Hello there! Welcome to QuoteMachine!
Attention: Privacy Officer
However, if your request is about how any of our business Clients process your personal data, we recommend that you reach out to this client directly
(together, the “Services”)
When we use the term “personal data”, we mean any information that relates to an identified or identifiable natural person. This includes the obvious data such as a name, home address, email address and phone number, birth date, but it also includes IP-addresses and data specific to the physical, physiological, genetic, economic, cultural or social identity of natural persons. We also include cookies and other tracking technologies in our definition of personal data.
Cookies can be installed by us, in which case, they are called “first party cookies”. They can also be installed by third parties, such as Google Analytics, these are called “third party cookies” and result in the sharing of your personal data, such as IP addresses, with these third parties.
We collect personal data to (1) provide our Clients and our Users with our Website and our Software Services, (2) allow you to create a client account on our Website, if you decide to do so (3) respond to your inquiries, should you e-mail us, (4) conduct our marketing activities, including through re-targeting cookies, (5) to obtain analytics and performance data on how our Services are performing, including our ads, and (6) to process job applications.
Under the European Union General Data Protection Regulation (“GDPR”) (if applicable), we use different legal bases to justify our processing of personal data, such as consent, the performance of a contract and your legitimate interests. However, these legal bases may not be valid under all jurisdictions and are indicative. For instance, in Canada, where such legal bases are not applicable except for consent, we collect, use and disclose such personal data with your consent, which may be explicit or implied. You can withdraw your consent at any time. We process personal data on behalf of our Clients.
Under the GDPR, where applicable, we are considered a data processor, and our Clients are responsible for ensuring that they have an appropriate lawful basis for processing your personal data. We do not have control over how our Clients process personal data, and if you have any questions about how they process your personal data, we invite you to contact them directly.
Category of Personal Data
Purposes and examples of use
Legal basis under the GDPR
IP address, mobile identifier, device type, operating system and Internet browser type.
This data is collected automatically through our Services in order for them to function effectively, to fix bugs or to improve the security of our Website. These may be collected through cookies.
Usage and Performance Data
Time spent on the Services, pages visited, links clicked, language preferences, pages that led or referred you to the Website.
We collect this information for analytics purposes, to help us know more about your use of our Services and to improve such Services. These may be collected through cookies.
First and last names, email address, content of communications.
When you connect to obtain support as a User of our Software Services , such as through the support live chat function in the “Support” section of our Website, through social media or through other means, we collect your personal data to respond to your inquiries.
Explicit Consent or Legitimate Interests.
Registration Data; Credentials
Company name, first name, last name, email address, phone number, password.
When a User signs in, we collect this information to create their account.
Offers that have been made, or purchases made through the Software Services, interactions with Clients’ sales associates through their microsite (i.e. live chat functionalities ).
This personal data is collected through our Software Services in order for us and our Clients to provide Users and Clients with our core services, i.e. giving them the opportunity to sell/purchase goods and services online through our Clients’ microsites.
First and last names, email address, phone number, content of cover letters and resumes, links to LinkedIn profile.
We collect this personal data to process your job application if you apply on the “Careers section of our Website.
Social Media Data
Publicly available information on your social media profiles and other personal pages, such as LinkedIn, Facebook and YouTube.
If you follow us or interact with us on social media, we may process your personal data for marketing or advertising purposes, subject to applicable laws, including those on consent.
We collect essential, functional, performance and targeting cookies. We only collect functional, performance and targeting cookies with your consent. Atelier35 uses both first-party and third-party cookies:
We use the following types of cookies as part of our Website:
Type of Cookie
Legal basis under the GDPR
These cookies are required for the Services to function as intended and be secured. For instance, essential cookies are used to remember your cookie preference if you are prompted to accept or refuse certain cookies. We are not required to obtain your consent for these cookies.
These cookies, also called analytics cookies, are used to monitor usage and performance, such as what pages are visited often, whether there are any bugs, and which sites where visitors come from. Analytics cookies are used to generate aggregated statistical data about traffic and behavior of users when using our Services. We use Google analytics to keep track of how our Services are used.
Functional cookies are used to provide you with some functionalities and to remember preferences, consents and configurations.
These cookies are used to deliver advertising more relevant to you and your interests. They are also used to limit the number of times you see an ad as well as to help measure the effectiveness of a campaign.
We use Facebook, Google AdWords and LinkedIn to measure the effectiveness of our advertising and to show you relevant advertising.
We conduct interest-based advertising (“IBA”), also referred to as targeted advertising or behavioral advertising. We do not conduct interest-based advertising within our Software Services. We only conduct interest-based advertising through our Website and social media.
Interest-based advertising is also referred to as targeted advertising (re-targeting) or behavioral advertising. Re-targeting means that the ads that you are being served are personalized based on your behavior when browsing online. Retargeting means that the ads that you are being served are personalized based on your behavior when browsing online. This is enabled through cookies and requires the processing of electronic data that is considered personal data under certain laws.
For instance, we may display interest-based ads to you when you are using Facebook through a tool offered by Facebook called the Custom Audience Tool. This tool allows us to personalize our ads based on your behavior. We do not share any of your personal information, including your behavior, with Facebook. The tool lets us convert your email address to a unique number that Facebook uses to match to unique numbers it generates from email addresses of its users as part of real-time bidding.
We use Facebook, Google AdWords and LinkedIn cookies to conduct IBA. This means that Facebook and LinkedIn cookies use the information to show you relevant ads and to improve the advertising that you see.
You can opt-out of interest-based advertising by managing your cookies. You can also use WebChoices which is a browser-based tool for opting out of interest-based advertising. Mobile users can also download the DAA Choice App in the Apple App Store, Google PlayStore or Amazon Store. AdChoices provides additional solutions and explanations to control block and control cookies, as well as plug-ins to retain opt-out cookie preferences, even if you delete your cookies.
You can manage your cookie preferences through your browser using the instructions provided below by clicking on the browser that you are using. However, by blocking some cookies that enable the functions of the Services, parts of the Services may not be available.
You can also use WebChoices which is a browser-based tool for opting out of interest-based advertising. AdChoices provides additional solutions and explanations to control block and control cookies, as well as plug-ins to retain opt-out cookie preferences, even if you delete your cookies.
Our servers are hosted in the United States. Our service providers, however, may store your personal data in other countries. Some countries may not offer the same level of protection offered in your country for personal data.
If you are in the European Union, we are required to ensure that appropriate safeguards are in place prior for transferring your personal data out of the European Union.
We keep your personal data for as long as required to achieve the purpose of the collection or as required by applicable laws, whichever is longer.
We strive to implement physical, organizational, contractual and technological security features that are proportional to the risks, taking into consideration factors such as the sensitivity of the personal data that we collect.
However, it is important to understand that we cannot guarantee the security of personal data on the Internet and that you must also take precautions, such as not sharing your credentials with anyone. No method of information transmission or information storage is 100% secure or error-free, so we unfortunately cannot guarantee absolute security. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately using the contact information provided at the beginning of this Policy.
Our payment processing providers, Stripe and Rainforest, are certified PCI DSS compliant.
Within our organization, only the persons who need to have access to your personal data because of their roles or functions are granted such access.
We share your personal data with the following categories of recipients: Clients, service providers, API providers and law enforcement authorities (if required under applicable law). We do not sell personal data and we do not share the personal data collected as part of the Services for other reasons than to provide the Services, except if required by the law or as set forth below.
When Users use our Clients’ microsites and, for instance, complete a submission to be provided with our Client’s services, all such information is made available to the relevant Client. Clients can use that information to create reports and business intelligence.
If Users order products from our Clients, Clients will also have access to such Users’ shipping address.
It’s important for us to let you know that Clients aren’t our suppliers; they’re distinct controllers of your personal data and may process and otherwise handle your personal data as they deem fit. Other third parties to which we share your personal data re listed in the table below:
API and Cloud providers
Email service providers
Marketing service providers
We use marketing providers like LinkedIn, Google and Facebook to conduct IBA and marketing campaigns.
You can read their privacy policies here:
Payment service providers
You can choose to use integration partners while using the Services. They are not our suppliers, but independent third parties. For instance, integration partners we use include Lightspeed Retail, Quickbooks, Pipedrive. You can access their privacy policies here:
Law enforcement authorities
We may receive requests from law enforcement or the authorities to access personal data. Whenever permitted by law, we advise our Users or Clients beforehand. We also validate that the request is legitimate before responding.
We may share your personal data in connection with, or during negotiations of, any merger, sale of assets, financing, or acquisition of all or a portion of
our business by another entity or investors.
Your rights differ depending on where you are located in the world.
In most locations, you can access and rectify your personal data, as well as withdraw your consent to the processing of your personal data.
In other jurisdictions, such as in the European Union (if applicable), you have additional rights, such as the right to object to the processing of your personal data, the right to data portability, the right to erasure and the right to restrict the processing of your personal data.
Under the GDPR (if applicable), you are entitled to these additional rights:
If you would like to learn more about these rights, please click here for a more detailed explanation.
All of these rights are subject to limitations within the law, so if we cannot comply, we will respond to you and let you know why. We will respond to any of your requests within 30 days. In some cases, we may need additional information to validate your identity, in which case, we will use it only for this reason and delete it afterwards. We do not charge any fees for you to exercise your rights.
You always have the right to lodge a complaint to the local authorities if you disagree with how we handle your personal data. Please see below to know how to do so.
Once we receive your request, we will get back to you within 30 days. It’s possible that we cannot comply with your request, for instance, if it’s not applicable under the law. If we can’t process your request, we will provide you with explanations.
When you exercise your rights, we may have to request personal data to validate your identity.
If your request is lengthy and difficult, and if we are allowed to do so by law, we may charge you a reasonable fee to assist you. If you are not satisfied with how we process your request, you can communicate with your local data protection authorities or privacy commissioners, and lodge a complaint. We will provide you with explanations on how to do so in our response to your request, based on your location.
If you are in the European Union, you can contact your local data protection authority. The list of data protection authorities can be found here.
If you are located in Canada, note that the Office of the Privacy Commissioner of Canada drafted this FAQ to help you access your personal data when it is held by a business. You can also contact the Office of the Privacy Commissioner of Canada’s Information Center:
9:00 am to 4:00 pm EST
Office of the Privacy Commissioner
30 Victoria Street
You can also use this online form.
If you have any issue with how we collect, use or disclose your personal data, or how we responded to your request, please let us know. We will do our best to improve our processes to make certain that it does not happen again. We will also provide you with additional information about our practices if you would like us to do so.
Yes, you can do so directly in the e-mails you receive by clicking the “unsubscribe” link at the bottom. You can also contact us directly or manage your preferences within our Services where available.
If you are a resident of California, you have the right to ask companies to stop tracking you on the Internet. Please note that we do not respond to Do Not Track signals. However, if you have a legitimate request about your personal data, be sure that we will try our best to assist you!