When we refer to “Jiminny”, we mean the Jiminny entity that acts as the controller or processor of your information, as explained in more detail in the “Personal Information We Collect” section below.
Jiminny handles personal information when you use our Services. This includes profile data (e.g., name, phone number and email address) and content (e.g., the recordings of telephone conversations).
Data protection laws in certain jurisdictions, like the European Economic Area (EEA), differentiate between “controllers” and “processors” of personal information. A controller decides why and how to process personal information. A processor processes personal information on behalf of a controller based on the controller’s instructions.
When Jiminny handles personal information, we will act as a processor in most cases, including the collection and storage of content such as call recordings.
However, we will occasionally be acting as a controller when, for example, we may need to collect certain personal information for the legitimate interests of access control to our Services, and in the context of troubleshooting and detecting problems with the telecommunications platform.
When you organise a meeting or initiate a conversation through Jiminny, you should ensure that if you plan to record the meeting or conversation, you tell everyone and obtain consent from all Users present in the call.
When you use Jiminny to join a meeting or conversation initiated by another User, you should make sure you are clear on whether the call is being recorded. If you do not want to be recorded, you can choose to leave the conversation, or request that recording is stopped.
As a User of the Services, you provide information to us. This includes:
The call data and our analysis of any recorded audio and/or video may contain personal information.
As a Customer of the Services, you provide additional information to us directly or indirectly. This includes:
We log information about your access and use of our Services. This includes:
We ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Service or otherwise.
If you are a User, we use your personal information:
If you request information from us, register for the Service or participate in our surveys, promotions or events, we may send you Jiminny-related marketing communications if permitted by law but will provide you with the ability to opt out.
We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.
We may use or share your personal information with your consent, such as when you consent to let us post your testimonials or endorsements on our Website, you instruct us to take a specific action with respect to your personal information or you opt into third party marketing communications.
We may create anonymous data from your personal information and other individuals whose personal information we collect. We make personal information into anonymous data by excluding information that makes the data personally identifiable to you, and use that anonymous data for our lawful business purposes.
We use your personal information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern the Service; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
Jiminny is collaborative cloud product built for teams. This means sharing information with other Users through the Services, and with certain third parties.
We share information we collect about you in the ways discussed below, including in connection with possible business transfers, though we are not in the business of selling information about you to advertisers or other third parties.
If you join a conference or call with other Users, the information shared with those Users includes:
We provide our Customers with access to their recorded conversations for a limited period of time and they may share the access to the recordings internally and with relevant third parties.
As part of providing our Services, we use third party services to store and process your Personal Information. This includes third parties that may store data outside of the United States.
We share your data with third party services in the following ways:
For more information on our use of third parties, including the geographic location of each, see our list of Data Subprocessors.
In addition, we may disclose Personal Information to:
If there is a change of control of our business or a sale or transfer of business assets, we reserve the right to transfer our user databases, together with any Personal Information and non-Personal Information contained in those databases, to the extent permissible by law. This information may be disclosed to a potential purchaser. We would seek to only disclose information in good faith.
You may ask us to take the following actions in relation to your personal information that we hold.
Your provision of third party information: If you provide us with third party Personal Information then you warrant to us that you have the third party’s consent.
Access: You may request details of Personal Information that we hold about you.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please edit your Personal Information or contact us. We rely in part upon customers advising us when their Personal Information changes. We will respond to any request within a reasonable time. We will endeavour to promptly correct any information found to be inaccurate, incomplete or out of date.
Transfer: Transfer a machine-readable copy of your personal information to you or a third party of your choice.
Deletion: You may request to have your account deleted along with any Personal Information you have added to the Services. It may take up to 14 days for your Personal Information to be completely removed from our system, backups, and third parties.
Unsubscribe: You may opt out of non-transactional or non-account related promotional emails by clicking the “unsubscribe” link located at the bottom of our communications.
You can submit these requests by email to email@example.com. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. We may redact from the data which we will make available to you, any personal information related to others.
If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at firstname.lastname@example.org or submit a complaint to the data protection regulator in your jurisdiction.
We use appropriate security measures to protect the security of your personal information both online and offline. These measures vary based on the sensitivity of the personal information we collect, process and store and the current state of technology. We also take measures to ensure service providers that process personal data on our behalf also have appropriate security controls in place.
Please note that no service is completely secure. While we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur.
To protect the confidentiality of your account and protect from unauthorized use of your account, we recommend enabling two-factor authentication for all of your external accounts used to sign-in to our Service.
We hope we can resolve any disputes relating to our data protection practices between us. You can raise your concern or dispute by emailing our Data Protection Officer at email@example.com or by writing to us at:
Jiminny Inc., 141 Tremont Street, Floor 8, Boston, MA 02111 (our headquarters)
For those in the EEA or Switzerland, if you have a dispute with us relating to our data protection practices or are not satisfied with how we’ve addressed your concerns or questions, you may complain to an independent dispute resolution provider, at no cost to you. You also have the right to lodge a complaint with your local data protection authority.
Jiminny does not knowingly acquire or receive personal information from children under 13. If we later learn that any user of our Service is under the age of 13, we will take appropriate steps to remove that user’s information from our account database and will restrict that individual from future access to the Service.
We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. The legal bases depend on the Services you use and how you use them. If you have questions about the legal basis of how we process your personal information, contact us at firstname.lastname@example.org.
Processing Purpose: Legal Base
To provide the Service: processing is necessary to perform the contract governing our provision of the Service or to take steps that you request prior to signing up for the Service.
To communicate with you; To create anonymous data for analytics; For compliance, fraud prevention and safety: these processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To comply with law: processing is necessary to comply with our legal obligations.
With your consent: processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us at email@example.com. This will not affect any processing that has already taken place and in some cases, may mean no longer using the Services.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymize your personal information (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.
When you use our Services, personal information of our Customer and their End-Users processed by Jiminny may be transferred to the United States, where our primary processing facilities are located, and possibly to other countries where we or our service providers operate. These transfers will typically be made in connection with routing your communications in the most efficient way.
If necessary, we have further committed to refer unresolved privacy complaints under the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield to independent dispute resolution providers. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our third party dispute resolution providers (free of charge). If you're a European Union citizen, contact the EU Data Protection Authorities (DPAs). Swiss citizens should contact the Swiss Federal Data Protection and Information Commissioner (FDPIC).
As a last resort, privacy complaints that remain unresolved after pursuing these and other channels may be subject to binding arbitration before the Privacy Shield Panel to be created jointly by the US Department of Commerce and the European Commission. The Federal Trade Commission (FTC) has jurisdiction over Jiminny’s compliance with this policy and the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. In cases of onward transfer to third parties of data of EU individuals received pursuant to the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield, Jiminny is potentially liable.
Jiminny also offers EU Model clauses, also known as Standard Contractual Clauses, to provide appropriate safeguards for Customers that transfer personal information to use from the EEA. Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.
Last updated: 21 January 2020