Basecamp
US·basecamp.com
Basecamp shares data primarily with service providers to operate the platform.
Overview
Sells your data No
We never sell your data.
Shares with third parties Yes
Tracking levelModerate
Your Privacy Controls
Global Privacy Control (GPC)
Browser signal to opt out of data selling
UnknownDo Not Track (DNT)
Browser signal to opt out of tracking
UnknownHow Long Data Is Kept
as needed for purposes or legal contractual obligations
Where Data Goes
Sent outside EU/EEAYes
US
Who Gets Your Data
Other Third Parties
Not clearly specified who receives your data
Other Third Parties
Not clearly specified who receives your data
Other Third Parties
Not clearly specified who receives your data
Other Third Parties
Not clearly specified who receives your data
Other Third Parties
Not clearly specified who receives your data
Tracking & Analytics
GoogleAd networkAd companies
What Data Is Collected
28 types| Data Type | Category | Why |
|---|---|---|
| Name | Identity | Identifying information collected during product sign-up for account personalization and sending product updates/essential information. When you sign up for a 37signals product, we ask for identifying information such as your name, email address, and maybe a company name. |
| Email Address | Identity | Identifying information collected during product sign-up for account personalization, sending product updates/essential information, newsletters, and for voluntary correspondence/support. Also used in a hashed form for ad exclusion. When you sign up for a 37signals product, we ask for identifying information such as your name, email address, and maybe a company name. |
| Company Name | Identity | Optional identifying information collected during product sign-up for account personalization. When you sign up for a 37signals product, we ask for identifying information such as your name, email address, and maybe a company name. |
| Profile Picture | Identity | Optional profile picture that users can add to display in products. We sometimes also give you the option to add a profile picture that displays in our products. |
| Payment Information (Credit Card) | Financial | Credit card details submitted directly to a payment processor for paid products. 37signals does not store full credit card numbers. If you sign up for a paid 37signals product, you will be asked to provide your payment information and billing address. Credit card information is submitted directly to our payment processor and doesn’t hit 37signals servers. |
| Last 4 Digits of Credit Card Number | Financial | Stored as a record of payment transactions for account history, invoicing, and billing support. We store a record of the payment transaction, including the last 4 digits of the credit card number, for purposes of account history, invoicing, and billing support. |
| Billing Address | Financial | Stored to charge for service, calculate sales tax, send invoices, detect fraudulent credit card transactions, and for tax authority audits. We store your billing address so we can charge you for service, calculate any sales tax due, send you invoices, and detect fraudulent credit card transactions. |
| Product Content | Other | Content uploaded, received, or maintained in 37signals product accounts (e.g., projects in Basecamp, emails in HEY) to enable product functionality. We store on our servers the content that you upload or receive or maintain in your 37signals product accounts. |
| IP Address | Technical | Full IP address logged for product account signup (spam mitigation), all account access (security, fraud prevention), website interactions (analytics), and anti-bot assessments. For most of our products, we log the full IP address used to sign up a product account and retain that for use in mitigating future spammy signups. We also log all account access by full IP address for security and fraud prevention purposes... |
| Browser Type | Technical | Collected as part of browsing activity for analytics and statistical purposes. This includes, for example, your browser and operating system versions, your IP address, which web pages you visited and how long they took to load, and which website referred you to us. |
| Operating System | Technical | Collected as part of browsing activity for analytics and statistical purposes. This includes, for example, your browser and operating system versions, your IP address, which web pages you visited and how long they took to load, and which website referred you to us. |
| Web Pages Visited | Behavioral | Collected as part of browsing activity for analytics and statistical purposes. This includes, for example, your browser and operating system versions, your IP address, which web pages you visited and how long they took to load, and which website referred you to us. |
| Page Load Times | Technical | Collected as part of browsing activity for analytics and statistical purposes. This includes, for example, your browser and operating system versions, your IP address, which web pages you visited and how long they took to load, and which website referred you to us. |
| Referring Website | Technical | Collected as part of browsing activity for analytics and statistical purposes. This includes, for example, your browser and operating system versions, your IP address, which web pages you visited and how long they took to load, and which website referred you to us. |
| Time on App | Behavioral | Evaluated by CAPTCHA service to detect automated programs for anti-bot assessments. When you log into your 37signals accounts and when you fill in certain forms in HEY, the CAPTCHA service evaluates various information (e.g., IP address, how long the visitor has been on the app, mouse movements) to try to detect if the activity is from an automated program instead of a human. |
| Mouse Movements | Behavioral | Evaluated by CAPTCHA service to detect automated programs for anti-bot assessments. When you log into your 37signals accounts and when you fill in certain forms in HEY, the CAPTCHA service evaluates various information (e.g., IP address, how long the visitor has been on the app, mouse movements) to try to detect if the activity is from an automated program instead of a human. |
| Spam Score | Technical | Provided by CAPTCHA service to 37signals for mitigating brute force logins and spam protection. The CAPTCHA service then provides 37signals with the spam score results; we do not have access to the evaluated information. |
| Third-Party Cookies Data (Ad Network Info) | Technical | Information sent to ad networks (e.g., ad clicked, keyword, actions taken) to evaluate ad effectiveness. Where permissible under law, we may load an ad-company script on their browsers that sets a third-party cookie and sends information to the ad network to enable evaluation of the effectiveness of our ads, e.g., which ad they clicked and which keyword triggered the ad, and whether they performed certain actions such as clicking a button or submitting a form. |
| First-Party Cookies Data | Technical | Used to store preferences, ease application use, perform A/B testing, and support analytics. May include browser type, operating system, web pages visited, duration of visit, content viewed. We also use persistent first-party cookies and some third-party cookies to store certain preferences, make it easier for you to use our applications, and perform A/B testing as well as support some analytics. ... It might also collect information such as your browser type, operating system, web pages visited, duration of visit, content viewed, and other click-stream data. |
| Click-Stream Data | Behavioral | Collected via cookies, includes content viewed and other click data. It might also collect information such as your browser type, operating system, web pages visited, duration of visit, content viewed, and other click-stream data. |
| Support Correspondence | Communications | Emails sent to 37signals with questions or requests for help, including the user's email address, kept for historical reference. When you email 37signals with a question or to ask for help, we keep that correspondence, including your email address, so that we have a history of past correspondence to reference if you reach out in the future. |
| Survey Responses | Behavioral | Written responses to optional surveys, volunteered by users to help understand product usage and make improvements. We may also send you optional surveys from time to time to help us understand how you use our products and to make improvements. ... We also store information you may volunteer, for example, written responses to surveys. |
| Recorded Customer Interviews | Communications | Recordings of conversations from customer interviews, with express consent, for future reference or use. If you agree to a customer interview, we may ask for your permission to record the conversation for future reference or use. We will only do so with your express consent. |
| Mobile Device Contacts | Social | Accessed by mobile apps with user consent for optional features. Because of how the platforms are designed, our apps typically must request your consent before accessing contacts, calendar, camera, and other privacy-sensitive features of your device. |
| Mobile Device Calendar | Other | Accessed by mobile apps with user consent for optional features. Because of how the platforms are designed, our apps typically must request your consent before accessing contacts, calendar, camera, and other privacy-sensitive features of your device. |
| Mobile Device Camera | Other | Accessed by mobile apps with user consent for optional features. Because of how the platforms are designed, our apps typically must request your consent before accessing contacts, calendar, camera, and other privacy-sensitive features of your device. |
| Hashed Email Address | Identity | One-way hash of email address disclosed to ad companies to exclude users from seeing ads. Where permissible by law and if you have a Basecamp account, we may disclose a one-way hash of your email address with ad companies to exclude you from seeing our ads. |
| Tax Exemption Information | Financial | Disclosed if audited by a tax authority, as part of billing-related information. If we are audited by a tax authority, we may be required to disclose billing-related information. If that happens, we will disclose only the minimum needed, such as billing addresses and tax exemption information. |
Why Your Data Is Used
Core Service
- personalizationStoring user preferences allows for a tailored and personalized experience within the service.store certain preferences
- product improvementImproving the ease of use of applications is a direct form of product improvement.make it easier for you to use our applications
- product improvementA/B testing is a method used to gather data and make informed decisions to improve the product or service.perform A/B testing
Security & Integrity
- authenticationRemembering login information is essential for user authentication and secure access to the service.help remember login information
Marketing & Advertising
- analyticsCollecting data to measure how well advertisements are performing is a form of marketing analytics.enable evaluation of the effectiveness of our ads, e.g., which ad they clicked and which keyword triggered the ad, and whether they performed certain actions such as clicking a button or submitting a form.
- analyticsUsing cookies to support general analytics helps understand user behavior, which can inform marketing strategies and product development.support some analytics
Deceptive Practices
Forced Consent