General Data Protection Regulations

These terms were last updated on 19th October 2022.

This Privacy Policy describes how we collect, use, process, and disclose your information, including personal information, in conjunction with your access to and use of our Website “www.infeedo.ai and www.infeedo.com”, Software, and our Application (“collectively Services”). If you see an undefined term in this Privacy Policy, it has the same definition as in our Product T&C . When this policy mentions “inFeedo,” “we,” “us,” or “our” it refers to our parent company inFeedo Tech Inc. and any other holding/subsidiary/associate company, being the company that is responsible for your information under this Privacy Policy. When this policy mentions “Application”, it refers to our product called “Amber”.  You may access inFeedo’s Privacy Policy from here.

If you are at this page, then you are inFeedo’s customer/user/website visitor, who are EU Residents, to whom the General Data Protection Regulations apply. The General Data Protection Regulation (“GDPR”) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. It also addresses the export of personal data outside the EU. The GDPR places limits on the gathering and use of personal data and establishes clear responsibilities for companies that collect it, as well as clear rights for people whose data is gathered.

This Policy describes how inFeedo collects, uses, processes, and discloses information, and what choices you have with respect to the information.

It is inFeedo's policy to respect your privacy regarding any information we may collect while using our Software, Application, and Websites collectively called the Services.

This Policy applies when you use our Services. For our customers and their employees / third parties, a link to this privacy policy is also available on the chat window under ‘settings’ (on the top right) and on the login window for the Amber dashboard (below the login box). 

I. Data Controller and Data Processor

We process two main types of personal data.

i. Customer Data- Personal data that forms part of data that is provided by our customers of their end-users while they use the Product.
ii. Other Data- Personal data about our customers, prospects, website visitors, and other individuals that are collected and processed directly by us.

Our Customers are the Controller of Customer Data and inFeedo is the Processor of Customer Data and is also the Controller of Other Data. 

3. Information We Collect 

I. Customer Data
As customers, the data is provided by you, when you use inFeedo’s Software and Services. 

Customer Data may be processed by us as a result of customers’ use of the Services when our customers, or their end-users, input or upload information into the Service. For example, customers who use the Software may upload Customer Data about themselves or their employees.

This data includes name, email address, contact number, job title, date of joining, and other relevant information of your employees. We use this data for providing services to our users as defined here. We collect billing details for invoice purposes from our Customer.  

We also collect data when you use our Website:

i. Account Information: When you sign up on the Website, we require certain information such as your first name, last name, and email address. To use certain features of the Website, we may ask you to provide additional information, which may include your address and phone number.
ii. Communications with inFeedo: When you communicate with inFeedo or use the Website to communicate with us, we collect information about your communication and any information you choose to provide.
iii. Information you choose to give us: You may choose to provide us with additional personal information in order to obtain a better user experience when using the Website. This additional information will be processed based on your consent.
iv. Other Information: You may otherwise choose to provide us information when you fill in a form, conduct a search, respond to surveys, post to community forums, participate in promotions, or use other features on the Website (if available and applicable).
v. Information we automatically collect from your use of the Website: When you use the Website, we automatically collect information, including personal information, about the services you use and how you use them. This information is necessary for the adequate performance of the contract between you and us, to enable us to comply with legal obligations and given our legitimate interest in being able to provide and improve the functionalities of the Website.
vi. Geo-location Information: When you use certain features of the Website, we may collect information about your approximate location as determined through data such as your IP address or mobile device’s GPS to offer you an improved user experience. Most mobile devices allow you to control or disable the use of location services for applications in the device’s settings menu. The Website may also collect this information even when you are not using the app if this connection is enabled through your settings or device permissions.
vii. Usage Information: We collect information about your interactions with the Website such as the pages or content you view, your searches for a product/service that is provided by inFeedo, and other actions on the Website.
viii. Log Data and Device Information: We automatically collect log data and device information when you access and use the Website, even if you have not created an account with inFeedo and/or the Website or logged in. That information includes, among other things: details about how you’ve used the Website (including if you clicked on links to third-party applications), IP address, access dates and times, hardware and software information, device information device event information, unique identifiers, crash data, cookie data, and the pages you’ve viewed or engaged with before or after using the Website. You can find the list of cookies in the Annexure of this policy.
ix. Cookies and Similar Technologies: We use cookies and other similar technologies. We may also allow our business partners to use these tracking technologies on the Website, or engage others to track your behavior on our behalf. The list of our business partners' cookies is attached below as Annexure II.
x. Information We Collect from Third Parties: inFeedo may collect information, including personal information, which others provide about you when they use the Website or reach the Website through a third party, or obtain information from other sources and combine that with information we collect through the Website. We do not control, supervise, or are responsible for how the third parties providing your information process your personal data, and any information request regarding the disclosure of your personal information to us should be directed to such third parties.
xi. Other Sources: To the extent permitted by applicable law, we may receive additional information about you, such as demographic data or fraud detection information, from third-party service providers and/or partners, and combine it with information we have about you. We may receive information about you and your activities on and off the Website through partnerships, or about your experiences and interactions from our partner ad networks.

4. How We Use Your Data

How we use your personal data will depend on which Services you use and how you use those Services. Customer Data will be used by inFeedo in accordance with the Customer’s instructions, including any applicable terms in the Customer Agreement and as required by applicable law. inFeedo is a processor of Customer Data and the Customer is the controller. 

Other Data is used by us to provide our services, send our newsletters, and communicate with you by responding to your requests, comments, and questions.

I. Lawful basis for processing

We have a lawful basis to process your personal data. We also use your consent as basis for lawfully processing your personal data.
We process your personal data only when we have a lawful basis. The Customer Data is processed upon signing and accepting the Product T&C via our Order Form/ the Service Agreement executed between inFeedo and its Customers,  and the Customer's consent forms the lawful basis for processing personal data. For certain processing, such as specific direct marketing, we may also use legitimate interests as provided under the Data Protection Regulations.

In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

Where you have consented to a particular processing, you have a right to withdraw the consent at any time. 

II. How we use Customer data

We use your data to authenticate you and authorize access to our Services
We only process Customer Data on behalf of our customers and in accordance with their instructions provided in the applicable Services agreement with us. We use the data that we have about you to provide our Services and provide customer support to you. In each case, inFeedo collects such information only in so far as is necessary or appropriate to fulfill the purpose of the interaction with our Services.

i. To send emails and other communications. We may send you service, technical, and other administrative emails, messages, and other types of communications. We may also contact you to inform you about changes in our Services and our Services offerings. These communications are considered part of the Services and you may not opt-out of them;
ii. Customer Support. If you send us a request (for example via a support email or via one of our feedback mechanisms), we respond to your request to help with your issues. We may also gain access to the personal data stored within our CRM as a result of the support;
iii. For any other purpose as provided for in the Services Agreement between us and the customer, or as otherwise authorized by the customer; and
iv. In accordance with or as may be required by law.

III. How we use Other data

We may send you Service-related messages or marketing / promotional materials. You may choose to restrict the collection or use of your personal information

We will update you with improvements in our services, and new features and from time to time also carry out direct marketing of our products and services. Direct marketing is carried out only if you consent to receive such communications from us or we have a legitimate purpose for doing so. You can opt out of receiving marketing communications from us by following the unsubscribe instructions included in our marketing communications.

IV. Users under 16 years of age
The Sites and Services do not knowingly collect personal information from users under the age of 16
If you are under the age of 16, you are not permitted to use the Sites and Services or to disclose Personal Information. If we learn we have collected or received Personal Information from a child under 16, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at privacy@infeedo.com. 

5. Data Retention Policy

We will retain certain personal information even after termination/ suspension of the use of Services for as long as we reasonably consider it necessary to fulfill the purposes outlined in this Policy unless a longer retention period that is necessary for statutory obligations (such as tax, maintaining accounting records or other legal requirements).

I. Customer Data - We retain your information for as long as you continue to use the Software and Services. We may also retain your personal information for an extended period under applicable statutory laws.

inFeedo will retain Customer Data in accordance with a Customer’s instructions, including any applicable terms in the terms and conditions of our Order Form and the licensing agreements that are executed between inFeedo and its customers and as required by applicable laws. When the license to use the Software is withdrawn then we delete all personal information about you within 10 days from a formal written request sent an email to privacy@infeedo.com.

II. Other Data - We retain your information for as long as necessary for the purposes that we have described in this Policy

inFeedo may retain Other Information pertaining to you for as long as necessary for the purposes described in this Policy.

6. Your Rights

You can request to access, update or rectify your personal information. You also have the right to object to direct marketing.

Under the GDPR regulations, your personal information is processed based on legitimate interests, you have the right to object to the processing on grounds relating to your specific situation. We strive to use your information fairly, lawfully and transparently. Under GDPR you may also have the right to request to have your personal information deleted or restricted and ask for portability of your personal information.

7. Your Rights to Control Data 

Whenever you use our Services, we aim to provide you with easy means to access, modify, delete, object to or restrict the use of your personal information

We strive to give you ways to access, update/modify your data quickly or to delete it unless we have to keep that information for legal purposes. Some rights can be accessed from within the Application. For visitors, these rights can be exercised by contacting us with your specific request. You can also ask us to change, update or fix your data in certain cases, particularly if it’s inaccurate, however, all such requests are routed to us through your organization's admins.

I. Change or Rectify Data:  Access to personal data via our Application is controlled by the Admins in your organization. These admins can edit some of your personal data through the dashboard to which the Admins have access.  Right to erasure/to be forgotten:  You can ask us to erase or delete all or some of your personal data (e.g. if it is no longer necessary to provide Services to you.

II. Object to, or Limit or Restrict, Use of Data:  You can ask us (via an official written communication) to stop using all or some of your personal data (e.g. if we have no legal right to keep using it) or to limit our use of it (e.g. if your personal data is inaccurate or unlawfully held).

III. Right to Access and/or Take Your Data:  You can ask (via an official written communication) us for a copy of your personal data and can ask for a copy of the personal data you provided in machine-readable form.

8. Your information shared with others

I. Recipients of your data

Your data will be shared with other recipients in order to provide you with Services. We use third-party servers/systems that have been listed as Annexure I in this Policy. These third parties provide the services necessary for use of the Services.
While we aim to limit the sharing of your data, at times, it is necessary to share your data with certain service providers.  Examples of when and for what purpose your data is shared include data center/ hosting services, email marketing services, etc.

The following categories of recipients will most likely receive your data in order for us to provide services to you

i. To Comply with Laws -  If we receive a request for information, we may disclose only if we believe that the disclosure is substantial and reasonable and in accordance with or required by any applicable law, regulation, or legal process.

ii. Cross-Border Data Transfers
We have servers in the USA and in the EU Region. Your data will be stored and processed in the servers accordingly.  

We are an international company and thus, have servers situated in the USA and EU regions. In the event you are an EU-based company, your data will be processed in the EU region. Else, your data will be processed within Third Party Data Centres in the USA, at AWS, West Virginia, United States of America. 

inFeedo offers European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and other international transfers of Customer Data. These clauses are contractual commitments between parties transferring personal data binding them to protect the privacy and security of the data.

Cross-border data transfer happens only to the subprocessors who may have servers all over the world. We do however only choose GDPR-compliant third parties and have data processing agreements with them.

9. Security Measures to Protect your Data

I. Security Measures
We implement security controls to prevent breaches and unauthorized access to your data.

We maintain reasonable and appropriate security measures to protect Customer Data and Other Data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. Examples of security measures include cyber security controls, due diligence on our third-party service providers, data encryption in transit and at rest, logging and monitoring for threats and vulnerabilities, access management, etc.

We also subject our services to internationally recognized certification and attestation standards. Details about our security measures, the aforementioned certificates, and reports are available on request and upon a mutual NDA.

II. Protection of Personal Information
The Website and Services use commercial efforts to maintain safeguards for the protection of your Personal Information

inFeedo takes all measures reasonably necessary to protect against the unauthorized access, use, alteration or destruction of potentially personally-identifying and personally-identifying information.  

III. Data Privacy Officer: 
Seema Pathak
privacy@infeedo.com 
As a resident of the European Economic Area, you have additional rights.  If you are not satisfied with the resolution, you can also lodge a complaint with the Supervisory Authority in the country of your residence within the EU.

10. Application of this Policy
This Privacy Policy applies to all the services offered by inFeedo Tech Inc. and any other holding/subsidiary/associate company. This Privacy Policy doesn’t apply to:

11. Privacy Policy change

inFeedo may change this Privacy Policy from time to time, at our sole discretion.

inFeedo reserves the right to modify this Policy at any time in accordance with this provision. If we make changes to this Policy, we will post the revised Privacy Policy on the Website and update the “Last Updated” date at the top of this Policy. Your continued access to or use of the Website and the Services will be subject to the revised Privacy Policy.

Annexure I

List of our GDPR-compliant Subprocessors:

1. AWS - EC2
2. AWS - Elasticache
3. AWS - RDS
4. AWS - S3
5. AWS - Simple Queue Service
6. Atlas - MongoDB
7. Atlassian - Bitbucket
8. FrontApp
9. GCP - BigQuery 
10. GCP - Google analytics 
11. Google Workspace
12. Lilt
13. Mailgun
14. Salesforce
15. Slack (if opted)
16. Hevodata
17. Notion
18. Zendesk 
19. ValueFirst (if opted)
20. Gupshup (if opted)
21. MS Teams (if opted)
22. Google Chat(if opted)
23. Line Messenger(if opted)
24. Intercom
25. HubSpot
26. Outreach

Annexure II

List of our 3rd party cookies:

1. Hubspot
2. Microsoft UET Tag
3. Facebook Pixel
4. Google Analytics
5. Linkedin Insight Tag
6. Hotjar