Personal information we collect
We collect personal information relating to you (“Personal Information”) as follows:
(In GDPR terms, we are the Processor of Customer Data.)
- To populate the charts and data visualizations that Customers create using the Services, Embeddable runs Customer-defined queries against Customer’s Datasources and retrieves the returned results. These results may contain Customer Data.
(In GDPR terms, we are the Controller of Other Information.)
- We collect other information that you may provide to us, such as when you participate in our events or surveys or provide us with information to establish your identity (collectively, “Other Information You Provide”)
- Account Information. To create or update an account or Datasource, you may supply Embeddable with an email address, password, domain and/or similar account details. In addition, Customers that purchase a paid version of the Services may provide Embeddable (or its payment processors) with billing details such as credit card information, banking information and/or a billing address.
- Log Data: Information that your browser or device automatically sends when you use our Services. Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interact with our Services.
- Usage Data: We may automatically collect information about your use of the Services, such as the types of content that you view or engage with, the features you use and the actions you take, as well as your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, and your computer connection.
- Device Information: Includes name of the device, operating system, device identifiers, and browser you are using. Information collected may depend on the type of device you use and its settings.
How we use personal information
We may use Personal Information for the following purposes:
- To provide, administer, maintain and/or analyze the Services;
- To improve our Services and conduct research;
- To communicate with you, including to send you information about our Services;
- To develop new programs and services;
- To prevent fraud, criminal activity, or misuses of our Services, and to protect the security of our IT systems, architecture, and networks;
- To comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.
Disclosure of personal information
In certain circumstances we may provide your Personal Information to third parties:
- Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may provide Personal Information to vendors and service providers, including providers of hosting services, customer service vendors, cloud services, email communication software, web analytics services, and other information technology providers, among others. Pursuant to our instructions, these parties will access, process, or store Personal Information only in the course of performing their duties to us.
- Legal Requirements: We may share your Personal Information, including information about your interaction with our Services, with government authorities, industry peers, or other third parties (i) if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, (ii) to protect and defend our rights or property, (iii) if we determine, in our sole discretion, that there is a violation of our terms, policies, or the law; (iv) to detect or prevent fraud or other illegal activity; (v) to protect the safety, security, and integrity of our products, employees, or users, or the public, or (vi) to protect against legal liability.
- End Users and Third Parties You Share Information With: The Analytics Experiences you create are intended to be embedded within your own website or Service and therefore may be shared with your own customers, partners, or other users.
Depending on location, individuals may have certain statutory rights in relation to their Personal Information. For example, you may have the right to:
- Access your Personal Information and information relating to how it is processed.
- Delete your Personal Information from our records.
- Rectify or update your Personal Information.
- Transfer your Personal Information to a third party (right to data portability).
- Restrict how we process your Personal Information.
- Withdraw your consent—where we rely on consent as the legal basis for processing at any time.
- Object to how we process your Personal Information.
- Lodge a complaint with your local data protection authority.
You can exercise some of these rights by contacting our team.
Security and Retention
We store Customer Data for a duration set by you, the Customer, in the Caching settings of the Service. After this duration, Customer Data is automatically and permanently deleted. Caching may be turned off completely, in which case no Customer Data is stored or retained.
Where Customers use our cloud-platform (rather than self-hosting it on their own infrastructure), Customer Data is stored on Amazon Web Services (AWS) in the region US-East.
We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Information both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or email. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third-party websites.
By using our Service, you understand and acknowledge that your Personal Information may be processed and stored in our facilities and servers in the United States.
Legal Basis for Processing.
Our legal bases for processing your Personal Information include:
- Performance of a contract with you when we provide and maintain our Services.
- Our legitimate interests in protecting our Services from abuse, fraud, or security risks, or in developing or improving our Services.
- Compliance with our legal obligations when we use your Personal Information to comply with applicable law or when we protect our or our affiliates’, users’, or third parties’ rights, safety, and property.
We use appropriate safeguards for transferring Personal Information outside of certain countries or regions, including the EU, UK, and Switzerland. We will only transfer Personal Information pursuant to a legally valid transfer mechanism, including Data transfers on the basis of an adequacy decision and Data transfers on the basis of appropriate safeguards.
Data Protection Officer. You can contact our data protection officer at email@example.com in matters related to Personal Information processing.
How to contact us