Privacy Policy
Version 2.4. Last update May 21, 2024
Introduction
Approveit, Inc. is committed to protecting your privacy and ensuring you have a positive
experience when using the services we provide, which we generally refer to as
Approveit or Approveit services.
Scope of this Privacy Policy
This Privacy Policy explains how we handle data, including what we collect and how we obtain
it, how we use it, when and if we disclose it, and some of your options for managing your
data with Approveit Inc. with regard to:
- Approveit services
- Our website approveit.today.
Who are we and how to contact us?
This Privacy Policy explains how personal data is processed by Approveit, Inc., a company
incorporated in the State of Delaware and having its registered office at 51 Little Falls
Drive, Wilmington, New Castle County, Delaware, 19808.
The words “we”, “our”, “us” refer to Approveit, Inc.
If you have questions, please contact the support team at support@approveit.today.
What data, for what purposes, how long, and based on what grounds do we process as a Controller?
What data do we process as a Processor of our Customers (Controllers)?
As described more below, Approveit Inc. is a “Processor” of our customers’ employees’ and
freelancers’ personal data that our customers may
process via Approveit.
Our customers are the “Controllers”. We follow their directions regarding this data and may
store it, delete it, or disclose it at their direction.
The data processing practices related to cases when we act as a processor and process on
behalf of our customers are described in our Data Processing Agreement (DPA). As our
Customer, you can review and digitally sign a copy of the DPA by emailing support@approveit.today.
We will countersign it and provide you with a fully executed downloadable copy via email
within 10 business days.
Specific categories of data that we process on our customers’ behalf include:
With regard to employees and freelancers: name, email address, company, Slack username,
approval data (date, content).
We process the data provided by our customers until the termination of our Terms of Service with them and within the terms specified by applicable law.
Who do we share your data with?
We use third–party service providers to help us provide portions of the Approveit services
and give support. Examples of these third parties include our payment: processor, hosting,
and marketing provider.
They only receive the data needed to provide their services to us. We have agreements with
our service providers that say they cannot use any of this data for their own purposes or
for the purposes of another third party.
We prohibit our service providers from selling data they receive from us or receive on our
behalf.
We require service providers to use data only in order to perform the services we have hired
them to do (unless otherwise required by law). For example, we may use a company to help us
provide client support. The information they may receive as part of providing that support
cannot be used by them for anything else.
The AI tools utilized in our app are solely for enhancing user experience and building specific workflows. We do not send any customer data to AI tools. All data collected from customers is securely stored and protected, and no personally identifiable information is shared with or processed by the AI tools. Any third-party AI services or APIs integrated into our app also do not receive customer data.
Acting as a Controller we share your data with the following processors:
Processors, their location and the link to the privacy policy / website if applicable | Purpose of transfer |
Calendly LLC (the USA), Privacy policy | Meeting scheduling service provider |
Google LLC (the USA), Privacy policy | Email service provider; web analytics provider (Google Analytics, Google Tag Manager) |
HubSpot, Inc (the USA), Privacy policy | Email marketing provider, scheduling meetings service provider |
Paddle.com Market Limited (the UK), Privacy policy | Online payment provider |
Heroku Inc. (the USA), Privacy policy | Hosting service provider |
Google API Services Usage Disclosure
Approveit app uses Google API when the Approveit app users sync events created in the app with their Google Calendar. Approveit doesn’t copy, store, or influence in any way any Calendar events that it didn’t create itself.
Approveit’s use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
Acting as a Processor we share the data provided by our Customers with the following sub–processors:
Purpose of sub-processing | Processors, their location and the link to privacy policy/website if applicable | Safeguards for restricted transfers (outside the EEA and ‘adequate’ jurisdictions) |
Hosting service provider | Heroku Inc. (the USA), Privacy policy | Standard contractual clauses |
Automated decisions
We do not make any automated decisions about you that would result in legal or other
similarly significant effects on you.
Cookies
What is a cookie?
A cookie is a file containing an identifier (a string of letters and numbers) that is sent
by a web server to a web browser and stored by the browser. The identifier is then sent back
to the server each time the browser requests a page from the server.
What do we use cookies for?
Approveit, Inc. uses cookies for the following purposes:
- to better understand your preferences,
- to help you navigate our website,
- to personalize and provide a more convenient
experience to you, - to analyze which pages you visit, and
- to measure advertising and promotional effectiveness.
Necessary cookies help make a website usable by enabling basic functions
like page navigation and access to secure areas of the website. The website cannot function
properly without these cookies.
Statistic cookies help website owners understand how visitors interact with
websites by collecting and reporting information anonymously.
Marketing cookies are used to track visitors across websites. The intention
is to display ads that are relevant and engaging for the individual user and thereby more
valuable for publishers and third-party advertisers.
Cookie List
What can you do if you do not want the storing cookies to be set or want them to be removed?
You are able to withdraw the consent to store cookies by changing the settings of your web
browser.
You may see the cookie management instructions published by the browser vendors at Google Chrome, Safari (Desktop, Mobile), Firefox, Internet Explorer respectively.
Your rights
You have the following rights concerning personal data: the right to information, right to
access, right to rectification, right to withdraw consent, right to object against
processing for specific purposes (such as direct marketing), right to object to automated
processing, right to be forgotten, and right for data portability (copy of personal data in
a commonly used machine-readable format).
You may also exercise the mentioned rights by contacting us via email at support@approveit.today.
You also have the right to lodge a complaint with a supervisory authority, in particular in
the State of your habitual residence, place of work, or where the alleged infringement of
the privacy regulation has taken place.
Changes to this Policy
We regularly update this Policy in case there are significant changes in the way we process
your personal data.
You will receive a notification prior to such significant changes become effective by email
if you provided us with your email address or by pop–up a notice on our website.
Data Retention
We retain personal data for the shortest duration necessary to fulfill the purposes outlined in this privacy policy unless a longer retention period is mandated or permitted by law. For instance:
Account details: Duration of an active account + 90 days.
Purchase history: 7 years from the purchase date for accounting and taxation.
Marketing data: 3 years from collection or until you opt-out.
Verification for Data Subject Requests
We prioritize your privacy and security. Before accessing personal data or processing data subject requests, we take measures to verify your identity, which might include matching your information with our records.
Opting Out of Data Sale/Sharing
If you wish to opt-out of the sale or sharing of your personal information, email your request to support@approveit.today. Once we verify your request, we will cease sharing your data unless you grant explicit authorization.
International Data Transfers
For data transfers outside the EU, we rely on Privacy Shield certification and EU Model Clauses to ensure the protection of your privacy rights.
Your Data Management Rights
You can request access, corrections, amendments, or deletion of your personal data by contacting us at support@approveit.today. If you wish to limit the sale or transfer of your data for specific purposes, please notify us. Upon verification, we will act accordingly.
Accessibility
We offer a screen-reader accessible version of this privacy policy on request. For more details, contact support@approveit.today.
Online Tracking
We and our partners employ cookies and similar tracking mechanisms to monitor your interaction with our services and other platforms. To opt-out of tracking for promotional activities, modify your browser preferences.
Consent for Calls and SMS:
By providing your phone number when registering and booking a call through Approveit, you consent to receiving calls and SMS messages from us related to your use of Approveit services.
- Service updates and notifications
- Reminders and confirmations related to our services
- Promotional offers and marketing communications
- Any other communication relevant to your use of Approveit services
You have full control over your communication preferences. You may opt out of receiving promotional calls and SMS at any time by updating your preferences in your user account or by contacting our support team at support@approveit.today
Your privacy is our utmost priority. All communications will be conducted in accordance with our comprehensive data protection and privacy policies. Your contact information will be exclusively used for the purposes stated above and will not be shared with third-party marketers.
Please ensure that your contact information is current and accurate. You can update your contact details through your user account or by reaching out to our support team.
Exercising Your Rights Under Regional Privacy Regulations
EU Residents (GDPR): You have the right to access, amend, or delete personal data we hold. To act on these rights, email support@approveit.today.
California Residents (CCPA & CPRA): You deserve to know what personal data we collect, why we use it, and options to limit its sale. Additionally, you can correct your data and restrict the use of sensitive personal details. Forward all such requests to support@approveit.today, specifying your requirements. We’ll acknowledge receipt within 10 days, and while processing, might request additional details to validate your identity. If we’re unable to fulfill certain requests, we will inform you of the reasons.
Compliance with Privacy Regulations
At Approveit, Inc., we commit to upholding all pertinent privacy regulations in our operational regions, including the GDPR (European Union) and the CCPA & CPRA (United States). We have instituted procedures to shield your personal information from unintentional loss and unauthorized access. Please note our services aren’t designed for children under 13. If we inadvertently obtain data from such individuals without parental consent, we will erase it. For any queries related to our privacy practices or policy, please email support@approveit.today.
Cross Border Transfers of Personal Data
Learneo businesses are located in the United States, Israel, India, The Netherlands, and Canada and may continue to grow in other countries. We also have service providers both in the United States and throughout the world. As such, Learneo and our service providers may transfer your personal data to, or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. These transfers are necessary in order for us to provide our Services. When we transfer information about individuals based in the EEA or UK outside of those countries, we will take appropriate measures to safeguard the transfer as required by applicable law, including:
- Adequacy Decisions: European Commission decisions recognizing that certain countries and territories outside of the EEA ensure an adequate level of protection for personal data. Depending on your use of our Services, when we transfer your personal data from the EEA to Israel or the UK, we rely on the European Commission’s adequacy decision for Israel and the UK. Further, where we transfer your personal data from the EEA to an US recipient participating in the DPF (including the UK Extension to the EU-U.S. Data Privacy Framework (DPF), where applicable), we rely on the European Commission’s adequacy decision for the US.
- Standard Contractual Clauses: Transfers to countries that don’t have an adequacy decision typically take place on the basis of the European Commission-approved standard contractual data protection clauses (together with the UK Annex for transfers from the UK), which we use for transfers to countries including but not limited to the US (where the recipient does not participate in the DPF), and Singapore.
In certain circumstances, cross border transfers may take place on the basis of exemptions provided for under applicable data protection law.
You may always contact us to request a copy of the transfer measures that we have taken to safeguard the transfer of your personal data.
Complaints
You have the right to lodge a complaint about our practices with respect to your personal data before a supervisory data protection authority.
- If you are in Europe, an up-to-date list of data protection authorities is available at https://edpb.europa.eu/about-edpb/board/members_en.
- If you are in the Netherlands, the data protection authority is the Autoriteit Persoonsgegevens, available at: https://autoriteitpersoonsgegevens.nl.
- If you are in the UK, the data protection authority is the UK Information Commissioner’s Office available at https://ico.org.uk/.