Platform Privacy Policy
This privacy statement explains the personal data Novisto processes, how Novisto processes it, and for what purposes.
This policy is intended to help you understand:
- What information we collect about you
- How we use information we collect
- How we share information we collect
- How we store and secure information we collect
- Other important privacy information
This privacy policy covers the information relating to you that we may collect, use, and process when you use the Novisto Platform, contact us, or otherwise interact with us.
We refer to the Novisto software (applications and services) as “Services” in this policy.
In order to use the Services, the customer needs to agree with the present policy. The policy applies to all customer employees using the platform.
1. What information we collect about you
We collect information about you when you provide it to us and when you use our Services. We will collect, use, store and/or process this information only for the purposes listed in this policy or to contact you with information about Novisto.
Information you provide to us
We collect information about you when you input it into the Services or otherwise provide it directly to us.
Account and Profile Information
We collect information about you when you create a Novisto account, create or modify your profile or your team profile settings, or set preferences. For example, if you create a Novisto account, we require you to provide our name, an email and password, or use your corporate account in which case we capture and store your name and email. You might also have the option of adding other details to your profile information to be displayed in our Services. We also store your account preferences and settings.
Content you provide through our Services
The Services include the Novisto products you use, where we collect and store content that you create, send, receive and share. This content includes any information about you that you may choose to include.
We might collect some anonymized clickstream data about how you interact with and use features in the Services.
We also automatically collect certain information relating to your use of our applications, described under the Cookies and Other Tracking Technologies section below.
Information you provide through our support channels
The Services also includes our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service. Whether you open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that you decide would be helpful in resolving the issue.
Information we collect automatically when you use the Services
We collect information about you when you use our Services, including browsing our application and taking certain actions within the Services.
Your use of the Services
We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use; the links you click on and how you interact with others on the Services. We may also collect information about the teams and people you work with and how you work with them, like who you collaborate with and communicate.
Device and Connection Information
We collect information about the computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data.
Cookies and Other Tracking Technologies
Novisto uses cookies and other tracking technologies (e.g. browser local storage) to provide functionality and to recognize you across different Services and devices. Those are required for session management and authentication.
Other users of the Services
Other users of our Services may provide information about you when they submit content through the Services. For example, you may be mentioned in a support ticket opened by someone else. We also receive your email address from other Service users when they provide it in order to invite you to the Services. Similarly, an administrator may provide your contact information when they assign tasks to you.
Other services you link to your account
We receive information about you when you or your administrator integrate or link a third-party service with our Services. For example, if you create an account or log into the Services using your Active Directory credentials, we receive your name and email address in order to authenticate you. The information we receive when you link or integrate our Services with a third-party service depends on the settings, permissions and privacy policy controlled by that third-party service. You should always check the privacy settings and notices in these third-party services to understand what data may be disclosed to us or shared with our Services.
What information we do not collect
We do not intentionally collect “Sensitive Personal Information”, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. If you choose to store any Sensitive Personal Information on our servers, you are responsible for complying with any regulatory controls regarding that data.
If you are under the age of 18, you may not have a Novisto account. Novisto does not knowingly collect information from nor direct any of our content specifically to people under 18.
We do not intentionally collect personal information that is stored in your metrics or other content.
2. How we use information we collect
How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.
To provide the Services and personalize your experience
We use information about you to provide the Services to you, including authenticating you when logging in, providing customer support, and operating and maintaining the Services.
For example, we use the name you provide in your account to identify you to other Service users.
Our Services also include features that improve your ability to collaborate effectively with others by automatically analyzing the activities of your team to provide activity feeds and notifications that are relevant for you and your team.
For research and development
We are always looking for ways to make our Services smarter, faster, secure, integrated, and useful to you.
We use anonymized information about how people use our Services to troubleshoot, to identify trends, usage, activity patterns and areas for integration, to improve our Services and to develop new products, features and technologies that benefit our users.
We might also test and analyze certain new features with some users before rolling the feature out to all users.
To communicate with you about the Services
We use your contact information to send transactional communications via email and within the Services, including responding to your comments, questions and requests, providing customer support, and sending you technical notices, updates, security alerts, and administrative messages.
For Customer support
We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyze crash information, and to repair and improve the Services.
For safety and security
We use information about you and your Services’ use to verify accounts and activity, to detect, prevent, and respond to potential or actual security incidents and to monitor and protect against other malicious, deceptive, fraudulent or illegal activity, including violations of Services policies.
To protect our legal rights
Where required by law, we use information about you in connection with legal claims, compliance, regulatory, and audit functions.
With your consent
We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.
3. How we share information we collect
Novisto Platform allows sharing information through the Services. We share information we collect about you in the ways discussed below. We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information.
Sharing with other Service users
When you use the Services, we share certain information about you with other Service users inside your organization. The information is not available or shared outside of your environments.
For collaboration
You can create content, which may contain information about you, and grant permission to others to see, share, edit, copy and download that content based on settings you or your administrator select.
Service Providers
We might work in the future with third-party service providers to provide application development, hosting, maintenance, backup, storage, infrastructure, analysis and other services for us. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including appropriate security and confidentiality policies and procedures designed to protect your information.
Third Party Apps
You, your administrator or other Service users may choose to add new functionality or change the behavior of the Services by enabling integrations with third party apps within the Services. For instance, your data will be imported in Excel or XBRL tools when add-ons for those tools become available. Doing so may give third-party apps access to your account and information about you like your name and email address, and any content you choose to use in connection with those apps. Third-party app policies and procedures are not controlled by us, and this privacy policy does not cover how third-party apps use your information. We encourage you to review the privacy policies of third parties before connecting to or using their applications or services to learn more about their privacy and information handling practices. If you object to information about you being shared with these third parties, please uninstall the app or delete the third-party app integration, as applicable, and discontinue use of the third-party app.
Links to Third Party Sites
The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. If you submit information to any of those third party sites, your information is governed by their privacy policies, not this one. We encourage you to carefully read the privacy policy of any website you visit.
Compliance with Enforcement Requests and Applicable Laws
In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to:
- comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements
- enforce our agreements and policies
- protect the security or integrity of our Services
- respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
Business transfers
We may share or transfer information we collect under this privacy policy in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
You will be notified via email and/or a prominent notice on the Services if a transaction takes place, as well as any choices you may have regarding your information.
Access to data
You control the access to your Content. If you include personal information or Sensitive Personal Information, that information may only be accessible to Novisto in accordance with this Privacy Policy.
Novisto personnel do not access your data except for:
- security purposes
- to assist with a support matter
- to maintain the integrity of the Service
- to comply with our legal obligations
- if we have reason to believe the contents are in violation of the law
- with your consent
4. How we store and secure information we collect
We use industry standard technical and organizational measures to secure the information we store. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others.
How long we keep information
How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
Account information
We retain your account information for as long as your account is active and up to 15 days thereafter. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, and to enforce our agreements.
Information you share on the Services
If your account is deleted, some of your information and the content you have provided will remain in order to allow your team members to make full use of the Services.
Managed accounts
We retain user information as long as required by the administrator of your account.
5. Other important privacy information
Notice to End Users
Our Services are intended for use by organizations. The organization is the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control.
Administrators are able to:
- terminate user access to the Services; and
- install or uninstall third-party integrations
Changes to our Privacy Policy
We may change this privacy policy from time to time. We will inform you about any privacy policy changes. We will also keep prior versions of this privacy policy in an archive for review. We encourage you to review our privacy policy whenever you use the Services to stay informed about our information practices and the ways you can help protect your privacy.