Data retention policy
The Company is committed to processing data in accordance with its responsibilities under the GDPR. Article 5 of the GDPR requires that personal data shall be:
a. processed lawfully, fairly and in a transparent manner in relation to individuals;
b. collected for specified, explicit and legitimate purposes and not further processed in a manner that
is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
c. adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
d. accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
e. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
f. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.”
Data archiving and removal policy
All customer data should be disposed of when it is no longer necessary for business use, provided that the disposal does not conflict with our data retention policies, our customers data retention policies, a court order, or any of our regulatory obligations.
● All employees, clients, vendors and contractors are instructed to not use the following media to store confidential information.
○ paper-based media
○ USB Drives or External Backup programs
○ CD ROM drives.
● All cloud based storage media being decommissioned should be sanitized when it is no longer necessary, provided that there is a backup of customer data on production systems to comply with our customers data retention and contractual obligations.
● Laptop based storage media may not be donated or sold. All laptop based storage media should be sanitized prior to transfer of ownership to a co-worker or prior to destruction.
Data storage policy
Sike Insights may collect and receive Customer Data, and other information and data ("Other Information") in a variety of ways:
● Customer Data. Customers or individuals invited to use a decision making tool by a Customer ("Authorized Users") routinely submit Customer Data to Sike Insights when using the Services.
● Personal Data. Sike Insights is primarily a Data Processor for Data provided by the Customer (Data Controller). In order to use Sike Insights Services, Personal Data provided by the Customer directly or indirectly (invitation to access Personal Data from a Workspace, or other) are accessible by Sike Insights in order to generate and/or operate decision making tools. Authorized Users may provide Sike Insights with their Personal Data directly at instances, for example when they provide feedback or request client support or in any way communicate with Sike Insights. Sike Insights will not collect or use any sensitive personal data unless Sike Insights has received an express consent regarding the specific data.
● Other Information. Sike Insights also collects, generates and/or receives Other Information:
1. Decision making tools, Workspace and Account Information. Teams use Sike Insights services and its capabilities to achieve efficient collaboration, better results and communication among members. To use, create or update a decision making tool, you or your Customer (e.g., your employer) supply Sike Insights with information that may include an email address, phone number, password, domain and/or similar account details. In addition, Customers provide Sike Insights (or its payment processors) with billing details such as credit card information, banking information and/or a billing address and/or email address.
2. Usage Information.
■ Services Metadata. When an Authorized User interacts with the
Services, metadata is generated that provides additional context about the way Authorized Users work. For example, Sike Insights may log the decision making tools, channels, people, features, content and links you interact with, the types of files shared and what Third Party Services are used (if any).
■ Log data. As with most websites and technology services delivered over the Internet, our servers automatically collect information when you access or use our Websites or Services and record it in log files. This log data may include the Internet Protocol (IP) address, the address of the web page visited before using the Website or Services, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data.
■ Report data. When you or Customer participates and/or generates a decision making tool, Sike Insights collects all supplied or relative information in view to produce and supply you and/or customer with results in form of a Report. Reports are archived and are retrievable by Customer. Reports may also be used for research, statistical purposes in order to improve Sike Insights efficiency, update our App, as well as feedback in order to create and launch marketing campaigns.
■ Device information. Sike Insights may collect information about devices accessing the Services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data. Whether we collect some or all of this Other Information often depends on the type of device used and its settings.
■ Location information. We may receive information from you, your Customer and other third-parties that helps us approximate your location. We may, for example, use a business address submitted by your employer, or an IP address received from your browser or device to determine approximate location in order to inline our Services with your current time-zone. Sike Insights may also collect location information from devices in accordance with the consent process provided by your device.
Data hosting details
Cloud hosted using AWS EC2, encryption at-rest and in-transit
App/service has sub-processors
Guidelines for sub-processors