Collecting your personal data. We collect your personal data in the following ways:
We mainly process your personal data for the purpose of concluding and performing the Contract with the Client. This includes providing customer support and contacting you otherwise as regards the Platform and the Services. For the foregoing, we process the following personal data:
If you’re the Client, the legal basis for processing your personal data is the performance of the Contract or taking steps at your request prior to entering into the Contract. If you’re the representative of the Client or a User, the legal basis for processing your personal data is our legitimate interests to enable the use of or the legitimate interests of the Client to use the Spreadcell Platform and Services as requested by the Client.
If you’re a lead (trial or demo Client, a marketing lead or their representative), we process your personal data for the purposes of marketing the Spreadcell Platform and Services and getting your company to sign the Contract with us. For the foregoing, we may process the following personal data: [name, work email address, work phone number, Client’s company, position within the Client’s company, communications data, data related to the use of the Spreadcell Platform and the Services]. The legal basis for processing your personal data is our legitimate interest to market the Spreadcell Platform and Services
Additionally, we may also process your personal data to safeguard our rights (establishing, exercising and defending legal claims). The legal basis for the latter is our legitimate interest to do so.
We may also process your personal data on the basis of your consent (e.g. for direct marketing purposes). When processing is based on consent, you can withdraw consent at any time by contacting us on the contact details below or by clicking on the ‘unsubscribe’ link at the end of each email. Please note that withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.
We use carefully selected service providers (data processors) in processing your personal data. In doing so, we remain fully responsible for your personal data.
We use the following categories of data processors: data collection, management and storage providers, email service providers, messaging service providers, pop-up service providers, customer relationship management and feedback service providers, direct marketing service providers, payment service providers, accountants, and legal and other advisors.
Should you require more detailed information as regards the data processors we use (e.g. their names and location) please contact us on the contact details below.
We only share your personal data with third parties if stipulated herein, if required under the applicable law (e.g. when we are obligated to share personal data with the authorities) or under your consent.
If you’re the User or the Client’s representative, then we share your personal data with the Client as it is necessary to fulfill our obligations under the Contract with the Client. The legal basis for such sharing is our legitimate interest to enable the use of or the legitimate interests of the Client to use the Spreadcell Platform and Services as requested by the Client. We may also share your personal data with our auditors. The legal basis for such sharing is our legal obligation to do so.
If you are located in the EU, then please note that we or our data processors transfer (including store) your personal data outside the EU, e.g. the US.
However, we only transfer and store your personal data outside the EU where we have a lawful basis to do so, including to a recipient who is: (i) in a country which provides an adequate level of protection for personal data (in the US if the recipient company is certified under the Privacy Shield); or (ii) under an instrument which covers the EU requirements for the transfer of personal data outside the EU.
Should you require more detailed information as regards transferring your personal data outside the EU (e.g. the names of the recipients and the exact legal basis for any such transfer), please contact us on the contact details below.
We take appropriate technical and organizational security measures in protecting your personal data, taking into account (i) the state of the art, (ii) costs of implementation, (iii) nature, scope context and purposes of the processing, and (iv) risks posed to you. Such security measures include, but are not limited to, encrypted storage and access controls. See our Security Overview.
We retain your personal data for as long as necessary for the purposes they were collected for, as long as necessary to safeguard our rights, or as long as required by the applicable law. Please note that if the same personal data is processed for several purposes, the personal data will be retained for the longest retention period applicable.
If you’re a paying Client, the representative thereof or a User thereof, we retain your personal data as follows:
To the extent required by applicable data protection regulations, you have all the rights of a data subject as regards your personal data. Such rights include the following:
Should you believe that your rights have been violated, you have the right to lodge a complaint with the data protection authority or the court. In order to exercise your rights, please contact us at the contact details below. Please note that you can exercise some rights (e.g. review and update your personal data) already by logging into the Spreadcell Platform.
As we are a company registered in the Republic of Estonia, the processing of your personal data shall be governed by the laws of the Republic of Estonia.
In case you have any question regarding the processing of your personal data by us or you would like to exercise your rights as a data subject, please contact us by email firstname.lastname@example.org.