Privacy Policy

Effective: April 21, 2026

Introduction

Y Meadows is committed to protecting your privacy. In order to provide our services and ensure a personalized experience, we need to collect certain information from you. This Privacy Notice explains when and why we collect Personal Information about you, the types of Personal Information we may collect when you interact with us, and how we safeguard your data. If you have any questions, please contact us at [email protected].

About Y Meadows

This Privacy Policy applies to all products, services, websites, and apps offered by Y Meadows, Inc. We refer to these collectively as the “services” in this policy.

References to “data” refer to whatever data you use our services to collect, whether it be app interactions or event registrations. References to “Personal Information” or “Personal Data” mean information that identifies, relates to, or could reasonably be linked to you personally.

Depending on our relationship with you, we require different types of Personal Information:

• Owners: You create or administer Y Meadows solutions.
• Users: You use a solution powered by Y Meadows.
• Community Members: You expressed interest in our events, attended an event, or asked to stay in touch.
• Visitors: You visited our website.

The Types of Personal Information We Collect

• Contact Information: Name, email address, or phone number provided through our services, website forms, or interactions with sales/support. We keep these requests to a minimum.
• Profile Data: Information provided when signing into apps, attending events, or creating an application.
• Usage Information: Data on how you interact with our websites or solutions (e.g., pages visited, clicks, timestamps, language preferences).
• Device and Browser Data: IP address, operating system version, device type, system performance, and browser type.
• Information From Cookies: We use third-party tracking services that employ cookies to collect usage statistics. Emails sent by Y Meadows may include tags to track open and click rates.
• Log Data: Server log files containing originating IP addresses, ISPs, files viewed, OS versions, and timestamps.
• Referral Information: Information about the external source (link or email) that referred you to our site.
• Information From Third Parties & Integration Partners: Data from third parties if you grant them permission to share it with us (e.g., LinkedIn for authentication).

If you are an Owner, we will also collect:

• Account Information: Information about your company and role.
• Billing Information: Name, address, email, and financial details corresponding to your selected payment method.

If you are a User of our applications, we will collect:

• Application Data: We store your application data (responses) and provide tools to analyze this information.

How We Secure Your Data

We maintain an information security management system with strict processes to prevent data loss.

• We encrypt Personal Information at rest where possible.
• We use encrypted HTTPS links between our web servers and your browser.
• We continuously monitor our systems for vulnerabilities and conduct regular penetration testing to strengthen security.

Who We Share Your Personal Information With and Why

We share Personal Information with trusted third parties only when necessary. They receive only what they need and cannot use your data for unauthorized purposes. Your data is deleted or anonymized if our partnership ends.

• Service Providers: We use companies to process and store data as part of our contracts (e.g., Google Analytics, Google Workspace, Google Cloud Platform).
• Legal Obligations: We may share information if legally required to do so.
• No Sale of Data: We never sell or trade your contact details with any third parties.

Your General Rights Over Your Personal Information

• Opt-Out of Marketing: You may unsubscribe using the link in our emails or by contacting [email protected].
• Right to Rectification: If your data is inaccurate, contact us to correct it without undue delay. (Note: For third-party data you control, we will assist you in complying with your data controller obligations).
• Right to be Forgotten: If we lack a legal basis to process your data, or you withdraw consent, we will delete your data.
• Right to Review: You may contact us at any time to review the data we hold about you.

U.S. State Privacy Rights

This section supplements our policy for residents of U.S. states with comprehensive privacy laws (including California, Virginia, Colorado, Connecticut, Utah, Texas, and others).

Your Rights Under U.S. State Laws (including the CCPA/CPRA):

• Right to Know/Access: You can request a copy of the specific pieces of Personal Information we have collected about you.
• Right to Delete: You can ask us to delete Personal Information we collected from you, subject to certain exceptions.
• Right to Correct: You may request the correction of inaccurate Personal Information.
• Right to Limit Use of Sensitive Data: We do not generally collect sensitive personal information, but if we do, you have the right to limit its use.
• Right to Opt-Out of Sale or Targeted Advertising: We do not sell Personal Data. However, we use cookies for analytics and advertising. You may opt out of targeted tracking technologies via our website’s cookie preferences.
• Non-Discrimination: You will not receive discriminatory treatment for exercising these rights.

Exercising Your Rights: Email us at [email protected]. We may need to verify your identity before processing your request.

Privacy Notice for European & UK Residents

If you reside in the European Economic Area (EEA), the United Kingdom (UK), or Switzerland, you have specific rights under the General Data Protection Regulation (GDPR) and UK GDPR.

Controller: Y Meadows, Inc. acts as the data controller for your Personal Data.

Legal Bases for Processing:

• Service Delivery: Contractual necessity or legitimate interest to operate our services.
• Research & Development: Legitimate business interests.
• Marketing: Consent (where required by law) or legitimate interest.
• Compliance: To fulfill legal obligations.

Your European Data Subject Rights:

• Access, Rectification, and Erasure: View, correct, or delete your data.
• Withdrawal of Consent: Revoke consent at any time.
• Data Portability: Receive your data in a machine-readable format or request transfer to another controller.
• Objection & Restriction: Object to or restrict certain processing activities (e.g., direct marketing).
• Right to Complain: You may lodge a complaint with your local supervisory authority.

International Data Transfers:

To provide our Services, your data is processed in the United States. We ensure lawful transfers through mechanisms approved by European law, such as the EU-U.S. Data Privacy Framework (DPF) or Standard Contractual Clauses (SCCs).

Data Retention

We retain Personal Data only as long as necessary considering the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use, the purposes of processing, and applicable legal requirements.

Internet Security Policy & Third-Party Tracking

For site security and to ensure service availability, our systems monitor network traffic to identify unauthorized attempts to upload or alter information. Unauthorized attempts are strictly prohibited and punishable under applicable laws, including the Computer Fraud and Abuse Act.

When you visit our website, cookies and similar technologies may be used by data partners to associate your activities with other personal information (including email/home addresses). We (or our service providers) may send marketing communications to these addresses. You may opt out of this specific advertising network by visiting: https://app.retention.com/optout.