We recognize the great importance of keeping your personal data private and secure. By using Banzai, you demonstrate a trust in us that we are determined to never violate in any way. We have prepared this Privacy & Security Policy to help you understand what information we collect from you, what we do with it, and how we protect it.

No one can compel us to reveal data which we do not have. For this reason, we limit the personally-identifying information we collect from you and discard a subset of that information once it is no longer needed. The following lists describe information we collect and retain, information we collect and discard, and information we will never collect from you.

• Information you explicitly provide

  As you sign up for and use Banzai and its related services, you will be given the opportunity to provide various pieces of information to us. While some of these items are required to use Banzai (such as a valid email address), many others are optional. You may provide this information to us in a variety of ways, including by interacting with our website, uploading information from an external file, sending us an email or other electronic communication, and so on.
  
  

• Information we obtain from your web browser using cookies

  To improve your user experience, Banzai uses browser cookies as a means of recognizing whether you have visited the site before and, if so, in what capacity. For example, if you ask us to login to your account automatically each time you visit the site, we will place a cookie on your browser to facilitate this functionality. While the contents of these cookies have meaning to us, they contain no information which could be used by anyone else to personally identify you.
  
  

• Technical information we gather when you visit the site

  Your browser passes certain information to our web servers during every visit, including data concerning the configuration of your computer and network connection and the means by which you are connecting to our site. This data may be recorded in log files stored on our server.
  
  

• Information you give to a site which is affiliated with us

  If you provide information to a third-party site with which we have an affiliate relationship, the operators of that site may share that information with us in accordance with their own privacy policy.
  
  

• Your name and address

  As a fraud protection measure, we are required by our merchant bank to submit certain personal information such as the name and address associated with the credit card used to pay for your subscription. Of this information, the only data we retain is the billing ZIP/postal code and country. Immediately after the payment is submitted for processing, we securely delete the name and other parts of the address. Note that, in the event that there is a legitimate need for this information (to investigate a fraudulent payment, for example), the credit card gateway may provide the full name and address associated with the account upon our request. In no event will this information be stored on any of our web or database servers, however, and it can only be obtained via a manually-issued request from an individual with appropriate administrative credentials.
  
  

• Payment information

  We're not a bank and, as such, we have no business storing your credit card number. Immediately after transmitting the payment information to the credit card gateway, we securely delete the account number (excluding the last four digits, which are saved for your reference) and the CVV code.
  
  

• Unneeded data from transaction upload files

  Regardless of what they may contain, Banzai immediately and securely discards any information found in transaction upload files that is not a transaction title, date, or amount.
  
  

Unlike many other personal finance solutions, Banzai does not ask you for the account numbers associated with your bank accounts or credit cards (other than the one used for payment), passwords to online banking websites, government ID numbers, or any other piece of extraneous information which could be used to steal your identity.

As you would expect, we will use the information we collect from you to deliver the services and, if applicable, the products associated with your subscription. We may analyze this information in an effort to make Banzai better, as well as to improve the technical functioning of the system as a whole. From time to time, you may see customized content on your homepage or elsewhere within the site that is based upon our analysis of the information we have collected from you.

The email address you provide to us will be used to deliver information related to your Banzai subscription, the status of your account, and may occasionally be used to announce or discuss new and existing features and functionality. The only messages you receive as a result of using the service will be from us.

We will only share information we collect from you with non-affiliated third parties in very limited circumstances, as described below.

• We will pass your payment card details to our payment gateway which, in turn, will provide the information to our merchant bank. Once it leaves our hands, your data will be subject to a variety of stringent privacy policies, including those of Visa, MasterCard, American Express, or Discover (depending upon which card was used to pay for the subscription).
• We may provide technical information about your use of the service (such as your Internet Protocol address) to third parties as necessary to service your subscription or enforce the Terms of Use.
• We may elect to outsource certain technical services to third-party providers as necessary to ensure that you receive the best possible user experience. Authorized personnel at these organizations may be given access to databases containing user information for the sole purpose of performing technical maintenance tasks.
• We may, from time to time, share aggregated user information with others for research, development, and other purposes. This information will never include individualized data (e.g. information traceable to an individual user), even on an anonymous basis. We will only share data attributable to a group of users, for example: "312 Banzai users in the United Kingdom made a purchase at Starbucks last month."
• As you would expect, any comments or postings you make on our blog or forums will be made available for viewing by anyone visiting the Blog or Forums.
• Information included in a profile created for the purpose of posting messages or comments on our blog or forums may be made available for viewing by other Blog or Forum visitors. This information may include your email address, though you will always be given the option of keeping it private.
• If we receive a subpoena or court order which we believe to be valid and enforceable, we reserve the right to share whatever information we have been ordered to provide.

We will not share any information we collect with your Banzai Coach. This includes your email address. For this reason, if you wish to receive communications from your Coach, you will need to initiate contact first. While you may choose to share this information if you wish, your Coach will not have access to any transaction, jar, account, or category data or balances.

The only exception to this policy applies if your Coach serves in another capacity wherein he/she normally has access to individual user data. For example, this exception would apply to a Coach who is an employee of Kendagriff, LLC (the company which owns Banzai) and who has access to the user database as part of his/her job responsibilities.

Your user data may remain on our servers even after canceling or closing your account. If you do not intend to make further use of your Banzai account and would like us to permanently delete your user data, cancel and/or close your account and send an email with your request from the address you used to login to Banzai to privacy@banzaiway.com. Upon receiving this request, we will erase all data related to the Banzai web application (including your accounts, jars, transactions, and categories, among other items) from our servers. Note, however, that we are unable to remove comments or postings made to the Banzai Blog or Forums in response to this request.

We protect your security both by limiting the amount of personally-identifiable data we retain, as described above, and by ensuring that appropriate measures are taken to secure the data we do store. Some of the security measures we've implemented are shown below.

• SSL Encryption

  When accessing critical parts of the Banzai website, such as screens where you provide credit card data or where your password is required, transmissions between your web browser and our servers are encrypted using the Secure Sockets Layer protocol. Your data will be encrypted using a key up to 256 bits in length (the exact key length is dependent upon your browser). This ensures that no one is able to intercept these transmissions en route and helps to keep your credit card information and password private and secure. A similar means of encryption is utilized when we pass your credit card data to the payment gateway.
  
  

• Off-Site Data Backup

  All user data stored in the Banzai web application is backed up nightly to a remote location, providing protection in the unlikely event that our main data center is physically damaged or destroyed.
  
  

• Intrusion Protection

  We have implemented a variety of technical safeguards to minimize the possibility of an unauthorized user gaining remote access to our servers. These measures include, but are not limited to, utilizing a firewall to protect server data, restricting the number of individuals with administrative access to the server and databases, and taking appropriate steps to secure administrative login credentials.
  
  

• Password Encryption

  Your password is stored in our user database in an encrypted format. Even server administrators do not have access to it.
  
  

• Protection against Password Guessing

  Your account will automatically lock after preset number of unsuccessful login attempts. Unlocking the account requires access to messages sent to the email address you use to login to Banzai. This makes it very difficult for an attacker to gain access to your account by guessing your password and somewhat reduces the need for long, unwieldy passwords.
  
  

• Physical Security

  All of our servers are located in secure facilities designed to deter attempts at unauthorized physical access.
  
  

• Loss Mitigation

  This is perhaps our most effective line of defense. Because we do not retain personal information such as your name, address, or credit card number, in the highly unlikely event that an intruder were to gain access to our systems, he wouldn't find much of value to him. He could look all day long but he still wouldn't locate anything which would enable him to personally identify you (unless he recognized your email address), much less steal your identity.
  
  

In the event that this policy changes in the future, all subscribers to the Banzai web application will be notified by email using the addresses we have on file. Each subscriber will be given the opportunity to review the changes and remove his/her data from our systems prior to the effective date of the change if he/she so desires.

If you have questions or concerns concerning our Privacy & Security Policy, or if you believe that it is being violated in any way, feel free to contact us via email at privacy@banzaiway.com or by letter at Kendagriff, LLC, 1292 S 1510 E, Provo, UT 84606-6543, USA.