PRIVACY POLICY

Last updated: June 22, 2021

Introduction

This Policy is intended to help you understand:

why we collect your personal data;
how we collect, use and store your personal data;
which rights relating to your personal data you have;
how you can exercise the rights relating to your personal data;
how we use cookies and other tracking technologies;
how we share and disclose your personal data;

Snovio Inc. is located in Delaware, USA.

We act as a data controller or data processor in relation to personal data you provide depending on the factual circumstances of the processing.

Snovio Inc. (“we”, “us”, “our”, “Company”) cares for your privacy and therefore provides you with the information hereunder. On this page, you can learn what information about you we collect while you interact with Snovio Inc., what for and how it is used, stored, disclosed etc., as well as how we process personal data you provide us with.

This Privacy Policy (“Policy”) describes how we handle the data you provide us with through the website https://snov.io/ (“Site”), web application Snov.io, API methods available by api.snov.io hostname (collectively the “Platform”), email, marketplaces and our social media accounts such as Facebook and LinkedIn (“social media accounts”). Such treatment may include, but is not limited to, the following:

collection;
recording;
organization;
storage;
structuring;
adaptation;
alteration;
retrieval;
consultation;
use;
disclosure by transmission;
dissemination or otherwise making available;
alignment or combination;
restriction; and
erasure or destruction.

Snovio Inc. acts as a data controller OR a data processor in relation to personal data you provide depending on the factual circumstances of the processing, except as provided under the Snovio’s Joint Controllership Agreement.

You can be our visitor or client (collectively “users”):

You are a visitor when you merely browse this Site;
You are a client or client’s representative (“client”) when you submit your or third-party personal data through registration form on the Site, our social media accounts, email, Email Finder browser extension or LI Prospect Finder, Site’s online chat or feedback forms to use the services we provide, contact us for assistance or leave us feedback regarding the provision of services.

When you submit your personal data as a client through our Platform, you may be asked to consent to our processing of the personal data you provide as explained in this Policy to enable us to provide you with the information or service requested, if no other legal ground can be used.

You may contact us using the following details:

Our address: 220 East 23rd Street, №401, New York, NY, USA 10010
Our email: help@snov.io
Phone number: (+1) 347 705 0819.

We designated a Data Protection Officer (“DPO”) in order to ensure that our Company processes personal data in compliance with the applicable data protection rules and regulations. You can contact the DPO directly using the following details:

External Data Protection Officer

Legal IT Group LLC

Office 1, 38 Volodymyrska Str.

01030 Kyiv, Ukraine

Email: snovio_dpo@snov.io

Definitions

To facilitate your understanding of this Policy, we explain the usage of the definitions listed here in accordance with the GDPR.

We use the following definitions in this Policy:

data controller” means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data is processed.

data processor” means the natural or legal person who processes personal data on behalf of the data controller.

data subject” is any living individual who is using our Site.

personal data” means any information relating to you and helping identify you (directly or indirectly) such as your name, last name, email, location data, etc.

processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

services” means sourcing, lead generation and sales automation services provided by Company via online-platform and web application based on the clients’ personal data and third-party personal data crowdsourced by clients.

joint controllers” means two or more controllers jointly determining the purposes and means of processing.

Data Collection

We collect and process the information you provide us with in accordance with this Policy.

We act as a controller and a processor in relation to the different categories of personal data.

We collect the information through the registration form on the Site, our social media accounts, email, Site’s online chat or feedback form and process it as a data controller.

We collect third-party information 1) you provide us with through your personal account on the Platform OR 2) you request us to collect by activating the Email Finder web extension and process it as a data processor.

Simultaneously, we act as joint controllers with you as provided under the Snovio’s Joint Controllership Agreement.

We use your personal data we collected and the personal data you provided us with or requested us to collect only for the purposes listed in this Policy. We may share your personal data with third parties solely for purposes listed herein.

We do not sell your data. We DO NOT use automated decision-making and profiling.

Personal Data We Collect

When acting as a data controller, We may process the following personal data:

PurposesType of personal dataLegal groundsThird Parties recipientsSource

To:

maintain the operation of Platform;
communicate with clients;
analyze clients’ geography and variety;
help clients solve issues that may arise during provision of services;
suggest and notify you about the services and products of the Company;
send you customised advertisements or conduct marketing campaigns;
research, develop and evaluate our services to better enhance the Platform;
record the processing activities under art. 30 of the GDPR and comply with other applicable laws;
deal with general queries, concerns or complaints including recovery of passwords.

Registration form information: client’s identifier, email address, first and last names, IP address, registration date, account balance information, used language, referral link, browser type.

Performance of a contract (Article 6(1)(b));

Our legitimate interest (Article 6(1)(f)).

AWS, Hetzner, SendPulse, Crisp chat, Pipedrive, Google Analytics, SendGrid, Facebook

Client

To:

provide services to clients;
verify the clients’ reliability;
prevent any fraudulent actions or intervention of the malware and improve our technical and information security measures;
record the processing activities under art. 30 of the GDPR and comply with other applicable laws;
predict the probability of refunds or chargebacks.

Payment Information: clients’ identifier, email address, IP address, phone number, first and last names, country code, address (city, state, zip code), company name, card type, last 4 digits of the card number, user agent and browser language data, order’s identifier, name of payment processor.

Performance of a contract (Article 6(1)(b)).

2Checkout OR FastSpiring, IP Quality Score, Google Analytics, First Promoter, AWS

Client, 2Checkout OR FastSpiring database

To:

ensure the proper operation of the Platform;
ensure the safety and security of the Platform’s users, including prevention of fraudulent actions and malware distribution.

Pseudonymised data: clients’ email addresses

Our legitimate interest (Article 6(1)(f)).

AWS

Client

To:

help users solve issues that may arise during provision of services;
develop and improve the Platform and services;
maintain history of users’ requests and complaints;
answer the questions users may have;
research, develop and evaluate our services to improve the Platform;
record the data subjects’ requests under art. 30 of the GDPR and comply with other applicable laws;
explore the user’s experience while using the Platform;
deal with general queries, concerns or complaints including recovery of passwords.

Information from contact forms: name, email address, phone number, message and other information you may provide us via available contact options.

Performance of a contract (Article 6(1)(b)).

AWS, Hotjar, Crisp chat, Facebook, Typeform, Pipedrive, Sendpulse, Firstpromoter, Google, Miro, Notion

Client, Hotjar forms, Google Forms, Crisp chat, Typeform, email, social media accounts

To:

provide services to clients; ensure the proper operation of the Platform.

Information on the client’s actions with the third-party data subjects’ personal data performed by the clients in their Accounts

Performance of a contract (Article 6(1)(b))

Mongo DB

Platform

IMPORTANT: upon processing of payments using services of a payment processor, such payment provider may collect your e-mail address, phone number, billing address, phone number, credit card details and expiry date and other personal data it considers as necessary for provision of services. Such collection of personal data is regulated under the rules and policies of payment processors. We are not responsible and hold no liability regarding your personal data collected by the third-party websites. We advise you to access the payment processors’ websites carefully and always check their policies and rules regarding the collection of your personal data.

When acting as a data processor and taking provisions of the Snovio’s Joint Controllership Agreement, we may process the following personal data:

PurposesType of personal dataLegal groundsThird Parties recipientsSource
To enable email sending through the Platform on the client’s behalf, track the replies to messages sent through the Platform and/or GBlast, enable the Remind Me and Send Later features of Email Tracker for Gmail.Google User Data: email address of the integrated Gmail account, the access token, or identifiers for 1) drafts and messages sent via Remind Me and Send Later features of Email Tracker for Gmail, 2) emails sent via campaigns and/or GBlast.Your consent (Article 6(1)(a)).AWSGoogle
To provide services to clients and ensure the proper operation of the Platform.Third-parties’ first and last names, emails, job positions, business profiles, social media profiles.Legitimate interests of Company, clients, and such third parties (Article 6(1)(f)).AWS, MongoDB, HetznerBing, LinkedIn, Twitter, client
To provide services to clients and ensure the proper operation of the Platform.Following information regarding the email drip campaigns sent by the clients: login and password from the client’s email sender account, email addresses added to drip campaign recipients, settings for the purposes of sending the email drip campaigns, replies to campaign emails, a timeline of these campaign actions, identifiers of sent and received emails, content of emails, information on the email recipient, the tracking status of sent emails for statistics.Performance of a contract (Article 6(1)(b)).AWS, MongoDB, SendPulseClient’s email account, Platform
To provide services to clients, namely operate, group and structure the provided data for clients’ needs.Any personal data, including personal data of third parties, which clients upload to the Platform.Performance of a contract (Article 6(1)(b)).AWS, MongoDB, HetznerClient
To provide services to clients and enable clients to integrate their accounts on the Platform with other services.Integrations information: Clients’ Pipedrive and Calendly tokens.Performance of a contract (Article 6(1)(b));AWSPipedrive, Calendly

IMPORTANT: some types of personal data which the Company processes as a data processor on the client’s behalf may be specified in the Integrations and Extensions section below.

Google User Data

Snovio is able to integrate with the user's Gmail account to let users send emails via Gmail API.

The service integrates into Gmail and needs to connect with your Google account.

This section describes the details of such integration.

We do not store incoming emails from your Gmail account. If there is a new email in your Inbox, we analyze it using automated algorithms and record only the results of the analysis to provide accurate campaign functioning, campaign statistics, and operability of the Remind Me feature in case the sent email receives no reply.

We do not access your Sent emails through your Gmail account. We use access to draft sending in your Gmail account to ensure the operability of the Send Later feature.

We may add a tracking pixel to the body of emails sent through our service to track email opens and edit links in your emails to track link clicks. We use the data acquired through these tracking methods to maintain email campaign operability and provide campaign reports.

You may revoke Snovio’s access to your Gmail account in the Account’s settings page here or by uninstalling Email Tracker extension from your browser. If you decide to do so, we will lose access to your Gmail account and will no longer be able to provide you campaign sending services through Gmail API or implement Send Later and Remind Me features through the Email Tracker.

We delete all data collected from your Gmail account upon request.

Not all Google User Data may contain personal data. Some statistical data will be anonymized.

With regard to the access to Google User Data as specified above, we will:

only use access to read, write, modify, or control Gmail message bodies (including attachments), metadata, headers, and settings to provide a web email client that allows users to compose, send, read, and process emails and will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets;
not use this Gmail data for serving advertisements;
not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the Platform's internal operations and even then only when the data have been aggregated and anonymized.
Integration and Extensions

You may use our integrations, namely Email Finder, Li Prospect Finder, Email Tracker, Email Verifier and Web Technology Tracker to facilitate your email campaigns to your potential business partners.

Email Finder

To use the extension, you need to be registered at and logged into app.snov.io.

Upon your request, extension may collect personal information such as email addresses and business profiles from publicly available sources. Handling and storing of this information occurs only at your request. This data is stored in our database and could be found through a search inside the Platform.

If you do not want your personal data to be included as part of our service, you may opt out by contacting us at help@snov.io or opt out from all mailing lists on the Platform through this form.

Email Tracker

Extension may require authorization in our web application (app.snov.io). Additionally, to use the Send Later and Remind Me features you must allow Snovio to access your Google account. You can learn more about how Snovio uses your Google data above.

You can send emails through your usual Gmail interface and Email Tracker extension will provide tracking information. We’ll let you know if we think your emails have been opened and how many times.

We store the subject and identification numbers of emails for the open notifications only. We use them for tracking, as well as to enable the Send Later and Remind Me features.

Email Verifier

To use the extension, you need to be registered at and logged into app.snov.io. Extension may collect email addresses from the websites you visit. We store the data only upon your request, and only if you click the "Save" button. We can use these email addresses to replenish our internal database, and they can be found through a search inside the Platform.

Web Technology Checker

To use the extension, you don't need to be registered at or logged into app.snov.io. This extension collects the information about websites using specific web technologies (non-personal data). We only store domains from visited websites to help us provide a better user experience.

Depending on your device and OS version, we have to request you to approve certain permissions for collection and processing of your personal data to enable the operation of the Email Finder, Li Prospect Finder, Email Tracker, Email Verifier and Web Technology Tracker extensions. Below is a list of such permissions and information explaining why our extensions ask for them:

Type of permissions required by the extensions and purposes of their collection/processingLegal groundsThird Parties recipientsExtension

"tabs" is using the chrome.tabs API (getting bookmark links, creating new tabs with our link, reloading open pages of app.snov.io);

"http: // * /", - access to all sites to get page content (alternative to all_urls);

"https: // * /", - access to all sites to get page content (alternative to all_urls);

"cookies", - session recovery via cookies from app.snov.io;

"notifications", - to show push notifications (completion of background tasks);

"webRequest", - for automated information collected from web pages without direct opening of the pages by the user;

"contextMenus" - to create a new item 'Background tasks' in the context menu of the extension.

Your consent (Article 6(1)(a));

AWS, MongoDB

Email Finder

"*: //*.snov.io/*", - access to our pages and API;

"https: //*.googleusercontent.com/*", - for blocking tracking images to prevent tracking email opens and link clicks from user's own account;

"https://mail.google.com/*", - access to Gmail pages;

"tabs" - for using the chrome.tabs API (getting bookmark links, creating new tabs with our link, reloading open Gmail pages);

"cookies", - session recovery via cookies from app.snov.io;

"storage", - we store the activation settings of the tracker in the synchronized storage (if it's activated on one computer, then the settings are synchronized on others via Google account);

"notifications" - push notifications;

"gcm" - to transfer data from the server to the client, needed to show push notifications;

"webRequest", - to intercept the download of our tracking pictures;

"webRequestBlocking" - to block the download of our tracking pictures.

Your consent (Article 6(1)(a));

AWS, MongoDB

Email Tracker

"tabs", - for using chrome.tabs API (getting bookmark links, creating new tabs with our link);

"http: // * /", - access to all sites to receive page content, for email search on pages (alternative to all_urls);

"cookies", - session recovery via cookies from app.snov.io;

"storage", - storage of found emails lists;

"unlimitedStorage", removes the limit on the number of emails stored in the Сhrome storage;

"notifications" - push notifications after the email verification is completed.

Your consent (Article 6(1)(a));

AWS, MongoDB

Email Verifier

"storage", - for storing settings and found technologies;

"tabs", - for using chrome.tabs API;

"webRequest", - to access the chrome.webRequest API functions for reading of the HTTP headers to identify the technologies used;

"http: // * / *", - access to all sites to get page content;

"https://*/*", - access to all sites to get page content;

"cookies" - session recovery via cookies from app.snov.io, as well as to determine the technologies used.

Your consent (Article 6(1)(a));

AWS, MongoDB

Web Technology Checker

Cookies

Cookies are small text files that websites send to your browser. They are stored on your device, which might be a personal computer, a mobile phone, a tablet or any other device.

We use them to enhance your user experience and provide a significant level of protection to your personal data.

You may withdraw your consent to be tracked by the cookies unless they are necessary or preferential to provide you with our services.

When collecting and processing cookies, We act as a data controller.

We use Cookies to enhance your user experience and provide a significant level of protection to your personal data, namely to:

recognize your device and settings;
defined you as a unique user;
analyze your usage of the Site to improve our services;
ensure the functionality of the Site;
prevent fraud;
analyze users’ geography and variety;
research, develop and evaluate our services to better enhance the Platform;
for marketing purposes.

We use four types of cookies:

Necessary;
Preferential;
Statistical; and
Marketing.

You may advise yourself with the detailed information on the categories of cookies we use here.

Grounds for processing

Our grounds for processing your personal data are:

your consent;
our and third-party legitimate interests;
performance of a contract;
our legal obligations;

We do NOT intentionally collect and process personal data of children or any sensitive personal data.

Please, refrain from sharing your sensitive personal data.

We collect and process your personal data or the personal data you provided us with in accordance with the provisions of the GDPR.

GDPR provides an exclusive list of lawful bases allowing us to process the personal data. During the personal data processing we rely only on four of them, namely:

Article 6.1(a): consent

We collect the information you choose to give us, and we process it under your consent. We require the minimum amount of your personal data that is necessary to notify you about our services and products (for example, send you a newsletter or offer).

You may withdraw your consent to the processing of your personal data at any time. Please remember that the withdrawal of consent does NOT automatically mean that the processing before the withdrawal is considered unlawful. You may NOT withdraw your consent to the processing of your personal data processed on a basis of performance of a contract between you and Company or on a basis of yours, Company’s or third parties’ legitimate interests.

You may withdraw the consent to processing of your personal data by sending us an email at help@snov.io, a message via the Site’s online chat form or by contacting us in any other way convenient for you.

Article 6.1(f): legitimate interests

We process the personal data you provided us with based on our, yours and your potential business partners’ legitimate interests, namely to:

contribute to business cooperation between you and your potential business partners;
create and assist in discovering of new business-targeted marketing and sales opportunities for you and your potential business partners;
allow you to expand your database of the potential business partners;
develop the new unique platform that simplifies and facilitates professional interaction between businesses;
allow you to use an online-platform for businesses that combines sales, CRM, analytics, marketing and email service functionality;
allow your potential business partners to approach new potential and verified clients or suppliers;
allow your potential business partners to commercialize the use of their publicly posted information related to their professional or business interests/occupation.

You may read more about it in the Snovio’s Joint Controllership Agreement.

Also, we need to collect and process some cookies and your pseudonymised emails to enable our Site to run smoothly, provide you with the desired services, give you pleasant user experience and prevent any fraudulent actions. Under this legal ground, We use only strictly necessary data that were subject to legitimate interest assessment procedure.

Article 6.1(b): performance of a contract

When you provide us with the personal data during the registration of the account on the Platform, insert requested payment information to purchase services, provide any personal data via available contact forms or any information you want us to process on your behalf, this can be deemed as your request to form a contract or to perform a contract between you and us. However, we may ask you to give us a clear consent in case of doubt.

Article 6.1(c): legal obligation

We process your personal data to fulfil the applicable legal obligations arising mainly under the GDPR. If you send us the request to fulfil the rights granted by the GDPR, we may ask you for some personal data we already have to identify you and achieve compliance with the applicable law.

Data Security, Integrity and Retention

We will store and process your personal data for as long as needed to provide you or other clients with the services.

Also, you may request erasing of your personal data by contacting us.

We store the data you have provided us with through the registration form on the Site for the entire period when you use our services and for 1 month after the termination of your account on the Platform, except your email address which we pseudonymise and store for the entire period other clients use the Snovio’s services thereafter.

We store the payment information you have provided us with for the entire period when clients use our services subject to partial deletion and partial anonymization thereafter.

We store the information you provided us with through the available contact for the entire period when you use our services. We may use such information thereafter but only subject to its anonymization.

We store identifiers and usage data for the period specified in our Cookie Policy.

We store the information you provided us with to conduct the processing activities on your behalf for the entire period when you use our services. This information may be deleted subject to the termination of your account on the Platform, except as provided under the Snovio’s Joint Controllership Agreement.

Your messages left within the social media platforms will be kept visible as long as the privacy policies of these platforms promise you.

We store and process your personal data until we do not need it for any of the purposes defined in this policy, unless longer storage is required or expressly permitted by law.

We may not delete or anonymize your data if we are compelled to keep it under the article 30 of the GDPR and other applicable laws.

You may request to delete your personal data by sending us an email at help@snov.io.

We have implemented appropriate organisational, technical, administrative, and physical security measures that are designed to protect your personal data from unauthorized access, disclosure, use, and modification. We regularly review our security procedures and policies to consider appropriate new technology and methods.

Data Sharing and Disclosure

We only transfer your personal data to third parties according to the requirements of GDPR.

Where possible, we always enter into data processing agreements (DPAs) and Non-Disclosure Agreements (NDAs) with our third parties.

We may disclose the personal data to third parties, including those located outside the EU and EEA, provided that proper safeguards are put in place and the applicable local laws do not put your rights at risk.

We may share your personal data as data controller to joint controllers and data processors in accordance with provisions specified hereafter.

Sharing personal data with joint controllers

We act as joint controller while cooperating with Facebook. In respect to this case of personal data processing, we are the party to the Facebook Joint Controllership Addendum that has a status of the joint controllers’ agreement in the meaning of Article 26 of the GDPR. Namely, We and Facebook act as joint controllers with regard to:

marketing and statistics data collected by Facebook and shared with us via Facebook pixel; and
emails of our clients we provide the Facebook with to customise the advertising of our services.

Likewise, We act as joint controllers during the provision of our services to the clients. You may read more about it in the Snovio’s Joint Controllership Agreement.

When we act as a joint controller to particular processing of personal data, a data subject may exercise his/her rights under the GDPR in respect of and against both Facebook/our clients and us.

Sharing personal data with data processors

There are many features necessary to provide you with our services that we cannot complete ourselves, thus we seek help from third parties. We may grant some service providers access to your personal data, in whole or in part, to provide the necessary services. We have established supplier assessment procedures to ensure we choose trusted partners who provide appropriate security measures and safeguards.

Therefore, we may share and disclose your personal data to other data processors:

Hotjar (Hotjar Ltd, Malta): to explore the user’s experience while using the Platform. You may read Hotjar’s Privacy Policy here;
CRM Pipedrive (Pipedrive OÜ, Republic of Estonia): to notify our clients about the services and products of the Company and use its communication tools for sales. You may read Pipedrive’s Privacy Policy here;
Hetzner (Hetzner Online GmbH, Germany): to provide secure transfer and storage of personal data on the servers. You may read its Privacy Policy here;
Amazon Web Services, AWS (Amazon.com, Inc., USA): to provide secure transfer and storage of personal data on the servers. You may read AWS Privacy Policy here;
MongoDB (MongoDB, Inc., USA): to provide secure transfer and storage of personal data on the servers. You may read MongoDB Privacy Policy here;
Google Analytics (Google LLC, USA): to analyse statistical data on how the visitor uses the Site in order to improve our Site’s functionality. You may read its Privacy Policy here;
Google Workspace (Google LLC, USA): to use Google services such as Gmail, Chat, Meet, Calendar, Drive, Docs, Sheets, Slides, Forms for storing, structuring and using your personal data. You may read its Privacy Policy here;
SendPulse (SendPulse Inc., USA): to facilitate mail campaigns to the clients and monitor the status of such sent messages. You may read SendPulse’s Privacy Policy here;
SendGrid (Twilio Inc., USA): to facilitate mail campaigns initiated by our clients to third parties and provide our clients with the status regarding such campaigns. You may read SendGrid’s Privacy Policy here;
Crisp (Crisp IM SARL, France): to ensure the proper communication with you in case you will need any help, assistance, explanations etc. You may read Crisp’s Privacy Statement here;
IP Quality Score (IPQualityScore, LLC, USA): to prevent any fraudulent actions and predict the probability of refunds and chargebacks from the clients’ side. You may read IPQualityScore’s Privacy Statement here;
FastSpring (Bright Market, LLC, UK, USA and the Netherlands): to process payments from the clients and enable clients to purchase the subscription for the Company’s services;
2Checkout (Avangate B.V., the Netherlands and Avangate Inc., USA): to process payments from the clients and enable clients to purchase the subscription for the Company’s services;
First Promoter (Igil Webs SRL, Romania): to create and maintain our affiliate, referral and influencer programs. You may read First Promoter’s Privacy Policy here;
Typeform (Typeform SL, Spain): to create the online forms - “typeforms” - and subsequently collect, store and manage information received via typeforms;
Miro (RealtimeBoard, Inc., USA): to create, collaborate and centralize communication between Snovio’s team members through interactive online virtual whiteboards;
Notion (Notion Labs, Inc., USA): to use all-in-one workspace services to plan, collaborate, and organize the Snovio’s team members work;
Zebra (Zmatic LTD, Bulgaria): to enable Zebra to provide its services on the Snovio platform;
We may disclose some of your personal data to our outsource technical specialists in order to improve our Platform and your experience as well as deliver the functionality of the Platform. We may disclose your data to sales and marketing specialists to provide you with better client service, communicate with you at your request, send you newsletters and increase the sales. Also, we may disclose some of your personal data to our outsource legal professionals to make our business accurate and transparent. The abovementioned specialists are collectively referred to as Contractors.

Zebra service

On our Site, we may offer you access to and/or use the Zebra service provided by Zmatic LTD (Bulgaria). When you request Zmatic LTD to collect the personal data of third parties as a part of the Zebra service, you can be considered as a data controller and Zmatic LTD as a data processor under the GDPR. We recommend that you carefully read Zmatic LTD’s Privacy Policy to enhance your own compliance scheme and, if necessary, enter into a data processing agreement of some kind prior to instructing Zmatic LTD to process any personal data or disclosing the details of your account on Snovio’s platform.

However, be aware: when you fill out the “Get a demo” request, your personal data is collected by Zmatic LTD as a data controller. We only obtain your personal data from Zmatic LTD to issue an invoice and send it to you. During this processing operation, Snovio acts as a data processor and doesn’t use these data points for any other purposes.

In the event that third parties contact Snovio with regard to the deletion of its personal data or the exercise of other data subject rights under the GDPR, in any case, Snovio will use all reasonable efforts to forward requests concerning your data processing activities to you as a data controller to obtain the instruction as to the request.

We may transfer your personal data to countries outside the EU and EEA (Ukraine, China, Brazil and the USA) that are not determined to offer an adequate level of data protection on the basis of article 45 of GDPR (adequacy decision) with appropriate safeguards as determined under the GDPR.

We only transfer your personal data to third parties within requirements under the GDPR. Where possible, we always enter into Data Processing Agreements (DPAs) and Non-Disclosure Agreements (NDAs) with them and treat personal data transfer seriously. Where the Contractor has an appropriate data processing agreement in place, Snovio may adjoin such data processing agreement. If so, Snovio and the Contractor may regulate the transfer of the personal data to such Contractor by means of this data processing agreement.

Snovio had adjoined the publicly available data processing agreements of the following Contractors:

ContractorData Processing Agreement
Google (Google Analytics and Google Workspace)https://support.google.com/­analytics/answer/3379636?hl=en; https://support.google.com/­tagmanager/answer/7207086?hl=en.
Hotjarhttps://hotjar.eu1.echosign.com/­public/esignWidget?wid=­CBFCIBAA3AAABLblqZhB24Pf0­StieMUYoPhZjLSQREW72TWQoL­K6pAinYy2zbB8uczxUqe­ZDdERVruVZ_y6c*
CRM Pipedrivehttps://www-cms.pipedriveassets.com/­documents/2021-02-16-Pipedrive-DPA-Signed.pdf
Hetzneravailable in the personal account; manual for signing - https://www.hetzner.com/­news/vertrag-zur-auftragsverarbeitung­-gemaess-art-28-ds-gvo-steht-ab­-sofort-online-zur-verfuegung­-eintrag/
Amazon Web Serviceshttps://d1.awsstatic.com/­legal/aws-gdpr/­AWS_GDPR_DPA.pdf
MongoDBhttps://www.mongodb.com/­legal/dpa
SendPulsehttps://sendpulse.com/­legal/processing
Send Gridhttps://sendgrid.com/terms-of-service-2017/
Crispavailable in the personal account; manual for signing - https://help.crisp.chat/­en/article/how-to-sign­-my-gdpr-data-processing­-agreement-dpa-1wfmngo/
IP Quality Scorehttps://www.ipqualityscore.com/­data-processing-agreement
First Promoteravailable at request; information on personal data processing - https://firstpromoter.com/gdpr
TypeformSection 4 in https://admin.typeform.com/to/dwk6gt
Mirohttps://miro.com/static/legal/Miro-Data-Processing-Addendum.pdf
NotionAvailable for downloading at https://www.notion.so/GDPR-at-Notion-8952f065d96f4c18abf22fc3c85e272e
Transferring your personal data outside of the European Economic Area

We may transfer your personal data to third countries outside the EU and the EEA under Article 46 of the GDPR on the appropriate safeguards, including the standard contractual clauses (SCC).

For transfers to countries that do not fall under requirements of Article 45 of the GDPR on the adequacy of the level of protection, we may transfer your personal data to the third countries outside the EU and the EEA, including the onward transfers of the personal data from the third countries to another third countries, under Article 46 of the GDPR with the appropriate safeguards, including the standard contractual clauses (SCC).

We disclose your personal data to the countries outside the EU and the EEA, in compliance with the standard contractual clauses (SCC) approved by the European Commission in order to adduce adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of natural and legal persons. We put supplementary technical and organizational measures in place when transferring data outside the EU and the EEA. e.g. prior assessment of the service supplier’s reliability and personal data protection practices, encryption of the transferred personal data, prompt reacting to any threats to confidentiality, integrity and availability of the personal data etc.

EU data protection representative: pursuant to Article 27 GDPR:

Mr. Ákos Süle, LL.M. attorney at law
Süle Law Firm
Postal address: Rungestr. 25, 10179 Berlin, Germany
Dedicated email: snovio@sulelaw.com

The EU data protection representative has been mandated by Snovio Inc as data controller to be addressed in addition to or instead of Snovio Inc by supervisory authorities and data subjects, on all issues related to data processing, for the purposes of ensuring compliance with the GDPR.

Data Subject Age

We undertake best possible efforts to secure the processing of personal data belonging to the underage.

The Platform does not knowingly collect personal data from persons under the age of 13.

By registering on the Platform and entering into the contract with the Company, you acknowledge that you have reached the age of 13 and under the laws of your country of residence you have all rights to provide us with your personal data for processing.

If you have any reason to believe that a child under the age of 13 has provided his/her personal data to us, please contact us at help@snov.io.

Your Rights

You may exercise the following rights under the General Data Protection Act (GDPR):

right of access;
right to rectification;
right to erasure;
right to restriction of processing;
right to object to processing;
right to data portability;
right to lodge a complaint;
right to consent withdrawal.

You may exercise the following rights by submitting your request at help@snov.io.

When we act as a joint controller with regard to particular processing of personal data, you may exercise your rights under the GDPR in respect of and against both Facebook/our clients and us.

If we receive any complaint, claim or request from the data subject which shall be completed by our joint controller, we immediately notify it of such request and inform the data subject on the applied measures and further performance steps regarding serving such complaint/claim/request.

Rights under the GDPR

right of access means that you may ask us to send you the copy of your personal data collected together with information regarding the nature, processing and disclosure of that personal data;
right to rectification means that you may ask us to update and correct the false data, missing or incomplete personal data.
right to erasure (to be “forgotten”) means that you may ask us to delete your personal data collected, except insofar it is prohibited by appropriate laws.
right to restriction of processing means that you may ask us to restrict processing where:
  1. your personal data is not correct or outdated;
  2. the processing is unlawful.
right to object to the processing means that you may raise objections on grounds relating to your particular situation;
right to data portability means that you may ask us to transfer a copy of your personal data to another organisation or to you;
right to withdraw the consent when your personal data processed on a basis of your consent (see section Grounds for processing);
right to lodge a complaint with the supervisory data protection authority pertaining to the processing of your personal data.
You may submit the complaint to the supervisory authority of your place of residence within the EU or to the data protection authority stated in this Policy.
Data Protection Authority

We kindly ask you to contact us directly so that we can quickly answer your question.

We kindly invite you to share your concerns with us in the first place regarding any issue related to your personal data processing. You may use the following channels to address your inquiries: help@snov.io.

In some cases, you have the right to lodge a complaint about our use of your personal data with a data protection authority. For more information, please contact your national data protection authority. We will cooperate with the appropriate governmental authorities to resolve any privacy-related complaints that cannot be amicably resolved between you and us.

Rights under the CCPA

This section applies to the processing of the personal data of the California residents

To the extent provided for by law and subject to applicable exception, California residents have the following privacy rights in relation to the personal information we collect and process:

right to know what personal information we have collected and how we have used and disclosed that personal information;
right to request deletion of your personal information;
right to be free from discrimination relating to the exercise of any of your privacy rights.

California residents can exercise their rights according to the CCPA (California Consumer Privacy Act) by filling up this form.

For the purposes of this section, California residents include every individual who is in California for other than a temporary or transitory purpose, and every individual who is domiciled in California while being outside California for a temporary or transitory purpose.

Rights under the LGPD

This section applies to the processing of the personal data of data subjects located in Brazil

This section will help you understand your rights under the LGPD and the way how we ensure them. If you are a user located in Brazil, you are able to exercise the following rights with respect to your personal data that we process:

right to confirmation of the existence of the processing;
right to access the data;
right to correct incomplete, inaccurate or out-of-date data;
right to anonymize, block, or delete unnecessary or excessive data or data processed in noncompliance with the provisions of the LGPD;
right to the portability of data to another service or product provider, by means of an express request;
right to delete personal data processed with the consent of the data subject;
right to obtain the information about the possibility of not giving consent and about the consequences of the refusal;
right to obtain the information about public and private entities with which the controller has shared data;
right to revoke consent.

Please note! We cannot respond to your request or provide you with personal information if we cannot verify your identity and confirm the personal data relates to you. We will only use such personal data to verify your identity

You may exercise the aforementioned rights by submitting your request at help@snov.io.

Changes to the Privacy Policy

We may change this policy from time to time due to the different purposes.
We will notify you on such material changes through means, available to us.

This Policy may be changed from time to time due to the implementation of new technologies, laws’ requirements or for other purposes. We will send notice to you if these changes are dramatic and where required by applicable laws, we will obtain your consent. Also, we encourage you to regularly review this Policy to check for any changes.

Such notification may be provided via your email address, post in our social media accounts or announcement on the Site and/or by other means, consistent with applicable law.

Contact us

Please contact us if you have any questions on your personal data or problems with our Site

If you have any issues concerning the usage of our Site, please do not hesitate to contact us through:

Email address: help@snov.io.

Phone number: (+1) 347 705 0819.