- What Personal Information Do We Collect?
- Why Do We Use Your Personal Information?
- How Do We Share Your Personal Information?
- Which Security Measures Do We Take To Protect Your Personal Information?
- Which Rights and Choices Do You Have?
- Privacy Notice for European Economic Area Residents
- California Residents Privacy Notice
- Do Not Track Signal
- How Long Do We Retain Your Personal Information?
- Privacy of Children
- How Can You Contact Us?
2. What Personal Information Do We Collect?
We collect personal information within three main categories:
a) Information Provided by You:
We may collect the following personal information voluntarily provided by you in the course of your engagements with our Service, including but not limited to instances such as communication with us, participating in website chats, scheduling a demo of our Service, or procuring a subscription for the Service, such as:
- Name and surname;
- Financial Information (credit or debit card information) stored and processed by our third-party service providers as stated in Section 4 herein.
b) Information Collected through Third Parties:
As an integral aspect of our Service, we receive information pertaining to you from third-party sources, contingent upon the manner in which you opt to engage with us. For instance, when accessing your account through the sign-in feature, such as a login form facilitated by Google, information may be obtained through this process. By utilizing the sign-in functionality via your Google account, you grant authorization for us to collect, view, store, and utilize any information provided by Google, including but not limited to:
- Email (primary email account associated with your Google account);
- Profile picture;
- Language preferences;
- Other personal information linked to your Google account, if applicable;
- Any personal information publicly accessible through your Google account.
c) Information Collected for Service Provision:
To provide you with the Service, Shared Contacts Manager also collects and stores the following data about you:
- Groups on your domain, including names, members, and metadata (e.g., login details);
- Profile information about your domain users, such as names, emails, addresses, phone numbers, metadata (user’s role, manager info, last login time);
- Google Contacts, including but not limited to names, phone numbers, addresses, and other information about individuals in your Google Contacts;
- Email addresses associated with your Google Account connected to the Service (collectively referred to as “Contact Data”).
We do not access email messages or documents from your Google accounts. The retrieval of contacts is solely for synchronization purposes, and they are promptly hashed upon retrieval. Shared Contacts Manager employs a proprietary technology enabling contact synchronization through hash comparisons, facilitating the detection of changes without any exposure of your data in unencrypted form on our systems.
You bear the sole responsibility for maintaining the accuracy and timeliness of the personal data we retain about you, ensuring compliance with privacy laws. It is incumbent upon you to promptly inform and update us regarding any changes to your personal information.
d) Information Collected Automatically
Upon accessing our Website or engaging with our Services, we deploy cookies and similar tracking mechanisms to aggregate information about your utilization of those Services, as well as your online or electronic network activities. The categories of information we may collect when you utilize our Services include:
- Device Information: Details regarding your device, such as the type, operating system, version, model, manufacturer, screen specifications, and device memory usage.
- Technical and Log Information: Information about your mobile carrier, network provider, network type, IP address, timestamp, and duration of sessions.
- Location Information: Data concerning your IP address, the country code/region/state/city linked to your device, language preferences, and time zone.
- Usage Information: We monitor user interactions with the Services, encompassing computer configurations and performance metrics associated with Service usage. For instance, we may compile information about your usage patterns, including the pages you accessed or interacted with, and specifics about any links or communications you engaged with.
3. Why Do We Use Your Personal Information?
Shared Contacts Manager is involved in the collection and processing of your personal information for the following purposes:
3.1. Provision of the Services: Shared Contacts Manager endeavors to furnish you with timely and high-quality Services. To achieve this, we utilize your personal information to:
- Ensure the availability of the requested Services.
- Facilitate access to and management of your Google account within the Services.
- Address your queries, requests, questions, or complaints related to the use of the Services.
- Identify and mitigate technical disruptions or outages during your utilization of the Services.
- Dispatch notifications concerning Service updates or changes.
3.2. Engagement of Third-Party Service Providers: Shared Contacts Manager collaborates with external service providers to fulfill specific tasks on our behalf. This entails leveraging service providers to execute the following functions:
- Processing payments for subscription purchases on the Website.
- Sending transactional emails within the Service.
- Facilitating the booking of a demo for the Service.
- Managing communication with you through an integrated chatbot manager on our Website.
- Conducting analytics to measure metrics such as total number of visitors and traffic of our Website and understanding which parts of the Services and pages of the Website are most popular;
- Recognizing the browsers used to visit our Website, ensuring that the content is adapted for the relevant browser;
- Storing your personal information within cloud computing services.
3.4. Technical Maintenance of the Services: Shared Contacts Manager is dedicated to ensuring the proper and error-free operation of the Website and Services. Given the inherent nature of the Internet, where uninterrupted service cannot be guaranteed at all times, we may need to utilize some of your personal information for the following purposes:
- Maintaining the operational integrity of the system.
- Recovering access to the Services.
- Addressing bugs or errors in the Services’ operation.
- Conducting necessary maintenance activities to sustain the effective functioning of the Services.
- Resolving disputes and troubleshooting issues encountered during the use of Services or access to the Website.
3.5. Security and Fraud Prevention: Shared Contacts Manager may employ your personal information to safeguard the security and integrity of the Services. This includes the detection and prevention of fraudulent activities associated with the Services, as well as addressing instances of unauthorized access or illegal attempts to access any part of the Website and/or a user’s account linked to the Services.
3.6. Compliance with legal obligation: Shared Contacts Manager may be required to respond to legal claims and other requests from legal authorities in accordance with applicable law. In the event that we are obligated to disclose any personal information about you to authorized legal authorities, we reserve the right to do so, even without obtaining your explicit consent.
4. How Do We Share Your Personal Information?
We are fully committed to maintaining your trust, and it is our priority to ensure that you possess a comprehensive understanding of when and under what circumstances we may share the personal information we collect in adherence to legal requirements. The disclosure of your personal information may occur through the following means:
- Our Trusted Third-Party Service Providers: Your personal information might be disclosed to third parties that render specific services on our behalf. These third-party service providers are explicitly prohibited from utilizing your personal information for any purposes unrelated to the services they furnish to us. Instances of when we may share your personal information with service providers include engagement with the following vendors:
- Paddle.com – for payment processing.
- Stripe – for payment processing.
- MailerSend – for sending transactional emails.
- CalendLy – for booking a demo of the Service.
- HelpCrunch – for managing a chatbot integrated into the Website.
- Google Analytics – for analytics measurement and understanding of how our users engage with our Services.
- Google Cloud – for data storage within a cloud hosting service provider.
- Third-Party Retargeting Providers: For the purposes of re-marketing, as explained in Section 3 above, we might provide certain personal information to third-party websites and platforms.
- Our Agents and Consultants: Your personal information may be disclosed to our consultants and agents who support us in various aspects of our business operations, including web development, security, and technical maintenance providers. We take precautions to ensure that these individuals and entities implement privacy controls to protect the integrity and security of your personal information in accordance with our instructions and applicable laws.
- Reorganization or Restructuring: In the event of a merger, asset sale, liquidation, bankruptcy, or acquisition of our business by a third-party entity, your personal information may be disclosed to the relevant entity and its advisors, both before and after the transaction date.
- Legal Compliance: We may disclose your personal information without your consent in accordance with applicable laws or in response to a subpoena, court order, or other legal process. Additionally, we reserve the right to share your personal information to protect the rights, property, and safety of the Company and our users and to prevent any fraudulent or illegal activities. Regulatory agencies may also request the necessary information to combat fraud and ensure the protection of our interests.
Cookies are small data fragments stored on your web browser or device, capturing details such as preferences settings and facilitating Website logins. This enhances your online experience by providing a consistent and relevant user interface. Cookies play a crucial role in tracking user engagement with our Services, including experiments and enhancements to assess their effectiveness. Cookies may be set by us, our employed service providers, or independent third parties like advertisers.
The cookies on our Website are categorized as follows:
- Necessary: Essential for the basic functioning of the Website, enabling features like page navigation and access to secure areas.
- Functionality: Allows the Website to remember user preferences and choices, including login details, geo-location, and language preferences.
- Preferences: Enables the Website to remember information, modifying its behavior or appearance based on user preferences, such as language or region.
- Marketing: Used to track user activity across devices and marketing channels, displaying personalized and engaging advertisements for relevance.
To provide control over cookie usage, we offer a Cookie Consent Tool. This tool lets you customize and adjust your preferences by clicking on the “Cookie Consent” link at the bottom of each page on our Website. Limiting cookie usage may impact your user experience, hindering personalization features and preventing the ability to save customized settings.
Additionally, you can modify cookie settings through your browser preferences, as most browsers allow managing preferences and opting out. Refer to your browser’s settings or help documentation for guidance. For more information on cookies and how to disable them, visit http://www.allaboutcookies.org.
6. Which Security Measures Do We Take To Protect Your Personal Information?
Shared Contacts Manager is dedicated to ensuring the security of your personal information. We employ commercially reasonable measures and adhere to generally accepted standards to protect the information you provide, both during transmission and upon receipt. However, it is important to note that no method of transmission over the Internet or electronic storage is entirely secure, and as such, we cannot guarantee the absolute security of your personal information.
To safeguard personal information from unauthorized access, alteration, disclosure, or destruction, we implement a variety of administrative, organizational, and technical measures, including, but not limited to:
- Data Encryption: Implementation of data encryption through secure socket layer technology (SSL) during the transmission of your personal information.
- Email Hashing Algorithm: Utilization of an email hashing algorithm to secure the identification of users’ individual email addresses and protect their personal information.
- Certified Data Cloud Server: Deployment of a certified data cloud server accredited for security compliance with ISO/IEC 27001, ensuring a high level of protection for stored information.
- Access Limitation: Restriction of access to personal information of users solely to employees, contractors, and agents who require it for processing and providing Services to you. Those with access are bound by stringent contractual confidentiality obligations and may face disciplinary action or termination for non-compliance.
- Regular Evaluation: Regular assessment of personal data collection, storage, and processing procedures and practices, including physical security safeguards, to prevent unauthorized access to our systems.
7. Which Rights and Choices Do You Have?
We offer all users choices to oversee the privacy of their personal information:
- Google Contacts Management:
Users have the ability to edit, download, and permanently delete their Google Contacts, encompassing names, phone numbers, addresses, and other personal details about individuals within their Google Contacts, all managed within their respective accounts.
- Google Account Email Addresses:
Users can download all their Google Account email addresses, including all email addresses associated with their Google Account.
- Subscription Control:
Users retain control over their subscription, with options to upgrade, downgrade, or cancel it at any time.
- Access, Correction, or Deletion Requests:
Users may request access, correction, or deletion of their personal information, provided there is no ongoing business necessity for retention. Such requests may include obtaining a copy of personal information or deleting it from their accounts. However, certain aspects may be retained for legal or regulatory compliance, transaction record-keeping, legal claims establishment, and protection against fraudulent or abusive activity on the Platform. Data retained for these purposes will be managed as outlined in the “How Long Do We Retain Your Personal Information?” Section herein.
- Consent Withdrawal:
Users can withdraw their consent at any time concerning the collection, use, and disclosure of their personal information. Withdrawal does not impact the lawfulness of processing conducted prior to withdrawal, nor does it affect processing based on lawful grounds other than consent.
8. Privacy Notice for European Economic Area Residents
This Section is exclusively applicable to residents of the European Economic Area (EEA).
We handle your personal information in strict compliance with relevant legislation, including the General Data Protection Regulation 2016/679 (“GDPR”) and the Data Protection Act 2018 (“UK GDPR”). In accordance with the GDPR and UK GDPR, we adhere to one of the “legal bases” for each purpose for the collection and processing of your personal information.
- You have explicitly provided consent for such collection and processing.
- It is imperative for the performance of a contract with you, specifically to provide you with the requested Services.
- The processing is essential for the purposes of our legitimate interests, such as ensuring the proper operation of the business, responding to your inquiries, monitoring the performance metrics of the Services, tracking and detecting illegal activities on the Website, etc.
- The processing is necessary for compliance with a legal obligation to which we are subject, as per applicable laws.
|Types of personal information
|Provide the Services for you
Personal information linked to your Google accountContact Data linked to your Google account
|To perform a contract between you and us
|Fulfill and manage Subscription purchase
|To perform a contract between you and us
|To perform a contract between you and us
|Communicate with you
|With your explicit consent
|Measure interest in and improve our Services
Technical and Log Information
|For our legitimate business purposes (provision and improvement of the Services)
|Provide the information requested by you and respond to your communications, comments, and questions
|For our legitimate business purposes (provision of customer support regarding our Services)
|Resolve troubleshooting problems arising during the Services functioning or Website operation
Technical and Log Information
|For our legitimate business purposes (provision of technical support regarding our Services)
|Prevent potentially prohibited or unlawful activities
Technical and Log Information
|For our legitimate business purposes and for compliance with legal obligations to which we are subject
|Respond to legal requests of authorized government bodies
Other personal information in our possession, if any, as requested by the legal authority
|For compliance with a legal obligation to which we are subject
|Present interest-based advertisements on third-party websites
Technical and Log Information
|With your explicit consent
In the event of storing or transferring your personal information outside the European Economic Area (EEA), we adhere to stringent measures to ensure the secure protection of your personal data. Whenever such transfers occur, we do so in accordance with applicable laws, ensuring an adequate level of protection by implementing appropriate safeguards. These transfers of personal information take place either to:
- Countries recognized by the European Commission as providing an adequate level of protection.
- Countries that may not offer sufficient protection but have their transfers governed by the standard contractual clauses of the European Commission or other suitable cross-border transfer solutions designed to ensure adequate protection.
As a resident of the EEA, you are endowed with specific rights regarding the personal information we hold about you:
- Right to Access: You have the right to request access to your personal information. You are entitled to receive a copy of the personal information we hold about you. If applicable, you may also receive a machine-readable copy of your personal information.
- Right to Rectification: You can request the correction of your personal information if found to be inaccurate.
- Right to Erasure (Right to be Forgotten): You may request the deletion of your personal information if:
- Your personal information is no longer necessary for the purposes for which we collected or processed it.
- You withdraw your consent (if processing is based on consent and no other legal ground exists).
- You object to the processing of your personal information, and we do not have an overriding legitimate interest for processing.
- Your personal information is unlawfully processed.
- Your personal information must be erased to comply with a legal obligation.
- Right to Object: You have the right to object to the processing of your personal information. We will honor your request unless we have compelling overriding legitimate reasons for processing or if we need to continue processing your personal information for legal claims.
- Right to Restriction of Processing: You can request the restriction of personal information processing if:
- The accuracy of your personal information is disputed, and we need time to verify its accuracy.
- Processing is unlawful, and you oppose the deletion of your personal information and request restriction.
- We no longer need your personal information for processing purposes, but you request us to retain it for the purpose of establishing, exercising, or defending legal claims.
- You have objected to the processing, and we need to verify overriding legitimate grounds.
- Right to Withdraw Consent: You have the right to withdraw your previously provided consent for the use of your personal information at any time.
To exercise any of these rights, please contact us at:
Attention: Privacy Officer
Mailing address: Epicenter, Mäster Samuelsgatan 36, 111 57 Stockholm, Sweden
9. California Residents Privacy Notice
This section is exclusively applicable to California residents. In accordance with the California Online Privacy Protection Act (known as “CalOPPA”), we provide a summary of certain rights regarding your personal information as a resident of California under CalOPPA. These rights include:
- Right to Correct: You have the right to request correction of inaccurate personal information collected from you.
- Right to Delete: You have the right to request the deletion of any personal information collected from you (e.g. if it is no longer necessary to provide Services to you).
If you wish to exercise any of these rights, please contact us using the details provided in the “How Can You Contact Us?” section below. To verify your identity, we may ask you to confirm the personal information we have on file for you. If unable to verify your identity, we may request additional information solely for the purposes of identity verification, security, and fraud prevention.
10. Do Not Track Signals
Certain browser configurations facilitate the automatic transmission of a “Do Not Track” signal to online services visited by users. Nevertheless, industry-wide consensus regarding the appropriate response or actions that website and application operators should take in reaction to these signals is lacking. In the absence of an applicable legal mandate, we typically refrain from taking specific actions or providing responses in relation to “Do Not Track” signals. For further information on “Do Not Track,” please consult http://www.allaboutdnt.com.
11. How Long Do We Retain Your Personal Information?
We commit to retaining and utilizing your personal information for the necessary duration to fulfill contractual obligations, comply with legal mandates, or address disputes unless applicable law mandates or permits a longer retention period.
Upon account cancellation, all personal information undergoes removal within 3 months from the cancellation date. Shared Contacts Manager retains this information in its system database for potential restoration purposes for a 3-month period. Subsequent to this duration, your data is permanently expunged from our system.
However, should you wish to expedite the permanent deletion of your personal information before this timeframe, you may submit a written email request for such deletion to email email@example.com.
12. Privacy of Children
Our Services are explicitly designed for and intended for use exclusively by individuals aged 18 years or older. We do not target children as our audience, and we do not knowingly collect any personal information from individuals under the age of 16.
14. How Can You Contact Us?
Date of Publication: 21 November, 2023