Effective date: 24/09/2018
Accepting the Policy
This Policy will enter into force as soon as you first accept it while registering for the Services, sending us your data via contact form or subscribing to the Services on the Website. It is applied to all visitors, users and others who access or use the Services. If you provide us your personal information in any way, this means you accept all terms of this Policy. So, we strongly encourage you to familiarize with the Policy before accepting it.
You may only accept the Policy and use the Services if you are over the age of 18 (or the age of majority where you are located). The Websites and the Service are not structured to attract children under the age of 18, and we do not intend to collect Personal Data from anyone we know to be under 18. If we learn that we have collected Personal Data from anyone under 18 years, we will delete that information immediately. If you believe that we might have any such information, please contact us by e-mail.
Collection of Information
Information You Provide to Us
We collect information you provide directly to us. For example, we collect information when you create an account, subscribe, fill out a form, request customer support or otherwise communicate with us. You are not legally obligated to provide us with your Personal Data and may do so at your own free will. If you do not agree to provide us with such data or have it processed by us, please simply do not enter our Websites or use our Services.
Information about your company. If you are registering a company on the Website, you are entering into this Policy on behalf of the company, and you represent and warrant that you have or you were granted full authority to bind the aforesaid company to these Terms. You are officially considered the owner of the company and are responsible for managing the data within your company. You and all users who will be appointed managers are responsible for entering and processing personal users' data, data about projects and list of customers. In addition to your own Personal Data needed to create an account (see below), you provide us your company's subdomain which you and your team will use to access your company at Riter. We store the data about your company as long as you use the Service. If you want us to delete your company from the Services, you should tell us about it. We will not remove your company in the event of your long inactivity, but we can write to you directly to suggest to delete your company in this case.
Account data. When you create an account or follow an invitation link to log in to the Service, you accept this Policy and consent to the collection, use and disclosure of your information as specified in this document. The types of information we may collect include your full name, e-mail address, short name (alias) and information about your workflow and activities within Riter. At the moment, only users with managers' rights can add and edit other users' data in the Services, so they are responsible for the completeness and accuracy of your data in Riter. We keep this information while you continue to use the Service.
Payments. If you request the paid version of the Service, you need to fill out the order form located on the Website. You may need to specify your name, e-mail address, credit card information or some other information depending on the type of payment you choose. We do not store this data after a payment.
Subscription. You can subscribe to Riter on the Website by providing you e-mail address via the corresponding form. We do not share this data with any third-party services. By subscribing to the Service, you agree to get our mailing on the most important Riter updates and posts on the latest releases from time to time. We can also send you some of our non-marketing blog posts on different project management and software development topics not more than once a week. You can unsubscribe from our mailing at any time or choose which type of letters you agree to receive from us. We advise you not to unsubscribe from the most important updates and special offers. We also need to report that even if you unsubscribe, you can still sometimes receive letters from our team when your use of the Services requires our participation. For example, when you need help with password recovery or we can not let you use the Service until you agree to the new version of any Terms or Policy.
Support and contacts. You can contact us for any question and additional information about the Services via the contact form published on the Website. In this case, you need to provide us your e-mail and any other information you consider important in your message. We will use this data to be able to solve your problem and give all necessary answers. We may ask for any other additional information which we need to help with your issue. Your letters to us will be kept for 1 month in case you have other related issues, after that they will be completely deleted. We also can delete them immediately on your request.
Information We Collect Automatically
When you access or use the Services, we automatically collect information about you, including:
Log Information. We log information about your use of the Services, including the type of browser you use, access times, pages viewed, your IP address, and the page you visited before navigating to the Services. We can use your IP address and other information for security - so we can notice a suspicious attempt to log into your account from an unknown place and prevent it. This information can also be used to detect issues in the operation of the Service in order to eliminate them in the shortest possible time.
Device Information. We collect information about the computer or mobile device you use to access the Services, including the hardware model, operating system and version, unique device identifiers and mobile network information. This information is also used for technical reasons to ensure stable operation of the Services.
All log and device information is kept for a month to let us respond to technical problems and fix them as soon as possible. We store log files of each company separately so we can delete them immediately on your request if you wish to stop using the Service. The data collected by Google Analytics is kept for 26 months by default, though it provides a tool to delete all information about a particular user on request.
Use of Information
We may use information about you for various purposes, including to:
- Provide, maintain and improve the Services.
- Send you technical notices, updates, security alerts and support and administrative messages.
- Respond to your comments, questions and requests.
- Communicate with you about services, offers, promotions, rewards, and events offered by Riter.co and others, and provide news and information we think will be of interest to you.
- Monitor and analyze trends, usage and activities in connection with the Services.
- Link or combine with information we get from others to help understand your needs and provide you with better service.
- Carry out any other purpose for which the information was collected.
Sharing of Information
We ourselves do not host any of the websites and services. All hosting is done by third-party service providers that we engage. This means that data you provide us or that we collect from you (including your Personal Data) is hosted with such third-party service providers on servers that they own or control. All information collected by Google Analytics is stored in the United States. All data which you provide to us directly or which we collect automatically by ourselves is stored in Germany.
Remember, we don't share your information with advertisers. We may share personal information about you as follows:
- With third party vendors and other service providers who need access to your information to carry out work on our behalf (e.g., our payment processors who handle the payment portion of your subscriptions).
- If we believe disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request.
- To enforce applicable user agreements or policies, including our Terms of Service; and to protect Riter, our users or the public from harm or illegal activities.
- In connection with any merger, sale of Riter assets, financing or acquisition of all or a portion of our business to another company.
- On your direct request to share your Personal Data with another data controller to exercise your right to data portability (see below).
We may also share aggregated or anonymized information that does not identify you.
Security and Backups
The security of your Personal Data is important to us. We take reasonable measures to help protect information about you from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction. We follow generally accepted industry standards such as use of the HTTPS protocol, password encryption, backups, secure server providers to protect the Personal Data submitted to us. However, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security or confidentiality.
We make daily backups to protect your data in case of sudden failures or malicious attacks. For the last 3 days we make and store 3 backups for each day. For older backups we store 1 backup per a day. Backups are kept in Germany for a month and a half. Older versions of backups are regularly deleted. In the event of damage to your data, backups will allow you to restore a normal workflow with almost no loss. On your request, we can delete all your data, including backups, at any time.
In Riter, we firmly support and comply with the adopted data protection standards, including GDPR. As a Data Subject, you should know and clearly understand your rights regarding the processing of your data. We have implemented all the necessary mechanisms to ensure compliance of the Services with all your rights. You can also exercise your rights at any time by contacting our support team at the Website or our Data Protection Officer at email@example.com.
Right to be informed
You have the right to be informed about the collection and use of your Personal Data by the Services. We assure you that none of your Personal Data is collected and used in a different way than described in this document. If something in this Policy is unclear to you, feel free to contact us for any additional explanations.
Right of access
You have the right to access a copy of your Personal Data. We have one month to respond to a request. You can exercise your right by writing to us directly through the contact form. If we have doubts about the identity of the person making the request, we can ask for more information about you. The period for responding to the request begins when we receive the additional information.
Right to rectification
The GDPR includes a right for individuals to have inaccurate Personal Data rectified, or completed if it is incomplete. We have one calendar month to respond to a request. You can exercise this right by writing to our support team. You can also update your account data in the management panel, in the settings of a particular user's page. If you don't have access to the management panel, you can contact your project manager or the company's owner to this end. Everybody who has access to the management panel can update your data on your request.
Right to erasure
The GDPR introduces a right for individuals to have Personal Data erased. It is also known as 'the right to be forgotten'. If you want us to delete any or all data about you or your company, please contact us with such a request. We have one month to respond to a request. We are able to cancel your subscription, delete your account, company with all related accounts and information, all your contact data and correspondence with our employees, backups, log files, collected analytics all together or selectively on your request. If you just need to unsubscribe from Riter mailings, you can do it on your own via the appropriate link in the mailing.
Right to restrict processing
You have the right to request the restriction or suppression of your Personal Data in certain circumstances. You can make a request for restriction your data via the contact form. We have one calendar month to respond to a request. When you exercise this right, your data is still stored by us, but we don't use it and you have no access to it. Individuals have the right to request us restrict the processing of their Personal Data in the following circumstances:
- The individual contests the accuracy of their Personal Data and you are verifying the accuracy of the data.
- The data has been unlawfully processed and the individual opposes erasure and requests restriction instead.
- We no longer need the Personal Data but the individual needs us to keep it in order to establish, exercise or defend a legal claim.
- The individual has objected to us processing their data, and we are considering whether our legitimate grounds override those of the individual.
In these cases, as a matter of good practice, we automatically restrict the processing whilst we are considering its accuracy or the legitimate grounds for processing the Personal Data in question.
Right to data portability
The right to data portability allows individuals to obtain and reuse their Personal Data for their own purposes across different services. It allows them to move, copy or transfer Personal Data easily from one IT environment to another in a safe and secure way, without affecting its usability. So, you have the right to receive your Personal Data that you have provided to us in a structured, commonly used and machine readable format. You also have the right to request that we transmit this data directly to another controller (service).
The right to data portability only applies to Personal Data. This means that it does not apply to genuinely anonymous data. We will respond to a request for data portability without undue delay and within one month of receipt.
Right to object
You have the right to object to the processing of your Personal Data in certain circumstances. For example, you have an absolute right to stop your data being used for direct marketing. You should not subscribe or register for any Riter Services if you don't want your data to be processed. You can also revoke your consent to data processing in future. In some cases you can do it by yourself, for example, by unsubscribing Riter mailing, removing or rejecting browser cookies, opting out Google Analytics. In other cases you need to write to us with your objection. We have one calendar month to respond to an objection.
Data Protection Officer
Unavoidable Legal Stuff
THE SERVICE AND ANY OTHER SERVICE AND CONTENT INCLUDED ON OR OTHERWISE MADE AVAILABLE TO YOU THROUGH THE SERVICE ARE PROVIDED TO YOU ON AN AS IS OR AS AVAILABLE BASIS WITHOUT ANY REPRESENTATIONS OR WARRANTIES OF ANY KIND. WE DISCLAIM ANY AND ALL WARRANTIES AND REPRESENTATIONS (EXPRESS OR IMPLIED, ORAL OR WRITTEN) WITH RESPECT TO THE SERVICE AND CONTENT INCLUDED ON OR OTHERWISE MADE AVAILABLE TO YOU THROUGH THE SERVICE WHETHER ALLEGED TO ARISE BY OPERATION OF LAW, BY REASON OF CUSTOM OR USAGE IN THE TRADE, BY COURSE OF DEALING OR OTHERWISE.
IN NO EVENT WILL RITER BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY SPECIAL, INDIRECT, INCIDENTAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES OF ANY KIND ARISING OUT OF OR IN CONNECTION WITH THE SERVICE OR ANY OTHER SERVICE AND/OR CONTENT INCLUDED ON OR OTHERWISE MADE AVAILABLE TO YOU THROUGH THE SERVICE, REGARDLESS OF THE FORM OF ACTION, WHETHER IN CONTRACT, TORT, STRICT LIABILITY OR OTHERWISE, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR ARE AWARE OF THE POSSIBILITY OF SUCH DAMAGES. OUR TOTAL LIABILITY FOR ALL CAUSES OF ACTION AND UNDER ALL THEORIES OF LIABILITY WILL BE LIMITED TO THE AMOUNT YOU PAID TO RITER.
You agree to defend, indemnify and hold us harmless from and against any and all costs, damages, liabilities, and expenses (including attorneys' fees, costs, penalties, interest and disbursements) we incur in relation to, arising from, or for the purpose of avoiding, any claim or demand from a third party relating to your use of the Service or the use of the Service by any person using your account, including any claim that your use of the Service violates any applicable law or regulation, or the rights of any third party, and/or your violation of these Terms.
Changes to the Terms
We may update this Policy at any time and in our own discretion. We will notify you of any changes by posting a new version of the Policy on this page and updating the "Effective date" field above. We will also report on such updates in our blog and news channels. The updated version becomes effective in 7 days after we post such the revised Policy. We will not write to you about each minor change and demand to revise the terms of the agreement to continue using your account. It is your responsibility to check for updates regularly. We undertake to inform you by e-mail about all significant changes affecting processing Personal Data and use of Riter. In the case of such changes, the use of your account will be possible only after you accept the new Policy.
Questions & Contact Information
Questions or comments about the Service may be directed to us via the contact form on the Website. If you are a GDPR-protected individual, you can also write to our Data Protection Officer at firstname.lastname@example.org or lodge a complaint with an EU supervisory authority.