Privacy Policy

Version 0.0.1
Last updated: 10/03/2022

This Privacy Policy applies to our Website and Service accessible through our Website. Please read this Privacy Policy (“Privacy Policy”) carefully before accessing or using our Website or Service. If you have any question or doubt regarding this Privacy Policy or processing of your personal data, please send us an email to hello@dataelements.io.

We give utmost importance to privacy and protection of your personal data and the purpose of this Privacy Policy is to inform you about the types of personal data we may collect, store and process when you visit the Website or use the Service, legal reasons to process them and how we will use them.  

This Privacy Policy may be updated from time to time due to changes on our services, Website or legal requirements.  We recommend you check the Privacy Policy on a regular basis. In cases of material changes, we will do our best to inform you by sending you an e-mail or placing an announcement on our Website.

Definitions

Agreement” means our Terms of Service or the Service Agreement.

Candidates” means the individuals to whom an assessment test is sent via the Service.

“CCPA” means the California Consumer Privacy Act of 2018 and any binding regulations promulgated thereunder, in each case, as may be amended from time to time.

Europe” means member states of the European Union, Norway, Liechtenstein and Iceland.

Service” means the service provided by us to you as a customer pursuant to the Agreement. 

Service Agreement” means the agreement between you and us, which governs the provision of the Service to you.

Standard Contractual Clauses” means the Standard Contractual Clauses adopted by the European Commission.

“UK Addendum” means the International Data Transfer Addendum issued by the UK Information Commissioner under the Data Protection Act 2018 currently found at https://ico.org.uk/media/for-organisations/documents/4019539/international-data-transfer-addendum.pdf, as may be amended, superseded, or replaced.

You” are the individual or the entity (represented by an authorized individual) that access or use the Service or the Website in any way.

We” and “us” refer to our company “Elements”, with its registered office at 867 Boylston St, 5th Floor, Boston MA, 02116.

Website” means our website located at dataelements.io, any sub-pages that are integrated within it and the application located at app.dataelements.io.

What Type of Personal Data Do We Process and How Do We Use It?

Summary

We collect certain data from you when you visit our Website, fill in contact forms, demo request forms, subscribe to our Service, contact us for a customer support assistance or when you are a Candidate.

Personal information may be directly shared by you or if you are a Candidate, by your potential or current employer, that has subscribed to our Service, or in certain cases we may automatically collect information regarding your device and the browser via third parties’ software such as cookies. Please see our Cookie Notice for further information regarding these technologies and how you can manage your cookies preferences.

We collect your personal data to run our Service, to perform the Agreement, to ensure compliance with the Agreement, to keep our Website and the Service secure, to communicate with you regarding the Service or to send to you marketing communications.

Please continue to read for further details with respect to processing of your personal data.

Personal Data You Shared With Us

  • When you fill in the contact form or the demo request form, we will ask your name, last name, telephone number and e-mail address. We use this information to contact you regarding your request, to create a demo account for you and to contact you to organize a meeting to explain you the Service and how to use the demo account during the trial period. 
  • When you subscribe to the Service, we will ask the following information to perform the Agreement and provide you with the Service:
  1. your name, last name, telephone number and email address, if you are an individual customer or the Authorized User representing the customer entity.  We will use this information (a) to create and activate a Customer Account, (ii) to send you communications in connection with the Agreement, Service or other legal documents between us, 
  2. your billing and payment information such as credit card information and your address. We will use this information to issue invoices and collect subscription fees.
  • We will collect your email address to send you information about our campaigns and new features to our Service. To the extent required by applicable law, we will only send such messages if you have given us your consent to receive marketing messages.
  • When you contact us for customer support, we will ask your name, last name, email address and telephone number to communicate with you regarding the support you need.

Personal Data of Candidates Shared by Employers

If you are a Candidate, your current or potential employer that has subscribed to our Service, will share your name (first and last name) and email address with us. We use this information to send you an email with a link to an assessment test on the Service. We will inform you the identity of the employer that shared your information with us. Following completion of the assessment test, a report will be issued to the employer, with your name (first and last name), your email, your answers to the assessment test and an automatic evaluation of the code you have written. If you have not consented to processing of your personal data as explained, please contact us by sending an email to hello@dataelements.io.

Personal data Collected with the use of cookies or similar technologies: 

We collect unanimous information about your browser, operation system and IP address when you visit our Website or use the Service:

  1. to identify fraudulent or unlawful activities on the Website and the Service and to ensure compliance with our Terms of Service and subscription plans,
  2. to analyze and improve our Website and the Service,
  3. to provide a more personalized experience.

Transfer of personal data to third parties

We use services of third-party service providers for the reasons explained below and we need to share some of your personal data with them to the extent required for the relevant services. We only use the service providers who meet high data protection and security standards. We sign data processing agreement with these third parties to contractually bind them regarding protection of your personal data.    

We use these third-party services to understand how users behave on our Website and to optimize our Website and the Service accordingly, to send you direct marketing about our Services and for hosting services.

We may share your personal data with law enforcement officers and other authorized bodies when we are required to do so by law or to prevent a crime or to protect or defend our rights or users of our Website or Service.

List of Sub-Processors:

Name/ Address
Purpose / Applicable service
Data Processing Location
Mailchimp platform created by The Rocket Science Group, LLC 
675 Ponce de Leon Ave NE 
Suite 5000 Atlanta, GA 30308 USA Mailchimp's privacy team can be contacted at privacy@mailchimp.com.
Mailchimp is an electronic message service provider. We use this tool to send you electronic messages with respect to updates about the Service and our campaigns and promotions regarding the Service.  Your name (first name and last name) and email address are processed by Mailchimp to provide its services.Please see Mailchimp’s GDPR Compliance document for further details: https://mailchimp.com/en-gb/gdpr/
U.S.A.
Google LLC
1600 Amphitheatre Parkway Mountain View CA 94043, U.S.A.
We use Google Analytics to understand the performance of our Website and the Service, to improve our Website and the Service and to create new product roadmaps.Google collects unanimous information regarding user behavior on our Website and the Service.Please see Google’s Privacy Policy for further details: https://policies.google.com/privacy
U.S.A.
FullStory, Inc.
1745 Peachtree Rd NW Suite G, Atlanta, GA 30309, United States
Fullstory’s privacy team can be contacted at privacy@fullstory.com
Please see Fullstory’s GDPR Compliance document for further details: https://www.fullstory.com/resources/fullstory-gdpr-you/
FullStory production data is both processed and stored within Google Cloud Platform’s data centers. All Google data centers that process FullStory data are located in the US and the EU.
Hotjar Ltd.
Dragonara Business Centre, 5th Floor, Dragonara Road,Paceville St Julian's STJ 3141 Malta,Europe
We use Hotjar to better understand our users’ needs and to optimize the Service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our Service with user feedback. For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar is contractually forbidden to sell any of the data collected on our behalf. user profile. For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.
User and usage data that Hotjar collects through its software is stored in Ireland, European Union (EU) on the Amazon Web Services infrastructure, eu-west-1 data centers
Hubspot, Inc.
25 First Street, 2nd Floor
Cambridge, MA 02141
United StatesThe data protection officer can be contacted athttps://preferences.hubspot.com/privacy
Sales funnel management and customer database services
U.S.A.
Mixmax, Inc.
548 Market St PMB 60764 San Francisco, CA 94104 United States
Sales engagement tool
U.S.A.
Amazon Web Services Inc. (“AWS”)
410 Terry Avenue, Seattle, WA 98109
AWS cloud is used to host our Service.

Please see AWS’s Privacy Policy: https://aws.amazon.com/privacy/
U.S.A.

International Data Transfers

Your personal data may be transferred, stored and processed by us or some of our sub-processors outside your country of origin, in the United States or other jurisdictions where our sub-processors have operations. Please refer to the list of our current sub-processors under Section “Transfer of Personal Data to Third Parties” to see where our sub-processors process personal data.

Whenever personal data is transferred outside of its country of origin, we will ensure that such transfers are made in compliance with the requirements of applicable data protection laws. 

We enter into Standard Contractual Clauses, and where applicable the UK Addendum, when personal data is transferred from Europe to us or to a sub-processor based outside of Europe. The Agreement incorporates our Data Processing Addendum and the Standard Contractual Clauses, and where applicable the UK Addendum.

How long do we retain your personal data? 

We will not keep personal data longer than we need to perform the Agreement, to provide you with the Service, or we are required by law. We may need to keep personal data longer to defend possible future legal claims.

We will delete or return all personal data upon termination or expiration of the Agreement, except where we are required by applicable law to retain personal data or where we have archived personal data on secure back-up systems, which data will not be further processed and eventually be deleted. 

GDPR Compliance

The General Data Protection Regulation (“GDPR”) is the data privacy and protection legislation of the European Union. Its purpose is to protect fundamental rights and freedoms of natural persons and their rights to protection of their personal data. The GDPR has an extra-territorial scope. It applies to the processing of personal data by a controller or processor not established in the Europe, when the processing activities are related to (i) the offering of goods or services to such data subjects who are in Europe or (ii) the monitoring of their behavior as far as their behavior takes place within Europe.

Principles of the data processing

When the GDPR applies, we will process your personal data in accordance with the principles of lawfulness, fairness and transparency and we will process your personal data only if:

  1. you have given your consent to the processing of your personal data; 
  2. it is necessary for the performance of a contract between us;  
  3. it is necessary for compliance with a legal obligation, or 
  4. it is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

Transfer of your personal data outside of Europe

Our headquarters and our servers are both located in the United States, which means that your personal data will be transferred to, stored, or processed in the United States. Some of our third-party service providers may also be located outside of Europe. 

Where GDPR applies to the relevant personal data, we transfer and process it in compliance with the Standard Contractual Clauses. Standard Contractual Clauses are contractual obligations agreed by an exporter established in Europe. and an importer established in a third country. Our Data Processing Addendum (“DPA”) incorporates the Standard Contractual Clauses and our DPA is supplemental and an integral part of the Agreement.

Where we use sub-processors or third-party service providers who we share your personal data with outside Europe, we enter into data processing agreements and Standard Contractual Clauses with them. 

Data Subject’s Rights

According the GDPR, you have a right:

  1. Not to be subject to a decision based solely on automated processing, including profiling, except when it is necessary for the performance of a contract between us or is authorised by the applicable law.
  2. To ask whether or not your personal data is being processed. 
  3. To obtain the rectification of your personal data that is inaccurate or complete your missing personal data.  
  4. To receive your personal data in a structured, commonly used and machine-readable format. 
  5. To object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on (i) the necessity for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or (ii) the necessity for the purposes of our or a third party’s legitimate interests. In such case, we will cease to process your personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
  6. To object to processing of your personal data for direct marketing.
  7. To request us to restrict processing of your personal data if you contest the accuracy of your personal data or lawfulness of the processing. 
  8. To be forgotten.
  9. To lodge a complaint with a supervisory authority

If you have any question or concern regarding processing of your personal data, please send us an email at hello@dataelements.io and we will do our best to help you.

UK GDPR Compliance

In addition to the measures, we provide for the GDPR compliance, where there is a transfer of personal data from United Kingdom to outside of Europe, the Standard Contractual Clauses apply with the UK Addendum.

CCPA Compliance

The CCPA effective since 1 January 2020, is a data protection law that protects the residents of California and governs their rights regarding their personal data. According to the CCPA, you have a right:

  • to access to all the data that a company has processed regarding them and receive a copy of such data,
  • to receive a list of all the third parties that their personal data is transferred to,
  • to know what personal data is being collected. 

We will always be transparent about the data we collect, why we collect and how we use such data, as well as the third parties’ access to such data. We will never sell your information. 

If you have any question or concern regarding processing of your personal data, please send us an email at hello@dataelements.io and we will do our best to help you.

Contact Details

You can contact us at hello@dataelements.io with respect to your questions or concerns regarding this Privacy Policy, your personal data and your data subject rights.