Privacy Policy
Privacy Policy
Jun 30 2023
Jun 30 2023
Data protection safeguards your (“you”; “Data Subject”) rights and freedoms when personal data is processed. The purpose of data protection is to define when and on what conditions personal data can be processed. This privacy policy (“Privacy Policy”) explains in detail how Commslayer (“we”; “us”; our) collect, use and disclose your personal data. Please read this document carefully before submitting any personal data to us.
Data protection safeguards your (“you”; “Data Subject”) rights and freedoms when personal data is processed. The purpose of data protection is to define when and on what conditions personal data can be processed. This privacy policy (“Privacy Policy”) explains in detail how Commslayer (“we”; “us”; our) collect, use and disclose your personal data. Please read this document carefully before submitting any personal data to us.
1.
1.
General informations
General informations
This Privacy Policy governs the processing of personal data by us. The Privacy Policy does not cover any third-party websites, applications, software, products, or services that integrate with our services or are linked to Us or to our services.
This Privacy Policy governs the processing of personal data by us. The Privacy Policy does not cover any third-party websites, applications, software, products, or services that integrate with our services or are linked to Us or to our services.
We may act either as a data controller and a data processor. Our role depends on the specific situation in which personal data is handled by us, as explained in detail below:
We may act either as a data controller and a data processor. Our role depends on the specific situation in which personal data is handled by us, as explained in detail below:
1.
1.
Data controller. When we are data controller, we determine the purposes and means of the processing of personal data. Hence, we are controller when you send us an inquiry or conclude a service or employment contract with us or when we collect publicly available personal data that is directly related to a person’s role in a company. Situations when we are controller of personal data are further explained on this document. We comply with data controller’s obligations set forth in the applicable laws.
Data controller. When we are data controller, we determine the purposes and means of the processing of personal data. Hence, we are controller when you send us an inquiry or conclude a service or employment contract with us or when we collect publicly available personal data that is directly related to a person’s role in a company. Situations when we are controller of personal data are further explained on this document. We comply with data controller’s obligations set forth in the applicable laws.
2.
2.
Data processor. We area data processor when we process personal data on behalf of controller. As a processor we process your data only in accordance with the instructions issued by a respective data controller in the agreed data processing agreement made between Us and the controller.
Data processor. We area data processor when we process personal data on behalf of controller. As a processor we process your data only in accordance with the instructions issued by a respective data controller in the agreed data processing agreement made between Us and the controller.
Our service is not intended for use by children (i.e., persons who are minors in their country of residence). Therefore, we do not knowingly process minors’ personal data. If you, as a parent or a legal guardian of a child, become aware that the child has submitted his/her personal data to us, please contact us immediately. We will delete your child’s personal data from our systems without undue delay.
Our service is not intended for use by children (i.e., persons who are minors in their country of residence). Therefore, we do not knowingly process minors’ personal data. If you, as a parent or a legal guardian of a child, become aware that the child has submitted his/her personal data to us, please contact us immediately. We will delete your child’s personal data from our systems without undue delay.
The Privacy Policy may be updated from time to time. We encourage you to review our Privacy Policy to stay informed.
The Privacy Policy may be updated from time to time. We encourage you to review our Privacy Policy to stay informed.
2.
2.
What personal data do we collect and for what purposes and which legal bases do we use it ?
What personal data do we collect and for what purposes and which legal bases do we use it ?
As a part of our business, we shall collect and use your personal data only for the purposes stated in this Privacy Policy.
As a part of our business, we shall collect and use your personal data only for the purposes stated in this Privacy Policy.
We shall process personal data provided by you as follows:
We shall process personal data provided by you as follows:
1.
1.
Account information. When you register your user account, we collect personal data necessary to register you to our services, such as email address, name, company name, website URL, and your role in the company.
Account information. When you register your user account, we collect personal data necessary to register you to our services, such as email address, name, company name, website URL, and your role in the company.
2.
2.
Agreement related information. We shall process agreement, such as service agreement or employment agreement, related information in connection with our business.
Agreement related information. We shall process agreement, such as service agreement or employment agreement, related information in connection with our business.
3.
3.
Inquiries. When you contact us, we process information related to your inquiry such as your name, email address, and any information that you decide to include in your message.
Inquiries. When you contact us, we process information related to your inquiry such as your name, email address, and any information that you decide to include in your message.
We shall observe the following information from the usage of our services:
We shall observe the following information from the usage of our services:
1.
1.
Usage data. When you use services provided us, we may collect usage information such as registration log, login/logout, time stamps of usage activities, including how you open and close communication sent by us.
Usage data. When you use services provided us, we may collect usage information such as registration log, login/logout, time stamps of usage activities, including how you open and close communication sent by us.
2.
2.
Agreement related information. We shall process agreement, such as service agreement or employment agreement, related information in connection with our business.
Agreement related information. We shall process agreement, such as service agreement or employment agreement, related information in connection with our business.
3.
3.
Cookies. When you browse our websites, we collect your cookie-related data including advertising identifier. For more information about the purposes for which we use cookies, please refer to our Cookie Policy.
Cookies. When you browse our websites, we collect your cookie-related data including advertising identifier. For more information about the purposes for which we use cookies, please refer to our Cookie Policy.
Legal basis. We use your personal data to provide you with the service and/or fulfil the contractual obligations. This requires us to process your data for the customer/employment/partner relationship management, support, and communication, conducting customer surveys, customer complaint handling, maintenance, software and system updates, user identification as well as for problem diagnosis and fixing. Hence, the above-mentioned processing of your personal data is based on your agreement with us.
Legal basis. We use your personal data to provide you with the service and/or fulfil the contractual obligations. This requires us to process your data for the customer/employment/partner relationship management, support, and communication, conducting customer surveys, customer complaint handling, maintenance, software and system updates, user identification as well as for problem diagnosis and fixing. Hence, the above-mentioned processing of your personal data is based on your agreement with us.
In addition, we use your personal data for the following purposes based on legitimate interests pursued by us or you have given us a consent for the processing:
In addition, we use your personal data for the following purposes based on legitimate interests pursued by us or you have given us a consent for the processing:
Analytics and development purposes, including creating aggregated groups based on your usage activities and a database for persons holding a role in public life such as business people. This also enables us to understand our users’ needs as customers and to improve the quality and user experience of our current and future services and offerings.
Analytics and development purposes, including creating aggregated groups based on your usage activities and a database for persons holding a role in public life such as business people. This also enables us to understand our users’ needs as customers and to improve the quality and user experience of our current and future services and offerings.
Marketing purposes, including communicating with you about our offerings, conducting sales promotions, and other marketing campaigns, as well as creating aggregated target groups for marketing. Knowing customers’ preferences enables us to target our offerings and provide products and services that better meet the needs and expectations of our customers.
Important note: Google user data obtained through Gmail or Google Workspace integration is never used for these advertising or marketing purposes. Please refer to our "Google User Data" section for specific policies regarding Google user data.
Marketing purposes, including communicating with you about our offerings, conducting sales promotions, and other marketing campaigns, as well as creating aggregated target groups for marketing. Knowing customers’ preferences enables us to target our offerings and provide products and services that better meet the needs and expectations of our customers.
Important note: Google user data obtained through Gmail or Google Workspace integration is never used for these advertising or marketing purposes. Please refer to our "Google User Data" section for specific policies regarding Google user data.
Information and account security purposes, including detecting or preventing various types of misuse of services and fraud to provide you with secure and reliable services.
Information and account security purposes, including detecting or preventing various types of misuse of services and fraud to provide you with secure and reliable services.
We may also process personal data to be in compliance with the obligations laid down in the applicable law, regulations and decisions issued by authorities. Such examples of statutory obligations that require the processing of personal data can be the following:
We may also process personal data to be in compliance with the obligations laid down in the applicable law, regulations and decisions issued by authorities. Such examples of statutory obligations that require the processing of personal data can be the following:
prevention, detection and investigation of fraud;
prevention, detection and investigation of fraud;
accounting and tax regulations;
accounting and tax regulations;
regulatory reporting;
regulatory reporting;
obligations related to risk management;
obligations related to risk management;
other obligations related to service- or product-specific legislation; and
other obligations related to service- or product-specific legislation; and
obligations under employment legislation.
obligations under employment legislation.
Electronic Direct Marketing and communication via email. We may send you electronic direct marketing, such as newsletters, promotions about new products as well as information about user surveys and trials, by email. You can opt-out such electronic direct marketing or communication at any time free of charge by clicking on the “unsubscribe” link included in our newsletters, adjusting the settings of your user account, or by contacting us directly.
Electronic Direct Marketing and communication via email. We may send you electronic direct marketing, such as newsletters, promotions about new products as well as information about user surveys and trials, by email. You can opt-out such electronic direct marketing or communication at any time free of charge by clicking on the “unsubscribe” link included in our newsletters, adjusting the settings of your user account, or by contacting us directly.
Sensitive data. We do not collect or have access to any special categories of personal data as defined by Art. 9 of the GDPR (“sensitive data”) from you unless you decide to provide such data to us or mandatory legislation, such employment legislation, requires us to do it. Sensitive data is information that relates to your health, genetics, biometrics, religious and political beliefs, racial origins, membership of a professional or trade association, sex life, or sexual orientation. If Your Data contains the said sensitive data, we will process such data for the purpose of fulfilling our contractual or legal obligations, such as regarding employment relationship.
Sensitive data. We do not collect or have access to any special categories of personal data as defined by Art. 9 of the GDPR (“sensitive data”) from you unless you decide to provide such data to us or mandatory legislation, such employment legislation, requires us to do it. Sensitive data is information that relates to your health, genetics, biometrics, religious and political beliefs, racial origins, membership of a professional or trade association, sex life, or sexual orientation. If Your Data contains the said sensitive data, we will process such data for the purpose of fulfilling our contractual or legal obligations, such as regarding employment relationship.
3.
3.
Retention of Personal Data
Retention of Personal Data
We store your personal data only for as long as such personal data is required for the purposes described in this Privacy Policy or until you request us to delete your personal data, whichever comes first.
We store your personal data only for as long as such personal data is required for the purposes described in this Privacy Policy or until you request us to delete your personal data, whichever comes first.
4.
4.
Sharing and disclosing of data
Sharing and disclosing of data
We store your personal data only for as long as such personal data is required for the purposes described in this Privacy Policy or until you request us to delete your personal data, whichever comes first.
We store your personal data only for as long as such personal data is required for the purposes described in this Privacy Policy or until you request us to delete your personal data, whichever comes first.
4.1
4.1
Sharing of your personal data
Sharing of your personal data
We share your data in the following ways:
We share your data in the following ways:
Our third-party vendors, who provide us with cloud-based IT and business support as well as customer care services, may need to process your information. All such third parties are operating under contract and acting on behalf of us.
Our third-party vendors, who provide us with cloud-based IT and business support as well as customer care services, may need to process your information. All such third parties are operating under contract and acting on behalf of us.
Competent authorities. When required in response to a legal process or request from a competent authority according to applicable laws or in connection with a legal proceeding or process.
Competent authorities. When required in response to a legal process or request from a competent authority according to applicable laws or in connection with a legal proceeding or process.
Mergers, acquisitions or sale of assets. When required as part of a merger, acquisition, sale of assets (such as service agreements) or transition of service to a group entity or another company.
Mergers, acquisitions or sale of assets. When required as part of a merger, acquisition, sale of assets (such as service agreements) or transition of service to a group entity or another company.
When transferring and disclosing your data outside the EU/EEA in above mentioned situations, where the local law may not provide the same level of protection, we comply with applicable legal requirements for providing adequate safeguards to such transfer by e.g. using the European Commission’s Standard Contractual Clauses (SCC).
When transferring and disclosing your data outside the EU/EEA in above mentioned situations, where the local law may not provide the same level of protection, we comply with applicable legal requirements for providing adequate safeguards to such transfer by e.g. using the European Commission’s Standard Contractual Clauses (SCC).
5.
Your rights
Your rights
You have the right to control how your personal data is processed by us by exercising the rights listed below:
You have the right to control how your personal data is processed by us by exercising the rights listed below:
Right of access: you can get a copy of your personal data that we store in our systems;
Right of access: you can get a copy of your personal data that we store in our systems;
Right to rectification: you can rectify inaccurate personal data that we process about you;
Right to rectification: you can rectify inaccurate personal data that we process about you;
Right to erasure (‘right to be forgotten’): you can ask us to erase your personal data;
Right to erasure (‘right to be forgotten’): you can ask us to erase your personal data;
Your data is unlawfully processed, but you do not want to erase it.
Your data is unlawfully processed, but you do not want to erase it.
You have a legal claim that you need to establish, exercise, or defend, and you requested us to keep your data when we would not keep it otherwise.
You have a legal claim that you need to establish, exercise, or defend, and you requested us to keep your data when we would not keep it otherwise.
You have contested the accuracy of your personal data and the accuracy of your data is pending our verification.
You have contested the accuracy of your personal data and the accuracy of your data is pending our verification.
Your request for objection is pending our verification process
Your request for objection is pending our verification process
Right to data portability: you can ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format
Right to data portability: you can ask us to provide you with a copy of your personal data in a structured, commonly used and machine-readable format
Right to object: you can ask us to stop processing your personal data;
Right to object: you can ask us to stop processing your personal data;
Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or
Right to withdraw consent: you have the right to withdraw your consent, if you have provided one; or
Right to complaint: you can submit your complaint regarding our processing of your personal data to local data protection authority. For more information, please see https://tietosuoja.fi/en/home.
Right to complaint: you can submit your complaint regarding our processing of your personal data to local data protection authority. For more information, please see https://tietosuoja.fi/en/home.
If you would like to exercise any of your rights, please contact us by email at hello@commslayer.com or by post (you can find our postal address at the end of this Privacy Policy) and explain your request in detail. The scope of your right depends on the nature of processing and legal basis. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information that allows us to identify you in our system. We will answer your request within a reasonable time frame but no later than 2 weeks.
If you would like to exercise any of your rights, please contact us by email at hello@commslayer.com or by post (you can find our postal address at the end of this Privacy Policy) and explain your request in detail. The scope of your right depends on the nature of processing and legal basis. In order to verify the legitimacy of your request, we may ask you to provide us with an identifying piece of information that allows us to identify you in our system. We will answer your request within a reasonable time frame but no later than 2 weeks.
6.
6.
Information security
Information security
We use various technical or organization methods and security measures to seek so ensure a sufficient level of data security and to prevent your personal data from accidental loss and from unauthorized access, use, alteration, and disclosure.
We use various technical or organization methods and security measures to seek so ensure a sufficient level of data security and to prevent your personal data from accidental loss and from unauthorized access, use, alteration, and disclosure.
Only the personnel with work related needs have access to your personal data.
Only the personnel with work related needs have access to your personal data.
7.
7.
Google user data
Google user data
Access
We access Gmail and Google Workspace data only after obtaining explicit user consent through Google's OAuth 2.0 protocol.
The scope of access is limited to what is necessary for providing email client functionality within our helpdesk app.
Use
We use Gmail data solely to display, send, and manage emails within our helpdesk interface.
This includes reading email content, attachments, labels, and other metadata to provide a comprehensive email management experience.
We may use email data to provide features such as ticket creation from emails, auto-responses, and email tracking within the helpdesk system.
We do not use Google user data for any purposes prohibited by Google, including but not limited to:
Marketing or advertising purposes
Selling to third parties
Data mining, analytics, or content analysis beyond what's necessary for providing and improving our helpdesk functionality
Any other purpose not directly related to providing and improving our helpdesk service
Storage
All stored data is encrypted at rest using industry-standard encryption methods.
Sharing
We do not share Google user data with third parties except as necessary to provide our helpdesk services (e.g., cloud hosting providers).
Any third-party service providers we use are bound by strict confidentiality agreements and data protection requirements.
We never sell Google user data or use it for advertising purposes.
Data Retention and Deletion
Google user data is retained only for as long as necessary to provide our helpdesk services.
Users can revoke our app's access to their Gmail data at any time through their Google Account settings or by uninstalling the app.
Upon revocation of access or account deletion, we will remove all associated Google user data from our systems within 1 day.
Security Measures
We employ industry-standard security measures to protect Google user data, including encryption in transit and at rest, access controls, and regular security audits.
By using our helpdesk app with Gmail integration, you acknowledge and agree to our handling of Google user data as described in this section and throughout this Privacy Policy.
8.
8.
Contact details
Contact details
If you have any questions about this Privacy Policy or our data protection practices, please contact us by: hello@commslayer.com
If you have any questions about this Privacy Policy or our data protection practices, please contact us by: hello@commslayer.com
Copyright © Commslayer Inc.