Murf Privacy Policy
Your privacy is important to us, which is why we've created this Privacy Policy. Our Privacy Policy (together with our Terms of Service available at https://murf.ai/resources/terms_of_service and any other documents incorporated by reference) sets out what information we collect about you, how we use the information we collect, how we share the information we collect, how we transfer your information internationally and how you can access and control your information. Please read the following carefully to understand our views and practices regarding your personal information and how we will treat it.
Users of countries in the European Union (EU), European Economic Area (EEA) and Switzerland (referred to as “Designated Countries”) should also refer to our GDPR Policy which describes their rights under the General Data Protection Regulation.
Our Privacy Policy adheres to the EU-U.S. DPF Principles with regard to personal data transferred from the European Union and the United Kingdom and the Swiss-U.S. DPF Principles with regard to personal data transferred from Switzerland.
This policy should be read together with our Cookie Policy.
Definitions
In this Privacy Policy, the following definitions apply:
- Any reference to 'MURF Group', 'us', 'we' or 'our' means the Sites’ proprietary owners;
- Services mean the Sites, MURF-branded apps, Google Slides add-on, Text to speech and other MURF-related sites, apps, communications and services.
- Site means a site operated by us and includes each of https://murf.ai, https://login.murf.ai/ and any other domain that we may use from time to time.
How do we collect non-personal information?
When you visit our Site, we collect non-personal information from you including, without limitation, which sections of the Site are most frequently visited, how often and for how long. This data is always used as aggregated, non-personal information. We may analyse this non-personal information and release it to third parties in an aggregated form.
What Personal Information do we collect?
We collect the following types of information about you:
Information that you provide to us directly
(A) Signing up to our service
When you sign up to our service and set up an account, we collect the following information (which includes personal information) from you:
- Name; and
- Email address.
(B) Making a purchase
When you make a purchase or attempt to make a purchase through the Site, we collect the following information (which includes personal information) from you:
- Name;
- Email address; and
- Payment or credit card information (we don't have access to your entire credit card number or CVC as this is handled by our payment gateway).
(C) Making a video or audio
When you use our services to create an audio or a video ('Content'), we collect the following information (which includes personal information) from you:
- Any photos, videos, audio or text content provided by you when creating Content.
(D) Additional information that we may ask for (optional)
When you use our services, we may ask you to provide us with additional information. This additional information may include:
- Links to your social media accounts (including Facebook, Instagram, Twitter and YouTube); and
- Information about your industry and the type of organisation you work for.
Information that we receive from third parties
We may receive information about you (including personal information) from third parties. If you access our Site through a third-party connection or log-in, for example, through Facebook or Google, that third party may pass certain information about your use of its service to us. This information could include, but is not limited to, the user ID associated with your account, an access token necessary to access that third party service, any information that you have permitted the third party to share with us, and any information that you have made public in connection with that third party service. If you'd like to unlink your third party account from our Site, you can adjust your settings in the third party service and we will no longer receive information collected about you in connection with that service.
(E) Device information
Like many websites, when you visit our Site, we automatically collect certain information through the use of 'cookies', web beacons, device identifiers, pixels and other technologies including information about your web browser, IP address and time zone. Some of this information may be classified as personal information. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site and information about how you interact with the Site. We refer to this automatically-collected information as 'Device Information'.
We collect Device Information using the following technologies:
- 'cookies' are data files that are placed on your device or computer and often include an anonymous unique identifier;
- 'log files' track actions occurring on the Site, and collect data including your IP address, browser type, referring/exit pages, and date/time stamps; and
- 'web beacons', 'tags' and 'pixels' are electronic files used to record information about how you browse the Site.
You can control or reset your cookies through your web browser and, if you choose to, you can refuse all cookies However, some of the features of our Site may not function properly if you disable the ability to accept cookies.
How do we use your personal information?
We use the information we collect about you for the following purposes:
- Providing our products and services: We use the information that you provide to us to provide our products and services. This includes allowing you to create a Site account and to log in to your account, giving you access to your videos, recognising you across different services and devices and billing you for transactions that you make via our Site.
- Communicating with you: We use your contact information to send communications to you about important changes or updates to our products and services. When in line with the preferences you have shared with us, we also provide you with information or advertising relating to our products and services.
- Performing data analytics: We use the information about you to help us improve our products and services, including by generating analytics about how our users browse and interact with the Site and to assess the success of our marketing and advertising campaigns.
- Customising our products and services for you: We use information about you to make sure that the Site and our products and services are customised to your needs.
- Keeping our Site secure: We use information about you to screen for potential risk and fraud, and to identify violations of this Privacy Policy or our Terms of Use.
- Where required by law: We will use or disclose your information where we reasonably believe that such action is necessary to: (a) comply with the law and the reasonable requests of law enforcement or a government authority; (b) to enforce our Terms of Use or to protect the security and integrity of our Site; and (c) to exercise or protect the rights, property or personal safety of MURF Group, our users or others.
- Where you have given your consent: We may seek your consent to use your information for a particular purpose. Where you give your consent for us to do this, we will use your information in accordance with that purpose. You can withdraw your consent to these uses at any time.
- Please note that we prohibit the sale of Google user data to third-parties.
For personal information subject to the GDPR, we rely on the following legal bases to process this information:
- where you have given your consent for us to use your information;
- where the processing is necessary to perform a contract that we have with you, for example when you purchase our products or services;
- your legitimate business interests, such as improving and developing our products and services and marketing new features or products (but only where our legitimate interest isn't overridden by your interest in protecting your personal information); and
- where it is necessary for compliance with our legal obligations.
You may at any time refuse to provide the personal information that we request. However, this may limit or prohibit our ability to provide our products and services to you. You may withdraw your consent for us to process your personal information at any time by contacting us in accordance with our 'Contact us' section below.
Who do we disclose Personally Identifiable Information to?
Outside of authorised personnel employed by us, we only share your personal information with third parties that meet the data privacy conditions described in this Privacy Policy. These third parties help us use your personal information, as described above, and include:
- Marketing platforms, Communications platforms and contractors who we engage to help process personal information and other data; Listed here are external vendors we use for this purpose: Firebase, Google Cloud, Google Analytics, Mixpanel, Toplyne, Clearbit, Sendinblue, Customer.io, Userflow, Hubspot;
- Cloud services providers such as Amazon Web Services, Inc.;
- Payment Solutions provided by Stripe Inc.;
- Softwares review platform G2 Crowd
- government third parties, including government agencies, regulatory bodies and law enforcement agencies as required, authorised or permitted by law.
Service Providers
We use others to help us provide our Services (e.g., maintenance, analysis, audit, payments, fraud detection, marketing and development). They will have access to your information as reasonably necessary to perform these tasks on our behalf and are obligated not to disclose or use it for other purposes.
Data Privacy Framework
Murf Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Murf Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Murf Inc. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Murf Inc. commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF.
Participating in the Data Privacy Frameworks is a voluntary self-certification process for companies operating in the U.S. Companies that certify to the Frameworks represent that they are upholding privacy standards for Personal Data received from the EEA, UK and Switzerland. These standards exceed current U.S. privacy standards. Compliance with the respective Framework Principles is enforced by the U.S. Federal Trade Commission (FTC). The FTC has jurisdiction over Murf Inc. Accordingly, Murf Inc. is subject to the investigatory and enforcement powers of the FTC.
If a complaint cannot be resolved with Murf Inc. directly, there are readily available independent recourse mechanisms by which an individual’s complaints and disputes are investigated and expeditiously resolved at no cost to the individual and by reference to the Principles.
In some cases, the Data Privacy Framework gives you the right to pursue binding arbitration. You can do this to resolve complaints not resolved by Murf, as described in Annex I to the DPF Framework.
In the context of an onward transfer, Murf Inc. has responsibility for the processing of Personal Data it receives under the respective Data Privacy Framework and subsequently transfers to a third party acting as an agent on its behalf. Murf Inc. shall remain liable under the respective Principles if its agent processes such Personal Data in a manner inconsistent with the Principles unless Murf Inc. shows it is not responsible for the event giving rise to the damage.
Murf Inc. may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Legal Disclosures
It is possible that we will need to disclose information about you when required by law, subpoena, or other legal process or if we have a good faith belief that disclosure is reasonably necessary to
(1) Investigate, prevent or take action regarding suspected or actual illegal activities or to assist government enforcement agencies;
(2) Enforce our agreements with you;
(3) Investigate and defend ourselves against any third-party claims or allegations;
(4) Protect the security or integrity of our Services (such as by sharing with companies facing similar threats); or
(5) Exercise or protect the rights and safety of our users, personnel or others. We attempt to notify users about legal demands for their personal information when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. We may dispute such demands when we believe, in our discretion, that the requests are overbroad, vague or lack proper authority, but we do not promise to challenge every demand.
Change in Control or Sale
We can also share your personal information as part of a sale, merger or change in control, or in preparation for any of these events. Any other entity which buys us or part of our business will have the right to continue to use your information, but only in the manner set out in this Privacy Policy unless you agree otherwise.
Cross-Border Data Transfers
We process data globally and rely on legally-provided mechanisms to lawfully transfer data across borders. Countries where we process data may have laws which are different from, and potentially not as protective as, the laws of your own country.
International transfers of personal information (for users in the Designated Countries)
For our users in the Designated Countries, where we transfer your personal information to a third party provider that is not located in the Designated Country and is not subject to an adequacy decision by the EU Commission, we will require those third party providers to enter into an agreement that provides appropriate safeguards for your information.
Changing or deleting your personal information
You may update certain account information such as your name and email address by logging into your account and changing your profile settings. You can also stop receiving promotional email communications from us at any time by clicking on the 'unsubscribe link' in the relevant communication.
You may also access, review, update, rectify or delete your personal information by contacting us. We will respond to all requests within 30 days. Please note that deleting your personal information may limit our ability to provide the service to you.
We may limit or reject your request in certain cases, including without limitation where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case question, where the rights of other persons would be violated or as required by law or governance purposes.
If you need further assistance regarding your access and control of your personal information, please contact us.
Security
We implement security safeguards designed to protect your data, such as HTTPS. We regularly monitor our systems for possible vulnerabilities and attacks. However, we cannot warrant the security of any information that you send us. There is no guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
Data Retention
We generally retain your personal information as long as you keep your account open or as needed to provide you Services. This includes data you or others provided to us and data generated or inferred from your use of our Services. In some cases we choose to retain certain information (e.g., insights about Services use) in a depersonalized or aggregated form.
Minors
We do not knowingly advertise or collect personal information from any individual under the age of 13 and our services and content are not directed at children under the age of 13. For all users that are under the age of 16, we require the consent of a parent or legal guardian before that user can use our services. Our Terms of Use (available at https://murf.ai/resources/terms_of_service) has further details on this consent. If we later find out that we have collected personal information from any individual under the age of 16 without parental consent, we suspend and remove this personal information immediately.
Links to other websites and services
Our Site may allow access to third party content and services with your prior consent. We are not responsible for the practices employed by websites or services accessible from the Site, including the information or content contained within these websites or services. When you use a link to go from our Site to another website, our Privacy Policy does not apply to third-party websites or services. Your browsing and interaction on any third-party website or service that has a link or advertisement on our Site is subject to that third party's own policies.
Changes to our Privacy Policy
We can modify this Privacy Policy, and if we make material changes to it, we will provide notice through our Services, or by other means, to provide you the opportunity to review the changes before they become effective. If you object to any changes, you may close your account or stop using our Services.
You acknowledge that your continued use of our Services after we publish or send a notice about our changes to this Privacy Policy means that the collection, use and sharing of your personal information is subject to the updated Privacy Policy, as of its effective date.
Account Closure
We permanently delete account information, including any project, media or text information uploaded by you, within 30 days of account termination, except as noted below.
We retain your personal information even after you have closed your account if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our Terms of Use, or fulfill your request to "unsubscribe" from further messages from us.
Representative for data subjects in the EU and UK
We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact.
Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website. https://prighter.com/q/14532374752
Contact us
Thank you for taking the time to read this. Please don't hesitate to get in touch if you have any queries about the use of your private information, write to MURF Group's grievance officer Sneha Roy at legal@murf.ai.