We Collect Automatically
Certain information is also collected automatically as you navigate our Services or interact with our communications, such as the following:
(a) IP address, browser, email client type and other similar details;
(b) Website usage and traffic details; and
(c) Reports are available to from our website when we send an email to the client, so we may collect and review that information.
Some of this information may be collected using cookies and similar technologies. Cookies are small files which are stored on your computer. They are designed to hold a modest amount of data (including personal information) specific to a particular client and website, and can be accessed either by the web server or the client's computer. You can disable cookies, limit the types of cookies you allow, or set your browser to alert you when cookies are being sent. Please refer to the guidance offered by your chosen web browser if you'd like help managing your cookie preferences.
We also integrate third-party analytics tools into our Services to help us analyze how people use our Services. Third-party analytics companies collect and use information in accordance with their own privacy policies and may combine the information they collect in connection with our Services with information they have independently collected over time and across websites. You can find more information about the third-party analytics tools in Section 6 below.
Information We Collect From Other Sources
We may receive information about you from other sources as well, including third-party authentication providers such as Google and LinkedIn, which you can use to log into our Services, or third-party communication tools such as Slack, which you can use to join the TripleSession Slack channel and connect with other TripleSession users. When you elect to use third-party services such as these, the third-party service may share certain information with us to enable the integration, such as the email address and username associated with your account on that service. You can control the information third-party services may share about you using the privacy settings in your accounts with those services.
5.1. Information Collected Through Our AI Coach and Zoom Integration
Zoom Recordings and Transcripts: For users who opt to integrate TripleSession with their Zoom accounts, we collect cloud recordings and transcripts of sales calls. This integration is designed to enhance our AI Coach feature, allowing for automated analysis of sales performance.
Analysis of Sales Call Transcripts: Through our AI Coach, we process sales call transcripts using artificial intelligence to provide performance insights. These analyses are based on predefined playbooks and are aimed at improving sales strategies and skills.
5.2. Information Collected Through Our AI Coach and Google Meet Integration
Google Workspace API Data Collection and Use
When you use our services, we may collect and use personal data from Google Workspace APIs, including but not limited to the Google Meet API. This data is used to enhance user experience and provide specific services related to our AI Coach feature.
Purpose of Data Collection: We use the data collected via Google Workspace APIs solely to provide and improve the functionality of our AI Coach service. We comply with Google's API Services User Data Policy, including the Limited Use requirements.
Limited Use and AI/ML Model Training: Data obtained through Google Workspace APIs, including any information from Google Meet integration, is not used to develop, improve, or train generalized AI and/or ML models. We use this data exclusively for providing personalized insights to the user within their account. Our use of Google user data strictly adheres to the Limited Use requirements.
Data Processing: For users who integrate Triple Session with their Google Meet accounts, we access and process recordings stored in Google Drive as follows:
- 1. Users connect their Google Meet account with Triple Session through a secure OAuth process.
- 2. We retrieve and temporarily download recent Google Meet recordings.
- 3. These recordings are transcribed and analyzed to generate performance insights.
- 4. After analysis, the original recordings are securely deleted from our servers.
- 5. We retain only the encrypted transcript for ongoing analysis and user feedback.
Data Security: We implement strict security measures to protect data obtained from Google Workspace APIs. This includes encryption, access controls, and adherence to industry-standard compliance requirements.
User Control: You have control over the data collected via Google Workspace APIs, including options to access, update, or delete this data through your account settings or by contacting us directly at support@triplesession.com.
6. Purposes For Which Information Is Collected, Held, Used And Disclosed
TripleSession will only gather information for its particular purpose (primary purpose). We will not disclose this information for any other purpose unless this has been agreed to by both parties.
We will use your personal information to do the following:
- communicate with you about Services;
- operate and improve our website;
- analyze usage trends, and activities on our Services;
- respond to your requests, comments, and suggestions;
- further our networking, marketing, and social strategies (including posting testimonials, notifying you about offers, promotions, and events; and promoting new features and services we have developed);
- protect against, investigate, and respond to misuse of our Services;
- troubleshoot bugs and service errors; and
- carry out any other purpose described to you at the time the information was collected.
- To facilitate the integration of TripleSession Services with third-party platforms like Zoom, enhancing user experience by allowing direct access to call recordings and transcripts for analysis.
- To utilize advanced AI technologies, including the OpenAI API, for the purpose of analyzing sales calls and providing actionable insights to our users.
Disclosure to Third Parties
We may share personal information about you with third parties in the following circumstances:
- Companies under common control and ownership with TripleSession;
- Processors and sub-processors (such as those listed below)
- Analytics partners (such as Mixpanel and Segment, also listed below)
- Other TripleSession users (such as other users in the TripleSession Slack channel)
- Business transfers (such as in connection with or during negotiations of any merger, acquisition, financing, re-organization, bankruptcy, sale of all or a portion of our assets, or transition of services to another provider);
- Legal requirements (such as to comply with a legal obligation, to verify or enforce our terms of use or other agreements; to respond an emergency, or to protect the rights, property, safety, or security of third parties, visitors to our Services, or the public); and
- With your consent and at your direction (including if we notify you that the information you provide will be shared in a particular manner and you provide that information).
It's important to note that in all these cases, we do not sell or rent your personal data. Any sharing of information is done solely for the purpose of providing and improving our services, and is subject to strict data protection agreements.
Processors and Sub-processors
Note on Third-Party Services: The following lists detail the third-party services we use to provide and improve our product. These services process data on our behalf and do not have independent rights to use your data for their own purposes. We do not sell or rent your data to these or any other third parties.
Website: triplesession.com
This Privacy Notice does not apply to the privacy practices of the following third parties, as these services and applications are not operated or controlled by us. We encourage you to review their privacy notices before providing any personal identification through them.
Core Infrastructure
We use these sub-processors to provide our core application (at triplesession.com).
| Name | Data Collected | Role | Privacy Policy |
|---|---|---|---|
| Vercel - San Francisco, US | Product usage data | Cloud server for the frontend of the application | View |
| Plausible - San Francisco, US | Product usage data | Measuring product usage and effectiveness | View |
Application: app.triplesession.com
Core Infrastructure
We use these sub-processors to provide our core application (at app.triplesession.com).
| Name | Data Collected | Role | Privacy Policy |
|---|---|---|---|
| Digital Ocean - San Francisco, US | Application content, email address, city, country, time zone, years of experience, company, company role, Uploaded images and files | Cloud server hosting, Database backups, CDN | View |
| Vercel - San Francisco, US | Product usage data | Cloud server for the frontend of the application | View |
| Render - San Francisco, US | Personal information, service usage data, user content, third-party site data | Cloud hosting services | View |
Other App Sub-processors
We use these sub-processors to provide aspects of our service at app.triplesession.com.
| Name | Data Collected | Role | Privacy Policy |
|---|---|---|---|
| Auth0 - Washington, USA | Session activity, IP address, email, city, country, company, company role | User authentication, security | View |
| Stripe - San Francisco, USA | Payment information (Stripe directly collects payment details such as credit card numbers; no payment information is stored by TripleSession) | Payment processing services | View |
| Intercom - San Francisco, USA | Product usage data, email, city, country, time zone, company, company role | Real time support, help docs | View |
| Hotjar - Malta | Product usage data | Measuring product usage and effectiveness | View. |
| Segment.io, inc. - San Francisco, USA | Product usage data, IP addresses, email, city, country, time zone, company, company role | Measuring product usage and effectiveness | View |
| Functional Software Inc - United States | Product usage data, IP addresses, email | Measuring product usage and effectiveness | View |
| Mixpanel, inc. - San Francisco, USA | Product usage data, email, city, country, time zone, company, company role | Measuring product usage and effectiveness | View |
| Algolia - San Francisco, USA | Product usage data, IP addresses | Real-time site search services | View |
| Open AI - San Francisco, USA | Sales call transcripts for analysis | AI analysis for sales performance improvement | View |
| Google LLC - Mountain View, USA | Cloud recordings and transcripts | Cloud storage and processing of Google Meet recordings and transcripts | View |
| Zoom API - San Jose, USA | Cloud recordings and transcripts | Video conferencing data for AI analysis | View |
| Cloudflare - San Francisco, USA | Product usage data, IP addresses | Content delivery network (CDN) and security services | View |
7. Payment Processing and Data Security
To provide you with Triple Session PRO and Triple Session Teams, we have partnered with Stripe, a leading payment processing service. Stripe has been integrated into our Services to handle all payment transactions securely. Here's what you need to know:
What information is shared with Stripe: When you subscribe to our Services, Stripe collects your payment information (such as your credit card number) directly. TripleSession does not collect, store, or have access to your payment details. The information collected by Stripe is used solely for the purpose of processing your subscription payments.
Security: Stripe is committed to maintaining the confidentiality and security of your information. They employ a variety of security measures to ensure the protection of your payment information. For more information about Stripe's security practices, please visit Stripe's Security Page.
Stripe's Privacy Policy: For more details on how Stripe uses and protects your personal information, please refer to Stripe's Privacy Policy.
8. Storing Your Information
We will take all reasonable steps to ensure that your information held by us is accurate, up-to-date, complete, applicable, is not misleading and will only be used for the purposes stated in this Privacy Notice. We will maintain security safeguards to protect your information and will take all reasonable steps to ensure that your information is not disclosed to any unauthorized person or entity.
We ensure the security of data collected through our AI Coach and Zoom integration by using encryption for data storage, adhering to industry standards and compliance requirements. Our hosting services, including Render for the AI Coach and Vercel for the Triple Session Backend, are selected based on their robust security certifications, including SOC2 compliance.
9. Securing Your Information
We use administrative and technical safeguards we believe are appropriate to protect the confidentiality, integrity, and availability of your personal information. Although we make reasonable efforts to protect personal information from loss, misuse, or alteration by third parties, you should be aware that there is always some risk in any system for transmitting and storing information electronically. We cannot and do not guarantee absolute security.
Specific measures, such as the use of Cloudflare for security and rate limiting, are implemented to protect the integrity and confidentiality of data processed through our AI Coach feature and Zoom integration. These measures are part of our commitment to safeguarding user data against unauthorized access, alteration, and misuse.
10. Your Data Protection Rights
As a user of our service, you have the right to access, correct, delete, or object to the processing of your personal data. You also have the right to data portability and the right not to be subject to automated decision-making. To exercise any of these rights, please contact us at support@triplesession.com. We are committed to facilitating these rights in accordance with applicable law.
Availability Of This Privacy Notice
This Privacy Notice is available to all clients of TripleSession. It will be
made available on our website.
This Privacy Notice will also be available upon request at our business
premises and is available to be sent to you if required.
11. Privacy Officer (Responsibilities)
TripleSession has appointed an internal Privacy Officer to manage its privacy matters:
Matt Doyon
368 Boyleston St
Unit B
Newton, MA 02459
561-497-5428
support@triplesession.com
1. Children's Privacy
Our Services are not intended for children. We do not knowingly collect personal information from children.
2. Data Retention
We only keep your data for so long as necessary for the purposes described herein, as required by law, or as necessary to resolve disputes and enforce our rights.
3. Changes to Our Privacy Notice
We may make changes to this Privacy Notice from time to time. If we make material changes, we will provide you with heightened notice. If we make material, retroactive changes, we will ask for your consent first