Privacy Agreement

Orange box



Last Updated October 2019

Welcome to the website (the “Site”) of Orange Box, brought to you by Traitorous 8 Studios, Inc. (“Company,” “we,” “us,” “our”, or “Orange Box”). Orange Box provides a web-based forum for employees and other representative of companies and other organizations to anonymously ask questions of and otherwise interact with managers and executives in their company or organization (the “Service”).


This Privacy Policy explains what Personal Data (defined below) we collect, how we use and share that data, and your choices concerning our data practices. This Privacy Policy is incorporated into and forms part of our Terms of Service.


Before using the Service or submitting any Personal Data to Orange Box, please review this Privacy Policy carefully and contact us if you have any questions. By using the Service, you agree to the practices described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not access the Site or otherwise use the Service.


We collect information that alone or in combination with other information in our possession could be used to identify you (“Personal Data”) as follows:


Personal Data You Provide: We may collect Personal Data when you access the Service or contact us through the Site. The Personal Data collected during these interactions will vary based on whether you access the Service as a general employee (a “User”) or as a leader (a “Leader”) of the organization for which you work. We generally do not collect Personal Data from Users, other than Personal Data we automatically receive from usage of the Service, discussed further below. We collect limited Personal Data from Leaders, including name, email, identity of the Leader’s employer or the organization for which the Leader works, and any Personal Data a Leader opts to disclose in their response to a User’s question. Both Users and Leaders will be asked to authenticate their identity by providing their workplace G-suite email address for authentication through Google’s OAuth service. Do we need to call out users who do not have a G-suite email, e.g., those who work at companies who are on Microsoft Office 365? Users accessing the Service will be directed to a page specific to their organization where they may submit anonymous questions for Leaders by providing the Leader’s name and email address. Each question will be saved and tagged with the name of the Leader that is invited to respond. Leaders will be contacted at the email address a User provides when they submit their question, and the Leader will be prompted to authenticate into the Site to answer the question.


Personal Data We Receive Automatically From Your Use of the Service: When you visit, use and interact with the Service, we may receive certain information about your visit, use or interactions. For example, information that your browser automatically sends whenever you visit the Site (“Log data”) is created and automatically logged in our system. Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interacted with the Site. Also, although User questions are designed to be anonymous, any Personal Data that a User may voluntarily choose to include as part of a question on the Service will be automatically collected and retained.



We may use Personal Data for the following purposes:

  • To provide the Service by authenticating your identity using your workplace G-suite email address;
  • To notify current and prospective Leaders that a User has submitted a question for their response and to invite those Leaders to answer the question on the Site;
  • To identify which Leader has been invited to answer a question submitted by a User and to associate a Leader’s answers with that Leader;
  • To maintain and improve the content and functionality of the Service;
  • To develop new products and services;
  • To prevent fraud, criminal activity, or misuses of our Service, and to ensure the security of our IT systems, architecture and networks; and
  • To comply with legal obligations and legal process and to protect our rights, privacy, safety or property, and/or that of our affiliates, you or other third parties.


Aggregated Information. We may aggregate Personal Data and other information about users and use the aggregated information to analyze the effectiveness of our Service, to improve and add features to our Service, and for other similar purposes. In addition, from time to time, we may analyze the general behavior and characteristics of users of our Services and share aggregated information like general user statistics with prospective business partners. We may collect aggregated information through the Service, through cookies, and through other means described in this Privacy Policy.



In certain circumstances we may share your Personal Data with third parties without further notice to you, unless required by the law, as set forth below:

  • Vendors and Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may share Personal Data with vendors and service providers, which may include providers of hosting services, cloud services, information technology providers, and authentication services. Pursuant to our instructions, these parties will access, process or store Personal Data in the course of performing their duties to us.
  • Business Transfers: If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of service to another provider, your Personal Data and other information may be shared in the diligence process with counterparties and others assisting with the transaction and transferred to a successor or affiliate as part of that transaction along with other assets.
  • Legal Requirements: If required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, including to meet national security or law enforcement requirements, (ii) protect and defend our rights or property, (iii) prevent fraud, (iv) act in urgent circumstances to protect the personal safety of users of the Services, or the public, or (v) protect against legal liability.




Our Service is not directed to children who are under the age of 13. Orange Box does not knowingly collect Personal Data from children under the age of 13. If you have reason to believe that a child under the age of 13 has provided Personal Data to Orange Box through the Service please contact us and we will endeavor to delete that information from our databases.



We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Data both online and offline from loss, misuse, and unauthorized access, disclosure, alteration or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or e-mail. Please keep this in mind when disclosing any Personal Data to Orange Box via the Internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third party websites.



The Service, and our business may change from time to time. As a result we may change this Privacy Policy at any time. When we do we will post an updated version on this page, unless another type of notice is required by the applicable law. By continuing to use our Service or providing us with Personal Data after we have posted an updated Privacy Policy, or notified you by other means if applicable, you consent to the revised Privacy Policy and practices described in it.




If you have any questions about our Privacy Policy or information practices, please feel free to contact us at