andcards Privacy Policy

Updated: September 21, 2020

This policy describes the information we process to support andcards software, andcards website (“andcards Products”, “Products” or “Services”) and communicate with clients, potential clients, partners and\or other third parties, unless we specified otherwise.

andcards Sp. z o.o., a Republic of Poland company, KRS: 0000772992, NIP: PL5842781756, REGON: 38263506000000 and its affiliates and subsidiaries (collectively the "Company," “we,” “us”, “andcards”, and “our”), respects your privacy rights and is committed to protect your information collected through Services and websites accessed through internet-capable hardware platforms including personal computers, mobile computers and\or mobile devices.

andcards provides software services to flexible offices, coworking spaces, and shared workspace operators ("Workspace Provider"), who use our Services in their business activity. We built our service to help tenants get the most out of their workspace.

As a provider of information and communication services, we strive to comply with relevant laws and privacy protection rules and guidelines of certain countries. For example European Union Directive 2016/680 and Regulation 2016/679 ("GDPR").

As a data processor on behalf of the Workspace Provider, we comply with relevant legislation as stated in Data Processing Agreement between andcards and such Workspace Provider.

We have adopted this privacy policy to explain how we collect, store, disclose, transfer, protect, and otherwise use the information collected in connection with our Services (the "Privacy Policy").

Please read the following Privacy Policy carefully. By visiting our website, chat with our Customer Support, connecting us by other means and\or becoming a Workspace Provider, you agree that (a) we may transfer, process, and store your or your representative's information in the Republic of Korea and other countries that may have different privacy protections than your country; (b) we may process your or your representative's data in accordance with the following Privacy Policy; and (c) you are bound by our Privacy Policy.

Who this privacy policy applies to?

This Privacy Policy applies to all visitors of our website, Workspace Providers and their contact persons, our partners, potential clients or partners and their representatives ("you" or "your").

For Services offered by andcards used by residents of the European Union, we are the data processor of Users (see definition in our Terms of Use) personal information. Workspace Provider is the data controller responsible for Users' personal information.

For Services offered by andcards, we are responsible for the personal information of all visitors of our website, who contacted us, Workspace Providers contact person, our partners, potential clients and their representatives.

What does this Privacy Policy apply to?

This Privacy Policy applies to the Company's Services, Products, websites, mobile applications, and other services that link to it or display it. In addition, the Company may also from time to time add new sites and services.

This Privacy Policy does not apply to websites or services maintained by other companies or organizations (such as Workspace Provider or those who promote the Company's products and services) and the Company cannot and does not guarantee the security of any information disclosed to those third parties. In addition, please note that we may hire vendors (agents or contractors) to collect information on our behalf and in such cases such vendors will be instructed to comply with this Privacy Policy. These vendors may not use your information for their own marketing purposes.

Information We Collect

We collect data from you, through our interactions with you and through our Products. We collect all information that you provide us, including personal information that identifies you and that may be used to contact you or your representative online or offline. The Company collects information from you on a voluntary basis.

You provide some of these data directly, and we get some of it by collecting data about your interactions, use, and experiences with our Services. The data we collect depends on the context of your interactions with us and the choices you make.

We need to process information about you to provide Services. The types of information we collect depends on how you use our Services.

When you submit information to the Company, it will usually take the form of:

otherwise through use of our Services, including mobile products, and computer products where your information is required for use.

Your refusal to submit information may limit your ability to use Services, which requires provision of such information.

Information We Process as a Data Processor

As far as our Services are for Workspace Providers who work with their clients with help of our Product, we do not collect and process any personal information of Users as a data controller. We process such personal information as a data processor in accordance with the Data Processing Agreement between andcards and relevant Workspace Provider.

Information We Collect

Customer Support and Communication (Required)

You may provide us with information related to your use of our Services and how to contact you so we can provide you technical, customer or other types support through email, chat or in other ways. For example, you may send us an email with information relating to our website performance or other issues. All information sent by you during contact with our Customer Support will be used only for the purpose of identifying you, providing you technical, customer or other support, resolving your problem, answering your questions, cooperation with you and\or improving our Services. Technical information can be used for statistical, marketing purposes and for technical improvement of Services.

Automatically Collected Information

How we use and store automatically collected information

As described below, we collect information from your computers, phones, and other Internet-connected devices that integrate with our Services, as well as information about these devices, and combine such data from different devices that you use. We use such information to provide you Services, to guarantee and improve our Services functionality, stability and security. We may combine your information across other computers or devices that you may use.

Usage and Log Information

We collect service-related, diagnostic, and performance information. This includes information about your activity (such as how you use our Services, etc.), log files, and diagnostic, crash, website, and performance logs and reports.

Device and Connection Information

We collect device-specific information when you install, access, or use our Services. This includes information such as hardware model, operating system information, browser information, IP address, mobile network information including phone number, and device identifiers. We do not store device location information.

Cookies

Cookies are small files placed on your device to store data that can be recalled by a web server in the domain that placed the cookie. We use cookies for storing and honoring your preferences and settings, providing interest-based advertising, combating fraud, analyzing how our products perform, and fulfilling other legitimate purposes.

For detailed information please read our Cookies Policy.

Third-Party Information

Third-Party Providers

We work with third-party providers to help us operate, provide, improve, understand, customize, support, and market our Services. For example, we work with companies to distribute our apps, provide our infrastructure, delivery, and other systems, supply map and places information, help us understand how Workspace Providers use our Services, and market our Services. These providers may provide us information about you in certain circumstances; for example, app stores may provide us reports to help us diagnose and fix service issues.

How We Use Information

We use the data we collect to provide you with good using experiences, to help us operate our Services. In particular, we use the data to:

We also use the data to operate our business, which includes analyzing our performance, meeting our legal obligations, developing our workforce, and doing research.

Our Services

We operate and provide our Services, including providing customer support, and improving, fixing, and customizing our Services. We understand how you use our Services, and analyze and use the information we have to evaluate and improve our Services, research, develop, and test new services and features, and conduct troubleshooting activities. We also use your information to respond to you when you contact us. We use cookies to operate, provide, improve, understand, and customize our Services.

To improve, fix and customize our Services, use data analytics to improve our Services and marketing, Workspace Provider is obliged to provide us with anonymized Users' information that is required for such purposes.

Safety and Security

To protect your information, we follow generally accepted industry standards and maintain reasonable safeguards in attempt to ensure the security, integrity, and privacy of the information you have provided. We have security measures in place designed to protect against the loss, misuse, and alteration of the information under our control. Your information collected by us is stored in secure operating environments that are not available to the public.

We verify activity, and promote safety and security on and off our Services, such as by investigating suspicious activity or violations of our Terms, and to ensure our Services are being used legally. We also implement secure communications protocol for information exchange within our Services to protect against third parties from reading them. We also implement security modules that help protect your information from hackers.

However, no system can be 100% secure and human errors occur, so there is the possibility that there could be unauthorized access to your information. By using our Services, you assume this risk.

Do we collect children's personal information?

The Company does not knowingly collect personal information from children under 16 years old (or older, if applicable law provides for different protections). If we become aware that a child has submitted information to the Company, we delete this information immediately. We encourage parents to instruct their children to never give out their real names, addresses, or phone numbers, without permission, when using the Internet.

Information You and We Share

You share your information as you use and communicate through our Services, and we share your information to help us operate, provide, improve, understand, customize, support, and market our Services.

Third-Party Providers

We work with third-party providers to help us operate, provide, improve, understand, customize, support, and market our Services. We will never disclose your information to a third party unless consented by you in this Privacy Policy or otherwise required by law. When we share information with third-party providers, we require them to use your information in accordance with our instructions and terms or with express permission from you. Here is a list of third-party service providers:

Provider What's Shared Purpose
ActiveCampaign Information you enter when making meeting appointment with our sales team or subscribing to blog updates newsletter Arranging a meeting with you and delivering newsletters
Amazon Web Services All data Operation of server infrastructure
Amplitude User ID Collecting analytics for performance improvements of Product
Canny Information you enter when submitting a feature or integration request Customer service and feedback functions
Calendly Information you enter when making meeting appointment with our sales team Arranging a meeting with you
Google Firebase Information contained in push notifications Sending you push notifications through Services
HelpScout Information you enter when contacting our support or chatting with us via chat function on our website Customer service and support functions
Hellosign Workspace Provider contact information Signing documents with Workspace Provider
Sentry Your e-mail Collecting crash and bug reports
Stripe Workspace Provider address and payment information Performance of a contract with Workspace Provider

The term of retention and use of abovementioned data — as long as it is necessary for our processing purposes or until your request to remove your data.

Other Cases of Disclosing

The Company may also share your information with third parties as described in this Privacy Policy. The Company may share your information to fulfill a request you have made, such as signing up for an email list or requesting customer support. In addition, we may share aggregate and other information regarding Services usage statistics with third parties.

We may share your information with third parties in connection with an investigation of fraud, intellectual property infringements, or other activity that is illegal or may expose you or us to legal liability, including as required by law enforcement or other government officials. We also may share your information with third parties when we have reason to believe that a disclosure is necessary to address potential or actual injury or interference with our rights, property, operations, users, or others who may be harmed or may suffer loss or damage, or when we believe that disclosure is necessary to protect our rights, investigate, or enforce our policies, terms, and conditions, combat fraud and/or comply with a judicial proceeding, court order, or legal process served on the Company. In addition, your information may be disclosed to a potential or actual successor or assign in connection with a proposed or consummated merger, acquisition, reorganization, bankruptcy, or other similar event involving all or a portion of the Company, the Company's customer information may be transferred to our successor or assign.

Assignment, Change of Control, and Transfer

All of our rights and obligations under our Privacy Policy are freely assignable by us to any of our affiliates, in connection with a merger, acquisition, restructuring, or sale of assets, or by operation of law or otherwise, and we may transfer your information to any of our affiliates, successor entities, or new owner.

Managing Your Information

We store data as long as it is necessary for our processing purposes or until your request to remove your data. The retention period is determined on an individual basis, depending on factors such as the nature of the data, the purpose of their collection and processing, and the corresponding legal or operational needs for their storage.

If you would like to manage, change, limit, or delete information, please contact us support@andcards.com.

Contacting our Customer Support

You may be entitled to request to delete, restrict, correct, or receive a copy of the information collected about you. To the extent these rights apply in your country, they may be limited in some situations, for example where we are under a legal requirement to keep certain information. Should you wish to make a request, you may send an e-mail to support@andcards.com. Please indicate your country of residence in your correspondence.

Data Retention: We will retain your information as long as it is necessary for our processing purposes, until your request to remove your data, or to administer our Services. If you request that we no longer use your personal information to provide you support, contact you or for other purposes, contact us via e-mail support@andcards.com.

We may still retain some of your information in our files for a reasonable period of time to resolve disputes, enforce our user agreement, administer our services, comply with technical and legal requirements, and/or other constraints related to the security, integrity, and operation of our Services, after which we will take steps to delete or archive it.

In all cases for all Services, we will respond to your request for access to update, delete, or correct inaccuracies to your information within 30 days.

Law and Protection

We may collect, use, preserve, and share your information if we have a good-faith belief that it is reasonably necessary to: (a) respond pursuant to applicable law or regulations, to legal process, or to government requests; (b) enforce our Terms and any other applicable terms and policies, including for investigations of potential violations; (c) detect, investigate, prevent, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of our users, andcards, or others. We may store such information for a period of at least one (1) year, if necessary.

All disputes which may arise between you and us, in relation to this Privacy Policy, shall be finally settled by arbitration in Gdańsk, Republic of Poland, under the Law of Poland. The award rendered by the arbitrators shall be final and binding on the parties concerned.

Our Global Operations

You agree to our information practices, including the collection, use, processing, and sharing of your information as described in this Privacy Policy, as well as the transfer and processing of your information to the Republic of Korea and other countries globally where we have or use facilities, service providers, or partners, regardless of where you use our Services. You acknowledge that the laws, regulations, and standards of the country in which your information is stored or processed may be different from those of your own country.

Updates to Our Policy

We reserve the right to make changes to this Privacy Policy. Please check back from time to time to ensure that you are aware of these changes. If we make a material change to this Privacy Policy, we will notify you here, by email, or by means of a notice on our home page or application homepage. As far as permitted by applicable law, your continued use of the Services will signify your acceptance of these changes.

Contact Us

If you have any questions, complaints or suggestions regarding the protection of your information, please contact our Chief Privacy Officer (Information Data Protection Manager). We will use our best efforts to provide you with a timely and satisfactory response.