Flowcharts
Wireframes
Mind Maps
Projects
Docs
Pricing
LOg in

Privacy

Last Updated May 15, 2023

Your privacy is important to us. At Whimsical, we have a few fundamental principles:

  • We are thoughtful about the personal information we ask you to provide and the personal information that we collect about you through the operation of our services.
  • We store personal information for only as long as we have a reason to keep it.
  • We aim to make it as simple as possible for you to control what information is shared publicly, kept private, and deleted.
  • We aim for transparency on how we gather, use, and share your personal information.

Below is our Privacy Notice, which incorporates and clarifies these principles.

PLEASE READ THIS PRIVACY NOTICE CAREFULLY TO UNDERSTAND HOW WE HANDLE YOUR PERSONAL INFORMATION. IF YOU DO NOT AGREE TO THIS PRIVACY NOTICE, PLEASE DO NOT ACCESS THE WEBSITE OR USE OUR SERVICES.

If you live in or are located in Europe or certain US states, and if you would also like to identify your data controller and processor, please see "Regional Terms for Europe and Certain US States" below.

Who We Are and What This Privacy Notice Covers

Hey there! We are the folks behind Whimsical, a service designed to allow anyone to collaborate on ideas visually.

This Privacy Notice applies to information that we collect about you when you access our website located at Whimsical.com and any related websites and successor websites (the "Website") and/or to utilize the visual collaboration tools provided on our Website, including any beta or pre-release tools (together with the Website, the “Services”). This Privacy Notice is governed by our Terms of Service. Defined terms used herein and not otherwise defined have the meanings set forth in the Terms of Service.

Below we explain how we collect, use, and share personal information about you, along with the choices that you have with respect to that information.

Personal Information We Collect

We collect information in the following ways: if and when you provide information to us (Registration Data), information we collect automatically when you utilize our Services (Usage Data), information we collect from other sources, information we collect through our Services (Customer Data), and information you provide during the job application process (Recruiting Data). Let‘s go over the information that we collect.

Information You Provide to Us

It‘s probably no surprise that we collect information that you provide to us. The amount and type of information depends on the context and how we use the information. Here are some examples:

  • Basic Account Information: We ask for basic information from you in order to set up your account. For example, we require individuals who sign up for a Whimsical.com account to provide a valid email address–and that‘s it. You may choose to provide your name and an image or photo to use as an avatar, and if you choose to do so, we will collect that information as well.
  • Transaction and Billing Information: If you buy a subscription to a Whimsical.com plan from us, you will provide additional personal and payment information that is required to process the transaction and your payment, such as your name and contact information.
  • Communications With Us: You may also provide us information when you respond to surveys, communicate with us about a support question, provide feedback about our Services, or engage in sales discussions with us, each of which may include personal information.

Throughout this Privacy Notice, we will refer to this information as “Registration Data”. Registration Data does not include Customer Data (defined below).

Information We Collect Automatically

We also collect some information automatically:

  • Log Information: Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. We collect log information when you use our Services.
  • Usage Information: We collect information about your usage of our Services. For example, we collect information about the actions that Administrators and Users perform on a Workspace—in other words, who did what, when and to what thing in a Workspace—as well as the number of Users accessing a Workspace. We also collect information about what happens when you use our Services (e.g., page views) along with information about your device (e.g., screen size, name of cellular network, and mobile device manufacturer). We use this information to, for example, provide our Services to you, as well as get insights on how people use our Services, so we can make our Services better.
  • Geolocation Information: We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Services from certain geographic regions.
  • Information from Cookies and Similar Technologies: A cookie is a string of information that a website stores on a visitor‘s computer, and that the visitor‘s browser provides to the website each time the visitor returns. Pixel tags (also called web beacons) are small blocks of code placed on websites and in emails. To collect information automatically as described in this section, Whimsical and its service providers may use cookies and other technologies like pixel tags to help us identify visitors and understand usage and access preferences for our Services, as well as analyze email campaign effectiveness. Our use of cookies is specified in our Cookie Policy, which is updated regularly to reflect current practices. You can turn off your web browser’s ability to accept cookies, but if you do so, certain parts of our Services may not work for you.
  • Public Social Media Posts: We may collect public posts to social media platforms and other social media information such as your name and social media handle that specifically mentions our Company via our handles.

Throughout this Privacy Notice, we will refer to this information as “Usage Data”. Usage Data does not include Customer Data (defined below).

Information We Collect from Other Sources

We may also receive information about you from other sources. For example, if you create or log into your Whimsical.com account through another service (like Google), we will receive information from that service (such as your basic profile information) via the authorization procedures used by that service.

Information We Collect through Our Services

We also receive information from you that you input and include when you use our Services. For example, any information that you type into any visual Workspace that you create in the Services will be collected or any similar information you provide in the course of providing feedback. Throughout this Privacy Notice, we will refer to this information as “Customer Data”). Customer Data does not include Usage Data or Registration Data.

Information You Provide During the Job Application Process

We may also receive information about you if you submit a job application, inquire about opportunities at Whimsical, provide us your information at a recruiting event, or if we receive information about you from third parties in connection with our recruiting activities. Throughout this Privacy Notice, we will refer to this information as "Recruiting Data". Recruiting Data may include:

  • Name and contact information such as phone number, email address, and postal address;
  • employment history such as prior employers and dates of employment;
  • education history such as degrees earned and institutions attended;
  • resume, CV, educational transcripts, and any information contained in or with such documentation;
  • job qualifications and work eligibility information such as country of residence, visa and immigration status, and citizenship;
  • reference information, such as name and contact details of your references;
  • compensation information that you voluntarily provide, and which may depend on your region and applicable laws and regulations;
  • background check information, subject to applicable law; and
  • sensitive personal information that you provide voluntarily or which we request on a non-mandatory basis in order to comply with applicable law.

You are responsible for the Recruiting Data you provide or make available to us and all Recruiting Data you provide must be truthful, accurate, and not misleading in any way. You may not provide Recruiting Data that is obscene, defamatory, infringing, malicious, or that violates any law. To the extent you voluntarily provide any sensitive or special categories of information, as may be defined in applicable laws, you explicitly consent to our processing of such information as described in this Privacy Notice. Depending on your region or the region where an opportunity is located, we may be required to process certain sensitive personal information to comply with applicable local law. You are responsible for providing any notices and obtaining any consents necessary for us to collect and use personal information of your references as described in this Privacy Notice.

How And Why We Use Your Personal Information

We use information about you as mentioned above and for the purposes listed below:

  • To provide our Services, for example, to set up and maintain your account, host your Workspace, provide support and customer service, or charge you for any of our paid Services;
  • To further develop and improve our Services, for example by adding new features that we think our Users will enjoy;
  • To monitor and analyze trends and better understand how Users interact with our Services, which helps us improve our Services and make them easier to use;
  • To measure, gauge, and improve the effectiveness of our advertising, and better understand User retention and attrition for example, we may analyze how many individuals purchased a plan after receiving a marketing message or the features used by those who continue to use our Services after a certain length of time;
  • To monitor and prevent any problems with our Services, protect the security of our Services, detect and prevent fraudulent transactions and other illegal activities, fight spam, and protect the rights and property of Whimsical and others, including enforcing our Terms of Service and/or other agreements, which may result in us declining a transaction or the use of our Services;
  • To provide webinars and training sessions;
  • To provide optional features of the Services as more fully set forth in the Whimsical AI Supplementary Terms;
  • To communicate with you in response to your inquiries regarding the Services or otherwise, such as in response to sales inquiries;
  • To communicate with you, for example through an email about offers and promotions offered by Whimsical and others we think will be of interest to you, solicit your feedback in writing, on conference calls, or other channels, or keep you up to date on Whimsical and our products; 
  • To personalize your experience using our Services and target our marketing messages to groups of our Users for example, those who have a particular plan with us or have been our User for a certain length of time; and
  • For Recruiting Data, to review and evaluate an application you submit, communicate with you regarding your application or other interest in Whimsical opportunities; process your onboarding if you are hired; operate, improve, and maintain the security of our recruiting process; and comply with applicable laws and otherwise operate our business. 

How and Why We Share Personal Information

We share information about you in the limited circumstances spelled out below and with appropriate safeguards in place to protect your privacy:

  • Other Users: We may disclose information about you to other Users in your Workspace. For example, if you join a Workspace owned by another User or Organization, or collaborate with other Users on Whimsical, Whimsical may share basic information about you such as your name, email address, profile picture, and Workspace name with the other Users or Organizations. Please see “Your Employer or Relevant Organization” below for more information.
  • Subsidiaries, Employees, and Independent Contractors: We may disclose information about you to our subsidiaries, our employees, and individuals who are our independent contractors that need to know the information in order to help us provide our Services or to process the information on our behalf. We require our subsidiaries, employees, and independent contractors to follow this Privacy Notice for personal information that we share with them.
  • Third Party Vendors: We may share information about you with third party vendors who need to know information about you in order to provide their services to us, or to provide their services to you. This group includes vendors that help us provide our Services to you (like payment providers that process your credit and debit card information or technology providers that enable certain features in our Services), those that assist us with our marketing efforts (e.g., by providing tools for identifying a specific marketing audience or improving our marketing campaigns), those that help us provide support and obtain your feedback (like support platforms or conference call systems with call recording abilities), those that help us understand and enhance our Services (like analytics providers), and those that help us conduct our recruiting and hiring activities (such as recruiting firms or background check providers). If you connect your account to certain vendors that
    are third party integrations, certain information will be shared between such vendor and Whimsical to facilitate the integration.  We require vendors to agree to privacy commitments in order to share information with them.
  • Your Employer or Relevant Organization: We may share your email address with your employer or other relevant organization (“Organization”) in certain circumstances:
  • If you register a Whimsical account or associate a Whimsical account with an email address provisioned by your organization, Whimsical may share information about you and any Workspaces owned or managed by you with your Organization. Such information could include your name, email address, and profile picture, as well as the Workspace name, membership size, creation date of your Workspace, and content within your Workspace. If you registered to use Whimsical’s Services with such an email address, but you do not use the Services in connection with your Organization and you do not wish for this information to be shared with your Organization, you may transfer your account to a different email address. For information on how to change the email address associated with your Whimsical account please follow the instructions here: https://help.whimsical.com/article/583-changing-your-account-email-address-or-adding-a-new-one. If you would like additional assistance, please contact help@whimsical.com
  • If (i) you create a Whimsical account or access our Services and the domain of the email address associated with your account is owned by the Organization and (ii) such Organization wants to establish an enterprise account with Whimsical or otherwise has requested that Whimsical inform it of any of its email addresses registered with Whimsical, your email address associated with such Organization may be shared with the Organization to provide you additional Services, integrate your Whimsical account with the Organization’s, or otherwise as elected by the Organization. If the Organization ultimately creates an enterprise account with Whimsical, the remainder of your personal information associated with accounts registered with the Organization’s email domain may be disclosed to the Organization as described above. We may also share your personal information with the Organization (such as their accounting department) or the credit card account holder to validate your payment if you purchase Services using a credit card.
  • Legal Requests: We may disclose information about you in response to a subpoena, court order, or other governmental request, including to meet national security or law enforcement requirements.
  • To Protect Rights, Property, and Others: We may disclose information about you when we believe in good faith that disclosure is reasonably necessary to protect the property or rights of Whimsical, third parties, or the public at large. For example, if we have a good faith belief that there is an imminent danger of death or serious physical injury, we may disclose information related to the emergency without delay, or we may need to disclose your information in connection with enforcing our Terms of Service and/or other agreements.
  • Business Transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that Whimsical goes out of business or enters bankruptcy, Registration Data, Usage Data, Customer Data, and Recruiting Data would likely be one of the assets that is transferred or acquired by a third party.
  • With Your Consent: We may share and disclose information with your consent or at your direction. For example, we may share your information with third parties with which you authorize us to do so.
  • Aggregated or De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
  • Published Support Requests: And if you send us a request (for example, via a support email or one of our feedback mechanisms), we reserve the right to publish that request in order to help us clarify or respond to your request or to help us support other Users and may remove your personal information from the request.

How Long We Keep Personal Information

We generally discard information about you when we no longer need the information for the purposes for which we collect and use it–which are described in the section above entitled "How and Why We Use Personal Information"–and we are not legally required to continue to keep it. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the information, the potential risk of harm from unauthorized use or disclosure of your information, the purposes for which we process your information and whether we can achieve those purposes through other means, and the applicable legal requirements. For example, we keep the web server logs that record information about a visitor to our Website, such as the visitor’s IP address, browser type, and operating system, for approximately 90 days. We retain the logs for this period of time in order to, among other things, analyze traffic to the Website and investigate issues if something goes wrong on our Website.

How to Access and Control Your Personal Information

You can view, access, edit, or delete your personal information for many aspects of the Services. You can request that Whimsical delete your personal information by sending an email to privacy@whimsical.com with “Please delete my personal information” in the subject line. Whimsical will verify your identity and then delete the personal information associated with your email address. You may also delete your account within your Account Settings through the Services. Please note that we may retain certain information as required or permitted by applicable law, and we may deny your deletion request if retaining the personal information is necessary for us or our service providers under any permitted exceptions.

Children’s Privacy

Our Website and the Services are not intended for general audiences and not for children under the age of 16. No one under age 16 may provide any personal information on the Website or through the Services. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this Website or through the Services. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at privacy@whimsical.com.

Security

While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so, such as monitoring our Services for potential vulnerabilities and attacks. For details about the measures we take to protect information about you, please refer to our Security webpage located at https://whimsical.com/security/.

Other Sites, Mobile Applications and Services

The Website may contain links to other websites, mobile applications, and other online services operated by third parties such as social media companies or payment processors (“Third Party Services”). These links are not an endorsement of, or representation that we are affiliated with, any third party.  In addition, our content may be included on Third Party Services. We do not control these Third Party Services, we are not responsible for their actions, and they may follow different rules regarding the collection, use and sharing of your personal information.  We encourage you to read the privacy policies of Third Party Services you use.

Choices

You have several choices available when it comes to information about you:

  • Limit the Information that You Provide: If you have an account with us, you can choose not to provide the optional account information, profile information, and transaction and billing information. Please keep in mind that if you do not provide this information, certain features of our Services may not be accessible.
  • Choose Not to Use Certain Features: You may choose not to use certain features within our Services where the use of such features results in the processing of information you submit through the feature by a third party. For example, use of our AI feature results in the sharing of information in accordance with the Whimsical AI Supplementary Terms. If you do not wish to share information with the third party providing the AI feature, please do not use such feature.
  • Opt-Out of Electronic Communications: You may opt out of receiving promotional messages from us. Just follow the instructions in those messages. If you opt out of promotional messages, we may still send you other messages, like those about your account and legal notices.
  • Set Your Browser to Reject Cookies: At this time, Whimsical does not respond to "do not track" signals across all of our Services. However, you can usually choose to set your browser to remove or reject browser cookies before using our Website, with the drawback that certain features of the Website may not function properly without the aid of cookies.
  • Delete Your Account: While we’d be very sad to see you go, if you no longer want to use our Services, you can delete your Whimsical.com account. Please keep in mind that we may continue to retain your information after closing your account, as described in "How Long We Keep Personal Information" above, for example, when that information is reasonably needed to comply with (or demonstrate our compliance with) legal obligations such as law enforcement requests, or reasonably needed for our legitimate business interests.

Regional Terms for Europe and Certain US States 

The Website and our Services are hosted in and provided from the United States, and your use of our Website and Services is governed by United States law. If you are using the Website or Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our systems and facilities, and those of our third party providers and recipients of information, are located. The data protection and other laws of the United States and other countries might be different than those in your country. By using the Website and Services, you consent to your information being transferred to our systems and facilities, and to the systems and facilities of those third parties with whom we share information as described in this Privacy Notice. Please see our Regional Privacy Notice Supplement for further information applicable to individuals who are residents of certain US states such as California and Nevada or are located in the European Economic Area, United Kingdom, and Switzerland.

Privacy Notice Changes

Although most changes are likely to be minor, Whimsical may change its Privacy Notice from time to time, and in Whimsical’s sole discretion. Whimsical encourages visitors to frequently check this page for any changes to its Privacy Notice. Your continued use of this site after any change in this Privacy Notice will constitute your acceptance of such change.

How to Reach Us

If you have a question about this Privacy Notice, or you would like to contact us about any of your rights mentioned herein, please contact us at privacy@whimsical.com. You may reach us by mail at Whimsical, Inc., 1630 Welton Street, 7th Floor, Denver, Colorado 80202, USA.

Product

Company

Contact Sales
StatusSecurityTermsPrivacy
© 2023 Whimsical Inc.
TermsPrivacySecurity
© 2020 Whimsical