Our goal as a company is to enable other companies and professionals to use data to create efficient and meaningful online experiences for Internet users around the world. In the pursuit of this goal, we are dealing with lots of data - including sensitive or personally identifiable information. In some cases, we act as a Controller, in others as a Processor of data.
For example, when you contact us, sign up for the product, apply for a job or become our employee, we obtain data and we act as its Controller. We define the purpose and means of the data collection and processing and it's up to us to make sure that we do that in compliance with applicable laws.
If you use our product to collect and process data, we act as a Processor. Our role is to guarantee that your data is processed in accordance with product description and industry standards, but we do not control what data is collected, how it is used and what for. It is your duty to obtain and process the data legally, otherwise, you may be held accountable for your actions.
The best way to avoid risks of a data breach or illegal use of data is to have no personal or sensitive information at all. This is why we anonymise or pseudonymise data whenever it is possible. If it's not possible, we make sure to delete the data once it is no longer needed.
To avoid human errors. employees and subcontractors have the minimum access to data and the permissions are extended temporarily based upon job function and need-to-know criteria. We make sure that personnel or entities that receive access are aware of potential risks, have clear guidelines on how to access the data and sign Non-Disclosure or similar agreements.
If you are a website user, we don't know who you are and we will not attempt to identify you. Any information that we collect about you and your behaviour is fully anonymised. We may use this data for statistical purposes, or to improve our website either indirectly through analysis of such data or directly by using the data to dynamically change website's content or navigation. If you decide to share your personal information with us by contacting us or signing up for our product, we will make sure that your personal data are secure, stored only as long as it makes sense and never shared with anyone without your consent.
If you sign up for our product you will need to provide your personal and contact details. We may connect this data with your activity in our product or on our website to understand how you interact with our product, improve it, or provide support to you. You will be able to delete your account at any moment and, within a reasonable timeframe, all information about you will be deleted from our systems.
As a user of our product, you will store and process your own data about your own users in our service. You will be solely responsible for this data and you will remain in control of it. You will be able to delete your data at any time. We will never share your data with anyone or resell it. As the administrators of the system, we will have access to that data and we may examine it within a scope necessary to provide service continuity. Using the GDPR nomenclature, you act as a Data Controller and we act as a Data Processor.
We will make sure that any documents related to our professional relationship will be stored securely and only as long as it is required by law. Any information we obtain related to your personal situation will remain confidential.
We may share your performance data (inc. compensation) internally with both managers and your peers in order to improve the efficiency of our company.
As an employee or a subcontractor you will be required to sign an NDA (Non-Disclosure Agreement) and comply with our rules and policies related to data processing.
The vendors we select as data processors are all, just like us, complient with GDPR (The General Data Protection Regulation 2016/679) - a regulation in EU law.
We are using G Suite for online office tools: email, online documents and calendars.
Any automated emails - from password reset messages to notifications - will be sent to you using Sendgrid.
Temporarily, some personal data might be stored outside of the cloud on devices of our employees or vendors (i.e. legal councel). We require that such data is removed from devices once it becomes obsolete.
We do however use Web Storage to store some data in your browser either temporarily (data is erased when you close a browser tab) or persistently (data is erased either when it expires or when you manually erase it using a standard feature in your browser). The data stored persistently are anonymous and do not allow to identify you as a person. It may include a randomly assigned ID and/or information about your past activity. We can only access data stored in Web Storage when you visit our website or applications and the data cannot be used by to target you when you visit third-party websites.