Privacy Policy

Last updated: May 13th, 2024

Updates in this version: Added additional language to acknowledge sharing information with police and other authorities when property is related ongoing investigations of theft.

Data privacy is important. Please read this carefully.

We respect your privacy. This Privacy Policy explains our privacy practices and how we handle the information we process. When you use Liff Happens, Inc. websites, services, applications, and documentation, you are agreeing to the collection, transfer, manipulation, storage, disclosure, and other uses of your information as described in this Privacy Policy.

If you have feedback or suggestions on our Privacy Policy, please email us at support@liffhappens.com.

At Liff Happens, Inc. (“Liff”), we respect and protect the privacy of visitors to our website (together with the other accounts and websites we own or control, the “Liff Websites”), and our customers who use our Lost and Found platform, Protect registration tools, and management services offered on the Liff Websites (together with the Liff Websites, the “Service”). This Privacy Policy (“Policy”) explains how we collect and use (“process”) visitors’ and customers’ information as part of the Service. Any discussion of your use of the Service in this Policy is meant to include your visits and other interactions with the Liff Websites, whether or not you are a customer or user of our Lost and Found platform and Protect registration tools. 

Liff strives to follow these concepts when it processes personal information:

  1. Transparency. We tell you what we are collecting. We disclose the subprocessors that we use to provide the Service. We do not give, sell, rent, or loan personal information to third parties.

  2. Purpose limitation. We process personal information for the reasons that we tell you when collecting it (or that you tell us). We collect what is necessary to fulfill that purpose.

  3. Security. We take reasonable and appropriate measures to protect personal information.

  4. Individuals rights. We provide you with access to your personal information and allow you to exercise your rights in that information. Opt-out requests are promptly honored.

What information does Liff process?

“Personal information” is information or an information set that identifies or could be used by or on behalf of Liff to identify an individual.

We process the following personal information: name, username, address, email, phone, IP address, credit card, and payment information. Liff does not seek to collect any sensitive data through the Service (e.g., health status; political opinions or religious/philosophical beliefs; trade-union membership; or racial or ethnic origin).

“Other information” is any information that is not personal information. Other information includes:

  • “Usage Data” is encoded or anonymized information or aggregated data about a group or category of services, features, or users which does not contain personal information. Usage Data helps us understand trends in usage of the Service so that we can better consider new features or otherwise tailor the Service. In addition, we may share Usage Data with customers, partners, and service providers for various purposes which include helping us better understand our customers’ needs, improving the Service, as well as for advertising and marketing purposes. We do not share Usage Data with third parties in a way that would enable them to identify you personally.

  • “Log files” are information gathered from website usage which includes internet protocol addresses as well as browser, internet service provider, referring/exit pages, operating system, date/time stamp, and clickstream data. We use this information to analyze trends, administer and maintain the Service, or track usage of various features within the Service. Occasionally (e.g., in response to an error, inquiry, investigations), we may link a specific log file to an individual to improve the Service.

  • “Cookies” are used to assist in collecting Other Information. For more details about how we use cookies, please see our Cookie Notice below.

Why does Liff process personal information?

We need to process personal information to provide the Service

When you register for the Service, we ask for personal information, such as your name, address, phone number, email address, credit card information, and mailing address.

Depending on the purpose it is collected for, Liff uses that information to:

  • Connecting contact information to a registered personal item (Protect)

  • Verifying ownership information to found property

  • Checking out found property and issuing a receipt of transaction

  • Facilitate payment for a shipment of found property

  • Continued communication of found property

  • Set up your account

  • Improve the content and functionality of the Service

  • Answer your questions or suggestions

  • Send you newsletters or other marketing materials

  • Administer your account, including identification, authentication, usage monitoring, security, logging, and back-ups

In all cases, Liff has a legal basis for processing personal information and the most common ones are: consent; necessary for the performance of (or at your request prior to entering into) a contract with Liff; or there is a legitimate interest.

You’ve asked us to

As a customer, you may ask us to process personal information as part of a contractual arrangement (e.g., DPA). In that case, we will only process information for the express purpose that you authorize us to.

When we are legally compelled to disclose it

Liff may disclose personal information in response to subpoenas, court orders, legal process, lawful requests by public authorities (including to meet national security or law enforcement requirements), or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.

In addition, if items reported through our service are related to theft or are under investigation by law enforcement, we may share your contact information with police or other authorities to assist in the investigation or recovery of these items. This cooperation helps in fulfilling our commitment to ensuring the safety and security of our users and their possessions.

Liff is not processing your personal data when you link or integrate with a third-party application website

The Service contains links to other websites and allows you to integrate with web applications that are not owned or controlled by Liff. Please be aware that we do not determine and are not responsible for the privacy practices or content of such other sites or applications. Once clicked or enabled, those third parties may share certain information with Liff. We encourage you to be aware when you leave the Service and to check the privacy settings and notices of those third parties to understand what data may be disclosed or processed.

Who does Liff share personal information with?

Liff uses subprocessors to assist with the delivery of the Service. These subprocessors have access to personal information only to assist Liff to process that data as you have authorized. All subprocessors are subject to a check in which Liff reviews privacy, security, and confidentiality practices. Liff currently uses the following subprocessors to assist it in providing its Lost and Found platform and Protect registration tools.

  • Google Inc. (Cloud Service Provider) (US)
  • Mailchimp (Email communication and user experience feedback) (US)
  • Twilio Inc. (Cloud communication services) (US)
  • Stripe, Inc. (Cloud based payment services) (US)
  • Easypost (Cloud shipping infrastructure) (US)
  • LOB.com, Inc. (Mail communication services) (US)
  • Hubspot, Inc. (Customer relationship management) (US)
  • Freshworks Inc. (Cloud service customer support) (US)
  • Brevo Inc. (Formerly Sendinblue, Email communication) (US)

Liff does not sell Personal Information.

How long is personal information retained?

Liff will retain personal information we process on behalf of our customers for as long as needed to provide Service to our customers, subject to our compliance with this Policy (and your rights as you choose to exercise them). We may further retain and use this personal information as necessary to comply with legal obligations, resolve disputes, enforce our agreements, and for legitimate interests.

What rights do you have to personal information?

Access, Correction, Objection, and Portability Rights

You have the right to request access to, rectification of errors in, or erasure of your personal information. You also have the right to object to the processing of your personal data and to receive a copy of your personal information in a structured, commonly used, and machine-readable format. For individuals in the EU, the United Kingdom, or Switzerland, you may always lodge a complaint with your local data protection supervisory authority.

If you wish to exercise the above rights, you can update or change the personal information you have provided Liff by logging into the Service and providing such additional information where applicable. Be advised that there may be legal conditions or limitations on these rights. If you have additional questions about exercising these rights, please contact us at support@liffhappens.com.

Opt-Out Rights

If you would like to stop receiving marketing communications from us, either email us at support@liffhappens.com or follow the unsubscribe instructions included in each marketing email.

How seriously does Liff take its data protection obligations?

Security of personal information

Liff is committed to ensuring the security of your personal information through reasonable and appropriate measures to protect it from loss, misuse, and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the personal data.

We utilize precautions to protect the confidentiality and security of the personal information within the Service, by employing technological, physical and administrative security safeguards, such as firewalls and other security procedures. For example, when you enter sensitive information (such as login credentials and all your activity on our Service platform), we encrypt the transmission of that information using transport layer security technology (TLS). These technologies, procedures, and other measures are used in an effort to ensure that your data is safe, secure, and only available to you and to those you authorized to access your data. However, no internet, email, or other electronic transmission is ever fully secure or error-free, so you should take care in deciding what information you send to us in this way.

Privacy Shield notice

Liff complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States in reliance on Privacy Shield (collectively, “Privacy Shield”). Liff has certified to the Department of Commerce that it adheres to the Privacy Shield Principles (under both the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework) with respect to such information. In cases where Liff receives personal information under Privacy Shield and subsequently transfer it to a third party subprocessor, Liff potentially remains responsible if personal information is processed in a manner inconsistent with the Privacy Shield Principles.

If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program and to view our certification, please visit https://www.privacyshield.gov/.

In compliance with the Privacy Shield Principles, Liff commits to resolve complaints about our collection or use of your personal information. Individuals in the European Union, the United Kingdom, or Switzerland with inquiries or complaints regarding our Privacy Shield policy should first email Liff at support@liffhappens.com. If a complaint remains unresolved, Liff has committed to refer such Privacy Shield complaints through the applicable Data Protection Authorities. Contact details for the EU data protection authorities can be found at https://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm. Contact details for the UK Information Commissioner’s Office (ICO) can be found at https://ico.org.uk/. Contact details for the Federal Data Protection and Information Commissioner (FDPIC) for individuals in Switzerland can be found at https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection—switzerland.html. Liff will cooperate with the appropriate Data Protection Authorities during investigation and resolution of complaints brought under Privacy Shield. These recourse mechanisms are available at no cost to you.

The Federal Trade Commission has jurisdiction over Liff’s compliance with this Policy and the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. As a last resort, privacy complaints that remain unresolved after pursuing the above channels may be subject to binding arbitration before the Privacy Shield Panel to be created jointly by the US Department of Commerce and the European Commission. For more details, see https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Adequacy decisions

The European Commission has determined that certain countries outside of the European Economic Area (EEA) adequately protect personal data, which means that data can be transferred from the European Union (EU) and Norway, Liechtenstein, and Iceland to that third country without any further safeguard being necessary. The UK and Switzerland have approved similar adequacy decisions. We rely on the following adequacy decisions in some cases:

Standard contractual clauses

Standard contractual clauses (SCCs) are written commitments between parties that can be used as a ground for data transfers from the EU to third countries by providing appropriate data protection safeguards. SCCs have been approved by the European Commission and can’t be modified by the parties using them (you can see the SCCs adopted by the European Commission herehere, and here). Such clauses have also been approved for transfers of data to countries outside the UK and Switzerland. We rely on SCCs for our data transfers where required.

No use of Liff by minors

Liff does not knowingly collect personal information from individuals below the age of 18. If we learn that we have collected or received personal data from an individual under 18 without verification of parental consent, we will delete that information. If you believe Liff might have any personal information from or about a child under 18, please contact support@liffhappens.com.

California privacy rights

The California Consumer Privacy Act (CCPA) provides California residents with specific rights regarding their personal information. You have the right to know that we may have collected the following Personal Information directly from you:

Category of Personal Information

Purpose for collection

Disclosed for a business purpose?

Sold for a business purpose?

Identifiers (ex. name, online identifier, email, name, username, address, email, phone, social media handles or urls)

Performing services at your request, which include facilitating your access to and use of the Service and responding to direct communications

Yes — only to services providers /subprocessors listed in the “Who does Liff share personal information with?” section above

No

Personal Information categories listed in the California Customer records statute (ex. name, email, address, telephone number, credit card number, payment information, education, employment history)

Performing services at your request, which include facilitating your access to and use of the Service and reviewing employment applications

Yes — only to services providers /subprocessors listed in the “Who does Liff share personal information with?” section above

No

Internet activity (ex. details about interactions with the Service)

Administering and maintaining the Service, including linking a log file to an individual to improve the Service.

Yes — only to services providers /subprocessors listed in the “Who does Liff share personal information with?” section above

No

Geolocation data (ex. IP address)

Verifying U.S. sanctions compliance

Yes — only to services providers /subprocessors listed in the “Who does Liff share personal information with?” section above

No

 

   

Liff does not sell Personal Information.

California residents have the right to request that we disclose to you certain information about our collection and use of your Personal Information over the past 12 months. After we receive and verify your request, we will disclose:

  1. The categories of Personal Information we collected about you;

  2. The categories of sources for that Personal Information;

  3. Our business or commercial purpose for collecting or selling that Personal Information;

  4. The categories of third parties with whom we share that Personal Information;

  5. The specific pieces of your Personal Information we have collected; and

  6. If we sold or disclosed that Personal Information for a business purpose, two separate lists of what was sold and what was disclosed and the categories of Personal Information in each case.

You also have the right to request that we delete your Personal Information from our records and direct any service providers to delete that Personal Information from their records. After we receive and verify your request, we will delete that Personal Information unless a legal exception applies.

Any request to exercise your CCPA rights should be submitted either via email to support@liffhappens.com or via form (https://www.liffhappens.com/information-requests/). We will not discriminate against you for exercising any of your above rights, including: charging you a different price to access the Service; providing you a different level of service; or suggesting that you may receive a different price or level of service.

When does Liff update this Policy?

We may change this Policy from time to time. We will post the changes to this page. If we make changes that materially alter your privacy rights, Liff will provide additional notice. If you disagree with changes to this Policy, you should deactivate your account for the Service. Your continued use of the Service constitutes your agreement to be bound by such changes to this Policy.

Who can you contact with questions about privacy?

To exercise any of the rights mentioned in this Policy or if you have questions regarding this Policy, complete the request form at https://www.liffhappens.com/information-requests/ or please email us at support@liffhappens.com

Cookie Notice

To make our website and other communications related to the Service work properly, we sometimes place small text files (cookies) on your device when you use the Service. This Cookie Policy (the “Policy”) provides information about how and when we use cookies for these purposes. Capitalized terms used in this policy but not defined have the meaning set forth in our Privacy Policy.

What is a cookie?

A “cookie” is a small software file stored temporarily or placed on your computer’s hard drive. The main purpose of a cookie is to allow a web server to identify your computer and web browser and then tailor web pages and login information to your preferences. Cookies last for one of two time periods:

  • “Session-based cookies” last only while your browser is open and are automatically deleted when you close your browser.

  • “Persistent cookies” last until you or your browser delete them or until they expire.

Cookies help us promptly display the information you need to use the capabilities of the Service and other information which we consider to be of interest to you. Cookies do not typically contain personal information but can be linked to personal information that you have already provided us. By gathering and remembering information about your website preferences through cookies, we can provide a better web and marketing experience.

Does Liff use cookies?

Yes. When you use the Service, we utilize session cookies, which allow us to uniquely identify your browser while you are logged in and to process your online transactions. Session cookies disappear from your computer when you close your web browser or turn off your computer.

We also utilize persistent cookies to identify you as a Liff customer, agent, or end user and make it easier for you to log into and use the Service. Persistent cookies remain on your computer after you close your web browser or turn off your computer.

The above-described cookies are further categorized as follows:

  • “Essential cookies” are critical to the functionality of the Service. We use these cookies to keep a user logged into the Service and remember relevant information when the user returns to the Service.

  • “Functional cookies” track users’ activities in the Service, understand their preferences, and improve their user experience. These cookies can also be used to remember customizable configurations of the Service.

  • Third-party providers serve a variety of “marketing cookies” that enable us to track and analyze usage, navigation, and other statistical information from visitors to the Liff Websites. This information alone is not personal information, though it can be associated with personal information.

What cookies does Liff use in the Service?

Liff uses the following cookies in the Service:

Purpose

Liff Sessions and Login

Payment Authentication

Analytics

Category

Essential

Essential

Marketing

Duration

Session

Session

Various under 2 years

Company

Liff & Google

Stripe

Google

Can cookies be turned off?

You can generally accept or decline the use of cookies through functionality built into your web browser. We obtain consent for placement of non-essential cookies in jurisdictions that require it. To revoke your consent, you should delete the cookies.

If you want to learn more about cookies or how to control or delete them, please visit http://www.aboutcookies.org/ for detailed guidance. In addition, certain third-party advertising networks, including Google, permit users to opt out of or customize preferences associated with your internet browsing. To learn more about this feature from Google, click here