Privacy Policy

We at Embeddable (TMD Technology Limited, a registered UK Limited Company, “Embeddable”, “we”, “our” or “us”) respect your privacy and are strongly committed to keeping secure any information we obtain from you or about you. This Privacy Policy describes our practices with respect to Personal Information we collect from or about you when you use our website, applications, and services (collectively, “Services”).

Personal information we collect

We collect personal information relating to you (“Personal Information”) as follows:

Customer Data:

(In GDPR terms, we are the Processor of Customer Data.)

  • To populate the charts and data visualizations that Customers create using the Services, Embeddable runs Customer-defined queries against Customer’s Datasources and retrieves the returned results. These results may contain Customer Data.

Other Information:

(In GDPR terms, we are the Controller of Other Information.)

  • We collect other information that you may provide to us, such as when you participate in our events or surveys or provide us with information to establish your identity (collectively, “Other Information You Provide”)
  • Account Information. To create or update an account or Datasource, you may supply Embeddable with an email address, password, domain and/or similar account details. In addition, Customers that purchase a paid version of the Services may provide Embeddable (or its payment processors) with billing details such as credit card information, banking information and/or a billing address.
  • Log Data: Information that your browser or device automatically sends when you use our Services. Log data includes your Internet Protocol address, browser type and settings, the date and time of your request, and how you interact with our Services.
  • Usage Data: We may automatically collect information about your use of the Services, such as the types of content that you view or engage with, the features you use and the actions you take, as well as your time zone, country, the dates and times of access, user agent and version, type of computer or mobile device, and your computer connection.
  • Device Information: Includes name of the device, operating system, device identifiers, and browser you are using. Information collected may depend on the type of device you use and its settings.
  • Cookies: We use cookies to operate and administer our Services, and improve your experience. A “cookie” is a piece of information sent to your browser by a website you visit. You can set your browser to accept all cookies, to reject all cookies, or to notify you whenever a cookie is offered so that you can decide each time whether to accept it. However, refusing a cookie may in some cases preclude you from using, or negatively affect the display or function of, a website or certain areas or features of a website. For more details on cookies, please visit All About Cookies.
  • Analytics: We may use a variety of online analytics products that use cookies to help us analyze how users use our Services and enhance your experience when you use the Services.

How we use personal information

We may use Personal Information for the following purposes:

  • To provide, administer, maintain and/or analyze the Services;
  • To improve our Services and conduct research;
  • To communicate with you, including to send you information about our Services;
  • To develop new programs and services;
  • To prevent fraud, criminal activity, or misuses of our Services, and to protect the security of our IT systems, architecture, and networks;
  • To comply with legal obligations and legal process and to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or other third parties.

Disclosure of personal information

In certain circumstances we may provide your Personal Information to third parties:

  • Service Providers: To assist us in meeting business operations needs and to perform certain services and functions, we may provide Personal Information to vendors and service providers, including providers of hosting services, customer service vendors, cloud services, email communication software, web analytics services, and other information technology providers, among others. Pursuant to our instructions, these parties will access, process, or store Personal Information only in the course of performing their duties to us.
  • Legal Requirements: We may share your Personal Information, including information about your interaction with our Services, with government authorities, industry peers, or other third parties (i) if required to do so by law or in the good faith belief that such action is necessary to comply with a legal obligation, (ii) to protect and defend our rights or property, (iii) if we determine, in our sole discretion, that there is a violation of our terms, policies, or the law; (iv) to detect or prevent fraud or other illegal activity; (v) to protect the safety, security, and integrity of our products, employees, or users, or the public, or (vi) to protect against legal liability.
  • End Users and Third Parties You Share Information With: The Analytics Experiences you create are intended to be embedded within your own website or Service and therefore may be shared with your own customers, partners, or other users.

Your rights

Depending on location, individuals may have certain statutory rights in relation to their Personal Information. For example, you may have the right to:

  • Access your Personal Information and information relating to how it is processed.
  • Delete your Personal Information from our records.
  • Rectify or update your Personal Information.
  • Transfer your Personal Information to a third party (right to data portability).
  • Restrict how we process your Personal Information.
  • Withdraw your consent—where we rely on consent as the legal basis for processing at any time.
  • Object to how we process your Personal Information.
  • Lodge a complaint with your local data protection authority.

You can exercise some of these rights by contacting our team.

Security and Retention

We store Customer Data for a duration set by you, the Customer, in the Caching settings of the Service. After this duration, Customer Data is automatically and permanently deleted. Caching may be turned off completely, in which case no Customer Data is stored or retained.

Where Customers use our cloud-platform (rather than self-hosting it on their own infrastructure), Customer Data is stored on Amazon Web Services (AWS) in the region US-East.

Embeddable may retain Other Information pertaining to you for as long as necessary for the purposes described in this Privacy Policy. This may include keeping your Other Information after you have deactivated your account for the period of time needed for Embeddable to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.

We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Information both online and offline from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or email. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, or third-party websites.

International users

By using our Service, you understand and acknowledge that your Personal Information may be processed and stored in our facilities and servers in the United States, unless you have chosen to use our facilities and servers in another location (e.g. Europe).

Legal Basis for Processing.

Our legal bases for processing your Personal Information include:

  • Performance of a contract with you when we provide and maintain our Services.
  • Our legitimate interests in protecting our Services from abuse, fraud, or security risks, or in developing or improving our Services.
  • Compliance with our legal obligations when we use your Personal Information to comply with applicable law or when we protect our or our affiliates’, users’, or third parties’ rights, safety, and property.

Data Transfers.

We use appropriate safeguards for transferring Personal Information outside of certain countries or regions, including the EU, UK, and Switzerland. We will only transfer Personal Information pursuant to a legally valid transfer mechanism, including Data transfers on the basis of an adequacy decision and Data transfers on the basis of appropriate safeguards.

Data Protection Officer. You can contact our data protection officer at privacy@embeddable.com in matters related to Personal Information processing.

Changes to the privacy policy

We may update this Privacy Policy from time to time. When we do, we will post an updated version on this page, unless another type of notice is required by applicable law.

How to contact us

Please contact privacy@embeddable.com if you have any questions or concerns not already addressed in this Privacy Policy.