Last Updated at: 24-10-2023
Information we collect
The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.
We collect your IP address, your device information, your activities in our website/software products, your social media profile to help us improve the user experience of our products.
If you contact us directly or sign up for services in our website/software products, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.
We collect non-PII data such as
We use the information we collect in various ways, including to:
- Aggregate analytics data
- Device information (e.g., browser type, operating system)
- Log data (e.g., IP address, access times)
- Cookies and similar technologies
propellor.ai follows a standard procedure of using log files. These files log visitors when they visit our websites and use our apps. All hosting companies do this as part of hosting services’ analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users’ movement on the website, and gathering demographic information.
Cookies and Web Beacons
Like any other website, propellor.ai uses ‘cookies’. These cookies are used to store information including visitors’ preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users’ experience by customizing our web page content based on visitors’ browser type and/or other information.
Note: that propellor.ai has no access to or control over these cookies that are used by third-party advertisers.
Third Party Privacy Policies
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers’ respective websites.
CCPA Privacy Rights (Do Not Sell My Personal Information)
Under the CCPA, among other rights, California consumers have the right to:
- Request that a business that collects a consumer’s personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.
- Request that a business delete any personal data about the consumer that a business has collected.
- Request that a business that sells a consumer’s personal data, not sell the consumer’s personal data.
- If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
GDPR Data Protection Rights
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
- The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.
- The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
- The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
- The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
- The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
- The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond.
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
propellor.ai does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website or application, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records
How we use your information
We use the information we collect in various ways, including to:
- Provide, operate, and maintain our website and applications
- Improve, personalize, and expand our website and applications
- Understand and analyze how you use our website and applications
- Develop new products, services, features, and functionality
- Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website, and for marketing and promotional purposes
- Send you emails
- Find and prevent fraud
Sharing and Disclosure
- Client Access: Data collected and analyzed by Propellor is primarily for the benefit of our clients. We share insights, reports, and relevant data with our clients to assist them in making informed decisions.
- Non-Disclosure Agreements (NDAs): We have strict contracts and agreements in place with our clients and stakeholders to protect the confidentiality and security of the data we handle. These agreements outline the responsibilities and obligations of all parties involved.
- Legal and Regulatory Compliance: We may be required to disclose data in response to lawful requests, such as court orders or subpoenas, or as required by applicable laws and regulations. In such cases, we will ensure that any disclosure is made in compliance with legal requirements.
- Change of Ownership: In the event of a merger, acquisition, or sale of all or part of our assets, client data may be transferred as part of the transaction. We will take all necessary steps to ensure that the data is protected and used in accordance with this policy.
- Client Consent: We will seek explicit consent from our clients before sharing data for any purpose not covered by this policy.
Note: We do not share or disclose non-PII data with third parties except for:
- Service providers who assist us in data processing
- Legal or regulatory requirements
- Anonymization and Pseudonymization: Data is anonymized to remove any personally identifiable information. Pseudonymization techniques are used to replace direct identifiers with artificial identifiers.
- Encryption: Data is encrypted both in transit and at rest. This ensures that even if data is intercepted or accessed by unauthorized parties, it remains unintelligible.
- Access Control: Role-based access control (RBAC) and strong authentication methods are implemented to ensure that only authorized personnel can access and manipulate data.
- Audit Trails and Logging: Detailed logs of data access, changes, and interactions are maintained. These logs serve as an audit trail for accountability and can be reviewed in case of any suspicious activity.
- Data Minimization: Only the necessary data is collected and processed for the intended purpose. Unnecessary data is not collected or retained.
- Regular Security Audits and Assessments: Periodic security assessments and audits are conducted to identify and rectify vulnerabilities in the system.
- Secure Software Development Practices: Security is integrated into the development lifecycle, including practices such as secure coding, code reviews, and vulnerability scanning.
- Data Residency and Jurisdiction Compliance: Data is stored and processed in compliance with legal and regulatory requirements regarding data residency and jurisdiction.
- Incident Response and Breach Notification: Protocols are in place to respond swiftly to any potential data breaches. Notification procedures are followed as required by GDPR and other applicable laws.
- Data Backup and Recovery: Regular backups of data are taken and stored securely to ensure that it can be restored in case of data loss or system failure.
- Training and Awareness: All employees and relevant stakeholders are trained on data protection best practices and are made aware of their responsibilities regarding data privacy.
- Vendor and Third-Party Due Diligence: If third-party services or vendors are involved, they are assessed for their data protection measures and compliance with GDPR.
- Privacy by Design and Default: Data protection principles are integrated into the product from the design stage, ensuring that privacy is a fundamental aspect of the system.
- User Consent Management: If applicable, mechanisms are in place to obtain and manage user consent for data processing activities not covered by legitimate interests or legal obligations.
- Data Portability and Erasure: Mechanisms are provided for users to request their data, as well as for the secure deletion of data upon request.
Changes to this Policy