Privacy Policy

Last Updated: Apr 15, 2022

By accessing and using the Services, you are agreeing to the practices and policies described in this Privacy Policy. If you object to any practices or policies as described in this Privacy Policy, please do not access or use the Services.

INTRODUCTION

For purposes of this Privacy Policy, “Mural,” “we” or “us” means Tactivos, Inc., d/b/a Mural, and “you” or “your” means you, the individual human collaborator who is using our Services. Your use of the Services is subject to our Terms of Service. All of our Terms of Service are available at mural.co/terms. Any capitalized terms that are not defined in this Privacy Policy have the meaning ascribed to such terms in our otherTerms of Service.  

This Privacy Policy describes how Mural collects, uses, transfers and discloses the information collected from and about you, and what choices you have with respect to your information. Please note, however, that this Privacy Policy does not cover Workspace Content or your Contributions. Your Workspace Owner (our Customer) controls the Workspace and any Content or Contributions. We are their data processor, service provider, or subprocessor (as applicable), and our processing of Workspace Content data is governed by our agreements with your Workspace Owner. If you have any questions about your Contributions or Workspace Content, please contact your Workspace Owner.

WHAT INFORMATION WE COLLECT

Directly from you, when you register for and interact with the Services: When you register as a Mural Member or Guest, we collect your email address, name, phone number, password, and company name (if applicable). You also have the option to add a personal photo to your Mural profile to help foster team building and collaboration. In addition to the information you provide when registering an account, you can choose to provide additional information when you use the Services. For example, Visitors to a Mural canvas collaborate without needing to register an account or sign in; Visitors can choose to identify themselves by name for the duration of their collaboration session, or they can choose to remain anonymous. Admins may also be asked to provide billing and payment related information for their associated Customer accounts. Mural uses a third-party payment processor to collect billing and payment information; we do not directly collect, process, store or use any billing or payment information. We may also collect information that you submit to us in other contexts, such as when you participate in a Mural event, download a Mural white paper, request support, interact with our social media accounts, or otherwise communicate or interact with Mural or our Services. Mural does not require you to provide any special category or sensitive data to use the Services, and in fact, the Services are not intended to be used for the transmission of such data. Please do not transmit any sensitive or special category of data through the Services.

Indirectly, when you interact with the Services: Mural uses cookies and similar technologies to collect a variety of information about how you interact with the Services so that we can deliver a better and more relevant experience for you. This includes, for example: device-related information such as IP address, browser language, the state or country from which you accessed the Services (based on IP address), company names, software and hardware attributes (including device IDs, operating system, and browser type); referring and exit URLs; the links clicked on and files downloaded; pages viewed and the order of those pages; the amount of time spent on particular pages; the terms used in searches on the Services; the date and time of a visit or when an email is opened; when you first registered an account; your team, role, and status; the dates and duration of collaboration activities; the levels of access or functionality applicable to your role or account; the number of workspaces, rooms, and murals you have joined or created; the number of invitations you have sent; and other similar information. For more information on our use of cookies and similar technologies, please see our Cookie Policy. 

From Third Party Services, with your permission, when you use the Services: If you choose to use a Third Party Service (including without limitation an Integration) that is available through the Services, the Third Party Service may share certain information with Mural in accordance with your privacy settings with such Third Party Service. For example, if your Workspace Owner enables a cloud storage Integration to import files from that application to the Workspace, we may receive additional information that the Integration has elected to make available to Mural to facilitate the Integration. Or, if you choose to register your Mural account using a Third Party Service authentication tool (such as your Google account), the Third Party Service will provide Mural with information necessary for authentication and account registration, such as your name and email address. Authorized Users should check the privacy settings and notices in Third Party Services to understand what data may be disclosed to Mural. Mural is not responsible for the data protection or privacy practices of any Third Party Services. 

HOW WE USE YOUR INFORMATION

Mural uses your information only as it relates to our interests in operating our business and providing the Services. More specifically, we use your information as follows:

‍

HOW WE SHARE YOUR INFORMATION

It is important to remember that, as the controllers of Workspaces and Workspace Content, our Customers may have their own policies and practices with respect to the sharing and disclosure of information, and may have certain features or functionality turned on or off accordingly. Mural does not control Customer policies or procedures. 

Mural shares information only as it relates to our interests in operating our business and providing the Services, and in accordance with our agreements with Customers. More specifically, we share information in the following situations, subject to appropriate confidentiality protections:

• With other Authorized Users of your Workspace(s). When you use the Services to collaborate with others, your Contributions and certain profile information (such as your name and profile picture) will be shared with your collaborators.
  

• With Customers. Customers (the Workspace Owners) are provided with information about their Workspace(s) and Authorized Users for their account management and other business and administrative purposes, including without limitation Collaboration Insights™ and usage reports. 
  

• With Integrations. If enabled by your Workspace Owner, Mural is authorized to connect to and share information with Integrations to deliver the Integration features and functionality to you. Integrations are not owned or controlled by Mural and have their own policies and practices regarding the collection, use, transfer and disclosure of information.
  

• With marketing partners. Mural provides a variety of webinars, research, white papers, and other materials and events on topics related to collaborative intelligence and the Services, for the benefit of Customers and collaborators. Sometimes these materials or events are co-created or co-sponsored by third parties, including without limitation Customers, service providers, and Integration partners. If you attend an event or access any such materials, we may share your information when we have your consent to do so.
  

• With third party Subprocessors, service providers, or processors. We may engage third party companies or individuals as Subprocessors, service providers or processors to process information on our behalf to help develop or provide the Services, or support our business in other ways, such as for example providing virtual computing and cloud storage services. 

• With our Affiliates. Mural may share information with its corporate Affiliates to help deliver the Services and for other business and marketing purposes.
  

• With our auditors, attorneys, and other trusted agents or representatives, and for purposes of business transactions. For example, if Mural engages in a business transaction such as a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Mural's assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence), some or all information may be shared or transferred with the professionals that we retain to assist us in the transaction, as well as with the business with which we are engaging in such transaction.
  

• To comply with a valid legal request. We will share information in response to a valid and binding compulsory legal request or process, if we reasonably believe in good faith that such disclosure is relevant and necessary to the legal request or process. In certain situations, we may be required to disclose information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
  

• To enforce our rights and protect the Services. We may share information to the extent necessary to protect and defend our rights and the Services, including without limitation to enforce contracts or policies, or in connection with investigating and preventing fraud or security issues.
  

In addition to the situations outlined above, Mural may share information when we have your consent to do so. Finally, we may disclose or use aggregated or de-identified data that can no longer be reasonably linked to you for any purpose, including without limitation for business, marketing, or research purposes.

FOR INTERNATIONAL COLLABORATORS

The Mural Services are designed and delivered primarily in the United States (“U.S.”) and Argentina. As such, Mural may need to transfer your information to countries other than the one in which you live.  Wherever your information is transferred, stored, or processed by us, we take reasonable steps to protect your information in accordance with this Privacy Policy and applicable laws. These measures may include implementing Standard Contractual Clauses to govern the transfer of your information, or other means recognized by applicable laws. By providing us with your information, you acknowledge any such transfer, storage, or processing.  

If you have any concerns or complaints about our data processing activities, we urge you to first try to resolve such issues directly with us or your Workspace Owner. However, if applicable, you may make a complaint to the data protection supervisory authority in the country where you are based, or seek a remedy through local courts if you believe your rights have been breached.

Mural has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, Recourse, Enforcement and Liability, and the Supplemental Principles (the "Privacy Shield Principles") with respect to data transfers from the EEA, UK, and Switzerland. As a result, Mural is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. If there is a conflict between this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. We are committed to applying the Privacy Shield Principles to all personal data received from the EEA, UK, and Switzerland in reliance upon the Privacy Shield. To learn more about the Privacy Shield program, and to view our certification page, please visit: https://www.privacyshield.gov/.

YOUR RIGHTS WITH RESPECT TO YOUR INFORMATION

Some data privacy laws provide data subjects with certain rights with respect to their information, such as the right to be informed of processing activities, the right to correct inaccurate information, the right to erasure, the right to restrict processing, and the right to receive from Mural a structured, common and machine-readable copy of the information we process about you.  You may also have other rights depending on the applicable law in your jurisdiction. Please note that your data subject rights do not apply to your Contributions or any Content that we process on behalf of your Workspace Owner, our Customer. Your Workspace Owner is the controller of the Workspace, so if you have concerns about your Contributions or Content, please contact your Workspace Owner.

If you wish to exercise your data subject rights, please contact us at: compliance@mural.co. If you are an Authorized User of a Workspace, we may redirect your request in whole or in part to your Workspace Owner for handling, in accordance with applicable laws and our agreements with Customers. Otherwise, please note that, pursuant to applicable law, we must be able to verify your identity to process your data subject rights request. We cannot respond to your request or provide you with the information you seek if we cannot verify your identity or authority to make the request and confirm the request relates to you and your information.

If you have any questions about Mural’s policies or procedures related to data subject rights, please contact us at: privacy@mural.co. 

CALIFORNIA PRIVACY NOTICE

If you are a California resident, California law may provide you with additional rights regarding our use of your “personal information” (as defined under California law). This section describes your CCPA (California Consumer Privacy Act) rights and explains how to exercise those rights.

Throughout this Policy, we discuss in detail the specific pieces of personal information we collect from and about Authorized Users.  Please see the “What Information We Collect” section above for the categories of personal information we collect. We source, use, and share the categories of personal information we collect from and about you consistent with the various business purposes we discuss throughout this Policy.  See the “How We Use Your Information” and “How We Share Your Information” sections above for more information.

Please note that the CCPA sets forth certain obligations for businesses that “sell” personal information to third parties.  We do not engage in the “sale” of personal information as defined under the CCPA, and have not engaged in such activity in the past twelve months from the effective date of this Privacy Policy.

NEVADA PRIVACY NOTICE

Under Nevada law, Nevada residents who have purchased goods or services from us may opt out of the “sale” of “covered information” (as such terms are defined under Nevada law) for monetary consideration. Mural does not engage in this activity at this time, but if you are a Nevada resident and you would like to opt out of potential future sales of your information under Nevada law, please email us at privacy@mural.co.  Please note we may take reasonable steps to verify your identity and the authenticity of the request.

COMPLAINTS AND DISPUTE RESOLUTION

Mural is committed to resolve complaints about your privacy and our collection, use, transfer or disclosure of your information. Any inquiries or complaints regarding this Privacy Policy should be directed to: privacy@mural.co.

For residents of the EU, EEA or Switzerland: Mural has further committed to refer unresolved privacy complaints as follows:

• Mural has committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you. 
  

• If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. For more information, please review Privacy Shield Annex 1, available  at https://www.privacyshield.gov/article?id=ANNEX-I-introduction. 
  

• Finally, you have the right to lodge a complaint with the data protection authority in your jurisdiction. Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Mural has appointed the European Data Protection Office (EDPO) as its representative in the EU. You can contact EDPO regarding matters pertaining to EU data protection law by using EDPO’s online request form (available at https://edpo.com/gdpr-data-request/) or by writing to EDPO at: 

European Data Protection Office (EDPO)
Regus Block 1
Blanchardstown Corporate Park
Ballycoolen Road, Blanchardstown
Dublin D15 AKK1
Ireland

For residents of the UK:  you have the right to lodge a complaint with the data protection authority in your jurisdiction. Pursuant to Article 27 of the UK General Data Protection Regulation (UK GDPR), Mural has appointed EDPO UK Ltd. as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR by using EDPO UK’s online request form (available at https://edpo.com/uk-gdpr-data-request/) or by writing to EDPO UK at: 

EDPO UK Ltd.
8 Northumberland Avenue
London WC2N 5BY
United Kingdom

SECURITY

Mural places great importance on the security of the Services. We have adopted a variety of administrative, technical, physical, and organizational measures to protect the Services against accidental or unlawful destruction, loss, alteration, disclosure or access (a “Security Incident”) (collectively our “Security Measures”). To learn more about Security Measures at Mural, please visit https://www.mural.co/security. While we take reasonable steps to protect the Services, no security system is impenetrable. We cannot and do not guarantee that the Services will be 100% secure, that a Security Incident will not occur, or that your communications with us will not be intercepted while being transmitted to us. Any suspected Security Incident should be immediately brought to our attention by contacting us at security@mural.co.

INTEGRATIONS AND THIRD PARTY SERVICES

If any part of the Services contains links to other websites or services, whether our Affiliates or third parties, those sites or services may not operate under this Privacy Policy. You are advised to check the privacy notices on those other sites or in connection with those services to understand their policies and practices on the collection, usage, transfer, and disclosure of your information.

CHILDREN’S PRIVACY

The Services are not directed to children, and are not intended for and may not be used by anyone under sixteen (16) years of age. We do not intentionally collect information from children, and any use of the Services by someone who is not at least 16 years of age is a violation of our Terms of Service. If you have any concerns about your child’s privacy, please contact us at: privacy@mural.co.

CHANGES TO THIS PRIVACY POLICY

This Privacy Policy may be modified from time to time in our sole discretion. Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our Services that necessitate such changes. If that happens, we will promptly post the revised Privacy Policy to the Services and update the “last updated” date at the top of the Privacy Policy.  If we make changes that materially alter your privacy rights, Mural will provide additional notice in accordance with applicable legal requirements, such as via email or through the Services. By continuing to access and use the Services after the effective date, you agree to be bound by the revised Privacy Policy. If you disagree with the revised Privacy Policy, do not use the Services.

CONTACT US

Mural is committed to transparency about our collection, use, transfer and disclosure of your information. Please direct any inquiries, comments or questions regarding this Privacy Policy or our processing of your information to: privacy@mural.co.