The following terms are defined:
Data Controller: Algomo Limited, 20-22 Wenlock Road, London, N1 7GU, UK
Data Processor: Algomo Limited, 20-22 Wenlock Road, London, N1 7GU, UK
Website – https://www.algomo.com
User: A person that uses the Website. This person can be a registered user of the application or a website visitor without logging in.
User Account: The account used by a User to have access to the services provided by the Data Controller through the Website.
The General Data Protection Regulation (GDPR) is a European Union (EU) privacy law that affects businesses around the world when it comes into effect on 25th of May 2018. It regulates how any organization that is subject to the Regulation treats or uses the personal data of a User located in the EU. Personal data is any piece of data that is used alone or with other data, identifying a person. If an organization collects, changes, transmits, erases, or otherwise uses or stores the personal data of EU citizens, it needs to comply with the GDPR. The GDPR replaces an older directive on data privacy, Directive 95/46/EC, and it introduces a few important changes that may affect Data Controller Users. The GDPR also outlines the rights of a User around his/her personal data. An EU User has the right to ask for details about the way his/her personal data is used. A User has the right to request his/her personal data be corrected, provided to him/her, prohibited for certain uses, or removed completely from the database of the Data Controller.
The User’s personal data is processed by the Data Controller creating a User Account and verifying the User via e-mail. Furthermore, the User’s personal data is processed for marketing actions, to which the User agrees while creating a User Account. Such marketing actions include sending e-mails & linkedin messages for new features, services or commercial information about the Data Controller. While creating a User Account, the User agrees to the processing of his/her personal data by the “connected platforms” for purposes connected with the processing of electronic payments and support.
Data controller has a solid vulnerability management process in place, across the entire ecosystem. The vulnerability management program of the Data Controller includes the adaptation to modern networks by implementing three key principles: Complete Ecosystem Visibility, Remediation Workflow Automation, and SecOps Agility.
Data Controller makes daily backups. Backups are useful in case of storage failure, asset loss, or other disasters. Data Controller uses server and database options available from the top cloud service providers today, that of Google, Amazon AWS, and Microsoft. Disaster recovery is always high on the list regardless of which regulations that need to be met. Backup of the database data is done in the cloud, avoiding local backups.
A User is allowed to delete his/her User Account whenever desired. That option is available inside the Data Controller application with the press of a button. After the User deletes his/her User Account, his/her personal data is automatically deleted as long as from the “connected platforms” unless he/she was a paying user in which case we keep just the necessary information for taxing purposes as the law obliges.
Personal data is only kept for as long as it is necessary. Then the data is securely destroyed or anonymized. Personal data of the User is retained as long as he/she exploits the provided services by the Data Controller, maintaining a User Account. If the User Account is deleted by the User, the personal data is retained by the Data Controller up to three months from the date of the termination of the services. After the expiration of the personal data retention duration, the data will be deleted by the Data Controller, except for the personal data that is provided to the Data Controller for advertising actions. Such data will be deleted after the User withdraws the consent, in respect to the processing of such data.
Any breaches of personal data of the User will be reported to the authorities and affected individuals without delay, according to the GDPR requirements.
The Data Controller processes User’s personal data according to the GDPR requirements after the User’s consent and registration on the Website. The creation of a User Account and the use of the provided services of the Data Controller by the User requires giving the consent for the personal data processing. The user also gives the consent to the provision of the personal data to the “connected platforms”. If the User does not agree to give the consent, the creation of a User Account is not possible by the Data Controller for the provision of the available services. The User is allowed to withdraw his consent, with respect to the processing of his/her personal data by the Data Controller.
Data Processor accesses, collects, stores and processes data from YouTube’s API in respect to: Video Snippet (thumbnail, title, description, statistics, comments), Channel settings (cover), Channel statistics and Channel snippet (thumbnail, title). Such data is processed by the Data Controller as per the requirements of YouTube’s API Services – Developer Policies:
This data will not be used in any manner that is incompatible with the purposes for which it was collected. Data Processor processes such data to provide users our social media monitoring services. This includes providing users access to our different features and insights. Our processing for the purpose of providing our services is based on our legitimate interest to do so or on users’ consent (where applicable, such as when the user signs up for an account).
Last updated 25 Nov, 2020.