Privacy

Waver LLC User Privacy Policy

Effective: August 24, 2016

This privacy policy is to help you understand what information is collected, how it is used, and what choices you have. When Waver is mentioned in this policy, it covers Waver LLC, the company, Waver, the downloadable application, and the Waver website at www.waver.io. Waver is available for use via a web browser or applications specific to your desktop or mobile device.

This policy describes how Waver treats your information, not how other organizations treat your information. If you are using Waver in a workplace or on a device or account issued to you by your employer or another organization, that company or organization likely has its own policies regarding storage, access, modification, deletion, and retention of communications and content which may apply to your use of Waver. Content that would otherwise be considered private to you or to a limited group of people may, in some cases, be accessible by your Team Owner or administrator. Please check with your employer, Team Owner or administrator about the policies it has in place regarding your communications and related content on Waver.  More on this below.

In this policy we talk about various roles within a Waver team and the privileges that come with each. It’s helpful to understand these roles and the relationships between them. Here’s the breakdown: primary owner > Team Owner > Team Administrator > team member. Primary owners have the most control over their team’s settings on Waver, followed by Team Owners and then Team Administrators. The person who establishes the Waver team is considered the primary owner with the most control over the team (which is why it’s not a good idea for this person to be a contractor or temp employee). Teams can have more than one owner, but only one can be the primary owner. Primary ownership can be transferred to another member after the team is created (see prior note about temp workers and flaky people). All Team Owners are administrators, and all owners and administrators are also team members.

Information we collect and receive

Waver collects different kinds of information. Some of it is personally identifiable and some is non-identifying or aggregated. Here are the types of information we collect or receive:

  • Team information. When you create a team on Waver, we collect your email address (as the Team Owner), your team name, Waver domain (ex: your-team-name.Waver.io), your user name that appears in your Waver team, and password. Optionally, you can provide an email domain to allow people on that domain to sign up for your team without an invitation or individually add email addresses for people you’d like to invite to your team.
  • Account and profile information. The only information we require to create your Waver account is an email address and password. Optional information you can enter into your profile includes information such as your first and last name, what you do, your Skype username, and your phone number. Your Team Owner(s)/administrator(s) may request you to provide additional information about yourself in your profile, and Waver has no control over such additional information collected. Any information you add to your profile is visible to other people on your team as described on your profile management page.
  • Billing information. If you purchase a premium version of Waver, our third party payment processors will collect and store your billing address and credit card information.
  • Log data. When you use Waver, our servers automatically record information, including information that your browser sends whenever you visit a website or your mobile app sends when you’re using it. This log data may include your Internet Protocol address, the address of the web page you visited before coming to Waver, your browser type and settings, the date and time of your request, information about your browser configuration and plug-ins, language preferences, and cookie data. Log data does not contain message content and is not routinely deleted.
  • Device information. In addition to log data, we may also collect information about the device you’re using Waver on, including what type of device it is, what operating system you’re using, device settings, unique device identifiers, and crash data. Whether we collect some or all of this information often depends on what type of device you’re using and its settings.
  • Geo-location information. Precise GPS from mobile devices is collected. WiFi and IP addresses received from your browser or device may be used to determine approximate location.
  • Waver usage information. This is information about which teams, channels, people, features, content, and links you interact with within Waver and what integrations with related services you use.
  • Service integrations. If you integrate with a service on Waver we will connect that service to ours.
    • Depending on team settings, team members may be able to add integrations to a channel or direct message conversation. Those integrations are viewable and maybe removable by the administrators, owners, or designated users.
    • We do not receive or store your passwords for any of these services.
    • If you add an integration, the third party provider of the integration may share certain information about your account with Waver. Waver is not responsible for how teams may use and collect data through integrations.
    • An integration can be removed at any time. Removing an integration unbinds that integration on a go-forward basis. That does not, however, delete the content that was received from the integration and indexed within Waver. That content must be deleted manually.
  • Communication content that you send and receive within Waver. This includes:
    • The message content itself. This content can include messages, pictures, files and video among other types of files.
    • When messages or files were sent and by whom, when or if they were seen by you, and where you received them (in a channel or direct message, for example).
  • Information from partners or other third parties. Waver may receive information from partners or others that we could use to make our own information better or more useful. This might be aggregate level information about which IP addresses go with which zip codes or it might be more specific information about how well an online marketing or email campaign performed.

Our Cookie Policy

Waver uses cookies, or similar technologies like single-pixel gifs and web beacons, to record log data. We use both session-based and persistent cookies.

Cookies are small text files sent by us to your computer and from your computer to us, each time you visit our website. They are unique to your Waver account or your browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire.

Some cookies are associated with your Waver account and personal information in order to remember that you are logged in and which teams you are logged into. Other cookies are not tied to your Waver account but are unique and allow us to do site analytics and customization, among other similar things. If you access Waver through your browser, you can manage your cookie settings there but if you disable all cookies you may not be able to use Waver.

Waver sets and accesses our own cookies on our company-owned domains. In addition, we use third parties like Google Analytics for website analytics. You may opt-out of third party cookies from Google Analytics on its respective website. We do not currently recognize or respond to browser-initiated Do Not Track signals as there is no consistent industry standard for compliance.

How we use your information

We use your information for the following:

  • Providing the Waver service. We use information you provide to authenticate you and deliver message content to you and from you
  • Understanding and improving our products. To make the product better we have to understand how users are using it. We have a fair bit of data about usage and we intend to use it many different ways to improve our products, including research. This policy is not intended to place any limits on what we do with usage data that is aggregated or de-identified so it is no longer tied to a Waver user.
  • Investigating and preventing abuse and fraud from happening. We work hard to keep Waver secure and to prevent abuse and fraud.
  • Communicating with you
    • Solving your problems and responding to your requests. If you contact us with a problem or question, we will use your information to respond to that request and address your problems or concerns.
    • In-product communications. We may use the information you provide to contact you through Waver using in-product messaging tools. For example, if, after, a few weeks of using Waver we notice that your notification setting is set to notify you of all messages, we may send you a message that suggests you change this in case you are getting too many notifications. This is just one example of how we use information about your usage of the product to make suggestions to you.
    • Email messages. We may send you service and administrative emails, such as when we notice that you are nearing a message or integration limit. We may also contact you to inform you about changes in our services, our service offerings and important service related notices, such as changes to this policy or security and fraud notices. These messages are considered part of the service and you may not opt-out of them. In addition, we sometimes send emails to Waver users about new product features or other news about Waver. You can opt-out of these at any time.

Your choices

When you use Waver, you have control over a number of things with respect to your own privacy and choices about how your content is visible to others or not. If you are a Waver Team Owner or administrator, you have additional choices that impact your team’s privacy. Some members will not have access to all of the same choices that their Team Owner(s) or administrator(s) do. That is because Waver is set up to be team-oriented, and provides Team Owners with the maximum ability to control their teams.

Message Retention Settings and Export Options

Waver offers different options for message retention and export to Team Owners and Administrators, depending on the level of service they have signed up for. These service levels are likely to change so please see our website to learn more about which features are associated with which level of service.

  • Message Retention Settings
    • Message retention setting options vary by service level from very general to very specific. The default for all teams, both free and premium, is that messages are retained for as long as the team exists unless they are deleted by the user or administrators, and that users can edit and delete their own messages at any time.
    • Premium level teams can modify their team settings to shorten the duration of retention, make very specific retention setting modifications on a per-channel basis, and change settings to store all message edits and to retain messages that users have deleted.
    • Please see our FAQ for more specific information about what options exist for different team service levels.
    • You can view your team’s message retention settings at any time via your team settings.
  • Message Exports
    • Administrators of all teams, both free and premium, can export their team’s messages and files that are shared in channels. Message history for private channels and direct messages is not included in this.
    • Only owners for teams who have signed up for the appropriate level of Waver service and have enabled Compliance Exports can export their team’s private channel’s messages, private channel’s shared files and direct messages. Compliance Exports may include message edit and deletion history.
    • For more information about your team’s export options, please visit your team settings.

Choices for Team Members

  • If you are a member of a free team, you may deactivate your account. Deactivation of an account disables your access to the Waver team associated with that account but does not delete your profile or content, which are considered part of your team’s data.
  • Whether you can delete your message content depends on your team settings. In addition, a record of edits and deletions may be retained by your team, depending on the service level of your team and your team’s settings.
  • While you cannot completely delete a profile once it is created, you can update your profile information at any time and modify your email settings. You can also change your user name from time to time.
  • When you upload a document or a file on Waver, you can decide where to share it and with whom. You can also share documents with your entire team or in a private channel. You can also share them externally by creating a public link if you choose. Files are not subject to message retention settings but can be deleted at any time by the person who uploaded the file or by Team Administrators.

Choices for Team Owners and Administrators

  • Administrators have the ability to manage and change most of the team settings, including message retention settings, and can modify whether or when team members can edit or delete messages. Administrators can also deactivate member accounts for their team.
  • Only a primary owner can deactivate or delete a team.
  • For more about these privileges, choices, and permissions, see our FAQ.

Other Choices

  • The browser you use may provide you with the ability to control cookies or other types of local data storage.
  • Your mobile device may provide you with choices around how and whether location or other data is shared with us.
  • Waver does not control these choices, or default settings, which are offered by makers of your browser or mobile device.

Sharing and Disclosure

There are times when communications and related content and other user information may be shared by Waver. This section discusses only how Waver may share user information. Organizations that use Waver may have their own policies for sharing and disclosure of information they can access through Waver. Waver may share information:

  • With consent, to comply with legal process, or to protect Waver and our users. When we have your consent or if we believe that disclosure is reasonably necessary to comply with a law, regulation or legal request; to protect the safety, rights, or property of the public, any person, or Waver; or to detect, prevent, or otherwise address fraud, security or technical issues. If we receive a law enforcement or other third party request for information we will provide prior notice to the subject of the request where we are legally permitted to do so.
  • With third party service providers and agents. We may employ third party companies or individuals to process personal information on our behalf based on our instructions and in compliance with this Privacy Policy. For example, we may share data with a security consultant to help us get better at preventing unauthorized access or with an email vendor to send messages on our behalf. We may also share data with hosting providers, payment processors, marketing vendors, and other consultants who work on our behalf.
  • Integrations. If you add an integration, Waver may share information about you or your team with the provider of the integration. Waver is not responsible for how the provider of the integration may collect and use your data.
  • About you with your organization or Team Administrator(s).
    • We may share your email address and team name with your organization. If the email address under which you’ve registered your account belongs to or is controlled by an organization (to be clear, we’re not talking about free web-based email providers like Gmail, Hotmail or Yahoo! Mail) we may disclose that email address and associated team names to that organization in order to help it understand who associated with that organization uses Waver, and to assist the organization with its enterprise accounts. Please do not use a work email address for our services unless you are authorized to do so, and are therefore comfortable with this kind of sharing.
    • In addition, there may be times when you contact Waver to help resolve an issue specific to a team you are a member of. In order to help resolve the issue, we may need to share your concern with your administrator. When possible, we will try to mask or remove any identifying information before sharing these communications.
    • As described above in the Message Retention Settings and Export Option section, Team Owners and Administrators have certain rights to export their team’s messages and files.
    • If we engage in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Waver’s assets financing, acquisition of all or a portion of our business, or similar transaction or proceeding that involves the transfer of the information described in this Privacy Policy.
  • For Business and Research Purposes.
    • We may also share aggregated or de-identified information with our partners or others for business or research purposes. For example, we may tell a prospective Waver customer the average number of messages sent within a Waver team in a day or may partner with research firm or academics to explore interesting questions about workplace communications. Again, this policy is not intended to prohibit the disclosure and use of aggregated or de-identified data.

Security

Waver takes reasonable steps to protect information you provide to us as part of your use of the Waver service from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the information we collect, process and store and the current state of technology. When you enter sensitive information (such as sign-in credentials) we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it. However, no electronic or email transmission or digital storage mechanism is ever fully secure or error free.

Children’s information

Waver is not directed to children under 13. If you learn that a minor child has provided us with personal information without your consent, please contact us.

Changes to this Privacy Policy

We may change this policy from time to time, and if we do we’ll post any changes on this page. If you continue to use Waver after those changes are in effect, you agree to the revised policy. If the changes are material, we may provide more prominent notice or seek your consent to the new policy.

EU Safe Harbor

Waver complies with the U.S. – E.U. Safe Harbor framework and the U.S. – Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Waver has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Waver’s certification, please visit http://www.export.gov/safeharbor/.

Contacting Waver

Please also feel free to contact us if you have any questions about Waver’s Privacy Policy or practices. You may contact us at feedback@waver.io or at our mailing address below:

Waver LLC
452 Broadway
Brooklyn, NY 11211