Effy AI
Features
Use cases
Pricing
Blog
Log In
Book a demo
Sign up - it's free

Privacy Notice

Last updated: October 3, 2024

Effy AI (“we,” “us,” or “our”) is committed to protecting your privacy. We make performance management software to help evaluate and improve employee performance, engagement, and overall workplace satisfaction. This Privacy Notice (“Notice”) describes our privacy practices regarding the personal data we collect from individuals in the usual course of business, including when you:

  • Visit any of our websites (such as https://effy.ai/); visit our social media pages; receive communications from us; or register for, attend and/or otherwise take part in any of our events, tutorials, webinars, or contests (collectively “Visitors”); and
  • Register to or otherwise use any Effy AI Services as an applicant, team member, or employee of one of our Customers (collectively “Users”).

This Notice is incorporated into and is subject to the Terms of Service.

Privacy Principles

Effy AI follows these principles to protect your privacy:

  • We do not collect any more personal data than is necessary to provide the Services or to fulfill our legitimate business purposes;
  • We only use your personal data for the purposes we specify in this Notice unless you are notified otherwise;      
  • We do not keep your personal data after it is no longer needed, and
  • Other than as specified in this Notice, we do not share your personal data with third parties and are not in the business of selling your personal data.

Effy AI as a Data Controller

As a data controller, we determine the purposes and means of processing your personal data. This includes data collected directly from you, such as when you sign up for an account, register for events, or interact with our Services. It also covers data collected automatically, such as through cookies and tracking technologies, and data we receive from third parties. Our responsibilities include ensuring the lawfulness, fairness, and transparency of data processing and safeguarding your rights as a data subject.

Effy AI  as a Data Processor

If you are a Customer and want to understand our data processing practices when we act as a data processor, please refer to the Data Processing Addendum (“DPA”), set forth at https://www.effy.ai/dpa. The DPA provides detailed information about our responsibilities and obligations when processing data on behalf of our Customers. This includes processing Customer Data according to the Customer's instructions, ensuring data security, and assisting Customers in fulfilling their data protection obligations. We do not own, control, or direct the use of Customer Data stored or processed through our Service. Only the Customer or User has the right to access, retrieve, and direct the use of such Customer Data.

Information You Provide to Us

Account signup 

When you sign up for an account to access our Service, we ask for information like your name, email address, and job title to complete the account signup process. You may also provide us with more information, such as your photo, time zone, and language, but we don’t require that information to sign up for an account.

Event registrations and other form submissions

We record information that you submit when you register for any event, including online meetings or webinars, subscribe to our newsletter or any other mailing lists, submit a form to download a whitepaper or other materials, participate in contests or respond to surveys, or submit a form to request customer support or to contact Effy AI for any other purpose.

Payment processing

When you buy something from us, we ask you to provide your name, contact information, credit card information or other payment account information. When you submit your card information, we store the name and address of the cardholder, the expiration date and the last four digits of the credit card number. We do not store the actual credit card number. For quick processing of future payments, we may store your credit card information or other payment information in an encrypted format in the secured servers of our Payment Gateway Service Providers.

Testimonials

When you authorize us to post testimonials about our Service on websites, we may include your name and other Personal Data in the testimonial. You will be given an opportunity to review and approve the testimonial before we post it. If you wish to update or delete your testimonial, contact us at hello@effy.ai.

Interactions with Effy AI

We may record, analyze, and use your interactions with us, including email, phone, and chat conversations with our sales and customer support professionals, to improve our interactions with you and other customers.

Automatically Collected Information

Browsers, devices, and servers

When you visit our Website, we collect information that web browsers, mobile devices and servers make available, such as the internet protocol address, browser type, language preference, time zone, referring URL, date and time of access, operating system, mobile device manufacturer and mobile network information. We include these in our log files to understand more about Visitors to our Website and accommodate our Websites to the Visitors.

Cookies and tracking technologies

We use temporary and permanent cookies to identify Visitors and Users and to enhance user experience. We embed unique identifiers in our downloadable products to track usage of the products. We also use cookies, beacons, tags, scripts, and other similar technologies to identify Visitors, track Website navigation, gather demographic information about Visitors and Users, understand email campaign effectiveness and target visitor and user engagement.

Application logs and mobile analytics

We collect information about your and your end-users’ use of our Service from application logs and in-house usage analytics tools and use it to understand how your use and needs can improve our Service. This information includes clicks, scrolls, features accessed, access time and frequency, errors generated, performance data, storage utilized, user settings and configurations, and devices used to access and their locations.

Information We Collect from Third Parties

Signups using federated authentication service providers

You can log in to the Service using supported federated authentication service providers, such as Slack, Microsoft and Google. These services will authenticate your identity and give you the option to share certain Personal Data with us, such as your name and email address. You should check your privacy settings on each integrated service to understand what information that integrated service makes available to us and make changes as appropriate. Please review each integrated service’s terms of use and privacy notices carefully before using their services and connecting to our Service.

Referrals

If someone has referred our Service to you through any of our referral programs, that person/entity may have provided us with your name, email address, and other Personal Data. You may contact us at dpo@effy.ai to request that we remove your information from our database. If you provide us information about another person, or if another person/entity gives us your information, we will only use that information for the specific reason it was provided to us.

Social media sites and other publicly available sources

When you provide feedback or reviews about our Service, interact or engage with us on marketplaces, review sites or social media sites, such as Facebook, X (Twitter), LinkedIn and Instagram through posts, comments, questions and other interactions, we may collect such publicly available information, including profile information, to allow us to connect with you, improve our Service, better understand User reactions and issues or to reproduce and publish your feedback on our Website. Effy AI may also add and update information about you from other publicly available sources.

How We Use the Information We Collect

We use the information to operate, maintain, enhance and provide all features of the Service:

  • to set up and maintain your account and to do all other things required for providing our Service, such as enabling collaboration, providing website and email hosting, and backing up and restoring your data;
  • to provide customer support and to analyze and improve our interactions with Clients and Users;
  • to detect and prevent fraudulent transactions and other illegal activities, report spam, and protect the rights and interests of Effy AI, its Customers and Users, third parties and the public.
  • to communicate with you (such as through email) about products and materials that you have downloaded and services that you have signed up for, changes to this Notice, to the Terms of Service, the list of Sub-processors, or other important notices;
  • to keep you posted on new additions to our Service, upcoming events, offers, promotions and other information that we think will be of interest to you;
  • to ask you to participate in surveys or to solicit feedback on our Service;
  • to update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you;
  • to monitor and improve marketing campaigns and make suggestions relevant to the User. This includes retargeting Users interested in our Service, identifying and engaging new audiences similar to our high-value Customers, and ensuring that Customers who have completed actions like purchases do not receive irrelevant advertisements.

We use the information in anonymized or aggregated form:

  • To understand how Users use our Service, to monitor and prevent problems, and to improve our Service;
  • To analyze trends, administer our Website, and track visitor navigations on our Website to understand what Visitors are looking for and to better help them.

To Whom We Disclose Information

Except as described in this Notice, we will not intentionally disclose the Personal Data that we collect or store on the Service to third parties without the consent of the applicable Visitor, User or Customer. We may disclose information to third parties if you consent to us doing so. In addition, we may disclosure information under the following circumstances:

Other Users in Your Company Account

Information about your use of the Service is available to the Administrator(s) of your account and, depending on the settings chosen by the Account Users, also to other Users for the purposes of providing the Service.

Service Providers

We work with third party service providers who provide website, hosting, maintenance, security and fraud detection, and other services for us. These third parties may have access to or process Personal Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.

Advertising and Marketing

We partner with third party ad networks to display advertising on our Website or to manage our advertising on other sites. Our ad network partners use cookies, web beacons, and data we share with them to collect information about your activities on our website and other websites and provide you with targeted advertising based on your interests. If you wish not to have your information used to serve you targeted ads, you may opt out by using these services: https://optout.networkadvertising.org/ or https://optout.aboutads.info/ (or if located in the European Union, by clicking here: http://www.youronlinechoices.eu/). 

Non-Personally Identifiable Information

We may make certain automatically collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including compliance with various reporting obligations, for business or marketing purposes, or to assist such parties in understanding our Customers’, Users’ and Visitors’ interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Service, all of the foregoing being subject to additional limits on use of your data as stated in this Notice.

Law Enforcement, Legal Process and Compliance

We may disclose Personal Data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies. We may make such disclosures without notifying you, as we determine in our sole discretion. We also reserve the right to disclose Personal Data or other information that we believe, in good faith, is appropriate or necessary to take precautions against liability, protect ourselves or others from fraudulent, abusive, or unlawful uses or activity, investigate and defend ourselves against any third party claims or allegations, protect the security or integrity of the Service and any facilities or equipment used to make the Service available, protect our property or other legal rights, enforce our contracts, or protect the rights, property, or safety of others, or comply with applicable law.

Data Security

All of your Personal Information remains private and confidential. The security of your Personal Information is important to us. We have implemented appropriate administrative, technical, and physical safeguards to prevent unauthorized access, use, modification, disclosure or destruction of the information you entrust to us. These measures have been audited and certified to industry standards. However, no security system is perfect, and due to the inherent nature of the Internet, we cannot guarantee that data, including Personal Data, is absolutely safe from intrusion or other unauthorized access by others. You are responsible for protecting your password(s) and other authentication factors and maintaining the security of your devices. To learn more about current practices, auditors’ certifications and policies regarding the security and confidentiality of the Services, please visit our Trust Center.

If you believe your Personal Data has been compromised, please contact us at dpo@effy.ai. If we learn of a security systems breach, we will inform you and the authorities of the occurrence of the breach in accordance with applicable law.

International Data Transfers

Your personal information may be transferred to, and processed in, the United States and in any other country where Effy AI or its affiliates, subsidiaries, or third party service providers maintain facilities or personnel.  These countries may have data protection laws that are different from the laws of your country (and, in some cases, may not be as protective). We follow applicable data protection laws when transferring personal data. If you are a resident in or a visitor from the EEA, United Kingdom or Switzerland, we will protect your Personal Information when it is transferred outside of such locations by processing it in a territory that the European Commission has determined provides an adequate level of protection for Personal Information; or otherwise implementing appropriate safeguards to protect your Personal Information, including through the use of Standard Contractual Clauses or another lawful transfer mechanism approved by the European Commission. 

Minors and Children’s Privacy

Protecting the privacy of children is especially important. Our Service is not directed to nor intended for children under the age of 18, and we do not knowingly collect Personal Data from children under the age of 18. If you are under 18 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Data has been collected on the Service from persons under 18 years of age and without verifiable parental consent, then appropriate steps will be taken to delete this information. If you are a parent or guardian and discover that your child under 18 years of age has obtained an Account on the Service, then you may alert us at dpo@effy.ai and request that we delete that child’s Personal Data from our systems.

Data Retention

We will retain your Personal Data for a period of time that is consistent with the original purpose of the data collection, or as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. When we no longer have a legitimate need to process your information, we will delete or anonymize your information from our active databases. We will also securely store the information and isolate it from further processing on backup discs until deletion is possible.

For Customer Data processed within the Service:

  • the contents of closed Accounts are deleted within 12 months of the date of closure;
  • server archival backups are kept for 90 days.

Your Choices

Your Rights to Information We Hold About You as a Controller

  • Right to access: You have the right to know which data we hold about you (if any).
  • Right to data rectification: You have the right to require corrections to your Personal Data in case they are inaccurate or incomplete.
  • Right to data deletion: You have the right, under certain conditions, to request the deletion of your Personal Data, including in situations where the processing of your Personal Data is no longer necessary for the purposes for which it was collected, or if the processing of your Personal Data was based on your consent, you wish to withdraw your consent, and there are no other grounds for processing your Personal Data.
  • Right to restriction of processing: You may also have the right to request to restrict the use of your Personal Data in certain circumstances, such as when you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • Right to data portability: You have the right to transfer your Personal Data to a third party in a structured, commonly used and machine-readable format, in circumstances where the information is processed with your consent or on the basis of contract and by automated means.
  • Right to object: You have the right to object to the use of your Personal Data in certain circumstances, such as when the processing is based on legitimate interest and in the use for direct marketing.
  • Right to complain: You have the right to complain to the appropriate supervisory authority if you have any grievance against the way we collect, use or share your information. The contact details of EEA supervisory authorities are available here and of the UK ICO here.

We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Service. If you wish to access or amend any other Personal Data we hold about you, or to request that we delete or transfer any information about you that we have obtained from an Integrated Service, you may contact us at dpo@effy.ai. At your request, we will have any reference to you deleted or blocked in our database.

Opting out

To comply with data protection regulations and ensure your privacy, Effy AI provides you with the option to opt out of sharing your Personal Data with third-party service providers for advertising, marketing purposes, and commercial communications.

You can always opt out of certain communications by reaching out to dpo@effy.ai.

Your California Privacy Rights

Under the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights to understand and request that we disclose details about how we handle your Personal Data. To learn more about how we collect, use, disclose, and share your Personal Data, please see below.

Categories of Personal Data Collected

In the preceding 12 months, we have collected the following categories of Personal Data about California consumers. We may collect this Personal Data directly from you, from third parties, and from your interactions with us. The Personal Data categories are:

  • identifiers, such as name, email address, and job title;
  • commercial information, such as records of products or services purchased and other transactional data;
  • internet or other network or device activity details, such as technical data about your use of our Website and Service;
  • geolocation data, such as your approximate location based on IP address;
  • financial information, such as payment information or financial account numbers in the process of providing you with a subscription;
  • other Personal Data, in instances when you interact with us online, by phone or mail in the context of receiving help through our help desks or other support channels; participation in customer surveys or contests; or in providing the Service;
  • inferences drawn from any of the above information.

We may retain this Personal Data for as long as is needed for the purpose(s) for which it was collected and no longer than is relevant and reasonably necessary. Our retention periods vary based on business, legal, and regulatory needs.

California Consumer Privacy Act (CCPA) Sale of Personal Information Notice

Effy AI may provide third parties with certain personal information to provide or improve our products and services, for example to deliver products or services at your request. In such cases, we require those third parties to handle the information in accordance with applicable laws and regulations.

Effy AI does not sell personal information to third parties (pursuant to California Civil Code §§ 1798.100–1798.199, also known as the California Consumer Privacy Act of 2018) – Effy AI is not a data broker and does not offer or disclose personal information on the open market, nor does Effy AI share personal information with third parties for their direct marketing purposes (pursuant to California Civil Code § 1798.83). We will use the data collected when you opt out solely to process your request and for record-keeping as required under the CCPA. 

Changes and Updates to this Notice

Please revisit this page periodically to stay aware of any changes to this Notice, which we may update from time to time. If we modify the Notice, we will make it available through the Service and indicate the latest revision date. Your continued use of the Service after the revised Notice has become effective indicates that you have read, understood and agreed to the current version of the Notice.

Features
OverviewSlack
Use cases
Performance reviews360-feedback90-day-reviewAPI
Resources
BlogPricingEffy AI vs Google Forms
Andrew Makhovskyi
CEO and Co-founder
Follow me on LinkedIn
© 2024 Effy AI. All rights reserved.
Privacy Policy
|
Terms of Use
|
Data Processing Agreement