In HacknPlan, we really care about the privacy and security of your data, and also our mission is to be completely transparent about how we collect, share and use your personal information. This document covers the following topics:
- Purpose of the collection of your data
- What information we collect
- How long we keep your data
- Security and compliance
- Third-party services
- Your rights
- Google data policy
The identification and contact details of the owner and responsible for the treatment of the collected data are the following:
- HacknPlan (the “Service”)
- Christian Estévez López (the “Service Owner”)
- ID: 53709368K
- Address: C\ Timanfaya 40, Portal 2, 2ºA, 28924 Alcorcón, Madrid (Spain)
2. PURPOSE OF THE COLLECTION OF YOUR DATA
We collect your personal data, either automatically during the use of the Service, or provided voluntarily in other sections of the Service or by email. We will incorporate all personal data collected to files under the responsibility of the Service Owner. The said data will be treated for the following purposes:
- To be able to register you into our Service.
- To provide the services and products you contracted, both free and premium.
- To show the information on your account profile page.
- To be able to contact you for support, notifications, newsletters and promotions.
- To perform research and analysis which can help us understand your needs and make our service better, faster, more usable and secure.
- To ensure safety and security by analyzing your data to detect suspicious or fraudulent activity, as well as violations of our Terms of Service.
- To comply with legal requirements such as tax declarations (for customers on paid services).
If you voluntarily provide us personal data, we understand that you authorize the Service Owner to process your data as specified herein. In case the personal data provided by the user was to be used for other purposes than those mentioned above, it will be requested previous express consent by the user.
In order to receive further information about your personal data and the purposes of the treatment, contact the Service Owner.
3. WHAT INFORMATION WE COLLECT
In order to properly use our Service, we collect the following information from you:
- Information you provide explicitly:
- Account information, such as username, email and profile picture.
- Payment and billing details (for premium users), including name, full address, country, VAT number (if applicable) and credit card info. The payment is securely processed by the 3rd party provider Stripe.
- Content provided by you while using our application, such as text, files or links.
- Information provided through our support channels, including email and social media, such as descriptions of issues, screenshots or additional contact information.
- Information automatically collected:
- We analyze how you use our Service and application and keep track of it, like what sections you visit, which actions you perform, etc.
- HacknPlan and some partners collect information through cookies and other technologies in order to provide session management, 3rd party authentication and tracking for analysis purposes.
- Information received from other sources:
- We can receive information about you from other users of our Service when they collaborate with you, like task assignations, mentions, comments, etc. Additionally, other users, acting as administrators of their company, team or institution, can use your email address to invite you to join HacknPlan or the specific organization or project.
4. HOW LONG DO WE KEEP YOUR DATA
All your personal data, including contact information, billing details or any other personal data obtained for the reasons explained in the previous paragraph, will be retained until you delete your user account or we delete it due to the breach of any of our Terms of Service.
The data you provided in the context of the usage of the application, such as text (task names, descriptions, etc), files (attachments) or links, which are part of a project or organization, will be kept for as long as the project or organization is active and is not manually and explicitly removed, and will be kept until the owner of the project or organization (you or another user) delete them explicitly, or the owner deletes their account, which automatically deletes all the owned projects and organizations. This way, the rest of the users you collaborated with can keep using the Service normally.
5. SECURITY AND COMPLIANCE
The Service Owner shall treat your data in an adequate and responsible manner, and shall adopt all measures both technical and organizational that binding regulations establish with regard to data protection in order to preserve the alteration, loss, treatment, or unauthorized access to the data.
We store your information in the EU, our servers are located in Amsterdam (The Netherlands) and are provided by Microsoft Azure.
6. THIRD-PARTY SERVICES
Besides from the Service Owner and under some circumstances, other people, either from our own organization or external subcontractors may access the data in order to provide properly the services to the user. We work with several 3rd party companies to provide infrastructure, maintenance, development, email communications, payment processing, legal and tax management and analytics.
7. YOUR RIGHTS
You can exercise the rights of information, access, rectification, erasure, restriction of processing, data portability, object and automated decision making and profiling, by sending a written communication to which you must attach a copy of your national identity card or passport or any other valid document that identifies you, the petition you exercise, your address for the purposes of notifications, date and your signature, along with the documents that support your petition, as the case may be, to the address C\ Timanfaya 40, Portal 2, 2ºA, 28924 Alcorcón, Madrid (Spain), or send an email to contact(at)hacknplan.com.
Also, you can exercise some of these rights directly from the application:
- Access and update your information.
- Delete information and your account.
- Consent or reject the delivery of email communications such as newsletters.
8. GOOGLE DATA POLICY
We can, with your explicit consent, retrieve Google data to provide authentication and integrations by using the OAuth2 authorization protocol. This includes the following scenarios:
- Registration and authentication on the Service by using a Google account, accessing basic account data and email address.
- Integration with Google Drive via API for attachments.
- Integration with Google Calendar via API to reference external events.
If you have any questions or concerns regarding this policy, or if you believe our policy or applicable laws relating to the protection of your personal information have not been respected, you may file a complaint, and we will respond to let you know who will be handling your matter and when you can expect a further response. We may request additional details from you regarding your concerns and may need to engage or consult with other parties in order to investigate and address your issue. We may keep records of your request and any resolution.