Wittybee Privacy Policy
Updated on 31st July, 2015
Wittybee, Inc. gives you the opportunity and the power to share information among people in your enterprise and with business partners by creating ‘teams’. This policy ("Policy") describes how we handle the information and data you provide us, how we collect, use and share the same. We shall make every endeavour to protect your information as per practices consistent with applicable law.
Your content
Your data is private and visible to you only. When you share specific data with your Wittybee team, only that specific data is visible to members of the Wittybee team.
Your use of the Service will involve you uploading or inputting various content into the Service including but not limited to: tasks and associated information, attachments, text, files, project names, team names, conversations and other materials (the "Content").
You control how your Content is shared with others via your settings on the Service.
It is possible that we may need to disclose personal information, profile information or information about your activities as a user or visitor when required by law, subpoena, or other legal process, whether in the United States or other jurisdictions, or if we have a good faith belief that disclosure is reasonably necessary to (1) investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; (2) enforce the Terms of Use agreement (or any other agreements entered into by you with us), investigate and defend ourselves against any third-party claims or allegations, or protect the security or integrity of our Service; or (3) exercise or protect the rights, property, or safety of Wittybee, our members, users, personnel, or others. We attempt to notify our users about legal demands for their personal information when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency. In light of our principles, we may dispute such demands when we believe, in our discretion, that the requests are overboard, vague or lack proper authority, but do not commit to challenge every demand.
We need your permission to do things like hosting the Content, creating back-ups for it and sharing it when so required by you. Our Services also provide you with features like email organization, editing, document previews, photo thumbnails, easy sorting, sharing and searching. These and other features may require our systems to access, store and scan the Content. Where you give us permission to do such actions, your permission is also deemed to be given to our affiliates and trusted third parties we engage with.
Information we collect and store
We collect your personal information such as your name and email address at the time that you register for an account on the Service. If you wish, you may also provide us with optional information such as a photograph, skills, addresses, educational background, analytics graphs etc. of yourself, your team members or your Organization, as the case may be. Your user name, email address and any optional profile information that you elect to associate with your account is referred to in this Policy as your "Profile Information."
For payments required to be made by our paid users, we utilize a third party credit card payment processing company which collects payment information, including your credit card number, billing address and phone number. We will share this payment information with the third party processing company as detailed below in "Our Sharing of Your personal information: With Trusted Service Providers and Business Partners." We do not store your payment information.
Logs files
When you use the Service, our servers begin to automatically record certain information in their server logs. These server logs may include information such as your web request, Internet Protocol (i.e. IP) address, browser type, referring / exit pages and URLs, number of clicks and how you interact with links on the Service, domain names, landing pages, pages viewed, mobile carrier, date, time, and duration of your visit, information about the computer set-up such as the type and version of web browser, operating system, Java support, Flash version, screen resolution, and connection speed and other such information. Such log files assists us to monitor, analyze, improve and maintain the Service and to identify and fix any Service-related issues.
Cookies
We use "cookies" to collect information and observe and improve our Services or to increase our functionality and user-friendliness. A cookie is a small data file that we transfer to your device. We may use "persistent cookies" to save your session ID for future logins to the Service. For example, a cookie is used to remember your user name when you return to the Service and to help us understand how you interact with the Service. You can configure your browser by changing its options to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. However, please note that some features of the Service may not function properly if the ability to accept cookies is disabled.
Analytics
As of the date this Policy went into effect, we use data that is generated in the form of tasks, comments, appreciations, task completion duration and status etc., to generate analytical reports. You agree to allow us the use of your data and Content for generating analytics reports for you.
Data retention
We will retain your information for as long as your account is active or as needed by us to provide you the Services. If you wish to cancel your account or request that we no longer use your information to provide you services, you may delete your account. We will try to delete your information quickly upon request within 30 days of deletion of your account. Please note, however, that there might be some delay in deleting information from our servers and back-ups. However, any data shared on a public platform or with any other user shall continue to be accessible by the public / such other user through their accounts even upon cancellation of your account.
Our use of your Personal Information
In the course of using the Service, we may collect personal information that can be used to contact or identify you (such information is referred to in this Policy as your "Personal Information"). Personal Information is or may be used to send you Service-related notices (including any notices required by law). We may also use your email address to send you notifications and information about other products or services (including third party services) that we think may be of interest to you (together, referred to in this Policy as the "Marketing Messages"). You may opt-out of receiving Marketing Messages at any time by following the instructions provided in the Marketing Message. Through your account interface, you may also opt-out of receiving categories of Service-related notices that are not deemed by us to be integral to your use of the Service.
Although you may not be a registered user of our Service but in case you email us, we may retain a record of such email communication, including your email address, the content of your email, and our response.
If you choose to use our invitation service to invite a friend to the Service, we may ask you for such persons’ contact information including email address or any other social network identity, and we may use such information to automatically send an invitation.
Device identifiers and geo-location information
If you use the Services using a mobile device, we may collect the information contained in your device’s "device identifier" such as the type of device being used, the mobile network, operating system of your mobile, your mobile number etc. This information may be used by us for the purpose of customizing the Services to suit your device for your ease and convenience.
We may collect and process information about the location of the device from which you are using the Service. Location information may help us understand how you access and use the Service and may be used along with personally identifiable information. You can disable location based services in settings associated with the Service; however please note that some features of the Service may not function properly if location services are turned off.
Encryption
We will not be able to decrypt any files that you encrypted prior to storing them with us for using the Services.
Our sharing of your Personal Information
We may share the information we collect from you with third parties as set out below.
As per your preferences
We will display your profile information on your profile page and elsewhere on the Service as per the preferences you set in your account. You can view and edit your profile information at any time.
With trusted service providers and business partners
We may use the services of certain trusted third party service providers to help us render the Service to you for example third party service providers for hosting the Service or processing payments of paid members. Such service providers may have access to your information; however they can use your information only for the limited purpose of providing the service we have contracted with them to provide. We shall try to see to it that such service providers also have a data security and privacy policy that are at least as protective of your information as is in this Policy. We may also store your Personal Information in locations outside the direct supervision of Wittybee (for instance, on servers or databases co-located with hosting providers).
In an aggregated manner
We may disclose aggregated demographic information (such as aggregate and anonymous usage data, platform types, etc.) about the overall use of our Service publicly or with users, or other organizations with which we do, or contemplate doing, business to help them understand the Service, or to help us improve and analyse the Service. Such information is aggregated and is not linked to any information that can identify individual users.
Third-party applications
We may share your information with a third party application with your consent, when you choose to access our Services through such an application. We are not responsible for what those parties do with your information, so you should make sure you trust the application and that it has a privacy policy acceptable to you.
If you are unclear about what information a third-party application is sharing with us, please go to the third-party application to find out more about their privacy practices.
Google Products Privacy Policy (https://www.google.com/policies/privacy/)
For Google Drive, our services itself does not collect any private or personal information from our users.
Authentication: Our services connects to Google Drive services. That service authenticates you directly, and an authentication token identifying you as the document owner is stored in your local browser session profile. This information is automatically discarded once you close the current browser session.
User Files: Our services integrates with Google Drive. When you work with a file stored on Google Drive, your browser directly interacts with that service. We use standard Google Drive sharing functionality when you decide to share the file, and standard Google Drive authentication, authorization mechanisms for access control.
Corporate reorganization, sale, merger etc.
If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. Any third party to which we transfer or sell our assets shall be entitled to continue to use your Personal Information and other information collected by us under this Policy. We will notify you, in accordance with the procedure set out in the section below titled "Changes to the Privacy Policy" if there is any change in this Policy or if this Policy becomes subject to a different data security and privacy policy of such third party. We may also notify you of choices you may have regarding the information.
User age limits
The Services shall not be used by any person who has not attained the age of thirteen (13) years. By signing up, you are confirming that you are above the age of thirteen (13) years.
Changing or deleting your information
If you are a registered user, you may view, edit, update, correct or delete the Personal Information provided in your registration or account profile by changing the same in your account settings. If your personally identifiable information changes, or if you no longer desire our Service, you may update or delete it by making the change on your account settings.
Publicly accessible community services
Our Service offers publicly accessible community services such as blogs, newsfeeds etc. Further, you may be able to create discussion forums and configure it for use of and by the general public. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. Your posts may be available even after you cancel your account.
Safe harbor
Wittybee follows the guidelines as per U.S. - E.U. Safe Harbor and the U.S. - Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. Wittybee follows the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. We provide "adequate" privacy protection, as defined by the U.S. - E.U. Safe Harbor and the U.S. - Swiss Safe Harbor frameworks. To learn more about the Safe Harbor program, please visit http://export.gov/safeharbor.
Please contact us at legal@wittybee.net with any complaints or disputes you may have regarding the use of your personal information. We shall thoroughly investigate the matter internally and make every endeavor to resolve the issue at the earliest.
Changes to our Privacy Policy
This Policy may be changed by us from time to time. If we make a change to this Policy that we believe adversely reduces your rights, we will provide you with notice of such changes (for example, by email). We may provide notice of changes in other circumstances as well. By continuing to use the Service after those changes have become effective, you agree to be bound by the revised Policy.
If you have any questions or concerns about security or data privacy or our services, you should review this entire Policy page and if your questions still remain unanswered, please feel free to contact us at legal@wittybee.net.
We go to great effort to make our Wittybee products as secure as possible, however if you have discovered a security vulnerability in Wittybee we would appreciate your help to disclose this to us in a responsible and appropriate manner. In order to do so please email feedback@wittybee.net explaining the issue and provide detailed steps on how to redress the vulnerability.
Please refer to our Terms of Use for definitions of capitalized terms used but not defined in this Policy.
Data security
As used in this document, the term "data" refers to your Profile Information (as defined in the section titled "Information We Collect and Store" of this Policy), your files, content, email messages, contacts, tasks, attachment, texts, project names, team names, conversations, timelines created by you, any matter uploaded by you, and so on. This Policy also applies to information relating to identifiable individuals, even where it is technically outside the scope of the relevant statutes dealing with the subject.
As you review our Policy, kindly bear in mind that it applies to all our online products, offline products, services, software, websites including applications designed for mobile phones or other specific devices and to all other services that do not have a separate privacy policy or that link to this Policy, which we call the "Services".
Your data is yours and we do not own or use it, except for situations required for providing you with the Services in an efficient manner and as is set out in this Policy. Where we or our agents collect non-public personal information from you, reasonable steps will usually be taken to protect such information in transmission. However, there may be situations when such information cannot be completely protected. PLEASE NOTE THAT UNLESS THE CONNECTION IS SPECIFICALLY INDICATED AS BEING SECURE BY US OR OUR AGENTS, OR YOU ARE OTHERWISE INFORMED OF THE SECURITY OF YOUR INFORMATION, YOU SHOULD ASSUME THAT THE CONNECTION IS NOT SECURE and that it is possible for outside parties to unauthorizedly intercept the information shared by you and us during that part of the session. If you use the Services through any third-party software or integrated into the Service , your information will be handled by such third-party service provider and we are not responsible for what those parties do with your information, so you should make sure you trust the application and that it has a security policy acceptable to you.
Secured hosting
Wittybee hosts a secure cloud collaboration platform in a highly secure data center which is SOC2, SOC3, HIPAA compliant.
Wittybee servers and data are monitored 24×7 for up-time, availability and intrusion detection. Our racks are equipped for high availability with 1:1 redundancy.
Physical access to our servers is strictly monitored and all external precautions are being constantly taken including but not limited to 24×7 onsite security personnel, CCTV camera systems, 30 day retention biometric and photo badge access, power redundancy, temperature control and fire detection.
Network security
We take privacy and security very seriously and have enabled HTTPS encryption to our site, and SSL and RC4 to our service.
We have, in accordance with industry standards, implemented security safeguards specially meant to protect the personal and confidential information that you provide. Passwords are stored with one-way encryption on our servers meaning that our own internal team can never access a password. It is your responsibility to protect the security of your login information.
We also offer secure https access to the http://wittybee.com website. To protect the information and data you store on our servers, we also regularly monitor our system for possible vulnerabilities and attacks, and we use a secured-access data center. However, as the internet is not a 100% secure environment, we cannot warrant the security of any information that you transmit using our Services. We also cannot warrant you that the information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
Application security
The Wittybee software is designed and developed to provide a private and secure environment for you and the other users. Every user, having adequate access rights given by the administrators, has the ability to form groups or teams with other users in the Wittybee network. All data shared within the team will remain accessible to the members of that team only. We ensure that the data is segregated in such a manner that such data shared within one team will not be automatically made available to other users who do not form part of that designated team.
Users can be invited as members of different teams of your Organization or specified individuals outside your Organizations ("External Users"). The users so invited can be easily removed at any time by the team owner/ team creator at his/ her discretion. It is the sole responsibility of the team owner and the organization to decide whether the person being added to the team has enough organizational rights to gain access to the past data already shared, or future data that will be shared, within the team. Notwithstanding the foregoing, we reserve the right to grant limited access to External Users in our sole and absolute discretion; provided that the use by such External Users shall also be subject to this Policy and our Terms of Use.
The employees of Wittybee do not have any access to your data unless permission is granted by the user, the customer, in writing, for support purposes or any other purpose as the user may specify.
Unauthorized access of your Data by any of the employees of Wittybee, if proved to our sole satisfaction, shall result in termination of employment of such employee(s). All access to data is logged and regularly reviewed by Wittybee’s Security function. Wittybee uses 256 bit AES encryption before storing data on the disk.