Policy for the Protection and Processing of Personal Data for Users

Policy for the Protection and Processing of Personal Data for Users

Feedback4e Privacy Policy

This Privacy Policy outlines how we collect, store and process personal data when you visit our web site https://www.feedback4e.com (“Website”) or use our Feedback4e HR Platform for Employee Engagement and Performance at Work (“Platform”) as a customer (“Customer” or “You”), by subscribing to our Platform. This Privacy Policy can be amended from time to time in order to comply with legal obligations or to add new
services or features to our Platform. Please check this Policy on a regular Collection and Usage of Information
For visitors from European Economic Area (“E.E.A.”): In compliance with the General Data Protection Regulation (“GDPR”), weprocess personal data only when one of the following applies:

Collection and Usage of Information

For visitors from European Economic Area (“E.E.A.”): In compliance with the General Data Protection Regulation (“GDPR”), we process personal data only when one of the following applies:

a.You have given your consent to the processing of yourpersonal data for one or more specific purposes – Art. 6.1.a;

b. Processing is necessary for the performance of our Terms of Use Agreement to which you are party or in order to take steps at your request prior to entering into an agreement – Art. 6.1.b;

c. Processing is necessary for compliance with a legal obligation to which we are subject – Art. 6.1.c;

d. Processing is necessary in order to protect the vital interests of the data subject or of another natural person – Art. 6.1.d;

e. Processing is necessary for the performance of a task carried out in the public interest – Art. 6.1.e;

f. Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data – Art. 6.1.f.

When you visit our Website:

a. We may collect with cookies anonymous information regarding your browser and operating system that you use to access our Website or Platform in order to adapt our Website and Platform with different browsers and operating systems and to provide better customer experience by analysing such information (Your consent- Art. 6.1.a);

b.We may collect IP address of your device that you use to access our Website or Platform in order to detect potential attacks and unauthorized interferences and to ensure the information security of our Website and Platform (Our legitimate interest – Art. 6.1.f);

c. We may collect your name and e-mail address when you fill in the contact form in our Website (Your consent- Art. 6.1.a).

When you subscribe to our Platform:

Our Platform is a human resources performance management and development platform for employees (“Employees”) and you must be a corporate entity to subscribe to our Platform.

When you subscribe to our Platform, you will sign a Terms of Use Agreement and you will appoint a manager (“Customer Account Manager”) in your organisation who will create an account for you in the Platform (“Customer Account”). Customer Account Manager will enable the Employees in your organisation to create their accounts (“Employee Accounts”).

a.We collect e-mail address, username and password of the Customer Account Manager to enable you to create a Customer Account and keep it active (processing is necessary for the performance of our contract – Art. 6.1.b).

b. We collect the phone number and e-mail address that the Customer Account Manager shares with us to communicate with you, to answer your questions about the Platform in the most effective and quickest way and to fulfil our duties under the Terms of Use Agreement (processing is necessary for the performance of our contract – Art. 6.1.b).

c. We collect e-mail addresses, usernames, names, last names and information on departments, positions and seniority of the Employees (processing is necessary for the performance of our contract – Art. 6.1.b).

d. We collect information on the time zone of the devices used by Customer Account Manager and Employees to enable them to select correct time and dates in the Platform (processing is necessary for the performance of our contract – Art. 6.1.b).

Our Access to Your Customer Account

As a principle, we don’t access to your Customer Account without notifying you first. If we need to access your Customer Account in order to analyse a bug in the Platform, we will notify you.

Content Uploaded by You and the Employees

Our Platform allows users to upload information and content in the Platform. Employees and Customer Account Manager can send and receive messages to and from each other, they can ask questions to each
other or make comments with respect to performances. Customer Account Manager determines the level of access granted to Employees regarding each other’s account with the privacy preferences of the Customer Account.

Employees and Customer Account Manager are responsible from their correspondences, posts and any other contents that they upload or share within the Platform and We have no liability regarding them. You and the
Customer Account Manager must advise the Employees not to disclose their own personal data or third parties’ personal data within their correspondences and posts within the Platform and inform them regarding potential consequences of disclosing their or third parties’ personal data.

Transfer of Personal Data to Third Party Organizations and Countries

Our database is stored with Amazon Web Services in its data centers in Germany in compliance with GDPR. Amazon Web Services offer strong security measures to protect our infrastructure. You can read more about AWS cloud security here: AWS Cloud Security

Your personal data may be transferred to third party organisations and international organisations that provide us services such as hosting, storage and analysis services as well as other services that allow us to improve our services. When we transfer any personal data outside of EEA, we make sure that the recipient country has an adequacy decision from the European Commission or the third party organisations provide adequate level of protection and safeguard measures. For that purpose, we execute standard contractual clauses approved by the European Commission with third parties, when available, or seek your approval prior to data transfer.

Such third party organizations use “cookies”, which are text files placed on your devices, to collect such information. Please see our Cookie Policy for further detail. You can manage your cookie preferences through our Cookie Preferences Panel or the settings of your browser.

Google Analytics: We use web analytics services of Google Inc. to analyse and improve performance of our Website and Platform. In order to provide such services, Google Inc. may collect geo-location, browser, operating system and IP addresses of the visitors of our Website and
Platform.

Google Calendar API: We may use Google Calendar services of Google Inc. with your authorisation to access your Google Calendar. We integrate users (Customer Account Manager and Employees) Google calendar to update events only related to the Platform and our services. Google Inc. stores the data it collects in its data center located in the U.S.

Inspectlet, Inc.: We may use services of Inspectlet for analysis of users’ behaviours on the Website and the Platform. Inspectlet may collect unanimous information such as mouse clicks, click on links and buttons. Inspectlet Inc. stores the data it collects in its data center located in the U.S.

One Signal: We use One Signal services that enable us to send instant notifications to customers. One Signal collects information regarding users’ device, browser, operating system, lP address, location (country), time zone, how many times and when a user visited the Website. One Signal stores information in its data center in the U.S.

Zendesk, Inc.: We use live chat solution of Zendesk on the Website and Platform in order to answer your questions quickly and efficiently. It’s an optional service and Zendek stores e-mail addresses, IP addresses and messages of the users who have consented to such service. Zendesk stores personal data within the EEA, the United States and in other countries and territories.

Personal Data Retention and Erasure

We do not retain personal data longer than we need for the specific purpose of the processing or are required by applicable law. We may need to keep personal data longer than it is required for the purpose of the processing to defend possible future legal claims or if we are served with a legal request for our records or are notified of the commencement of a legal process involving us, our Website or our Platform. We erase, destroy or anonymise personal data that is no longer required for the purposes for which the personal data was processed.

Your Rights Regarding Your Personal Data

a. Right of Access (Art. 15 GDPR): You have the right to obtain confirmation as to whether or not your personal data is being processed,and, where that is the case, access to your personal data and detailed information regarding its processing.

b.Right to Rectification (Art. 16 GDPR): You have the right to obtain the rectification of inaccurate personal data concerning you.

c. Right to Erasure (Art. 17 GDPR): You have the right to obtain the erasure of your personal data where one of the conditions set forth in Art. 17 applies.

d. Right to Restriction of Processing (Art. 18 GDPR): You have the right to obtain restriction of processing where one of the conditions set forth in Art. 18 applies.

e. Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.

f. Right to Object to Processing (Art.21 GDPR): You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data, where the conditions set forth in Art. 21 applies.

g. Right to Object to Profiling (Art. 22 GDPR): You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects to you or similarly significantly affects you.

h. Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR): You have the right to lodge a complaint with a supervisory authority, if you consider that the processing of your personal data infringes the applicable legislation.

CONTACT US

If you have any questions or concern regarding this Privacy Policy or your personal data, please contact us at our email address:support@feedback4e.com.

FEEDBACK4E YAZILIM DANIŞMANLIK TİCARET LİMİTED ŞİRKETİ
Harbiye Mah. Hüsrev Gerede Cad. No.77/16 Şişli
TURKEY