Privacy Policy

‍Introduction and Applicability of this Privacy Policy
‍This Privacy Policy describes how Intellyo collects, uses, and discloses information (with special regard to personal data), and what choices you (as Data Subject) have with respect to this information. ‘Intellyo’ refers to the legal entity which acts as the controller or processor of the collected information - as defined in Chapter I, Article 4 of the regulation 2016/679 of the European Parliament and the European Council, aka. General Data Protection Regulation (hereinafter ‘GDPR’). Intellyo collects and manages data according to the common principles and values defined in the GDPR: lawfulness, fairness, transparency, integrity and confidentiality.

For clarification, Personal Data refers to data that is reasonably associated with an identified or identifiable natural person, the protection of which is detailed in the GDPR. Aggregated or de-identified information (where the data cannot be associated with a natural person) can be used by Intellyo for any business purpose.

This Privacy Policy applies to Intellyo’s online content creation tool (app.intellyo.com) - including any future desktop or mobile applications - and consultation services offered by Intellyo (hereinafter referred to as the ‘Services’), Intellyo’s websites intellyo.com, blog.intellyo.com, app.intellyo.com and any future websites (collectively, hereinafter referred to as the ‘Websites’), and other interactions (e.g. customer service inquiries, etc.) you may have with Intellyo. In case you do not agree with the terms described in this policy, you shall not access or use any of Intellyo’s Services or Websites.
‍

IMPORTANT
‍Some information (also including Personal Data) collected and processed by Intellyo is mandatory to enable a proper functioning of Intellyo’s Services and Websites. By accepting this Privacy Policy (along with Intellyo’s Terms of Service), you are giving Intellyo your consent to collect, process and store the following mandatory information:

• User/Customer Account Information, including name, email address, username, and password. Additionally, if you start a paid subscription, you have to provide your billing details, e.g. credit card or bank details, and billing details.
• Contact Information, e.g. email, Skype name, phone number, etc. In order to be able to reach you about important information concerning your account, or any legal obligations from Intellyo’s side, it is mandatory to provide at least one method of contacting you.
• Cookie Information, some cookies are used to enable the proper functioning of Intellyo’s Services and Websites. More details can be found in the Cookie Policy.

Intellyo uses your Personal Data solely for providing its Services and running its business and does not provide or sell any information for advertising or other purposes to third parties without your consent.
‍
‍This Privacy Policy does not apply to any third-party services that integrate with Intellyo’s Services (hereinafter referred to as ‘Third-party Services’), or any other third-party products, services or businesses. Such third-party applications or software are listed in the ‘Third-party Providers’ section of this policy, always including a reference to the applicable privacy policies. In addition, the access and use of the Intellyo Creator Engine and any other Services of Intellyo are governed by separate conditions, available in the Terms of Service.

Please note that any content created using Intellyo’s Services (Intellyo Creator Engine) is in sole ownership of the User, who is therefore also the controller of this information. By creating any kind of content using Intellyo’s Services, you allow Intellyo to process this information. Intellyo will never use, sell, or publish any information created within its Services. Any content you publish or distribute from Intellyo’s Service (Intellyo Creator Engine) is considered public information and is therefore not subject to this Privacy Policy. Intellyo does not take responsibility for the User creating and publishing content that includes Personal Data.
‍
‍Definitions
‍Below are the most important terms used in this Privacy Policy, as defined by Chapter I, Article 4 of the GDPR. Further details and definitions can be found here.

• Data Subject: "an identified or identifiable natural person"
• Personal Data: "means any information relating to an identified or identifiable natural person"
• Processing: "means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means"
• Controller: "means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data"
• Processor: "means a natural or legal person, public authority, agency or other body, which processes personal data on behalf of the controller"
• Third Party: "means a natural or legal person, public authority, agency or body other than the data subject, controller, processors and person who, under the direct authority of the controller or processors, are authorised to process personal data".

‍Data Collected
‍Intellyo collects and receives various types of data in multiple ways, which are listed below.Newsletter Subscriber Data: when signing up for Intellyo’s newsletter, you are asked to provide your name and email address.

• Customer/ User Account Data: to create or update a user account in the Intellyo Creator Engine, you have to provide a name, last name, email address, username, and password. In addition, if you sign up for a paid version of the Services, you have to supply Intellyo with your billing details, such as credit card information, banking information and billing address.
• Contact Information: when signing up for Intellyo’s Services, you are asked to provide an email address, which is then used as the primary channel of communication between you and Intellyo. Additionally, you may provide your phone number on a voluntary basis. Intellyo may also receive Contact Information like name, position, company, email, address and phone number via personal interaction on events or personal meetings (e.g. in the form of business cards).
• Information for Market Research: in order to better understand Intellyo’s target group and market, and improve the product accordingly, you can provide Intellyo with further information like demographic data (e.g. gender, age/ birth date), work-related data (e.g. workplace, position, industry), geographic data (e.g. country of residence), and psychographic data (e.g. likes and dislikes, motivation and incentives, etc). These data are stored on a personal level (on a Subscriber or User level), and further analysed on an aggregated level for statistical purposes.
• • ‍Services Metadata: When you interact with Intellyo’s Services, metadata is automatically generated that gives Intellyo more context about the way the users work. E.g. Intellyo logs the Organisations, the Stories, people, features, content and links you interact with, the type of files shared and what integrations or Third-party Services are used (if any).
  • Log data: Like with most other internet services, Intellyo’s servers automatically collect information when you access or us Intellyo’s Websites or Services, and record it in log files. These log data can include the IP address (Internet Protocol), the address of the web page visited before using the Websites or Services, browser type and settings, the date and time the Services was used, information about browser configuration and plugins, language preferences and cookie data.
  • Device information: Intellyo collects information about devices accessing its Services, including the type of device, the operating system  used, device settings, application IDs, unique device identifiers and crash data. The collection of this type of data depends on the type of device used and its settings.
  • Location information: Intellyo collects information on the IP (Internet Protocol) address of Users and Customers who register for Intellyo’s Services. This data is used only on an aggregated level.
  • User Behaviour Information: To track and monitor satisfaction with its Services, Intellyo collects information on user behaviour. This includes e.g. information about your mouse movements and clicks within Intellyo’s Services. Additionally information about the operating system, browser, incoming and outgoing links, geographical origin, as well as resolution and type of device is analysed for statistical purposes. This does not allow Intellyo to view, connect, access or control any information on your device.
• Cookie Information: Intellyo uses cookies in order to help Intellyo collect information to optimise the user experience. For more details on how Intellyo uses cookies, please refer to the Cookie Policy.
• Third-party Data: When using Intellyo’s Services, you have the option to add distribution channels, connect your own databases, or other content management systems (“Integrations”) to your User Account, including but not limited to social media profiles, social media pages, blogs, document management systems, media library, etc. These data are added by you on a voluntary basis. You are the controller of this data, and by entering this information, you allow Intellyo to process this information. You can delete this data from your User Account at any point in time, or ask Intellyo to delete this data for you. You can read more about your rights in the section titled “Rights of the Data Subject”.
• Applicant Information: When applying for an open job position at Intellyo, or sending an open application, Intellyo asks for the Applicant to send their CV and cover letter. The CV includes data such as Name, Contact Information, Birth data, Photo, Gender, Professional experience, Education, Hobbies, Skills, Extracurricular activities, References, Language skills, and/or any information the Applicant chooses to share with Intellyo on a voluntary basis. In general, no one is obliged to provide any data or information to Intellyo, however certain information (e.g. email address, username, password, billing information) are required for Intellyo to be able to provide its Services together with its Providers, as described in the section “Third-party Providers & International Data Transfers”.‍

‍
‍Data Application - How Intellyo uses data
Intellyo uses data and information to pursue its legitimate interests in operating its Services, Websites and business. A list of the data applications can be found below, along with a more detailed description of how Intellyo uses the various data categories described in the section above (“Data collected”).

Data applications by Intellyo include:

• User Database: the purpose of the User Database is to collect and maintain a database of all users who have signed up to Intellyo’s Services, in order to manage their user accounts
• Sales Leads & Business Customers Database: the purpose is to maintain a database of sales leads (potential customers, interested in Intellyo’s Services) in order to track progress along the sales funnel, as well as to have all business customers and their contact details in one place. This helps Intellyo when interacting with its customers.
• Newsletter Mailing List: the purpose is to provide information about updates to Intellyo’s Services or the company itself in the form of a regular email newsletter.
• Usage History - Saving & Storage: the purpose of Usage History is to provide a seamless experience to the users when using Intellyo’s Services by saving and storing their settings, actions and progress, in order to have it ready at each log-in.
• Image and Multimedia Management: the goal is to enable the users of Intellyo’s Services to upload, use, and share their own images and multimedia files when creating and publishing content within their own account.
• Billing and Account Management: the purpose of this data application is to bill users and business customers with a paying subscription, and allow the users of Intellyo’s Services to manage their own user accounts within the Services (e.g. password reset, change of subscription, change of user avatar, etc.)
• Usage and Bug Tracking: in order to continuously improve its Services, Intellyo uses data to identify issues and bugs, understand how the users use the Services, analyse any breaking points in the user experience, and identify issues in the product design.
• Gamification: To make the user experience more enjoyable, Intellyo provides small acknowledgements, tips & tricks, and other gamification elements to its Users/Customers along the user journey.
• User Interaction for Service Improvement: the goal of interacting with users is to understand user and customer satisfaction with Intellyo’s Services, in order to continuously improve the Services.
• Market Research for Service Improvement: Intellyo’s aim is to understand its user base and the market it operates in, in order to continuously improve its Services.
• Marketing Communication and Interest-based Advertising: the goal is to engage with potential new customers and users, and to provide information about updates of Intellyo’s Services or the company.
• Recruitment, Selection and Hiring: the purpose of this data application is to identify, get to know and evaluate the adequacy of the persons who apply for a job position at Intellyo, or who decide to send an open application.
• Security and Fraud Detection: the goal is to identify any suspicious activity connected to any Account in time, and to ensure the security of all Users and Customers of Intellyo.

Intellyo uses the Newsletter Subscriber Data provided to send the Intellyo Newsletter via email on a regular basis. In addition, Intellyo sometimes sends promotional communication, new product features or news about Intellyo via email or social media channels. The Subscriber has the right to unsubscribe from the Intellyo Newsletter, and/or ask Intellyo to cancel promotional communication at any time. Each Intellyo Newsletter is sent by email and includes an “Unsubscribe” button within the email, making it easy for the Subscriber to cancel this form of communication.  

The Customer/User Account Data and Contact Information are used by Intellyo to provide its Services, to invoice paying customers, to administer Customers and Users, manage user accounts, and to communicate with the Customer/User in case of requests, comments and/or questions. Contact Information obtained personally (e.g. via business card) is used for email or call follow ups for sales, fundraising, or any other topic discussed at the personal meeting. In addition, Intellyo sometimes sends promotional communication, new product features or news about Intellyo via email or social media channels. The Customer/User has the right to ask Intellyo to cancel promotional communication at any time. To improve the user experience with Intellyo’s Services, Intellyo uses the email address of the Customer/User to send small acknowledgements, tips & tricks or other gamification elements during the user journey. These gamification elements can be cancelled any time in the User Account settings. Furthermore, Intellyo uses Contact Information to reach out to its customers and users for feedback about the product, in order to understand user requirements better and improve the product in a way that it serves the users’ needs. This kind of feedback is only used in an aggregated form when considering upcoming improvements and features of the product. The username and password, as well as billing information, are additionally used to identify any suspicious events regarding the User/Customer accounts.

Information for Market Research is used by Intellyo to analyse its user base and better understand its market. These data are collected on a Subscriber or User level, and analysed on an aggregated level to support Intellyo in making informed decisions in terms of further product development. For example, if a lot of Intellyo’s Users live in a specific country, Intellyo will consider translating its Services into the official language of that country.

Usage Information is tracked and used for the purpose of identifying issues and problems within the product. Based on this information, Intellyo may reach out to its users (based on the User Account Data or Contact Information provided) to ask for feedback about the specific problem incurred. The Usage Information is stored and interpreted on an aggregated level to enable smooth operations and constant improvement of the Services. Location information helps Intellyo to understand the market needs and identify potential new markets. These data are evaluated on an aggregated level. Location information and/or IP address, as well as other Usage information are also used to identify any suspicious events and ensure the security of the User/Customer Accounts.

All Third-party Data or Integrations are used solely for the purpose of enabling a smooth process for the User. The Customer/User is the controller of these Integrations and may add/remove them from the Services at their own convenience.

Applicant Information is used solely in the recruitment, selection and hiring process, to identify, contact, get to know and evaluate applicants. Contact is established in case of an invitation to the next round (e.g. test, interview), in case of the communication of the results (both in the case of a successful application and in case of a rejection), and in case more information is needed from the Applicant. The data included in the CV and cover letter are used to evaluate whether the Applicant fulfils the requirements of the position, and fits with the company and team culture.

Additionally, Intellyo may use personal data as required by applicable law, legal process or regulation, or to investigate and help prevent security issues and abuse.

‍Remarketing
‍Intellyo’s Websites operate with so-called “Retargeting tags and/or pixels”, which are small elements of JavaScript found in the source code of the website. This allows online advertising providers (e.g. Google) to place a cookie on the device of the website visitor, that allocates the visitor to a remarketing target group. This cookie is then used by the third-party online advertising provider (e.g. Google) to determine whether to show interest-based advertisements of Intellyo on other pages the user visits. These online advertising providers do not receive or have access to any personal data controlled by Intellyo (e.g. Name or Contact Information). Cookies used by Google can be disabled at any time in the Ads Setting of Google, and you can clear your cookie history on the Google Settings page. Intellyo does not see the data collected by these online advertising providers, and does not have access to these.

Additionally, Intellyo’s Websites use the “Custom Audiences” function of Facebook (Facebook Inc.). The usage of the remarketing tags of Facebook allows interest-based advertising to be placed on Facebook for the users who have visited Intellyo’s Website before. You can de-activate the “Custom Audiences” function on the Ad Preferences page in your Facebook profile (you have to be logged in). More details can be found in Facebook’s Data Policy.

‍Analysis Tools to support Product Development
‍Intellyo records and analyses user behaviour and the usage of its Services to enable continuous improvement of the Services and the user experience. The type of information collected is described in “Usage information” in the section called “Data collected”. These data are only accessible by third parties in a pseudonymised form, using only IDs generated by Intellyo’s Services, to which the third parties do not receive or posses the information to identify the Customer or User behind the ID. These third parties, therefore, have no legal means of identifying any of the Users analysed.
The services used for tracking user behaviour and thus improving Intellyo’s Services, along with the reference to their privacy policies are the following:

• Hotjar Ltd, St Julians, Malta (EU): Hotjar Privacy Policy
• Google Ireland Limited, Dublin, Ireland (EU): Google Privacy Policy
• Sentry, San Francisco, CA, USA (compliant with EU-US Privacy Shield): Sentry Privacy Policy

You can disable the collection of these data any time by enabling a Do-Not-Track Header in your browser.

‍Third-party Providers & International Data Transfers
‍Intellyo uses multiple Third-party providers to optimise the way-of-work within the company, as well as provide a smooth user journey and the data flow within the Services. Some of these services may mean that the Customer/User Data is transferred to a country outside of the Customer’s/User’s residence. These are explicitly mentioned when naming Third-Party Providers below. Generally, data transfers outside of the European Union or Switzerland have to be secured by either the EU-US Privacy Shield and Swiss-US Privacy Shield framework, or by the standard contractual clauses defined by the EU.

IPI Services Kft. is a Hungarian company, which supports Intellyo with software development, marketing and sales efforts, thus taking a role of Data Processor according to the GDPR. As IPI Services Kft.’s seat and operations are located in Budapest, and Hungary is an EU member state, the same data protection regulations apply to IPI Services Kft. as to Intellyo.

For the Newsletter Subscriber database, Intellyo uses MailChimp (a service provided by the Rocket Science Group) for managing the mailing list and the distribution of the newsletter. As stated in their Privacy Policy, “MailChimp participates in and has certified compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework”.

• The Rocket Science Group LLC, Atlanta, GA, USA: MailChimp Privacy Policy

The information flow from when a User registers for Intellyo’s Services through Intellyo’s Websites goes through the online services of Sumo, Zapier, and Hubspot. These tools support the functionality of identifying where the users come from, in order to improve marketing efforts. Additionally, Okta serves as the User database of Intellyo. Both Zapier and Hubspot are compliant with the US-EU Privacy Shield Framework. Sumo states their compliance with GDPR on their website, and Intellyo has signed a Data Protection Addendum with Okta based on the Standard Contractual Clauses defined by the European Union. The privacy policies of the various services can be accessed below:

• Sumo Group Inc., Austin, TX, USA: Sumo Privacy Policy
• Zapier Inc., San Francisco, CA, USA: Zapier Privacy Policy
• HubSpot Ireland Limited, Dublin, Ireland (EU)
  HubSpot Germany GmbH, Berlin, DE (EU): Hubspot Privacy Policy
• Okta Inc., San Francisco, CA, USA: Okta Privacy Policy

Intellyo uses a Third-party Provider, Stripe for processing all payments. Intellyo does not retain any Personal Data or any financial information such as credit card numbers in connection with the payment processing. All such information is provided directly to Stripe, which is certified under the EU-US and the Swiss-US Privacy Shield Framework.

• Stripe Inc., San Francisco, CA, USA: Stripe Privacy Policy

Intellyo’s database of saved Usage information is stored on servers located in London, UK and provided by Linode LLC, while a backup is stored in Frankfurt, Germany, provided by Amazon Web Services. As members of the EU, the UK and Germany are both subject to the GDPR. Amazon Web Services, a US-based company is furthermore certified under the EU-US Privacy Shield Framework.

• Linode LLC, Philadelphia, PA, USA: Linode Privacy Policy
• Amazon Web Services Inc, Seattle, WA, USA: Amazon Privacy Policy

Within Intellyo’s Services, the Customer/User has access to an image management system, provided by Cloudinary Ltd, a US-based company certified to the EU-US Privacy Shield Framework.

• Cloudinary Inc., Sunnyvale, CA, USA: Cloudinary Privacy Policy

All job applications are received through the third-party tool called Workable, a company based in the UK, member of the European Union, and therefore subject to the same data protection regulations as Intellyo.

• Workable Software Ltd, London, UK: Workable Privacy Policy

‍Data Retention
‍Unless otherwise required by law or outstanding legal or regulatory processes (e.g. in case of an investigation or lawsuit), Intellyo stores all Personal Data until withdrawal of consent:

• Newsletter Subscriber Data - will be stored until you unsubscribe from the Intellyo Newsletter by either clicking the “Unsubscribe” link available in each email or by contacting Intellyo directly via mail, email or phone.
• Customer/User Account Data and Contact Information - will be stored until you delete your Intellyo Account within Intellyo’s Services, or by contacting Intellyo directly via mail, email, or phone.
• • ‍Billing Information - will be stored until the last term of service has been billed, which may take one month (in case of monthly subscription) up to one year (in case of annual subscription) from when you delete or request the deletion of your Account.
• Usage Information - will be stored until you delete your Intellyo Account within Intellyo’s Services, or by contacting Intellyo directly via mail, email, or phone.
• Third-party Data (Integrations) - are directly connected to your user account and will be deleted together with the Account (as described above).
• Applicant Information - will be stored only until the hiring process is closed, and the Applicant joins Intellyo as an employee or receives a refusal.

‍Please take into consideration, that aggregated (non-identifiable) information will be stored and used even after withdrawal of consent, until it serves the purpose of performance analysis and improvement of Intellyo's Services. From this aggregated data, Intellyo has no means to identify any individual person, and this data is used solely for the purpose of understanding how Intellyo’s Services can be developed further.

‍Age Limitations
‍As prohibited by the GDPR, Intellyo does not collect or store Personal Data of anyone below the age of 18. This condition is included in Intellyo’s Terms of Service, and the Customer/User takes responsibility for having reached the required legal age. In case of any instance where someone younger than 18 has unlawfully provided Intellyo with Personal Data, Intellyo asks its Customers and Users to immediately contact Intellyo, so steps can be taken to delete this information, or acquire written consent from the legal parent of the individual.

‍Rights of the Data Subject
‍As detailed in Chapter III of the GDPR, the rights of the Data Subject are the following, the details of which can be read here.

• Right to be informed where Personal Data are collected from the Data Subject
• Right to be informed where Personal Data have not been obtained from the Data Subject
• Right of access by the Data Subject
• Right to rectification of inaccurate Personal Data concerning the Data Subject (right to require Intellyo to correct any mistakes in your information which Intellyo holds)
• Right to erasure (“right to be forgotten”)
• Right to restriction of processing
• Right to data portability (right to receive the Personal Data concerning you which you have provided to Intellyo, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations)
• Right to object (right to object at any time to processing of your Personal Data concerning you for direct marketing, as well as right to object in certain other situations to our continued processing of your Personal Data)
• Right for automated individual decision-making, including profiling (right to object to decisions taken by automated means, which produce legal effects concerning you)

‍‍Changes to this Privacy Policy
‍Due to changes in laws, regulations or update to its Services, Intellyo reserves the right to change this Privacy Policy when necessary. These changes will always be reflected on this page, and you are encouraged to regularly review any changes. In case Intellyo implements any changes that materially affect your privacy rights, Intellyo will provide information via email, in case you have provided it. You can delete your Account or ask for your information to be deleted in case you do not agree with any changes to this Privacy Policy.

‍Data Protection Authority
‍Due to the fact that Intellyo is based in Vienna, Austria, in all legal matters concerning Intellyo, the Austrian law is applicable. In case of questions or complaints about data protection, you can contact the Data Protection Authority in Austria.

Österreichische, Datenschutzbehörde (Austrian Data Protection Authority)
Wickenburggasse 8
1080 Vienna
Austria+43 1 52 152-0
‍dsb@dsb.gv.at
‍https://www.data-protection-authority.gv.at/home

‍Contacting Intellyo
‍In case of questions about this Privacy Policy or Intellyo’s business, or when exercising one of the rights named in the section “Rights of the Data Subject”, you can contact Intellyo on one of the following channels:

Intellyo GmbH
Breitenfurter Straße 372B/5/B4
1230 Vienna
Austria
+43 676 324 8959
‍dataprotection@intellyo.com
‍https://intellyo.com