Date of Last Revision: July 2021
If you have questions about this Policy, please reach out to us at firstname.lastname@example.org.
General Data Protection Regulation, also known as GDPR came into effect on 25th of May, 2018. It is the legal framework governing data protection and privacy for all individuals within the European Union and the European Economic Area. In this policy, along with detailing our data privacy practices, we also list a number of steps we have taken in order to ensure that we are fulfilling our obligations pursuant to the GDPR.
In order to avail our services, you will be required create an account with us. UserBit collects your contact information during account registration. This information may contain but is not limited to, your name, email address and company information.
UserBit automatically collects analytics information that your browser sends when you visit our services. This data may contain information such as your computer's IP address, browser type, URLs of referring pages, geographic location, time and date of your visit and system configuration information.
Using UserBit may involve creating, editing, and sharing research content.
When you contact us for inquiries or feedback via email, we might collect contents of your email.
All data collected will be used to improve the services provided to you. The data will be stored securely on Google servers - read more about our security measures here.
Registration data may be used for improving UserBit website and service operations, ensuring the continuity and sercurity of our services, communicating product updates, or for debugging purposes.
The Usage data may be processed to analyze use of UserBit app and services. This information will be used to improve the services provided to you. This information may also be used for capacity planning.
The Correspondence data may be used to communicate with you or your company. This data may also be used for record keeping and adminstration purposes.
In addition, any of this information may also be used to comply with our legal obligations.
We process your personal information because you have given us consent, and processing is needed for proper management, administration and operation of our website and business. The legal basis could also be to protect and assert our legal rights and rights of others.
At UserBit, we are committed to protect our user data from unauthorized access, alteration, disclosure or deletion. All personal and account data is stored on Google servers in USA.
- We encrypt all user generated data.
- We review and implement our database level security rules regularly.
- We restrict access to user data to authorized UserBit employees only.
Most of the research modules on UserBit allow exporting out the data in appropriate format. Specifically:
- Interviews (Questions/Responses) can be exported as CSV (Excel)
- Affinity diagrams can be exported as CSV (Excel)
- Personas can be downloaded as pdf or image
- Sitemaps can be exported as pdf
- Journey maps can be exported as images
- Insight cards can be exported as images
You can also obtain a raw copy of your data as JSON objects by contacting us. Once we have verified your identity, we will provide you a raw copy of your data in a timely manner.
Read more about our data policy here
UserBit uses subprocessors who are members of the EU-U.S. Privacy Shield Framework which ensures the rights that you have under data protection law.
|the right to access||You have the right to access your information. Your account data is accessible at https://userbit.com/profile/basic.|
|the right to rectification||You have the right to have inaccurate or incomplete data about you rectified. You can either correct it yourself on the platform, or send an email to us.|
|the right to be forgotten||If you want us to delete all your personal information, send us an email. Your data will be deleted immediately from our production servers and in 30 days from our backup systems.|
|The right to data portability||We can transmit personal data in structured, commonly used and machine readable JSON format. We will respond to a request for data portability in a reasonable time frame. To port your data, email us at email@example.com|
|The right to object||You have the right to object to our processing of your personal data. We have appropriate methods in place to erase, suppress or otherwise cease processing personal data.|
|The right to withdraw consent||You have the right to withdraw your consent at any time. If you want to withdraw your consent, please email us.|
A cookie is a small text file that is downloaded onto your device when the user accesses a website. It allows the website to recognise that user’s device and store some information about the user’s preferences or past actions.
Cookies by themselves do not contain personally identifiable data but they might be linked to your personal data that we store.
|Google Analytics||This cookie is used by Google to generate anonymous tracking & usage data on UserBit||_ga, _gat, _gid|
|Stripe||Stripe uses these cookies to remember who you are and process payments without storing any credit card information on our servers||__stripe_sid, __stripe_mid|
|These cookies track sharing capabilities for the social media.||personalization_id, muc, lang|
UserBit uses the following 3rd party services with whome some of your data may be shared. Following is a list of these subprocessors we leverage to provide you with the experience you know and love.
|3rd Party Service||Purpose||Website||Location|
|Google Cloud Platform||Primary data processor - Authentication, storing data, cloud computing, storing files||https://firebase.google.com/
All Firebase services have successfully completed the ISO 27001 and SOC 1, SOC 2, and SOC 3 evaluation process, and some have also completed the ISO 27017 and ISO 27018 certification process. Read more about it here.
|Google Workspace||Cloud Storage for documents, Email, Calendar & Support||https://gsuite.google.com
UserBit does not knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow such persons to register as Users. The Service and its content are not directed at children under the age of 13. In the event that we learn that we have collected personal information from a child under age 13 without verification of parental consent, we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org.
As always, if you have any questions regarding our privacy or security policies, get in touch with us at email@example.com. We will be happy to help.