Effective Date: October 31, 2020
Welcome to the website of Hindsight Technologies, Inc. (collectively with any subsidiaries and affiliates, “Hindsight”, “Company”, “Twenty20”,”we”, “us”, or “our”). We have prepared this Privacy Notice (“Privacy Notice”) to explain how we collect, use, protect, and disclose your information when you use (1) the Twenty20 website https://twenty20.io or any other Hindsight websites on which this Privacy Notice appears (“Sites”), or (2) Hindsight’s software-as-a-service products, including the software available to you through our platform and any software, mobile applications, products, devices, or other services offered by Hindsight from time to time (collectively, “Twenty20 Platform”). It also describes the choices available to you regarding the use of, your access to, and how to update and correct your personal information. “You” refers to you as a visitor or a user of the Sites or the Twenty20 Platform.
This Privacy Notice applies to the Personal Information we collect and use as a data controller. For much of the Personal Information we collect and process through the Twenty20 Platform, we act as a processor/service provider and will only process such information on behalf of and in accordance with the instructions of our customers (“Clients”) and their authorized users.
This Privacy Notice also does not apply to third-party software that integrates with the Hindsight Platform.
Hindsight is a leading provider of cloud-based construction management software, headquartered in Arizona, United States, but with offices all around the world. The Twenty20 Platform connects people, applications, and devices and construction firms manage risk and build quality projects safely, on time, and within budget.
Use of the Twenty20 Platform is governed by a separate agreement (“Master Subscription Agreement”) that also covers the use and processing of data provided by Clients and their authorized users, (collectively, “Client Data”), which may include Personal Information. The organization (e.g., your employer or another entity or person) that entered into the Subscription Agreement with Twenty20 controls their instance of the Twenty20 Platform (their “Instance”) and any associated Client Data. If you have questions about specific Instance settings and privacy practices, please contact the Client whose Instance you are using. If you have received an invitation to join an Instance but have not yet created an account, you should request assistance from the Client that sent the invitation.
Information We Collect
We collect information that personally identifies you and other personal information about you or users whose information you provide to us when you sign up for or use the Sites or the Twenty20 Platform (“Personal Information”). Personal Information may include:
Client Data: Clients and authorized users of the Twenty20 Platform with access to a Client’s Instance regularly provide Client Data to Twenty20 pursuant to their Subscription Agreement and as part of their use of the Twenty20 Platform. Twenty20 collects this information under the direction of its Clients and has no direct relationship with the individuals whose personal data it processes. We will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Client or as otherwise necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Instance Information: When we create/update an Instance, the Client may provide us with account information associated with the Instance, such as email address, business address, phone number, password, domain, and/or similar account details. This information may also include credit card or other financial account information in connection with an order to purchase the Twenty20 Platform. We use this information for account management and billing purposes.
Information You Provide to Us via the Sites: When using the Sites or signing up to use certain areas of the Sites, we may collect and receive the following information from you, including:
- your name, phone number, and other contact details, including the company you work for, for example when filling out a request via the Sites for a demo;
- your username, password, and email when you register for an account to interact with portions of the Sites;
- the profile information you provide us when you create your account profile to use certain areas of the Sites;
- any information that you upload to the Sites and/or input into your account, including comments, forum posts, testimonials or blog entries that you may provide via our Sites, which may be visible to other users of our Sites; and
- any other information you may provide to us voluntarily through your use of our Sites.
The decision to provide this information is optional. However, if you choose not to provide the requested information, you may not be able to use some or all of the features accessible via the Sites. Where this is the case, we will make this clear when we ask you to provide the information.
Information from Other Sources: We may receive information about you from other sources, including your company or third parties who are Twenty20 customers/users, and combine this data with information we already have about you. This helps us update, expand, and analyze our records. If others give us your information, we will only use that information for the specific reason for which it was provided to us.
Information We Collect Automatically: We automatically collect information regarding the actions you take on the Sites and Twenty20 Platform. In jurisdictions within the European Economic Area (“EEA”) and some jurisdictions, this information is considered Personal Information under applicable data protection laws. This type of usage data helps us understand trends in our users’ needs so we can better consider new features or otherwise tailor the Twenty20 Platform and the Sites. We may share this usage data with third parties for various purposes, including to help us better understand our customers’ needs and improve the Twenty20 Platform and the Sites.
When you use the Sites or Twenty20 Platform, some examples of the usage data we may collect include:
- the type of Web browser you use;
- your operating system;
- your web request;
- your Internet Service Provider;
- location data, such as your IP address;
- referring/exit pages and URLs;
- the pages you view and how you interact with links;
- the time and duration of your visits to the Sites or use of the Twenty20 Platform; and
- other information relating to your devices and your activity on the Sites and Twenty20 Platform.
We may store such usage data itself and such information may be included in databases owned and maintained by Twenty20 affiliates, agents, or service providers. We may use such information and pool it with other information, for example, to track the total number of visitors to our Sites or users of the Twenty20 Platform, the number of visitors to each page of our Sites, etc. We use this information to help us understand how people use the Sites and Twenty20 Platform, and to enhance the Sites and Twenty20 Platform.
Our mobile application for the Twenty20 Platform may collect certain additional information automatically, including the type of mobile device you use, your mobile device’s unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, available storage space, connection type (e.g., WiFi vs. cellular), and information about the way you use the application. We may also use GPS technology (or other similar technology) to determine your current location. If you do not want us to have your location information, you should turn off location services for the mobile application located in your account settings or in your mobile phone settings or within the mobile application.
We use mobile analytics software to allow us to better understand the functionality of our mobile software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded. We link certain information we store within the analytics software to authorized users for customer usage and metrics, and to aid in customer success.
We classify cookies in the following categories:
- Strictly Necessary Cookies,
- Performance Cookies,
- Functional Cookies, and
- Targeting Cookies.
You can remove persistent cookies and change your privacy preferences by following directions provided in your Internet browser’s “help” directory. However, certain features of the Sites or Twenty20 Platform may not work if you delete or disable cookies. Some of our service providers may use their own cookies and web beacons in connection with the services they perform on our behalf, as further explained below.
Do Not Track: At this time, Twenty20 does not recognize automated browser signals regarding tracking, including “do-not-track” signals.
Third Party Technologies: Third parties, such as ad servers, ad networks, and data exchanges (“Advertisers”) may place or recognize a unique cookie on your computer or use other technologies such as web beacons so that they can tailor their advertisements to your apparent interests and deliver those advertisements to you while you are on our Sites. In addition, Advertisers use technologies (such as cookies, pixels, and web beacons) to collect information about your browsing behavior on our Sites which they may match with information they have previously collected. Our Privacy Notice does not cover any use of information that Advertisers may collect from you or that you choose to provide to them. For information about how to opt out of receiving certain behavioral advertisements, please visit this website (or this one if located in the European Union). Please note this does not opt you out of being served ads. You will continue to receive generic ads.
Social Media Widgets: Our website includes social media features, such as the Facebook Like button, and widgets, such as the “Share this” button or interactive mini-programs that run on our website. These features may collect your Internet protocol address, which page you are visiting on our website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy statement of the company providing the features.
How We Use Your Information
We may use your Personal Information for the following purposes:
Provision and Monitoring of the Sites and the Twenty20 Platform: We will use your Personal Information to provide you with access to and to support your use portions of the Sites and of the Twenty20 Platform, and to monitor your use of the Sites and the Twenty20 Platform.
Surveys, Contests, and Other Special Offers: From time to time, we may offer our users the opportunity to participate in surveys, contests, and other special offers. If you elect to participate in these services, you will need to provide certain Personal Information.
Questions and Requests: If you contact us by email or otherwise, we will use the Personal Information you provide to answer your question or resolve your problem.
Contacting You About Other Products, Services, and Events: Twenty20 and, if you opt-in, third parties may use your Personal Information to contact you in the future to tell you about products, services, and events that may be of interest to you. You can find information on how to opt-out of contact from Twenty20 in the “Your Rights” section below.
Marketing, Research, and Data Analysis: In an ongoing effort to better understand and serve the users of the Sites and the Twenty20 Platform, Twenty20 may conduct research on its customers’ and users’ demographics, interests, and behavior based on Usage Data and other information provided to us. This data may be compiled and analyzed on an aggregate and/or anonymized/deidentified basis, and Twenty20 may share this data with advertisers, researchers, business partners, publications, and other third parties. This information will not identify you or users personally.
Service Improvement: We may use your Personal Information, aggregated Personal Information, and other information collected through the Sites and Twenty20 Platforms to help us improve the content and functionality of the Sites and Twenty20 Platform, to better understand our users, and to improve the Sites and the Twenty20 Platform.
Order Fulfillment: We may use your Personal Information that you provide to fulfill any orders you may place for the Twenty20 Platform or other products and services offered by Twenty20.
Testimonials: We display personal testimonials of satisfied customers on our site in addition to other endorsements. By posting a testimonial, you give your consent for Twenty20 to use your testimonial, along with your name, in all media.
Blog: Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them.
Who We Share Your Personal Information With
You may make certain of your Personal Information available to others, such as your name or username, for example when you create a profile or submit public queries. This information may be accessed by users who use the Sites or Twenty20 Platform and may be accessed by commercial search engines such as Google, Yahoo, and Bing to the extent that such engines are permitted to access the Sites or Twenty20 Platform.
We may disclose your Personal Information to the following categories of recipients:
- our subsidiaries who provide data processing services to us (for example, to support the delivery of the Twenty20 Platform);
- co-sponsors of events you attend, or other businesses that we believe to be trustworthy and have privacy practices consistent with ours (“Subprocessors”). For example, we contract with Subprocessors to provide certain services, such as hosting and maintenance, accounting, data analytics, data storage and management, and marketing and promotions, most of which are located in the United States. We only provide our Subprocessors with the information necessary for them to perform these services on our behalf. Each Subprocessor must agree to use reasonable security procedures and practices, appropriate to the nature of the information involved, to protect your Personal Information from unauthorized access, use, or disclosure. Subprocessors are prohibited from using Personal Information other than as specified by Twenty20;
- in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Twenty20 will cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose Personal Information and any other content and information about you to government or law enforcement officials or private parties if, in our discretion, we believe it is necessary or appropriate in order to respond to or comply with legal requests (including court orders and subpoenas), to protect the safety, property, or rights of Twenty20 or of any third party, to prevent or stop any illegal, unethical, or legally actionable activity, or to comply with the law;
- a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger, or acquisition of any part of our business, provided that we inform the buyer it must use your Personal Information only for the purposes disclosed in this Privacy Notice; and
any other person with your consent to the disclosure.
Be Careful When you Share Information with Others
Please be aware that whenever you share information on a publicly available page or any other public forum on the Sites or Twenty20 Platform, others may access that information. In addition, please remember that when you share information in any other communications with third parties, that information may be passed along or made public by others. This means that anyone with access to such information can potentially use it for any purpose, including sending unsolicited communications.
At Twenty20, we’re serious about information security, and have implemented numerous security measures to achieve that goal.
You should be aware that no data transmission over the internet or other network can be guaranteed to be 100% secure. As a result, while we strive to protect information transmitted on or through the Sites or Twenty20 Platform, we cannot and do not guarantee the security of any information you transmit on or through the Sites or Twenty20 Platform, and you do so at your own risk. If you have any questions about the security of your Personal Information, you can contact us using the information provided in the How to Contact Us section below.
We do not knowingly collect Personal Information from children under the age of 13. If we become aware that we have inadvertently received Personal Information from a child under the age of 13, we will delete such information from our records.
International Data Transfers
Your Personal Information may be transferred to and processed in countries other than the country in which you are a resident. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective). Specifically, our Sites and Twenty20 Platform are hosted in the United States and our group companies and third-party service providers operate around the world.
However, we have taken appropriate safeguards to require that your Personal Information will remain protected in accordance with this Privacy Notice.
We will retain your information for as long as your account is active or where we have an ongoing business need to do so (for example, to comply with applicable, legal, tax, or accounting requirements). We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
When we have no ongoing legitimate business need to process your Personal Information, we may either delete or deidentify it, or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible.
Identifying the Data Controller and Processor/Service Provider
Some jurisdictions differentiate between a “controller” and a “processor”/”service provider” of information. Typically, a Client is the controller of Client Data. Twenty20 is typically the processor/service provider of Client Data (e.g., data provided via the Twenty20 Platform) and the controller of other information (e.g., information provided to us via the Sites).
Individuals who seek access, or who seek to correct, amend, or delete inaccurate Client Data should direct their queries to the Twenty20 Client (the data controller). If you are a customer or employee of one of our Clients and would no longer like to be contacted by one of our Clients that uses the Twenty20 Platform, please contact the Client that you interact with directly. If our Client requests that Twenty20 remove data we will respond according to appropriate data protection laws.
You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to use some of our features.
Cookies: You can accept or reject cookies for our websites by adjusting your web browser controls.
Marketing Communications: You can opt-out of receiving promotional or marketing communications from us at any time by using the unsubscribe link in the email communications we send or by filling out this Web Form. To opt-out of non-email forms of marketing (such as postal marketing or telemarketing), please contact us using the contact details provided in the How to Contact Us section below. If you set up an account on our Site or for the Twenty20 Platform, we will still send you non-promotional communications like service-related emails.
Upon request Twenty20 will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Information. You can always review, correct, delete, or update your Personal Information by changing the relevant settings in your Twenty20 account or by emailing us at the address provided below. We will respond to your request at the latest within a month.
California Residents: The California Consumer Privacy Act (“CCPA”) allows California residents, upon a verifiable consumer request, to request access, in a portable and (if technically feasible) readily usable form, to certain items and categories of Personal Information that we have collected about the consumer, the categories of sources for that information, the business or commercial purposes for collecting the information, and the categories of third parties with which the information was shared. California residents also have the right to submit a request for deletion of information under certain circumstances. Consistent with California law, if you choose to exercise your rights, we won’t treat you negatively for making such a request. If you wish to submit a request, please email us at firstname.lastname@example.org . Please note that you must verify your identity and request before further action is taken. As a part of this process, government identification may be required. Consistent with California law, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government-issued identification.
We do not sell Personal Information to third parties. As described above, we do allow third parties to collect Personal Information through our Sites and share Personal Information with third parties for the business purposes described in this Privacy Notice, including advertising and marketing on our Sites and elsewhere based on users’ online activities over time and across different sites, services, and devices.
Third Party Links
Privacy Notice Changes
From time to time, we may change this Privacy Notice. When we do, we will take appropriate measures to inform you if necessary, consistent with the significance of the changes we make. For example, we may give you or our Client notice by posting the revised Privacy Notice on the Sites prior to the change becoming effective.
Any changes will go into effect on the effective date shown in the revised Privacy Notice. You can see when this Privacy Notice was last updated by checking the “Effective Date” at the top of this Privacy Notice.
Please print a copy of this Privacy Notice for your records.
How to Contact Us
If you have questions or concerns about our use of your Personal Information, please contact us at:
Hindsight Technologies, LLC
PO BOX 642
Queen Creek, Arizona 85142
For the purposes of California data protection legislation, the data controller of your Personal Information is:
- Hindsight Technologies, LLC. if you are a visitor to the Sites
- The relevant Client if you are a user of the Twenty20 Platform