Last modified: May 25, 2018.
If you do not agree with this Policy, do not download, sign up, or use the Chanty, Inc. Services.
What information do we collect from users visiting our website or using our Services?
We may collect the following kinds of information from and about you:
- contact information, such as full name, email address and any contact information that you choose to provide when you sign up for the Services;
- the information you provide when you use our Services while communicating with other members on Chanty, such as the date a file was uploaded;
- the content of all communications on or through the Services: user communications, feedback, suggestions and ideas sent to us or any other information that you provide to us when you contact or engage us for support regarding the Services;
- any other information you choose to upload, share with other users or provide to us directly through the Services;
- information about how you use our Services, such as the types of content you view or engage with or the frequency and duration of your activities.
Chanty may receive information about you from other services you choose to use, such as integrations, according to their terms and policies. We may use information received for the purposes, described in ‘How we use the information we collect’ section of this Policy.
Device information and location.
We may collect information from or about the computers, phones or other devices where you install or access our Services, including but not limited to device locations, such as through GPS, Bluetooth, or Wi-Fi signals. We may associate the information we collect from your different devices, to help us provide the Services consistently across your devices.
Log and cookie data.
We automatically collect information provided by your browser or operating system through the Services, such as your Internet protocol (IP) address and other browser or device identifiers, browser type, operating system, crash data, pages that you visit before using the Services, the date and time of your visit, information about your activities and actions (the links you follow or pages you view) within the Services and other standard server log information.
What if you choose to disable cookies in your browser?
Access to some features or Services will be disabled or may function improperly.
Do we intentionally collect data from children under the age of 16?
Chanty Services are not intended for children under 16 years of age, and we do not knowingly collect personal information from children under 16. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information immediately. If you believe we might have any information from or about a child under 16, please contact us at: email@example.com
When do we collect personal information?
Browsing Chanty web pages is possible without indication of personal data. However, if a person wants to use Chanty services via our website or apps, processing of personal data is necessary for the proper delivery of the Services. The user signs up for a team space account on the Chanty website with the indication of personal data. The personal data we receive is determined by the form used during the signup process. By signing up on the Chanty website, the IP address, date and time (timestamp) of the registration are also stored.
The storage of this data is the only way to prevent the misuse of our Services, and, if necessary, to make it possible to investigate committed offenses. Moreover, the storage of this data is necessary to secure Chanty as a data controller. This data is not passed on to third parties unless there is a statutory obligation to pass on the data, or if the transfer serves the aim of criminal prosecution.
How do we use the information we collect?
We use the collected information to provide and improve the Services delivered by Chanty, Inc. Company. Examples of such use include:
- communicating with you regarding the use of our Services;
- enhancing and promoting the security, integrity and safety of the Services for you and other users;
- operating, maintaining and improving the systems and infrastructure that provide the Services to you;
- personalizing and customizing your experiences as part of our provision of the Services;
- letting you know about updates to our policies and terms;
- while responding to you when you contact us;
- communicating with you about our Services by sending you product updates and marketing newsletters;
- conducting data and system analytics, including research to improve the Services we provide.
What information do we collect and use from our newsletter subscribers?
On the Chanty websites, users have an opportunity to subscribe to our newsletter. Chanty informs its customers and business partners regularly by means of a newsletter about product updates and marketing insights. Chanty newsletter is sent to users if: the user has an existing email address and gives consent to subscribe to the newsletter.
During the subscription to the newsletter, we also store the IP address, date and time of the subscription. The collection of this data is necessary to understand the possible misuse of the email address of the user at a later date, and it serves as the legal protection of the Chanty, Inc. company.
The personal data collected as part of a subscription for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by email in case of modifications to the newsletter delivery, or during the change in technical circumstances. We do not transfer any personal data collected by the newsletter service to third parties.
Data retention, account deactivation and deletion.
We store data until it is no longer necessary to provide our Services or until your account is deleted – whichever comes first. This is a case-by-case determination that depends on the nature of the data, why it is collected and processed, and relevant legal or operational retention needs.
Safety and Security.
The information that we have is used to help us verify accounts and to promote safety and security on and off our Services: investigating suspicious activity or violations of our terms or policies. Protection of your team space data is a top priority for our teams of engineers, using automated systems and advanced technology such as encryption and machine learning. For example, we use automated technologies to detect suspicious activity, that may harm you, other users or our Services.
How is the information shared?
We may share the information we collect in the following circumstances:
- to third-party service providers who may assist in providing integration services or part of the Services;
- to third-party apps or services that you can connect to through the Services;
- in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Chanty, Inc’s assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by Chanty, Inc. about our users may be transferred to the new owner;
- to help verify accounts and activity, and to promote safety and security on and off our Services, such as by investigating suspicious activity or violations of our terms or policies;
- in response to a legal request if we have evidence that the law requires us to do so, affects users in that jurisdiction, and is consistent with internationally recognized standards;
- as otherwise directed or authorized by you.
Information we receive about you may be accessed, processed and retained for an extended period of time when it is the subject of a legal request or obligation, governmental investigation, or investigations concerning possible violations of our terms or policies. We may also retain information from accounts disabled for violations of our terms for at least a year to prevent repeat abuse or other violations of our terms and policies.
What is our legal basis for processing data?
We collect, process and share the data to:
- provide our Services;
- comply with our legal obligations;
- fulfill our legitimate interests, including our interests in providing, personalized, safe and profitable Service to our users and partners, unless those interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.
What are your rights under the General Data Protection Regulation?
Under the General Data Protection Regulation (GDPR), you have the right to access, rectify, export and erase your data, as well as the right to restrict and object to certain processing of your data including:
- withdraw consent to our processing of your data for direct marketing purposes by using the "Unsubscribe" link in all our marketing communications;
- object to our processing of your data as a part of our legitimate interests or those of a third party by requesting us to delete your account at any time.
How do you access and modify the information we hold about you?
Currently, while Chanty is at the early access stage, you can request us to modify or export the personal identifiable information in Chanty web or desktop apps or by contacting firstname.lastname@example.org. By the time of public release, we will deliver all the necessary tools for managing, accessing and exporting your data in your Chanty team space settings. Once your request is processed you will see the changes immediately in your team space on Chanty, but the data will be retained by Chanty in the backup copy for a commercially reasonable amount of time.
How do we secure the information we store?
Chanty, Inc. have implemented measures designed to secure your personal information from accidental loss, unauthorized access, use, alteration and disclosure. All information you provide to us is stored on secure servers behind firewalls.
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. Chanty network is quarterly tested on penetration to prevent any potentially vulnerable spots. We use audit policies, file system encryption for database files, data transfer encryption and password encryption on the application layer.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. File system and file storage are encrypted together with isolated storages for each team on Chanty.
In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. Any billing transactions will be encrypted, processed through a gateway provider and not stored or processed on our servers.
We implement a variety of security measures when a user places an order, enters, submits, or accesses their information to maintain the safety of your personal information. Your files and personal information are stored using a GDPR ready third-party provider AWS in a controlled environment with limited access.
High level of privacy is maintained by the access to your team space data by invitation only. While signing in to Chanty you can't guess that the team space exists or find out the team space creator. Sign in to Chanty is implemented with one-time codes, which are more secure and harder to exploit (unlike using a password for a sign in).
Our company also got extensive internal policies and perform regular data protection trainings for our team members. Moreover, our facilities are protected with alarm systems and all confidential documents are locked and appropriately destroyed if no longer needed.
However, safety and security of your information also depend on you. Where we have given you (or where you have chosen) one-time code or password for access to Chanty Services, you are responsible for keeping the code or password confidential. We ask you not to share your code or password with anyone. We urge you to be careful about giving out information in public areas of the Chanty apps. The information you share in public areas may be viewed by any user of the Chanty app.
Unfortunately, the transmission of information via the internet and mobile platforms is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the absolute security of your personal information transmitted through our Chanty apps. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures we provide.
Do we transfer data internationally?
The Services we provide to you together with using the service providers, you understand and agree that information may be stored or processed by us in different locations worldwide. For example, information collected from the European Economic Area (EEA) may be transferred to countries outside of the EEA for the purposes described in this Policy. We maintain standard contract clauses approved by the European Commission, and rely on the Commission decisions on certain countries, dealing with data transfer from the EEA to the United States and other countries. For most recipients of your personal data, this involves only your email address and profile details you provide. This information is vital for us to deliver the Services to you. We have audited our service providers and they have all publicly expressed that they are GDPR compliant.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
- users can visit our site anonymously;
How does our site handle Do Not Track signals?
We don't honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. We don't honor them because: DNT is active for guest users.
Does our site allow third-party behavioral tracking?
It's also important to note that we do not allow third-party behavioral tracking.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
- we will notify you via email within 7 business days;
- we also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- send information, respond to inquiries, and/or other requests or questions;
- process orders and to send information and updates pertaining to orders.
To be in accordance with CANSPAM, we agree to the following:
- not use false or misleading subjects or email addresses;
- identify the message as an advertisement in some reasonable way;
- include the physical address of our business or site headquarters;
- monitor third-party email marketing services for compliance, if one is used;
- honor opt-out/unsubscribe requests quickly;
- allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can email us at email@example.com and we will promptly remove you from ALL correspondence.
How will we notify you of changes to this Policy?