Privacy Policy
Effective as of 6th of August 2019
Introduction
This Privacy Policy document governs the collection, use and storage of personal information about visitors of the Onify websites (onify.co, support.onify.co and related subdomains) and persons who purchase the Onify software. Throughout this document, both visitors and persons who purchase our software will be collectively called Users for convenience and any service that we provide such as the functionality of the website, newsletters, support, or option to purchase the software shall be referred to as Services.
We understand how important it is to explain the privacy implications to you and that standard legal wording of these documents may be incomprehensible. For this reason we have provided standard wording and simplified explanations in the blue boxes. If any part of the document is not clear to you please contact us at [email protected]. Please note that text in the blue boxes is only for convenience while the remainder of the text is legally binding. In the event that there are differences in these texts, the text outside of these boxes is considered applicable.
1. Data Controller
1.1 Onify AB, Box 1092, SE-11764 Stockholm, has a position of a ‘Controller’ as defined in European Union General Data Protection Regulation (GDPR) and we shall be responsible for, and be able to demonstrate compliance with the principles relating to the processing of personal data. We can be contacted by sending an email to [email protected].
We are Onify AB, a company from Sweden, and we are responsible for your personal information that is under our control. We comply with European Union’s privacy legislation which is considered one of the most advanced laws about privacy. You can reach us at [email protected]
2. Types of information
2.1 The Information on Users is divided into personally identifiable (PII) and non-personally identifiable information (Non-PII) depending on whether information, alone or with other information, can identify the User as a specific person. Information about legal entities does not fall within the scope of personal information.
Every piece of information we collect about you can be categorized into two types: 1) information which can be used to recognize you as an individual person such as your name, address, phone number... and 2) information that is completely anonymous and we can’t figure out who it belongs to, such as your browser type, version of operating system you use...
2.2 This Privacy Policy applies to both PII and Non-PII. Specific rights are granted to Users regarding their PII as described herein.
3. Collection and use of PII
3.1 We may obtain some personally identifiable information about Users in order to provide Services. The information we collect is necessary to provide the Services, and we shall not collect any information which is not required by the nature of the Services. We may collect some of the following personally identifiable information:
- First and last name
- E-mail address
- Log files and usage data
- Company name and position
- Other information which you choose to provide
We will only collect what we really need, no more, no less. For every piece of information we collect we have a compelling reason to do so. Depending on how you use our website and software we may collect your full name, email address, information about your use of the website and our software, and where you work. You may at some point also tell us more about yourself but don’t worry, we will keep it between us.
(A) Name
3.2 When entering into a contract for using our Services you have to provide your first and last name. Onify will only use this information to create an account for you and to address you whenever we contact you. Our Services are intended for legal entities and businesses and we need to make sure that the person signing on behalf of such legal entity is authorized to do so.
3.3 Onify will collect your name when you contact us through email or through other communication media provided that such information is contained within a communication. We will use this information only for addressing you in our responses.
3.4 Onify will collect your name if it is listed as a contact detail on the website of the company we want to approach to offer our Services.
We need to know who we are entering into business with and who will sign agreements with us. For this reason we will collect your full name and use it to prepare the agreements and address you properly. You may also introduce yourself when you contact us even if you don’t use our services and we will address you by name when responding. We may learn about your name from the website of the company you work at, but only if you are listed as a contact person.
(B) Email address
3.5 We require your email address when you register to use the Services or you may provide it when you contact our support. We will only use your email address in accordance with this Privacy Policy, including the rules for the duration of the collection. We collect your email address to comply with our contractual obligation of providing our Services, for our legitimate interest in marketing, or with your consent, depending on the purpose of collection. We will collect your email address in the following cases:
-
**When you contact us.** We will collect your email address whenever you contact us through our email [email protected]. Whenever we collect your email address this way, we will only use it in order to respond to your enquiry.
- When you subscribe to our newsletter. We will collect your email address when you subscribe to receive more information about Onify.
- If your email address is associated with a company. If your email address is publicly available and associated with a company as a contact point, we will collect this information and use it for our marketing purposes. You may object to such processing of your information at any time.
We need your email address to contact you. Whether we need to respond to your request when you contact us, send you information about our Services when you subscribe to our newsletter or if we found out about your email address from the company you work at and want to approach you about an offer, we will collect your email address and use it only for the specific purpose for which the information is obtained. If you only sent us a question to our email we will not respond by sending you hundreds of marketing emails. We are very strict when it comes to emails and don’t want to bother you unless you expect us to.
(C) Log files and usage data
3.6 We integrate security systems on our website to prevent malicious attempts and exploits of the website. We scan IP addresses and ban IP addresses that show malicious signs such as seeking exploits and similar. We process this information in the interest of protecting the integrity of the website and of the databases connected with it. We collect your IP address on the basis of a legitimate interest to maintain the integrity and safety of our databases.
3.7 The website and the software collect a series of general data and information when a person accesses the website or when they choose to send us software log files. Information that is collected may include (1) the software and browser types and versions used, (2) the operating system used by the accessing system, (3) the date and time of access to the Services, (4) the internet service provider of the accessing system, and (5) any other similar data and information that may be used in the event of attacks on our information technology systems.
3.8 We collect this information for breach investigation purposes and for providing customer support. When using this information, we may connect specific log files with specific Users. This information is needed to (1) troubleshoot problems and correct system bugs, (2) deliver the content of our website and Services correctly, (3) optimise the content of our website as well as its advertisement, (4) ensure the long-term viability of our information technology systems and website technology, and (5) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. We collect this information based on our legitimate interest or for performance of our contractual obligation where applicable.
How you use our website is very important to us. Some people may try to ‘hack’ our website; others may have a problem viewing the content while some may experience issues with the functionality. In each of these cases your machine is communicating with the server where the website is hosted and the server is keeping track of those communications. We can use this data to protect us from attacks, to fix bugs and issues, and to display the appropriate content to your browser. You may also experience issues with the software and we can only fix them when we know what’s “under the hood” and what happened that caused the issue. Sometimes, although not always, these pieces of data may contain personal information such as your IP address.
(E) Other Information
3.9 You may at some point choose to provide other information which is not required for the proper functioning of the Services. In all such cases we will use this information only for the purpose for which you disclosed it. If we are not sure as to why you are providing such information we will contact you wherever possible. Otherwise we will delete such information.
It is possible that when we communicate you may disclose some personal information that is not listed in this document. Maybe you want to tell us about the school project that was similar to our software or that you have a birthday coming up. We promise that we will not misuse this information.
(F) General
3.10 Some Services will not be available to you if you do not provide the requested Information. We may keep records of any questions, complaints or compliments made by you and the response, if any. Whenever you contact us, we shall collect any information which you choose to provide. We shall store and use this information only for the purpose of responding to your enquiries. Information contained within the enquiry, free from any personally identifiable information, will be stored on our servers for the purpose of improving our Services and providing the best customer support possible.
If you don’t tell us who you are, we can’t enter into an agreement with you. Similarly some services can’t function if we do not have your information. On the other hand we will not ask for your information unless we absolutely need to have it. If you send us something we will only keep it if we can remove any trace of your personal information.
3.11 We do not sell or rent personal information to any third-party. We use collected information for our internal and marketing purposes, as necessary by the nature of the Services, and only in accordance with this Privacy Policy. In some instances, we are obliged to comply with court orders and government requests and provide Information or parts of it to authorized bodies.
3.12 We may disclose your personal information to our partners, agents and operators under confidentiality or similar agreements, including data processors who we believe reasonably need to come into contact with that information: (i) to provide Services per your request; (ii) to administer our business or the website; (iii) to provide customer support; (iv) to update account information; (v) to forward updates, announcements, and newsletters; (vi) to respond to your communications, and communicate with you about the website and other activities related to the Services; (vii) in the event of any reorganization, merger, sale, joint venture, assignment, transfer or disposition of all or any portion of Onify’s business or operations (including without limitation in connection with bankruptcy or any similar proceedings); or (viii) as otherwise authorized by you.
We only use your information for us. We will not sell it, rent it, publicly display it or do anything else that will lead to your information getting into the wrong hands. However, we may share your information with our contractors and subcontractor but they may only use your information under our control and only for the purposes you allowed or knew about.
3.13 We have implemented security procedures and measures in order to ensure appropriate protection of the information we process, against any misuse, unauthorized access, disclosure or modification.
3.14 We acknowledge that the safety of your information is one of the highest priorities and therefore only authorized processors have access to your information. Although we take all appropriate measures in respect to keeping your information secure, you understand that no data security measures in the world can offer 100% protection. If we ever find or suspect a personal data breach we will without delay, within seventy-two (72) hours after becoming aware of it, notify the appropriate supervisory authority about the breach and Users where necessary.
We do our best to keep your data secure. Unfortunately, no security system is 100% secure so just in case we had prepared an “emergency plan” if we ever get breached. We will also notify the authorities as soon as possible about any suspected data breach. We will also aim to notify you if we have your contact information.
3.15 The processing of the information is being performed automatically, without human intervention. However, whenever you contact us through email, the information within the email will be handled and processed by a real person in order to provide you with the answer to the email.
We process your information automatically. A real person will process your data only when we need to communicate with you. We do this to minimize possible data leaks.
4. Storage and transfer of Information
4.1 Information will be stored on secure servers hosted by Onify AB, Intercom R&D Unlimited Company or by ReadMe.io Co. depending on the Services used. We aim to keep all the information on servers located in the EU but sometimes our data processor may host information on servers located outside of EU in countries deemed adequate by the European Commission, or in countries which the European Commission has not deemed inadequate, provided that such countries implement appropriate and suitable safeguards regarding the security of personal information. In any event, hosted servers are controlled and maintained in accordance with sufficient privacy safeguards.
We will keep your data within EU and transfer it to other countries only if we need to use subcontractors from such countries. Before we send data to anyone we make sure that they will handle it securely and that no additional risks are involved with such transfers.
4.2 Some services require the use of third-party solutions or the website or emails may contain links to other external websites that do not fall under our domain. When you are redirected from our website to the third-party website you are no longer interacting with our website and we are not responsible for the privacy practices or the content of such external websites. Any information that you provide through third-party websites will be handled and processed in accordance with their Privacy Policies and other applicable terms.
When you are redirected to other websites or other applications you are no longer interacting with us. Be careful who you are giving your personal information to, because not everyone uses it in the same way.
5. Third Party Services, and Cookies
5.1 We use third-party service providers for some aspects of our services, such as managing emails, communication environment, signing the documents, providing customer support and similar. These service providers sometimes need your personal information in order to properly deliver functionality, but they may only collect and use it under our control. We entered into Data Processing Agreements with all our data processors and you may request a full list of data processors by contacting us at [email protected].
We sometimes integrate functionalities of some other service providers to help us deliver the services to you. If we provide them with some of your personal information we do it only under strict data processing agreements and we exercise our control over them. You can find out more about these services by contacting us at [email protected].
5.2 Cookies help us optimize and improve the user experience of the website by helping us deliver crucial functionalities. The cookies we use may vary over time as we continuously update and improve our website and Services. We may use third party services like Google Analytics, Intercom, ReadMe and others. Cookies from such services are used to collect data for statistical reports.
Cookies sound delicious but they also serve to deliver you the best browsing experience and to help us understand how the website is being used. You can change your cookie settings in your browser but some content may be displayed improperly if you chose to do so.
5.3 You can manage your cookies preferences at any time. This is done in your browser or device settings. Depending on which browser and device you use you may be able to control which cookies you allow, which cookies you want to block in the future, and delete cookies. For more information about these settings visit your browser or device ́s help page. Note that some of Onify’s Services might not work as intended if you choose to disable cookies.
5.4 Third-party vendors, including Google, use cookies to collect anonymous statistical data. Any data collected will be used in accordance with our Privacy Policy and Google’s privacy policy. Users may opt out of Google’s use of Google Analytics by visiting the Google Analytics Opt-out Page. Users may opt out of third-party vendor use of cookies by visiting the Network Advertising Initiative Opt-out Page. http://optout.networkadvertising.org/#/.
5.5 We may use other third-party Services such as Pixel and Analytics services by Facebook, to help us target our ads more effectively. The collected data is saved and processed by Facebook. We are informing you of this matter according to our information at this time. Facebook is able to connect the data with your Facebook account and use the data for their own advertising purposes, in accordance with Facebook’s Data Use Policy found under https://www.facebook.com/about/privacy. You may opt-out of Facebook tracking option by visiting the following link < https://www.facebook.com/ads/website_custom_audiences/> and for other types of third-party ad tracking, by visiting the Network Advertising Initiative Opt-out Page.
5.6 We also inform you regarding the processing of personal data on behalf of Albacross Nordic AB (“Albacross”). Information collected from cookies set in your device that qualify as personal data will be processed by Albacross, a company offering lead identification and ad targeting services with offices in Stockholm and Krakow. The purpose for the processing of the personal data is that it enables Albacross to improve a service rendered to us and our Site (e.g “Lead Generation” service), by adding data to their database about companies. The Albacross database will in addition to “Lead Generation” be used for targeted advertising purposes towards companies and for this purpose data will be transferred to third party data service providers. For the purpose of clarity, targeted advertising regards companies, not towards individuals. The data that is collected and used by Albacross to achieve this purpose is information about the IP-address from which you visited our Site, and technical information that enables Albacross to tell apart different visitors from the same IP-address. Albacross stores the domain from form input in order to correlate the IP-address with your employer. For the full information about our processing of personal data, please see Albacross’ Privacy Policy at https://albacross.com/privacy-policy/.
6. Information retention period
6.1 Information is stored on the servers only for the duration necessary for providing the Services and maintaining the integrity of our databases. We will maintain records of processing activities for the purpose of demonstrating compliance with EU GDPR. If you register to use our Services we will store your information for as long as you have an active account. As soon as you terminate your account we will remove all the information we have collected about you unless we have appropriate legal grounds for continuing their processing.
We only keep your information when it is really necessary. As soon as we do not need it we will delete it.
7. User’s Rights
7.1 You may request to:
- Obtain confirmation if your information is processed, access information about you that we had stored as well as supplementary information.
- Receive a copy of the information on you that is held by Onify in a structured, commonly used and machine-readable format.
- Correct your information.
- Have your personal information deleted.
- Object to the processing of information by Onify.
- Restrict the processing of your information by Onify.
- File a complaint with a supervisory authority.
Under EU privacy laws you have certain rights which you can exercise simply by contacting us at [email protected].
You can request access to the information we have about you, receive a copy of your information, if some information is wrong you can request correction of the information, you can ask us to delete the information or ask us to stop using the information for certain purposes. If you feel that we did not respect your privacy you can also notify a supervisory authority.
7.2 These rights might be limited if they are subject to Onify’s own legitimate interests and regulatory requirements.
7.3 To exercise your rights please contact us at [email protected].
8. Changes to the Privacy Policy
8.1 We reserve the right to change our Privacy Policy at any time. The current version of our Privacy Policy is available through the website, indicating the effective date. You are encouraged to periodically check our Privacy Policy.
We may change our Privacy Policy from time to time and only if the change will affect personal information we already have we will let you know before the changes apply. That’s why you should familiarise yourself with our privacy policy before you give us any information.
9. Contact Information
9.1 If you have any queries or concerns regarding our Privacy Policy and how the information is handled, or you wish to access, retrieve, amend, or update your Information feel free to contact us at [email protected].
In any case, if you have any question, comment or even a suggestion regarding our Privacy Policy, please do not hesitate to let us know at [email protected].
Updated 11 months ago