Botstatz “Privacy Policy”

1. Background

1.1. www.botstatz.com (“Website”) and the mobile apps, web
interfaces, APIs, documentation, servers and all other Intellectual Property,
software and infrastructure (individually referred to as “Botstatz Product” and
collective as “Botstatz Suite” are owned, registered and operated by RPA
Partner Services Pvt. Ltd. (“Company”), a company, incorporated under
the laws of India and having its corporate office at 306, Krisil
Tower, Gotri Road, Vadodara, Gujarat, India – 390021.

1.2. This Privacy Policy covers: (i)
the type of information collected from the users through the Website, the BotStatz
Products and the BotStatz Suite, including sensitive Personal Data or
information; (ii) the purpose, means and modes of usage of such information;
and (iii) how and to whom such information which has been collected will be
disclosed.

1.3. For the purpose of this Privacy Policy, wherever the
context so requires the term “administrator”, “customer”, ‘Team Creator”
shall mean any user who creates a team and invites other users to use the BotStatz
Suite. “User” shall mean any natural person who has been invited to use any BotStatz
Product from the BotStatz Suite by an administrator or customer. The
term “We”, “Us”, “Our” shall mean the Company, its
employees, and authorised agents that perform any
services on the Company’s behalf.

1.4. The administrator is the controller for all information
related to the teams created by the customer and the users invited to BotStatz
by them. The company is the controller for all the information related to the
administrators themselves and for other individuals for whom data is collected
directly by us.

This privacy policy primarily covers administrators/customers
and does not directly cover their end users.

1.5. We reserve the right to make changes to this Privacy
Policy at any time. Any such modifications will become effective immediately
upon posting to the Website or the BotStatz Suite and continued use of the BotStatz
Suite constitutes agreement to such modifications. You agree to periodically
review the current version of the Privacy Policy as posted on the Website. We
will notify you of material changes in advance by email or by notice when you
log in to the Sites and Services or both.

For the purposes of this Policy, the key terms are defined as
follows:

1.     ‘Personal Data’ means
any information relating to User or identifiable to User; an identifiable to
User is one who can be identified, directly or indirectly, in particular by
reference to User such as name, an identification number, location data, an
online identifier or to one or more factors specific to the physical,
physiological, genetic, mental, economic, cultural or social identity of that
natural person and Payment information (including payment card numbers, billing
address, and bank account information);

2.     ‘Processing’ means any
operation or set of operations which is performed on Personal Data or on sets
of Personal Data, whether or not by automated means, such as collection,
recording, organisation, structuring, storage,
adaptation or alteration, retrieval, consultation, use, disclosure by
transmission, dissemination or otherwise making available, alignment or
combination, restriction, erasure or destruction;

3.     ‘Controller’ means the
company, or administrator. The administrator is the controller for all
information related to the teams created by the customer and the users invited
to BotStatz by them. The company is the controller for all the information
related to the administrators themselves;

4.     ‘Processor’ means a
company or third parties engaged by the company. The company is a processor for
all data entered into BotStatz by users.

5.     ‘Recipient’ means a
Company or any legal person, public authority, agency or another body, to which
the Personal Data are disclosed, whether a third party or not. However,
public authorities which may receive Personal Data in the framework of a
particular inquiry in accordance with Union or Member State law shall not be
regarded as recipients; the processing of those data by those public authorities
shall be in compliance with the applicable data protection rules according to
the purposes of the processing;

6.     ‘Third party’ means a
natural or legal person, public authority, agency or body other than the User,
controller, processor and persons who, under the direct authority of the
controller or processor, are authorised to process
Personal Data;

7.     ‘Consent’ of the User
means any freely given, specific, informed and unambiguous indication of the
User’s wishes by which he or she, by a statement or by a clear affirmative
action, signifies agreement to the processing of Personal Data relating to him
or her;

8.     ‘Personal Data breach’
means a breach of security leading to the accidental or unlawful destruction,
loss, alteration, unauthorised disclosure of, or access
to, Personal Data transmitted, stored or otherwise processed;

9.     ‘Representative’ means
a natural or legal person established in the Union who, designated by the
controller or processor in writing pursuant to Article 27, represents the
controller or processor with regard to their respective obligations under this
Regulation;

10. ‘Binding corporate
rules’ means Personal Data protection policies which are adhered to by a
controller or processor established on the territory of a Member State for
transfers or a set of transfers of Personal Data to a controller or processor
in one or more third countries within a group of undertakings, or group of
enterprises engaged in a joint economic activity;

11. ‘Sensitive data’
refers to the various categories of Personal Data identified by data privacy
laws as requiring special treatment, including in some circumstances the need
to obtain explicit consent from User. These categories include racial or ethnic
origin, political opinions, religious, philosophical or other similar beliefs,
membership of a trade union, physical or mental health, biometric or genetic
data, sexual life or orientation, or criminal convictions and offences
(including information about suspected criminal activities).

12. ‘Supervisory
authority’ means an independent public authority which is established by a
Member State pursuant to Article 51;

13. ‘Supervisory authority
concerned’ means a supervisory authority which is concerned by the processing
of Personal Data because:

1.     the controller or
processor is established on the territory of the Member State of that
supervisory authority;

2.     Administrators/Users
residing in the Member State of that supervisory authority are substantially
affected or likely to be substantially affected by the processing; or

3.     a complaint has been
lodged with that supervisory authority;

14. ‘Cross-border
processing’ means either:

1.     Processing of Personal
Data which takes place in the context of the activities of establishments in
more than one Member State of a controller or processor in the Union where the
controller or processor is established in more than one Member State; or

2.     Processing of Personal
Data which takes place in the context of the activities of a single
establishment of a controller or processor in the Union but which substantially
affects or is likely to substantially affect Users in more than one Member
State.

3.     ‘Relevant and reasoned
objection’ means an objection to a draft decision as to whether there is an
infringement of this Regulation, or whether envisaged action in relation to the
controller or processor complies with this Regulation, which clearly
demonstrates the significance of the risks posed by the draft decision as
regards the fundamental rights and freedoms of Users and, where applicable, the
free flow of Personal Data within the Union;

2. Information collected from the Administrator/User(s)

2.1. Company protects Personal Data in accordance with
applicable laws and our data privacy policies. In addition, Company maintains
the appropriate technical and organizational measures to protect Personal Data
against unauthorized or unlawful processing and/or against accidental loss,
alteration, disclosure or access, or accidental or unlawful destruction of or
damage thereto. We collect information directly from administrator, as well as automatically
through use of our Website, services through the BotStatz Suites and, in some
cases, from third parties.

2.1.1. Information That Our Customers Give is:

1.     First and last name;

2.     Email address(es);

3.     Physical Address;

4.     Mobile and other phone
number(s);

5.     Date of birth;

6.     Location;

7.     Contacts;

8.     User Profile photos
that you upload

9.     Organization
information;

10. Preferences;

11. Messages exchanged
through any BotStatz Product;

12. Files and rich media
exchanged through any BotStatz Product;

13. Mobile device
information, including, without limitation, device type, ID, model number,
operating system, application, and related information;

14. Calls placed using any
BotStatz Product;

15. Payment information,
including credit/debit card or other payment account information (payment information
is submitted and payment is processed through a secure connection.);

16. MAC and/or IP address;

17. Any other required
account or other information to utilize the BotStatz Suite.

Additionally, you provide email accounts, userid
or other authentication keys in order to connect to third party plugins that we
offer such as google drive, onedrive,
dropbox etc. Such authentication information is
maintained by us to offer seamless integration.

When you use BotStatz Suite, you also provide us the contacts
that you add into our address book. Such personal data of other individuals is
also maintained by us.

When users sign-up for a demo they provide us with:

·       
Name

·       
Email

·       
Company Name

·       
Contract Number

·       
Employee Size

2.1.2. Information Collected Automatically: When User use or
interact with our Website and services, we receive and store information
generated by activity, like Usage Data, and other information automatically
collected from browser or mobile device. This information may include IP
address; browser type and version; preferred language; geographic location
using IP address, wireless, or Bluetooth technology on device; operating system
and computer platform; the full Uniform Resource Locator (URL) clickstream to, through, and from our Website, including
date and time. We also may log the length of time of visit and the number of
times User visit and use the services. We may assign User one or more unique
identifiers to help keep track of future visits. 

2.1.3. Information from Other Sources: If we receive
any information about User from other sources, we may add it to the information
we already have about User. For example, if we receive a list of subscribers to
a BotStatz Product and we note that User is a user of our products and also a
subscriber, we may combine that information. Examples of information we may
receive from other sources includes updated delivery or payment information
which we use to correct our records, purchase or redemption information,
customer support or enrollment information, page view, search term and search
result information from business partners, and credit or identity information
which we use to help prevent and detect fraud.

Further we use Google Analytics for analytics and
measurement to understand how our services are used. For example, we analyse data about your visits to our sites to do things
like optimise product design.

2.1.4. Information from our website visitors: Our website
visitors contact us for more information or request for product demos. For this
purpose, we generally request for name, email, company name and contact number.

2.2. Sensitive Data: We do not generally seek to collect sensitive data (also known
as special categories) through this Website or otherwise. Administrator may
seek this information and User should ensure User obtain administrator’s
privacy policy prior to sharing sensitive data via BotStatz.

3. How the collected information will be used

3.1. Lawful Basis of processing

We process your personal data only when we have a lawful basis.
Presently, we use the Performance of Contract (i.e. to deliver the services to
our customers) and consent as the lawful basis for processing. For certain
processing, we may also use legitimate interests as provided under the Data
Protection Regulations.

In some cases, we may also have a legal obligation to collect
personal information from you or may otherwise need the personal information to
protect your vital interests or those of another person.

3.2. Use of Customer Data – We only process Customer Data on behalf
of our customers and in accordance with their instructions provided in the
applicable Services agreement with us. We use the data that we have about you
to provide our services and provide support to you.

The information collected by Us when customers use the Website
and services, shall be used in the manner described below:

1.     Facilitate use of the BotStatz
Suite, its upgrades, its replacements and to maintain the BotStatz Suite.

2.     Process payment and
verify payment information;

3.     Contact and
communicate with Customers and Users with respect to BotStatz Suite;

4.     Provide technical
service and support, including updates;

5.     Respond to legal
requirements, exercise our legal rights or defend against legal claims, to
protect our interests, fight fraud or illegal activity, to enforce our
policies, or to protect third party rights, property, or safety.

6.     Customize and/or
tailor the BotStatz Suite and user experience, which may include displaying
information based on their search or content from other users.

7.     Troubleshooting

8.     Responding to our
customer on queries and support issues

Responding to our Customer’s end users on queries and support
issues

As part of our contractual agreements with our customers, we
also provide their end users with support on queries and technical support. In
doing so, we act as processors for our customers and any data collected from
such end users is collected on behalf of our customers.

3.3. Consent

When you give you consent to us for contacting you for marketing
purposes by signing up for our blog, demo of BotStatz or during an event that
you attend.

3.4. Users under 16 years of age

The Sites and Services do not knowingly collect personal
information from users under the age of 16. If you are under the age of 16, you
are not permitted to use the Sites and Services except maybe as an end user of
our customers in accordance with their privacy policy.

4. Disclosure of Personal Information

The following categories of recipients will most likely receive
your data in order for us to provide services to you

·       
Third Party Data Center Services such as AWS

·       
Third Party SMTP Services such as Sendgrid

·       
Third Party helpdesk applications/tools for troubleshooting

·       
Salesforce CRM /Hubspot for
direct marketing

·       
Third party Service Providers

4.1. Financial Information – All financial information that is
collected through the BotStatz Suite is used solely to enable the payment
towards the consideration for usage of the relevant BotStatz Product(s) and
products of our partners, and is not used for marketing or promotional
purposes. Towards this end, we disclose such information to a third-party
intermediary, for the sole purpose of credit card processing, which is used to
make payments to avail of the services on BotStatz. Our contracts with our
service providers include commitments that they agree to limit their use of
Personal Data and to comply with privacy and security standards at least as
stringent as the terms of this Privacy Policy. Remember that if User provide
Personal Data directly to a third party, such as through a link on Website, the
processing is typically based on their standards (which may not be the same as
the Company’s);

4.2. We may also disclose certain information to third parties
solely to help diagnose technical problems, to customers of the BotStatz Suite,
and improve the quality of the services provided by us through the BotStatz
Suite.

4.3. We reserve the right to disclose any personal information
as required by law or to respond to legal process, to protect our customer, to
protect lives, to maintain the security of our products, and to protect the
rights or property of the Company and when we believe, at our sole discretion
that disclosure is necessary to protect our rights, protect someone from injury
and/or to comply with a judicial proceeding, court order, or legal process
served on the Company.

4.4. We also share data with the Company-controlled affiliates
and subsidiaries, with vendors working on our behalf.

4.5. When a User accepts the invite to join a team in BotStatz,
to access BotStatz services, the administrator of the team would: (i) control and administrator BotStatz services account and
(ii) access and process data, including the Contents of communications and
files.

5. Cross Border Data Transfers

Since we are an international company, your data will be
processed outside of the EU region. Your data will be processed within Third Party
Data Centers in USA. Some countries where we process data may not have as
protective laws as your own country and there are risks associated with such
transfer.

Personal Data we collected may be transferred or be accessible
internationally throughout Company’s business and between our entities and
affiliates. Any such transfers throughout Company’s business take place in
accordance with the applicable data privacy laws. It also means that rights
stay the same no matter where data are processed by Company.

6. Customers’ Rights with respect to Processing Personal Data

Customers are entitled (in the circumstances and under the
conditions, and subject to the exceptions, set out in applicable law) to:

·       
Request access to the Personal Data: This right entitles
customers to know whether We hold Personal Data about them and, if we do, to
obtain information on and a copy of that Personal Data.

·       
Request a rectification of Personal Data: This right entitles
customers to have Personal Data be corrected if it is inaccurate or incomplete.

·       
Object to the Processing of Personal Data: This right entitles
Customer to request that Company no longer Processes Personal Data.

·       
Request the erasure of Personal Data: This right entitles
Customer to request the erasure of Personal Data, including where such Personal
Data would no longer be necessary to achieve the purposes.

·       
Request the restriction of the processing of Personal Data: This
right entitles Customer to request that Company only processes Personal Data in
limited circumstances, including with consent.

·       
Request portability of Personal Data: This right entitles
Customer to receive a copy (in a structured, commonly used and machine-readable
format) of Personal Data that administrators have provided to Company, or
request Company to transmit such Personal Data to another data controller.

As a user, you would need to submit a request via your
administrator to request for deletion, opt-out or to receive a copy of your
data. If we receive a request directly from you, the same will be forward to
the administrator for your team for approval.

To the extent that the processing of Personal Data is based on
Consent, Customers have the right to withdraw such Consent at any time by
contacting Company’s Data Privacy Officer. Please note that this will not
affect Company’s right to process Personal Data obtained prior to the
withdrawal of consent, or its right to continue parts of the processing based
on other legal basis other than consent.

7. Cookies

7.1. The BotStatz Suite uses cookies, which are files that web
browser puts on system when User visit a website, to store certain information
that is not sensitive personal information. The information collected through
these cookies is used by us for the technical administration of the Company’s research
and development, and to improve the quality of our services.

7.2. We may use third party cookies to track visitor behaviour and to improve the quality of our services.
However, such cookies will not store any kind of personal information, nor will
such information be disclosed to any third party.

7.3. These cookies are intended to be automatically cleared or
deleted when the User quits the browser application. User are encouraged to use
the “clear cookies” functionality of browser to ensure such clearing /
deletion, since it is impossible for us to guarantee, predict or provide for
the behaviour of system. User have a variety of tools
to control cookies, web beacons and similar technologies, including browser
controls to block and delete cookies and controls from some third-party
analytics service providers to opt out of data collection through web beacons
and similar technologies. Users browser and other choices may impact
experiences with our products.

7.4. The information we collect with cookies is not sold,
rented, or shared with any third parties, other than for internal development
and maintenance of the BotStatz Suite and to retarget and remarket BotStatz
Suite and our partner products to User.

8. Third Party Links

8.1. We may provide links to websites for the convenience and
information of users. These websites may not be owned, controlled, or operated
by us. In those cases, we cannot control how information collected by those
websites will be used, shared, or secured. If the user visits linked sites, we
strongly recommend that the user reviews the privacy notices or policies posted
at those sites. We are not responsible for the content of linked sites, the
User’s use of them, or the information practices of their operators.

8.2. BotStatz products are intended for use by organizations
and are administered to User by our Customers organization. Use of BotStatz
Suites is subject to the user organization’s policies, if any. As a user please
direct all privacy inquiries to your BotStatz administrator. When User use
social features of BotStatz, other users in network may see some of activity.
Company is not responsible for the privacy or security practices of our
customers, which may differ from those set forth in this privacy policy.

9. Data Security Procedures

9.1. We maintain organizational, physical and technical
security arrangements for all the Personal Data we hold. We have protocols,
controls and relevant policies, procedures and guidance to maintain these
arrangements taking into account the risks associated with the categories of
Personal Data and the processing we undertake to protect any kind of personal
sensitive information that we have under our control from unauthorized access,
improper use or disclosure, unauthorized modification and unlawful destruction
or accidental loss. 
We adopt market leading security measures to protect Personal Data.

9.2. Regarding use of our Websites, User should understand that
the open nature of the internet is such that information and Personal Data
flows over networks connecting User to our systems without security measures
and may be accessed and used by people other than those for whom the data are
intended.

10. Retention of Information

10.1. We will retain Personal Data only for as long as is
necessary. We maintain specific records management and retention policies and
procedures, so that Personal Data are deleted after a reasonable time according
to the following retention criteria:

·       
We retain Data as long as we have an ongoing relationship with
our Customer. Once our customers choose to close their accounts, the
information is deleted within 30 days of such closure. When you decide to close
your account, we delete all personal information about you including any user
generated content.

·       
We will only keep the data while account is active or for as
long as needed to provide services.

·       
We retain data for as long as needed in order to comply with our
legal and contractual obligations.

11. Choice/Opt-Out

11.1. If the Customer wishes to opt- out of receiving
non-essential (promotional, marketing-related) communications from us, after
setting up an account, they may choose to do so by making such preference
changes within the application or contacting us at 
privacy@botstatz.com

12. Governing Law

12.1. This Privacy Policy shall be governed by and constructed
in accordance with the laws of United Kingdom, without reference to conflict of
laws principles. The courts in London, United Kingdom, shall have the exclusive
jurisdiction to determine any disputes arising in relation to, or under, these
Privacy Policy. User agree to submit to the jurisdiction of the courts in
London, United Kingdom, and agree to waive any and all objections to the
exercise of jurisdiction over the parties by such courts and to venue in such
courts.

13. Contact

Please write to us at support@botstatz.com if:

·       
Customers and visitors have a general question about how Company
protects Personal Data.

·       
Customers and visitors wish to exercise rights in relation to
Personal Data rights.

·       
Customers and visitors wish to make a complaint about Company’s
use of data.

You can contact our Data Privacy Officer at privacy@botstatz.com.

If you are a resident of the European Economic Area and we
maintain your Personal Data within the scope of the General Data Protection
Regulation (GDPR), you have additional rights. If, despite our commitment and
efforts to protect Personal Data, you believe that your data privacy rights
have been violated, We encourage and welcome customer
to come to Company first to seek resolution of any complaint. Customers have
the right at all times to register a complaint directly with the relevant
supervisory authority or to make a claim against Company with a competent
court.

 

Botstatz Automation Program Logo

We empower organizations with our insights on the health of their automation program. At Botstatz, we help manage an automation program with a detailed and bespoke workflow.

© 2019 BOTSTATZ all right reserved by TDL