Privacy Policy

Last updated: April 15, 2024

Introduction

Welcome to Sumboard. 

The Sumboard Services are operated and managed by BEND TECHNOLOGIES RO, (“www.bend.dev“), a limited liability company situated in Jud. Iasi, at Hlincea Street, no. 47, Romania under number RO46272445.

Our Privacy Policy aims to provide you with our practices regarding the collection, use, and protection of your personal data from customers and other individuals (collectively  referred to as “you”) who access or use our websites, including https://www.sumboard.io/, and our digital platform (https://editor.sumboard.io/ & https://app.sumboard.io/). Our platform allows you to connect and combine data and create dashboards, in order to get actionable insights from this data. We safeguard your personal data securely and in accordance with the law, ensuring full adherence to relevant privacy regulations, especially the General Data Protection Regulation (GDPR).

By using our Services, you understand that we will collect and use your personal data as described in this Privacy Statement.

Overview of Data Collection

As you explore our website (Sumboard) and Digital Platform (Sumboard Editor & Sumboard App) we may ask you to provide personal data. The term “personal data” refers to any information that can identify you as an individual. The collection of this information helps us not only to provide you with our services but also enhances your overall experience. 

Below, we detail the specific types of personal information we collect:

A. User-Provided Data

We collect data you provide directly when you register for an account, request a demo, or sign up for free trials and paid plans. The details we ask for include:

Account and Service Registration:

  • Names (First, Surname).
  • Email Address.
  • Organization (if applicable).
  • Address.
  • Phone Number (only for trial or paid services).
  • Language Preferences.
  • Username and Password.

Service Engagement:

  • Information Requests: Name, email, organization.
  • Demo Requests: Name, email, organization.
  • Free Trial: Includes all above plus address, phone number, and language.
  • Paid Plan: Includes all free trial data plus payment details (credit card, billing details, other payment/billing information).

B. Automatically Collected Data

As part of using our digital services, certain information about your device and connection is automatically collected. This is not data we actively seek to gather, but rather it is inherent to the use of internet-based services:

Device and Connection Information:

  • Browser Type and Version – to ensure compatibility and optimal performance of our services on your device.
  • Operating System – to allow our services to function properly on different platforms.
  • Connection Type, Device Type, ISP or Mobile Network – to tailor the responsiveness of our services to your specific device and internet connection, and provide insights that assist in diagnosing any connection-related issues.
  • IP Address, Unique Device ID – to secure your account, troubleshooting, providing localized content, and complying with legal requirements.

Usage and Interaction Data:

  • Service Usage Frequency and Details.
  • Transaction Information (e.g., payment method, billing details).
  • Error Reports and Technical Issues.
  • Location Data.

C. Interaction Records

To enhance our support and ensure high-quality customer service, we maintain detailed records of your interactions with our customer support team. This helps us address your needs effectively and improve our service responsiveness. The data includes:

  • Communications: we document all communications with our customer service, whether they occur via email, phone, or written correspondence.
  • Customer Support Documentation: records of any customer support inquiries and the actions taken to resolve them are kept to ensure consistency and quality in our support services.

D. Security and Optimization Data

In our commitment to providing a secure and efficient user experience, we collect additional information related to the devices used to access our services:

  • Device Details: We collect information about other applications on your device. This data is used for implementing security measures and optimizing our services, ensuring both safety and performance.


Utilization of Personal Information

A. Service Delivery and Account Management

  • Account Setup: Establishment and configuration of customer accounts to enable full use of our services.
  • Billing and Payment Processing: Generating invoices and processing payments for services utilized.
  • Service Maintenance: Regular updates and maintenance to ensure uninterrupted service provision.


B. Customer Engagement and Support

  • Demonstrations and Information: Providing potential and existing customers with demonstrations and detailed information to aid in decision-making.
  • Customer Support: Offering assistance for inquiries or issues related to our services.
  • Account Management: Managing ongoing customer relationships, including subscription renewals and additional purchases.

C. Legal and Regulatory Compliance

  • Compliance Obligations: Meeting legal responsibilities such as accounting, tax filing, and adhering to regulatory requirements.

D. Communication and Marketing

  • User Interaction: Facilitating communication among users on our platform.
  • Marketing Communications: Sending promotional materials, newsletters, and updates about new features or services, in line with user preferences.

E. Service Improvement and Usage Analysis

  • Service Improvement: Collecting and analyzing usage data to enhance the quality and functionality of our services.
  • Usage Analysis: Monitoring how services are used to better tailor and optimize our offerings.
  • Technical Support: Identifying and resolving any technical or security issues to maintain service integrity.

Data Sharing Disclosure

Sumboard is committed to protecting your personal data. We do not transfer, transmit, or otherwise disclose your personal information to third parties without obtaining your explicit prior consent, except in the specific cases listed below:

A. With Service Providers:

  • We engage trusted businesses or persons to process personal information on our behalf.
  • These service providers operate based on our instructions and in compliance with applicable privacy laws.
  • They are contractually obligated to keep personal information confidential and use it only for the purposes for which we disclose it to them.

B. For Legal and Contractual Reasons:

  • We may disclose your data to other companies, organizations, or individuals when necessary to enforce our contractual terms.
  • Disclosure may also occur if it is reasonably necessary for legal compliance or to protect our rights or the rights of others.

C. Regulatory and Law Enforcement:

  • Compliance Obligations: Meeting legal responsibilities such as accounting, tax filing, and adhering to regulatory requirements.

D. During Business Transfers:

  • In the event of a merger, acquisition, bankruptcy, or other sale or transfer of all or a portion of our assets, your data may be transferred as part of that transaction.

E. With Your Consent

  • We may share your data for any other purposes with your explicit consent.

Rest assured, all third parties to whom the personal data is transferred are also subject to confidentiality obligations and must implement appropriate organizational and technical security measures to protect your data.

GDPR and Your Privacy Rights

If you are a resident of the European Union (EU) and European Economic Area (EEA), you have certain data protection rights, covered by GDPR. – See more at 

https://eur lex.europa.eu/eli/reg/2016/679/oj.

We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please email us at [email protected]

In certain circumstances, you have the following data protection rights:

  1. Right to be informed. You are entitled to be informed of the use of your Personal Data. This Privacy Policy provides such information to you.
  2. Right to access: You have the right to access (and obtain a copy of, if required) the categories of personal information that we hold about you, including the information’s source, purpose and period of processing, and the persons to whom the information is shared.
  3. Right of correction: You have the right to request corrections or changes to your Personal Data if it is inaccurate or incomplete.
  4. Right to be forgotten: You have the right to request that we delete records of your Personal Data. We will delete your Personal Data as long as there is no legal obligation or prevailing right for us to keep it. Please note that deletion of your Personal Data will likely impact your ability to use our services.
  5. Right to object (opt-out): You have the right to opt-out of certain uses of your Personal Data, such as direct marketing, at any time.
  6. Right to data portability: You have the right to a portable copy of your Personal Data that you have submitted to us.
  7. Right to complain: You have the right to complain to the appropriate supervisory authority if you have any grievance against the way we collect, use or share your information. This right may not be available to you if there is no supervisory authority dealing with data protection in your country. Additionally, if you have concerns about the processing of your personal data or the exercise of your rights, you may contact us directly at [email protected]. We are committed to addressing all inquiries and resolving any issues within thirty (30) calendar days.

Please be aware that we may require you to confirm your identity before we can process your requests. Additionally, it is important to understand that some essential data may be required to deliver our services effectively, and without this data, we may not be able to provide the service as expected.

Protecting Your Personal Data 

At Sumboard, safeguarding your personal data is a priority. When you share information with us through our digital platform or website, we employ robust organizational and technical measures to protect it from unauthorized access, misuse, loss, or alteration. Here are the key security measures we implement:

A. Access Control:

  • We enforce strict access controls to ensure that only authorized personnel can access your personal data.
  • This includes implementing secure log-in protocols and conducting regular access reviews to prevent unauthorized entry.

B. Data Encryption:

  • All personal data transmitted between your device and our platform is encrypted to prevent unauthorized interception.
  • This encryption applies to both inbound and outbound data, ensuring comprehensive protection during transmission.
  • In case of connection between your Data Source and our platform the data is encrypted if you opt for an encrypted connection.

C. Antivirus and Anti-Malware Protection:

  • Our systems are equipped with state-of-the-art antivirus and anti-malware software.
  • These systems are regularly updated to detect and neutralize threats, responding to new and evolving security challenges.

D. Data Anonymization:

  • Where feasible, we anonymize personal data to significantly reduce privacy risks.
  • Anonymization involves removing identifying details from data to enhance privacy protections.

E. Confidentiality Agreements:

  • All Sumboard employees and contractors with access to personal data are bound by strict confidentiality agreements.
  • These agreements are legally enforceable, ensuring a clear understanding of the responsibility to protect your privacy.

F. Regular Security Audits:

  • We conduct regular security audits and vulnerability assessments.
  • This proactive approach helps identify and address potential security risks, ensuring that our protective measures remain effective and current.

By implementing these comprehensive security practices, Sumboard ensures that your personal data is protected against unauthorized access and risks, providing you with a secure and trustworthy digital experience.

We take these precautions seriously, employing both technical solutions and comprehensive organizational procedures to prevent the accidental loss, destruction, or damage of your personal information, thereby ensuring its security and confidentiality.

Information Retention Practices

We retain your personal information for as long as it is required for the purposes stated in this Privacy Policy. Sometimes, we may retain your information for longer periods as permitted or required by law, such as to maintain suppression lists, prevent abuse, if required in connection with a legal claim or proceeding, to enforce our agreements, for tax, accounting, or to comply with other legal obligations. When we no longer have a legitimate need to process your information, we will delete or anonymize your information from our active databases. We will also securely store the information and isolate it from further processing on backup discs until deletion is possible.

Cookies are small data files stored on your device by websites you visit. They play a vital role in enhancing site functionality and user experience by storing information about your interactions with the site. This information can include site preferences, user identification, and other device-related data. Cookies are not only limited to storing text but can also include IP and MAC addresses collected by various technologies embedded within the site.

Use of Cookies

Types of Cookies We Use:

1. Essential Cookies:

  • These cookies are crucial for basic site operations. They enable core functionalities such as user logins, account management, and payment processing. They also manage your cookie preferences and record your consent for other cookie types.
  • Acceptance of these cookies is mandatory as they are integral to the functioning of our website.

2. Analytical Cookies:

  • These cookies collect data on how you interact with our website, helping us understand user behavior and improve site functionality. They assist in identifying usage patterns and any issues you might face.
  • We only use these cookies with your explicit consent.

3. Functional Cookies:

  • Functional cookies remember your settings and preferences (like your preferred language or timezone) to enhance your visit. They help customize the website according to your needs.
  • Your consent is required to enable these cookies.

4. Advertising Cookies:

  • These cookies are used to deliver tailored advertising content relevant to your interests. They can also limit the frequency of ad exposure and help measure campaign effectiveness.
  • Such cookies are set based on your consent and may involve third-party services.

Managing Cookie Preferences:

  1. Consent and Control:
    Upon your first visit, we ask for your consent to set non-essential cookies. You can manage your preferences at any time through our cookie settings panel, allowing you to adjust which cookies you accept or reject.
  2. Browser Settings:
    You can configure your browser to refuse all cookies or to alert you when cookies are being sent. Note that blocking cookies may affect your ability to use some features of our site.
  3. Multi-Device Management:
    If you use multiple devices or browsers, you may need to manage your settings on each one to ensure consistent cookie control across all platforms.

Summary of 3rd party Cookies Used on Our Website and Application

Our website and application utilize cookies and tracking technologies to enhance functionality and continuously improve user experience. Below is detailed information about the specific 3rd party cookies we use:

Provider Purpose Category Link
Google Analytics Tracks website performance and analyzes visitor interactions Analytical Cookie More Info
Stripe Ensures secure payment processing and transaction security Functional Cookie More Info
Hotjar Tracks user interactions via heatmaps to enhance experience Analytical, Performance Cookie More Info

Age Restrictions

Our Services are not targeted towards children under the age of 13, and we do not knowingly collect personal information from children under this age. If a child under the age of 13 has provided us with personal information without parental or guardian consent, the parent or guardian should contact us at [email protected] to remove the information and unsubscribe them. Further, if we become aware that we have inadvertently received personal information from a user under the age of 13, we will delete the information from our records promptly.

Updates to Our Privacy Policy

This Privacy Policy was last changed on the date set forth at the top of the policy.  We are constantly trying to improve the Service, so we may need to change this Privacy Policy from time to time as well. If we make any changes, we will post the new policy on Sumboard’s website. In addition, we will also edit the date at the top of this Privacy Policy to reflect the date of the changes. If you use the Service after any changes to this Privacy Policy have been posted, you agree to all the changes. Unless we have your express consent to the contrary, use of information we collect now is subject to the Privacy Policy in effect at the time such information is collected (meaning – Privacy Policy changes will not otherwise be retroactive). 

Contact us

If you have any questions or concerns regarding this Privacy Policy or our privacy practices, please contact us at [email protected].