- Non-Personal Information: “Non-Personal Information” is un-identified and non-identifiable information pertaining to a User, which may be made available to us, or collected automatically via your use of the Services which does not enable us to identify the person from whom it was collected. This mainly consists of technical and aggregated non-identifiable, such as the type of operating system you use, type of browser you use, your screen resolution, your browser and keyboard language. In addition, we may collect certain behavioral non personal information regarding your use of the Services, which may include your session recordings, “click stream” activity, etc.
- Personal Information: “Personal Information” is information that identifies an individual or may with reasonable efforts or together with additional information we have access to, enable the identification of an individual, or may be of a private or sensitive nature relating to an identified or identifiable natural person. Identification of an individual also includes the association of such individual with a persistent identifier such as a name, an identification number, persistent cookie identifier etc. over the course of your use of the Services Personal Information we collect about you may include the following: your full name, IP address, unique device ID, email address, photos, information relating to your schedule, calendar, workflow, availability to perform responsibilities, interactions with other Users, workplace schedule, planned work meetings and calls including voice and video recording of such work meetings and calls and certain information you may share with us in your own volition when contacting us via the Services Personal Information does not include information that has been anonymized or aggregated and can no longer be used to identify a specific natural person. Personal Information that is collected by us consists of the following types of information:
We receive and/or collect information from you in the following ways:
1. Information we receive when you use the Platform. When you use our Platform, as a Client User or an End-User we may collect the certain Personal Information about our Users or Users clients, including, but not limited to your full name, IP address, email address, photos, and certain information you may share with us in your own volition when contacting us via the Platform.
2. Workspace. In order to use our Platform, you will be required to create an account (“Workspace”). If you create a Workspace, you will be required to provide us with certain information, such as your name, email address, phone number, organization name, position and title, as well as a password that you will use for your Workspace. In addition, following the setup of your Workspace, we may collect information regarding your use of the Workspace and Platform.
3. Calendar and Workflow Information. If you are a Client User or an End-User, you may at your own volition provide us access to certain Personal Information obtained from your calendar (e.g. Outlook, Google Calendar) or internal workplace workflow.
4. “Contact Us” Information. If you send us a “Contact Us” request, whether by submitting an online form that we make available or by sending an email to an email address that we display, you may be required to provide us with certain information such as your name and email address.
5. Through integrations with certain third-party services. We may collect Personal Information through integrations with third party service providers.
6. Log Files. We may make use of log files. The information inside the log files includes internet protocol (IP) addresses, type of browser, Internet Service Provider (ISP), date/time stamp, referring/exit pages, clicked pages and any other information your browser may send to us. We may use such information to analyze trends, administer the Services, track users’ movement around the Services, and gather demographic information.
7. Candidates. We may use a Candidates’ (as defined below) Candidate Information (as defined below) solely for our internal recruitment purposes (including for identifying Candidates, evaluating their applications, making hiring and employment decisions, and contacting Candidates by phone or in writing).
We may share and/or transfer your Personal Information in the following ways and for the following purposes:
3. Third Parties & Business Partners – We may share your information with a number of selected service providers, whose Services and solutions are required or otherwise facilitate achievement of the purposes of processing set forth under Section 4 above. These third parties serve in facilitating and enhancing our Services and related Services, namely to allow cloud hosting Services (e.g. AWS, Google Cloud), for analytics purposes
(e.g. Google Analytics, Heap, Fullstory), to facilitate engagement with our clients and users (e.g. Hubspot, SalesForce), to monitor our Services (e.g. Epsagon), or to process payments within the Services (e.g. Stripe). Our third party Services providers act as our sub-processors and may only process your information according to our instructions (which are given in accordance with the terms hereof). We remain responsible for any processing of your information done by such third party service providers on our behalf not in accordance with the terms hereof, except for events outside of such service providers’ reasonable control.
4. Law Enforcement – We may cooperate with government and law enforcement officials to enforce and comply with the law. We may therefore disclose any information to government or law enforcement officials as we believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect our or a third party’s property and legal rights, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable.
Your information may be transferred to, maintained, processed and stored by us and our authorized affiliates and service providers in the EU, US and in Israel. Please note that Israeli data and privacy laws may not be as comprehensive as those in your country of residence. Residents of certain countries may be subject to additional protections, as set forth below.
GDPR (EEA Users): This section applies only to natural persons residing in the European Economic Area (for the purpose of this section only, "you" or "your" shall be limited accordingly). It is EverAfter's policy to comply with the EEA's General Data Protection Regulation (“GDPR”). In accordance with the GDPR, we may transfer your Personal Information from your home country to Israel, the U.S. and/or other countries, provided that the transferee has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available. Specifically, we may cause such transfer if we ensured that at least one of the following applies:
● The country to which Personal Information has been transferred, has been determined by the EU Commission to be a country providing adequate protection to the privacy rights of EU residents.
● Application of Standard Contractual Clauses (also known as "Model Clauses") where appropriate.You have additional rights regarding your personal data under the GDPR, please refer to Section 8 below.
If applicable to you under your country’s jurisdiction, you may have certain rights in connection with your Personal Information and how we handle it. You can exercise your rights at any time by contacting us via any of the methods set out below. Those rights may include, but are not limited to, the following:
● Right of access. You may have a right to know what information we hold about you and, in some cases, to have the information communicated to you. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any information.
● Right to correct Personal Information. We endeavor to keep the information that we hold about you accurate and up to date. Should you realize that any of the information that we hold about you is incorrect, please let us know and we will correct it as soon as we can.
● Data deletion. In some circumstances you have a right to request that some portions of the Personal Information that we hold about you be deleted or otherwise anonymized.
● Data portability. In some circumstances, you may have the right to request that data which you have provided to us is provided to you, so you can transfer this to another data controller.
● Restriction of processing. In some cases, you may have the right to request a restriction of the processing of your Personal Information, such as when you are disputing the accuracy of your information held by us.
Our Services may utilize “cookies”, anonymous identifiers and other tracking technologies in order to for us to provide our Services and present you with information that is customized for you. A “cookie” is a small text file that may be used, for example, to collect information about activity on the Services. Certain cookies and other technologies may serve to recall Personal Information, such as an IP address, previously indicated by a user. Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser.
We may use Anonymous Information (as defined below) or disclose it to third party service providers in order to improve our Services and enhance your experience with the Services. We may also disclose Anonymous Information (with or without compensation) to third parties, including advertisers and partners. “Anonymous Information” means information which does not enable identification of an individual user, such as aggregated information about the use of our Services.
You may choose not to receive future promotional, advertising, or other Services-related emails from us by selecting an unsubscribe link at the bottom of each email that we send. Please note that even if you opt out of receiving the foregoing emails, we may still send you a response to any “Contact Us” request as well as administrative emails (for example, in connection with a password reset request) that are necessary to facilitate your use of the Services.
We will retain your Personal Information only for as long as necessary to achieve the purposes for collection and processing set forth above. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. If you withdraw your consent to our processing your Personal Information, we will delete your Personal Information from our systems (except to the extent retaining such data in whole or in part is necessary to comply with any applicable rule or regulation and/or to respond to or defend against legal proceedings brought against us or our affiliates).
At all times, you may choose whether or not to provide or disclose Personal Information. If you choose not to provide mandatory Personal Information, you may still visit parts of the Services but you may be unable to access certain options, programs, offers, and services that involve our interaction with you.
To the extent that you do provide us with Personal Information, we wish to maintain accurate Personal Information. If you would like to delete or correct any of your other Personal Information that we may be storing, you may use the tools that we make available on the Services or you may submit an access request by sending an email to email@example.com. Your email should include adequate details of your request.
The Services are not intended for users under the age of 18 years. If we learn that we have collected Personal Information from a user under 18 years, we will delete that information as quickly as possible. If you believe that we might have any such information, please contact us at firstname.lastname@example.org.
We welcome qualified candidates (“Candidate(s)” to apply to any of the open positions posted at our Services by sending us your contact details and CV or resume (“Candidate Information”). Since privacy and discreetness are very important to our Candidates, we are committed to keep Candidate Information private and will use it solely for our internal recruitment purposes. Please note that we may retain Candidate Information submitted to us even after the applied position has been filled or closed. This is done so we could re-consider Candidates for other suitable positions and opportunities at Everafter; so we could can use the Candidate Information as a reference for future applications; and in case the Candidate is hired, for additional employment and business purposes related to their employment with us.
If you previously submitted your Candidate Information to us, and now wish to access it, update it or have it deleted from our systems, please contact us at email@example.com.
The security of Personal Information is important to us. We follow generally accepted industry standards, including the use of appropriate administrative, physical and technical safeguards, to protect the Personal Information submitted to us. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use reasonable acceptable means to protect your Personal Information, we cannot guarantee its absolute security or confidentiality. If you have any questions about security on the Services, you can contact us at firstname.lastname@example.org.
We do not track consumers over time and across third party websites and therefore do not respond to Do Not Track signals. We do not allow third parties to collect personally identifiable information about an individual consumer’s online activities over time and across different web sites when a consumer uses the Services.
Last updated: April 25, 2022
Q: Where are EverAfter data centers located?
A: EverAfter hosts it’s systems in AWS US region, in multiple availability zones.
Q: Which Security and Privacy-related regulations, standards and certifications does EverAfter comply with?
A: EverAfter has a Service Organization Control 2 (SOC-2) Type II certificate and is compliant with The General Data Protection Regulation (EU) 2016/679 (GDPR).
Q: As it relates to the GDPR, is EverAfter considered a processor or a controller?
A. GDPR defines ‘Controller’ as the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Everafter lets you integrate to your organizational systems and fetch data from the systems — in order to create hubs to share with your clients. herefore, according to the GDPR definitions, EverAfter is considered as a processor.
Q: How long does EverAfter retain my data for? What happens to the data if I stop using the service?
A: EverAfter keeps customer data for and retains your data for as long as your workspace is active.As soon as you stop using EverAfter, your workspace along with all your data will be deleted from our databases.
Q: Who is EverAfter’s security personnel?
A: In EverAfter, we understand security is very important to our clients and their users. This is why we have our most reliable and educated people taking care of the security. For any question or concern regarding security, please feel free to contacts Tal Shemesh, our CTO at email@example.com
Last updated: March 3th, 2022