Download PDF
Download page Stiltsoft Europe Privacy Policy for the monday.com Marketplace.
Stiltsoft Europe Privacy Policy for the monday.com Marketplace
This Privacy Policy describes the ways we collect, store, use and manage the information you provide to us or we collect in connection with your use of our Apps and Websites.
1. Definitions
“Policy” means this Stiltsoft Europe Privacy Policy.
“We”, “our” or “us” means Stiltsoft Europe OÜ, a company whose registered address is at Jõe tn 3-303, 10151, Harju maakond, Tallinn, Estonia, and any of our affiliates.
“You”, “your” means you, an individual who uses our App or Website.
“App” means an application developed by us and distributed through the app marketplace at monday.com .
“Website” means the website accessible at https://stiltsoft.ee/, https://stiltsoft.com/, including its subdomains, and our other websites on which this Policy appears.
“License Agreement” refers to the Stiltsoft Europe App License Agreement.
“monday.com” means monday.com Ltd., the owner and provider of monday.com Marketplace and the monday.com product or other product or service, with which the Apps are used.
“Personal Data” means information that can be used to identify you as an individual, like your first and last name, email address, username, usage data and so on. Personal Data does not include information that has been anonymized such that it does not allow for your identification. If you cannot be identified (e.g., when Personal Data has been aggregated and anonymized), then this Policy does not apply.
2. When We Act as Processor
Our Apps and Websites are intended to be used by organizations and businesses. Where we provide an App to an organization (e.g., to your employer or a client of your employer) that organization controls the information processed with the use of the App or by the App. This organization is the controller of the information, including your Personal Data, and is responsible for the accounts used to access the App, including your monday.com account.
If this is the case:
- this Policy does not apply to our interactions with you, since, in this context, we act solely as a processor of your data on behalf of the controller (e.g. organization you work with/for);
- we are not responsible for the privacy or security practices of a controller's organization, which may be different than this Policy; and
- please direct your data privacy questions and requests to your organization, as your use of the App is subject to that organization's policies.
3. Third Parties Processing Your Personal Data
This Policy does not cover the collection, processing, storage, or use of your Personal Data, by monday.com or any other third parties. We do not control when or how third parties collect, process, store or use your Personal Data. Please, refer to the privacy policies of third parties in order to learn and understand how and when they use your information.
For example, the monday.com Privacy Policy governs the collection and use of your information by monday.com.
4. When We Act as Controller
There might be cases when you use our Apps, not as an employee, contractor, or representative of an organization or when we, not your organization, determine the purposes and means of the processing, including collection, of your Personal Data. This Policy applies to such cases, and they will be described further in more detail.
5. What Data We Collect and How We Do That
When you visit our Website, use our App or contact us directly we collect and process your Personal Data. The ways we collect it can be broadly categorized into the following:
5.1. Information you provide to us directly
When you use our Apps and Websites we might ask you to provide Personal Data to us. For example, we ask for your contact information when you set up an account with us, contact us with questions or request support, or you may provide your Personal Data to us when you provide feedback or make posts on our blog, forum, or wiki pages.
5.2. Information we collect automatically
We collect some information about you automatically when you visit our Websites, like your region, the type of device you use, the type of browser you use, and the language of your browser. This information is helpful for us as it helps us better understand how you are using and configuring our Websites so that we can improve them and continue to provide the best experience possible.
Some of this information is collected using cookies, other similar tracking technologies, and third-party tools like Google Analytics.
Please note that by using the Websites, you agree to our use of cookies as described in this Policy.
We also use session cookies that allow us to link your actions during a browser session. A browser session starts when you open the browser window and finishes when you close it. Session cookies are created temporarily and are deleted once the browser window is closed.
We use our own cookies (first party cookies):
- to remember your choice about cookies on the Websites;
- to recognize you when you visit the Websites;
- to remember your preferences.
In addition, we work with reputable service providers who can use their cookies when you use the Website (third-party cookies). First of all, we use Google Analytics, in particular. Its collects only the anonymous information rather than your name or other identifying information. We do not combine the information collected through the use of Google Analytics with your Personal Data. Although Google Analytics plants a permanent cookie on the web browser you use to identify you as a unique user, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics is restricted by the Google Analytics Terms of Service and the Google Privacy Policy.
We use tools such as Google Analytics Advertising Features, in particular, ‘Remarketing with Google Analytics’ to advertise on third party websites (including Google) to previous visitors to our Website. This could mean that we advertise to previous visitors who have not completed a task on our Website, for example by using the contact form to make an inquiry. This remarketing could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party vendors, including Google, use cookies to serve advertisements based on someone’s past visits to the Website (more information on advertising cookies used by Google can be found by visiting the Google Privacy Policies). Any data collected will be used in accordance with this Privacy Policy and Google’s privacy policy. You can set preferences for how Google advertises to you, including by opting out of interest-based advertising over Google through the use of cookies, by visiting the Google Ad Preferences page.
Another example of a third party service which can set cookies on your browser when you use the Website is DISQUS, a comment hosting service.
This Policy does not cover the use of cookies and other similar technologies by third parties, which services we may utilize.
Web browsers will enable you to see what cookies you have got, allow you to delete them all or on an individual basis, and enable you to block or allow cookies for all websites or individually selected websites. You can also normally turn off third party cookies separately (e.g., to opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout).
5.3. Information we get from third parties
We might collect Personal Data about you from third parties like monday.com or your organization (e.g. from your employer or from other users of the App). For example, monday.com can provide us with billing and technical contacts details (name, address, email and phone number) upon installation of the App.
6. Legal Grounds to Process Personal Data
If you are an individual in the European Economic Area (EEA) the provisions of this section apply to you.
Where we collect Personal Data, we will only process it when we have the legal basis for the processing set out in applicable data protection laws. Such legal bases are:
- The performance of a contract. We may process your Personal Data where we need to take steps at your request prior to entering into a contract or where it is necessary for the performance of a contract.
- The legitimate interests. Your Personal Data may be processed when we, other companies in our group of companies or third parties (e.g., your employer) have a business or commercial reason to process your Personal Data.
- A legal obligation. Various laws and regulations may impose certain obligations on us. To comply with them we have to process your Personal Data.
- Your consent. In certain limited cases we process your Personal Data based on your consent, for example, when it is required for direct marketing purposes and you are not an employee, contractor or representative of an organization that has been interested in or has used our Apps.
7. How We Use Personal Data
Our processing of your Personal Data is necessary for us to provide you with the Websites and Apps. If we do not process your Personal Data, we may be unable to provide you with all or some features of the Apps.
We use your Personal Data for a number of purposes, which may include the following:
Use of your Personal Data | Legal basis (for EEA) |
To operate our Apps and Websites, ensure they work as intended and deliver the services you have requested | Performance of a contract Legitimate interest |
To set up and operate your account, including to authenticate you when you log in | Performance of a contract Legitimate interest |
To support you, including assisting with the resolution of technical or other issues relating to the Apps and Websites | Performance of a contract |
To enhance our Apps and Websites, test and develop new features and carry out analysis of our Apps and Website so that we can optimize your user experience and provide you and other users with more efficient tools and features | Legitimate interest |
To analyze and aggregate data, to prepare statistics, in particular, to produce aggregated and anonymized analytics and reports, which we may use internally or share publicly or with third parties | Legitimate interest |
To manage our relationship and communicate with you. This may include:
These communications are part of the services we provide you through the Apps and in most cases you will not be able to opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings | Performance of a contract Legitimate interest |
To promote and drive engagement with the Website and Apps | Legitimate interest |
To send marketing communications that may be of specific interest to you. These communications are aimed at driving engagement and maximizing what you get out of the Apps, including information about new Apps, newsletters, product offers, and promotions we think may be of interest to you. You may opt out of receiving marketing communications from us by using the unsubscribe link within each email, updating your email preferences within your account settings, or by contacting us at smart-spreadsheet@stiltsoft.monday.com.net to have your contact information removed from our promotional email | Legitimate interest Your consent |
To prevent, detect and report crime, protect you, other users and us, for example, by ensuring network and information security, mitigating security risks, detecting and preventing any fraudulent or malicious activity, and make sure that everyone is using our Apps and Websites fairly and in accordance with the License Agreement | Legal obligation Legitimate interest Performance of a contract |
To perform legal duties, responsibilities, and obligations; and to comply with any laws and regulations that apply to us | Legal obligation |
To exercise our rights set out in the License Agreement or other agreements with you | Performance of a contract |
To disclose information to companies in our group of companies following a restructure or for internal administrative purposes | Legitimate interest |
8. How We Can Share Your Personal Data
When you post on our forums or blogs you make your username and/or email address publicly visible. Thus, you acknowledge that your Personal Data (your name) will be publicly exposed if you post your comments or feedback in the public sections of our Websites (e.g. forums, blogs, feedback portals, etc.).
There will be times when we may need to share your Personal Data with third parties. We may disclose your Personal Data to:
- Other users of the App;
- monday.com;
- Other companies in our group of companies;
- Third-party service providers and partners who assist us in the provision of Apps and Websites, for example, to those who support delivery of or provide functionality on the Websites or for the Apps (e.g. Google, Mailchimp), or market or promote our Apps and Websites;
- Regulators, law enforcement agencies, government bodies, courts, fraud prevention agencies, or other third parties, where we think it is necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights (where possible and appropriate, we will notify you of this type of disclosure);
- An actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business; and/or
- Other persons where we have your consent.
9. International Data Transfers
When we process and share data, it may be transferred to, and processed in, countries other than your country. Where Personal Data is processed in another country, we put safeguards in place to ensure your Personal Data remains protected.
For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your Personal Data is transferred outside the EEA, it will be transferred to countries where we have compliant transfer mechanisms in place to protect your Personal Data, in particular, by implementing the European Commission’s Standard Contractual Clauses to the contracts with the entities the data is transferred to or by using other app
ropriate legal mechanisms to safeguard the transfer.
10. Security
We are committed to protecting your Personal Data and have appropriate technical and organizational measures in place to protect data from loss, misuse and unauthorized access, disclosure, alteration and destruction. We process all Personal Data using industry-standard techniques. We restrict access to such information to our employees, contractors, and agents who need that information in order to process it. Our security team continuously monitors security systems, event logs, notifications and alerts from all systems to identify and manage threats.
11. Data Retention
Some data is controlled by your organization, some data you can delete whenever you like, some data is deleted automatically, and some data we retain for longer periods of time when necessary. When the data is being deleted, we make sure that your data is safely and completely removed from our servers or retained only in anonymized form.
11.1. Information retained until controller removes it
When the App is made available to you through an organization (e.g., your employer), we retain your information as long as required by the controller (your organization).
11.2. Information for marketing communications
If you have not opted-out or have consented (as the case may be) to receive marketing communications from us, we retain information about your marketing preferences for a reasonable period of time from the date you last used or expressed interest in our Apps.
11.3. Information retained for extended time periods for limited purposes
Sometimes business and legal requirements oblige us to retain certain information, for specific purposes, for an extended period of time. Reasons we might retain some data for longer periods of time include:
- To ensure that the Apps and Websites are available to you and other users.
- To protect you, other persons, and us from fraud, abuse, illegal activity, and unauthorized access, for example, when we suspect someone is committing fraud.
- To facilitate dispute resolution.
- To comply with applicable law, regulation, legal process, or enforceable governmental request, or when we are required to enforce the License Agreement, including investigation of potential violations.
- If you have directly communicated with us, for example, through a customer support channel or provided feedback or a bug report.
12. Your Rights
Individuals in the European Economic Area (EEA) have the following rights with respect to your Personal Data that we process as the controller:
- Right to access. You have the right to access (and obtain a copy of, if required) your Personal Data.
- Right to rectification. You have the right to update your Personal Data or to correct any inaccuracies.
- Right to erasure. You may have the right to request that we delete your Personal Data in certain circumstances, such as when it is no longer necessary for the purpose for which it was originally collected.
- Right to restriction of processing. You may have the right to request to restrict the use of your Personal Data in certain circumstances, such as when you have objected to our use of your Personal Data but we need to verify whether we have overriding legitimate grounds to use it.
- Right to data portability. You have the right to transfer your Personal Data to a third party in a structured, commonly used and machine-readable format, in circumstances where the Personal Data is processed with your consent or by automated means.
- Right to object. You may have the right to object to the use of your Personal Data in certain circumstances, such as the use of your Personal Data for direct marketing.
- Right to complain. If you are not happy with how we are processing your Personal Data, please let us know by sending an email to smart-spreadsheet@stiltsoft.monday.com.net. We will review and investigate your complaint, and try to get back to you within a reasonable time frame. You have the right to complain to your local data protection authority. This right may not be available to you if there is no authority dealing with data protection in your country.
Please note that we will be able to assist you in exercising your rights only when we are the controller of your Personal Data (e.g., when we use your information for marketing communications or when you have contacted us not as an employee or representative of an organization). You can exercise your rights at any time by sending an email to smart-spreadsheet@stiltsoft.monday.com.net. In all other cases, please direct your data privacy questions and requests to your organization.
We may require evidence of and be satisfied as to your identity before we take any requested action.
13. Modifications
We reserve the right, at our sole discretion, to put into effect, modify or revise this Policy at any time by posting the Policy or revised Policy on this page. The Policy or any changes will become effective upon posting of the revised Policy. Depending on the significance of the changes to this Policy we will use reasonable efforts to inform you by email, by posting a notice on the Website, or by using other ways to notify you about the changes.
14. Privacy Related Inquiries
If, for any reason, you are concerned with the way that we may be using your Personal Data you have questions about the privacy aspects of the Apps or Websites, please, contact us at smart-spreadsheet@stiltsoft.monday.com.net.
15. California Privacy Rights Notice
This Privacy Notice for California residents supplements the information contained in this Privacy Policy.
This section applies solely to visitors, users, and others who reside in the State of California.
15.1 Categories of Personal Information Collected
The personal information that we may collect, or may have collected from you in the preceding twelve months, falls into the following categories established by the California Consumer Privacy Act (CCPA):
- identifiers, such as your name, alias, email address, or IP address;
- Internet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet Web site, application, or advertisement.
- geolocation data, such as the location of your device or computer; and
- audio, visual, electronic, or other similar information, including when you communicate with us by phone or otherwise.
15.2 Categories of Personal Information Disclosed for a Business Purpose
The personal information that we may have disclosed about consumers for a business purpose in the preceding twelve months falls into the following categories established by the CCPA:
- identifiers, such as your name or email address, for example, if we use a third-party customer support provider;
- geolocation data and Internet or other electronic network activity information, if we use a third-party service provider to help us with analytics, marketing or advertising; and
- audio, visual, electronic, or other similar information, for example, if a third-party service provider reviews recordings of customer support phone calls for quality assurance purposes.
For more information about the personal information we may disclose to third parties for business purposes, please visit the “How We Can Share Your Personal Data” section above.
15.3 Your Rights
You may have the right under the CCPA to request information about the collection of your personal information by us, or access to or deletion of your personal information, in some circumstances. If you wish to do any of these things, please contact us at smart-spreadsheet@stiltsoft.monday.com.net. Please be aware that we do not accept or process requests through other means (e.g., via fax, social media, etc.).
We will review the information provided and may request additional information to ensure we are interacting with the correct individual. Please also be aware that making any such request does not ensure complete or comprehensive removal or deletion of personal information, and there may be circumstances in which the law does not require or allow us to fulfill your request.
15.4 No Sale of Personal Information
In the preceding twelve months, we have not sold any personal information of consumers, as those terms are defined under the CCPA.
15.5 No Discrimination
We will not discriminate against any consumer for exercising their rights under the CCPA.
Last updated: