2. Data Controller
For the purpose of the General Data Protection Regulation (GDPR) the Data Controller is
Goodmind Software, Inc.
2810 N Church St
Wilmington, Delaware 19802
The Data Controller determines how and why Personal Data can be processed.
3. Information We Collect
We only collect information about you if we have a reason to do so — for example, to provide our Services, to communicate with you, or to make our Services better. We collect this information from three sources: if and when you provide information to us, automatically through operating our Services, and from outside sources. Let's go over the information that we collect.
3.1. Information You Provide to Us
- Account information (e.g. full name, email) is required to operate the service and allow you to log in and perform security checks;
- Billing information (e.g. company name, address) is only collected at your initiative to provide invoices addressed to you;
- Financial information (e.g. credit card number, account number, etc.) is not collected by us, but goes directly to the payment services provider (Stripe) when you make a purchase or subscribe to paid services;
- Message exchanges (e.g. emails, live chat content, screenshots, screen video records): The content of the messages you send to us by any means is collected and stored for reference in future communications, to perform security checks, and to be used by our team to investigate issues or to improve the Services.
3.2. Information We Collect Automatically
When you access or use our Services, we may also automatically collect information about you. This includes:
- Log and usage data. We may log information when you access and use the Services. This may include your IP address, date and time stamps, HTTP request type, form data, referral URLs, and the requested URL;
3.3. Information Collected from Other Sources
When you access or use our Services, we may receive information about you from other sources. This information includes:
- Financial transaction information. If you make a purchase on the Website or subscribe to paid services, we may receive and process financial transaction information from our payment services provider, such as transaction ID, transaction date/time, transaction amount, etc. However, we NEVER collect your bank card information, such as card number, card mask, name on the card, CVV/CVC code, or card expiration date.
4. How We Use Information About You
We use information about you to:
- Provide, maintain, and improve the Services;
- Research and develop new services;
- Send you reports, invoices, technical notices, updates, security alerts, and other support and administrative messages;
- Provide customer service.
5. How Information About You Is Shared
We don't sell or rent your Personal Data to marketers or unaffiliated third parties. We share your Personal Data in limited circumstances, as outlined below.
- Employees and contractors may gain access to some information about you in order to help provide our Services. For example, if we need to assist you with something or if we're investigating an issue with your account.
- Service providers: We share your Personal Data with a limited number of our service providers. We have service providers that provide services on our behalf, such as website hosting, data analysis, information technology and related infrastructure, email delivery, and auditing services. These service providers are listed in the "Sub-Processor List" section below.
- Legal Requests may force us to disclose information about you in response to a subpoena, court order, or other governmental request.
- Business Transfers: In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, sale, joint venture, assignment, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we may share your Personal Data with third parties for the purpose of facilitating and completing the transaction.
- With Your Consent: We may share and disclose information with your consent or at your direction. For example, we may share your information with third parties with whom you authorize us to do so.
- Aggregated or De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of our Services.
6. How Long We Store Data
We store the information we collect for as long as it is necessary for the purpose(s) for which we originally collected it. We may retain certain information for legitimate business purposes or as required by law.
7. Your Rights and Choices
In the European Economic Area (EEA), the UK and some other countries, you may have certain rights available to you under applicable data protection laws which may include:
- Right to access – You have the right to request us for copies of your Personal Data.
- Right to rectification – You have the right to request us to correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete.
- Right to erasure – You have the right to request us to erase your Personal Data.
- Right to restrict processing – You have the right to request us to restrict the processing of your Personal Data.
- Right to object to processing – You have the right to object to the processing of your Personal Data, under certain conditions.
- Right to data portability – You have the right to request us to transmit the data that we have collected about you to another organization, or directly to you, under certain conditions.
You can access and update most of your personal information from the Website directly. But if you have a more specific request (right to portability, to object, etc.) or if you have any questions about these rights, feel free to contact us via the contact form or via email at firstname.lastname@example.org.
You can also delete your account information at any time from the Profile Settings page. When you delete your account, the Personal Data associated with your account will be removed from the Services' database instantly. Some information may still be present in our logs and backups, but it will definitely be gone after a maximum of 30 days. We may also retain certain information about you as required by law or for legitimate business purposes after you delete your account; for example, we may retain information about your financial transactions for our own business records.
8. Use by Minors
The Services are not directed at individuals under the age of thirteen (13), and we request that they not provide Personal Data through the Services.
9. Information Security
While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so. We monitor our Services for potential vulnerabilities and attacks.
10. Transferring Information
11. Sub-Processor List
We use the following third-party products and services to provide our Services:
- Google Cloud Platform for hosting the Website and storing data.
- Firebase for authentication.
- Google Analytics for analyzing website traffic.
- Cloudflare for DNS resolution, DDoS protection, and load balancing.
- Stripe for payments.
- SMTP2GO for sending emails.
- Userback for customer feedback.
- Termly for cookie consent.
12. Links To Other Websites
Effective Date: June 2, 2021