How we use your personal data
We want to be clear with you about how we use your data, so in this section we talk about
the general categories of personal data that we may process and, in the case of personal
data that we did not obtain directly from you, we’ll tell you where we got your data and
the purposes for which we may process your data; finally, and very importantly, we’ll
explain the legal bases of the processing which applies to us and you. At no point will
we intentionally acquire data of children or sensitive personal information, either by
ourselves or from third parties.
- The General Categories of Personal Data That We May Process:
- Usage Data. We may process data about your
use of our website and services (“Usage Data”). The Usage Data may include
your IP address, geographical location, browser type and version, operating
system, referral source, length of visit, page views and website navigation
paths, as well as information about the timing, frequency and pattern of
your service use. The source of the Usage Data is Google Analytics, as well
as our own analytics tracking system. This Usage Data may be processed for
the purposes of analysing the use of the website and services. The legal
basis for this processing is our legitimate interests, namely monitoring and
improving our website and services, and tailoring any communication with
you. We, of course, use this data to help us run our business as well as we
can.
- Account Data. We may process your Account
Data (“Account Data”). The Account Data may include your name, email
address, company information, and other contact and other related
information we may collect about you. The source of the Account Data is
generally you or your employer. The Account Data may be processed for the
purposes of providing our services, ensuring the security of our website and
services, maintaining back-ups of our databases and communicating with you.
The legal basis for this processing is the performance of a contract between
you and us [or your employer] and/or taking steps, at your request, to enter
into such a contract. In some cases, we may also rely on Legitimate Interest
as our lawful basis where we use your data for marketing purposes or in
order to operate our business and improve our services.
- Service Data. We may process your personal
data that are provided in the course of the use of our services (“Service
Data”). The Service Data may include name, email address, telephone number,
and other related information. The source of the Service Data is you or your
employer. The Service Data may be processed for the purposes of providing
our services and communicating with you. The legal basis for this processing
is the performance of a contract between you and us and/or taking steps, at
your request, to enter into such a contract.
- Enquiry Data. We may process information
contained in any enquiry you submit to us regarding goods and/or services
(“Enquiry Data”). The Enquiry Data may be processed for the purposes of us
offering, marketing and selling relevant goods and/or services to you. The
legal basis for this processing is consent, which may be withdrawn by you at
any time by contacting us, or contract and/or legitimate interest where your
requests represent an invitation to send you information about our services.
- Notification Data. We may process
information that you provide to us for the purpose of subscribing to our
email notifications and/or newsletters (“Notification Data”). The
Notification Data may be processed for the purposes of sending you the
relevant notifications and/or newsletters. The legal basis for this
processing is consent, which may be withdrawn by you at any time by
contacting us.
- Correspondence Data. We may process
information contained in or relating to any communication that you send to
us (“Correspondence Data”). The Correspondence Data may include your name,
email address and the communication content and metadata associated with the
communication. Our website will generate the metadata associated with
communications made using the website contact forms. The Correspondence Data
may be processed for the purposes of communicating with you and
record-keeping. The legal basis for this processing is our legitimate
interests, namely the proper administration of our website, business and
communications with users.
- Public Data. We may process information
found on public social networking profiles and other from other publicly
available sources (“Public Data”). This data may include name, employment
information, career information. education details, job title, and other
relevant information. Public Data may be processed for the purposes of
offering, marketing and selling relevant goods and/or services to you and/or
your employer. The legal basis for this processing is our legitimate
interests, namely the administration of our business, to develop our
business, and in order for us to make a profit.
- Legal Claims Data. We may process any of
your personal data identified in this policy where necessary for the
establishment, exercise or defence of legal claims, whether in court
proceedings or in an administrative or out-of-court procedure (“Legal Claims
Data”). The legal basis for this processing is our legitimate interests,
namely the protection and assertion of our legal rights, your legal rights
and the legal rights of others.
- Professional Use Data. We may process any
of your personal data identified in this policy where necessary for the
purposes of obtaining or maintaining insurance coverage, managing risks, or
obtaining professional advice (“Professional Use Data”). The legal basis for
processing Professional Use Data is our legitimate interests, namely the
proper protection of our business against risks.
- Third Party Data. We
may process any of your personal data where we purchase this data from a
third party. This includes name, address, email, phone number, other contact
details, employment details etc.. Where we purchase data, we will ensure
that the supplier has the appropriate lawful basis in place and is GDPR
compliant. We will also ensure that we have appropriate evidence of consent
where necessary or have an alternative appropriate lawful basis and GDPR
compliance processes in place to allow us to use your data.
- Google User Data.
IMPORTANT:
Outbase’s use and transfer to any other app of information received from
Google APIs will adhere to Google API Services User Data Policy, including the
Limited Use requirements.
We do not store incoming or sent emails from your Gmail account. We may add
a tracking pixel to the body of emails sent through our service in order to
track email opens. You can revoke Outbase’s access to your Google account in
the Account’s settings page here of your Google account by following these instructions. If you decide to do so, we will
no longer be able to provide you campaign
sending services through Gmail API as well as removing this as a sign-in
option. You can
also revoke Outbase’s access to just your Gmail account by going to your
organisation’s
email account page on Outbase and managing access from there.
We will also delete any data collected from your Gmail account upon your
request.
Regarding this Google User Data, we will not use this Gmail data for serving
advertisements.
Additionally, we will only use access to the data to read, write, modify, or
control Gmail
message bodies (including attachments), metadata, headers, and settings to
provide a web
email client that allows users to compose, send, read, and process emails
and will not
transfer this Gmail data to others unless doing so is necessary to provide
and improve these
features, comply with applicable law, or as part of a merger, acquisition,
or sale of assets
In addition to the specific purposes for which we may process your personal
data set out in
this Section above, we may also process any of your personal data where such
processing
is necessary for compliance with a legal obligation to which we are subject,
or in order to
protect your vital interests or the vital interests of another natural
person.
