NameCoach stands against racial violence and injustice. Access public audio resources to help raise awareness.

Login

Revision Date: June 20, 2021

NameCoach, Inc., a Delaware corporation (“NameCoach,” “we,” “our,” “us”) thanks you for visiting www.name-coach.com, our Internet website (“Site”), or for being a vendor or end-user of our services. This privacy policy (“Privacy Policy”) details NameCoach’s use of Personally Identifiable Information (as defined below) about users of our Site, interactive features, and services (collectively, the “Services”) and governs our collection of your information and content, and the forwarding of such information to an applicable institution, university, college, school, organization, or business partner (collectively, “Institution”).

This Privacy Policy is incorporated into and subject to the Terms of Service and, if applicable, the terms of your Master Services Agreement (“MSA”) with us. Any terms not defined herein are defined in our Terms of Service or our MSA.

I. Privacy Policy Updates

Due to the Internet’s rapidly evolving nature, NameCoach may need to update this Privacy Policy from time to time. If so, NameCoach will post its updated Privacy Policy on our Site located at www.name-coach.com and may not notify you of the updated posting. NameCoach encourages you to review this Privacy Policy regularly for any changes. Your continued use of the Services and/or continued provision of Personally Identifiable Information to us will be subject to the terms of the then-current Privacy Policy.

II. Privacy

Any content you provide to us is subject to this Privacy Policy. You understand that through your use of the Services you consent to our collection and forwarding of this information (as provided in this Privacy Policy), including the transfer of this information to an Institution. If you entered into a MSA with NameCoach on behalf of an Institution, you agree that NameCoach shall collect and use user information to fulfill its duties, provide services, and improve services under the applicable MSA. In providing the Services, we may need to communicate with you, such as by sending technical support messages. These communications are considered part of the Services, which you may not be able to opt-out from receiving.

NameCoach may use certain De-Identified Data obtained from you as a part of its product development process. De-Identified Data is content that removes all direct and indirect personal identifiers of Authorized End Users, including, but not limited to, name, location information, and school ID. NameCoach agrees not to attempt to re-identify De-Identified Data.

NameCoach does not directly collect payment information and is not a money-services business. If this functionality is made available in the Services, it is provided by an unaffiliated third party, and like any other third-party service, subject to their terms of use. Notwithstanding the foregoing, NameCoach may send you invoices according to an applicable MSA.

Note: NameCoach takes privacy extremely seriously, and strictly adheres to the Family Education Rights Protection Act of 1974 (“FERPA”). NameCoach works with Institution(s) to ensure compliance with FERPA and applicable privacy laws, and one of the most important ways in which it ensures compliance with FERPA is by never storing any student personally identifiable information or student academic records in unencrypted form.  Refer to the FERPA Policy for more information.  [https://cloud.name-coach.com/studentrecords/]

III. Information Collection and Use

You can generally visit our Site without revealing personal information including, but not limited to, your name (including audio pronunciation), email address, phone number, physical address or zip code, gender pronoun, age, birthdate, and institution (“Personally Identifiable Information”).  To use the Services, however, we may be required to collect Personally Identifiable Information.  For example, we use Personally Identifiable Information to assist members of an Institution in learning how to pronounce a student’s (or other individual’s) name, how to correctly address a student, and learn other relevant information the student chooses to share.  We do not share any of your contact information with this Institution without your consent.  All student or other individual records obtained by NameCoach from an Institution are the property of and are under the control of that Institution. 

Additionally, we may invite you to participate in surveys, questionnaires, contests, or to contact us with questions, comments, or to provide us with feedback, which due to the nature of some of these activities, may include the collection of Personally Identifiable Information. By accessing or using the Services, we might collect additional data as set forth below in the “Aggregate Information” paragraph. 

We may use your Personally Identifiable Information to contact you to deliver certain services, news, or information related to the Services, verify your authority to use our Services, and improve the content and general administration of the Services. If you do not wish for your Personally Identifiable Information to be used as described in this Section, do not use the Services.  You may also opt out of receiving promotional notifications by following the opt-out instructions in the emails that are sent to you.

Note: Under no circumstances will Personally Identifiable Information be disseminated to third parties for any use, and NameCoach will never use this information for targeted advertising.

You may have the opportunity to create a profile (e.g. a NameBadge), which consists of information about you, which may include Personally Identifiable Information, photographs, and other information regarding your use of the Services (“Profile”).  Some or all of this information may be visible to third parties, depending on your account settings and the Services you are using. If you do not want your Profile to visible to Third Parties, you may contact us at [email protected] to opt-out of this feature.

IV. Children’s Privacy

The Children’s Online Privacy Protection Act (“COPPA”) requires that all online service providers, including NameCoach, obtain parental consent before knowingly collecting personally identifiable information from children under the age of 13.  Our Services are directed towards adults who are of the legal age to access them in their respective jurisdictions and by accessing and using our Services, you represent and warrant that you are of the legal age to form a binding contract with us in your respective jurisdiction and that you meet the foregoing eligibility requirements.  NameCoach does not knowingly collect or solicit any personally identifiable information from children under the age of 13.  Children under the age of 13 are prohibited from using the Services or creating an Account unless they are doing so with parental consent or with the consent of a teacher, school, or district who is providing such consent in compliance with COPPA.  If we learn that we have collected personal information from a person under the age of 13 that does not comply with COPPA, we will delete that information in a reasonably prudent amount of time.  If you believe that a child under the age of 13 has provided personally identifiable information to us, please contact us at [email protected]

V. Cookies and other Usage Information

Like many websites, we use “cookie” technology to collect additional website usage data and to improve our Services, but we do not require cookies to use the Site. A cookie is a small data file that is transferred to your computer’s hard disk. NameCoach may use both session cookies and persistent cookies to better understand how you interact with our Services, to monitor aggregate usage by our users and web traffic routing on our Services, and to improve our Services. Most Internet browsers automatically accept cookies. You can instruct your browser, by editing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit.

We, as well as our affiliate program partners and other third parties, may also employ a software technology called clear gifs, or web beacons to help us better manage content on our Services, and improve the quality and experience of our Services. The same is applicable to any embedded script we may use in addition to flash and HTML5. Various browsers may offer tools for removing certain usage information trackers such as HTML5 LSOs. 

We may also work with analytics service providers and other vendors to provide us with information regarding traffic on the Services.

VI. Aggregate Information

We may track the total number of visitors to our Site, the number of visitors to each page of our Site, browser type, and IP addresses. We may also analyze this data for trends and statistics in the aggregate, but such information will be maintained, used and disclosed in aggregate form only and will not contain Personally Identifiable Information. We may use such aggregate information to analyze trends, administer the Site, track users’ movement, and gather broad demographic information for aggregate use.

VII. Third Party Services

NameCoach uses a variety of services hosted by third parties to help provide our Services, including Amazon Web Services. These services may collect information sent by your browser as part of a web page request, such as cookies or your IP request.  We do not control third parties’ tracking technologies.  If you have any questions about these third-party technologies, you should contact the responsible provider directly.

VIII. Data Deletion and Destruction

NameCoach will store and maintain data for up to 30 days after the termination of an applicable agreement, unless otherwise specified or unless required to retain such data to comply with a legal obligation, resolve disputes, maintain security, prevent fraud and abuse, enforce our terms of service, or fulfill your request to “unsubscribe” from further messages from us.  We may retain certain information that is considered “Directory Information” under FERPA, and/or De-Identified information to enable us to refine and hone our Services after you have discontinued your use of the Services.  Questions regarding data storage, recovery, and deletion should be directed to:

NameCoach, Inc.
Attn: Customer Success Manager
2627 Hanover St.
Palo Alto, CA 94107
Phone: (650) 394-6263
Email: [email protected]

IX. Disclosure

We do not disclose your Personally Identifiable Information except in the following limited circumstances: (i) if we believe that it is reasonably necessary to comply with a law, regulation or legal request; to protect the safety of any person; to address fraud, security or technical issues; or to protect NameCoach’s rights or property; (ii) if we are involved in a bankruptcy, merger, acquisition, reorganization or sale of assets, your information may be sold or transferred as part of that transaction; or (iii) to fulfill the purpose for which you provide it and to enforce or apply your MSA and other agreements with us.

X. Links to Third Party Sites

The Site may provide links to other Web Sites or resources over which NameCoach does not have control (“External Web Sites”). Such links do not constitute an endorsement by NameCoach of those External Web Sites. You acknowledge that NameCoach is providing these links to you only as a convenience, and further agree that NameCoach is not responsible for the content of such External Web Sites. Your use of External Web Sites is subject to the terms of use and privacy policies located on the linked to External Web Sites.

XI. Security

We employ procedural and technological security measures that are reasonably designed to help protect your Personally Identifiable Information from loss, unauthorized access, disclosure, alteration or destruction, which includes encryption and other security measures to help prevent unauthorized access to your Personally Identifiable Information.

XII. Users from Outside of the United States

  • General: By using the Services you acknowledge and agree that: (i) your information will be processed as described in this Privacy Policy; and (ii) you consent to have your information transferred to us and our facilities in the United States or elsewhere, including those of third parties as described in this Privacy Policy.
  • European Economic Area (EEA) or Switzerland: If you are based in the EEA or Switzerland, you acknowledge and agree that we may transfer your information (including personal information) to us and our facilities in the United States or elsewhere, including those of third parties as described in this Privacy Policy. Please review our Terms of Service and the applicable services agreement for more information regarding any other applicable data protections.
  • Legal Basis for processing your information. If you are a user located in the EEA or Switzerland, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it. We will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate business interests. In some cases, we may also have a legal obligation to collect personal information from you. If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “How to Contact Us” heading below.  NameCoach adheres to the General Data Protection Regulation (“GDPR”). For further details, please see the GDPR section below.

XIII. Data Breach Notification

NameCoach maintains an information security plan to protect the security, confidentiality, and integrity of Personally Identifiable Information of users and Institutions. As part of its information security plan, NameCoach will promptly notify affected individuals and the Institution of a data security breach. Written notification will be sent by first-class mail to the address on record for the individual or Institution.  Written notification will contain:

  • A brief description of what occurred with respect to the breach, including, to the extent known, the date of the breach and the date on which the breach was discovered;
  • A description of the types of Personally Identifiable Information that were involved in the breach;
  • A description of the steps the affected individual or Institution should take to protect against potential harm from the breach;
  • A description of what NameCoach is doing to investigate and mitigate the breach and to prevent future breaches; and
  • Contact procedures for individuals to ask questions or learn additional information, which will include a toll-free telephone number, an email address, website or postal address.

If NameCoach determines individuals or an Institution should be notified urgently of a breach because of possible imminent misuse of unsecured Personally Identifiable Information, NameCoach may, in addition to providing notice as outlined above, contact the individual or Institution by telephone or other means, as appropriate.

XIV. California Privacy Rights

California Civil Code Section § 1798.83 permits users of our Site that are California residents to request certain information regarding our disclosure of Personally Identifiable Information to third parties for their direct marketing purposes. We do not provide your Personally Identifiable Information to any third parties for direct marketing purposes as defined in California Civil Code Section § 1798.83. Please contact us [email protected] for any questions regarding your Personal Information.

AB 1584 is a California law that defines student and educational agencies rights with regard to pupil records.  NameCoach maintains compliance with AB 1584 as described in this Privacy Policy and as described in, as applicable, a MSA with California Institution(s).

California Consumer Privacy Act (“CCPA”)

As set forth above, we collect the following categories of information: identifiers (such as your name, voice pronunciation, and email address), other personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (such as your name and contact information), internet or other similar network activity, geolocation data, and inferences drawn from the collected personal information.  This information is collected directly from you when you provide it to us (for example when you submit a form requesting more information, or when you enter into a contract with us) or automatically as you navigate through the Site.  We use this information for one or more legitimate business purposes, including to provide our Services, improve our Services, and offer information about our Services to you. 

If you are a resident of California, you have other rights under the CCPA.  Any personal data that we collect is based upon your consent as detailed in this Privacy Statement.  You have many choices concerning the collection, use, and sharing of your data, including the following rights:

  • Right of Access: You can access your collected personal information by contacting us at [email protected].
  • Right to Correct, Update, or Delete: You can correct, update or request deletion of your personal information by contacting us at [email protected]. We can’t make changes to or delete your information in some situations where it is necessary for us to maintain your information, for example if we need the information to comply with applicable law.
  • Right to Request Disclosure of Information Collected: Please contact us at [email protected] to request further information about the categories of personal information we have collected about you, where we collected your personal information, and for what purpose we use your personal information
  • Right to Disclosure of Information Sold and Right to Opt-Out: You have the right to know what information of yours we have sold, and you have the right to opt-out of any sale of your information. We do not sell any of your information.  If you have any questions about these rights, please contact us at [email protected].
  • Right to Non-Discrimination: We do not and will not discriminate against you if you exercise your rights under the CCPA.

When you contact us regarding any of your rights under the CCPA, we will verify your identify before we provide any information. If you have any questions or comments about your rights under the CCPA, please contact us at [email protected].

XV. GDPR

Introduction

The goal of the GDPR is to standardize data protection laws and processing across the EU, and to give individuals stronger, more consistent rights to access and control their personal information.  NameCoach is committed to ensuring the security and protection of all personal information that we process, and to approach data protection in a compliant and consistent manner.  We have developed and are continuously implementing and updating our data protection roles, policies, procedures, controls, and measures to ensure maximum compliance.

In most processing contexts, NameCoach acts as a processor or service provider for a controller institution or certifying entity. In those situations, where required by applicable law, NameCoach only transfers personal data to third countries or international organizations where the controller institution or certifying entity has authorized NameCoach to do so in accordance with applicable law.

When we transfer information from individuals in the EEA to countries that have not received an adequacy finding under Article 45 of the GDPR, we rely on alternative adequate safeguards, such as the contractual mechanisms set forth in Article 46 of the GDPR or derogations for specific situations set forth in Article 49 of the GDPR.  In the limited situations where we act as a controller and rely on a cross-border transfer mechanism under Article 49, we only collect and transfer your information to third countries: (i) with your consent; (ii) to perform a contract with you; or (iii) to establish, exercise, or defend legal claims.

Methods of Compliance

  • Information Audit – We periodically audit information to identify and assess what personal information we hold, where it comes from, how and why it is processed and if and to whom it is disclosed.
  • Policies & Procedures – We monitor and update data protection policies and procedures to meet the requirements and standards of the GDPR and any relevant data protection laws.
  • Data Retention & Erasure – We have updated our retention policy and schedule to ensure that we meet the ‘data minimization’ and ‘storage limitation’ principles and that personal information is stored, archived and destroyed compliantly and ethically. We have dedicated erasure procedures in place to meet the new ‘Right To Be Forgotten’ obligation and are aware of when this and other data subject’s rights apply; along with any exemptions, response time frames and notification responsibilities.
  • Data Breaches – We have safeguards and measures in place to identify, assess, investigate and report any personal data breach at the earliest possible time, and have disseminated these to all employees.
  • International Data Transfers & Third-Party Disclosures –We carry out strict due diligence checks with all recipients of personal information to assess and verify that they have appropriate safeguards in place to protect the information, ensure enforceable data subject rights and have effective legal remedies for data subjects where applicable.
  • Subject Access Request (SAR) – We have revised our SAR procedures to accommodate the revised 30-day time frame for providing the requested information and for making this provision free of charge. Our procedures detail how to verify the data subject, what steps to take for processing an access request, and what exemptions apply to ensure that communications with data subjects are compliant, consistent and adequate.
  • Legal Basis for Processing – We reviewed all processing activities to identify the legal basis for processing and ensuring that each basis is appropriate for the related activity. Where applicable, we also maintain records of our processing activities, ensuring that our obligations under Article 30 of GDPR and Schedule 1 of the Data Protection Bill are met.
  • Privacy Notice/Policy – We have revised our Privacy Notices to comply with GDPR, ensuring that all individuals whose personal information we process have been informed of why we need it, how it is used, what their rights are, who the information is disclosed to and what safeguarding measures are in place to protect their information.
  • Direct Marketing – We have revised the wording and processes for direct marketing, including clear opt-in mechanisms for marketing subscriptions, a clear notice and method for opting out and providing unsubscribe features on all subsequent marketing materials.
  • Processor Agreements – Where we use any third-party to process personal information on our behalf (i.e. Payroll, Recruitment, Hosting, etc.), we have drafted compliant Processor Agreements and due diligence procedures for ensuring that they (as well as we), meet and understand their/our GDPR obligations. These measures include initial and ongoing reviews of the service provided, the necessity of the processing activity, the technical and organizational measures in place and compliance with GDPR.
  • Special Categories Data – Where we obtain and process any special category information, we do so in compliance with the Article 9 requirements and have high-level encryptions and protections on all such data. Special category data is only processed where necessary and is only processed when we have first identified the appropriate Article 9(2) basis or the Data Protection Bill Schedule 1 condition.

Rights of Data Subject

  • Right of access: You can access your collected personal information by contacting us at [email protected].
  • Right to correct, update, or delete: You can correct, update, or request deletion of your personal information by contacting us at [email protected].
  • Right to restriction of processing: You can ask us to restrict processing your personal information by contacting us at [email protected].
  • Right to object to processing: You may object to the processing of your personal information by us at any time by contacting us at [email protected].  This right does not exist if we have already processed your personal information.
  • Right to data portability: You can ask to take your personal information that you provided to us, in a structured format, from us by contacting us at [email protected].
  • Right to withdraw consent: You have the right to withdraw your consent to our processing of your information by contacting us at [email protected]. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. 
  • Right to file a complaint with the local supervisory authority: You have a right to raise questions or complaints with your local data protection authority at any time.
  • Do Not Track Settings

Some internet browsers have incorporated “Do Not Track” features.  We respond to Do Not Track signals by not tracking browser and URL information collected through a tracking pixel.  However, for security purposes, we do not respond to Do Not Track signals for information collected via server logs, such as user IP address and firewall events.

If you have any questions or comments about this Privacy Policy, please contact us at [email protected].

Contact Us
Contact us