Last updated in September 2018.
At GrannySquare.org, data privacy and data security are very important to us and we want to make sure that you trust us with your information.
It also sets out how you can contact us if you have any queries or concerns regarding your personal data.
If you have any questions or complaints about this Policy and our data protection processes, please get in touch with us at the contact mentioned below.
"Services" means any product or other service that is operated by grannysquare.org.
"Visitors" means any individual that visits our Websites, but that we can't identify yet.
"Leads" means any Visitor of our Websites that has provided us with identifiable information (e.g., by filling a form on a landing page).
"Users", "Customers" means any individual who has an account with grannysquare.org.
"GDPR" means the General Data Protection Regulation.
Beside these specific definitions we will use the meanings as defined in the GDPR regulation.
1.1.1. Information you provide through our Websites
In specific cases you provide data to us through our Websites. For example, you provide your contact details when you sign up for our newsletter, download a white paper from one of our landing pages, use our free statistics sections or when you fill a contact form.
1.1.2. Information you provide through our Services
You provide data to us when you use our Services. For example, you provide us with information, when you sign up for an account, when you add new users, when you add notes or comments or when you use our Services on an ongoing basis as part of the general features of the Services. For some data that you provide in regards of the Services we are the data processor and you are the data controller. For this purpose we will sign a data processing agreement (DPA) with you, if needed. If you would like to sign such agreement, please get in touch with us at [email protected]
1.1.3. Information you provide through our support channels or direct communication
Through our support channels (e.g., Helpdesk, live chat) and direct email communication you provide us with data about yourself and about the case for which you are contacting us.
1.1.4. Payment information
When setting up a paid account with our Services, you provide us with payment information that allow us to charge you on a recurring basis.
1.2.1 Cookies and other tracking technologies
Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Websites or a third-party to recognize you and make your next visit easier and the Websites more useful to you.
1.2.2. Information on how you use our Services
When you visit and interact with our Services we collect certain information in the background in order to optimize and improve the Services going forward. This includes for example things like device and connection information, log data, logins, page views, API calls (Application Programming Interface), usage of specific features and error logging.
We use the personal data you provided to us only for specific purposes of the corresponding processing activities and only where we have legal bases to do so (in compliance with the GDPR article 6). Once the purpose for a processing activity is not applicable anymore, we will delete the data accordingly (for specifics please read the section on this topic below). In the following sections we list the specific areas in which we use your personal data. For even more transparency we have created a separate list of all our processing activities including the legal bases for processing that involve visitors, leads or users/customers.
We use information you delivered to us in order to provide our Websites, including customer support, log files, rendering fonts and to operate and maintain the Websites. We also use your data in order to personalize your experience.
We use information you gave to us in order to provide our Services, including for account creation, authentication, customer support, log files, rendering fonts and to operate and maintain the Services. We also use your data in order to personalize your experience.
We use your contact information in order to communicate with you about our services. For example, we send you emails for confirmations, customer support, updates to the Services, technical notices and security measures.
When you fill a contact form on our Websites, we use the data to get in touch with you to resolve your case.
We use your information in combination with cookies and tracking technologies with the goal of providing you an improved Websites and Services experience.3.2.1. Cookies
We use data that we gathered through web analytics scripts that we embed in our Websites and Services. For example, we use Google Analytics and Hubspot to analyze user behavior with the goal to improve the Websites and Services.
We use information about you to increase the safety and security of our Websites and Services. For example for verifying your account, detecting fraudulent activities and anything else that would make our Services more secure.
We work with third-party service providers for various tasks within our organization, including billing, marketing, customer support, analysis, accounting and others. If we transfer your personal data to a service provider in order to fulfill a task, we will make sure that the service provider only processes the data based on our instructions and by guaranteeing the same safeguards as we do. On top of that we guarantee that we have signed a data processing agreement with every service provider that makes sure that the partner is bound to the strict rules under the GDPR law.
We will share your information with a third-party (including law enforcement authorities) if we believe that sharing is necessary to comply with any applicable law or governmental requests.
In rare cases we may share non-personal data, such as aggregated information, with third-parties, including for reporting obligations and business/marketing purposes.
We use robust and state-of-the-art technical and organizational measures to secure the data that we have about you. For more details you can find our separate document on technical and organizational measures here. We are reviewing our data protection processes regularly in order to make sure that we protect your data in the best possible way. If we use sub contractors and service providers to fulfill a specific task based on your data, we will make sure that the partner has similar state-of-the-art data protection processes in place.
We store your data only for as long as we need access to it in order to fulfill the purpose of the specific data processing activity. As the data retention period is different from use case to use case we have created a separate document with all our processing activities, in which you can find the exact period for each of the processing activities that we perform. On top of that and where possible we have applied a general rule inside Quintly that all personal data should be deleted or anonymized if you haven't been using our Websites and Services for more than 9 months. Exceptions to this rules only apply if there are technical limitations to guarantee this or where specific laws expect from us that we store the data for a longer time (e.g., requirements from tax authorities for storing documents).