Privacy Policy

Effective Date: February 16, 2018

Our Philosophy of Privacy Protection

This Privacy Policy of Palace Inc., a Delaware corporation with offices in California (who we refer to herein as “Palace,” “we” or “us”), applies to information that we receive via our websites, emails, and mobile applications (collectively "Spot"). This Privacy Policy describes how Palace collects, uses, shares and secures the information you provide. It also describes choices you may make regarding use, access and correction of your personal information. Please note that this Privacy Policy is incorporated within our Terms of Use for Spot and, unless we otherwise define a term in this Privacy Policy, a capitalized term used in this Privacy Policy has the meaning defined in the Terms of Use.

Information We Collect and How We Use It

Personal Information that You Elect to Provide Us

When you answer questions or submit other information to Spot, this will be information which you directly give us. Because we change our offerings and features from time to time, the options you have to provide us with information may also change. Here are some examples of information which you may decide to submit, unless you decide to stay entirely anonymous:

Depending on how you choose to use Spot, the personal information we collect from you may vary. For example, you may only want to submit summary keywords to describe your experience. Summarizing your experience in keywords helps you to protect your anonymity if you request Spot to forward your report to someone. In other circumstances, you may elect to provide a more detailed report including additional information, such as your name or that of people who treated you unfairly. You should not include sensitive data (such as, names, places, events, etc.) if you will ask Spot to forward a report to another person and you desire to preserve your anonymity. Spot highlights instances in which you are asked to submit sensitive information and tells you what we will do with the information you submit.

You may elect to provide information and generate a report solely for your own purposes, in which case you should not make use of our service to send a redacted report to someone else, or permit us to submit your report to our researchers. If you create a report only for yourself, you will receive an email from Spot with a link to download that report. The data contained in your version of the report will be automatically removed from our systems 30 days after you download it for the first time. We wait 30 days so you have another chance to save the document if you can’t immediately download it to a secure location. After you’ve downloaded your report, you can manually delete that version of it from the Spot servers.

If you want us to send a version of your report to the organization you work or worked for, you must provide us with the recipient’s email address. Email addresses obtained in this manner are used solely for the purpose of submitting the report. When you elect to have Spot send a report, the recipient gets an email from Spot with a link to download that report. We retain this report on our systems for 30 days after the recipient downloads the report for the first time. If the recipient has not downloaded the report three months after receiving the download link, we remove that version of the report from our servers. If Spot sent a download link and the recipient has not yet downloaded the report, you can delete that version of the report from our servers using the status webpage that you bookmarked during your chat with Spot.

When you send a report download link to someone through Spot, we retain the recipient’s email address and a timestamp for when the email was sent. If the recipient downloads the report, we also retain a timestamp for that event. We do not retain other data about your report. Should the recipient ever deny that they received a download link or downloaded a report, we can offer proof that the email was sent and indicate whether a download for the report was initiated. We will not have the report itself after the expiration of the 30-day period following the first download. We will also not have the report itself if you manually deleted it on the status webpage before the recipient downloaded it. If you wish to obtain information regarding the delivery of a report and if and when a report was downloaded, please email Spot at, ideally providing: (1) the report ID on the version of the report you kept for your records, (2) the email address where you asked us to send the report, and (3) the date and time you chatted with Spot. We review all requests for information and will conduct an investigation as to whether or not we believe the individual requesting information is entitled to receive it. The decision whether or not to provide the information requested lies with us.

In addition to creating a report for yourself, and directing Spot to send a report to another person, you may elect to have Spot share your report with our researchers. If you do so, Spot will automatically delete information you provide in the following data fields before sending your data to the researchers:

In addition, after such automatic deletion has occurred, Spot or our researcher personnel will read your report and endeavor to remove any individual or organization names they identify and that you may have included in other data fields.

Information submitted to our researchers is combined with the reports of others, as part of a database for research purposes. By combining the experiences of lots of people, we can examine what kinds of harassment and discrimination people are experiencing at work, and how we can help to make every voice heard. Because of open science guidelines, and the data sharing responsibilities that scientists have, we share the redacted set of reports with the scientific community.

Information We Collect by Automated Means

When you use Spot, your computing device is automatically providing information to us so we can respond and customize our response to you, and improve the user experience of our service. The type of information we collect to improve your user experience by automated means may vary, but generally includes technical information about your computer, such as its IP address or other device identifier, the type of device you use, and operating system version. The information we collect also may include usage information and statistics about your interaction with Spot. That information may include the URLs of our web pages that you visited, URLs of referring and exiting pages, page views, time spent on a page, number of clicks, platform type, location data, and other information about how you used Spot.

When you visit a Spot website, your browser automatically sends us your Internet protocol ("IP") address so that the web pages you request can be sent to your computer or device. We use your IP address to determine additional information, such as whether the computer or device has ever been used to visit Spot before, and how much time was spent on a page. Information about your general location may be discernable from your device's IP address or the URLs we receive.

We use this information for a variety of purposes, such as analytical purposes and to manage technical issues that may arise. At no point do we attempt to identify individual users through this information.


We may log information using "cookies." Cookies are small data files stored on your hard drive by a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on Spot. This type of information is collected to make Spot more useful to you and to tailor the experience with us to meet your special interests and needs.

Disclosing Information

We created Spot to provide a valuable service to you, and not to obtain your information to sell or rent to third parties. In addition to actions you elect to take in providing us information to share with a third party, the circumstances in which we disclose information you provide to us are limited to the following:

While we use contractual and other measures to ensure protection of personal information, the laws and regulations relating to privacy and personal information protection in other legal jurisdictions may not be the same as, or similar to, your local privacy laws. The governments, courts, law enforcement or regulatory agencies in these other jurisdictions may be able to request disclosure of personal information through the laws of these countries. In an effort to respect your privacy, we will not otherwise disclose your personal information to law enforcement, other government officials, or other third parties without a subpoena, court order or substantially similar legal procedure, except when we believe in good faith that the disclosure of information is necessary to prevent imminent physical harm, financial loss or to report potentially illegal or fraudulent activity.

Other Important Information

Communication Preferences

We do not sell or rent your Customer Information to third parties for their marketing purposes without your explicit consent. While we ask you for your email address to forward reports to yourself, we do not store this email address and will not use it as a communication channel. You may sign-up, however, for a newsletter on our website. In this case, we may contact you via email with Spot-related announcements that we think may be beneficial to you, and special offers. We also may contact you with information about products and services from our business partners. You may opt out of such commercial communications at any time by following the opt-out instructions provided in such messages. You may not opt out of receiving what we consider to be essential messages relating to the Spot service, customer service responses or other communications relating to inappropriate use of Spot or requests from third-parties to access information in your account. We may deliver those messages using any of the information in our records. You release us from any responsibility for communications you elect not to receive.

Deleting data submitted to Spot

We will honor any statutory right you might have to access, modify or erase your personal information. You can contact Spot customer support at to request access. Where you have a legal right to request access or request the modification or erasure of information, we can still withhold that access or decline to correct information in some cases in accordance with applicable law, but will give you reasons if we do so. Please be aware that we cannot guarantee the deletion of whatever you submitted as we will not always be able to identify your data set. We may have to store certain sets of data to comply with our research (if you submitted a report for research) or legal obligations, resolve disputes and enforce our agreements.

Security Safeguards

We are committed to protecting the security of your information and take reasonable precautions to protect it. We use industry standard encryption to protect your data in transit and while it is stored on our servers. This is commonly referred to as transport layer security (TLS) or secure socket layer (SSL) technology. However, internet data transmissions cannot be guaranteed to be 100% secure, and we cannot ensure the security of information during its transmission between you and us. Accordingly, you acknowledge that when you transport such information, you do so at your own risk.

We protect your information in our systems using technical and administrative security measures designed to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centers, and information access authorization controls.

If we learn of a system breach, we may attempt to notify you and provide information on protective steps, if available, using the information that you have provided to us or by posting a notice on our web site and/or via other communication platforms. Depending on where you live, you may have a legal right to receive such notices in writing.

We explicitly recommend that you do not access from any work device or while on a work network. We cannot prevent, nor be held responsible for, you being monitored by others, particularly if you communicate using computing devices or networks owned or controlled by third parties, such as your employer.

If you received suspicious reports via a Spot email address, please contact us at

Vulnerability Disclosure Policy

Spot is committed to protecting your safety and keeping your data secure. If you believe you have discovered a potential security vulnerability with Spot’s online systems, we appreciate your help in disclosing the issue to us at

Privacy of Minors

Spot is not intended for minors. Minors under 13 years of age are expressly prohibited from using Spot or providing any personal information. If you become aware that a child has provided us with personal information without parental consent, please contact us at If we become aware that that we have inadvertently obtained information in violation of applicable laws, we will delete such information if it is possible to identify such information.

Scope of Policy

This Privacy Policy describes your privacy rights when you elect to use Spot, and by using Spot or engaging with us, you accept the substance and application of these terms and policies, and consent to our collection, use, disclosure and retention of your personal information as described in this Privacy Policy. Should you ever disagree with this Privacy Policy, you may provide us with your feedback at, but such feedback will not vary or supersede these terms. The information about you that we collect through Spot is controlled by Palace Inc., San Francisco, California.

International Transfer of Personal Data

Most of your data is only shortly stored on our servers and will be removed afterwards. During the period that your personal data is stored on our servers, however, it may be collected, processed and/or otherwise transferred outside your current geographic location and may be processed not only in the country in which it was collected but also in other countries, including the United States, where data protection and privacy laws and regulations may not offer the same level of protection as in other parts of the world. By providing your personal data to us, you consent to such transfer, collection and/or processing in the United States of your personal data.

Updates to Our Privacy Policy

We may revise this Privacy Policy from time to time by posting an updated version on Spot. The revised Privacy Policy will be effective immediately for users using Spot.

Since we do not store your email address or any other contact information, we can only inform you about updates through our website. You may always determine if this Privacy Policy has changed by checking the effective date at the top of the page. If we update this Privacy Policy, you are free to decide whether to accept the updated terms or to stop using Spot; your continued use of Spot after the effectiveness of that update will be deemed to represent your consent to the provisions in the updated Privacy Policy. We encourage you to periodically review this page for the latest information on our privacy practices.

Contact Us

If you have any questions or suggestions regarding our Privacy Policy, please contact us at the following addresses:

Palace Inc.
Attn: Legal Department
1266 Harrison Street
San Francisco, CA, 94103