We are committed to protecting your privacy. In order to provide You with uninterrupted use of Our Services, We may collect and process, and, in some circumstances, and by law, disclose information about you with your permission. To ensure better protection of Your privacy, We provide this notice explaining how we collect and process your information including where required by law our disclosure policies, and your choices in regards to the use, access, correction and deletion of your Personal Data. This privacy notice applies to a) entities or individuals, who have subscribed to our Service(s) and have agreed to the Terms (hereinafter referred to as the “Customer”) and b) individuals (“Individuals”) from whom We collect data as a controller.
We are committed to protecting Your privacy. We further recognize Your need for appropriate protection and management of any Personal Information You share with us.
We only process Service Data as per our Customer's instructions. For purposes of the GDPR and the Swiss Federal Act on Data Protection, we are the processor and not the controller of the Service Data. Service Data, as defined in the Terms, means all electronic data, text, messages or other materials, including Personal Data of Users and End-Users, submitted to the Service(s) by our Customers through Customer’s Account in connection with Customer’s use of the Service(s), including data collected under “Usage Information” below. Our EEA or Switzerland based Customers are the “controllers” of that data and are responsible for compliance with the applicable data protection law.
If you are our Customer from EEA or Switzerland, then in your role as a controller, you are authorizing, on behalf of you and your authorized Users and End-Users, and representing that you have the authority to provide such authorization to the processing and transfer of Personal Data in and to the United States and other countries which may have different privacy laws from your or their country of residence. We will take all steps reasonably necessary to ensure that the Service Data is treated securely and in accordance with this Notice.
We do not own, control or direct the use of Service Data, and in fact we are largely unaware of what information is being stored on our platform and only access such information as reasonably necessary to provide the Service(s) (including to respond to support requests), as otherwise authorized by Customers or as required by law. Unless we explicitly agree otherwise in writing, you will not process sensitive personal data (such as health data) on our platform.
As the controller, it shall be your responsibility to inform the End-Users about the processing, and, where required, obtain necessary consent or authorization for any Personal Data that is collected as part of the Service Data through your use of the Service(s). As the processors of Personal Data on behalf of our Customers, we follow Customer’s instructions with respect to the Service Data to the extent consistent with the functionality of our Service(s). In doing so, we implement technical, physical and administrative measures against unauthorized processing of such information and against loss, destruction of, or damage to, Personal Data.
We process Personal Data in the United States and the European Economic Area (“EEA”) and in other countries through third parties that we may use.
We may also share your Personal Data as follows:
If you are an individual resident in EEA or Switzerland, you have the following data protection rights regarding Collected Data:
If you seek access to or wish to correct, update, modify or delete Personal Data (hereinafter referred to as a “Request”) which forms a part of Collected Data, please contact us at firstname.lastname@example.org. We respond to all requests we receive from individuals wishing to exercise their data protection rights within a reasonable timeframe in accordance with applicable data protection laws.
We acknowledge that you have the right to access your Personal Data. We have no direct relationship with the individuals whose Personal Data we process. If you seek access to or wish to correct, update, modify or delete Personal Data (hereinafter referred to as a “Request”) which is part of the Service Data and processed by us on behalf of our Customer or if you are an End-User of one of our Customers and would no longer like to be contacted by one of our Customers that uses our Service(s), you should direct your query to our Customer i.e., the controller. if requested to remove data, We will respond within a reasonable timeframe.
If you are a Customer of our Service(s) and wish to raise a Request on behalf of your Users and End-Users in connection with Service Data, you may raise a ticket on the support portal of the relevant Service. Please note that if a Customer has subscribed to more than one Service, a Request on a particular Service support portal is specific to that Service only and separate Requests need to be raised across other relevant Service support portals.
To the extent, that you are a 'consumer' as defined under the California Consumer Privacy Act of 2018 ("CCPA") and Workativ is a 'business' as defined under CCPA, the following applies to you:
Subject to the provisions of the CCPA, you have the right to request in the manner provided herein, for the following:
If you seek to exercise the foregoing rights to access or delete Personal Data which constitutes 'personal information' as defined in CCPA, please contact us at email@example.com. We respond to all requests we receive from you wishing to exercise your data protection rights within a reasonable timeframe in accordance with applicable data protection laws. By writing to us, you agree to receive communication from us seeking information from you in order to verify you to be the consumer from whom we have collected the Personal Data from and such other information as reasonably required to enable us to honour your request.
We treat data as an asset that must be protected against loss and unauthorized access. We employ many different security techniques to protect such data from unauthorized access by members inside and outside the Company. We follow generally accepted industry standards to protect the Personal Information submitted to Us and information that we have accessed.
If you are our Customer, we will send you announcements related to the Service(s) on occasions when it is necessary to do so. For instance, if our Service(s) is temporarily suspended for maintenance, we might send you an e-mail. Generally, you may not opt-out of communications which are not promotional in nature. If you do not wish to receive them, you may deactivate your Account.
Our Websites contain links to other websites that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other websites or third parties. We encourage you to be aware when you leave our Websites and to read the privacy policies of each and every website that collects Personal Data.
We, including our Group Companies reserve the right to disclose your personal data contained in Collected Data and Service Data as required by applicable law, in response to lawful requests by public authorities, including meeting national security or law enforcement requirements and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or other legal process served on us. Collected Data and Service Data will also be shared between our Group Companies for the activities permitted under the Terms and this Notice.
In the event we go through a business transition, such as a merger or acquisition by another company, or sale of all or a portion of its assets, Customer’s Account, Collected Data and Service Data will likely be among the assets transferred. A prominent notice will be displayed on our Websites to intimate you of any such change in ownership or control and Customers will be notified via an e-mail from firstname.lastname@example.org.