Last Modified: 12th February 2021
SourceWhale Ltd (“SourceWhale”,”us”, “we”, or “our”) operates the website https://sourcewhale.com, the web application https://sourcewhale.app and the SourceWhale Chrome or Firefox Extension (together, the “Service”). This page informs you of our policies regarding the collection, use and disclosure of personally identifiable information (“Personal Information”) in connection with the Service. By using the Service, you agree to the collection and use of information in accordance with this policy.
We do not knowingly collect personal information from anyone under the age of 18. If we learn that we have collected the information from a minor under the age of 18, we will delete that information as soon as possible.
For purposes of the applicable Data Protection Laws, we are the “data controller” for visitors to our website. This means that SourceWhale Ltd determines the purposes for which, and the manner in which, your Personal Information is processed.
What information do we gather from visitors?
Information which is automatically collected:
Whenever you use the Service, we automatically receive and record information in our server logs from your browser, which may include your IP address, information about your web cookies, and the page or feature you were interacting with. Cookies are web identifiers we, and other services, transfer to your browser to allow us to recognise your browser when you visit our site. We also use data from your cookies to track when and how often pages of our Service are visited. We use this data to customise your experience with, and to generally improve, our Service. You may be able to change the preferences within your browser to limit your acceptance of cookies, but this will prevent you from using some or all features of our Service. Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services that you do not wish such operators to track certain of your online activities over time and across different websites. Our Service does not currently support Do Not Track requests, which means that we collect information about your online activity both while you are using the Service and after you leave our Service.
We also automatically receive information about communications sent and received using our Service.
Our customers and other third parties may also provide us with Personal Information about our customers’ contacts and others. For example, we may receive Personal Information and other information from our customers, email senders, databases with information relevant to profile URLs and emails submitted to our Service, and other third parties. This information may include, without limitation, contact and other information.
In connection with your use of the Service, we may also collect information created or provided by you, or that we otherwise receive, in connection therewith. For example, if your contacts send messages to you, we may collect and maintain the message data, which may include Personal Information.
We use third party analytics services in order to better understand how our users are engaging with our Service. When a user browses our website or uses the Service, these services may collect the user’s IP address, browser type, and approximate location (based on the IP address). They may also set and access cookies on your computer or other device. In order to refine our understanding of user engagement, we provide these services with a user’s email address (which we collected as part of the user’s account registration process).
We employ other companies and people to perform tasks on our behalf and need to share your information with them to provide products or services to you; for example, data storage services, marketing services, and payment processing companies to receive and process your financial transactions for us. In addition, by submitting information when using our Service, Personal Information that we process and collect may be transferred between companies, business units and employees affiliated with us and you hereby explicitly consent to trans-border transmission of such information.
We may choose to buy or sell assets, and may share and/or transfer customer and other user information in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, merged, reorganised, or if we go out of business, enter bankruptcy, or go through some other change of control or similar event, you acknowledge and explicitly consent that Personal Information could be one of the assets transferred to or acquired by a third party.
We reserve the right to access, read, preserve, and disclose any information that we believe is reasonably necessary to comply with law, legal obligations, regulations, law enforcement, governmental and other legal requests, or court order; enforce or apply our Terms of Service and other agreements; address fraud, security or technical issues; or protect the rights, property, or safety of SourceWhale, our employees, our users, or others.
Information provided by you: When you create a new account to use the Service we will solicit your consent to connect your email account to your SourceWhale account (using the OAuth authentication method), thereby providing us with access to your email account, including but not limited to email, contacts, and calendar. SourceWhale accesses and stores a limited subset of data from your account, including name and email address, to provide you with our Services.
For users authenticating via Google accounts; SourceWhale’s use of information received, and SourceWhale’s transfer of information to any other app, from Google APIs will adhere to Google’s Limited Use Requirements.
We receive and store any information that you provide to us during your use of the Service. For example, through your account settings, sending emails and InMail, creating lists of contacts, inputting contact information, requests for support through customer support, and otherwise using the Services, we may collect Personal Information such as your name, email address, location, phone number, payment information, and third-party account credentials (for example, your log-in credentials for Google Mail or other third party sites). Certain information may be required to register with us or to take advantage of some of our features.
In addition, we collect Personal Information you submit to us, for example by completing a form on our website or participating in a SourceWhale event. In that case, we may communicate with you, for example by calling you at the phone number you provide or emailing you about your use of the Services. If you do not want to receive communications from us but believe we have your Personal Information, please indicate your preference by sending an email to email@example.com.
Purpose of processing of this data that we collect
We process your personal data for the following purposes:
- To enter into, and to perform, contracts with you or the person that you work for.
- provide services to users of our services
- manage and administer our relationships with users of our services;
- Where you or the person that you work for may be the relevant user of services for these purposes.
- To advertise and market, and provide information about, our services.
- To administer our website under our terms and for internal operations, including troubleshooting, and data analysis, testing, research, statistical and survey purposes.
- To improve our site to ensure that content is presented in the most effective manner for you and for your computer.
- To keep our website, services and other systems safe and secure.
- To make suggestions and recommendations about services that may interest you or the person that you work for and subject to your stated preferences where relevant.
The lawful basis for the processing of this information
The basis on which we process your personal data is as follows:
- Where it is necessary to obtain your prior consent to the processing concerned in order for us to be allowed to do it, we will obtain and rely on your consent in relation to the processing concerned (see below for how to withdraw your consent at any time).
- Otherwise, we will process your personal data only where the processing is necessary:
- for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract;
- for compliance with a legal obligation to which we are a subject; or
- for the purposes of the legitimate interests pursued by us or another person, provided that this will only be in circumstances in which those legitimate interests are not overridden by your interests or fundamental rights and freedoms which require protection of personal data (most circumstances in which we process your personal data in relation to a relationship that we have with the person that you work for will fall into this category).
How long do we hold on to this information for?
We process personal data only for so long as is necessary for the purpose(s) for which it was originally collected, after which it will be deleted or archived except to the extent that it is necessary for us to continue to process it for the purpose of compliance with legal obligations to which we are subject or for another legitimate and lawful purpose.
Where is this information processed?
The data that we process in relation to you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) that may not be subject to equivalent data protection law. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the fulfilment of orders, the processing of payment details and the provision of support services.
All personal data processed by us is stored on secure servers. Any payment transactions will be encrypted using appropriate technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website or systems, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Sharing of your information
We will not rent or sell the personal information of users of our Service. In future, we may sell or divest the company. Your Personal Information such as customer names and email addresses and other user information related to the Service may be among the items transferred in the event of a company sale.
Your data protection rights
- The right to access – You have the right to request copies of your personal data.
- The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request us to complete the information you believe is incomplete.
- The right to erasure – You have the right to request that we erase your personal data.
- The right to restrict processing – You have the right to request that we restrict the processing of your personal data.
- The right to object to processing – You have the right to object to our processing of your personal data.
- If you make a request, we have one month to respond to you.
If you would like to exercise any of these rights, please contact us at our email: firstname.lastname@example.org
If you are not happy with our response you have the right to complain to the relevant data protection supervisory authority, which in the UK is the Information Commissioner’s Office (ICO).
SourceWhale’s use of information received from Google APIs adhere to Google API Services User Data Policy, including the Limited Use requirements.
How to contact us