Privacy Policy

PRIVACY POLICY

Last updated on: August 10, 2020

PRIVACY NOTICE

Folly Systems Private Limited headquartered in India, together with its affiliates (“Folly Systems” or “Company”, “we”, “us” and “our”) are committed to protecting the privacy of individuals who interact with us, such as our customers and other end users (“You” and “Your”). We put great efforts in making sure that the personal data processed by us is safe and used properly, and that our data practices are properly communicated to You. This Privacy Policy generally explains the different ways in which the Company collects, stores, uses and shares personal data from our customers (“Customers”) and their users (“Users”) in connection with their deployment of the service offered by the Company via its application – Listener (“Application”). “Personal Data” is any information relating to an identified or identifiable natural person contained within the Content of the Customers as defined in the Agreement.

The above mentioned Privacy Notice may be supplemented by just-in-time notices, or other disclosures contained within or in connection with the provision of Application which may describe in more detail our collection, use and sharing practices or provide You with additional choices about how we process your data.

Please read this Privacy Policy carefully and make sure that you fully understand and agree to it. You are not legally required to provide us with any Personal Data, and may do so (or avoid doing so) at your own free will. If you do not wish to provide us with your personal data, or to have it processed by us or any of our Service Providers (defined below), please avoid any interaction with us or use of our Application.

It is also important to understand the distinguished roles for processing Personal Data as per certain data protection laws and regulations including EU’s General Data Protection Regulation (“GDPR”) or the California Consumer Privacy Act (“CCPA”):

  • data controller” or the “data fiduciary” or “business”; as used under relevant data protection laws – means, who determines the purposes and means of processing; and
  • the “data processor” or “service provider”; as used under relevant data protection laws – means, who process the data on behalf of the data controller (or data fiduciary or business).
  1. WHAT INFORMATION WE COLLECT AND HOW WE COLLECT IT

    1. Information we collect from You
      1. User Data
        1. Personal Data collected which we analyze, process and manage on our Customers’ behalf are a part of the service provided by the Application. Specifically, this is data which is contained in video recordings, transcripts, meetings (including but not limited to meeting created, start, and end times), video highlights, notes, tags and other content, as well as data submitted by our Customers (including by connecting their systems with the Application).
        2. Certain privacy and data protection laws require that call recordings may only be initialized pursuant to one or more of the parties’ consent (whether explicit or implicit, depending on applicable law), or subject to certain restrictions. Accordingly, whilst the Company supports these laws by providing our Customers with features and options for how they use the Application – the Customer is solely responsible for determining whether and how they wish to use the Application and such features, and to ensure that all individuals using the Application on their behalf or at their request have given their informed consent to these practices, and that all legal requirements applicable to the collection, recording and use of data through the Application are fully met by them, including specifically in the context of an employment relationship. Furthermore, the Customer shall be solely responsible for procuring confirmation from the Users that they have the explicit consent and permission of all the attendees of the meeting to record the meeting.
        3. Accordingly, to the extent that the GDPR, the United Kingdom Consumer Privacy Act (“UKDPA”), the CCPA, the Indian Information Technology Act (“Indian IT Act”) or any similar laws apply:
          1. Our Customers would be deemed to be the ‘data controller’ or the ‘data fiduciary’ or ‘business’; as used under relevant data protection laws.
          2. The Company would be deemed to be the ‘data processor’ or ‘service provider’ when processing such data.
      2. Information collected via use of the Application(“Application User Data”)
        1. We collect Personal Data directly from our Customers and the Users in connection with the provision of the Application. Depending on the context, such information may include:
          1. user names and contact details such as email address, job title, company name and phone number;
          2. user IDs and passwords;
          3. activity data from the devices on which the Application is installed or accessed (“Activity Data”) and includes technical information with limited individually identifying information such as usernames, machine names, IP/MAC address of the user’s device and identifiers and may include without limitation:
            1. Configuration Data: Data about how the organization has configured the Application and related environment information including third-party applications used in connection with the Application;
            2. Performance Data: Data relating to how the Application is performing. Examples include metrics of the performance and scale of the Application and details about the response times for user interfaces.
            3. Service Logs: Service logs are automatically generated by the Application recording events during the operation of the Application.
          4. other information that Customers or Users provide to the Company in connection with the provision of the Application.
          5. Zoom user and profile data that we collect when Users integrate Zoom with the Application.
          6. Google profile name, email and profile picture when User signs-up using Google Signup feature.
        2. Whilst the Company processes such Application User Data on the behalf of our Customers (where it is included in User Data), we also use it for our own purposes, as described below.
        3. Accordingly, to the extent applicable:
          1. Our Customers would be deemed to be the 'data controller’ or the ‘data fiduciary’ or **‘**business’; as used under relevant data protection laws;
          2. The Company will also be deemed an independent and separate ‘data controller’ or the ‘data fiduciary’ or ‘business’ with respect to such data; and with respect to those portions of Application User Data that we process on behalf of our Customer – we will also be deemed a ‘data processor’ or ‘service provider’.
      3. Website Data” - Data relating to our Customers, visitors of our website (available at https://listener.app/) and any other prospective customer or partner who visits or otherwise interacts with any our websites, forms, content or emails or communications under our control, for which the Company is deemed to be the ‘data controller’ (“Sites”).
  2. HOW WE USE THE INFORMATION

    1. Use of the data collected

      1. Use of Customer Data

        1. The Company processes Customer Data, and the Personal Data contained in it strictly on the behalf of our Customers. In accordance with their reasonable instructions and as further stipulated in our Data Processing Addendum and other commercial agreements with the Customer.
      2. Use of Application User Data

        1. The Company processes Application User Data, and the Personal Data contained in it as necessary for the performance of the Application, with our legal and contractual obligations, and to support our legitimate interests in maintaining and improving our Application.
        2. If You reside or are using the Application in a territory governed by privacy laws under which “consent” is the only or most appropriate legal basis for the processing of Personal Data as described herein (in general, or specifically with respect to the types of Personal Data you expect or elect to process or have processed by or via the Application, e.g. ‘special categories’ under the GDPR), Your acceptance of our Terms of Use (available at https://listener.app/terms) and this Privacy Policy will be deemed as Your consent to the processing of Your Personal Data for all purposes detailed in this Privacy Policy.
        3. If you wish to revoke such consent, please contact us at legal@folly.systems.
        4. The Company does not sell Your Personal Data for the purposes of the CCPA.
      3. Use of Website Data

        1. The Company processes Website Data in the manner provided in clause 2.2.1. above.
      4. More specifically, Customer Data, Application User Data and Website Data are used for the following purposes:

        1. To facilitate, operate and provide our Application;
        2. To train our customer and user-facing staff;
        3. To authenticate the identity of our Customers, and to allow them access to our Application;
        4. To provide our customers and users with assistance and support;
        5. To gain a better understanding on how individuals use and interact with our Sites and the Application, and how we could improve their and others’ user experience, and continue improving our products, offerings and the overall performance of our Application;
        6. To facilitate and optimize our marketing campaigns, ad management and sales operations, and to manage and deliver advertisements for our products and services more effectively, including on other websites and applications. Such activities allow us to highlight the benefits of using the Application, and thereby increase Your engagement and overall satisfaction with the Application. This includes contextual, behavioral and interests-based advertising based on your activity, preferences or other data available to us or to our Customers;
        7. To support and enhance our data security measures, including for the purposes of preventing and mitigating the risks of fraud, error or any illegal or prohibited activity;
        8. To create aggregated statistical data, inferred non-personal data, or anonymized or pseudonymized data (rendered non-personal and non-identifiable), which we or our Customers may use to provide and improve our respective services, or for any other purpose; and
        9. To comply with applicable laws and regulations.
  3. HOW WE SHARE YOUR INFORMATION

    1. Sharing of data

      1. The Company takes caution to allow Personal Data to be accessed only by those who really need access in order to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it.

      2. In exceptional circumstances, and except as stipulated otherwise in our Data Processing Addendum (available at https://listener.app/dpa), we may disclose or allow government and law enforcement officials access to Your Personal Data, in response to a subpoena, search warrant, court other or any similar requirement in compliance with the applicable law. Such disclosure may occur if we believe in good faith that (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect our legitimate business interests, including the security or integrity of our products and services.

      3. We may share Personal data with third parties in the following circumstances:

        1. Service Providers –

          1. We may engage third party companies and individuals to perform services complementary to our own including hosting and server co-location services, Communication and content delivery networks (“CDNs”), speech-to-text services, data and cyber security services, billing and payment processing services, data and cyber security services, fraud detection and prevention services, web analytics, e-mail distribution and monitoring services, session or activity recording services, remote access services, performance measurement, data optimization and marketing services, social and advertising networks, content providers, e-mail, voicemails, support and customer relation management systems, and our legal, financial and compliance advisors (each such engagement a “Service Provider”).
          2. Our Service Providers shall each be deemed as ‘data processor’ or ‘service provider’ in circumstances where the Company assumes the role of ‘data controller’; and where the Company acts as the ‘data** **processor’ or ‘service provider’ for our Customers, the Service Provider shall be deemed as our ‘sub-processor’ or ‘service provider’.
          3. Service Providers may have access to the Application User Data and Website Data; and if we have expressly listed them in our sub-processor list (available at https://listener.app/subprocessors), they may also have access to Customer Data – depending on their specific roles and purposes in facilitating us and may use it for such limited purposes as determined in our agreements with them.
        2. Third Party Websites and Services –

          1. Our Sites and platforms may include links to third party websites, and integrations with third party services. Such websites and third party services, and any information you process, submit, transmit or otherwise use with such websites and third party services, are governed by such third party’s terms and privacy practices and policies, and not by this Privacy Policy. We encourage you to carefully read the terms and privacy policies of such website and third party services.
        3. Sharing Personal Data with our Customers

          1. Customer Data is typically shared and is available to the users belonging to such Customer’s account. Application User Data is shared with the administrator or any other designated person of the Customer’s account to which such user belongs. In such cases, sharing such data means that the administrator(s) or other users of the same account may access it on behalf of the Customer, and will be able to monitor, process and analyze the Personal Data contained therein.
          2. Please note that the Company is not responsible for and does not control any further disclosure, use or monitoring by or on behalf of the Customer, that itself acts as the ‘data controller’ of such data
        4. Protecting Rights and Safety

          1. We may share Personal Data with others if we believe in good faith that this will help protect Your rights, property or personal safety of any of our Customers, or any members of the general public.
        5. Subsidiaries and Affiliated Companies

          1. We may share your Personal Data with our subsidiaries and/or affiliates for the purposes described in this Privacy Policy.
          2. In addition, should the Company or any of its subsidiaries or affiliates undergo any change in control or ownership, including by means of merger, acquisition or purchase of substantially all or part of its assets, Personal Data may be shared with or transferred to the parties involved in such an event.
          3. If we believe that such change in control might materially affect Your Customer Data or Personal Data then stored with us, we will notify You of this event and the choices You may have via e-mail or prominent notice on the Application.
  4. HOW LONG DO WE RETAIN DATA

    1. Retaining Data
      1. Retaining Customer Data
        1. We retain Customer Data strictly on behalf of our Customers, in accordance with their reasonable instructions and as further stipulated in our Data Processing Addendum (available at https://listener.app/dpa) and other commercial agreements with such customer.
      2. Retaining Application User Data and Website Data
        1. We retain Application User Data and Website Data for as long as it is reasonably necessary in order to maintain and expand our relationship and provide You with our Services and offerings; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (i.e. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), all in accordance with our data retention policy.
      3. Please note that except as required by applicable law or our specific agreements with you, we will not be obligated to retain your Personal Data for any particular period, and we are free to securely delete it or restrict access to it for any reason and at any time, with or without notice to you. If you have any questions about our data retention policy, please contact us by e-mail at legal@folly.systems.
  5. Data Location

    1. General
      1. We and our authorized Service Providers maintain, store and process Personal Data in United States of America, the Republic of India and other locations, as reasonable necessary for the proper performance and delivery of the Application, or as may be required by law, provided that Customer Data may only be processed in such locations as permitted in our Data Processing Addendum (available at https://listener.app/dpa) and other commercial agreements with such Customer.
      2. While privacy laws may vary between jurisdictions, the Company and its affiliates and Service Providers are each committed to protect Personal Data in accordance with this Privacy Policy and customary industry standards, regardless of any lesser legal requirements that may apply in their jurisdiction. Among others, we have ensured that all transfers of Personal Data which originates from the European Economic Area (“EEA”) and made at our direction or control are based on appropriate data transfer mechanisms as established under the GDPR, as further described below.
      3. Folly Systems Private Limited is headquartered in India, which is not considered by the European Commission to be offering an adequate level or protection for the Personal Data of EU Member State residents as of the date when this Privacy Policy was last updated.
  6. Cookie Policy

    1. Use of cookies
      1. Cookies are packets of information sent to your web browser and then sent back by the browser each time it accesses the server that sent the cookie. Some cookies are removed when you close your browser session. These are the “Session Cookies”. Some last for longer periods and are called “Persistent Cookies”. We use both types. In addition, we also make use of browser’s local data storage.
      2. We and our Service Providers use cookies and other technologies for performance, tracking, analytics and personalization purposes. We may share non-identifiable / aggregated extracts of such information with our partners for our legitimate business purposes.
      3. We use Cookies to remember your log-in details and make it easier for you to log-in the next time you access the platform. We may use Cookies for additional purposes, to facilitate the use of the Services’ features and tools.
      4. We use customer support and analytics tools, including Intercom and Google Analytics. These tools help our users contact us for support. These tools help us understand users’ behaviour on our Sites, including by tracking page content, and click/touch, movements, scrolls and keystroke activities. These tools use Cookies and browser’s local data storage.
  7. Your Privacy Rights and Choices

    1. This clause covers the rights available to You on if any data that we access as per clause 1 concerns you.

      1. Rights generally available

        1. Right to rectification or update Personal Data

        If You would like to correct or update personal information that You have provided to us, please contact us at legal@folly.systems to receive instructions to update your profile.

        1. ** Marketing communications**

        If You reside in certain territories (such as the EEA), You may have the right to exercise certain privacy rights available to You under applicable laws. We will process Your request in accordance with applicable data protection laws. We may need to retain certain information for record-keeping purposes and/or to complete transactions that you began prior to requesting any deletion.

        1. Right not to provide consent or withdraw consent

        We may seek to rely on Your consent in order to process certain Personal Data. Where we do so, You have the right not to provide Your consent or to withdraw Your consent at any time. This does not affect the lawfulness of the processing based on consent before its withdrawal.

        1. Right to access and/or portability

        You may have the right to access the Personal Data that we hold about You and, in some limited circumstances, have that data provided to You so that You can provide or 'port' that data to another provider.

        1. Right of erasure

        In certain circumstances, You may have the right to the erasure of Personal Data that we hold about You (for example if it is no longer necessary for the purposes for which it was originally collected).

        1. Right to object to or restrict processing
          1. You may have the right to request that the Company stop processing Your Personal Data and/or to stop sending You marketing communications.
          2. You may have the right to request that we restrict processing of Your Personal Data in certain circumstances (for example, where You believe that the Personal Data we hold about You is not accurate).
        2. Right to lodge a complaint to your local Data Protection Authority

        You may have the right to lodge a complaint with your national Data Protection Authority or equivalent regulatory body.

      2. Rights and choices where the Company acts as a Data Processor

        When the Company acts a Data Processor to process any data provided by You as per the Data Processing Addendum (available at https://listener.app/dpa), we state that we are processing such data strictly on behalf of our Customers and any individuals should first direct their query to the relevant Customer (the data controller or data fiduciary or business).

      3. Exercise of the rights

        1. If you would like to exercise any of the above rights, please contact legal@folly.systems so that we may consider Your request under applicable law. To protect Your privacy and security, we may take steps to verify Your identity before complying with the request.
  8. HOW DO WE SECURE YOU DATA

    1. Data Security
      1. The Company would maintain reasonable physical and technical safeguards to prevent unauthorized disclosure of or access to any data, minimize the risks of theft, damage or loss of information; in accordance with the industry standards.
      2. However, although we make efforts to protect your privacy, we cannot guarantee that our Sites or the Application will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.
  9. ADDITIONAL NOTICES AND HOW TO CONTACT US

    1. The following are to be read in conjunction with the Privacy Policy.

      1. Updates & Amendments

      We may update and amend this Privacy Policy from time to time by posting an amended version on the Sites and the Application. The amended version will be effective as of the date it is published.

      1. Age bar

      We do not knowingly collect Personal Data from children under the age of 16 and do not wish to do so. If we learn that a person under the age of 16 is using the Sites or the Application, we will attempt to prohibit and block such use and will make our best efforts to promptly delete any Personal Data stored with us with regard to such child. If You believe that we might have any such data, please contact us by e-mail at legal@folly.systems.

      1. Data Protection Officer

      The Company has appointed Nishith Shah from our team as our Data Protection Officer (“DPO”), for monitoring and advising on the Company’s ongoing privacy compliance and serving as a point of contact on privacy matters for data subjects and supervisory authorities. If You have any comments or questions regarding our Privacy Policy, if You have any concerns regarding your Privacy, or if You wish to make a complaint about how Your Personal Data is being processed by the Company, You can contact our DPO at legal@folly.systems.

      1. Questions, concerns or complaints

      If You have any comments or questions regarding our Privacy Policy, or if You have any concerns regarding Your Personal Data held with us, please contact the Company’s support at legal@folly.systems or our Data Protection Officer at legal@folly.systems. If You are a GDPR-protected individual, You also have the right to lodge a complaint with an EU supervisory authority.