Last updated: December 12, 2021
IF YOU ARE CALIFORNIA RESIDENT: If you are a resident of California, this entire Privacy Notice applies to you. However, please see the section titled Additional Information for California Residents below, which will inform you in detail about our information collection practices and your specific rights.
Who We Are and How to Contact Us
Pickaxe is a Delaware C-Corporation with the following contact information:
6040 California Ave SW, Seattle, WA 98136
If you have reason to believe that a child under the age of 16 has provided personal data to Pickaxe through the Platform, please contact [email protected] and we will endeavor to delete that information from our databases.
To Whom Does This Policy Apply
Site Visitors – this includes visitors to our Site, including those who do not register for our Services.
Customers – this includes any individual who registers individually or on behalf of an entity or organization in order to use the Services, whether as part of a free trial or paid subscription.
Business Profiles – our business is to help people connect professionally, and for this we collect and compile business information about individuals and their companies. As such, we store and process personal information to create Business Profiles of individuals as part of our Services. Please see below for more information on how this information is collected.
Personal Information That We Collect
What personal information we collect and process depends on a number of factors. As explained in more detail below, we process personal information that we receive directly from you when you provide it to us, such as when you sign up for our Services, or indirectly, such as through automated technologies (e.g., cookies) or from third parties. We also collect information for Business Profiles in a variety of ways as explained below.
Information We Collect Directly From You
You can generally visit our Site without having to submit any personal information. However, if you wish to use our Services, you will be asked to provide information about yourself.
If you contact us through our “Contact Us” form on the Site, via the chat feature or otherwise send us an email, we process any personal information contained in those communications, including name, contact information, company and any other information that you submit to us.
Signing up for our Services
If you sign up for our Services, whether as a free trial or paid subscription, we will collect personal information as follows:
First and last name
If you are a Customer, we use PCI-compliant third-party processors, as explained in Payment Processing. Payment information is processed by our payment service providers, and we receive a confirmation of payment, which we then associate with your account and any relevant transactions.
Customer reviews contain names, photos and contact information. If you submit a Customer review, with your consent, it may be posted on the Site and publicly visible. We may also share it with strategic partners.
Information We Collect Indirectly
Automatically Collected Information
If you are browsing or interacting with the Site, we collect the same basic information that many other websites collect. Even if you do not have an account, we, or authorized third parties engaged by us, automatically collect information about your use of the Site, which consists of:
Device Information – information about the devices and software you use to access the Site – primarily the internet browser or mobile device that you use, the website or source that linked or referred you to the Site, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device on the Internet), the operating system of your computer or mobile device, device screen size and other similar hardware and software information, and language preference
Usage Information – information about your interactions with the Site, including access dates and times, device event information, log data, crash data, and cookie data. This information allows us to understand the screens that you view, how you’ve used the Site and/or our Services (which may include administrative and support communications with us), and other actions on the Site. We, or our authorized third parties, automatically collect log data when you access and use the Site for all Site Visitors, even if you have not created an account or logged in. We use this information to administer and improve the Services, analyze trends, track users’ use of the Site, and gather broad demographic information for aggregate use.
Location Information – based on this Device and Usage Information – mainly IP address – we are also able to determine general location information (country, city).
Business Profile Data
Pickaxe collects and compiles information about individuals with whom it does not have a direct relationship, but whose Business Profiles are included on our Platform. This information is gathered, compiled (and updated) and provided to our Customers as part of the Services. Information that we collect and store to create Business Profiles (“Business Profile Data”) consists of business or professional information and includes personal and non-personal information, as described below. We collect Business Profile Data in a variety of ways:
Directly from individuals who submit Business Profile Data to us
From the publicly-available information available on the internet or otherwise
From third-party companies that collect information on our behalf and license it to us
A Business Profile includes (but does not always contain all of) the following Business Profile Data:
First and last name
Business e-mail address
Business telephone (mobile in some cases)
Public social media handles
We collect payments from Customers only and do not directly collect or store payment information. We use third-party, PCI-compliant, payment processors, which collect payment information on our behalf in order to complete transactions with our Customers. While our administrators are able to view and track actual transactions via the client portals of the payment processors, we do not have access to, or process, credit card information.
How Do We Use Personal Information We Collect
We use your personal information for a number of different reasons, as further explained below.
In addition, for users located in the EEA and the U.K., we must have a valid legal basis in order to process your personal data. Generally speaking, the main legal bases under the European Union’s General Data Protection Regulation (GDPR) that justify our collection and use of your personal data are:
Performance of a contract – When your personal data is necessary to enter into or perform our contract with you.
Consent – When you have consented to our use of your personal data via a consent form (online or offline).
Legal obligation – When we need to use your personal information to comply with our legal obligations.
Legal claims – When your personal information is necessary for us to defend, prosecute or make a claim.
Legitimate interests – When we use your personal data to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights. For instance, our processing of Business Profile Data in connection with our Services is within our legitimate interests because the business nature of the information (while still personal information) is widely available and distributed across the internet and otherwise. The information does not concern any special categories of data nor does it include personal details about individuals’ private lives. Moreover, Pickaxe provides adequate notice, access and choice (including the ability to delete said Business Profile Data directly by clicking here) and technical and organizational measures with respect to the Business Profile Data. As such, Pickaxe’s use of personal data as part of the Business Profile Data outweighs any prejudice to the individuals’ data protection rights. If we rely on our (or another person’s) legitimate interests for using your personal information, we will undertake a balancing test to ensure that our (or the other person’s) legitimate interests are not outweighed by your interests or fundamental rights and freedoms which require protection of the personal information. You can ask us for information on this balancing test by contacting us at [email protected]
Below are the general purposes and corresponding legal bases (in brackets) for which we may use your personal information:
Providing, updating and maintaining the Platform – In particular, we will use your data to ensure that the Site loads and works for you, to set-up an account, or provide you with notices regarding purchases or other important information. Depending on the context, performance of a contract, legitimate interests, and in some cases, legal claims
Collecting Business Profile Data to create and disclose Business Profiles for use by our Customers – See description above. Legitimate interests
Processing and completing transactions, and sending you related information, including purchase confirmations and invoices – In particular, we will use your data to complete any purchases for the Services, set up billing and resolve any issues with respect to the foregoing. Performance of a contract
To otherwise communicate directly with you – In particular, if you contact us or otherwise send as a communication, we may process your personal information. Depending on the context, performance of a contract, legitimate interests, and in some cases, legal claims
Improving the content and general administration of the Platform, including to perform system maintenance and upgrades – In particular, we may use Device, Usage and Location Information to make changes to certain features or improve the Site, or use other information derived from personal information to offer new Services or make upgrades to the Platform. Legitimate interests
Detecting fraud, illegal activities or security breaches – In particular, we may use information such as your IP address to help us prevent abuse of the Platform and investigate any potential unauthorized use of the Platform or other security breaches. Legitimate Interests
Conducting statistical analyses and analytics by monitoring and analyzing trends, usage, and activities in connection with the Platform – In particular, we do this internally or via third parties such as Google Analytics, Hotjar and other partners. Consent where required (e.g., third-party cookies) or legitimate interests
Sending marketing communications, in line with your communication preferences Consent (depending on location and Customer relationship) or legitimate interests
As required by applicable law, legal process or regulation – We may use your information to comply with valid court orders and similar legal or regulatory obligations which apply to us. This may include where we reasonably consider it is in our legitimate interests (or the legitimate interests of others) to comply, as well as where we are legally required to do so Legal obligations or claims
Disclosure of Personal Information
We disclose your personal information as described below.
Third-Parties and Service Providers
Pickaxe discloses users’ information to our third party agents, contractors or service providers who are hired to perform services on our behalf. These companies do things to help us provide the Platform, and in some cases collect information directly, for example as explained in Payment Processing above. Below is an illustrative list of functions for which we may use third-party service providers:
Hosting and content delivery network services
Marketing and social media partners
Customer support services
Hosting and content delivery network services
Functionality and debugging services
Professional service providers, such as auditors, lawyers, consultants, accountants and insurers
Business Profile Data is disclosed to our Customers and Site Visitors in connection with our Services, as well as strategic partners. To exercise your rights with respect to personal information contained in your Business Profile, please click email [email protected]
As we continue to grow, we may purchase websites, applications, subsidiaries, other businesses or business units. Alternatively, we may sell businesses or business units, merge with other entities and/or sell assets or stock, in some cases as part of a reorganization or liquidation in bankruptcy. In order to evaluate or as part of these transactions, we may transfer your personal information to a successor entity upon a merger, consolidation or other corporate reorganization in which Pickaxe participates, or to a purchaser or acquirer of all or a portion of Pickaxe’s assets, bankruptcy included.
We share aggregated, automatically-collected or otherwise non-personal information with third parties for various purposes, including (i) compliance with reporting obligations; (ii) for business or marketing purposes; (iii) to assist us and other parties in understanding our users’ interests, habits and usage patterns for certain programs, content, services, marketing and/or functionality available through the Platform. We do not share personal information about you in this case.
Legal Obligations and Security
If we are required to disclose personal information by law, such as pursuant to a subpoena, warrant or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States or via mutual legal assistance mechanism (such as a treaty). However, if we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person, we may provide information to law enforcement trying to prevent or mitigate the danger (if we have it), to be determined on a case-by-case basis.
Links to Third Party Sites
“Do Not Track”
How to Change Your Communication Preferences
To keep your information accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update any information in our possession that you have previously submitted via the Platform. Note that you may also manage your communications preferences and the receipt of any commercial communication by clicking the “unsubscribe” link included at the bottom of all emails from Pickaxe. You may also adjust your preferences through your account settings if you have a Pickaxe account, or send an email to [email protected]
You have choices about how to protect and limit the collection, use, and sharing of information about you. Note that in order to protect your privacy and security, we will also take reasonable steps to verify your identity before granting you access or enabling you to make corrections or delete your information.
Accessing and Changing Your Information
Deleting Your Account or Business Profile
If you are a Customer, you may delete your account information at any time by emailing us at [email protected] We may retain certain information about you as required by law or for legitimate business purposes after you delete your account.
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject first and third-party cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services.
Controlling Advertising and Analytics
Some analytics providers we partner with may provide specific opt-out mechanisms. For example, you may manage the use and collection of certain information by Google Analytics via the Google Analytics Opt-out Browser Add-on.
Controlling Promotional Communications
You may opt-out of receiving some or all categories of promotional communications from Pickaxe by following the instructions/link contained in those communications or, if you are a Customer, by updating your email options in your account preferences. If you opt-out of promotional communications, we may still send you non-promotional communications, such as information about your account and/or transactions, or your use of the Services.
How Long Do We Keep Your Personal information?
General Retention Periods
We use the following criteria to determine our retention periods: the amount, nature and sensitivity of your information, the reasons for which we collect and process your personal data, the length of time we have an ongoing relationship with you and provide you with access to our Platform, and applicable legal requirements. We will retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to comply with applicable legal, tax or accounting requirements). Additionally, we cannot delete information when it is needed for the establishment, exercise or defense of legal claims (also known as a “litigation hold”). In this case, the information must be retained as long as needed for exercising respective potential legal claims.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible.
In some instances, we may choose to anonymize your personal data instead of deleting it, for statistical use, for instance. When we choose to anonymize, we make sure that there is no way that the personal data can be linked back to you or any specific user.
Data Security and Integrity
We take steps that are reasonably necessary to securely provide our Platform. We have put in place reasonably appropriate security measures designed to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We limit access to personal data only to those employees, agents, contractors and the third parties who have a business need-to-know.
We also have procedures in place to deal with any suspected data security breach. If required, we will notify you and any applicable regulator of a suspected data security breach. We also require those parties to whom we transfer your personal information to provide acceptable standards of security.
Notwithstanding, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Platform may not be secure. Therefore, take special care in deciding what information you send to us via email. For any questions about the security of your information, please contact [email protected]
We are located in the United States, and the personal information that we collect is stored on servers located in the United States. This means that your personal information will be collected, processed and stored in the United States, which may have data protection laws that are different from (and sometimes less protective than) the laws of your country or region, such as the GDPR.
Note: Customers are considered independent controllers of Business Profile Data that they receive in connection with the Services. As such, for Customers that are not located in the EEA, the U.K or a third country deemed adequate by the European Union and that access and create a back-up copy of Business Profile Data must enter into and adhere to the standard contractual clauses (controller to controller) as set forth in our Terms and Conditions.
Additional Information for Users in the EEA and the U.K.
If you are in the EEA or the U.K., please read this section for more information.
Staying In Control of Your Information: Your Rights
If you are in the EEA or the U.K., you have certain rights in relation to your personal data:
The right of access – your right to request a copy of the personal data we hold about you (also known as a ‘data subject access request’);
The right to rectification – your right to request that we correct personal data about you if it is incomplete or inaccurate (though we generally recommend first making any changes in your account settings);
The right to erasure (also known as the ‘right to be forgotten’) – under certain circumstances, you may ask us to delete the personal data we have about you (unless it remains necessary for us to continue processing your personal data for a legitimate business need or to comply with a legal obligation as permitted under the GDPR, in which case we will inform you). Note that Business Profile Data may be deleted by clicking here;
The right to restrict processing – your right, under certain circumstances, to ask us to suspend our processing of your personal data;
The right to data portability – your right to ask us for a copy of your personal data in a common format (for example, a .csv file);
The right to object – your right to object to us processing your personal data (for example, if you object to us processing your data for direct marketing); Rights in relation to automated decision-making and profiling – our obligation to be transparent about any profiling we do, or any automated decision-making; and
The right to lodge a complaint at any time to the supervisory authority for data protection issues in your country of residence – however, we ask that you please contact us first so that we can first address your concerns.
These rights are subject to certain rules around when you can exercise them.
If you are located in the EEA or the U.K. and wish to exercise any of the rights set out above, you may contact us at [email protected]. If you are in the EEA, you may contact our representative in the EU, as explained below.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under those circumstances.
We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. If we cannot reasonably verify your identity, we will not be able to comply with your request(s).
We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.
Social Media and Joint Controllership for Individuals in the EEA
Sometimes, Pickaxe acts as a ‘joint controller’ with certain third parties, namely certain social media sites, such as LinkedIn. When Pickaxe and a partner act as joint controllers, you (as a data subject) may exercise your rights against Pickaxe and/or the third party. For a list of joint controller relationships, please contact us at [email protected]
In order to market our Platform and stay in touch with users, we maintain a Facebook page and use Facebook Pixel (“Facebook Products”). With respect to our use of these Facebook Products, we are jointly responsible with Facebook Ireland for the processing activities (“Joint Processing”):
Facebook Ireland Ltd.,
4 Grand Canal Square, Grand Canal Harbor
Dublin 2, Ireland
Information about the personal data that is collected from you by Facebook, as well as how and why it is processed by Facebook, can be found at https://www.facebook.com/about/privacy. Pickaxe and Facebook have entered into entered into an agreement in order to determine the respective responsibilities for compliance with our obligations in connection with the Joint Processing within the meaning of the GDPR. This joint controller agreement, which sets out the reciprocal obligations, is available here.
It cannot be excluded that some processing by Facebook Ireland Ltd. will also take place in the United States by Facebook Inc.
With respect to our use of the “Page Insights”, we are joint controllers of your personal data with LinkedIn. You may find the joint controller addendum at https://legal.linkedin.com/pages-joint-controller-addendum.
Additional Information for California Residents
Please note that this CCPA Notice does not apply to employees and job applicants.
Categories of Information We Collect
Within the last twelve (12) months, Pickaxe has collected the following categories of personal information (as defined in the CCPA) from or about Consumers (note that the lettered categories are according to lettering in the CCPA):
A. Identifiers, such as a real name, unique personal identifier, online identifier, IP Address, email address, or account name
B. Personal information categories listed in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e)), such as a name, signature or telephone number
D. Commercial information, such as records of products purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
F. Internet or other similar network activity, such as browsing history or information on a Consumer’s interaction with a website or application.
G. Geolocation data, such as physical location.
I. Professional or employment-related information
Personal information does not include:
Publicly available information from government records
Deidentified or aggregated Consumer information
Certain other information that is already regulated by other laws or regulations
Information that is specifically exempt from the scope of the CCPA.
Categories of Sources of Personal Information
Directly from you. For example, when you sign up to use the Services.
Indirectly. For example, from observing your actions on our Services, or from the internet (including publicly-available sources) – this includes data collected via cookies (or similar technologies) or from third parties.
Use of Personal Information
Disclosure of Personal Information
Pickaxe may disclose your personal information to service providers for a business purpose. When we disclose personal information for a business purpose, we enter into a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the services for us. As explained in more detail above, we also share your personal information with certain categories of service providers who assist us in providing our Services and with our business.
In the preceding 12 months, Pickaxe has disclosed the following categories of personal information for a business purpose:
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
D. Commercial information
F. Internet or other similar network activity
G. Geolocation data
I. Professional or employment-related information
Access to Specific Information and Data Portability Rights
You have the right to request that Pickaxe disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive your request and verify your identity, we will disclose such information to you.
Deletion Request Rights
You have the right to request that Pickaxe delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive your request and verify your identity, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
Note: we may deny your deletion request if retaining the information is necessary for us or our service provider(s) for certain reasons as permitted and set forth in the CCPA, in which case we will inform you of those reasons.
Exercising Your Consumer Rights
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable Consumer request related to your personal information. You may also make a verifiable Consumer request on behalf of your minor child. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you.
An authorized agent is a natural person or a business entity registered with the Secretary of State that a Consumer has authorized to act on his or her behalf. When a Consumer uses an authorized agent to submit a request to know or a request to delete, Pickaxe may require that the Consumer provide the authorized agent written permission to do so and verify his or her own identity directly with Pickaxe, unless the Consumer has provided the authorized agent with a valid power of attorney. Pickaxe may deny a request from an agent that does not submit proof that he or she has been authorized by the Consumer to act on his or her behalf.
Please note that the methods for verification are set forth in the CCPA, which also requires us to consider a number of factors, such as the type, sensitivity, and value of the personal information or the risk of harm posed by unauthorized access or deletion, on a case-by-case basis.
To exercise the rights described above, please submit a verifiable Consumer request to us by either:
You may only make a verifiable Consumer request for access or data portability twice within a 12-month period. We do not charge a fee to process or respond to your verifiable Consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
We endeavor to respond to a verifiable Consumer request within the timeframes set forth in the CCPA. If applicable, in our response, we will also explain the reasons we cannot comply with a request.
We will not discriminate against you in a manner prohibited by the CCPA because you exercise your CCPA rights. Please note that to use our Services, we do require the collection of your personal information – for example, to sign you up or to complete a paid transaction. While you may request to delete your personal information under CCPA, such deletions may affect our ability to offer the Services.
Other California Privacy Rights
California residents may request information about our disclosures of certain categories of personal information to third parties for such third parties’ direct marketing purposes. California residents may make such request to us at [email protected] We will provide a list of the categories of personal information disclosed to such third parties for their direct marketing purposes during the immediately preceding calendar year, along with the names and addresses of these third parties. This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted other than to the email specified in this section.
If you have any questions regarding this CCPA Notice, please contact us directly.