Stape

Privacy Notice

STAPE, INCCopy link to this section

Last update: 27th February 2024

This document describes how we collect and process users’ data through https://stape.io/, https://community.stape.io/, https://comments.stape.io, and https://help.stape.io/ webpages, hereinafter simply referred to as the “Website”. The terms “we”, “us”, “our” refer to Stape, Inc., a legal person registered under the laws of the State of Delaware, USA. 

WE ARE COMMITTED TO SAFEGUARDING PRIVACY AND NOT GOING TO MISUSE OUR USERS’ DATA.

The below information will help you better understand how your data is handled and how you can manage all the matters related to your privacy.

Controller details:

Name: Stape, Inc.

Registration number: 5987286

Registered address: 8 The Green, Suite # 12892 Dover, DE 19901

Contact email address: privacy@stape.io

TABLE OF CONTENTS:

1. Information we collect:

    1.1. Account and profile set up;

    1.2. Website functionality;

    1.3. Payments;

    1.4. Communications;

    1.5. Demo access;

    1.6. Website, sales, and marketing activities.

    1.7. Social media features

2. Third-party access to information:

    2.1. Analytics;

    2.2. Other disclosures;

3. Your rights;

4. Security of information;

5. Changes to this Notice.

1. Information we collectCopy link to this section

    1.1. Account and profile set up

If you want to use the Website functionality, you will have to register an account on a particular webpage. For this purpose, we will ask only for your email address, since this is enough to set up an account. Further information such as first and last name, photo, company name and other information, in particular geolocation, you provide on a voluntary basis so as to be able to act as a full-fledged Website user. 

   We use your account information to:

    ● create and maintain your user account. The applied legal basis for this is the performance of the contract (Terms of Use) between you and us (GDPR Art. 6.1.b);

    ● provide you with the hosting, backend infrastructure and data collection management systems (hereinafter “Service”) via the Website (GDPR Art. 6.1.b);

    ● provide you with access to our community network along with the possibility to leave comments (GDPR Art. 6.1.b);

    ● provide customer support and any pre-contractual communication for the purpose of providing the Service (GDPR Art. 6.1.b);

    ● alerting of new updates regarding software implemented or general updates regarding the Website functionality (GDPR Art. 6.1.b), and analyse the efficiency of the Website in our legitimate interests (GDPR Art. 6.1.f);

    ● upon receiving the consent from you, to send you other relevant aspects of the Service and the Website, e.g. personal marketing or promotional materials such as newsletters, etc. (GDPR Art. 6.1.a).

We will store your account data for as long as you have the account with us. If you become inactive, we will delete or anonymize your information within 12 months after your last user session.

    1.2. Website functionality

Via the Website, you will be able to perform different actions to organize and manage Server-side tagging in a dedicated server-side environment or communicate with the other users on Service-related topics. We will store and process the following categories of information:

    ● internal communications made via the Website;

    ● derived information created while using the Website (e.g., user logs, support requests, using stats, comments, responding to surveys, etc);

The applied legal basis for this is the performance of the contract (Terms of Use) between you and us (GDPR Art. 6.1.b). We will store this data for as long as you have the account with us. If you become inactive, we will delete or anonymize your information within 12 months after your last user session.

    1.3. Payments

We do not collect your financial information. For the purpose of ordering the upgraded version of Service you will be automatically redirected to Stripe, 2Checkout or to another duly authorized contractor. They will collect and store your financial data directly and according to their respective policies. 

We shall retain only payment confirmation provided by the relevant payment service provider in order to comply with applicable accounting and financial laws (GDPR Art. 6.1.c and in our legitimate interests to comply with foreign laws as per Art. 6.1.f). We will store this data for as long as you have the account with us. If you become inactive, we will delete or anonymize your information within 12 months after your last user session.

    1.4. Communications

You may leave a request with your inquiries including request for support: (1) via https://help.stape.io/; (2) in our live chat; (3) or by email. The provided information used to help you with your request, fix and improve the Website, and analyse our efficiency, including by creating statistics of inquiries related to support issues. 

The applied legal basis for this is the performance of the contract (Terms of Use) between you and us (GDPR Art. 6.1.b) and our legitimate interest to improve the Website (GDPR Art. 6.1.f). We will store this data for as long as you have the account with us. If you become inactive, we will delete or anonymize your information within 12 months after your last user session.

    1.5. Demo access

You can receive free access to our Service to know how the Website works. In order to perform this, you have to submit your email and setup password upon first visit.

We will use this information to provide you with the free plan of Service. The applied legal basis for these activities is our legitimate interest (GDPR Art. 6.1.f). We will store your email for as long as the demo account is active. If it becomes inactive, we will delete or anonymize your email within 12 months after your last user session. 

    1.6. Website, sales, and marketing activities

The following data collection activities are present on the Website:

  • collection of log files (IP address, device ID, etc.) to ensure correct Website functionality and manage user sessions, stored maximum for 12 months from your last visit. The applied legal basis is our legitimate interests (GDPR Art. 6.1.f);
  • cookies – for more information please visit our Cookie Notice;
  • web analytics (web pages interactions, source through which you accessed the Website, other user actions). This activity, depending on the method used, is performed based either on your consent (cookie tracking) or our legitimate interests (GDPR Art. 6.1.f).

We store marketing data for 12 months of the last communication with you. For the activities that are based on consent, you can withdraw your consent at any time by contacting us directly. The withdrawal will not affect the lawfulness of processing based on consent before. You can also opt-out of the e-mail subscription by clicking the appropriate button our emails to you.

    1.7. Social media features

Our Website may use social media features, such as the “Tweet” button, “Share on Facebook” button or other sharing instruments (“SMF”). SMF can let you post information about your activities on the Website to third-parties platforms and social networks. SMF may also allow you to like or highlight information we have posted on our Website. SMF are either hosted by each respective platform or hosted directly on our Website. To the extent the SMF are hosted by the platforms themselves, and you click through to these from our Website, the platform may receive information showing that you have visited our Website. If you are logged in to your social media account, it is possible that the respective social media network can link your visit to our Website with your social media profile.

We also allow you to log in to certain pages of our Website using sign-in services. These services authenticate your identity and provide you the option to share certain personal data from these services. Your possible information exchanges with SMF are covered by the privacy policies of the companies providing them.

2. Third-party access to informationCopy link to this section

We use the following third-party software providers:

  • companies which provide cloud server computing services;
  • companies which provide communication, e-mail server, and client relationship management services, where the exchange of messages, e-mails may include personal data;
  • companies which help to monitor the behaviour of the Website’s visitors or provide advertising or marketing services;
  • companies which provide financial services, processing accounting documents and the personal data contained therein;
  • companies which provide survey services;
  • companies which help with work management with further personal data processing;
  • companies which help with your account registration or authorization with further processing of your personal information;

The providers listed afore process personal data based on our instructions only.

We apply appropriate safeguards required by the GDPR such as signing data processing agreements for the protection of personal data with contractors and partners, including the Standard Contractual Clauses (SCC) adopted by the European Commission and compliant with the EU data protection laws when transferring your personal data outside of EEA. Please contact us if you would like to receive a copy of the SCCs.

    2.1. Analytics

When using the analytics services, we collect details of the use of the Website, including, but not limited to traffic data and location data. 

Non-personally identifiable information is collected and processed by Google Analytics in an anonymised and aggregated way to improve our Website usability and for marketing purposes. Google Analytics is a web analytics service that tracks and reports user traffic on apps and websites. Google Analytics uses the data collected to track and monitor the use of the Website. This data may also be shared with other Google services.  For more information on the privacy practices of Google, you can check its Policies at www.google.com/analytics/policies/.

We will store this type of information while it is relevant for our analysis and research or as long  as your account is active whichever comes faster. We will delete analytics data within 24 months of your last Website visit.

    2.2. Other disclosures

In addition to the disclosures for the purposes identified before, we may disclose information about you:

  • if we are required to do so by law, in connection with any legal proceedings or to establish, exercise or defend our legal rights; and
  • in case we sell, license or otherwise assign our company, corporate rights, the Website or its separate parts or features to third parties.

Except as provided in this Privacy Notice, we will not sell, share or rent your information to third parties.

3. Your rightsCopy link to this section

You may exercise GDPR rights regarding your personal data. In particular, you have the right to:

   ● The right to object against the processing of your information.

If we process your information for our legitimate interests (e.g., for direct marketing emails or for our marketing research purposes), you can object to it. Let us know what you object against and we will consider your request. If there are no compelling interests for us to refuse to perform your request, we will stop the processing for such purposes. If we believe our compelling interests outweigh your right to privacy, we will clarify this to you. You can also unsubscribe from all our emails in the body thereof.

   ● The right to access your information.

You have the right to know what personal data we process. As such you can obtain the disclosure of the data involved in the processing and you can obtain a copy of the information undergoing processing. 

   ● The right to verify your information and seek its rectification.

If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your information and/or ask for it to be updated or corrected;

   ● Restrict the processing of your information.

When you contest the accuracy of your information, believe we process it unlawfully or want to object against the processing, you have the right to temporarily stop the processing of your information to check if the processing was consistent. In this case, we will stop processing your data (other than storing it) until we are able to provide you with evidence of its lawful processing; 

   ● The right to have your personal data deleted.

If we are not under the obligation to keep the data for legal compliance and your data is not needed in the scope of an active contract or claim, we will remove your information upon your request. 

   ● The right to have your personal data transferred to another organisation.

Where we process your personal data on the legal basis of consent you provided us or on the necessity to perform a contract, we can make, at your request, your data available to you or to an organisation of your choosing. 

You can formulate such requests or channel further questions on data protection by contacting us at privacy@stape.io

If you believe that our use of personal information violates your rights, or if you are dissatisfied with a response you received to a request you formulated to us, you have the right to lodge a complaint with the competent data protection authority of your choice.

4. Security of informationCopy link to this section

We will take all necessary measures to protect your information from unauthorised or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties. As we use the services of third-party software providers across several countries outside of the European Union, we may transfer the collected data to those countries for further processing. In such cases, we will make sure that relevant safeguards are in place. More information on international safeguards can be provided upon request.

Immediate access to the data is only allowed to our authorised employees involved in maintaining the application. Such employees keep strict confidentiality and prevent unauthorised third-party access to personal information.

5. Changes to this noticeCopy link to this section

We may update this Privacy Notice from time to time by posting a new version on our Website. We advise you to check this page occasionally to ensure you are happy with any changes. However, we will endeavour to provide you with an announcement about any significant changes.

Host your GTM server at Stape