Privacy


We, at Jiminny, Inc. respect your privacy and are committed to transparent privacy practices. This “Privacy Policy”, together with our Cookie Policy describes how we collect, use and share personal information provided to us or otherwise collected by us, including in connection with your use of our Website app.jiminny.com, mobile applications, Desktop clients, and our services (collectively, the “Services”), and what choices you have with respect to the information.

We’ve updated this version of the Privacy Policy to reflect changes in data protection law. In addition, we have worked to make the Privacy Policy clearer and more understandable.

When we refer to “Jiminny”, we mean the Jiminny entity that acts as the controller or processor of your information, as explained in more detail in the “Personal Information We Collect” section below.

This Privacy Policy applies to (i) any person with a registered account on our Services (a “Customer”) and (ii) those who are present in a conversation with a Customer (as a “Guest”), for example by joining a conference or being dialed by a Customer of the Services. Collectively, we refer to these persons as a “User”.

Personal Information We Collect

Jiminny handles personal information when you use our Services. This includes profile data (e.g., name, phone number and email address) and content (e.g., the recordings of telephone conversations).

Data protection laws in certain jurisdictions, like the European Economic Area (EEA), differentiate between “controllers” and “processors” of personal information. A controller decides why and how to process personal information. A processor processes personal information on behalf of a controller based on the controller’s instructions.

When Jiminny handles personal information, we will act as a processor in most cases, including the collection and storage of content such as call recordings.

However, we will occasionally be acting as a controller when, for example, we may need to collect certain personal information for the legitimate interests of access control to our Services, and in the context of troubleshooting and detecting problems with the telecommunications platform.

Recordings

When you organise a meeting or initiate a conversation through Jiminny, you should ensure that if you plan to record the meeting or conversation, you tell everyone and obtain consent from all Users present in the call.

When you use Jiminny to join a meeting or conversation initiated by another User, you should make sure you are clear on whether the call is being recorded. If you do not want to be recorded, you can choose to leave the conversation, or request that recording is stopped.

Information you give us

As a User of the Services, you provide information to us. This includes:

  • profile information like your name, telephone numbers, email address, photo;
  • content you provide through the Services, for instance messages, notes, comments, audio and/or video conversations; and
  • your responses to questionnaires, surveys, or requests for feedback.

The call data and our analysis of any recorded audio and/or video may contain personal information.

As a Customer of the Services, you provide additional information to us directly or indirectly. This includes:

  • meeting details, like title, date, time, duration, and the attendee list together with their profile data from calendar invites;
  • profile data from Customer Relationship Management (CRM) systems; and
  • when you subscribe to a paid plan, your billing details including your address.

Information we collect about you

We log information about your access and use of our Services. This includes:

  • your communications with our Services;
  • your behavior through analytics events;
  • your Internet Protocol (IP) address;
  • your approximate geographic location;
  • the storage of Internet cookies;
  • the type of browser you are using;
  • the type of device you are using; and
  • the type of operating system you are using.

Sensitive personal information

We ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Service or otherwise.

If you send or disclose any sensitive personal information to us (such as when you share your screen or place a telephone call using the Service), you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not provide it.

How We Use Your Personal Information

To provide the service

If you are a User, we use your personal information:

  • to operate, maintain, administer and improve the Service;
  • to optimize your connection to the Service;
  • to manage and communicate with you regarding your Service account, if you have one, including by sending you Service announcements, technical notices, updates, security alerts, and support and administrative messages;
  • to process any payments you make through the Service;
  • to better understand your needs and interests, and personalize your experience with the Service; and
  • to respond to your Service-related requests, questions and feedback.

To communicate with you

If you request information from us, register for the Service or participate in our surveys, promotions or events, we may send you Jiminny-related marketing communications if permitted by law but will provide you with the ability to opt out.

To comply with law

We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.

With your consent

We may use or share your personal information with your consent, such as when you consent to let us post your testimonials or endorsements on our Website, you instruct us to take a specific action with respect to your personal information or you opt into third party marketing communications.

To create anonymous data for analytics

We may create anonymous data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous data by excluding information that makes the data personally identifiable to you, and use that anonymous data for our lawful business purposes.

For compliance, fraud prevention and safety

We use your personal information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern the Service; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

How We Share Information We Collect

Jiminny is collaborative cloud product built for teams. This means sharing information with other Users through the Services, and with certain third parties.

We share information we collect about you in the ways discussed below, including in connection with possible business transfers, though we are not in the business of selling information about you to advertisers or other third parties.

Where we disclose your Personal Information to third parties for the purposes listed below, we will confirm that the third party’s privacy policies and procedures are in accordance with this Privacy Policy.

Sharing with other Users

If you join a conference or call with other Users, the information shared with those Users includes:

  • profile information like your name, email address, and photo; and
  • content you add to the Services, for example audio and/or video conversations, notes, and comments; and
  • your approximate location based on your IP address or telephone number if dialed in.

We provide our Customers with access to their recorded conversations for a limited period of time and they may share the access to the recordings internally and with relevant third parties.

Sharing with third parties

As part of providing our Services, we use third party services to store and process your Personal Information. This includes third parties that may store data outside of the United States.

We share your data with third party services in the following ways:

  • Amazon Web Services for hosting, storage and distribution of media, and transactional email communication;
  • Twilio for telephony, webcam and screen share services;
  • Intercom for realtime support, service communications, and knowledge base;
  • New Relic for page-speed monitoring and performance statistics;
  • Sentry for error reporting and insight;
  • Google Analytics for tracking your behavior through analytics events;
  • Google Cloud Platform for showing your location on a map;
  • LogRocket for error tracking and understanding how you use our Services; and
  • Datadog for monitoring our infrastructure.

For more information on our use of third parties, including the geographic location of each, see our list of Data Subprocessors.

Other third party disclosure

In addition, we may disclose Personal Information to:

  • our subsidiaries and affiliates for purposes consistent with this Privacy Policy;
  • courts, tribunals, regulatory authorities and law enforcement officers as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights; and
  • third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing to you. This may include parties located, or that store data, outside of the United States.

If there is a change of control of our business or a sale or transfer of business assets, we reserve the right to transfer our user databases, together with any Personal Information and non-Personal Information contained in those databases, to the extent permissible by law. This information may be disclosed to a potential purchaser. We would seek to only disclose information in good faith.

Your Rights

You may ask us to take the following actions in relation to your personal information that we hold.

Choice and consent: If you choose to provide us with your Personal Information, you consent to the terms in this Privacy Policy, and to us disclosing or receiving your Personal Information for these purposes.

Your provision of third party information: If you provide us with third party Personal Information then you warrant to us that you have the third party’s consent.

Restrict: If you have previously agreed to us collecting and using your Personal Information, you may change your mind at any time by contacting us at the email address listed in this Privacy Policy. This may mean no longer using the Services.

Access: You may request details of Personal Information that we hold about you.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please edit your Personal Information or contact us. We rely in part upon customers advising us when their Personal Information changes. We will respond to any request within a reasonable time. We will endeavour to promptly correct any information found to be inaccurate, incomplete or out of date.

Transfer: Transfer a machine-readable copy of your personal information to you or a third party of your choice.

Deletion: You may request to have your account deleted along with any Personal Information you have added to the Services. It may take up to 14 days for your Personal Information to be completely removed from our system, backups, and third parties.

Unsubscribe: You may opt out of non-transactional or non-account related promotional emails by clicking the “unsubscribe” link located at the bottom of our communications.

You can submit these requests by email to privacy@jiminny.com. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. We may redact from the data which we will make available to you, any personal information related to others.

If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at privacy@jiminny.com or submit a complaint to the data protection regulator in your jurisdiction.

Security

We use appropriate security measures to protect the security of your personal information both online and offline. These measures vary based on the sensitivity of the personal information we collect, process and store and the current state of technology. We also take measures to ensure service providers that process personal data on our behalf also have appropriate security controls in place.

Please note that no service is completely secure. While we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.

To protect the confidentiality of your account and protect from unauthorized use of your account, we recommend enabling two-factor authentication for all of your external accounts used to sign-in to our Service.

Disputes relating to our Data Protection practices

We hope we can resolve any disputes relating to our data protection practices between us. You can raise your concern or dispute by emailing our Data Protection Officer at privacy@jiminny.com or by writing to us at:

Jiminny Inc., 141 Tremont Street, Floor 8, Boston, MA 02111 (our headquarters)

For those in the EEA or Switzerland, if you have a dispute with us relating to our data protection practices or are not satisfied with how we’ve addressed your concerns or questions, you may complain to an independent dispute resolution provider, at no cost to you. You also have the right to lodge a complaint with your local data protection authority.

Children

Jiminny does not knowingly acquire or receive personal information from children under 13. If we later learn that any user of our Service is under the age of 13, we will take appropriate steps to remove that user’s information from our account database and will restrict that individual from future access to the Service.

Amendments

We may change our Privacy Policy from time to time. If we make changes we’ll revise the “Effective” date at the top of this statement, and we will make our best efforts to provide additional notice such as on our Website, application sign-in page, or via the email address we have on file for you. We will comply with applicable law with respect to any changes we make to this notice and seek your consent to any material changes if this is required by applicable law.

Additional Information for EEA and Switzerland Users

Legal bases for processing

We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. The legal bases depend on the Services you use and how you use them. If you have questions about the legal basis of how we process your personal information, contact us at privacy@jiminny.com.

Processing Purpose: Legal Base

To provide the Service: processing is necessary to perform the contract governing our provision of the Service or to take steps that you request prior to signing up for the Service.

To communicate with you; To create anonymous data for analytics; For compliance, fraud prevention and safety: these processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

To comply with law: processing is necessary to comply with our legal obligations.

With your consent: processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us at privacy@jiminny.com. This will not affect any processing that has already taken place and in some cases, may mean no longer using the Services.

Use for new purposes

We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it. If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Retention

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.

Cross-Border Data Transfer

When you use our Services, personal information of our Customer and their End-Users processed by Jiminny may be transferred to the United States, where our primary processing facilities are located, and possibly to other countries where we or our service providers operate. These transfers will typically be made in connection with routing your communications in the most efficient way.

EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

Jiminny complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferredretention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States, respectively. Jiminny has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.

Independent Recourse Mechanism

In compliance with the EU-U.S. Privacy Shield Framework and Swiss–U.S. Privacy Shield Framework, we are committed to resolving complaints about your privacy and our collection or use of your personal information. European Union or Swiss citizens with inquiries or complaints regarding this privacy policy should first contact us at: privacy@jiminny.com.

If necessary, we have further committed to refer unresolved privacy complaints under the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield to independent dispute resolution providers. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our third party dispute resolution providers (free of charge). If you're a European Union citizen, contact the EU Data Protection Authorities (DPAs). Swiss citizens should contact the Swiss Federal Data Protection and Information Commissioner (FDPIC).

As a last resort, privacy complaints that remain unresolved after pursuing these and other channels may be subject to binding arbitration before the Privacy Shield Panel to be created jointly by the US Department of Commerce and the European Commission. The Federal Trade Commission (FTC) has jurisdiction over Jiminny’s compliance with this policy and the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield, Jiminny is potentially liable.

European Union Model Clauses

Jiminny also offers EU Model clauses, also known as Standard Contractual Clauses, to provide appropriate safeguards for Customers that transfer personal information to use from the EEA. Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.

Last updated: 21 January 2020