- Purpose and scope
- Personal Data collected
- How and why we use your personal data
- Sharing your Personal Data
- Retention of your Personal Data
- Transfers of your Personal Data
- How we store and safeguard your Personal Data
- Your privacy rights and choices
- Data breach
- Children’s Privacy
- Changes to this notice and questions
- Contacting us
1.2. This Policy is an agreement between you ("User") and this Website operator ("Operator", "we", "us" or "our").
- interact with our websites or our social media pages (collectively, the "Sites", “Website”, and “Services”) ("website users");
- use our communication and messaging products, customer workspaces, mobile applications, and our other applications and services (collectively, the "Services") ("customers");
- interact with any of our end user messenger domains ("end-users");
- are a marketing prospect, who is anyone whose data we processes for the purposes of assessing customer eligibility ("marketing prospect"); or
- receive marketing communications from us.
1.4. For the purposes of the General Data Protection Regulation we are the controller of your Personal Data. Our Data Protection Officer can be contacted in writing at email@example.com.
2.1. The Personal Data that we collect about you broadly falls into the categories set out in the following table. This table also describes the legal bases on which we collect your Personal Data, how we get it and what we do with it. Some of this information you provide voluntarily when you interact with us. Other types of information may be collected automatically from your device, such as device data and service data. From time to time, we may also receive personal data about you from third party sources (as further described below).
- First and Last name
- Email address
- Job Title
- LinkedIn profile
- Profile picture
- Dietary requirements
- From you when you sign-up for the use of our platform.
- Communicate with you
- Provide customer support
2.2. The Website uses first- or third-party cookies or similar technologies. We assign each user a unique user ID within the scope of an individual website, and collect or retain IP or any information that would allow us to identify the same particular user on more than one website.
Do Not Track:
Some Internet browsers may be configured to send "Do Not Track" signal to the online services that you visit. We currently do not respond to "Do Not Track" or similar signals. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com.
3.1. We collect and process your personal data for the following purposes and, if you are from the European Economic Area (“EEA”), the UK or Switzerland, on the following legal bases:
- Providing and facilitating delivery of our Sites: We process your personal data to perform our contract with you for use of our Services and Sites and to fulfil our obligations under applicable terms of service. Where we have not entered into a contract with you, we process your personal data in reliance on our legitimate interests to operate and administer our Sites. For example, to create, administer and manage your account.
- Communicating with you about our Sites and providing customer support: We may send you service, technical and other administrative messages in reliance on our legitimate interests in administering our Sites. For example, we may send you messages about the availability or security of our Sites. We also process your personal data to respond to your comments and questions and to provide customer care and support.
- Improving our Sites: We process your personal data to improve and optimise our Sites and to understand how you use them, including to monitor usage or traffic patterns and to analyse trends and develop new products, services, features and functionality in reliance on our legitimate interests.
- Sending marketing communications: We process your personal data to send you marketing communications via email, post or SMS about our products and services that might interest you in reliance on our legitimate interests or where we seek your consent. Please see the "Your Privacy Rights and Choices" section below to learn how you can control your marketing preferences.Maintaining security of our Sites: We process your personal data to control unauthorized use or abuse of our Sites, or otherwise detect, investigate or prevent activities that may violate our policies or applicable laws, in reliance on our legitimate interests to maintain and promote the safety and security of our Sites.
- Carrying out other legitimate business purposes: including invoicing, audits, fraud monitoring and prevention.
- Complying with legal obligations: We process your personal data when cooperating or complying with public and government authorities, courts or regulators in accordance with our obligations under applicable laws and to protect against imminent harm to our rights, property or safety, or that of our users or the public, as required or permitted by law.
3.2. In certain circumstances, we may collect your personal data on a different legal basis. If we do, or if we use your personal data for purposes that are not compatible with, or are materially different than, the purposes described in this notice or the point of collection, we will explain how and why we use your personal data in a supplementary notice at or before the point of collection. Where we refer to legal bases in this section, we mean the legal grounds on which organisations can rely when processing personal data.
3.3. Please note these legal bases only apply to you if you are resident in the EEA, the UK or Switzerland.
3.4. If you have any questions about our legal bases for processing your personal data, please contact us at firstname.lastname@example.org.
4.1. We may disclose some or all of the personal data we collect to the following third parties (all third party data processors are listed in Addendum 1, the “List”):
Any group companies may be added to this list from time to time.
- Consultants and vendors engaged by us to support our provision of our Sites
- Any such other Service Providers as may be added to the List.
Professional advisors, such as lawyers, auditors and insurers, in the course of the professional services that they render to us.
- Comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities;
- Protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims);
- Enforce the terms and conditions that govern the Sites; and
- Prevent, identify, investigate and deter fraudulent, harmful, unauthorised, unethical or illegal activity, including cyberattacks and identity theft.
Parties to transactions or potential transactions (and their professional advisors) involving a corporate divestiture, merger, consolidation, acquisition, reorganisation, sale or other disposition of all or any portion of the business, assets, or equity interests of our Group Companies (including, as part of a bankruptcy or similar proceeding).
4.2. Aggregated or anonymised information. We may also share aggregated or anonymised information with third parties for other purposes. Such information does not identify you individually, but may include usage, viewing and technical information such as the websites you generally use, the configuration of your computer, and performance metrics related to the use of websites which we collect through our technology, products and services. If we are required under applicable law to treat such information as personal data, then we will only disclose it as described above. Otherwise, we may disclose such information for any reason.
5.2. Note that content you post may remain on our Sites even if you cease using our Sites or we terminate access to the Sites.
6.2. Certain recipients (our service providers and other companies) who process your personal data on our behalf may also transfer personal data outside the country in which you are resident. Where such transfers occur, we will make sure that an appropriate transfer agreement is put in place to protect your personal data.
6.3. If you are a resident of the EEA, the UK or Switzerland, we will protect your personal data when it is transferred outside of the EEA, the UK or Switzerland by processing it in a territory which the European Commission has determined provides an adequate level of protection for personal data; or otherwise ensuring appropriate safeguards are in place to protect your personal data.
6.4. Following the invalidation of the Privacy Shield for transfers of your personal data to recipients who are located outside of the EEA, the UK or Switzerland, we will rely on the Standard Contractual Clauses approved by the European Commission.
6.5. If you would like to find out more about international transfers, please contact our Data Protection Officer at email@example.com.
7.1. We care about protecting Personal Data. That is why we put in place, in accordance with our Information Security Policy, technical and organisation appropriate measures that are designed to secure your Personal Data. Some of our Services work through geographically distributed servers, making it difficult to determine the actual location where the Personal Data are stored. If and when possible, we always choose to have the Personal Data stored on servers located in data centers in the EEA. Given the nature of communications and information processing technology, we cannot guarantee that the Personal Data during transmission through the Internet or while stored on our systems or otherwise in our care will be absolutely safe from intrusion by others. If you have any questions about the security of your data, please contact our security team at firstname.lastname@example.org.
8.1. If you are a resident of the EEA or the UK, you have the following data protection rights:
- If you wish to access, correct, update or request deletion of your Personal Data, you can do so at any time.
- You can object to processing of your Personal Data, ask us to restrict processing of your Personal Data or request portability of your Personal Data.
- You have the right to opt-out of marketing communications we send you at any time. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by clicking on the "unsubscribe" or "opt-out" link in the communications we send you. Please note, however, that it may not be possible to opt-out of certain service-related communications. You can let us know at any time if you do not wish to receive marketing messages by contacting us using the contact details below.
- Similarly, if we have collected and process your Personal Data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA and the UK are available here.
8.2. You can exercise any of these rights by submitting a request to our Data Protection Officer at email@example.com. In order to protect your privacy we will ask you to provide proof of your identity to us. We will respond within a maximum of 30 days to query.
9.1. The Website and Services use "cookies" to help personalise your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.
10.1. In the event we become aware that the security of the Website and Services has been compromised or users Personal Data has been disclosed to unrelated third parties as a result of external activity, including, but not limited to, security attacks or fraud, we reserve the right to take reasonably appropriate measures, including, but not limited to, investigation and reporting, as well as notification to and cooperation with law enforcement authorities. In the event of a data breach, we will make reasonable efforts to notify affected individuals if we believe that there is a reasonable risk of harm to the user as a result of the breach or if notice is otherwise required by law. When we do, we will post a notice on the Website.
If you have any questions, comments or concerns about the way your Personal Data is being used or processed by us, please submit any questions, comments or concerns in writing to our Data Protection Officer at firstname.lastname@example.org.
13.1. If you would like to contact us to understand more about this Policy or wish to contact us concerning any matter relating to individual rights and your Personal Data, you may send an email to email@example.com.
Below is the list of Third Party Processors that may have access to your Personal Data for the purposes of operating the Site. You can find each party’s Data Processing Addendum linked below which covers their data privacy for Affiliates.
- Vercel - https://vercel.com/legal/dpa
- Sanity - https://www.sanity.io/security
- Planetscale - https://planetscale.com/legal/data-processing-addendum
- Zapier - https://zapier.com/legal/data-processing-addendum
- PostMark - https://postmarkapp.com/dpa
This document was last updated on 16-06-2023