The policy is written to be GDPR compliant.
Customers: for login purposes, for sending required system emails (reset password, issues with an account), for news and special promotions purposes, and for communication with support (for resolving any issues encountered). Collected and processed on the basis of performance of contract and legitimate interest.
Visitors (optional): if you so choose, for sending newsletters about company news and special promotions. Collected and processed on the basis of consent.
Customers: for login and security purposes. Collected and processed on the basis of legitimate interest.
Visitors: for logging visits to our website and personalizing content based on the country of the IP. Collected and processed on the basis of legitimate interest.
Customers: for email and other communication for performance of services. Collected and processed on the basis of performance of contract.
Visitors (optional): if you contact us, for communication. Collected and processed on the basis of consent.
We keep personal identifiable data for anti-fraud reasons for up to one year.
Personal data collected is shared with external services we use for purposes stated below.
Live chat for live website communication. Privacy Shield certified.
Analytics for tracking visitors and users. Helps us understand visitors and users, and personalize our communication and website experience. Privacy Shield certified.
Analytics for tracking visitors. Helps us understand where visitors are coming and what they're visiting. Based on that we can then improve our content and personalize the experience. Privacy Shield certified.
Heroku is a hosting platform for our apps. Privacy Shield certified.
Log management service. Helps us see internal metrics of applications and data flows. Privacy Shield certified.
Error collecting service. Helps us identify problems in applications. Privacy Shield certified.
Used to process some personal identifiable data and anonymize its results. Privacy Shield certified.
Database management service. We use it to manage database-related workloads among many providers.
Dashboard metrics for visualization of collected data.
We use AWS Redshift for storing personal identifiable data. Privacy Shield certified.
Every user is entitled to:
User is entitled to lodge a complaint with supervisory authority (Estonian Data Protection Inspectorate Syndicate content)
We delete User personal data after one year of consent withdrawal or termination of contract.
For the purpose of better service, we do User profiling on the basis of our legitimate business interests. Examples include automated upgrade reminders when User is close to payment plan limit, reminders to do a specific activity to continue a process, and other similar activities. The consequences of profiling are limited to notifications to the User.
The staff has restricted access to personal identifiable information unless required by the law or lawful processing of personal data. We have internal policy and procedures for data breaches. We have procedures and policies to comply with data portability and right to be forgotten.
If you have any questions in relation to this policy, would like to send a data portability request, or would like to send a Right to be forgotten request, please contact us at firstname.lastname@example.org.