Privacy Policy
Last Update: November 22, 2024
SuSea, Inc. and its affiliates (“we,” “our,” or “us”) value the privacy of individuals who use our website located at you.com, apps, and related services (collectively, our “Services”). The Services provide a productivity engine that helps customers leverage AI (via multiple large language models also known as LLMs) to accomplish work and general information retrieval. We collect data to perform these Services, to understand how our consumers use the service, to identify new features and opportunities, debug platform issues, fund the services via ads, and to protect the platform from fraud and abuse. Such data processing is conducted for the following reasons:
- When we have a legal duty.
- To fulfill our contract with you.
- When it is in our legitimate interests, data processing is necessary to achieve those interests and our interests are not overridden by your interests or fundamental rights and freedoms.
- With your consent, when needed and if applicable.
The section titled “How We Share the Information We Collect” in this Privacy Policy provides information on the Affiliates, Service Providers, and third parties with whom we share information.
This privacy policy (the “Privacy Policy”) explains how we collect, use, and share information from or about you.com users (“Users” or “you” or “your”) or their devices. By using our Services, you acknowledge the collection, use, disclosure, and procedures this Privacy Policy describes. Beyond the Privacy Policy, your use of our Services is also subject to our Terms of Service and our Cookie Notice.
Unless otherwise specified herein, this Privacy Policy also applies to our enterprise subscription customers with whom we have a Master Services Agreement (our “Enterprise Customers”) and their users, as well as paid subscribers to our Services such as ProPlan or Team Plan subscribers (our “Paid Subscribers). In the event of a conflict between the terms of this Privacy Policy and the terms of an Enterprise Customer’s Master Services Agreement, the terms of the latter will control.
Finally, as noted in our Terms of Service at Section 5.1, this Privacy Policy assumes that in accessing our Services you will not include in any prompts (or disclose, send or transmit to you.com), or to upload any sensitive, personal information or personally identifiable information that is subject to specific regulations or laws that impose increased protections and/or obligations with respect to handling that type of information (including, but not limited to, personal financial, health, social security numbers or other government identification numbers, ethnicity, sexual orientation and political affiliations), such as HIPAA or GLBA, or under international regulations such as GDPR, or any other information where unauthorized disclosure could cause material or severe harm or impact to you.com or third parties. Please do not enter such sensitive personal information in prompts or otherwise share such information that could enter our systems.
Information We Collect
We collect any information that you provide to us, including when you create your account, submit your preferences, or contact us. We also collect information about your device and the ways you use and interact with our Services.
We may collect a variety of information from or about you or your devices from various sources, as described below.
If you do not provide your information when requested, you may not be able to use our Services if that information is necessary to provide you with our Services or if we are legally required to collect it.
Registration and Profile Information. When you sign up for an account, we ask you for your name and email address.
Information We Obtain from Third Parties. If you choose to connect your account on a third-party platform or network to the Services, like using your Google account to access your you.com account, we receive information from Google. For example, this information may include your Google username, profile picture, and other profile information. You can see Google’s Privacy Policy here. In the future, we may allow other services to provide log-in services. If so, we will share log-in credentials with the provider and receive information you have shared with the log-in provider.
Careers. If you decide that you wish to apply for a job with us, you may submit your contact information and your resume online. We will collect the information you choose to provide on your resume, such as your education and employment experience.
Please note that if you submit your resume to us, we may rely on artificial intelligence tools to assess your candidacy. We cannot guarantee or assert the reliability or legality of these tools, but considering the thousands of applicants, we must rely on the latest technologies to assist us with the hiring process. Nevertheless, we will endeavor to use the best tools on the market, while abandoning any tools that are proven to be unreliable or discriminatory.
By submitting your contact information or resume to us, you acknowledge and consent to our usage of such tools.
Device Information. We receive information about the device and software you use to access our Services, including internet protocol (IP) address, web browser type, operating system version, and device identifiers.
Usage Information. To help us understand how you use our Services, to better personalize them to you, to help us improve them, and to communicate and market to you in the most relevant ways, we automatically receive information about your interactions with our Services, like the pages or other content you view, and the dates and times of your visits.
Fraud Detection. You.com collects user telemetry for abuse and security monitoring purposes. Telemetry might include IP address, client identification signals such as browser user-agent, and actions performed on the platform. For a description of user-agents, see here.
Payment Information. We may receive your payment details if you purchase services or to access services.
Information from Cookies and Similar Technologies. We collect information using only first-party cookies and similar technologies. Please review our Cookie Notice to learn more about our Cookie practices.
How We Use the Information We Collect
We use your information primarily to provide, personalize, maintain the security of, and improve the Services you use. We also use your information to communicate with you and to carry out our marketing; to protect you and others; and to exercise, defend or establish our rights.
We use the information we collect:
- To provide, maintain, improve, and enhance our Services;
- To understand and analyze how you use our Services and develop new products, services, features, and functionality;
- To personalize our services to our members;
- To communicate with you and provide you with updates and other information relating to our Services, provide information that you request, respond to comments and questions, and otherwise provide customer support;
- To process payments;
- For marketing purposes, such as developing and providing promotional materials that may be useful, relevant, valuable or otherwise of interest to you, as well as for advertising purposes and to make our advertising as relevant as possible;
- To generate anonymized, aggregate data containing only de-identified, non-personal information that we may use for any lawful purpose;
- To find and prevent fraud, and respond to trust and safety issues that may arise;
- For compliance purposes, including enforcing our Terms of Service or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency; and
- For other purposes for which we provide specific notice at the time the information is collected.
You are in control of your profile information and email preferences:
- You can unsubscribe from our promotional emails via the link provided in the emails. Even if you opt-out of receiving promotional messages from us, you will continue to receive administrative messages from us.
- You can request the deletion of your user profile and all data associated to it by emailing us at [email protected].
How We Share the Information We Collect
We share your information with third party vendors who help us to provide and enhance our Services and marketing. We share information with the following categories of third parties.
Who we share with. We may share any information we receive with vendors and service providers retained in connection with the provision of our Services. We have agreements in place with vendors and service providers to address how they may use your information.
- Affiliates. Our corporate parent, subsidiaries, and affiliates, for purposes consistent with this Privacy Policy.
- Service providers. Companies and individuals that provide services on our behalf or help us operate the Services or our business (such as hosting, information technology, customer support, email delivery, communications channels and website analytics services).
- We have service provider relationships and use various Large Language Model (LLM) providers including OpenAI, Anthropic, and Google. The privacy policies to each of these is linked to the name of the service providers noted here.
- As of the date of this Privacy Policy, we use services such as Google Analytics and Google Tag Manager and AppsFlyer for analytics, website optimization (to see what parts of our website users like the most), and to help us improve our advertising and marketing efforts. You can see Google's privacy policy here. You can see the AppsFlyer services privacy policy here.
- We use either Stytch or Descope for account management of consumer users (See Stytch privacy policy and Descope privacy policy, and Auth0 (Auth0 data processing terms) for API users.
- We use Amazon Web Services for various content hosting (Amazon privacy policy).
- We use Stripe for payment processing. Stripe's privacy policy is here.
- We provide these vendor details to provide additional transparency but don’t guarantee that this list is current or complete.
- Advertising partners. Third party advertising companies for the interest-based advertising purposes described above. The disclosure of this information may constitute a data “sale” under certain privacy laws.
- Professional advisors. Professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
- Authorities and others. Law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance and protection purposes described above.
- Business transferees. Acquirers and other relevant participants in business transactions (or negotiations for such transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests (including, in connection with a bankruptcy or similar proceedings).
Advertisements. Advertising allows us to provide, support, and improve some of our products, when using our Services without a paid subscription. We do not use what you say in email, documents, photos, or other personal files to target ads to you. We use other data, detailed below, for advertising on our Services. For example:
- We may use data we collect, such as de-identified chat data, to select and deliver some of the ads you see on our Services.
- Third parties may access and use the advertising ID (much the same way that websites can access and use a unique identifier stored in a cookie) to select and deliver ads.
- We may share de-identified information/data we collect with our advertisers, so that the ads you see are more relevant and valuable to you.
The ads that you see may also be selected based on other information learned about you over time using demographic data, location data, and chat queries.
Neither Enterprise Customers nor Paid Subscribers are subject to the above noted advertisements.
Data collected by other advertising companies. Advertisers sometimes include their own web beacons (or those of their other advertising partners) within their advertisements that we display, enabling them to set and read their own cookie. These third parties may place cookies on your computer and collect data about your online activities across websites or online services. These companies currently include, but are not limited to, Microsoft only. Select any of the preceding links to find more information on each company's privacy practices, including the choices it offers. Many of these companies are also members of the NAI or DAA, which each provide a simple way to opt out of ad targeting from participating companies.
Neither Enterprise Customers nor Paid Subscribers are subject to such advertiser data collection practices.
As Required By Law and Similar Disclosures. We may access, preserve, and disclose your information if we believe doing so is required or appropriate to: (a) comply with law enforcement or otherwise lawful requests and legal process, such as a court order or subpoena by public authorities to meet national security or law enforcement requirements; (b) respond to your requests; or (c) protect your, our, or others’ rights, property, or safety.
Merger, Sale, or Other Asset Transfers. We may disclose and transfer your information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our business or assets.
Consent. We may disclose information from or about you or your devices with your permission.
Links to Other Websites or LLM Tools. Our Services contain links to other websites that are not owned or controlled by us, such as 3rd party websites in chat responses, our advertisers (not applicable to Enterprise Customers or Paid Subscribers), and other business partners. This Policy only applies to information collected by our Services. We have no control over these third party websites, and your use of third party websites and features are subject to privacy policies posted on those websites. We are not responsible or liable for the privacy or business practices of any third party websites linked to our Services. Your use of third parties' websites linked to our Services is at your own risk, so we encourage you to read the privacy policies of any linked third party websites when you leave one of our Services.
Your Rights Regarding Your Data
As explained below, you.com provides ways for you to access and delete your personal information as well as exercise applicable data rights that give you certain control over your information. Please note that we are subject to the investigatory and enforcement powers of the United States’ Federal Trade Commission (FTC).
Email Subscriptions. You can always unsubscribe from our commercial or promotional emails by clicking unsubscribe in those messages. We will still send you transactional and relational emails about your use of the you.com Services.
Push Notifications. You can opt out of receiving push notifications through your app settings. Please note that opting out of receiving push notifications may impact your use of the you.com Services (such as notice of Services enhancements).
Profile Information. You can review and edit certain account information you have chosen to add to your profile by logging in to your account settings and profile.
Location Information. You can prevent your device from sharing location information through your device’s system settings. But if you do, this may impact you.com’s ability to provide you our full range of features and services.
Accessing Your Information. If you would like to access your information, please email us at [email protected]. You can also see information we have about you by logging into your account and viewing things like your profile, settings, and preferences.
Deleting Your Account. If you would like to delete your you.com account, please email us [email protected]. In some cases, we will be unable to delete your account, such as if there is an issue with your account related to trust, safety, or fraud. When we delete your account, we may retain certain information for legitimate business purposes or to comply with legal or regulatory obligations. For example, we may retain your information because we may be obligated to do so as part of an open legal claim. When we retain such data, we do so in ways designed to prevent its use for other purposes.
Regardless of where you live, and subject to our obligations under applicable laws, you may have certain rights and choices regarding your information. For example, in addition to choices described elsewhere in this Privacy Policy, you may have some or all of the following rights and choices in general:
B) General Regional Rights- Access Rights: You may have the right to receive certain information, such as the following (these rights, and the applicable types of data and time periods, will vary depending on the laws applicable to the state or country in which you reside):
- The categories of information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for collecting your information; and the categories of third parties with whom we shared your information.
- Access to and/or a copy of certain information we hold about you.
- In some circumstances, you may have the right to obtain certain information in a portable format.
- Erasure: You may have the right to request that we delete certain information we have about you. We may either decide to delete your information entirely, or we may anonymize or aggregate your information such that it no longer reasonably identifies you, and may use it to improve our Services. Certain information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide our Services to you, we may be required to retain certain information for legal purposes, and there may be other reasons we may need to keep certain information under various applicable laws. In addition, if you ask us to delete your information, you may no longer be able to access or use some of our Services.
- Correction: You may have the right to request that we correct certain information we hold about you.
- Limitation of Processing: Certain laws may allow you to object to or limit the manner in which we process some of your information, including the ways in which we use or share it. For example, you may have these rights if the processing was undertaken without your consent and without a legitimate business interest (although we may not be required to cease or limit processing in cases where our interests are balanced against your privacy interests).
- Regulator Contact: You may have the right to contact or file a complaint with regulators or supervisory authorities about our processing of information. To do so, please contact your local data protection or consumer protection authority.
- Postings by Minors: Users of our Services under the age of 18 in certain jurisdictions have the right to require that we delete any content they have posted on one of our Services.
- Other: You may have the right to receive information about any financial incentives that we may offer to you, if any. You may also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights.
If you believe that you have specific rights under your jurisdiction and you would like to exercise any of these rights, please submit a support request via email to us at [email protected]. Other than a simple marketing opt-out, you will be required to verify your identity before we fulfill your request. In certain jurisdictions, you may be able to designate an authorized agent to make a request on your behalf, subject to certain requirements of your applicable law. We may require that you provide the email address we have on file for you (and verify that you can access that email account) as well as an address, phone number, or other data we have on file, in order to verify your identity. If an agent is submitting the request on your behalf, we reserve the right to validate the agent’s authority to act on your behalf, and we may be required to take additional verification measures under applicable law.
C) Important Information for EU and United Kingdom UsersIf you are a user from the European Union or United Kingdom you should be aware that we are joint controllers of your information (Data Controller) under the EU General Data Protection Regulation (“GDPR”), the UK General Data Protection Regulation (“UK GDPR”), and such similar laws promulgated in the various EU countries.
You may have certain additional rights regarding your information (as defined in the GDPR and UK GDPR, for instance), including the right to:
- access your information;
- rectify your information if it is incorrect or incomplete;
- have your personally identifiable information erased (“right to be forgotten”) if certain grounds are met;
- withdraw your consent to our processing of your information at any time, but only if our processing is based on consent;
- object to our processing of your information, if our processing is based on legitimate interests;
- object to our processing of your information for direct marketing purposes; and
- receive your information from us in a structured, commonly used, and machine-readable format, and
- the right to transmit your information to another controller without hindrance from us (data portability).
There is no charge for any of these requests. To make a request, please contact us at [email protected]. We try to respond to such requests in a timely manner, but in no event longer than one month.
When we collect your information, we maintain and store it for as long as we determine reasonably necessary to provide our Services to you, unless you exercise your right to erasure described above, or to comply with applicable legal requirements.
If you are a citizen of the European Union or United Kingdom, when we process your information, we will only do so in the following situations:
- We have a contractual obligation.
- You have provided your consent. You are able to remove your consent at any time, and you may do this by contacting us at [email protected].
- We have a legal obligation.
- We have a legitimate business interest in processing your information. For example, we may process your information to send you marketing communications, relevant content, products or events invitations, or to communicate with you about changes to our Services, and to provide, secure, or improve our Services.
You should be aware that information that you provide to us may be transferred out of the country in which you reside to servers in a country that may not guarantee the same level of protection as the one in which you reside. We do this for a legitimate business purpose in providing the Services as permitted under UK and EU privacy laws, and therefore specific consent is not required under the EU and UK legal schema. We will take all steps reasonably necessary to ensure that your information is treated securely in accordance with this Privacy Policy, and no transfer of your information will take place to a third party unless there are adequate controls in place to protect your information and/or you have provided contractual consent by becoming a User.
If you are a User in the European Union or United Kingdom and have a concern about our processing of personal information that we are not able to resolve, you have the right to lodge a complaint with the data privacy authority where you reside. For contact details of your local Data Protection Authority, please see: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.
D) Information for U.S. ResidentsVarious U.S. states (e.g., as of the date of this Policy, California, Colorado, Connecticut, Delaware, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah and Virginia) currently allow or will soon allow consumers to opt out of sharing of their data. As such, residents of those states may request that we:
- Disclose the sources, categories, and specific pieces of information we have collected about you, how that information is used, and with whom we share it
- Disclose the purpose for collecting your information
- Disclose the categories of third parties with whom we share your information
- Delete/rectify/restrict personally identifiable information, subject to certain exceptions (right of rectification not applicable to Utah residents)
- Though not specifically applicable to us, to disclose, for any “sales” of personal information, the categories of personal information collected and sold and to what categories of third parties it was sold
- Though not specifically applicable to us, to opt you out of sales of your information (if any) or subject certain information to automated decision-making algorithms (not applicable to Utah residents)
- Provide a copy of your information in a readily usable format that allows the information to be transmitted to others
- Residents in these states may not be discriminated against for exercising any of the rights described above.
Residents of these states may exercise these rights by emailing us at [email protected]. Note that if a state law has been ratified but not yet effective, we reserve the right to deny your request as it pertains to that state. Finally, if you are a Colorado resident, please note that we do not require or seek to process any of your sensitive personal information (defined as personal data that reveals racial or ethnic origin, religious beliefs, sexual orientation and biometric information). As noted in the first page of this Policy, if you are a Colorado resident, please do not enter such sensitive personal information in prompts or otherwise share such information that could enter our systems.
We do not process any data of children.
In general, we, including our vendors and service providers, collect the following California regulated categories of personal information (PI) from you:
Category |
Examples |
Collected |
A. Identifiers. |
A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers. |
YES |
B. PI categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). |
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, license or state identification card number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some information included in this category may overlap with other categories. |
NO |
C. Protected classification characteristics under California or federal law. |
Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information).
|
NO |
D. Commercial information. |
Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
NO |
E. Biometric information. |
Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. |
NO |
F. Internet or other similar network activity. |
Browsing history, search history, information on a consumer's interaction with websites, services, or advertisement. |
YES |
G. Geolocation data. |
Physical location or movements. |
YES |
H. Sensory data. |
Audio, electronic, visual, thermal, olfactory, or similar information. |
YES |
I. Professional or employment-related information. |
Current or past job history or performance evaluations. |
NO |
J. Non-public education information |
Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. |
NO |
K. Inferences drawn from other PI. |
Profile reflecting a person's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. |
YES |
Sharing Your Information for a Business Purpose
In the preceding twelve (12) months, we have disclosed the following categories of Personal Information for a business purpose with our Affiliates and Service Providers:
- Category A: Identifiers such as real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address
- Category F: Internet or other similar network activity
- Category G: Geolocation data
- Category H: Sensory data
- Category K: Inferences drawn from other PI
Shine Your Light Law. Under California law, California residents are entitled, once per calendar year, to ask us for a notice identifying the categories of personal customer information that we share with certain third parties for the third parties' direct marketing purposes, and providing contact information (i.e., names and addresses) for these third parties. If you are a California resident and would like a copy of this notice, please submit a written request to us via email at [email protected]. You must put the statement "Your California Privacy Rights" in your request and include your name, street address, city, state, and ZIP code. We are not responsible for notices that are not labeled or sent properly or do not have complete information.
Opt-Out of Sale in U.S. We do not currently “sell” (as defined by the California Consumer Privacy Act and other U.S. state laws) any personal information subject to this Privacy Policy, and we do not exchange information for any type of financial incentive. Information shared with our advertisers is not considered personal information, as none of the data exchanged could lead to the identification of you as an individual (i.e., at minimum it is de-identified).
Do Not Track. Some Internet browsers may be configured to send "Do Not Track" signals to the online services that you visit. We currently do not respond to "Do Not Track" or similar signals. To find out more about "Do Not Track," please visit www.allaboutdnt.com. This is distinct from any response to opt-out signals such as Global Privacy Control (aka GPC).
Children’s Privacy
We do not knowingly collect, maintain, or use personal information from children under 18 years of age, and no part of our Services are directed to children. If you learn that a child you are a guardian or parent of has provided us with personal information in violation of this Privacy Policy, then you may alert us at [email protected].
Security
We work hard to protect your information.
We make reasonable efforts to protect your information by using physical and electronic safeguards designed to improve the security of the information we maintain. However, as our Services are hosted electronically, we can make no guarantees as to the security or privacy of your information.
As part of our security program, we use vendors with recognized world-class security such as AWS, Stripe, and Google. AWS security documentation is here. Stripe’s security practices are here. Google’s security is described here. We also limit the type and amount of personal information we collect in the first place. All our communications and websites are encrypted (using transport layer security, or TLS, a leading encryption protocol).
Affirmative Commitment to Comply with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF
Su-Sea, Inc. (dba you.com) complies with the EU-U.S. Data Privacy Framework (the “EU-U.S. DPF”) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (the “Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. Su-Sea, Inc. (dba you.com) has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (the “EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Su-Sea, Inc. (dba you.com) has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (the “Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
Our Liability for Onward Transfers
Under the DPF’s Accountability for Onward Transfer Principle (the “DPF Principle”), as a joint controller of your data, we comply with the DPF’s Notice and Choice Principles. Furthermore, under the Recourse, Enforcement and Liability Principles of the DPF, we are responsible for the processing of personal information, including transfers to third parties acting as agents on our behalf. To that end, we remain liable under the DPF Principles, if our third party agent processes your personal information in a manner that is inconsistent with the DPF Principles, unless we prove that we are not responsible for the event giving rise to the damage.
Contact Information, Inquiries or Complaints
You can contact us with your questions, comments, or concerns.
Specifically in compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Su-Sea, Inc. (dba you.com) commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Su-Sea, Inc. (dba you.com) at:
[email protected] or write to us at:
SuSea, Inc.
Attention: Data Privacy Officer
228 Hamilton Ave, Floor 3
Palo Alto CA 94301
Alternative Dispute Resolution
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Su-Sea, Inc. (dba you.com) commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States, but with facilities in the European Union, the United Kingdom, and/or Switzerland. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Note also that Su-Sea, Inc. (dba you.com) is obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to our organization and following the procedures and subject to conditions set forth in Annex I of Principles. For more information, please visit: https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction
Changes to this Privacy Policy
We will let you know about any material changes to this Privacy Policy.
We will post any adjustments to the Privacy Policy on this page, and the revised version will be effective when it is posted. If we materially change the ways in which we use or share personal information previously collected from you through the Services, we will notify you through the Services, by email, or other communication (such as posting on this website).
Cookie Notice
We and our affiliates, third parties, and other partners use cookies and other identification technologies on our websites, mobile applications, email communications, advertisements, and other online services (collectively, the ‘Services’) for a number of purposes, including: authenticating users, remembering user preferences and settings, determining the popularity of content, delivering and measuring the effectiveness of advertising campaigns, analyzing site traffic and trends, and generally understanding the online behaviors and interests of people who interact with our Services. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our Services.
You can read more here about the types of cookies we use, why we use them, and how you can exercise your choices.
Cookies and related technologies overview
Cookies are small text files that are stored on your browser or device by websites, apps, online media, and advertisements that are used to remember your browser or device during and across website visits. We also utilize other technologies that may identify you or the devices you use. For example, ‘pixel tags’ (also called beacons) are small blocks of code installed on (or called by) a webpage, app, or advertisement which can retrieve certain information about your device and browser, including, for example: device type, operating system, browser type and version, website visited, time of visit, referring website, IP address, advertising identifiers, and other similar information, including the small text file (the cookie) that uniquely identifies the device. Pixels provide the means by which third-parties can set and read browser cookies from a domain that they do not themselves operate and collect information about visitors to that domain, typically with the permission of the domain owner. ‘Local storage’ refers generally to other places on a browser or device where information can be stored by websites, ads, or third-parties (such as HTML5 local storage and browser cache). ‘Software Development Kits’ (also called SDKs) function like pixels and cookies, but operate in the mobile app context where pixels and cookies cannot always function. The primary app developer can install pieces of code (the SDK) from partners in the app, and thereby allow the partner to collect certain information about user interaction with the app and information about the user device and network information.
Your choices
You have the right to choose whether or not to accept cookies. However, they are an important part of how our Services work, so you should be aware that if you choose to refuse or remove cookies, this could affect the availability and functionality of the Services.
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. To do so, please follow the instructions provided by your browser which are usually located within the ‘Help’ or ‘Preferences’ menu. Some third-parties also provide the ability to refuse their cookies directly by clicking on an opt-out link, and we have indicated where this is possible in the table below.
For further information about cookies, including how to see what cookies have been set on your device and how to manage and delete them, you can visit https://www.youradchoices.com.
For mobile users, you have controls in your device Operating System that enables you to choose whether to allow cookies, or share your advertising ID with companies like ours or our advertising service providers. For information on controlling your mobile choices, you can visit https://www.networkadvertising.org/mobile-choices.
To help control or block certain ads in mobile applications, you may choose to download the DAA mobile app to activate control and block features.
Types and purposes of cookies
The following table sets out the different categories of cookies that our Services use and why we use them. The lists of cookie providers are intended merely as illustrative and should not be viewed as a comprehensive list.
Types of Cookie |
Purpose |
Who Serves (for example) |
Strictly necessary |
These cookies (including local storage and similar technologies) are essential to enable your use of the site or services, such as assisting with your account login, so we can show you the appropriate experience and features, such as your account information, session history, and to edit your account settings. They may also provide authentication, site security and help localize the language based on the geography of your visit. |
you.com; Hubspot; Stripe; Auth0; Stytch; Cloudflare; Descope |
Site features and services |
These provide functionality that help us deliver products and Services. For example, cookies help you log in by pre-filling fields. We may also use cookies and similar technologies to help us provide you and others with social plug-ins and other customized content and experiences, such as making suggestions to you and others. |
you.com; Hubspot; Stripe; LaunchDarkly |
Analytics, marketing, performance and research |
These are used to understand, improve and research products and Services, including when you access our website and related websites and apps from a computer or mobile device. For example, we may use cookies to understand how you are using site features, for marketing purposes by advising you of improvement to our platform, and for segmenting audiences for feature testing. We and our partners may use these technologies and the information we receive to improve and understand how you use websites, apps, products, services and ads. |
Hubspot; Moesif; GoogleAnalytics; AppsFlyer; GoogleAds |