Privacy Policy

Version 2.4. Last update May 21, 2024

Introduction

Approveit, Inc. is committed to protecting your privacy and ensuring you have a positive
experience when using the services we provide, which we generally refer to as
Approveit or Approveit services.

Approveit, Inc. is committed to protecting your privacy and ensuring you have a positive experience when using the services we provide, which we generally refer to as
Approveit or Approveit services.

Approveit, Inc. is committed to protecting your privacy and ensuring you have a positive experience when using the services we provide, which we generally refer to as Approveit or Approveit services.

Scope of this Privacy Policy

This Privacy Policy explains how we handle data, including what we collect and how we obtain
it, how we use it, when and if we disclose it, and some of your options for managing your
data with Approveit Inc. with regard to:

This Privacy Policy explains how we handle data, including what we collect and how we obtain it, how we use it, when and if we disclose it, and some of your options for managing your data with Approveit Inc. with regard to:

• Approveit services

• Our website approveit.today

• Approveit services

• Our website approveit.today

• Approveit services

• Our website approveit.today

Who are we and how to contact us?

This Privacy Policy explains how personal data is processed by Approveit, Inc., a company incorporated in the State of Delaware and having its registered office at 51 Little Falls Drive, Wilmington, New Castle County, Delaware, 19808.

The words “we”, “our”, “us” refer to Approveit, Inc.

If you have questions, please contact the support team at support@approveit.today.

The words “we”, “our”, “us” refer

to Approveit, Inc.

If you have questions, please contact the support team at support@approveit.today.

The words “we”, “our”, “us” refer to Approveit, Inc.

If you have questions, please contact the support team at support@approveit.today.

What data, for what purposes, how long, and based on what grounds do we process as a Controller?

What data do we process as a Processor of our Customers (Controllers)?

As described more below, Approveit Inc. is a “Processor” of our customers’ employees’ and
freelancers’ personal data that our customers may process via Approveit.

Our customers are the “Controllers”. We follow their directions regarding this data and may
store it, delete it, or disclose it at their direction.

The data processing practices related to cases when we act as a processor and process on
behalf of our customers are described in our Data Processing Agreement (DPA). As our Customer, you can review and digitally sign a copy of the DPA by emailing support@approveit.today.

We will countersign it and provide you with a fully executed downloadable copy via email within 10 business days.

Specific categories of data that we process on our customers’ behalf include:

With regard to employees and freelancers: name, email address, company, Slack username, approval data (date, content).

We process the data provided by our customers until the termination of our Terms of Service with them and within the terms specified by applicable law.

As described more below, Approveit Inc. is a “Processor” of our customers’ employees’ and freelancers’ personal data that our customers may process via Approveit.

Our customers are the “Controllers”. We follow their directions regarding this data and may store it, delete it, or disclose it at their direction.

The data processing practices related to cases when we act as a processor and process on behalf of our customers are described in our Data Processing Agreement (DPA). As our Customer, you can review and digitally sign a copy of the DPA by emailing support@approveit.today.

We will countersign it and provide you with a fully executed downloadable copy via email within 10 business days.

Specific categories of data that we process on our customers’ behalf include:

With regard to employees and freelancers: name, email address, company, Slack username, approval data (date, content).

We process the data provided by our customers until the termination of our Terms of Service with them and within the terms specified by applicable law.

As described more below, Approveit Inc. is a “Processor” of our customers’ employees’ and freelancers’ personal data that our customers may
process via Approveit.

Our customers are the “Controllers”. We follow their directions regarding this data and may store it, delete it, or disclose it at their direction.

The data processing practices related to cases when we act as a processor and process on behalf of our customers are described in our Data Processing Agreement (DPA). As our Customer, you can review and digitally sign a copy of the DPA by emailing support@approveit.today.

We will countersign it and provide you with a fully executed downloadable copy via email within 10 business days.

Specific categories of data that we process on our customers’ behalf include:

With regard to employees and freelancers: name, email address, company, Slack username, approval data (date, content).

We process the data provided by our customers until the termination of our Terms of Service with them and within the terms specified by applicable law.

Who do we share your data with?

We use third–party service providers to help us provide portions of the Approveit services and give support. Examples of these third parties include our payment: processor, hosting, and marketing provider.

They only receive the data needed to provide their services to us. We have agreements with our service providers that say they cannot use any of this data for their own purposes or for the purposes of another third party.

We prohibit our service providers from selling data they receive from us or receive on our behalf.

We require service providers to use data only in order to perform the services we have hired them to do (unless otherwise required by law). For example, we may use a company to help us provide client support. The information they may receive as part of providing that support cannot be used by them for anything else.

The AI tools utilized in our app are solely for enhancing user experience and building specific workflows. We do not send any customer data to AI tools. All data collected from customers is securely stored and protected, and no personally identifiable information is shared with or processed by the AI tools. Any third-party AI services or APIs integrated into our app also do not receive customer data.

Acting as a Controller we share your data with the following processors:

We use third–party service providers to help us provide portions of the Approveit services
and give support. Examples of these third parties include our payment: processor, hosting, and marketing provider.

We prohibit our service providers from selling data they receive from us or receive on our behalf.

Acting as a Controller we share your data with the following processors:

Processors, their location and the link to the privacy policy / website if applicable

Processors, their location and the link to the privacy policy/ website if applicable

Processors, their location and the link to the privacy policy / website if applicable

Purpose of transfer

Purpose
of transfer

Purpose of transfer

Calendly LLC (the USA), Privacy policy

Meeting scheduling service provider

Meeting scheduling service provider

Google LLC (the USA), Privacy policy

Email service provider; web analytics provider
(Google Analytics, Google Tag Manager)

Email service provider; web analytics provider (Google Analytics, Google Tag Manager)

HubSpot, Inc (the USA), Privacy policy

Email marketing provider, scheduling
meetings service provider

Paddle.com Market Limited (the UK), Privacy policy

Online payment provider

Online payment provider

Heroku Inc. (the USA), Privacy policy

Hosting service provider

Hosting service provider

Google API Services Usage Disclosure

Approveit app uses Google API when the Approveit app users sync events created in the app with their Google Calendar. Approveit doesn’t copy, store, or influence in any way any Calendar events that it didn’t create itself.

Approveit’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Acting as a Processor we share the data provided by our Customers with the following sub–processors:

Purpose of
sub-processing

Purpose of sub-processing

Purpose of
sub-processing

Processors, their location and the link to privacy policy/website if applicable

Safeguards for restricted transfers (outside the EEA and ‘adequate’ jurisdictions)

Heroku Inc. (the USA), Privacy policy

Hosting service provider

Standard contractual clauses

Standard contractual clauses

Automated decisions

We do not make any automated decisions about you that would result in legal or other similarly significant effects on you.

Cookies

What is a cookie?

A cookie is a file containing an identifier (a string of letters and numbers) that is sent
by a web server to a web browser and stored by the browser. The identifier is then sent back
to the server each time the browser requests a page from the server.

A cookie is a file containing an identifier (a string of letters and numbers) that is sent
by a web server to a web browser and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

What do we use cookies for?

Approveit, Inc. uses cookies for the following purposes:

to better understand your preferences,
to help you navigate our website,
to personalize and provide a more convenient experience to you,
to analyze which pages you visit, and
to measure advertising and promotional effectiveness.

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Statistic cookies help website owners understand how visitors interact with websites by collecting and reporting information anonymously. Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more
valuable for publishers and third-party advertisers.

Approveit, Inc. uses cookies for the following purposes:

• to better understand your preferences,

• to help you navigate our website,

• to personalize and provide a more convenient experience to you,

• to analyze which pages you visit, and

• to measure advertising and promotional effectiveness.

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.Statistic cookies help website owners understand how visitors interact with websites by collecting and reporting information anonymously. Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby morevaluable for publishers and third-party advertisers.

What can you do if you do not want the storing cookies to be set or want them to be removed?

You are able to withdraw the consent to store cookies by changing the settings of your web browser.

You may see the cookie management instructions published by the browser vendors at Google Chrome, Safari (Desktop, Mobile), Firefox, Internet Explorer respectively.

You are able to withdraw the consent to store cookies by changing the settings of your web browser.

You may see the cookie management instructions published by the browser vendors at Google Chrome, Safari (Desktop, Mobile), Firefox, Internet Explorer respectively.

You are able to withdraw the consent to store cookies by changing the settings of your web browser.

You may see the cookie management instructions published by the browser vendors at Google Chrome, Safari (Desktop, Mobile), Firefox, Internet Explorer respectively.

Your rights

You have the following rights concerning personal data: the right to information, right to access, right to rectification, right to withdraw consent, right to object against processing for specific purposes (such as direct marketing), right to object to automated processing, right to be forgotten, and right for data portability (copy of personal data in a commonly used machine-readable format).

You may also exercise the mentioned rights by contacting us via email at support@approveit.today.

You also have the right to lodge a complaint with a supervisory authority, in particular in the State of your habitual residence, place of work, or where the alleged infringement of the privacy regulation has taken place.

You have the following rights concerning personal data: the right to information, right to access, right to rectification, right to withdraw consent, right to object against
processing for specific purposes (such as direct marketing), right to object to automated processing, right to be forgotten, and right for data portability (copy of personal data in a commonly used machine-readable format).

You may also exercise the mentioned rights by contacting us via email at support@approveit.today.

You also have the right to lodge a complaint with a supervisory authority, in particular in
the State of your habitual residence, place of work, or where the alleged infringement of the privacy regulation has taken place.

Changes to this Policy

We regularly update this Policy in case there are significant changes in the way we process
your personal data.

You will receive a notification prior to such significant changes become effective by email
if you provided us with your email address or by pop–up a notice on our website.

We regularly update this Policy in case there are significant changes in the way we process your personal data.

You will receive a notification prior to such significant changes become effective by email if you provided us with your email address or by pop–up a notice on our website.

We regularly update this Policy in case there are significant changes in the way we process your personal data.

You will receive a notification prior to such significant changes become effective by email if you provided us with your email address or by pop–up a notice on our website.

Data Retention

We retain personal data for the shortest duration necessary to fulfill the purposes outlined in this privacy policy unless a longer retention period is mandated or permitted by law. For instance:

• Account details: Duration of an active account + 90 days.

• Purchase history: 7 years from the purchase date for accounting and taxation.

• Marketing data: 3 years from collection or until you opt-out.

• Account details: Duration of an active account + 90 days.

• Purchase history: 7 years from the purchase date for accounting and taxation.

• Marketing data: 3 years from collection or until you opt-out.

• Account details: Duration of an active account + 90 days.

• Purchase history: 7 years from the purchase date for accounting and taxation.

• Marketing data: 3 years from collection or until you opt-out.

Verification for Data Subject Requests

We prioritize your privacy and security. Before accessing personal data or processing data subject requests, we take measures to verify your identity, which might include matching your information with our records.

Opting Out of Data Sale/Sharing

If you wish to opt-out of the sale or sharing of your personal information, email your request to support@approveit.today. Once we verify your request, we will cease sharing your data unless you grant explicit authorization.

International Data Transfers

For data transfers outside the EU, we rely on Privacy Shield certification and EU Model Clauses to ensure the protection of your privacy rights.

Your Data Management Rights

You can request access, corrections, amendments, or deletion of your personal data by contacting us at support@approveit.today. If you wish to limit the sale or transfer of your data for specific purposes, please notify us. Upon verification, we will act accordingly.

Accessibility

We offer a screen-reader accessible version of this privacy policy on request. For more details, contact support@approveit.today.

Online Tracking

We and our partners employ cookies and similar tracking mechanisms to monitor your interaction with our services and other platforms. To opt-out of tracking for promotional activities, modify your browser preferences.

Consent for Calls and SMS:

By providing your phone number when registering and booking a call through Approveit, you consent to receiving calls and SMS messages from us related to your use of Approveit services.

Service updates and notifications
Reminders and confirmations related to our services
Promotional offers and marketing communications
Any other communication relevant to your use of Approveit services

You have full control over your communication preferences. You may opt out of receiving promotional calls and SMS at any time by updating your preferences in your user account or by contacting our support team at support@approveit.today

Your privacy is our utmost priority. All communications will be conducted in accordance with our comprehensive data protection and privacy policies. Your contact information will be exclusively used for the purposes stated above and will not be shared with third-party marketers.

Please ensure that your contact information is current and accurate. You can update your contact details through your user account or by reaching out to our support team.

By providing your phone number when registering and booking a call through Approveit, you consent to receiving calls and SMS messages from us related to your use of Approveit services.

• Service updates and notifications

• Reminders and confirmations related to our services

• Promotional offers and marketing communications

• Any other communication relevant to your use of Approveit services

Please ensure that your contact information is current and accurate. You can update your contact details through your user account or by reaching out to our support team.

Exercising Your Rights Under Regional Privacy Regulations

EU Residents (GDPR): You have the right to access, amend, or delete personal data we hold. To act on these rights, email support@approveit.today.

California Residents (CCPA & CPRA): You deserve to know what personal data we collect, why we use it, and options to limit its sale. Additionally, you can correct your data and restrict the use of sensitive personal details. Forward all such requests to support@approveit.today, specifying your requirements. We’ll acknowledge receipt within 10 days, and while processing, might request additional details to validate your identity. If we’re unable to fulfill certain requests, we will inform you of the reasons.

EU Residents (GDPR): You have the right to access, amend, or delete personal data we hold. To act on these rights, email support@approveit.today.

Compliance with Privacy Regulations

At Approveit, Inc., we commit to upholding all pertinent privacy regulations in our operational regions, including the GDPR (European Union) and the CCPA & CPRA (United States). We have instituted procedures to shield your personal information from unintentional loss and unauthorized access. Please note our services aren’t designed for children under 13. If we inadvertently obtain data from such individuals without parental consent, we will erase it. For any queries related to our privacy practices or policy, please email support@approveit.today.

Cross Border Transfers of Personal Data

Learneo businesses are located in the United States, Israel, India, The Netherlands, and Canada and may continue to grow in other countries. We also have service providers both in the United States and throughout the world. As such, Learneo and our service providers may transfer your personal data to, or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. These transfers are necessary in order for us to provide our Services. When we transfer information about individuals based in the EEA or UK outside of those countries, we will take appropriate measures to safeguard the transfer as required by applicable law, including:

• Adequacy Decisions: European Commission decisions recognizing that certain countries and territories outside of the EEA ensure an adequate level of protection for personal data. Depending on your use of our Services, when we transfer your personal data from the EEA to Israel or the UK, we rely on the European Commission’s adequacy decision for Israel and the UK. Further, where we transfer your personal data from the EEA to an US recipient participating in the DPF (including the UK Extension to the EU-U.S. Data Privacy Framework (DPF), where applicable), we rely on the European Commission’s adequacy decision for the US.

• Standard Contractual Clauses: Transfers to countries that don’t have an adequacy decision typically take place on the basis of the European Commission-approved standard contractual data protection clauses (together with the UK Annex for transfers from the UK), which we use for transfers to countries including but not limited to the US (where the recipient does not participate in the DPF), and Singapore.

In certain circumstances, cross border transfers may take place on the basis of exemptions provided for under applicable data protection law.
You may always contact us to request a copy of the transfer measures that we have taken to safeguard the transfer of your personal data.

Complaints

You have the right to lodge a complaint about our practices with respect to your personal data before a supervisory data protection authority.

• If you are in Europe, an up-to-date list of data protection authorities is available at https://edpb.europa.eu/about-edpb/board/members_en.

• If you are in the Netherlands, the data protection authority is the Autoriteit Persoonsgegevens, available at: https://autoriteitpersoonsgegevens.nl.

• If you are in the UK, the data protection authority is the UK Information Commissioner’s Office available at https://ico.org.uk/.

Complaints

You have the right to lodge a complaint about our practices with respect to your personal data before a supervisory data protection authority.

• If you are in Europe, an up-to-date list of data protection authorities is available at https://edpb.europa.eu/about-edpb/board/members_en.

• If you are in the Netherlands, the data protection authority is the Autoriteit Persoonsgegevens, available at: https://autoriteitpersoonsgegevens.nl.

• If you are in the UK, the data protection authority is the UK Information Commissioner’s Office available at https://ico.org.uk/.

• Adequacy Decisions: European Commission decisions recognizing that certain countries and territories outside of the EEA ensure an adequate level of protection for personal data. Depending on your use of our Services, when we transfer your personal data from the EEA to Israel or the UK, we rely on the European Commission’s adequacy decision for Israel and the UK. Further, where we transfer your personal data from the EEA to an US recipient participating in the DPF (including the UK Extension to the EU-U.S. Data Privacy Framework (DPF), where applicable), we rely on the European Commission’s adequacy decision for the US.

• Standard Contractual Clauses: Transfers to countries that don’t have an adequacy decision typically take place on the basis of the European Commission-approved standard contractual data protection clauses (together with the UK Annex for transfers from the UK), which we use for transfers to countries including but not limited to the US (where the recipient does not participate in the DPF), and Singapore.

Complaints

You have the right to lodge a complaint about our practices with respect to your personal data before a supervisory data protection authority.

• If you are in Europe, an up-to-date list of data protection authorities is available at https://edpb.europa.eu/about-edpb/board/members_en.

• If you are in the Netherlands, the data protection authority is the Autoriteit Persoonsgegevens, available at: https://autoriteitpersoonsgegevens.nl.

• If you are in the UK, the data protection authority is the UK Information Commissioner’s Office available at https://ico.org.uk/.