Effective Date: May 1, 2018
Our Commitment to GDPR
What is GDPR?
The European Union’s General Data Protection Regulation, or GDPR, enhances the existing framework for companies that process the personal data of EU-based residents. It comes into effect on May 25, 2018, bringing with it a host of new obligations for those companies, and new privacy rights for their end users.
Processing data can mean many things, from collecting data to storing and using it. Organizations large and small that process the personal data of EU-based individuals are now preparing for the new regulation, and Places2Note is no exception.
What is Places2Note doing for GDPR?
How can I learn more about GDPR?
Being ready for GDPR is important to us and we welcome this opportunity to help our users understand what we’re doing to prepare. For Places2Note users interested in learning more about GDPR and how we are adopting these principles, please contact us by email at firstname.lastname@example.org
Places2Note’s 3 Laws of Data Protection
1) Your Data is Yours
We do not own your data. Putting places and other content into Places2Note does not change that content's ownership or copyright status. If the data was yours to begin with, it remains yours after you put it in Places2Note. Of course, if the data wasn’t yours to begin with, putting it in Places2Note doesn’t make it yours. This is true of all of our products and services.
By using our products, you give Places2Note permission to do certain things with your data so that we can run our service. For example, you give us permission to back it up, send it over a network, index it for searching, display it on your various devices, etc. Some of these operations may require us to send your data to our normal business partners–such as a network operator–that we have contracted with to provide parts of the Places2Note Service. Before we do this, we’ll always make sure that our contracts with such partners protect your ownership rights.
Other than giving us the permission to perform these limited operations so we can run the Places2Note Service, you retain all the rights to your data
2) Your Data is Protected
Everything you put into Places2Note is private by default. We are not a “big data” company and do not try to make money from your content. Our systems automatically analyze your data in order to power Places2Note features, such as search and related places, and to tell you about important features and products that we think will enhance your Places2Note experience, but we never give or sell your content to any third party for advertising purposes.
Our business model is old-fashioned: we only make money when you decide to pay us for a great product. This means that trust is our biggest asset and keeping your data private is fundamental.
There are features in Places2Note which allow you to publish and share some of your places with others, but these are totally optional and whether or not you use them is up to you. If you choose to connect your Places2Note account with one of our many partners, you may be giving the partner access to some or all of your data. We will tell you how the partner application will access your account and you can turn off access whenever you want.
In addition, we take many precautions to protect your data from accidental loss and theft. Everything you put into Places2Note is stored in our secure data center with multiple redundant servers, storage devices and off-site backups. Communications between Places2Note clients and servers (and between our various data centers) are all encrypted. We provide industry-leading security technologies to all users, and we’re constantly investing in ways to improve data protection. We take the utmost care in protecting your password and no one at Places2Note will ever ask you for it.
We support industry efforts to promote full transparency about government requests for data and have established a comprehensive legal process for handling such requests.
3) Your Data is Portable
Even though thousands of people have their most important information in Places2Note, we still want to make sure that they can leave the service quickly and easily. There is no data lock-in with Places2Note. We are committed to making it straightforward for you to get all of your data into, and out of Places2Note at any time.
Our philosophy is that by making it possible for you to leave at any time, we’re forever-motivated to build great things so that you’ll want to stay. And we hope you do stay, for years and even decades. To this end we’re committed to investing in technologies that will make your data accessible far into the future.
This note is not a legal document, it’s meant to be a plain-language description of our fundamental business values and how we think about your data. We’ll update it from time to time to keep up with the times, but the core principles will not change: your data is yours, your data is protected, and your data is portable. We’re trying to build a hundred-year startup, and this is how we aim to do it.
What information does Places2Note collect?
We built Places2Note to help you remembering your favorite places and activities. That means you can input, upload, or store in Places2Note any location, text, images, voice, video, and other data that you choose—we refer to that information as “Content”. We also collect and receive the following types of information:
- Basic subscriber information.To open your account and process payments, we collect and receive basic information like your email address and, depending on how you purchase a subscription to Places2Note Plus or Places2Note Premium (each a “Paid Service”), your billing address and other payment information.
- Usage data. We collect and log data on how you and others access and use Places2Note, for example, the act of creating a place or sharing a place. Usage data may be collected through cookies, and similar technologies.
- Location information. We collect the IP address you use to connect to the Service, and — if you choose to share it — your location information from a mobile device.
- Device information. We collect information about the number and type of devices you use to connect to the Service, as well as information about the operating systems on those devices (e.g., iOS, Android, Windows). Learn more about information our applications collect from your device on our Data Usage page.
We also may link your subscriber information with data we receive from our partners and other third parties to help understand your needs and provide you with a better experience.
What does Places2Note do with my information?
We are committed to protecting the privacy of your information. Below, we describe the ways in which we use the information we collect and receive to provide, maintain, and improve the Service; to provide troubleshooting and customer support; to protect the Service for all our users and to contact you.
- We use a number of technologies to help you get the most out of the Service. Our systems automatically analyze your data to power Places2Note features and to continually improve the Service for you in a way that does not require anyone to look at your Content. This may include, for example:
- Making sure you find what you’re looking for when you search your account.
- Showing you information most relevant to how you are or could be using the Service at a specific time or location.
- Suggesting actions for you to take based on information you’ve stored.
- Suggesting Places2Note service features or products to you that we think will help you get the most out of our Service.
- For Places2Note Plus and Premium users, recommending people for you to share places with.
- To provide troubleshooting and customer support, our Customer Support team may need to access your information, such as your account email address and information about the Places2Note application you are using, subject to the protections described below.
- As part of our efforts to protect your account and the functionality of the Service, our systems may analyze the emails you send to and from your Places2Note account and the places you share to detect spam, malware, or other potential security concerns. If we determine that such material constitutes a Terms of Service or User Guidelines violation, we may block delivery of or un-share the problematic material, much like a spam filter works for your email inbox.
- In accordance with your communication preferences, we’ll occasionally contact you to announce new products and features we build for you, share tips for using Places2Note to get more done, make special offers, and provide information about how Places2Note works with products and services from our business partners.
Would someone at Places2Note ever view my Content?
You have control over who sees your Content. We limit the use of your Content to make sure that no one at Places2Note can view it unless you expressly give us permission or it’s necessary to comply with our legal obligations. Specifically:
- To help refine or improve the technology, we may ask you for permission to review portions of your Content. Such access to your Content is done only with your express permission and is subject to strict confidentiality rules and data access controls. Choosing to give us such permission is completely voluntary.
- If you contact our Customer Support team for help with specific pieces of Content in your account (for example, if you can’t find a place you believe should be in your account), we may ask for your temporary permission to look at your Content. This permission terminates when the issue is resolved.
- If we become aware of a potential violation of our Terms of Service or User Guidelines, we may suspend or close your account until the problematic material is removed. Under such a circumstance, we would only look at the Content in your account if you give us consent or if necessary to comply with our legal obligations, including to protect the safety of you or any other person.
To test and improve our product offerings for our users, we use aggregated data that does not contain any personal information, does not identify any person, and cannot be connected to any specific user. This policy is not intended to apply to such anonymized/de-identified data.
How does Places2Note share or disclose my information?
Places2Note is not in the business of selling or renting your information. We do not share your account information or user activity history with any third party for the purpose of enabling them to deliver their advertisements to you.
Outside of actions you take within the service to communicate via Share with Friends, to share places with friends, we only disclose your information - and then only the minimum information necessary - when:
- We share your information with Service Providers who process data on our behalf, such as credit card processors and customer management systems. For example, these Service Providers help us:
- Operate, develop, and improve the features and functionality of the Service
- Complete your payment transactions
- Fulfill your sales and support requests
- Communicate with you as described elsewhere in this policy
We do not share your information with any third parties for their own advertising purposes.
- Your Content is private unless you decide you want to share it. You may choose to share using public links or through any of the Service’s features that allow you to share or collaborate on Content (“Collaboration Features”). If you choose to share, we may need to take steps to facilitate your collaboration.
In the event of a merger, sale, or reorganization of all or part of our business, information covered by this policy may be transferred in connection with that deal.
How does Places2Note respond to legal requests for my information?
We vigilantly protect the privacy of your account. We will not disclose your information to law enforcement or other governmental authorities unless we believe it is required to comply with warrants, court orders, subpoenas, or other lawful government requests. This may include responding to legal requests from jurisdictions outside of England where we have a good faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognized standards of due process.
We narrowly interpret all information requests, and we only disclose Content in your account that is specifically responsive to a government warrant or where you have provided your explicit consent. In accordance with our user notice policy, we will notify you if we believe we are compelled to comply with a third party’s legal demand for your information, and we routinely push back on government orders to delay user notice that we view as overly broad.
In addition, in rare cases, we may share your information as necessary to investigate or take action regarding illegal activities, suspected fraud, or potential threats against persons, property or the systems on which we operate the Service, or as otherwise necessary to comply with our legal obligations.
How can I manage my information stored in Places2Note?
Consistent with our first law of data protection—your data is yours—in most cases, you can manage your information simply by logging into your account and editing your information directly within the Places2Note service.
However, if you prefer, you can contact us at email@example.com to ask us to provide access to, correct, update, or delete your personal information. Please note that we may ask you for proof of account ownership and/or identity before fulfilling your request. We will comply with such requests to the extent required by applicable law.
A Note for our European Users about our Data Processing Grounds and Data Access Rights
The European Union's GDPR requires that we provide notice in a specific way to our European users about their privacy rights. We process Account Holder or End User personal information on one of three grounds, depending on the circumstances: (i) your affirmative consent, in which case you will have the right to withdraw consent at any time; (ii) contractual necessity; or (iii) our legitimate interest in providing the Service. In addition, we are required to list the data access right available to all users in a specific way.
How long does Places2Note store my information?
Places2Note's mission is to keep track of all your favorite places. In order to do that, we make the Content you store in Places2Note readily accessible to you, until you make the decision to delete it.
If you delete your Content and then sync, it will no longer be accessible to you or others who may access the Service. The Places2Note service’s back-up systems may retain residual copies of your deleted Content for up to one year due to the nature of those systems’ operations.
Places2Note provides you with features that allow you to communicate and collaborate with other users. Please note that deleting your copy of these communications (such as messages) won't delete copies existing in the accounts of people you were interacting with.
For users who are inactive for extended periods of time, we may close your account to satisfy our obligations under applicable law, and in accordance with our data retention policy. If that happens, we will try to notify you before taking any action.
What happens if I want to stop using Places2Note?
As described above, you can delete your Content at any time, and you can stop using the Places2Note service at any time. And as we promise in our third law of data protection, your data is portable. You can export your projects at any time.
What happens if Places2Note closes my account?
If Places2Note deactivates your Places2Note service account due to a Terms of Service violation, then you may contact Places2Note to request deletion of your data, and Places2Note will evaluate such requests on a case by case basis, pursuant to our legal obligations.
Where is my data stored?
When you use Places2Note software on your computing device, such as by using one of our downloadable applications, content you save will be stored locally on that device. When you sync your computing device with the service, that content will be replicated on our servers, which are located in Germany.
How does Places2Note comply with data transfer rules?
If you are a resident of the European Economic Area (“EEA”) or Switzerland, please note that we use standard contractual clauses approved by the European Commission to transfer your personal Information from the EEA or Switzerland to the United States and other countries.
How secure is my data?
Places2Note is committed to protecting the security of your information and takes reasonable precautions to protect it. We use industry standard encryption to protect your data in transit. This is commonly referred to as transport layer security (“TLS”) or secure socket layer (“SSL”) technology. However, internet data transmissions, cannot be guaranteed to be 100% secure, and as a result, we cannot ensure the security of information during its transmission between you and us; accordingly, you acknowledge that you do so at your own risk.
Once we receive your data, we protect it on our servers using a combination of administrative, physical and logical security safeguards. The security of the information stored locally in the Places2Note Software installed on your computing device is dependent upon you making use of the security features on your device. We recommend that you take the appropriate steps to secure all computing devices that you use with the Places2Note software and the Places2Note service.
If Places2Note learns of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us or by posting a notice on our web site and/or via other communication platforms. Depending on where you live, you may have a legal right to receive such notices in writing.
How can I contact Places2Note?
GeoStudios Ltd., 2 Festival Square, Little Germany, Bradford BD1 5BD, United Kingdom, firstname.lastname@example.org