Privacy policy

Privacy Policy

This Privacy Policy is effective from 1st December 2022.

What you can find in this Privacy Policy

1. First things first

2. Who we are and where to contact us

3. Personal data we collect and why we need it

4. Other legal bases and purposes

5. Where we get your personal data from

6. How long we keep your personal data

7. Sharing and transfers

8. Your rights

9. Security

10. Changes

11. Children

12. Other privacy policies

First things first

This Privacy Policy transparently describes what you can expect Tchek to do with your personal data. We do not sell your personal data.If you do not agree with this Privacy Policy, please do not use our Service.

Who we are and where to contact us

You can find our identification and ways to contact us at contact@tchek.ai. Our Data Protection Officer at rgpd@tchek.aiwould also be happy to help with your privacy questions, concerns and would also welcome your feedback.In some cases we are the controller, meaning we decide what personal data to collect from you, how and why and are responsible for dealing with your requests to exercise your rights. Where our Customer is the controller, you can either contact them directly or if you cannot contact them directly, contact us and we can pass your query on to them.

Personal data we collect and why we need it

We only collect the minimum personal data necessary and we don’t use automated decision making or profiling techniques.The table below tells you:

1. What categories of personal data we collect and who it relates to

2. Who the controller is

3. What the legal basis is and the purpose we use it for

A list of all personal data we collect with description why we need it.

CATEGORY & WHO IT RELATES TO	CONTROLLER	LEGAL BASIS & PURPOSE
Lead profile data:name, email address and phone number(optional)	Customer	Contract with Customer: provision of the Services only (Service provision may include support, maintenance and protection of the Service in all cases)
Lead profile data in customer support queries	Tchek	Provision of the Services only
Most of this data is not personal data, but some may be in some circumstances.E.g.:- device data (e.g. hardware model, operating system version, unique device identifiers),- log data (e.g. your search queries, details about your connection such as IP address, date, time, edge-location, ssl-protocol, ssl-cipher or time-taken to serve you requested site, device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL)- location information (IP address)- unique application numbers- browser local storage and application data caches	Tchek	Contract and/ or legitimate interest of provision, tailoring and improvement of our Services
Customer user account data: name, email address, company	Tchek	Contract and/ or legitimate interest of provision, tailoring and improvement of our Services, development of new ones and marketingThis may include e.g. registration, account management, feedback, education, product news etc.
Cookies and other trackers:Essential, analytical and advertising cookies.For more information about cookies, please see our Cookie Policy.	Tchek	Contract, consent and/ or legitimate interest of provision, tailoring and improvement of our Services, development of new ones and marketing
Contact data of people reaching out to us:E.g. on our web forms, email, demo, contact us, newsletter, feedback etc.Usually name, email, company, phone number	Tchek	Consent and/ or contract with the person and/ or legitimate interest of provision, tailoring and improvement of our Services, development of new ones, sales and marketing
Partners contact data:e.g. events professionals.Usually name, email, company.	Tchek	Contract and/ or legitimate interests of cooperation to provide the best Service possible

Because of the nature of the Service we don’t expect any sensitive data or any other personal data in any other fields.We may anonymise and aggregate data so it wouldn’t be personal data and use or share such data for any other legitimate business purpose. We may share non-personal aggregated data publicly (e.g. to show trends about the usage of our Services).The personal data we collect could generally cover these categories under the California Consumer Privacy Act:

• Identifiers (e.g. real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers)

• Categories of personal data from s. 1798.80 (e) California Consumer Privacy Act (e.g. name, address, telephone number)

• Commercial information (e.g. information regarding products or services purchased, obtained, or considered)

• Electronic network activity information

Other legal bases and purposes

We might also use or share your personal data for other legal reasons and purposes if we have a good faith belief it is reasonably necessary e.g.

• to comply with any law that applies to us,

• to cooperate with public or government authorities or law enforcement,

• to enforce our contracts,

• to protect rights, privacy, safety or property - yours, ours or others’,

• to detect, prevent, or otherwise address fraud, security or technical issues,

• in connection with a sale or business transaction (e.g. in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets or stock including in connection with any bankruptcy or similar proceedings),

or with your consent.

Where we get your personal data from

Apart from technical data which we collect automatically, we get personal data from you as the data subject directly - it’s what you give us.We may also obtain data about you from our partners. When such information is associated with your Tchek account, we treat it as personal data.

How long we keep your personal data

How long we keep your personal data depends on the type of data and the purpose for which we use the data. We will keep your personal data only for the period necessary to fulfill the purposes unless the law tells us to keep it for longer.For Customer Data, this will generally be for the Term plus the period from the expiry of the Term until deletion of all Customer Data by Tchek in accordance with its back up policies.The Service also offers certain controls for the Users to automatically delete their data via the Service themselves.

Sharing and transfers

Who we share your data with depends on who you are:

• If you are a lead, who can see your content data depends on the Customer. event and their privacy settings - e.g. an event might be public. Your profile and content data can be accessed by the organiser’s company (our Customer) and relevant Tchek staff and service providers. Your technical data can be accessed by our staff and service providers.

• If you are a Customer, we can share your profile data with your company and relevant Tchek staff and service providers. We only share your technical data with our staff and service providers.

• If you are anyone else, we only share your data with our staff and service providers.

Tchek is based in France, EU, but some of our staff and service providers we rely on to provide the best Service to you work outside of France or the EU. This means your personal data may be transferred outside of the country where you live. Having said that, we will only transfer or share your personal data if there are sufficient controls in place to protect it (e.g., we may make the recipients promise they will protect your data in our contracts with them).Technology providers. Tchek use Amazon Web Services for the hosting of the Data. The Data may also be hosted on Tchek's own servers. In the event of the recruitment of other subsequent subcontractors, we will inform our clients in advance and in writing of any planned change, indicating the subcontracted processing activities, the identity and contact details of the subcontractor and the dates of the subcontract. We will also ensure that the subsequent processor presents the same guarantees as to the implementation of appropriate technical and organizational measures so that the Processing meets the requirements of the applicableregulations on the protection of personal data. You as a client have fifteen (15) days from the date of receipt of this information to present your objections.

Your rights

Depending on where you are, the law gives you some rights around your personal data. We believe you should have control over your data no matter where you live, so where we are the controller, we decided to give you all these rights below regardless of where you are. If our Customer is the controller, you should contact them directly or let us know whether we should pass your query on to them.

1. Right to information: Simply, we need to tell you how we use your personal data. We do this through this Privacy Policy and privacy notices when we collect your personal data and through answering any questions from you if anything is unclear.

2. Right to access (right to know): If you ask us for this, we will send you what specific pieces of data we collect about you in a secure way.

3. Right to rectification: If you ask us for this, we will correct any inaccurate, incomplete or out of date personal data.

4. Right to erasure (right to be forgotten): If you ask us for this, we will delete certain personal data, for example when it is no longer necessary for us to use the personal data for the purpose, or when you have withdrawn your consent. Customers have an option in the Service to delete delete their account (which deletes all data under that account including from our systems).

5. Right to restriction of processing: If you ask us for this, we will block or temporarily freeze your personal data use (usually while a dispute is resolved).

6. Right to portability: If you ask us for this, we will send you your personal data in a way you can use or share somewhere else.

7. Right to withdraw consent: Wherever it is optional to collect personal data about you, we transparently inform you about it and we ask for your consent. When you change your mind, there is always a convenient way to let us know.

8. Right to object: If you ask us for this, we will opt you out or unsubscribe you from the relevant use. This usually applies to analytical and advertising cookies, Switcher diagnostics and marketing. You can control your cookies in Privacy Settings and can opt out of analysis and advertising. You can unsubscribe from emails via the link at the bottom of the email.

9. Right to receive the Service on equal terms: We will never discriminate against you for exercising your rights.

10. Right to complain to a supervisory authority: If you have any concerns about how we handle your privacy, it is a feedback we want to hear so we can improve. Please do let our Data Protection Officer know at rgpd@tchek.ai. You also have a right to complain to your national supervisory data protection authority.

The fastest way to submit and get a rights request resolved is via the automatic controls you have in the Service. Please note that for your protection and the protection of your data we won’t be able to resolve your request unless we successfully verify it is you. This will usually be via asking you to log in where applicable or via an email reasonably associated with you. You can also authorise an agent to make a request on your behalf, but you will need to provide us with sufficient written authorization or a power of attorney, signed by you, for the agent to act on your behalf and will still need to verify your identity directly with us. If we can’t verify it is you, we can only respond with information contained in this Privacy Policy or can deny your request.Some of the rights above are not absolute meaning we might not be able to comply with them immediately or fully, for example if the law makes us keep some personal data (e.g. we won’t be able to delete all your personal data if the law makes us keep records of your request and our compliance), or to maintain backups for the protection of your personal data (e.g. your information will be in our backups for 28 days before it is deleted automatically and permanently.)

Security

To protect your personal data, we’ve put reasonable technical and organisational security measures in place. The Data is processed (and in particular stored) within the European Union. The Data can only be accessed by persons located in the European Union, the European Economic Area or a third country guaranteeing an adequate level of protection. Except in the event of the Customer's prior written authorization, Tchek (including its subcontractors) refrains from transferring the Data to third countries that do not guarantee an adequate level of protection or from making the Data accessiblefrom such a country.In case of any Data breach, we will inform our customer within a maximum period offorty-eight (48) hours after becoming aware of it. This notification is accompanied by any useful documentation to allow you, if necessary, to notify this violation to the competent supervisory authority.

Changes

As our business evolves, Tchek may change this policy from time to time to keep up to date with the changes to our Service and our business, and laws applicable to us and you. We will, however, always maintain our commitment to respect your privacy. If you continue to use the Services after those changes are in effect, you agree to the revised policy. If you disagree, you’ll have to stop using the Service and delete your data.

Children

We do not knowingly collect personal data of children where the law would require us to obtain the consent of their parents. If you would like to collect personal data from children through the Service where parental consent is required by law, you agree to get all the consents to do this legally.

Other privacy policies

We may sometimes include or offer third party products or services on our Websites or through the Service. These third parties will have their own privacy policies and it is up to you to follow these. We’re not responsible for these third parties. However, we do our best to protect our Websites and Services and welcome any feedback about these third parties.