Last Updated: September 15, 2021
- Visit or otherwise interact with our website available at welo.space or any other website, webpage, or e-mail under our control (collectively the “Sites”)
- Use our interactive visual workspace (the “Space”) via the sites or integrations, addons or extensions
- Engage with us in other ways – including any sales, marketing or similar activities (“Users”, and together with the Sites and Space – the “Service”)
TABLE OF CONTENTS
- What data do we collect?
- How do we use your data?
- Will your data be shared with anyone?
- Is your data transferred internationally?
- Are cookies and other tracking technology used?
- How do we communicate with you?
- How long do we keep your data?
- How do we keep your data safe?
- What about links to other websites and services?
- Do we collect data from minors?
- What are your data subject rights?
- Additional notices and how to contact us
WHAT DATA DO WE COLLECT?
In short: We collect technical data, profile data, content, and other data received from you, your organization and other third-party sources.
We collect and control various types of personal data regarding our Users of Sites. Such data is collected and generated through your interaction with us or with our Service, through automatic means, or directly from you, from other Users, from our Customers, or from other third parties (including our Service Providers, as defined below). Specifically, we collect the following categories of data (which, to the extent it relates to an identified or identifiable individual, is deemed as “personal data”):
- Data automatically collected or generated: When you visit, interact with, or use our Service, we collect, record or generate certain technical data about you. We do so either independently or with the help of third-party Service Providers, including through the use of “cookies” and other tracking technologies. Information on cookies and tracking technology is provided below. Such data consists of connectivity, technical and aggregated usage data, such as IP addresses and general locations, device and application data (like type, operating system, mobile device or app id, browser version, locale and language settings used), date and time stamps of usage, the relevant cookies and pixels installed on or interacted with via such device, and the recorded activity (sessions, clicks, use of features, logged activities and other interactions) of visitors and Users in connection with our Service.
- User Data received from you: When you contact us, sign up to the Service and create your individual profile, or sign up to an event that we host, organize or sponsor, you provide us with personal data. This would typically include your name, workplace and position, contact details (such as e-mail, phone and address), account login details (e-mail address and other authenticators are automatically hashed), as well as any other data you choose to provide when you use our Service, contact us, or interact with others via our Service. You may also provide us with your profile photo, location, time-zone, skills, device, general location, and activity logs and data; as well as your preferences, characteristics and objectives for using the Service. You may also send us a “Contact Us” or support requests, or provide us with feedback, reviews, or responses to our surveys or promotions, including by submitting an online form on our Service or social media channels, by posting on any of our online public forums or communities, by sending an e-mail to any of our designated addresses, or any other form of communication. Such data may include details on an issue you are experiencing, contact information and any other documentation, screen recording, screenshots or other information.
- Customer Data: Welo’s customers may provide us with additional data such as their billing details, business needs and preferences. To the extent that such data concerns a non-human entity (e.g. the bank account of a company or business), it will not be regarded as “personal data” in most countries.
- Data received from other third parties: We may receive personal data which relates to you from other sources. For example, if you participate in an event that we sponsor or participate in, we may receive your personal data from its organizers. We may also receive your contact and professional details (e.g., your name, company, position, contact details and professional experience, preferences and interests) from our Partners (defined below), from our service providers, and through the use of tools and channels commonly used for connecting between companies and individual professionals in order to explore potential business and employment opportunities, such as LinkedIn.
- Data obtained through analytics tools: We use analytics tools (e.g., Google Firebase) to collect data about the use of our Sites and Service. Analytics tools collect data such as how often Users and visitors visit or use the Sites or Service, which pages they visit and when, which website, ad or e-mail message brought them there, and how they interact with and use our Service and its various features.
HOW DO WE USE YOUR DATA?
In short: We us personal data to provide, improve and secure our Service; for analytics, marketing and sales purposes; to comply with applicable laws; and to support legitimate interests. We do not sell your personal data.
Here are specific purposes for which we use personal data:
- In order to facilitate, operate, and provide our Service;
- In order to authenticate the identity of our Users, and to allow them to access our Service;
- In order to provide our visitors, Users and Customers with assistance and support;
- In order to gain a better understanding on how visitors and Users evaluate, use and interact with our Service, and how we could improve their and others’ user experience, and continue improving the overall utility and performance of our Service;
- In order facilitate and optimize our marketing campaigns, sales operations, and to promote our Service, including on other websites and applications.
- In order to contact our visitors, Users and Customers (whether existing or prospective) with general or personalized service-related messages, as well as promotional messages consistent with consent that has been obtained to do so (you may opt out of marketing communications by following the opt-out or unsubscribe instructions at the bottom of the email);
- In order facilitate, sponsor and offer certain events;
- In order to support and enhance our data security measures, including for the purposes of preventing and mitigating the risks of fraud, error or any illegal or prohibited activity;
- In order create aggregated statistical data, inferred non-personal data or anonymized or pseudonymized data (rendered non-personal), which we or others may use to provide and improve our respective services, or for any other business purpose; and
- In order to comply with applicable laws and regulations.
WILL YOUR DATA BE SHARED WITH ANYONE?
In short: We share your data with our Service Providers; in accordance with legal compliance requirements; and amongst other Space Users.
We may process or share your data that we hold based on the following legal basis:
- Consent: We may process your data if you have given us specific consent to use it for a specific purpose.
- Legitimate interest: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
- Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
- Legal Obligations: Although we anticipate such circumstances to be extremely rare, we may disclose or allow government and law enforcement officials access to your personal data when we are legally required in order to do so to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process. This could happen in response to a court order or a subpoena in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or such disclosure is required to protect the security or integrity of our products and services.
- Service Providers: We engage selected third-party companies and individuals to perform services complementary to our own. Such service providers include providers of cloud infrastructure, communications and content delivery networks (CDNs), data and cyber security services, fraud detection, investigation and prevention services, web and mobile analytics, e-mail and communication distribution and monitoring services, session or activity recording services, remote access services, performance measurement, data optimization and marketing services, social and advertising networks, content providers, e-mail, voicemails, support and customer relation management systems, and our legal, compliance and financial advisors and auditors (collectively, “Service Providers”). These Service Providers may have access to your personal data, depending on each of their specific roles and purposes in facilitating and enhancing our Service, and may only use it for such limited purposes as determined in our agreements with them.
- Application Providers and Event Sponsors: if so instructed or permitted by you or your Account Admin, we may share your personal data (such as your User Profile and contact details, as well as relevant usage data) with the provider(s) of any 3rd party applications or integrations added to your Account. Similarly, if you register to any event that we host, organize or sponsor, then with your permission we may share your registration details with others, including the hosts, organizers, speakers, service providers and sponsors of that event, so that they may contact you with relevant information and offers, or to fulfill any promotions related to the event.
- Customers and other Users: Your personal data may be shared with the Customer owning the Account to which you are subscribed as a User (including data and communications concerning your User Profile), as well as other Users of that Account or Space. Your personal data and activity within the Service may also be monitored, processes and analyzed by the Account Admin. This includes instances where you contact us for help in resolving an issue specific to a team of which you are a member (and which is managed by the same Customer). Please note that Welo is not responsible for and does not control any further disclosure, use or monitoring by or on behalf of the Customer (including sharing of boards or use of broadcast features within the Service), that itself acts as the “Data Controller” of such data.
- Service integrations: When you access the Space as a User, your Account Admin may choose to integrate your Account on the Service with a third-party service (provided that such integration is supported by our Service). The provider of this integrated third-party service may receive certain relevant data about or from your Account on the Service, or share certain relevant data from that account on the third-party provider’s service with our Service, depending on the nature and purpose of such integration. This could include your User Data. Note that we do not receive or store your passwords for any of these third-party services (but do typically require your API key in order to integrate with them). If you do not wish your data to be shared with such third-party service(s), please contact your Account Admin.
- Protecting Rights and Safety: Your personal data may be shared with others if we believe in good faith that this will help protect the rights, property or personal safety of Welo, any of our Users or Customers, or any members of the general public.
- Additional Purposes: For the avoidance of doubt, your personal data may be shared by Welo in additional manners, pursuant to your explicit approval, or if we are legally obligated to do so, or if we have successfully rendered such data non-personal and anonymous.
IS YOUR DATA TRANSFERRED INTERNATIONALLY?
In short: We may transfer, store, and process your information in countries other than your own.
We are headquartered in the United States and have service providers that are located in other countries. As such, your personal information may be transferred to the United States or other locations outside your state, province, or country where privacy laws are not as protective as those in your state, province or country. We will however take all necessary measures to protect your personal information in accordance with this privacy notice and applicable law.
Your data may be stored in multiple locations around the world, for as long as necessary in accordance with our reasonable business needs; as necessary for the performance of our Service; for supporting and exercising our legitimate interests; and in accordance with our legal obligations.
European Commission’s Standard Contractual Clauses
We have implemented measures to protect your personal information, including using the European Commission’s Standard Contractual Clauses for transfers of information between us and our third-party providers. These clauses require all recipients to protect all personal information that they process originating from the EEA or UK in accordance with European data protection laws and regulations. Our Data Processing Agreements that include Standard Contractual Clauses can be provided upon request. We have implemented similar appropriate safeguards with our third-party service providers and partners and further details can be provided upon request.
ARE COOKIES AND OTHER TRACKING TECHNOLOGY USED?
Our Service (including some of our Service Providers) utilize “cookies”, anonymous identifiers, pixels, container tags and other technologies in order for us to provide our Service and ensure that it performs properly, to analyze our performance and marketing activities, and to personalize your experience. Such cookies and similar files or tags may also be temporarily placed on your device. Certain cookies and other technologies serve to recall personal data, such as an IP address, previously indicated by a User.
Please be aware that we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application. However, most browsers allow you to control cookies, including whether or not cookies are accepted,and provide a means to remove cookies. Most browsers may be set to notify you if you receive a cookie, or to block or remove cookies altogether. Should you choose not to accept, to block, and/or to remove cookies, your experience with our Service as well as your web browsing experience may be impacted.
HOW DO WE COMMUNICATE WITH YOU?
In short: we engage in service and promotional communications, through email and notifications
- Service Communications: We may contact you with important information regarding our Service. For example, we may contact you to inform you about changes or updates to our Service, service changes, log-in attempts or password reset notices, etc. Please note that these communications are integral to the delivery of the service and therefore the option to opt-out is not provided.
- Promotional Communications: We may also notify you about new features, additional offerings, events and special opportunities or any other information we think our Users will find valuable. We may provide such notices through any of the contact means available to us (e.g., e-mail and notification), through the Service, or through our marketing campaigns on any other sites or platforms. If you do not wish to receive such promotional communications, you may notify us at any time by sending an e-mail to email@example.com, or by following the “unsubscribe”, “opt-out” or “change e-mail preferences” instructions contained in the promotional communications you receive.
HOW LONG DO WE KEEP YOUR DATA?
In short: We keep your information as long as necessary to fulfill the purposes outlined in this privacy notice unless otherwise required by law
HOW DO WE KEEP YOUR DATA SAFE?
In short: We aim to protect your personal data through a system of organizational and technical security measures
Your data is protected by industry-standard physical, procedural and technical security measures, including encryption as appropriate. However, please be aware that regardless of any security measures used, we cannot and do not guarantee the absolute protection and security of any personal data stored. No method of transmission over the Internet, or method of electronic storage, is 100% secure. As a result, transmission of personal information to and from our Service is at your own risk. You should only access our Service within a secure environment.
WHAT ABOUT LINKS TO OTHER (THIRD-PARTY) WEBSITES OR SERVICES?
In short: Links to third party websites and/or third-party services may be available via the Service. Each third party’s own privacy statement (and not Welo’s) applies to these links, websites and services.
The Service may contain links to make it easier for you to visit third party websites and third-party services. These websites and services are managed by third parties and Welo encourages you to review the privacy statements of websites and services you choose to link to from the Service so that you can understand how these third parties’ websites and third-party services collect, use and share your data. Welo is not responsible for the privacy statement or other content on the third-party websites or third-party services you may link to.
DO WE COLLECT DATA FROM MINORS?
In short: We do not knowingly collect data from or market to individuals under 16 years of age.
Our Service is not intended for children or minors younger than sixteen (16) year of age. We do not knowingly collect, nor wish to collect, any personal data from individuals under sixteen (16) years of age. No one under age sixteen (16) may provide any identifying personal data to Us, provide any other information, or attempt to utilize our service in any capacity. If we learn that an individual under the age of sixteen (16) is using the Service, we will attempt prohibit and block such use. Likewise, we will delete any personal data collected that we later determine to be from a user younger than the age of sixteen (16). If you are a parent or guardian of an individual under the age of sixteen (16) and believe that individual has disclosed personal data to us, please contact us at firstname.lastname@example.org.
WHAT ARE YOUR DATA SUBJECT RIGHTS?
In short: If you are governed by applicable data protection laws, you may exercise your rights to access to and control your personal information by contacting us as stated below.
If you wish to exercise your privacy rights under applicable law (including the EU or UK GDPR or the California Consumer Privacy Act), such as the right to request access to, rectification or erasure of your personal data held with Welo, or to restrict or object to such personal data processing, or to obtain a copy or port such personal data (each to the extent available under the laws which apply to you) – please contact us by email at email@example.com.
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal data conducted in reliance on lawful processing grounds other than consent.
If you have questions or comments about your privacy rights you may email us at firstname.lastname@example.org.
ADDITIONAL NOTICES AND HOW TO CONTACT US
- DPO: Welo has appointed Erin Benson as our Data Protection Officer, for monitoring and advising on Welo’s ongoing privacy compliance and serving as point of contact on privacy matters for data subjects and supervisory authorities. You may contact our DPO about privacy matters via email: email@example.com.
- EU Representative:
Maetzler Rechtsanwalts GmbH & Co KG
- UK Representative:
Prighter Ltd (UK)
20 Mortlake Mortlake High Street
London SW14 8JN