Privacy Policy
Fundamentally / Documentally
Last updated: September, 2023
This Privacy Statement (the “Privacy Statement”) is provided by:
Mitras Tech & Assets B.V. (“Mitras”/”we”)
Westerstraat 10, 3016 DH Rotterdam, the Netherlands
Email: privacy@mitras.tech
Introduction
This statement or policy describes the collected information when using Mitras’ sites, services, mobile applications, products, and content (“Services”), like Fundamentally and Documentally. We also provide information about how we store, transfer, use, and delete that information, and what choices you have with respect to the information.
This policy applies to Mitras’ services (communucation between Coachée and Coach/ company), payment, contracting, chat tool), including the website and mobile applications, and other related services (e.g. customer support conversations, user surveys and interviews etc.) you may have with Mitras.
This policy applies where we are acting as a Data Controller with respect to the personal data of users of our Services; in other words, where we determine the purposes and means of the processing of that personal data. For content and data that you upload to or make available through the Service (“User Content”), you are responsible for ensuring this content is in accordance with our Terms of Service, and that the content is not violating other users’ privacy.
How we collect, process and store information
The privacy of our users is very important for us and breaches shall always be handled as a priority 1 (highest rank) incident to solve.
Mitras only collects and process information that is needed to execute the service (also develop and maintain).
Below we describe what kind of data we collect, store and process, with different legal grounds. For the categories of data that require your consent, we will actively ask you for consent before collecting any data. You can give and revoke your consents at any time in your Settings page in www.fundamentally.documentally.eu
|
User account information |
Users that choose to register in Mitras, will have to provide a valid email address. The user can also choose to enter a display name and/or add a profile letter-picture (to make sure we apply to the GDPR/AVG rules) that will be used to represent them in conversations. .
|
|
Session information |
To create a My Fundamentally/ Documentally environment, you as a user will have to fill in details to provide the Service data to proceeds. You as a user is responsible for the content you enter into Fundamentally/ Documentally, and the content has to be compliant with our guidelines for Prohibited Content in Terms of Services.
|
|
|
The information may be used for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. This is required to deliver the Service to you as an user, by taking steps, at your request, to enter into and to fulfilling such a contract (Terms of Service) cf. GDPR art. 6 (1) item b.
|
|
Transaction information |
Customers that choose to purchase a paid version of the Services provide Whereby (and our payment processors) with billing details such as credit card information, billing email, banking information, location at the time of transaction and/or a billing address.
|
|
|
The transaction data may be processed for the purpose of supplying the purchased services and keeping proper records of those transactions. This data may be used for the purpose of delivering the Services to you. Processing this information is required for fulfilling the contract we entered into with you, at your request (our Terms of Service) cf. GDPR art. 6 (1) item b. Additionally, this information needs to be retained in order to comply with accounting and tax regulation cf. GDPR art. 6 (1) item c.
|
|
Usage information |
When you as a user interact with the Services, we collect and process metadata to provide additional context about the way the Service is being used. The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our server software and our analytics tracking system.
|
|
Product Analytics data |
Mitras logs activities when the users interact with our websites or apps, when a page or a room is visited or where there is a conversation. We shall never attend or record the content in conversations. Only as a teacher you shall have rights to checked them. Also we use data related to rating to improve our services (anonymous) and the matchmaking part.
|
|
Technical log data |
Our servers automatically collect information when Websites or Services are accessed or used and record it in log files. This log data may include the Internet Protocol (IP) address, the address of the web page visited within the Services, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data.
|
|
Device information |
It’s possible to collect and process information about devices used to access the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data. Whether we collect and process some or all of this information depends on the type of device used and its settings.
|
|
Location information |
We receive information from you and other third-parties that helps us approximate your location. We may, for example, use a business address submitted by your employer, or an IP address received from your browser or device to determine approximate location. Mitras may also collect location information from devices in accordance with the consent process provided by your device.
|
|
|
The legal basis for this processing is our legitimate interests cf. GDPR art. 6 (1) item f, namely using this data for the purpose of ensuring the proper administration of our website and business, analyzing the use of the website and services, monitoring and improving our website and services, improving the user experience, preventing abuse, and assisting users with support inquiries. For information about cookies and how to opt out of cookies, see our Cookie Policy.
|
|
Customer Support Information |
We may process information that you send to us, should you choose to submit a ticket to our support email. If you contact us, we may use your Account, Room, Transaction or Usage Information to respond.
|
|
|
Processing this information it is required for performing the contract we entered into with you, at your request (our Terms of Service), as well as our legitimate interest of handling your requests cf. GDPR art. 6 (1) item f.
|
|
Product & Marketing communication |
We may process information that you provide to us for the purpose of subscribing to our email newsletters. You can opt in to emails such as digests, newsletters, and activity notifications through your account’s “Settings > Privacy > Consents” page.
|
|
|
The notification data may be processed for the purposes of sending you relevant product information or newsletters. The legal basis for this processing is your consent cf. GDPR art. 6 (1) item a.
|
|
Service and transactional notifications |
Service related, we can send emails about the account, service changes or new policies..
|
|
|
The legal grounds for processing this information is that it is required for performing our commitment about communicating changes in plans and pricing to you in the contract we entered into with you, at your request (our Terms of Service) cf. GDPR art. 6 (1) item b, and our legitimate interest of communicating important information about your account to you, cf. GDPR art. 6 (1) item f.
|
|
Correspondence information |
It could be possible to process information that you choose to share with us if you participate in a focus group, contest, activity or event, apply for a job, interact with our social media accounts or otherwise communicate with us
|
|
|
The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests cf. GDPR art. 6 (1) item f, namely the proper administration of our website and business and communications with users. |
|
Integrations with external services |
You as a participant in a meeting may choose to open one of the integrations we provide (Google Drive, YouTube, Trello and others) in rooms where these have been enabled. We may store data from use of integrations in a local browser storage, and process this to enrich the user experience. This data can be deleted with the delete option in the integration settings or by deleting it from the cache of your browser. When using an integration, metadada like title, thumbnail, dates and share permissions about content selected may be fetched and displayed in the web page. We may store non-personal/non-restricted information (eg. content id and access date) in a local browser storage to display lists of recent opened integrations. Restricted metadata is always stored by the services themselves and requires explicit consent given by the facing user to fetch it. The implementation is in compliance with the services privacy policies for example: Google Privacy Policy and Trello Privacy policy.
|
|
|
The information may be used for the purposes of operating our website and providing our services. This is required to deliver the Service to you as user, by taking steps, at your request, to enter into and to fulfilling such a contract (Terms of Service) cf. GDPR art. 6 (1) item b.
|
How processing media (audio/video)
Egas shall never store any media sent between participants in a room for own use. Customers who have access to the “Recording” feature will be able to record meetings, and they are then responsible for collecting consents from all participants in the meeting prior to starting the recording. They are also responsible for storing and processing the recording in compliance with regulations after downloading it.
Security
Service communication will use a dedicated server infrastructure to allow more people in conversation, and better stability. Your text messages and stream will be sent through video router servers which transmits it to the other participants in the call, and also transmits their streams to you. Streams will always be encrypted (DTLS-SRTP) in transit, but will be decrypted and re-encrypted when passing through the video routers. We operate an infrastructure of video routers distributed across the world, and you will be automatically routed to the closest one. The video router servers and all of our infrastructure adhere to strict security measures, preventing any eavesdropping or interruption of the chat/video/audio streams.
Providing your personal data to others
We may share information about with third parties in some circumstances, including: (1) with your consent; (2) to a service provider or partner who meets our data protection standards; (3) with academic or non-profit researchers, with aggregation, anonymization; (4) when we have a good faith belief it is required by law, such as pursuant to a subpoena or other legal process; (5) to protect the vital interest of others, when we have reason to believe that doing so will prevent harm to someone or illegal activities.
The categories of service providers of Egas and partners are:
- Hosting/infrastructure/storage providers
- Payment processors
- Analysis tools providers
- Customer Support tools providers
- Marketing and email providers
- Recruiting tools providers
- Internal communication tools providers
Business Transfers
We may disclose your personal data to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy.
In the case where we are involved in a merger, acquisition, bankruptcy, reorganization or sale of assets such that your information would be transferred or become subject to a different privacy policy, we will notify you in advance and give you the option to delete your data before the transfer.
International transfers of your personal data
In some circumstances your personal data may be transferred to countries outside the European Economic Area (EEA). You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others. For information about what types of content you as a user is responsible, see this Terms of Service.
We and our other group companies have offices and facilities in the Netherlands and Spain. The hosting facilities for Account information stored by Egas are situated in Germany and using AWS with strictly Security measures. The hosting facilities for Usage information are situated in Germany and possible the United States. Transfers to the United States will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission, a copy of which can be obtained from https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.
Retaining and deleting personal data
Personal data that would be process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
We will retain your personal data as follows:
- Transaction information will be retained for a minimum period of 5 years following date of the transaction, and for a maximum period of 10 years following the date of the transaction.
In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the following criteria:
- Account information, company/ client(personal) information will be retained until you decide to delete your account or delete a room/school environment.
- Information about you used for Product & Marketing communication will be retained as long as you have given us consent to use this information.
- The period of retention of usage information will be determined based on the need for historical data to determine statistical validity and relevance for product decisions and technical monitoring.
Regardless of the provisions above, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Changes to this policy
We can change these Terms at any time. If you paid for a subscription Plan, and if Egas will change material, we’ll let you know before it takes effect. By using Egas on or after that effective date, you agree to the new Terms. If you don’t agree to them, you should delete your account before they take effect, otherwise your use of the Service and Content will be subject to the new Terms.
Managing and deleting your personal information
If you have an account, you can access, modify or export your personal information, or delete your account in Settings. If you delete your account, your information and content will be unrecoverable after that time. You may instruct us at any time not to process your personal information for marketing purposes, by adjusting your Privacy settings). We may withhold personal information that you request to the extent permitted by law.
Your rights
As an individual you are granted rights according to the applicable data protection law*:
- The right to access to your personal data
- The right to rectification of your personal data
- The right to object to and restriction of our processing of your personal data
- The also right to be forgotten; erasure of your data.
- The right to data portability.
*) = Due to the fact that the Education Convenant could be valid; if you are a student, the school shall be responsible for the request above.
If you have provided your consent to your processing of personal data, you may also withdraw your consent at any time, on our Settings > Consent page.
The rights are not absolute, and you may read more about your rights in the EU general data protection regulation Chapter III, or at https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en
To exercise your rights or if you otherwise have any questions regarding our processing of your personal data, we encourage you to contact us as described below. However, we also notify you that you may raise complaint to a data protection authority.
As a Dutch company, Egas uses the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) as a supervising authority. You may find further information on their website: https://autoriteitpersoonsgegevens.nl/. You may contact your national/state supervisory authority, but Egas will retain the Dutch Data Protection Authority as our lead supervisory authority.
Data protection officer
Our data protection officer’s contact details are: privacy@egas.world
To learn more, visit the Privacy section in our FAQ.
Cookie Policy
Last updated: July, 2021
General
This Cookie Policy is an addendum to the Terms of Service and Privacy Policy of Fundamentally/ Documentally, a trademark of Mitras Tech & Assets BV. Any definitions used in those Policies, will have the same meaning in this Policy.
This Policy outlines how Cookies are used within Mitras Services and other tracking technologies to run and deliver the service, and how you can choose which type of tracking to disable.
What is a cookie?
A cookie is a small text file with an identifier sent by us to your computer or mobile device, and stored in your browser. “Session-based” cookies last only while your browser is open and are then deleted. “Persistent” cookies last until you or your browser deletes them, or they expire. Cookies do not typically contain any personally identifiable information, but may be linked to personal information we store about you. E.g. if you are logged in with a registered user, the cookie will help us remember that you are logged in when you return to the site. To find out more about cookies, visit this site.
What is local storage?
Local storage is a component of the Web storage application programming interface. It is a method by which Web pages can store information inside your Web browser. Similar to cookies, this stored information exists even when you close a browser tab, surf away from the current website or close the main browser. But unlike cookies this data is not carried to the remote Web server unless sent explicitly by the web page. Local storage is often used to remember choices a user has made inside a Web application or to cache information to improve performance. Elements stored in browser Local storage is covered by this policy to the extent that the information stored in these elements is communicated back to the server.
Managing cookies and local storage
Most browsers allow you to refuse to accept cookies and to delete cookies. If you block cookies, you may not be able to use all the features on our website, or have a worse experience. We have gathered information about how you can block and delete cookies and local storage elements in this FAQ article.
How we use cookies and local storage
Fundamentally/ Documentally uses cookies and local storage on our sites and mobile applications. Any browser visiting these sites will receive cookies from us. We are using cookies and similar technologies in our Websites and Services that help us collect information needed to run and deliver the Service.
Cookies and local storage that we use
We use cookies for the following purposes:
Categories of use |
Description |
Authentication |
We use local storage to identify you when you visit our website and to authenticate calls our web application makes to the backend servers on your behalf. If you’re signed in to Fundamentally/ Documentally, this helps us show you the right information and personalize your experience. (Local storage element used for this purpose is: “CredentialsStorage”) |
Analysis |
We use cookies to help us analyze the usage patterns and performance of our website and services. We use services from Google Analytics for this purpose, see the cookie list for more details. |
Payment and Fraud detection |
We use cookies to enable easy payment processing and to detect fraud through our payment processor ……….. See the cookie list for cookies related to this. |
Integrations |
We may use cookies in your browser to access and share content from third-party Integration Services that you choose to enable in the Service. Some integrations will not work for users who have blocked third-party cookies in their browser, as it will then not be possible for us to open the content from the Integration Service for them. (Cookies used for this purpose depends on which Integration Services you have enabled). |
Advertising |
We may use cookies and similar tracking technologies of third parties, to learn whether someone who saw an ad in a marketing platform later visited our site and took an action (e.g. created an account or upgraded to a paid plan), and provide our advertising partners with information about how the ad performed. We may also work with advertising partners to show you an ad off Fundamentally/ Documentally, after you’ve visited our site or application. |
|
|
|
Integrations
We may make available integrations to other web-based services, allowing you to open those services inside Egas. In order to use third-party integrations in this category, it may be necessary for you to enable support for third-party cookies in your browser. The reason for this is that such integrations may depend on cookies to assert your identity and/or authenticate your access to any non-public assets (documents, boards, etc) opened through them.
Privacy section FAQ
Personal data that we process
Egas BV processes your personal data because you use our services and / or because you provide them yourself. Below you will find an overview of the personal data that we (can) process, depending on the service that could be used:
– First and last name
– Phone number
– E-mail address
– IP address
– Other personal data that you actively provide by registering for activities / services or submitting your CV
– Information about your activities on our website/ platform
– Internet browser and device type
Special and / or sensitive personal data that we process
Our website and / or service does not intend to collect data about website visitors under the age of 18. Unless they have parental or guardian permission. However, we cannot check whether a visitor is over the age of 18. We therefore recommend that parents be involved in the online activities of their children, in order to prevent data about children from being collected without parental consent. If you are convinced that we have collected personal information about a minor without this permission, please contact us at privacy @ move-it-up and we will delete it in formation.
For what purpose and on what basis we process personal data
Egas B.V. processes your personal data to be able to contact you about your application, registration for a service, comment or question. This can be done by email or calling if necessary to carry out our services.
Automated decision making
Egas B.V. does not make decisions based on automated processing on matters that can have (significant) consequences for people. These are decisions taken by computer programs or systems, without involving a person (for example an employee of Egas B.V.).
How long we keep personal data
Egas BV does not store your personal data longer than is strictly necessary to realize the goals for which your data is collected. We use the following retention period for personal data: 1 year.
Sharing personal data with third parties
Egas BV only provides to third parties and only if this is necessary for the execution of our agreement with you or to comply with a legal obligation.
Cookies, or comparable techniques, that we use
Egas BV only uses technical and functional cookies. And analytical cookies that do not infringe on your privacy. A cookie is a small text file that is stored on your computer, tablet or smartphone when you first visit this website. The cookies we use are necessary for the technical operation of the website and your ease of use. They ensure that the website works properly and, for example, remember your preferred settings. We can also optimize our website with this.
You can opt out of cookies by setting your internet browser so that it no longer stores cookies. In addition, you can also delete all information previously saved via your browser settings.
View, adjust or delete data
You have the right to view, correct or delete your personal data
run. You also have the right to withdraw your consent to the data processing or to object to the processing of your personal data by Egas BV and you have the right to data portability. This means that you can submit a request to us to send the personal data that we hold about you in a computer file to you or another organization mentioned by you. You can request access, correction, deletion, data transfer of your personal data.
or send a request for withdrawal of your consent or objection to the processing of your personal data to privacy@egas.world. To ensure that the request for access has been made by you, we ask you to send a copy of your ID with the request. Make your passport photo, MRZ (machine readable zone, the strip with numbers at the bottom of the passport), passport number and citizen service number (BSN) black in this copy. This is to protect your privacy.
We will respond to your request as soon as possible, but within four weeks. Egas would also like to point out that you have the opportunity to file a complaint with the national supervisory authority, the Dutch Data Protection Authority. You can do this via the following link:
https://autoriteitpersoonsgegevens.nl/nl/contact-met-de-autoriteit-persoonsgegevens/tip-ons
How we protect personal data
Egas BV takes the protection of your data seriously and takes appropriate measures to prevent misuse, loss, unauthorized access, unwanted disclosure and unauthorized changes.
Our websites are protected with an SSL certificate so that the exchange of data is secured and personal data is never stored on the website. We host at EU related hosting parties or Microsoft to ensure your data.
If you have the impression that your data is not properly secured or there are indications of abuse, please contact us at privacy@egas.world.
Policies
Applies for Egas B.V. and all daughter companies, trademarks and labels related to.
If you choose to work with products and services related to Egas B.V., in this case Egas.world, you agree to the Terms of Service and Privacy Policy related to the Ltd (in Dutch B.V.) (referred to as “Terms”). Please read them!
If you don’t agree to the Terms, you can’t use products and services related to Egas and you can choose to delete your account or personal data otherwise here. For information about Cookies, see our Cookie Policy.
For us it’s important to be compliant with the European General Data Protection Regulation (GDPR) (AVG). If you notice any breach, we shall handle it with care and priority.