Privacy Policy

1. What this policy covers

This Privacy Policy covers the information we collect about you when you use our products or services, or otherwise interact with Partly (for example, using our website), unless a different privacy policy is displayed. This policy also explains your choices about how we use information about you. Your choices include how you can object to certain uses of information about you and how you can access and update certain information about you.
‍
When we refer to “Partly,” “we,” or “us” in this policy, we mean Partly Group Limited (NZ) and Partly UK Limited, which includes interacting with our related products. We offer collaborative tools, which help you stay organised and communicate with others in your field, and with your customers. We also own and operate a number of websites and offer related services, such as support. We refer to all of these products, together with our other services and websites as “Services” in this policy.

For the purposes of the UK and European privacy laws:

- Partly Group Limited is the controller and is responsible for our website and our related products; and

- The Partly company which you work with, will be the controller of any personal data you provide to us in connection with us supplying our products and services to you.

Our contact details and information about how to deal with any concerns, is set out at the end of this Privacy Policy.

‍

2. What information we collect about you

We collect information about you when you provide it to us, when you use our Services, and when other sources provide it to us, as further described below.

Information you provide to us

We collect information about you when you input it into our Services or otherwise provide it directly to us. This information may include your name, contact details or other account or profile information as described below.

Account and Profile Information: We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the Services. For example, you provide your contact information and, in some cases, billing information when you register for the Services. You may also have the option of adding a profile picture, bio, and other details to your profile information to be displayed in our Services. We keep track of your preferences when you select settings within the Services.
‍
Content you provide through our products: The Services include the Partly web, desktop and mobile products you use, where we collect and store content that you post, send, receive and share. This content includes any information about you that you may choose to include. Content also includes the files and links you upload to our Services.
‍
Content you provide through our websites: The Services also include our websites owned or operated by us. We collect other content that you submit to these websites, which include social media or social networking websites operated by us. For example, you provide content to us when you provide feedback, submit inquiries, activate a free trial or when you participate in any interactive features, surveys, contests, promotions, activities or events.
‍
Information you provide through our support channels: The Services also include customer support, where you may choose to submit information regarding a problem you are experiencing with a Service. Whether you designate yourself as a technical contact, engage with our instant messenger chat,  open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.
‍
Payment Information: We collect certain payment and billing information when you register for certain paid Services. For example, we ask you to designate a billing representative, including name and contact information, upon registration. If you need to use your credit card for any of our Services, your credit card details will not be stored online and cannot be accessed by our staff. However your credit card details may be encrypted and securely stored by our chosen payment provider.
‍
Information we collect automatically when you use the Services: We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Services. This information is only used to optimize your usability experience and is never shared outside of Partly.

Your use of the Services: We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use; the type, size and filenames of attachments you upload to the Services; frequently used search terms; and how you interact with others on the Services.
‍
Device and Connection Information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience. How much of this information we collect depends on the type and settings of the device you use to access the Services.
‍
Cookies and Other Tracking Technologies: Partly and our third-party partners, such as our analytics partners, use cookies and other tracking technologies (e.g., web beacons, device identifiers and pixels) to provide functionality and to recognize you across different Services and devices.  This information is only used to optimize your usability experience and is not shared outside of Partly.

‍

3. How we use the information we collect

How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.
‍
To provide the Services and personalize your experience: We use information about you to provide our Services to you, including to process transactions with you, authenticate you when you log in, provide customer support, and operate, maintain and optimize the Services. For example, we use the name and picture you provide in your account to identify you to other Service users. Our Services also include tailored features that personalize your experience, enhance your productivity. We may use your email domain to infer your affiliation with a particular organisation or industry to personalize the content and experience you receive on our Services.
‍
For research and development: We are always looking for ways to make our Services smarter, faster, more secure, integrated and useful to you. We use collective learnings about how people use our Services and feedback provided directly to us to troubleshoot and to identify trends, usage, activity patterns and opportunities for integration and improvement of the Services. For example, we used information collected about how users collaborate with travelers from within our Services to design a better, more user-friendly process. We also test and analyse certain new features with some users before rolling the feature out to all users.
‍
To communicate with you about the Services: We use your contact information to send transactional communications via email and within the Services, including confirming your purchases, reminding you of subscription expirations, responding to your comments, questions and requests, providing customer support, sending you technical notices, updates, security alerts, and administrative messages. Depending on your settings, we send you email notifications when you or others interact on the Services. We also provide tailored communications based on your activity and interactions with us. For example, certain actions you take in the Services may automatically trigger a feature suggestion within the Services that would make that task easier. We also send you communications as you onboard to our Services to help you become more proficient in using that Service. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings.
‍
To market, promote, and drive engagement with the Services: We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you. These communications are aimed at driving engagement and maximising what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new product offers, promotions and contests. You can control whether you receive these communications as described below under “Opt-out of communications.”
‍
Customer support: We use your information to resolve technical issues you encounter, to respond to your requests for assistance, to analyse crash information, and to repair and improve the Services. Where you give us permission to do so, we share your information with our Partly Support team for the purpose of responding to support-related requests.
‍
For safety and security: We use information about you and your Service use to verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of Service policies.
‍
To protect our legitimate business interests and legal rights: Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.
‍
With your consent: We use information about you where you have given us explicit consent to do so for a specific purpose not listed above. For example, we may publish testimonials or featured customer stories to promote the Services, with your permission.
‍
Legal bases for processing (for EEA and UK users):

If you are an individual in the European Economic Area (EEA) or the United Kingdom (UK), we collect and process information about you only where we have legal bases for doing so under applicable European Union and UK laws. The legal bases depend on the Services you use and how you use them. The reasons for our processing are all set out in this section, and each of those reasons are connected to one of the following legal bases. This means we collect and use your information only where: 

• Performance of a Contract: We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services; 
• Legitimate Interest: It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests; 
• Consent: You give us explicit consent to do so for a specific purpose; or 
• Legal Obligation: We need to process your data to comply with a legal obligation.
  ‍

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.

‍

Please note that we may process your personal data for more than one legal bases depending on the specific purpose for which we are using your data. Please contact us if, where more than one ground has been set out in the table below, you need details about the specific legal ground which we are relying on to process your personal data.

‍

4. International Transfers of Personal Information

We collect information globally and may store that information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing you the Services. Whenever we transfer your information, we take steps to protect it.

‍

Specifically in relation to UK and EU data protection regulations, as we are based in New Zealand, the personal information that we collect through our website and our Services will be transferred to, and stored in, a country operating outside the EEA or the UK. According to the UK and EU data protection regulations, this transfer may only take place if the European Commission, or the UK Information Commissioner’s Office has decided that the country maintains an adequate level of protection. 

‍

New Zealand is currently recognised by both the European Commission and the UK Information Commissioner’s Office as a country that ensures an adequate level of data protection. This decision provides our basis for transferring personal information to New Zealand. If this adequacy status no longer applies, we may transfer the personal data, so long as there are suitable safeguards.

‍

Some of the personal information we collect may be processed by third party data processors in other countries. We will only transfer this data outside the EEA or UK if that country has been given the adequacy status mentioned above, or if we have approved transfer instruments set up to protect your personal data. If you wish to know more, please contact us using the details below. 

‍

If, regardless of the safeguards that we have put in place, you are not comfortable with your personal information being transferred to a system in another jurisdiction, you should not provide us with your personal information or use our website, products and/or Services. 

‍

5. How we share the information we collect

We make collaboration tools, and we want them to work well for you. This means sharing information through the Services and with certain third parties. We share information we collect about you in the ways discussed below, but we are not in the business of selling information about you to advertisers or other third parties.
‍
Sharing with other Service users When you use the Services, we share certain information about you with other Service users.
‍
Community Forums: Our websites offer publicly accessible blogs, forums, bug trackers, and wikis. You should be aware that any information you provide in these websites – including profile information associated with the account you use to post the information – may be read, collected, and used by any member of the public who accesses websites. Your posts and certain profile information may remain even after you terminate your account. We urge you to consider the sensitivity of any information you input into these Services. To request removal of your information from publicly accessible websites operated by us, please contact us as provided below. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to and why.
‍
Sharing with third parties
‍We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our Services.

‍Service Providers: We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under instruction from us, including abiding by policies and procedures designed to protect your information.
‍
Links to Third-Party Sites: The Services may include links that direct you to other websites or services whose privacy practices may differ from ours. Your use of and any information you submit to any of those third-party sites is governed by their privacy policies, not this one.
‍
With your consent: We share information about you with third parties when you give us consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your consent, we may post your name alongside the testimonial.
‍
Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our products and services, (d) protect Partly, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.

‍

6. How we store and secure the information we collect

Information storage and security
‍We use data hosting service providers to host the information we collect, and we use technical measures to secure your data. As at the date of this policy, our data is stored on the Google Cloud in the Frankfurt and Sydney data centres. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others, however all sensitive data is stored encrypted.  We will respond to requests about this within a reasonable timeframe, but no later than 20 working days after the day on which the request is received.
‍
How long we keep information

How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymise your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

‍Account information: We retain your account information until you delete your account. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyse personal characteristics about you.
‍
Information you share on the Services: If your account is deactivated or disabled, some of your information and the content you have provided will remain in order to allow your team members or other users to make full use of the Services.
‍
Managed accounts: If the Services are made available to you through an organisation (e.g. your employer), we retain your information as long as required by the administrator of your account.
‍
Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences unless you opt-out or explicitly ask us to delete such information. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
‍
We are committed to protecting your personal information

‍We will at all times work to ensure that we are taking all the steps to protect your personal information. Despite our best efforts, the internet itself cannot be trusted as a secure environment. Consequently, we are unable to give an absolute promise that your information will always be safe. Sharing of personal information over the internet is to be done at your own risk. You should only give out your personal information to the website within a secure environment.
If we become aware of any security breach relating to your personal information, we will advise you as soon as we can.

‍

7. How to access and control your information

You have certain rights and choices available to you when it comes to your information. Below is a summary of those rights and choices, how to exercise them and any limitations. We will respond to requests about this within a reasonable timeframe.
‍

Your Legal Rights 

The Right of Access - you have the right to ask, and we have the obligation to confirm, if we are processing your personal data. We can also provide you with a copy of that data.

‍

The Right to Rectification – if we hold inaccurate or incomplete personal data about you, you may ask to have it corrected or completed. Once notified, we will do all that we can to ensure the information is made right. We will also endeavour to pass on the correction if possible to any third parties with whom we have shared your personal data. 

‍

The Right to Erasure – your personal data is deleted once it has fulfilled its intended purpose. Provided it does not contravene any applicable laws, we will also delete your personal data if you send a request. If we have shared your personal data with any third parties, we will take reasonable steps to inform them of your request. 

‍

The Right to Withdraw Consent – our legal basis for processing your personal data is your consent. Therefore if you wish for us to stop processing your personal data, you may withdraw your consent at any time. 

‍

The Right to Restrict Processing – you have the right to ask us to restrict or stop the processing of your personal data in certain circumstances. We will pass this request on to third parties where possible. 

‍

The Right to Object to Processing – at any point you may also request that we stop processing your personal data all together. We will do this to the extent required by the UK or EU data protection regulations.

‍

Rights related to Automated Decision Making, including Profiling – At the date of this Privacy Policy, Partly does not make any automated decision making or profiling using the personal information. If this were to change, you have the right to not be subject to a decision based solely on this automated processing, including profiling which can have a significant legal impact. The exceptions to this occur where such automated decision making is necessary for entering into, or fulfilling a contract with you, where relevant laws authorise it and when you have given explicit consent.

‍

The Right to Data Portability – we will give you any personal data that you have requested from us in a commonly used, machine readable and interoperable format to ensure you can access it. Where possible, and if you have requested, we will send your personal data to another data controller. 

‍

The Right to Complain to a Supervisory Authority – if you have any concerns about the way in which we have dealt with your personal data, you may contact the relevant data protection supervisory authority. 

If your personal data is used or obtained for direct marketing purposes, you have the right to object. 

If you wish to exercise any of your rights listed above, please contact support@partly.com. If you are dissatisfied with how we deal with your request, you may refer your query to your local data protection supervisory authority.

‍

Rights Specific to Our Services
‍Our Services and related documentation give you the ability to directly control your personal information and account. As such you can:

• Access and update certain information about you from within the Service. For example, you can access your profile information from your account and search for content containing information about you using keyword searches in the Service. You can update your profile information within your account settings and modify content that contains information about you using the editing tools associated with that content.

• Or an administrator can deactivate your access to an organisation. If you can deactivate your own access, that setting is available to you in your account settings. Otherwise, please contact your administrator. If you are an administrator and are unable to deactivate an account through your administrator settings, please contact Partly support. Please be aware that deactivating access does not delete your information; your information remains visible to other Service users based on your past participation within the Services. For more information on how to delete your information, see below.

• Delete certain information about you from within the Service. For example, you can remove certain profile information within your profile settings. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.

Opt out of communications: You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, updating your email preferences within your Service account settings menu, or by contacting us as provided below to have your contact information removed from our promotional email list or registration database. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our Services. You can opt out of some notification messages in your account settings.

‍

Send “Do Not Track” Signals: Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our Services do not currently respond to browser DNT signals. You can use the range of other tools we provide to control data collection and use, including the ability to opt-out of receiving marketing from us as described above.

‍

Further Information 

Limitations: Your request and choices may be limited in certain cases. For example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep.

‍

Timescales and Delays: When you make such requests, we may need time to investigate and facilitate your request. If there are timescales imposed by the applicable laws then we will confirm the timescales that we have for responding to you. If there is a delay or dispute as to whether we have the right to continue using your information, we may restrict any further use of your information until the request is honoured or the dispute is resolved, provided your administrator does not object (where applicable).

‍Unresolved Issues or Concerns: If you have unresolved concerns, you may have the right to lodge a complaint to a data protection authority in the country where you live, where you work or where you feel your rights were infringed.

‍

8. Other important privacy information

Notice to End Users
‍Our products are intended for both personal use and use by organisations. Where the Services are made available to you through an organisation (e.g. your employer), that organisation is the administrator of the Services and is responsible for the end-users and/or Service sites over which it has control. If this is the case, please direct your data privacy questions to your administrator, as your use of the Services is subject to that organisation’s policies. We are not responsible for the privacy or security practices of an administrator’s organisation, which may be different to this policy.
‍
Even if the Services are not currently administered to you by an organisation, if you are a member of a team administered by an organisation, or if you use an email address provided by an organisation (such as your work email address) to access the Services, then the administrator of that team or the owner of the domain associated with your organisational email address (e.g. your employer) may assert administrative control over your account and use of the Services at a later date. You will be notified if this happens.

In some cases, enterprise administrators can also:

• Require you to reset your account password;
• Restrict, suspend, or terminate your access to the Services or your account;
• Control your ability to edit, restrict, modify, or delete account information;
• Change your account information, including profile information or the email address associated with your account;
• Access information in and about your account;
• Access or retain information stored as part of your account

Please contact your organisation or refer to your administrator’s organisational policies for more information.

‍

9. Our policy towards children

The Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact our support services.

‍

10. Changes to our Privacy Policy

We may change this privacy policy from time to time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by adding a notice on the Services homepages, login screens, or by sending you an email notification. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to review our privacy policy whenever you use the Services to stay informed about our information practices and the ways you can help protect your privacy.

‍

11. Contact us

New Zealand

Your information is controlled by Partly Group Limited (NZ). If you have questions or concerns about how your information is handled, please direct your inquiry to Partly Group Limited (NZ), as set forth below.

email: support@partly.com

United Kingdom (UK) and European Union (EU)

If you are based in the UK or the EU and have questions or concerns about how your information is handled, please direct your inquiry to Partly UK Limited or our EU Representative for personal data and privacy enquiries, as set forth below.

UK Address: 49 Greek Street, London, W1D 4EG

UK Email: support@partly.com

EU Representative: Roger Peeters

EU Representative Address: Termileslaan 85 Maastricht 6229 VS Netherlands Limburg.

EU Representative Email: roger@partly.com

As set out above in section 8, if you are based in the UK or the EU, or are working with our company based in the UK, you have the right to make a complaint at any time to the UK or EU regulator for data protection issues: 

• The UK regulator is: the Information Commissioner's Office (ICO) (www.ico.org.uk).
• The EU regulator will depend on the member state in which you reside, which can be identified on the European Data Protection Board website (https://www.edpb.europa.eu/about-edpb/about-edpb/members_en)