Evetly

Last updated: April 20, 2023

Your data privacy, which belongs to you and not us, is of significant importance to us. In this policy, we outline the data we collect and the reasons behind it, detail how your data is managed, and elucidate your rights regarding your data. We assure you that we never engage in the sale of your data—this has never happened and never will.

This policy pertains to how we manage information concerning visitors to our site, potential customers, customers, and authorized users (in relation to their use of services and management of their interaction with deliverists.io). Throughout this policy, we collectively refer to these groups of individuals as "you."

However, this policy does not encompass information about a customer's end users that deliverists.io receives from a customer, or processes on behalf of a customer, in connection with the services provided by deliverists.io to the customer as outlined in a relevant services agreement (including the content of messages from customer end users, referred to as "End User Communications"). deliverists.io processes End User Communications under the guidance of the respective customer, which serves as the "data controller" or "business" (or holds a similar role as defined in relevant privacy laws), as detailed in the applicable services agreement between said customer and deliverists.io. The obligations of deliverists.io as a "data processor" or "service provider" concerning such information are stipulated in the aforementioned services agreement and applicable data protection addendum, and are not included in this policy.

If you are an end user of a customer and have inquiries regarding the collection and processing of your information through the services, please reach out to the organization that has shared your information with us for further details.

Information We Gather and the Reasons Behind It

Our fundamental approach involves acquiring only the necessary data. Here's how we put this into action:

Identification and Account Access

Upon registering for a deliverists.io product, we request specific identifying details such as your name, email address, and potentially your company's name. This facilitates personalization of your new account and enables us to forward product updates and crucial communications your way. Occasionally, we might also ask you to participate in optional surveys to gain insights into your product usage patterns, aiding us in making enhancements. Should you grant permission, we will include you in our newsletter recipients and provide other relevant updates. On occasion, we may offer you the choice to upload a profile picture to be displayed within our products.

We are committed to never vending your personal data to external parties, and we shall refrain from using your name or company for promotional purposes unless we have obtained your explicit consent.

Payment Details

If you choose to subscribe to a paid deliverists.io product, you will be requested to provide your payment particulars and billing location. Your credit card details will be directly submitted to our payment processor and will not be stored on deliverists.io servers. We maintain a record of the payment process, which includes the final four digits of the credit card number. This record is used for account history, invoicing, and customer support related to billing. Additionally, we retain your billing address in order to facilitate service charges, compute applicable sales taxes, issue invoices, and identify potentially fraudulent credit card transactions. On occasion, we utilize aggregated billing information to inform our marketing strategies.

Interactions with the Product

We retain the content you upload, receive, or store in your deliverists.io product accounts on our servers. This is essential to ensure the proper functionality of our products. For instance, it allows you to create events in Evetly. This content remains stored as long as your account remains active. In the event that you choose to close your account, the associated content will be permanently deleted within 60 days.

Basic Geolocation Information

In the majority of our products, we record the complete IP address utilized during the registration of a product account. This information is maintained to counteract potential spam-related signups in the future. Additionally, we log the IP address associated with each instance of account access as part of our security and fraud prevention measures. This login data is retained for the duration of your product account's activity.

Interactions on the Website

We gather data pertaining to your browsing behavior for the purposes of analytics and statistical analysis. This data serves functions like conversion rate testing and the exploration of new product designs. Examples of the data collected include your browser and operating system versions, your IP address, the specific web pages you accessed along with their loading times, and the originating website that directed you to our platform. If you possess an active account and are logged in, these web analytics details are linked to your IP address and user account until your account becomes inactive. For a more comprehensive understanding of the web analytics we employ, please refer to the Advertising and Cookies segment.

Preventing Automated Bot Activities

We incorporate CAPTCHA measures throughout our applications to counteract brute force login attempts and to act as a deterrent against spam-related activities. We hold a genuine interest in safeguarding our applications and the broader online community from threats like credential stuffing attacks and spam. During the process of logging into your deliverists.io accounts and while completing specific forms within HEY, the CAPTCHA service assesses various factors (such as IP address, duration of app usage, and mouse interactions) to discern whether the activity stems from an automated program or a human user. Following this evaluation, the CAPTCHA service supplies deliverists.io with spam score outcomes; we do not have access to the specifics of the evaluation itself.

Advertising Strategies and Cookie Usage

deliverists.io employs contextual advertisements on various third-party platforms like Google, Reddit, and LinkedIn. Individuals clicking on these ads will be directed to the Evetly marketing site. In accordance with legal provisions, we may load a script from an advertising company onto their browsers, initiating the placement of a third-party cookie. This cookie transmits data to the advertising network, facilitating the assessment of our ad campaign's effectiveness. This includes details like the clicked ad, the triggering keyword, and user actions such as button clicks or form submissions.

Additionally, we utilize persistent first-party cookies and select third-party cookies. These cookies serve to store specific preferences, enhance user experience within our applications, conduct A/B testing, and support certain analytics endeavors.

A cookie consists of text stored by your browser and can aid in retaining login information and site preferences. It may also gather data such as your browser type, operating system, visited web pages, session duration, viewed content, and other clickstream information. While you have the ability to adjust cookie retention settings and accept or block individual cookies via your browser configurations, it's important to note that disabling cookies may result in impaired functionality of our applications and other aspects of our service.

Voluntary Communication

If you send an email to deliverists.io to seek assistance or ask questions, we retain such correspondence, along with your email address. This enables us to maintain a record of previous interactions, which can be referenced should you reach out again in the future.

We also safeguard information that you willingly provide, including written responses submitted through surveys. In cases where you agree to participate in a customer interview, we might seek your explicit permission to record the conversation for potential future use or reference. Such recording will only occur with your unequivocal consent.

Our Approach to Mobile App Permissions

We provide the option to use desktop and mobile applications for certain products. Due to the inherent design of these platforms, our applications typically need your consent before accessing features such as contacts, calendar, camera, and other privacy-sensitive functionalities of your device. Granting consent is always at your discretion, and our applications will remain operational even if you choose not to provide it. However, it's important to note that some features might not be accessible without your consent. There are a few exceptions, as outlined below:

When using our iOS apps, you will be prompted for permission to enable push notifications upon initial sign-in.
Android apps do not require permission to send push notifications.

Instances of Information Access and Disclosure

For providing requested products or services: In order to offer our Services, we collaborate with certain third-party subprocessors to assist in the management of our applications and the delivery of services to you like stripe (payment provider), ovh (hosting provider). Additionally, third-party processors are engaged for other business operations such as handling newsletter subscriptions, conducting customer surveys, and maintaining our company storefront.

We may divulge your information based on your instructions when integrating a third-party service into your usage of our products.

No individual from deliverists.io examines your content unless you explicitly authorize it, and this is carried out under specific circumstances. For instance, if an automated process encounters an error necessitating manual intervention, we may seek your consent to assess your content for resolution. Such occurrences are infrequent, and our emphasis is on identifying underlying causes to prevent their recurrence. There might also be instances where we access your data to respond to legal requirements (detailed in "When required under applicable law" below).

To opt out of ads: In adherence to pertinent regulations, and if you have a Evetly account, we may share a one-way hash of your email address with advertising firms. This measure is taken to exclude you from encountering our advertisements.

For aiding in troubleshooting or addressing software bugs, with your consent: Should the necessity arise to access your content in order to assist with support-related matters or rectify software glitches, we will always obtain your explicit approval before proceeding.

To investigate, prevent, or take action against abuse: Accessing a customer's account during the investigation of potential misuse is an option explored only as a last resort. We are committed to safeguarding the privacy and security of both our users and individuals reporting issues to us. Throughout this process, we strive to maintain a balance between these responsibilities. If we ascertain that our products are being utilized for unauthorized purposes, we will take appropriate measures, including notifying relevant authorities when warranted.

Aggregated and de-identified data: We may aggregate and/or de-identify information collected through our services. The use of de-identified or aggregated data may serve various purposes, including marketing and analytics.

When obligated under relevant laws. deliverists.io is an EU-based company, and all data infrastructure is situated within the EU.

Requests for user data. Our policy is to refrain from complying with government requests for user data unless we are compelled to do so by legal proceedings or in exceptional cases involving emergency requests. However, in situations where EU law enforcement agencies possess a valid warrant, criminal subpoena, or court order mandating the disclosure of data, we are obliged to comply. Similarly, we will only entertain requests from governmental bodies outside the EU if they are made in accordance with the procedures specified in a mutual legal assistance treaty or agreement, following the EU government's directives. We adhere to a practice of informing affected users prior to any data disclosure, unless legal constraints prevent us from doing so, with the exception of certain emergency scenarios.
Preservation requests. In a parallel vein, our approach is to adhere to requests for data preservation solely if required by the EU. We do not unveil preserved data unless mandated by law or under the compulsion of a court order that we choose not to contest. Moreover, unless a proper warrant, court order, or subpoena is received before the designated preservation period concludes, any copies of customer data kept for preservation will be permanently deleted at the culmination of the preservation term.
In the event of an audit conducted by a tax authority, there might arise an obligation to disclose information related to billing. If such circumstances arise, we will share only the essential details required, such as billing addresses and tax exemption information.

Lastly, if deliverists.io undergoes an acquisition or merges with another company — although such a scenario is not currently in our plans — we want to assure you that we will provide substantial advance notice before any of your personal information is transferred or subjected to a different privacy policy.

Your Entitlements Regarding Your Information

At deliverists.io, we are dedicated to providing uniform data rights to all customers, irrespective of their location. A selection of these rights encompasses:

Right to Know: You possess the right to be informed about the collection, usage, sharing, and potential sale of your personal information. We delineate both the categories and specific elements of data we collect, along with their utilization, within this privacy policy.
Right of Access: This encompasses your entitlement to access the personal information we gather about you, as well as your right to procure details about the sharing, storage, security, and processing of that information.
Right to Rectification: You maintain the right to request the correction of your personal information.
Right to Erasure / "Right to Be Forgotten": This is your prerogative to request, subject to certain constraints under applicable law, the removal of your personal information from our possession and, consequently, from all our service providers. It's important to note that fulfilling some data deletion requests might render certain deliverists.io services inaccessible, as the functionality of our applications could be compromised. In such instances, a data deletion request might lead to the closure of your account.
Right to Lodge a Complaint: You possess the right to register a complaint regarding our handling of your personal information with the relevant supervisory authority.
Right to Restrict Processing: This allows you to request limitations on how and why your personal information is utilized or processed, including opting out of the sale of your personal data. (Once again: we have never engaged in and will never partake in the sale of your personal data.)
Right to Object: In certain situations, you have the right to object to the manner or rationale behind the processing of your personal information.
Right to Avoid Automated Decision-Making: This empowers you to object to and prevent decisions that could have significant legal or similar consequences for you, if these determinations are solely based on automated procedures. However, this right is subject to limitations if such decisions are essential for executing a contract between you and us, are sanctioned by applicable law, or stem from your explicit consent.
Right to Non-Discrimination: We do not and will not subject you to varied charges for using our products, offer you distinct discounts, or provide you with a lower level of customer service due to your exercise of data privacy rights. Nonetheless, the exercise of specific rights may, due to the nature of these actions, preclude you from utilizing our Services.

Many of these rights can be exercised by signing in and updating your account information. It's important to be aware that certain information might be exempt from such requests under relevant legislation. For instance, we are required to retain specific information to effectively provide our services to you.

In certain scenarios, it's necessary for us to undertake reasonable measures to verify your identity prior to addressing a request. This verification process may involve confirming your name and email address, depending on the sensitivity of the information you're seeking and the type of request you're making. If we encounter difficulties in verifying your identity, it might hinder our ability to respond to your requests. Should you have inquiries about exercising these rights or require assistance, please reach out to us at privacy@deliverists.io or contact deliverists.io Sp. z o.o., Polska 15, Poznan, Poland. If an authorized agent is communicating on your behalf, we will necessitate written consent bearing the account holder's signature before proceeding.

Depending on applicable law, you might possess the right to challenge our decision to deny your request, where applicable. Details on how to exercise this right will be provided in our response in the event of a denial. Furthermore, you have the right to lodge a complaint with a supervisory authority. If you are located in the EU or UK, you can get in touch with your data protection authority to file a complaint or obtain further insights into local privacy regulations.

Ensuring the Security of Your Data

All data is subjected to encryption using SSL/TLS during transmission from our servers to your web browser. The encryption also extends to our database backups. Furthermore, we implement robust measures to secure your data while it is at rest.

Impact of Deleting Content in Your Product Accounts

Within many of our applications, we grant you the option to move content to the trash. Any items that you place in the trash within your active product accounts will be retained in an accessible trash repository for approximately 25 days (the exact duration may slightly vary based on the product). Subsequent to this timeframe, access to the trashed content via the application ceases, and our ability to recover it for you becomes restricted. The trashed content might continue to exist on our operational servers for an additional 30 days, while duplicates of this content might be retained within backups of our application databases for an additional 30 days after that. As a result, any content that you place in the trash within your product accounts should be completely removed from all our systems and logs within a span of 90 days.

If you elect to deactivate your account, the content you possess will promptly become inaccessible. Complete eradication of this content from our systems should occur within 60 days. This procedure pertains to instances in which an account owner initiates the cancellation process, as well as in cases of automatically canceled accounts.

Duration of Data Retention

We uphold your information for the duration required to fulfill the objectives for which it was initially processed. The timeframe for which we retain data hinges on the motives behind its collection and utilization, as well as your preferences. Once this time period concludes, we may proceed with the deletion and/or aggregation of the data. Furthermore, we might continue to store and employ this information as necessitated by our legal commitments, to settle disputes, and to enforce our contractual agreements. In this policy, we have delineated precise retention durations for specific types of information.

Site and Data Location

We manage our products and additional web assets within the European Union. In the event that you are situated outside of the European Union, please take note that any information you furnish to us will be transmitted to and maintained within the European Union. By engaging with our websites or Services and/or furnishing us with your personal data, you express your consent to this data transfer.

Inquiries

If you possess inquiries, comments, or concerns regarding this privacy policy, your data, or your entitlements regarding your information, don't hesitate to reach out to us via email at privacy@deliverists.io. We will gladly make efforts to address any queries you may have!