Privacy Policy

Last Updated: May 30, 2024

Introduction

This page (“Privacy Policy” or “Policy”) provides our policies and procedures for collecting, using and disclosing your information and outlines the security measures we’ve put in place to protect the information that you store using BirdEye, Inc.'s ("Birdeye") services, including the services made available through this web site, and any other software or services offered by Birdeye in connection with such services (the “Services”). By using these Services, you consent to the collection, transfer, processing, storage, disclosure and other uses of your information described in this Privacy Policy.

Quick Links
What information does Birdeye collect and store?Personal Information

When expressing an interest in obtaining additional information about the Services or registering to use the Services, Birdeye requires you to provide your personal contact information, such as your name, company name, address, phone number, and email address (these are referred to below as your “Personal Contact Information”). When purchasing the Services, Birdeye also requires you to provide financial and billing information, such as billing name and address, credit card number, and the number of employees within the organization that will be using the Services (“Billing Information”).

Data, Diagnostic & Login Information

Using Birdeye’s Services, you will be able to create, upload, store and share information such as company description, email ID, logo, photos, custom emails, user email IDs, etc. (this is collectively referred to below as “Data”). This information will be stored and maintained on Birdeye’s web site. If you run into technical errors in the course of using the Services, Birdeye may request your permission to obtain a crash report along with certain logging information from your system documenting the error (“Diagnostic Information”). Such information may contain information regarding your Operating System version, hardware, browser version (and .NET version information in case of Windows systems), and your email address, if provided. Additionally, certain login information is maintained in a cookie stored locally on your computer (i.e. not on a server) in order to streamline the login process (“Login Information”).

Analytics Information

As you navigate Birdeye’s website and use our Services, Birdeye may also collect information through the use of frequently used information-gathering tools, such as cookies and Web beacons (“Website Navigational Information”). Website Navigational Information includes standard information from your web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on Birdeye’s website (such as web pages viewed and links clicked). Collectively, this information is referred to as “Analytics Information.”Third party vendors, including Google, use cookies to serve ads based on a user's prior visits to your website or other websites. Google's use of advertising cookies enables it and its partners to serve ads to your users based on their visit to your sites and/or other sites on the Internet.

Users may opt out of personalized advertising by visiting Ads Settings or by visiting www.aboutads.info.

Geo-Location Information

Birdeye does not collect any information regarding your real-time geo-location while using the Services; however, it may do so at some point in the future. We will request your permission before collecting such information.

What does Birdeye do with the information it collects?

Birdeye uses the information it collects in the following ways:

  • Personal Contact Information – We use this information primarily to administer our Services to you and provide you with updates and product announcements. Per the Privacy and Conditions, we may use some of your information for marketing purposes, as explained below.
  • Billing Information – Birdeye does not store any Billing Information on its servers. Instead, we use a payment provider, Recurly (www.recurly.com), to store and process all payment related transactions. Find information regarding Recurly’s privacy policy here.
  • Data, Diagnostic Information and Login Information – We use this information solely for the purpose of administering and improving our Services to you.
  • Analytics Information – Birdeye may use your Analytics Information in conjunction with an analytics service such as Google Analytics to monitor and analyze use of the Services, for the Services’ technical administration, to increase the Services’ functionality and user-friendliness, and to verify users have the authorization required for the Services to process their requests.
Sharing & Disclosure of Private InformationThird Party Applications and Your Use

Birdeye provides users with the ability to link to their Data on third party sites such as Facebook, Twitter and LinkedIn. Such linking is at the complete discretion of users. Because of this, Birdeye cannot be held responsible or liable for the linking of user’s Data to such third party sites, nor for how these third party sites use such links.

Marketing and Publicity

Per our Privacy and Conditions, you agree to permit Birdeye to identify you as a customer and to use your name and/or logo in Birdeye’s website and marketing materials.

Sale of Personal Information

Birdeye does not sell, rent, or trade your private information to any third parties in any way.

Service Providers and Business Partners

Birdeye may use certain trusted third party companies and individuals to help us provide, analyze, and improve the Services (including, but not limited to, data storage, maintenance services, database management, web analytics, payment processing, and improvement of the Services’ features). These third parties may have access to your information strictly for the purposes of performing these tasks on our behalf and under obligations similar to those in this Privacy Policy.

Compliance with Third Party Services’ Privacy Policies

In using the Services, you may have access to or the use of third party services via API or otherwise which require you to agree to that third party’s privacy policy. This includes but is not limited to access to YouTube via the YouTube API Services (as those terms are defined in the Google Privacy Policy). You can learn more about your privacy rights for the YouTube API Services in the Google Privacy Policy. Further, in addition to the normal procedure for deleting stored data as provided in this Policy, users can revoke API Client’s access to their data via the Google security settings page at https://security.google.com/settings/security/permissions. ("API Client" means a website or software application (including a mobile application) developed that accesses or uses the YouTube API Services).

Compliance with Google’s Limited Use Policy

Birdeye’s use and transfer of information to any other application of information received from Google APIs will adhere to Google API Services User Data Policy including the Limited Use requirements.

Non-Private or Non-Personal Information

We may disclose your non-private, aggregated, or otherwise non-personal information, such as usage statistics of our Services, in Birdeye’s reasonable discretion.

Our Use And Disclosure of Information

Birdeye will not disclose any personally identifiable information about any individual except as set forth in this Privacy Policy. This applies to information about our customers and information our customers provide to us about their customers. We are not limited in any way in our use of non-personal information that does not permit direct association with any specific individual or non-identifiable aggregate information about our users (such as the number of customers who use our services, the geographic distribution of our users, the amount of information located and/or removed, etc.).

Internal Uses of Your Personally Identifiable Information
  • We collect, store and process your personally identifiable information on servers located in the United States. Due to the unpredictable nature of Internet routing, your information may pass through other countries while in transit to our servers. We use the information we collect about you in order to:
    1. Develop and deliver our services;
    2. Process your transactions;
    3. Provide customer service and manage your account;
    4. Improve our products, services and marketing.
  • We provide access to personally identifiable information about our users only to those who require it for the above purposes.
  • Birdeye will not sell or rent any of your personally identifiable information to third parties. Birdeye will not share any of your personally identifiable information with third parties except in the limited circumstances described below.
    1. We share information with service providers under contract who help with our business operations such as payment and order processing, fraud investigation, bill collection, and information management and analytics. If content generation is included in your services, we may share information with service providers under contract to create, edit and/or publish such content. These third parties are obligated to protect your information and are contractually prohibited from using your personally identifiable information for any other purpose. They are never permitted to share your information with any third parties. They are authorized to use your personal information only as necessary to provide these services to Birdeye.
    2. We disclose information that we, in good faith, believe is appropriate to cooperate in investigations of fraud or other illegal activity, to conduct investigations of violations of our Privacy of Use and/or to protect our right, protect your safety and the safety of others. For example, this means that if we conduct a fraud investigation and conclude that one side has engaged in deceptive practices, we reserve the right to provide that person or entity’s contact information (but not bank account or credit card information) to victims who request it.
    3. We disclose information in response to a subpoena, warrant, court order, levy, attachment, order of a court-appointed receiver or other comparable legal process, including subpoenas from private parties in a civil action. If the subpoena seeks information about an identified subscriber or limited group of subscribers, we will make reasonable business efforts to contact the subscriber(s) before providing information to the party that requests it. We cannot guarantee that we will be able to do so in all cases, whether due to a time limit, court order, inability to effectively contact a subscriber, or other circumstances.
    4. When a user signs up for a co-branded version of our service through links to Birdeye.com from our co-branded partner’s website, Birdeye will share with the co-branded partner that user’s name, e-mail address and physical address in order to provide enhanced integration between Birdeye’s services and the services of our co-branded partner. If you do not want your information shared with Birdeye’s co-branded partner, sign up for Birdeye directly through Birdeye.com and other sub-domains and not through a link from our partner’s website.
    5. We disclose information to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you).
    6. We share information with companies that provide public relations and marketing services for us. Such information will only be shared by us to customize, measure and improve our products, services and advertising. It will not be shared with third parties for their marketing purposes. These third parties are contractually obligated to protect your information and are prohibited from using your personally identifiable information for any other purpose.
    7. As with any other business, it is possible that in the future, Birdeye could merge with or be acquired by another company. If such an acquisition occurs, the successor company would have access to the information maintained by Birdeye, including customer account information, but would continue to be bound by this Privacy Policy until it is amended.
    8. We share your information with our parent, subsidiaries and joint ventures to help coordinate the services we provide to you, enforce our terms and conditions, and promote trust and safety.
    9. The implementation of our Services, by its very nature, may require using your personally identifiable information to locate other information about you. Such use may include, but not be limited to, using your information to search the publicly accessible Internet sites as well as searching private information databases and sites.
    10. The implementation of our Services, by its very nature, may require revealing your personally identifiable information in order to effect removal of Internet content about you. For example, we may have to disclose your name to a website in order to notify them to remove Internet content about you. This occurs with your express permission for a specific, given purpose.
Internal Uses of Your Personally Identifiable Information

We will retain your information for as long as your account is active or as needed to provide you the Services. If you wish to cancel your account or request that we no longer use your information to provide you the Services, you may delete your account (this will be done by Birdeye’s customer care team). If you delete your account, your Data will no longer be stored in our servers. While we try to delete your Data from our servers as quickly as possible, please be aware that there may be a delay from the time you delete your account to the time that your Data is removed, and that some of your Data may continue to exist for a period in backup copies.

Changes To Privacy Policy
  • If we decide to make material changes to our Privacy Policy, we will notify you by e-mail through the primary e-mail address specified in your account and/or post those changes to this Privacy Policy on the Website homepage prior to the changes taking effect. You are responsible for ensuring we have an up-to-date active and deliverable e-mail address for you.
  • You are also responsible for regularly reviewing the Privacy Policy and related documents. We reserve the right to modify this Privacy Policy at any time. No amendment to or modification of this Policy will be binding unless in writing and signed by a duly authorized representative of Birdeye, or posted to the Site by a duly authorized representative of Birdeye.
  • In the event that Birdeye goes through a business transition, such as a merger, an acquisition by another company, or a sale of a portion of its assets, users' personally identifiable information will, in most instances, be part of the assets transferred. Users will be notified via prominent notice on the site for 30 days after a change of ownership or control of their personally identifiable information. If, as a result of the business transition, a user’s personally identifiable information will be used in a manner different from that stated at the time of collection, users will be given a choice consistent with our notification of changes section.
Internal Uses of Your Personally Identifiable Information

We will retain your information for as long as your account is active or as needed to provide you the Services. If you wish to cancel your account or request that we no longer use your information to provide you the Services, you may delete your account (this will be done by Birdeye’s customer care team). If you delete your account, your Data will no longer be stored in our servers. While we try to delete your Data from our servers as quickly as possible, please be aware that there may be a delay from the time you delete your account to the time that your Data is removed, and that some of your Data may continue to exist for a period in backup copies.

In addition to the principles, practices and policies set forth above in this Privacy Policy, Birdeye has adopted the following principles to govern its collection and processing of Personal Data:

  • Personal Data shall be processed lawfully, fairly, and in a transparent manner.
  • The Personal Data collected will only be those specifically required to fulfill Birdeye’s obligations to deliver the Birdeye service.
  • Personal Data shall only be retained for as long as it is required to fulfill contractual requirements.
  • Personal Data shall be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are collected and/or processed. Personal Data shall be accurate and, where necessary, kept up to date.
  • Data subject has the right to request from Birdeye access to and rectification or erasure of their Personal Data, to object to or request restriction of processing concerning the data, or to the right to data portability. In each case such a request must be put in writing to Birdeye.
About the California Consumer Privacy Act (CCPA)

Effective on January 1, 2020, the California Consumer Privacy Act (CCPA) allows California residents to obtain certain information collected by the business with whom they have established business relationships.

If you are a California resident, you may exercise certain rights to access, restrict, or delete your personal information by submitting a request through this link.

GDPR

Birdeye’s GDPR policy page is available here.

DATA PRIVACY FRAMEWORK COMPLIANCE

Birdeye complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Birdeye has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. Birdeye has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/ Under the DPF Principles we are responsible for the processing of Personal Information we receive and, subsequently, for the Personal Information that we then transfer to a third-party service provider acting as an agent on our behalf, if the Personal Information is processed in a manner inconsistent with the Data Privacy Framework.

If you are located in the European Economic Area, the United Kingdom, or Switzerland you may seek confirmation regarding whether BirdEye is processing Personal Information about you, request access to Personal Information, and ask that we correct, amend or delete your Personal Information where it is inaccurate or has been processed in violation of the DPF Principles. Where otherwise permitted by applicable law, you may use any of the methods set out in this privacy policy to request access to, receive, object to processing, restrict processing, seek rectification, or request erasure of Personal Information relating to you held by Birdeye.

Birdeye may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. In compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Birdeye commits to resolve complaints about our collection or use of your personal information transferred to the U.S. pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK, and Swiss individuals with inquiries or complaints should first contact Birdeye by sending an email to privacy@birdeye.com

.

Birdeye has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, JAMS DPF Dispute Resolution. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://www.jamsadr.com/dpf-dispute-resolution for more information and to file a complaint. This service is provided free of charge to you.

Further and in compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Birdeye commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf

Birdeye is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

HIPAA

Birdeye’s HIPAA Statement policy page is available here.

Birdeye’s Policy on Artificial Intelligence

Birdeye’s Generative AI Policy can be found here. Birdeye's Services and features do not share user data with any third party AI models.

Australian users

If you are an Australian user accessing or using the Services from Australia, the Privacy Act 1988 (Cth) and the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (“APP”) applies to personal information collected or held by Birdeye or its Affiliates with an “Australian link” (within the meaning of the Privacy Act). In addition, Birdeye is committed to complying with other applicable Commonwealth, State or Territory privacy and data protection laws and regulations.

Community

Our Services may include publicly accessible community services such as blogs, forums, and wikis. Please be aware that any information you provide in these areas may be read, collected, and used by others who access them. Your posts on these communities may remain even after you cancel your account.

Questions, Complaints and Contacts

If you have any questions regarding this Privacy Policy, please contact us at privacy@birdeye.com, or by U.S. mail at the address below:

Birdeye Inc.
Attn: Privacy Officer
2479 E. Bayshore Road, Suite 188
Palo Alto, CA 94303