When we refer to “Fibery”, we mean the entity that acts as the Controller or Processor of your information, as explained in more detail below. If you have any questions, please feel free to contact us at: firstname.lastname@example.org
- Fibery website
- Fibery Service.
It also applies to other interactions (e.g. customer support inquiries, webinars, user conferences, feedback sharing, etc.) you may have with Fibery.
The scope of the data processing will differ for the services and websites mentioned above, but this document covers the most comprehensive examples.
If you do not agree with the terms, you should not access or use the Services, websites, or any other aspect of Fibery business.
Information we receive and collect
Fibery may collect and receive Customer Data (including Personal Data) and other information and data:
Information you provide to us:
Account and Profile Information: We collect information about you and your company as you register an Instance, create or modify your user account, make purchases, as well as use, access, or interact with the Services and websites (including but not limited to when you upload, download, collaborate on, or share Content). Information we collect includes:
- Contact information such as full name, email address, mailing address, and phone number
- Billing information such as billing address (note: credit card information is processed by a third party - our Payment Processor)
- Profile information such as your login, profile picture, and job title
- Preferences information such as notification and preferences
You may provide this information directly when you enter it in Services.
We collect and store Content that you create, input, submit, post, upload, transmit, store or display in the process of using our Service or website. Such Content includes any Personal Data that you choose to include.
We collect other data that you submit to our Website, or as you participate in any interactive features of our Service, participate in surveys, contests, promotions, activities or events, apply for a job, request customer support, communicate with us via third party social media sites, share feedback or otherwise communicate with us. For example, information regarding a problem you are experiencing with a Fibery product could be submitted to our Support Services or posted in our public forums.
Information we collect from your use of the Services and websites.
As with any website and Service delivered over the Internet, we gather certain information and store it in log files when you interact with our Website and Service. This information includes internet protocol (IP) addresses as well as browser type (User Agent), URLs of referring/exit pages, date/time stamp, information you search for, locale and language preferences, information about browser configuration and plugins, language preferences and cookie data, identification numbers associated with your Devices (where available), and system configuration information (where available).
Services Metadata and Analytics:
As of the date this policy went into effect, we use:
- An internal and owned-by-us custom analytics engine for Fibery Service
- Google Analytics as an main analytics provider for Fibery Website and as the additional analytics provider for Fibery Servcice.
- Intercom for customer support and visitors engagement in Fibery Service and Fibery Website
- Typeform for invite requests on the Fibery Website
Analytics Information Derived from Customer Data
Analytics information also consists of data we collect as a result of running queries against Data across our user base for the purposes of generating Usage Data. "Usage Data" is aggregated data about a group or category of features or users that does not contain Personal Data or any Confidential Information submitted to the Service. For example, we may query Customer Data to determine the number of Projects created in Accounts or the number of work items created in the Account.
Cookies and Other Tracking Technologies
For more details about how we use these technologies, please see our Cookies Policy.
Information from third party services
We also obtain information from third parties and combine that with Information we collect through websites. For example, we may have access to certain information from a third party social media or authentication service if you browse our Websites. Any access that we may have to such Information from a third party social or authentication service is in accordance with the authorization procedures determined by that service. You should check your privacy settings on these third party services to understand and change the information sent to us through these services.
How we use information we collect
Customer Data will be used by Fibery in accordance with Customer instructions, including any applicable terms in the Agreement and Customer use of Services functionality, and as required by applicable law. Fibery is a Processor of Customer Data, and the Customer is the Controller. Customer may, for example, use the Services to grant and remove access to an Instance, assign roles and configure settings, access, modify, export, share, and remove Customer Data, and otherwise use the Services.
We use the Information we collect about you (including Personal Data to the extent applicable) for multiple purposes, including:
- Provide, operate, maintain, improve, prevent, or address service errors, security, or technical issues in Services.
- Enable you to access and use Services, including uploading, downloading, collaborating on, and sharing Content.
- Process and complete transactions, as well as send you related information, including purchase confirmations and invoices.
- As required by applicable law, legal process, or regulation.
- To send emails and other communications. We may send you service, technical and other administrative emails, messages, and other types of communications. We may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices, such as security and payment notices. These communications are considered part of the Services, and you may not opt out of them unless you cancel the service completely.
- In addition, we sometimes send emails about new product features, promotional communications, or other news about Fibery Services and products. These are marketing messages so you can control whether you receive them. You have the ability to opt out of receiving any of these communications upon receiving any of such.
- Investigate and prevent fraudulent transactions, unauthorized access to Services, and other illegal activities.
- Personalize Services and websites, including by providing content, features, or advertisements (for the Websites) that match your interests and preferences.
- Enable you to collaborate, and share Data with users you designate.
- For other purposes for which we specifically obtain your consent.
Notwithstanding the foregoing, we will not use the Personal Data that appears in our Analytics Data or Web logs for any purpose. The use of Information collected through our Services and websites shall be limited to the purposes disclosed in this policy.
Information sharing and disclosure
We will not share or disclose any of your Personal Data or Other Data with third parties except as described in this Policy. We do not sell your Personal Data or other Data.
When you use Fibery Service, Data you have provided will be displayed back to you.
Third Party Services
Customer can choose to connect Third Party Services using Apps, scripts or other tools to their instance. Typically, Third Party Services are software that integrate with our Service, and Customer can permit its Instance Users and/or Administrators to enable and disable these integrations for their Instance. Once enabled, the provider of a Third Party Service may share certain information with Fibery. For example, if a Source Control integration is enabled to permit Source code commits to be linked to Fibery Entities in the Instance, we will receive repository access credentials and source code along with additional information that the application has made available to Fibery. Administrators and Users should check the settings and additional details for these Third Party Services to understand what data may be disclosed to Fibery. When a Third Party Service is enabled, Fibery is authorized to connect and access Data made available to Fibery
Generally, no one is under a statutory or contractual obligation to provide any Customer Personal Data or other Data (collectively, “Data”). However, certain Information is collected automatically and, if some Information such as Instance setup details is not provided, we may be unable to provide the Service.
Third Party Service Providers and Partners
We may engage third party companies or individuals as service providers or business partners to process Data and support our business. These third parties may, for example, provide server hosting and storage services. Additional information about the the sub-processors we use to support delivery of our Services is available as part of our Data Processing Addendum per request.
Fibery may share Other Information with its corporate affiliates, parents, and/or subsidiaries with such access governed by this Policy in any case.
During a change to Fibery business
If Fibery engages in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Fibery’ assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence), some Data may be shared or transferred, subject to standard confidentiality arrangements and this Policy’s provisions.
Aggregated or obfuscated Data
We may disclose or use aggregated and/or completely obfuscated Data for any purpose. For example, we may share aggregated or de-identified Other Information with prospects or partners for business or research purposes, such as telling a prospective Fibery customer the average size of the Instance database.
To comply with Law
If we receive a request for information from a Law Enforcement Agency, we may disclose Data if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process. We will notify you about such a request immediately upon receiving it.
Fibery may share Data with third parties when we have consent to do so.
Fibery will retain Customer Data in accordance with a Customer’s instructions, including any applicable terms in the Terms of Service and as required by applicable law. Fibery may retain Personal Information for Instance Administrators and Owners after you have deactivated your account for the period of time needed for Fibery to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements — usually for no longer than 6 years. Other Instance Data submitted to the Service will be removed or obfuscated within 6 months after the Service License expiration, unless we're explicitly instructed by the Customer to remove data immediately. To deactivate an organization account, please contact Supportor Sales.
You may opt out of receiving promotional communications from Fibery by using the unsubscribe link within each email or emailing us to have your contact information removed from our email list or registration database. Although opt-out requests are usually processed immediately, please allow ten (10) business days for a removal request to be processed. Even after you opt out from receiving any promotional or supporting messages from us, you will continue to receive important technical transactional messages from us regarding Service until your Instance is deactivated or removed.
Fibery takes security of data as our first priority and works hard to protect Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Information we collect, process and store, and the current state of technology. To learn more about current practices and policies regarding security and confidentiality of the Services, please see our Security Statement. You're also welcome to request additional information about pentests and certificates via email to Support. Given the nature of communications and information processing technologies, Fibery cannot guarantee that Information, during transmission through the Internet or while stored on our systems and services, will be absolutely safe from any intrusion by others.
To the extent prohibited by applicable law, Fibery does not allow use of our Service and Website by anyone younger than 16 years old unless there is a custom agreement in place. If you learn that anyone younger than 16 has unlawfully provided us with personal data, please contact us via data-privacy@Fibery.io or Support, and we will take the necessary steps to delete such information.
International data transfers and model clauses
Fibery may transfer your Personal Data to countries other than the one in which you live. We deploy the following safeguards if Fibery transfers Personal Data originating from the European Union or Switzerland to other countries not deemed adequate under applicable data protection law:
- Strict security measures mentioned above as well as in other documents
- European Union Model Clauses and Data Processing Addendum. Fibery offers Data Processing Addendum as well as European Union Model Contractual Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and other international transfers of Customer Data. While protection is provided by default in accordance with GDPR applicability to your Personal Data - you may want to directly sign our standard Data Processing Addendum and Model Clauses as part of Service Purchase process, and we welcome you to request your copy via email at data-privacy@Fibery.io or Sales
Data Controller and Processor definition
Data protection law in certain jurisdictions differentiates between the “Controller” and “Processor” of information. In general, the Customer is the Controller of Customer Data. In general, Fibery is the Processor of Customer Data and the Controller of Other Information or individual Leads who just created a Service instance or signed up for information such as a mail list, webinar, etc..
Your rights and updating your information
Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their Personal Data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to access, update, delete, or correct this Information.
Regardless of your country of residence, you can accomplish this using the settings and tools provided in your Instance user account or Customer Center account. If you cannot use the settings and tools, contact your Instance Administrator as mentioned above or our Customer Support via support@Fibery.io for additional access and assistance.
If your account is managed by an Administrator, that account administrator may have control with regards to how your account information is retained and deleted.
To the extent that Fibery processing of your Personal Data is subject to the GDPR, Fibery relies on its legitimate interests, described above, to process your data. Fibery may also process other Information that constitutes your Personal Data for direct marketing purposes as described above. You have a right to object to Fibery use of your Personal Data for this purpose at any time by opting out; do this by contacting us via support@Fibery.io or data-privacy@Fibery.io
Data Protection Authority
Subject to applicable law, you also have the right to:
- Restrict Fibery use of Other Information that constitutes your Personal Data
- Raise a question or lodge a complaint with your local data protection authority or the Cyprus Data Protection Commissioner, which is Fibery' supervisory authority in the European Union.
If you are a resident of the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to our supervisory authority:
Office of the Cyprus Commissioner for Personal Data Protection ('Commissioner')
1, iasonos Str. 2nd Floor, 1082 Nicosia, Cyprus
P.O. BOX 23378, 1682 Nicosia
28 Oktovriou 2, 1st Floor, Flat/Office 101
Last update date: November 7th 2019.