The present Privacy Policy applies to any natural person that opens an Account and becomes the Owner of that Account in the Platform. Your personal data processed by the Platform differs based on whether you act as a Client and/or as a User in the Platform
First Layer/Basic points
Useberry provides You herein with a short summary of the Privacy Policy (hereinafter “You”), that includes the basic information in order to facilitate You to have an overall concise understanding of the processing activities of Your Personal Data for the respective purposes of processing through the use of Useberry Platform (hereinafter the “Platform”), our identity as Data Controller and Your rights as data subjects.
You can also read the full text of the Privacy Policy below in the Second Layer/Analytic Points, that includes all the necessary detailed information required by the EU General Data Protection Regulation 679/2016 (“GDPR”) and learn more about the processing of Your Personal Data in here. This Privacy Policy constitutes an integrated text with the Cookie Policy of Useberry.
1. Who we are?
“Useberry User Testing Technologies IKE”, a Greek private company seated at Moschato, Greece, 185 Kapodistriou street, P.C. 18345, with GEMI registration number 147139403000, with VAT no EL801021580, telephone number: (+30)2103464672, e-mail: contact@useberry.com is the Data Controller of Your Personal Data processed through the use of the Platform regarding the processing flows stipulated in this Privacy Policy (hereinafter “Useberry” or “We”).
As laid down in article 6 of our Terms and Conditions we mainly act a Data Processors of the personal data of Testers processed on Your behalf in the Platform (You are the Controller of those data). However, we act as a Controller of Your Personal Data, restrictively in order to open your Account in the Platform and to execute our Services to You, including billing and tax purposes as referred in details below.
2. To whom is this Privacy Policy addressed to?
This Privacy Policy is addressed to all the Platform Account Owners (acting as Clients, and/or as Users irrespective their roles as Admins, Managers, Members or Viewers) for the purposes laid down in the present.
3. What are the purposes of processing for the use of the Platform?
The purposes of processing of Your Personal Data, briefly listed, are the following:
– Account creation/Registration to the Platform;
– Security of the Platform;
– Communication of the Platform with the User;
– Better personalization of the Platform experience;
– Accurate invoicing of the Billable Answers;
– Compliance to the applicable Taxation legislation;
– Investigation of the incident of breach/ provision of information and recording the incident;
– Access to User Account in case of violation of the Terms or Account deletion.
4. Which are your rights?
Your rights regarding the processing of your Personal Data are the following, as briefly introduced herein; you may learn more about your rights in para. 7 of the Analytic Privacy Policy:
– Right of access- Obtain information and copy of your Personal Data;
– Right of rectification- Ask for incorrect, inaccurate or incomplete Personal Data to be corrected;
– Right to erasure- Request Personal Data to be erased when they are no longer needed or if processing is unlawful;
– Right to restrict processing- Request the restriction of the processing of your Personal Data in specific cases;
– Right to data portability- Receive your Personal Data in a machine-readable format and send it to another controller;
– Right to object- Object to the processing of your Personal Data for marketing purposes or on grounds relating to your particular situation;
– Rights related to automated decision-making including profiling- Request for human intervention and ask us to provide your opinion;
– Right to withdraw consent;
– Right to lodge a complaint to the competent data protection authority.
Second Layer/Analytic Privacy Policy
1. General information
Useberry respects Your privacy and the protection of Your Personal Data. It has adopted this Useberry Users Privacy Policy (hereinafter the “Privacy Policy”) in compliance with the General Data Protection Regulation 679/2016 and its respective obligations in order to appropriately inform You regarding the processing of Your Personal Data as a User.
2. Useberry’s role regarding the processing of Personal Data
2.1. All the terms introduced herein are addressed restrictively to natural persons opening an Account in our Platform, who become an Owner of that Account. Processing activities may differ depending on whether You act as a User or as a Client in the Platform. Personal Data means any information that relates to You as a natural person that You provide and/or we collect by You related to the use of the Platform and/or its Services by You. All other information regarding legal persons is not considered as Personal Data and this Privacy Policy does not apply to them. For the use of the latter’s legal entities’ information, the Terms and Conditions for the Use of Useberry apply.
2.2. We note that we act as the Data Controller solely regarding the processing of Your Personal Data as set out in this Privacy Policy and restrictively for the respective purposes as referred below, we bear the role of the Data Controller of Your Personal Data. For all other processing activities that take place in our Platform, either regarding Your Personal Data and/or any third party’s Personal Data (including but not limited to the Tester), we act as Your Data Processor based on Your instructions and on Your behalf under the terms of the DPA and/or the SCC (where applicable) You accept at the time of Your registration in the Platform. This is also further explained in article 6 of the T&Cs.
2.3. Useberry, when acting as the Data Controller, as above, determines the purposes and means of the processing of Your Personal Data i.e. the why and how of the processing. You may contact with us regarding any matter that is relevant to the processing of Υour Personal Data by us as Data Controller:
a. by sending us an e-mail to legal@useberry.com
b. by sending us a letter to the address of our registered seat above
c. by telephone to +302103464672
All terms used in the present Policy have the meaning bestowed in the GDPR.
3. Collection of Personal Data
We collect Your Personal Data
3.1. Directly from You when you:
– Insert Your Personal Data in the respective form provided by Useberry in order to create your Account in the Platform or update them;
– Provide us with mandatory or optional information during your Account registration process;
– Log in to Your Account or in another Account where You have been invited as a User;
– Provide us with Your taxation data;
– Create your credentials and log in to the Platform;
– Communicate with us.
3.2. From Third Parties when you:
– Sign in to the Platform with your Google or SSO account;
3.3. From automated means:
– Through the installation of cookies in your devices when browsing the Platform. To learn more about the use of cookies, please read our Cookie Policy.
4. Purpose of processing, categories of Personal Data processed and respective legal basis and data subjects’ rights
4.1. The purpose of the table provided is to explain the various processing activities conducted by Useberry. These activities involve operations on Your Personal Data, such as collection, retention, and transfer, that may be carried out with or without automated means. The table also outlines the legal basis, which refers to the legal grounds permitting the processing of Your Personal Data as described for the specified purpose and the data subjects’ rights that You may exercise respectively.
| Purpose of processing | Categories of Personal Data | Legal Basis | Rights | |
|---|---|---|---|---|
| 1 | Account creation/Registration to the Platform
We process Your Personal Data in order to: |
Identification data
(First name, Last name) Credentials Company name Team size Position |
Performance of contract
In order to fulfill our contractual obligations towards You based on our Terms and Conditions to allow You to access and use our Platform and Services. If You wish to delete Your Account, You can request it at any time as referred in article 4.4. of the Terms and Conditions. |
Access Rectification Erasure Restriction Portability |
| 2 | Security of access and use of the Platform
We process Your Personal Data in order to: – Verify Your Account access every time You log in; |
Credentials
Activities’ Logs Teams Workspace Distinctive Role of User |
Legitimate interest
To safeguard the access and use of the Account by the appropriate persons as well as to ensure the proper operation of the Platform Services, to prevent fraud and security breaches, to maintain the Platform’s functionality as efficient as possible. |
Access Rectification Erasure Restriction Object |
| 3 | Better personalization of the Platform experience
We process Your Personal Data in order to: |
(Additional -Optional Data)
Company website (if it can indirectly identify a natural person) Company size Other optional questions |
Consent
At Your discretion You may provide us with additional optional information in order to facilitate us to better configure the environment of Your Account as well as to understand Your business needs. You may withdraw Your consent at any time by sending an e-mail to contact@useberry.com. Your withdrawal is valid for the future. |
Withdrawal of consent Access Rectification Erasure Restriction Portability |
| 4 | Communication of the Platform with the User – We will use Your contact information selectively, as needed: a) to notify You about Platform operations or security concerns, or any other matters requiring your attention, when needed; b) to send You commercial communication. |
Communication Data
|
a) Performance of contract
In case it is necessary to contact You regarding the Platform operations or for security concerns or any other issue provisioned in the Terms and Conditions of the Users, we may communicate with You using Your Communication Data. b) Legitimate Interest We reserve the right to send You commercial communication regarding our Platform and our Services based on our legitimate interest, since you are a member of our Platform by becoming an Owner of an Account. You have the right to object by using the unsubscribe button. |
a) Access Rectification Erasure Restriction Portabilityb) Access Rectification Erasure Restriction Object |
| 5 | Accurate invoicing of the Billable Answers
We process Your Personal Data to: |
Number of Billable Answers | Performance of contract In order for us to be able to precisely calculate the number of the Billable Answers and/or Credits under the Subscription Plan You have chosen and/or Credits for payment purposes. |
Access Rectification Erasure Restriction Portability |
| 6 | Compliance to the applicable Taxation legislation | Payments
Taxation data |
Compliance with legal obligation
We process Your Personal Data that are necessary to fulfill our tax and fiscal obligations. |
Access Rectification Restriction |
| 7 | Investigation of the incident of breach, provision of information and recording of the incident
We process Your Personal Data: |
Identification Data
Communication Data Data involved in the data breach incident |
Compliance with legal obligation
To comply with our obligations with GDPR in case of a data breach we process Your Personal Data in order to assess if the incident has affected You or there is a necessity to communicate with you individually to provide You guidance or to inform You regarding it, if it is necessary under the respective provisions. Also, we process them in order to record the incident to the relevant internal registry we keep as Data Controllers. |
Access Rectification Restriction |
| 8 | Access to User Account in case of violation of the Terms or Account deletion
Useberry may under warranties, process Your Personal Data of Your Account activities as described in para 2.6. of Terms & Conditions for the use of the Platform and temporarily or permanently disable, close or restrict access to any Workspace or User Account. |
User Account Data
Account activities data |
Legitimate Interest
To enforce the Terms and Conditions’ obligations i.e. suspension or deletion of Account or to impose other potential legal actions according to the Terms and Conditions for the Use of the Platform and under the prerequisites described therein, we keep the right to process Your respective Personal Data. |
Access Rectification Erasure Restriction Portability |
Please note that:
– Where the legal basis for the processing of data is Your Consent, You may at any time withdraw it. The withdrawal of consent is valid for the future. The processing operations carried out up to the point in time of the withdrawal shall be deemed to be lawful in all respects.
– Where the legal basis for the processing of data is our Legitimate Interest, You may opt-out at any time, requesting that access to Personal Data is stopped for this purpose. In any case, Useberry reserves the right to object that it has the legitimate interest to continue processing, provided that this is justified on the basis of a reasonable balance between the Users’ own interests in the protection of their personal data and his/her own legitimate purposes and/or compelling reasons.
– In case that Useberry needs to support or defend against any legitimate claim, it may process Your Personal Data based on its relevant Legitimate Interest, that has been fairly balanced against Your privacy.
– In case You do not renew a Subscription Plan according to article 3 para.f) of the Terms and Conditions for the Use of Useberry, we keep the right to restrict your access to your Account.
– You have the ability to modify your Personal Data through Your Account, in case they have changed or you wish to change them, in order to keep them updated. In the event that you believe You have lost your passwords or they are being used by a person not authorised by You, we would like You to inform us immediately at the above contact details. Your password is should only belong to You and should only be used by You. The Platform does not have the ability to recover Your password.
5. Data Retention Period
5.1. We will store Your Personal Data for the duration necessary to fulfill the purposes for which they were collected. The retention periods for data may vary based on the specific purposes of collection and processing, taking into consideration factors such as the nature of the Personal Data, quantity, purpose, and security protocols, among others.
5.2. You have the right to request the deletion of Your data. If you object to their processing or withdraw Your consent, where those legal bases apply, we are obligated to delete the data and not retain it. However, we reserve the right to withhold Your respective rights for tax and accounting purposes, or to support a legal claim of our Company, as detailed in the analysis of Your rights provided in the table below in section 6.
5.3. Account: Your Account shall be retained until You request to close/delete it by sending an e-mail to Useberry or by taking the relevant actions available in the Platform; in case freezing status remains for more than 2 years, Usebery reserves the right to delete your Account. Additionally, Useberry reserves the right to delete any User Account for due cause as analyzed in para. 2.6. of Terms & Conditions for the use of Useberry.
5.4. Taxation data: Your Personal Data that are necessary for taxation purposes, shall be retained according to the applicable taxation legislation.
6. Which are your rights and how can you exercise them?
6.1. You can exercise Your rights by sending us an accurate request by email to contact@useberry.com. For information on how to exercise Your rights, please also see Article 7.2 below. Please note that the exercise of the rights referred to below can only be exercised with regard to the processing of data carried out by us as Data Controller.
6.2. In order to make it easier for you to exercise your rights, we provide below a detailed table of your rights and their respective explanations (articles of the GDPR 2016/679/EU):
| RIGHT of | WHAT IS IT? |
|---|---|
| Access | You have the right to request from us: – Confirmation that Useberry processes Υour Personal Data. – Access Your processed Personal Data and obtain a copy, provided it does not infringe upon third-party rights. – Receive pertinent information about the processing, including details such as: what data Useberry possesses, the reasons for its use, disclosure recipients, potential transfers to third countries, security measures, retention duration, Your rights, complaint procedures, and the data source if not collected directly from Υou, in case Υou lack this information. |
| Rectification | You can request from Useberry to rectify Your false or inaccurate Personal Data or update them. In this context Useberry has the right to verify the accuracy of the data before it rectifies them and is obliged to inform the recipient to whom Personal Data are notified, unless this proves impracticable or involves a disproportionate effort. |
| Erasure | You can request the deletion of Υour Personal Data under the following circumstances: – You have withdrawn your previously given consent, which served as the basis for the processing. – The data is no longer necessary for the original purposes it was collected. – You discover that Your data is being processed incorrectly or unlawfully. – You object to the processing of Your data.However, Useberry retains the right to deny this request if data processing is necessary for a) the original purpose of collection, b) compliance with a legal obligation, or c) establishing, exercising, or defending legal claims.Data deletion will occur once the specified conditions are met. |
| Restriction | You can ask from Useberry to exercise the right of restriction of the processing i.e. Your Personal Data to be retained but not to be used when: – You dispute the accuracy of your data and wish to verify its correctness. – The data processing is unlawful, but you prefer not to have the data deleted. – The data are no longer required for their original purposes, but Useberry needs it to establish, exercise, or defend legal claims. – You object to the processing and are awaiting verification of whether our company’s legitimate reasons outweigh your valid concerns. |
| Portability | You have the right to ask Useberry to provide You with Your Personal Data in a structured form or You can request that they be transmitted directly to another data controller. A prerequisite is that Your Personal Data must have been provided with consent and that they must be retained by automated means and not in paper form. A further condition is that the data have been provided by You; this term does not apply in case the data have been inferred by our company based on data provided by You. |
| Objection | You have the right to object to the processing of your personal data based on legitimate interest at any time. If You choose to exercise this right, Useberry must provide compelling and legitimate reasons that outweigh your rights and freedoms, or are necessary for the establishment, exercise, or defense of legal claims, in order to continue the processing. |
| Withdrawal of consent | You have the right to withdraw Υour consent, where consent is the basis of processing. You can withdraw your consent freely at any time with a request at our Company’s contact data that have been inserted above. The withdrawal of consent is valid for the future. |
| Right to human intervention | Our Company does not make decisions using a technical means by which (decision) your personal aspects are assessed and is taken solely based on automated processing that produces legal effects against you or similarly significantly affects You. Nor does it make Your profiling through automated processing of Personal Data without human intervention. You are hereby informed that you have the right to request human intervention in decision-making through automated processing and to express Υour point of view on the decision. |
| Supervisory authority / Alternative forms of dispute resolution | You have the right to submit your complaints or accusation to the local supervisory authority about your processing of Personal Data.
Since the protection of Your privacy is a priority for Useberry, You can contact our company at any time and for any issue or complaint regarding the processing of Your Personal Data. In addition, Useberry suggests that You choose alternative dispute resolution – mediation as a more flexible means of resolving disputes between you and our company. |
7. How do we handle your rights fulfillment process?
7.1. Verification: We keep strict confidentiality of your Personal Data. Therefore, if you wish to exercise your rights concerning these files, we may request certain information to confirm your identity.
7.2. Specific Requests: Your request should contain accurate and truthful information for us to respond effectively. Requests lacking valid details may be refused if they are unfounded, excessive, abusive, or illegal.
7.3. Timelines: We aim to address Your valid and accurate requests within one (1) month of receipt, unless they are exceptionally complex or multiple requests have been submitted simultaneously. If we require more time to respond, we will notify You within the month and fulfill your rights within three (3) months.
7.4. Charges: Exercising Your rights related to Personal Data is generally free of charge. However, in specific cases where your access request is unfounded or excessive under the law, we may levy a reasonable fee. We will inform You of any charges before proceeding with Your request.
7.5. Contact: Feel free to reach out to us using the provided contact details. You can share your comments, questions, concerns, or complaints about this Policy and the overall collection and processing of your Personal Data.
9. Security measures
9.1. We employ a range of suitable technical and organizational safeguards to secure Your Personal Data against unauthorized access, use, alteration, or destruction. When applicable, we indicatively use pseudonymization or anonymization (e.g. as analyzed in para. 6.3 of the Terms and Conditions for the use of Useberry) or encryption and other technologies designed to enhance the security of the information You provide to us. For more information you can see here.
9.2. Furthermore, internally, only specifically authorized personnel of Useberry handle the processing and management of Your Personal Data. When engaging individuals or third parties to perform essential processing tasks, Useberry selects individuals or entities with equivalent professional qualifications, ensuring sufficient guarantees of technical expertise and personal integrity to maintain confidentiality. Useberry implements all essential security measures to protect and uphold the confidentiality and integrity of Personal Data.
9.3. Additionally, we mandate that our subcontractors and service providers adhere to the necessary privacy obligations outlined in their respective processing agreements.
10. Amendments
10.1. We retain the right to modify this Policy at our discretion, primarily in response to new legal obligations or adjustments in our procedures concerning the processing of your personal data. This may occur, for example, when we introduce new services on our Platform or refine its scope, functions, or features.
10.2. If you continue to navigate our Platform or utilize its services, you acknowledge your acceptance of all such modifications. We encourage you to carefully review this Policy and periodically check for updates to stay informed about the protection of your Personal Data in accordance with this Policy.
10.3. If you require clarification, information, or have any reservations or questions, please feel free to contact us using the provided contact details. Please be aware that any information or clarification regarding changes to this Policy, provided as described above, does not serve as a replacement or an amendment to this Policy.
Last updated on June 10, 2024.
