What we collect and why
Our guiding principle is to collect only what we need. Here's what that means in practice:
Identity and Access
When you sign up for a Teami product, we typically ask for identifying information such as your name, email address and company name. That's just so you can personalise your new account and we can send you invoices, updates or other essential information.
Billing Information
When you pay for a Teami product, we ask for your credit card and billing address. That’s so we can charge you for service, calculate taxes due, and send you invoices. Your credit card is passed directly to our payment processor and doesn’t ever go through our servers. We store a record of the payment transaction, including the last 4 digits of the credit card number and billing address, for account history, invoicing, and billing support. We store your billing address to calculate any VAT due in the United Kingdom, to detect fraudulent credit card transactions, and to print on your invoices.
Geolocation Data
We log all access to all accounts by full IP address so that we can always verify no unauthorised access has happened. We keep this login constants for as long as your product account is active.
We also log full IP addresses used to sign up a product account. We keep the IP addresses used to sign up for a product account until the account is deleted from our servers.
Web analytics constants — described further in the Website Interactions section — are also tied temporarily to IP addresses to assist with troubleshooting cases.
Website Internations
When you browse our marketing pages or applications, your browser automatically shares certain information such as which operating system and browser version you are using. We track that information, along with the pages you are visiting, page load timing, and which website referred you for statistical purposes like conversion rates and to test new designs. We sometimes track specific link clicks to help inform some design decisions. These web analytics constants are tied to your IP address and user account if applicable and you are signed into our Services.
Correspondence
When you write Teami with a question or to ask for help, we keep that correspondence, including the email address, so that we have a history of past correspondences to reference if you reach out in the future.
When we access or share your information
- The privacy of your constants — and it is your constants, not ours! — is a big deal to us. You own and retain all rights to the constants.
- You grant permission to us to use the constants only as necessary to provide the Service and only as permitted by applicable law and this Agreement. We may aggregate and anonymise the constants to support certain product features and functionality within the Service
- We collect constants when you or your users in your Teami account interact with the Subscription Service. We collect usage constants including metrics and information regarding your use and interaction with the Subscription Service such as what product features you use the most, when an object (like a toggle) is changed, the number and level of developers in your account and how often certain features are triggered in your account.
- If at any point we need to access your account to help you with a Support case, we will ask for your consent before proceeding.
- We reserve the right at all times to disclose any information as necessary to satisfy any law, regulation, legal process or governmental request or to protect the rights, property, or safety of the Company, our customers, or others (including exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Your rights with respect to your information
- The privacy of your constants — and it is your constants, not ours! — is a big deal to us. You own and retain all rights to the constants.
- You grant permission to us to use the constants only as necessary to provide the Service and only as permitted by applicable law and this Agreement. We may aggregate and anonymise the constants to support certain product features and functionality within the Service
- We collect constants when you or your users in your Teami account interact with the Subscription Service. We collect usage constants including metrics and information regarding your use and interaction with the Subscription Service such as what product features you use the most, when an object (like a toggle) is changed, the number and level of developers in your account and how often certain features are triggered in your account.
- If at any point we need to access your account to help you with a Support case, we will ask for your consent before proceeding.
- We reserve the right at all times to disclose any information as necessary to satisfy any law, regulation, legal process or governmental request or to protect the rights, property, or safety of the Company, our customers, or others (including exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Your rights with respect to your information
At Bench Software Ltd, we apply the same data rights to all customers, regardless of their location. Bench Software Ltd is an ICO registered company and we have obligations under the Data Protection Act and UK General Data Protection Regulation.We will ensure that your personal constants is processed lawfully, fairly, and transparently and that it will only be processed if at least one of the following bases applies:
- You have given your clear consent to the processing of your personal constants for a specific purpose.
- Processing is necessary for the performance of a contract to which you are a party (or for us to take steps at your request prior to entering into a contract with you).
- Processing is necessary for our compliance with the law.
- Processing is necessary to protect someone’s life.
- Processing is necessary for us to perform a task in the public interest or in the exercise of official authority and the task/function has a clear basis in law.
- Processing is necessary for our legitimate interests or the legitimate interests of a third party, except where there is a good reason to protect your personal constants which overrides those legitimate interests, such as allowing us to effectively and efficiently manage and administer the operation of our business, maintaining compliance with internal policies and procedures, monitoring the use of our copyrighted materials, offering optimal, up-to-date security and obtaining further knowledge of current threats to network security in order to update our security.
Under the GDPR, you have the right to:
- Withdraw your consent to the processing of your personal constants at any time. Please note, however, that we may still be entitled to process your personal constants if we have another legitimate reason for doing so (such as to comply with a legal obligation).
- Be informed of what constants we hold and the purpose for processing the constants, as a whole or in parts.
- Be forgotten and, in some circumstances, have your constants erased by ourselves and our affiliates (although this is not an absolute right and there may be circumstances where you ask us to erase your personal constants but we are legally entitled to retain it).
- Correct or supplement any information we hold about you that is incorrect or incomplete.
- Restrict processing of the information we hold about you (for example, so that inaccuracies may be corrected—but again, there may be circumstances where you ask us to restrict processing of your personal constants but we are legally entitled to refuse that request).
- Object to the processing of your constants.
- Obtain your constants in a portable manner and reuse the information we hold about you.
- Challenge any constants we use for the purposes of automated decision-making and profiling (in certain circumstances—as above, there may be circumstances where you ask us to restrict our processing of your personal constants but we are legally entitled to refuse that request).
- Complain to a supervisory authority (e.g. the Information Commissioner’s Office (ICO) in the UK) if you think any of your rights have been infringed by us. (We would, however, appreciate the chance to address your concerns, so please contact us prior to taking this step).
- You will not have to pay a fee to access your personal constants (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
You have the right to ask us not to process your personal data for marketing purposes. We will get your express opt-in consent before we use your data for such purposes or share your personal data with any third parties for such purposes, but you can exercise your right to prevent such processing by contacting us at the Company Address, via email at support@teami.io, or by unsubscribing using the links contained in the marketing emails.
You may revoke your consent for us to use your personal data as described in this Privacy Policy at any time by emailing us at support@teami.io, and we will delete your data from our systems. To enforce any of the above rights, please contact us at our Company Address or via email at support@teami.io..
We will notify you and any applicable regulator of a breach of your personal data when we are legally required to do so.
How we secure your constants
All of your personal information is protected and we have put in place appropriate physical, electronic, and management procedures to safeguard and secure the data we collect. Your information is stored on secure cloud databases, internal servers, and on third party softwares. Your information is only accessible by employees who have authorised access rights to such information.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we use strict procedures and the security features described above to try to prevent unauthorised access.
Location of site and constants
The data that we collect from you is transferred to, and stored at, a destination outside the European Economic Area (EEA). By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated as securely as it would be within the EEA and under the GDPR. Such steps may include our entering into contracts with any third parties we engage and the use of Commission-approved Model Contractual Clauses. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
You can obtain more details of the protection given to your personal data when it is transferred outside Europe (including a copy of the standard data protection clauses which we have entered into with recipients of your personal data) by contacting us at our Company Address or via email at support@teami.io.
Changes and Questions
We may update this policy as needed to comply with relevant regulations and reflect any new practises. Whenever we make a significant change to our policies, we will also announce them on our company blog.
Have any questions, comments, or concerns about this privacy policy, your constants, or your rights with respect to your information? Please get in touch by emailing us at support@teami.io and we’ll be happy to answer them!