Gooey <-->

Privacy Policy

Last updated: 

August 9, 2024

Table of contents

1. Overview

Degree, Inc., doing business as Lattice, (“Lattice,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains who we are, how we collect, use, and share Personal information about you and how you can exercise your privacy rights. This Privacy Policy describes (unless a different privacy notice is displayed) our privacy practices regarding the personal information we collect from individuals in the usual course of business, including when you:

  • Visit any of our websites (such as https://lattice.com/); visit our social media pages; receive communications from us; or register for, attend and/or otherwise take part in any of our events, tutorials, webinars, or contests (collectively “Visitors”); and
  • Register to or otherwise use any of the Lattice Services as an applicant, team member, or employee of one of our Customers (collectively “Users”), when we act as a controller of your Personal Information.

“You” may, depending on the context, be a Visitor or a User of one or more of the Lattice Services.  

This Privacy Policy does not apply to Personal Information relating to Lattice’s employment or recruitment-related activities. For purposes of this Privacy Policy, “Personal Information” means any information relating to an identified or identifiable individual (e.g., name, address, email address, or phone number).

2. About Us

We are Lattice, a company headquartered in San Francisco, California.  We make people management and HRIS software to help improve employee performance, engagement, and overall workplace satisfaction. In support of our mission to make work meaningful, we provide a hosted platform and related tools, including the Lattice web and mobile applications (the ”Lattice Services“), that help people teams across the globe to more effectively manage and engage with their employees to improve their performance and turn their companies into the best places to work.  You can find out more about us and the Lattice Services here.  

If you are resident in the European Economic Area (“EEA”), UK, or Switzerland, the controller of your Personal Information that we process for the purposes described in this Privacy Policy is Degree, Inc., (doing business as Lattice).

3. Lattice As A Service Provider

Lattice Customers are organizations who use the Lattice Services to help them manage and engage with their applicants, employees, and other personnel.  Lattice processes Personal Information in these services only according to our Customer’s and their User’s instructions (as defined in our Customer agreements). If you have questions about Personal Information you have entered into the Lattice Services used by one of our Customers, or want to exercise any of your rights regarding your Personal Information, our Customer contract requires that we redirect your inquiry back to that Customer.  This Privacy Policy does not apply to the Personal Information we process as a service provider or processor on behalf of our Customers.  

Lattice is not responsible for the privacy or security practices of our Customers, which may differ from those set out in this Privacy Policy. Please review the relevant Customer’s privacy policy to understand more about their data processing activities.

4. Privacy Principles

Lattice follows these principles in order to protect your privacy:

  • We do not collect any more Personal Information than is necessary to provide the Services or to fulfill our legitimate business purposes;
  • We only use your Personal Information for the purposes we specify in this Privacy Policy, unless you are notified otherwise;      
  • We do not keep your Personal Information after it is no longer needed; and
  • Other than as specified in this Privacy Policy, we do not share your Personal Information with third parties and are not in the business of selling your Personal Information.

5. What Information do we Collect?

The information we collect depends on the ways you interact with Lattice and the choices you make (including your privacy settings), the products and features you use, your location, and applicable law.

‍A. Information We Collect

(I) Information You Provide to Us

Visitors
When a Visitor to our website contacts us and/or registers for information, content, or an event sponsored by Lattice, we will collect certain personal information so that we may fulfill the Visitor’s request or keep in touch with them in connection with our sales and marketing activities (always in accordance with a Visitor’s marketing preferences).  The Personal Information we collect and we may have collected in the past twelve (12) months include:

  • Identifiers, such as your name and business e-mail address;
  • Professional or employment-related information, such as company name, job level, functional role, and title;
  • Inferences, such as your contact preferences; and
  • Any other information you provide to us when completing any “free text” boxes in our forms or when you interact with us in the context of troubleshooting and support.

If you register to attend a Lattice-sponsored event, we may also require certain additional Personal Information including:

  • Emergency contact (in some instances); and
  • Dietary preferences (in some instances).

‍‍Users
‍If you are a User, you (or the administrator from which you have been provided access to the Lattice Services) may provide certain Personal Information to us through the Lattice Services – for example, when you register for a Lattice account to access and use the Lattice Services, or when you consult with customer support, send us an email, or communicate with us in any way (for example, to make a support request).

The Personal Information we collect may include:

  • Business information (such as your name, job title, the person you report to, phone number, email address, and country);
  • Personal information that you provide to us or that is collected on behalf of our customer as it relates to your employment (such as gender, t-shirt size, or dietary preferences);
  • Marketing information (such as your contact preferences);
  • Account log-in credentials (such as your email or username and password when you sign up for an account with us and the unique User ID assigned to you in our systems);
  • Troubleshooting and support data (which is data you provide or we otherwise access in connection with support queries we receive from you). This may include, for example, contact or authentication data, the content of your chats and other communications with Lattice, and the product or service you are using related to your help inquiry; and
  • Billing information (including your credit card numbers and associated identifiers, billing address, and background information, but only where you pay for the Lattice Services).

If you ever communicate directly with us, we will maintain a record of those communications and responses. Please note that if you choose not to provide your Personal Information to us, we may not be able to fulfill your request(s) (e.g., to register for an event or to receive marketing communications from us).

Job Applicants
If you apply for employment with Lattice, we collect certain personal information from you in relation to your application and candidacy for employment as described in detail in our Job Applicant Privacy Policy and Notice of Collection.

‍(ii) Information We Collect Automatically

Visitors
‍As is true of most websites, when you visit our sites or interact with our emails, we gather certain technical information from your browser or device automatically and store it in log files.  In some (but not all) countries, including countries in the European Economic Area (“EEA”), UK and Switzerland, this information is considered  Personal Information under data protection laws. To the extent that this automatically-collected data includes, or is linked to, Personal Information, we will treat the data in accordance with this Privacy Policy.  

This information we collect includes:

  • Identifiers, such as your internet protocol (IP) addresses and browser type; and
  • ‍Internet or other electronic network activity, such as your internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.

We use this information to analyze trends, to improve and personalize our marketing activities and websites, to administer our websites and guarantee their security and continued proper functioning, to track Visitors’ movements around the website, and to gather non-identifiable, demographic information about our user base as a whole. We may link this automatically-collected data to Personal Information provided by Visitors, or to other publicly available information hosted on the internet, so that we can better gauge our Visitors’ needs and provide specific information to best serve them.

In some cases, we may use cookies and related technologies to collect or manage certain information from your browser and computer. Please see the section “Cookies and Similar Tracking Technologies” below for more information.

Users
‍When you use or interact with the Lattice Services, we automatically collect or receive certain information through our Services (for example, in log files) and through other technologies (such as cookies) about your device and usage of the Lattice Services. In some (but not all) countries, including countries in the European Economic Area (“EEA”), UK, and Switzerland, this information is considered “personal data” under data protection laws. Please see the section “Cookies and Similar Tracking Technologies” below for more information.

The information we collect includes:

  • Log and usage data, which is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use the Lattice Services and which we record in log files. This log data may include the Internet Protocol (IP) address, device information, browser type and settings, and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches and other actions you take [for example, which features you use]), device event information (such as system activity, error reports, and hardware settings).

  • ‍Device data, such as information about your computer, phone, tablet, or other device you use to access the Lattice Services. This device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information. If you are using our mobile app, we may also collect information about the phone network associated with your mobile device, your mobile device’s operating system or platform, the type of mobile device you use, your mobile device’s unique device ID, and information about the features of our mobile app you accessed.
  • ‍Location data, such as information about your device’s location, which can be either precise or imprecise. How much of this information we collect depends on the type and settings of the device you use to access the Lattice Services.  For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address).  You can opt out of allowing us to collect this information either by refusing access to the information or by disabling your Location setting on your device. Note however, if you choose to opt out, you may not be able to use certain aspects of the Lattice Services.

‍This information is used to:

  • maintain the security of the Lattice Services;
  • provide necessary functionality;
  • improve performance of the Lattice Services;
  • assess and improve your experience of the Lattice Services;
  • review compliance with applicable usage terms;
  • identify future opportunities for development of the Lattice Services;
  • assess capacity requirements;
  • identify customer opportunities and for the security of Lattice generally (in addition to the security of the Lattice Services); and
  • analyze overall trends to help us provide and improve the Lattice Services and to improve their security and proper functioning. ‍


(iii) Information We Collect from Third Parties

In order to enhance our ability to provide relevant marketing, offers, and services to you and update our records, we may obtain information about you from other sources, such as public databases, joint marketing partners, affiliate programs, data providers, social media platforms, as well as from other third parties. This information may include your mailing address, job title, functional role, business email, phone numbers, intent data (or user behavior data), IP addresses, social media profiles, social media URLs, and custom profile. We process this data for the purposes of: updating our records; targeted advertising; event promotion; optimizing our sites and the Lattice Services; and for our sales and marketing activities, including to send marketing emails.

6. Cookies and Similar Tracking Technologies

Lattice uses a technology called “cookies” to store session information. A cookie is a small amount of data, which often includes an anonymous unique identifier, which is sent to your browser from a website’s computers and stored on your computer’s hard drive.

We use both session ID cookies and persistent cookies. A “session ID cookie” expires when you close your browser. We use session ID cookies to track your login status. This cookie is only ever transmitted over HTTPS. A “persistent cookie” remains on your hard drive for an extended period of time. We use persistent cookies to determine from where you were referred to our website, as well as the last user ID that you used to log in. Lattice may set and access Lattice cookies on your computer; cookies are required to use the Lattice Services.

You can learn more about the cookies we use on our site in our Cookie Declaration. If you would like to change your choices about what cookies Lattice uses, in your browser settings you can elect to delete all cookies, or just cookies placed by specific websites. Many browsers provide directions for managing cookies in their “help” or other user support directories (for example, this information is provided by Google for managing cookies in Chrome).

You can also click here for more information about cookies, including how to disable them. If you disable cookies, you may still use our website, but your ability to use some areas of our website, such as contests or surveys, will be limited.  

We use cookies served by Google Analytics to collect limited data directly from Service Users’ browsers to enable us to better understand your use of the Services, including making use of the demographics and interests reports services of Google Analytics. Further information on how Google collects and uses this data can be found at www.google.com/policies/privacy/partners/. You can opt-out of all Google supported analytics within the Services by visiting https://tools.google.com/dpage/gaoptout.  

We also partner with third-party ad networks to manage our advertising on other sites and with third-party analytics companies to assist us with analyzing the use of our own website. These third-party companies use cookies, web beacons, pixel tags, and related technologies to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests and to provide measurement and analytic services.  

Lattice uses Meta Pixel. Meta processes your personal data on the basis of your consent via the Meta Pixel to create campaign reports, track conversions and click events, as well as place targeted advertising outside our websites (retargeting) using HTTP headers (including IP address, device and browser properties, URL, referrer URL, and your person), pixel-specific data (including pixel ID and Facebook cookie), click behavior, optional values (e.g., conversions and page type), and form field names. Lattice does not receive any personal data about you from Meta, only anonymized campaign reports about website audience and ad performance. For specific information and details about the pixel and how it works, please visit the Meta Help Center. You may opt-out of receiving interest-based ads from Meta by changing your advertising preferences directly on Facebook or Instagram.

Specifically, we also use the following third-party services: Microsoft’s Bing Ads, Google Ads and Analytics, Quora Ads, LinkedIn Ads, TwitterX Ads, Facebook Ads, Instagram Ads, and Hotjar Analytics. To learn more about third-party advertising, and to opt out of certain ad-targeting activities, please visit: https://preferences-mgr.truste.com, https://aboutads.info/choices, and https://youronlinechoices.com

To learn more about Microsoft’s privacy practices, see:  http://privacy.microsoft.com/en-us/privacystatement; to opt-out of interest-based advertising with Microsoft, see:  https://about.ads.microsoft.com/en-us/resources/policies/personalized-ads. To learn more about Google’s advertising policies, see:  http://policies.google.com/technologies/ads; your ad settings with Google, see:  http://adssettings.google.com; and Google’s ad personalization, see: http://policies.google.com/technologies/partner-sites. To learn more about Quora’s privacy practices, see:  http://quora.com/about/privacy; to opt-out of interest-based advertising with Quora, see:  http://www.aboutads.info/choices and https://www.youronlinechoices.com/. To learn more about LinkedIn’s privacy practices, see:  http://linkedin.com/legal/privacy-policy; to opt-out of interest-based advertising from LinkedIn, see:  http://www.aboutads.info/choices, http://www.youronlinechoices.eu, and http://www.youradchoices.ca/choices. To learn more about X’s (formerly Twitter) privacy practices, see:  http://twitter.com/en/privacy; to opt-out of interest-based advertising from XTwitter, see:  https://optout.aboutads.info. To learn more about Facebook’s privacy practices, see http://facebook.com/policy.php; to opt-out of-interest based advertising with Facebook, see http://www.aboutads.info/choices and http://www.youronlinechoices.eu/. To learn more about Hotjar’s analytics services and privacy practices, see:  https://help.hotjar.com/hc/en-us/sections/115003204947-About-Hotjar ; to opt-out data collection by Hotjar, see https://www.hotjar.com/legal/compliance/opt-out/. This site is being monitored by one or more third-party monitoring software(s), and may capture information about your visit that will help us improve the quality of our service. You may control the data being collected from your visit by visiting https://smart-pixl.com through a universal consumer options page located at https://smart-pixl.com/Unsub/unsub.html

“DO NOT TRACK” SETTING: Currently, various browsers offer a “do not track” or “DNT” option which sends a signal to websites visited by a user about the user’s browser DNT preference setting. Lattice does not currently respond to browsers’ DNT signals with respect to the website, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies, or regulators, including no consistent standard of interpreting user intent. Lattice takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

7. How do we use your Personal Information?

Lattice processes personal information for the following business and commercial purposes, and if you are a resident of the EEA or UK, on the legal bases identified below:

  • Providing our websites and Lattice Services:  In reliance on our legitimate interest, we process your personal information to operate and administer our websites, and to provide, operate, and maintain the Lattice Services;
  • ‍Communicating with you about the Lattice Services:  We may send you service, technical, and other administrative email, messages and other types of notifications (such as distribution and product updates and product patches and fixes) in reliance on our legitimate interest in administering the Lattice Services and providing certain features. These communications are considered part of the Lattice Services and in most cases you cannot opt out of them.  If an opt-out is available, you will find that option within the communication itself;
  • ‍Providing necessary functionality:  We process your personal information in reliance on our legitimate interest to provide you with the necessary functionality required during your use of our websites and Lattice Services;
  • ‍Transactional considerations:  We process your personal information to complete transactions and send you related information, including purchase confirmations and invoices, to perform our contract with you and to the extent necessary in reliance on our legitimate interest;
  • ‍Handling contact and support requests:  If you fill out a “Contact Us” web form or request support as a User, or if you contact us by other means including via phone or email, we process your Personal Information to perform our contract with you and/or (if we have not entered into a contract with you) to the extent it is necessary for our legitimate interest in fulfilling your requests and communicating with you;
  • ‍Administering Events:  We process your personal information to plan and host events or webinars for which you have registered or that you attend, including sending related communications to you, billing, registration and to connect you with other event attendees, to perform of our contract with you, or to the extent necessary for our legitimate interests in fulfilling your requests to attend any such events;
  • ‍Developing and improving the Lattice websites and Services:  We process your Personal Information to analyze trends and to track your usage of and interactions with our websites, marketing activities, and Lattice Services to the extent it is necessary for our legitimate interest in developing, improving, and troubleshooting our websites, marketing activities, and the Lattice Services and providing you with more relevant content and service offerings, or where necessary, in reliance on your consent;
  • Developing and improving our websites and our marketing, sales, and research activities:  We process your Personal Information to analyze trends and to track your usage of and interactions with our websites and engagement with our marketing, sales, and research activities to the extent doing so is necessary for our legitimate interest in developing, improving, and troubleshooting the same.  This may include analyzing your usage and interactions using AI-powered tools.  We may also process your Personal Information to the extent that doing so is necessary for our legitimate interest in providing you with more relevant content and service offerings or, where necessary, in reliance on your consent.  
  • ‍Sending marketing communications:  We will process your Personal Information for marketing purposes in accordance with your preferences, such as to communicate with you via email, SMS, or telephone about services, features, surveys, newsletters, promotions, or events we think may be of interest to you and/or to provide other news or information about Lattice and/or our select partners, in each case in reliance on our legitimate interest in conducting direct marketing or, where necessary, with your consent. Please see the “Your Privacy Rights” section, below, to learn how you can control the processing of your Personal Information by Lattice for marketing purposes;
  • ‍Displaying personalized advertisements and content:  We process your Personal Information to conduct marketing research, advertise to you, provide personalized information about us on and off our websites, and to provide other personalized content based upon your activities and interests to the extent it is necessary for our legitimate interest in supporting our marketing activities or advertising the Lattice Services or, where necessary, to the extent you have provided your prior consent. Please see the “Your Privacy Rights” section, below, to learn how you can control how the processing of your Personal Information for personalized advertising purposes;
  • To the extent necessary for our legitimate interests in promoting the safety and security of our websites and services, we use your Personal Information to investigate and prevent fraudulent transactions, unauthorized access to the websites and Lattice Services, and other illegal activities;‍
  • For our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing new products and features, enhancing, improving, or modifying our products and services, identifying usage trends, and expanding our business activities in reliance on our legitimate interests;
  • ‍Complying with legal obligations:  We process your Personal Information when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Personal Information to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of our websites, the Lattice Services, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes or to respond to lawful requests;
  • Reviewing compliance with applicable usage terms:  We process your Personal Information to review compliance with our contract with you or your organization (where applicable) to the extent that it is in our legitimate interest to ensure adherence to the relevant terms; and‍
  • Other purposes:  We will process your Personal Information for other purposes about which we notify you in advance, or for which we receive your consent.

8. What Information We Share or Disclose to Others?

Lattice will not share Personal Information, or otherwise make your Personal Information available to any other parties except as provided in this Privacy Policy. Parties with whom we may share your Personal Information, pursuant to any applicable agreements, include:

Event Co-Sponsors:  If you sign up for an event or content that is co-hosted by Lattice and one of its partners or co-sponsors, your Personal Information may be shared with that partner or co-sponsor. Please see our partner or co-sponsors’ privacy policies for further information about how they use Personal Information.

Legal or Regulatory Bodies and Agencies:  Lattice will share your information, including Personal Information, in order to respond to investigations, court orders, legal processes, or to investigate prevent or take action regarding illegal activities, suspected fraud, or situations involving potential threats to the physical safety of any person, violations of Lattice’s Terms of Service, or as otherwise required by law. If Lattice is required by law or an order of a court of competent jurisdiction to disclose your information, Lattice will promptly notify you of this requirement, if permitted by the court or applicable law, so that you may seek a protective order or other appropriate relief.

Service Providers:  In order to provide our websites, the Lattice Services to you and undertake our marketing and business activities, it may be necessary for us to disclose your information to contracted third parties and service provider partners who perform certain functions on our behalf.  Examples include payment providers (to authorize, record, settle and clear payment card transactions); cloud hosting providers (to provide data storage and processing services); communications providers (to process new queries, manage our emails, and provide other communication channels between you and Lattice); and analytics companies to perform analysis. These third-party service providers or vendors may use data we provide to them only as instructed by Lattice.

Business Transfers:  If Lattice is involved in a merger, acquisition, or sale of all or apportion of its assets, Personal Information may be transferred to the acquiring person or entity, in which case you will be notified via email and/or a prominent notice on our website of any such change in ownership or uses of Personal Information, as well as any choices you may have regarding your Personal Information.

‍Advertising Partners:  We may partner with third party advertising networks, exchanges, and social media platforms to display advertising on our websites or to manage and service advertising on other sites and we may share Personal Information with them for this purpose. Please see the “Cookies and Other Similar Technology” section, above, for further information.

9. Links To Third Party Websites

Our website includes links to other websites whose privacy practices may differ from those of Lattice. If you submit information to any of those sites, your information is governed by the privacy policies that apply to those sites. We encourage you to carefully read the privacy policy of any website you visit.

10. How We Protect Your Information

All of your Personal Information remains private and confidential. The security of your Personal Information is important to us. When you enter sensitive information (such as a credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL).

Lattice maintains a comprehensive written information security program that complies with applicable law and generally accepted industry standards. Our program includes appropriate administrative, technical, and physical safeguards, and procedures and practices to protect Personal Information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, however, is 100% secure. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our website, the Lattice® web application owned and operated by Lattice, or the Lattice Services, please contact us using the contact information below.

Lattice and its representatives will never request your account credentials. You should never share your Lattice account information, including your username and password, with anyone else. We recommend that you use a unique password for your Lattice account that is not associated with other websites. You should check your Lattice account regularly to ensure that your Personal Information has not been tampered with or altered. Any suspicious activity regarding your account, including automated messages or calls from parties you cannot identify, should be reported to your site administrator and Lattice using the contact information below.

11. Social Media Features

Our websites may use social media features, such as the Facebook “like” button, the X “shareTweet” button, and other sharing widgets (“Social Media Features”). You may be given the option by such Social Media Features to post information about your activities on a website to a profile page of yours that is provided by a third-party social media network in order to share with others within your network. Social Media Features are either hosted by the respective social media network or hosted directly on our website. To the extent the Social Media Features are hosted by the respective social media networks and you click through to these from our website, the latter may receive information showing that you have visited our website. If you are logged in to your social media account, it is possible that the respective social media network can link your visit to our website with your social media profile. Your interactions with Social Media Features are governed by the privacy policies of the companies providing the relevant Social Media Features.

12. Your Privacy Rights

When Lattice is acting as a controller, depending on your location, your jurisdiction, and applicable law, you may have the rights below with regard to the Personal Information we control about you. We will respond to your requests within the appropriate timeline under applicable law. Please note, however, that the rights described below are not absolute and, depending on applicable law or in certain cases, may be subject to conditions or limitations. In responding to any request to disclose/delete, Lattice shall maintain a record of the requests as required under applicable law.

  • The right of access, or the right to know, means that you have the right to request that we disclose what Personal Information we have collected, used, and disclosed about you. You can do so at any time by contacting us using the contact details provided under the “How to Contact Us” heading below. If you are located in California, under the CCPA you have the right to request to know:some text
    • The specific pieces of personal information we have collected about you;
    • The categories of personal information we have collected, used, and/or disclosed about you;
    • The categories of sources from which we have collected personal information about you;
    • Business and/or commercial purposes for collecting and disclosing your personal information; and
    • The categories of third parties with whom your personal information has been disclosed or shared.
  • The right of deletion means that you have the right to request that we delete Personal Information collected or maintained by us, subject to certain exceptions. As mentioned above, you can do so at any time by contacting us using the contact details provided under the ”How to Contact Us ” heading below.
  • The right to non-discrimination means that you will not receive any discriminatory treatment when you exercise one of your privacy rights, and Lattice will not discriminate against an individual for exercising any rights under the CCPA or other applicable privacy law, including, but not limited to, (a) denying goods or its professional services, (b) charging different prices or rates (including discounts/penalties) not directly related to the value provided to Lattice for personal information, or (c) suggesting an individual will receive a different rate/price or level of quality of goods/professional services.
  • The right to opt-out, if you are located in California under the CCPA, means you can opt-out of the sale or certain sharing of your Personal Information by submitting a request at https://preferences.lattice.com/ccpa. Note that Lattice does not sell Personal Information, though in certain instances Lattice does share Personal Information as described in this Privacy Policy.
  • You can also ask us to correct or update your Personal Information; object to the processing of your Personal Information; ask us to restrict processing of your Personal Information; or request the portability of your Personal Information. Again, you can exercise these rights by contacting us using the contact details provided under the “How to Contact Us” heading below
  • While you cannot opt out of service-related emails if you are an account holder, as this is an essential part of the Lattice Services, you have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you, or you can contact us using the contact information below.
  • Similarly, if we have collected and process your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority.
  • Lattice does not engage in any automated decision making with User Personal Information.


If your Personal Information has been submitted to us by or on behalf of our Customer (your employer) and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable Customer directly. For more information on how your employer uses your Personal Information, please see your employer’s privacy policy.

13. California Consumer Privacy Act (CCPA) Sale of Personal Information Notice

As mentioned above, Lattice may provide third parties with certain personal information to provide or improve our products and services, for example to deliver products or services at your request. In such cases, we require those third parties to handle the information in accordance with applicable laws and regulations.

Lattice does not sell personal information to third parties (pursuant to California Civil Code §§ 1798.100–1798.199, also known as the California Consumer Privacy Act of 2018) – Lattice is not a data broker and does not offer or disclose personal information on the open market, nor does Lattice share personal information with third parties for their direct marketing purposes (pursuant to California Civil Code § 1798.83). In some instances, Lattice may disclose limited personal information with some of its advertising partners for our advertising purposes as described in Section 8, above. If you elect to opt-out at https://preferences.lattice.com/ccpa, Lattice will stop sharing personal information with those advertising partners. As a result, you may no longer receive personalized offers from Lattice on some sites or services. We will use the data collected when you opt out solely to process your request and for record-keeping as required under the CCPA.  

14. How to Contact Us

You can exercise your rights yourself or depending on your country or state, you may be able to designate an authorized agent to exercise these rights on your behalf. Please note that to protect your personal information, we will verify your identity by a method appropriate to the type of request you are making. For example, this could include sending an email to an account on record, or asking you to identify a recent transaction or communication. We may also request that your authorized agent sign a declaration under the penalty of perjury attesting to their designation as your authorized agent, and that they have written permission from you to make requests on your behalf. We may also need to verify your authorized agent’s identity to protect your personal information.

Please use the contact details below if you would like to:

  • Access this policy in an alternative format;
  • Exercise your rights;
  • Learn more about your rights or our privacy practices;
  • Designate an authorized agent to make a request on your behalf; or
  • For questions related to this Privacy Policy, or about any of your rights.

E-Mail:  [email protected] 

Privacy Request Portal:  https://preferences.lattice.com/privacy

CCPA Opt-Out Portal:  https://preferences.lattice.com/ccpa

Alternatively, you can write to us at:
Degree, Inc. DBA Lattice
360 Spear St Floor 4
San Francisco, CA  94105
USA

To contact Lattice’s Data Protection Officer, please email [email protected]

15. Data Retention

We will retain your Personal Information for as long as is necessary to fulfill the services that you have requested, comply with any laws or regulations, resolve disputes, and/or enforce our agreements, unless we receive a verified request under an applicable privacy law for earlier deletion of such Personal Information. Where permitted under applicable law, Lattice may retain your data longer for a legitimate business interest where business benefit is not outweighed by your personal rights and freedoms. Data entered into the Lattice Services and processed on behalf of our Customers as a service provider or processor is retained in accordance with any applicable agreement between Lattice and its Customer.

16. Information About Minors

Our website and services are not targeted to children under sixteen (16) years of age. As such, Lattice does not process or disclose Personal Information of minors under sixteen years of age. If you believe we have collected personal information about a child under sixteen, please contact us using the “How to Contact Us” section above.

17. Updates to this Privacy Policy

Lattice may update this Privacy Policy from time to time and will notify accountholders of significant changes in the way we treat any Personal Information, by sending a notice to the primary email address specified in your Lattice account. We may also place a prominent notice on our website. We encourage you to periodically review this page for the latest information on our privacy practices.

18. European Representative

For the convenient administration of regulatory compliance concerns related to citizens of the European Union, Lattice has appointed an EU Representative. For questions related to GDPR compliance, or to contact Lattice’s EU Representative, please contact [email protected] or at:  

RIVACY GmbH
Mexikoring 33
22297 Hamburg

Amtsgericht Hamburg/HRB 151916/Steuernummer 46/754/02510

Geschäftsführer: Tim Haufe // Tel.: +49 175 820 36 42

19. International Data Transfers

Your personal information may be transferred to, and processed in, the United States and in any other country where Lattice or its affiliates, subsidiaries, or third party service providers maintain facilities or personnel.  These countries may have data protection laws that are different from the laws of your country (and, in some cases, may not be as protective). We follow applicable data protection laws when transferring personal data. If you are resident in or a visitor from the EEA, United Kingdom or Switzerland, we will protect your Personal Information when it is transferred outside of such locations by processing it in a territory which the European Commission has determined provides an adequate level of protection for Personal Information; or otherwise implementing appropriate safeguards to protect your Personal Information, including through the use of Standard Contractual Clauses or another lawful transfer mechanism approved by the European Commission.  

Have more questions? We’re here to help, so please contact us.

© 2024 Degree, Inc. All Rights Reserved. Lattice® is a registered trademark of Degree, Inc.

Subscribe to our subprocessor list updates on SafeBase:

Safebase Security Portal

Vendor

Services provided to Lattice

Security and privacy information

Location

10Pines

Software Development Services
10Pines Privacy and Security Policy
Argentina

Atlassian

Customer Support (Loom)
Atlassian Trust Center
United States

Amazon Web Services

Hosting & data storage
AWS Security and Compliance
United States

Courier

Messaging
Courier Trust Center
United States

Cloudflare, Inc.

Content delivery network, web application firewall, and DDoS protection
Cloudflare Trust Hub
United States

DataDog

Application monitoring and infrastructure status monitoring
DataDog Security and Compliance
United States

DocRaptor

Data conversion
DocRaptor Security and Privacy
United States

Fivetran

Data integration
Fivetran Trust Center
United States

Gong

Customer support
Gong Trust Center
United States

Google Cloud Products

Email, Docs (Google Workspace);
Analytics (Looker)
Google Cloud Trust Center
United States

MailGun

Email
MailGun Trust Center
United States

Marketo (Adobe)

CRM
Adobe Trust Center
United States

Orca

Cloud security vulnerability management
Orca Trust Center
United States

Qualtrics

Customer experience management
Qualtrics Data Protection and Privacy
United States

Salesforce Inc. - SFDC Group

CRM platform (Salesforce);
Messaging integration (Slack)
Salesforce Trust
United States

Sentry

Logging
Sentry Trust Center
United States

Splunk

Security logging and monitoring
Splunk Compliance Center
United States

Twilio Segment

Analytics
Segment Trust Center
United States

Zendesk

Customer support
Zendesk Trust Center
United States

Zoom

Customer support
Zoom Trust Center
United States

Optional Subprocessors

Applicable only to specific features within Lattice that customers have opted-in to use.

Vendor

Services provided to Lattice

Security and privacy information

Location

OpenAI

AI models in support of Lattice’s AI-powered features
OpenAI Security and Privacy
United States

OneSchema

Data import service for HRIS
OneSchema Security and Compliance
United States