This Privacy and Cookies Policy (“policy”) describes ChartMogul’s commitment to protecting your personal data and respecting your privacy. This policy applies to our customers (including those on free trials), subscribers, website visitors, and applicants (hereinafter referred to as “you”, “your” and “yours”).

The following statements describe who we are, which types of personal data we collect when you use our services, visit our websites, communicate with ChartMogul, and/or apply for a job at ChartMogul, what happens with this personal data, and how you can object to this processing, where applicable. All collection, processing, and use of personal data (“processing”) by ChartMogul is exclusively for the purposes of providing and optimizing the ChartMogul services (“services”), monitoring the function and performance of our websites, supporting our business operations, complying with legal and regulatory obligations, providing customer service, and marketing our services. The services have been designed with the goal of collecting as little personal data as possible to function.

Except as otherwise provided herein, for the purposes of this policy and data protection laws, namely the General Data Protection Regulation (GDPR) (EU) 2016/679 (“GDPR”), we are the data controller, meaning we determine the purpose and means of processing, of your personal data. If you have questions about our processing of personal data, you will find our contact information and the contact details for our Data Protection Officer in the section below.

There may be situations when more than one data controller processes your information, such as when you access the ChartMogul website through a widget. In these situations, we act as an independent data controller over our processing activities and make determinations over how data will be processed independently from other data controllers. We are not responsible for the processing of other data controllers, including customers, and you should contact them directly regarding questions about how they process your personal data. If you have questions about our processing of personal data, you will find our contact information and the contact details for our Data Protection Officer in the section below.

Controller

The controller, sometimes referred to as the responsible entity, according to Art. 4 Nr. 7 of the GDPR is: ChartMogul CMTDE GmbH & Co. KG, ℅ WeWork, Kemperplatz 1, 10785 Berlin, Germany

Appointed Data Protection Officer for ChartMogul CMTDE GmbH & Co. KG

The appointed data protection officer for EEA and UK is: ePrivacy GmbH, represented by Prof. Dr. Christoph Bauer, Große Bleichen 21, 20354 Hamburg, Germany

For questions related to data protection, you can contact the appointed data protection officer via email through: privacy@chartmogul.com

Or by post: ePrivacy GmbH, Große Bleichen 21, 20354 Hamburg, Germany

If you wish to communicate directly with our data protection officer (because you have a particularly sensitive matter for example), please contact them by post, as communication by e-mail could always have security gaps. Please state in your request that your concern relates to the company ChartMogul.

Definitions

When we refer to “personal data,” we mean all particulars related to an identified or identifiable natural person (“data subject”).

When we refer to ChartMogul, “we” or “us”, we mean ChartMogul CMTDE GmbH & Co. KG. All customers are billed through this entity. ChartMogul Technology Canada Ltd and ChartMogul, LLC are processors of ChartMogul CMTDE GmbH & Co. KG, providing customer support and North American sales, and recruiting functions, respectively. We may share your personal data with our operating subsidiaries as necessary for the provision of services.

When we refer to “our website(s)” and/or “ChartMogul websites,” we mean any website owned and / or operated by ChartMogul, especially chartmogul.com (including all subdomains) and mogul.io (including all subdomains).

When we refer to “ChartMogul application,” we mean ChartMogul’s product hosted at app.chartmogul.com.

Data Protection Principles

The GDPR sets out the principles which must be complied with by any party handling personal data. ChartMogul will comply with these principles, as detailed in Article 5 of the GDPR;

  • Processed lawfully, fairly, and in a transparent manner in relation to the data subject;

  • Collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific, or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes subject to appropriate safeguards, and provided that there is no risk of breaching the privacy of the data subject;

  • Adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed;

  • Accurate and where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which they are processed, is erased or rectified without delay;

  • Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organizational measures required by GDPR in order to safeguard the rights and freedoms of the data subject;

  • Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures;

  • Article 5(2) states that the controller is responsible for and must be able to demonstrate compliance with the data protection principles

Accountability

The GDPR obliges organizations to demonstrate that their processing activities are compliant with the data protection principles. The principle of accountability seeks to guarantee the enforcement of these principles. We will demonstrate compliance in the following ways:

  • by maintaining record schedules which will include details on Personal Data collected, held, or processed in line with Article 30 – ‘Records of Processing Activities’;

  • upon request, these records will be disclosed to the relevant lead authority in the applicable jurisdiction.

In order to process personal data, a lawful ground must exist. A number of permitted grounds for processing are enumerated in Article 6 of the GDPR.

One ground for the processing of personal data is Article 6, Paragraph 1(a) of the GDPR, which is the freely given consent of the data subject to do so. This consent is bound to a particular purpose. For example, we may collect personal data such as your name and email address when you subscribe to our newsletter.

A second ground for the processing of personal data is to fulfill the requirements of a contract, as specified in Article 6, Paragraph 1(b) of the GDPR. Performance of contract is understood to include the initiation of a commercial relationship. This ground applies to ChartMogul when a user completes our contact form or contacts our Customer Success or Sales team using any other means to obtain a non-binding quotation.

Article 6, Paragraph 1(c) of the GDPR permits the processing of personal data where a legal requirement to do so exists.

Article 6, paragraph 1(d) permits the processing of personal data in exceptional circumstances, where doing so is necessary to protect the vital interests of the data subject.

It is also possible that personal data will be processed on the basis of Article 6, paragraph 1(f) of the GDPR. This is the so-called “legitimate interests” ground, which is interpreted with reference to Recital 47 of the GDPR. The GDPR treats this as a “fallback ground”, which only applies where no other previously listed lawful ground for processing applies. When this ground is relied upon, an assessment must carefully weigh the legitimate interests of the data subject against the legitimate interests of the data controller.

What Personal Data We Collect

Unless expressly stated, the provision of your personal data is not required or obligatory. The personal data that we collect about you broadly falls into the categories set out below. Some of this information you provide voluntarily when you interact with ChartMogul services, websites, and/or application. Other types of information may be collected automatically from your device, such as Device and Service Data. From time to time, we may also receive personal data about you from third party service providers (as further described below).

Category of personal data What this can include Third Party Service Providers that may process this data (see more detailed information in section below entitled Third Party Service Providers)
Contact Data Name, email address, mailing address, telephone number, department, role, company name AngelList, Avoma, AWS, Calendly, Custify, Disqus, Eventbrite, Formspree, Google Workspace, HelloSign, Intercom, LinkedIn, Lusha, Mailchimp, Notion, Pipedream, Recruitee, Recurly, Rocketreach, Twilio, SendGrid, SimplyBook.me, Slack, Snowflake, Stripe, Trello, Typeform, Whereby, Zapier, Zendesk, Zoom
Account Data Name, email address, company name, unique identifier (such as customer ID), mailing address, department, role, and details about subscriptions and services you have purchased from ChartMogul, including subscription or plan name, sign up date AWS, Contractbook, Custify, Datadog, Google Workspace, HelloSign, Intercom, Notion, Pipedream, Recurly, Rollbar, Shortcut, Slack, Snowflake, Stripe, Trello, Typeform, Zapier, Zendesk
Professional Data Educational and professional history, certifications, interests and accomplishments, job and salary preferences, professional resumes and CVs, job applications, interviewing information, assessments, references, hiring results, and other optional data you send AngelList, Contractbook, Google Workspace, HelloSign, LinkedIn, Lusha, Notion, Recruitee, Slack
Financial Data Bank account and/or payment card details Recurly, Stripe
Billing Data Billing address and payment history Contractbook, Google Workspace, HelloSign, Recurly, Stripe
Communications Data If you correspond with us by email or otherwise, we may retain the content of such messages and our responses Avoma, AWS, Contractbook, Custify, Disqus, Google Workspace, HelloSign, Intercom, LinkedIn, Mailchimp, Notion, Pipedream, Recruitee, Shortcut, Slack, Snowflake, Trello, Whereby, Zapier, Zendesk, Zoom
Cookie Data Data from trackers like cookies, pixels, clear GIFs, and/or web widgets stored on your device, including cookie IDs and settings. For more details, see the section entitled Use of Cookies below. AWS, Disqus, Eventbrite, Meta, Formspree, Google AdSense, Google Analytics, Instagram, Intercom, LinkedIn, Pipedream, Recruitee, Twilio, SharpSpring Ads, Sitecheker, Snowflake, Twitter, Zapier, Zendesk
Device and Service Data Internet protocol (IP) address, geolocation data, unique identifier, login data, date and time of access, name of your Internet Service Provider, browser type and version, time zone setting, operating system and platform and other technology on the devices you use to access our websites or use our services AWS, Calendly, Cloudflare, Custify, Datadog, Meta, Instagram, Intercom, LinkedIn, Mailchimp, Recurly, Rollbar, Twilio, SharpSpring Ads, SimplyBook.me, Sitechecker, Snowflake, Stripe, Twitter, Zendesk
Activity Data Requested URI, date and time of request, amount of data transferred to you in response, whether the request was successfully processed or not, referring website from which you made the request, navigation paths between pages, query string, usage data, pages viewed, links clicked, and interaction and duration data AWS, Cloudflare, Custify, Datadog, Meta, Google AdSense, Google Analytics, Instagram, Intercom, LinkedIn, Pipedream, Rollbar, Twilio, SharpSpring Ads, Snowflake, Twitter, Zapier
Sensitive Data ChartMogul does not collect any sensitive data, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, data concerning sexual life or orientation, except with specific consent or as necessary for compliance purposes. N/A

Use of Cookies

In addition to the previously listed data, cookies will be saved on your computer when you use our website. Cookies are small pieces of textual data which are saved on your hard disk by your web browser, through which ChartMogul, who sets the cookie’s contents, can collect certain information about you. Cookies cannot execute any code, nor transfer any viruses to your computer. We use them in order to anonymously or pseudonymously analyse the use of the website and present relevant offers to you.

This website uses the following types of cookies, whose scope and functionality is detailed in the following paragraphs.

  • transient cookies (see paragraph 1)
  • persistent cookies (see paragraph 2)
  1. Transient cookies are automatically deleted when you close your browser. They are used particularly as session cookies. These save a so-called “session ID” which is used to link subsequent requests made by your browser to each other. Through this, your computer can be recognized when you return to our website. These session cookies are deleted, when you log out, or close your browser.

  2. Persistent cookies are only deleted after a predetermined duration, which can be different for each cookie. You can delete these persistent cookies anytime, though, in the “Settings” configuration of your browser. We advise you that, if you do so, not all functionality of this website will be available.

Previously set cookies can be deleted through the settings of your browser. You may also be able to prevent the placement of some cookies on your computer through the relevant settings of your internet browser. We advise you that preventing the placement of cookies on your computer can mean that not all functionality of our website is available without limitations. Moreover, due to a lack of industry standard for recognizing Do Not Track browser signals, it’s possible that third party service providers may continue to collect your personal data through cookies.

Click here to view our cookie declaration.

How We Use Your Personal Data

We may collect personal data about our customers users, subscribers, website visitors, and applicants in the following situations for the purposes listed (to the extent applicable):

ChartMogul Websites

When you visit our websites, our server temporarily saves details of your access in its logs. These logs contain the following personal data, which are kept until their automatic deletion:

  • Device and Service Data
  • Activity Data

The purpose of recording this personal data is to make it possible to serve the website to you (by establishing a TCP/IP connection), to secure our servers, and for the technical administration of our infrastructure as well as the optimisation of our services. Only in the case of unauthorised access or attacks on our infrastructure will your IP address be analysed. No further information is required from you to access our website, though Cookie Data may be processed in accordance with your selections on our website. See the section below entitled Use of Cookies for more details.

Website Registration

To register on our website, you must enter your details in the “Sign Up” form. These details are processed solely for registration, and not passed to any third parties unless ChartMogul has a lawful basis to do so.

  • Contact Data
  • Your company’s MRR band (from a predefined list)

In accordance with your cookie selections, and to prevent any potential misuse, we may also process:

  • Cookie Data
  • Device and Service Data

During or after the registration, you are free to alter your personal data. It is also possible to completely cancel your registration, so that personal data is deleted.

ChartMogul Application

When you trial or subscribe to and use the ChartMogul application, you provide the following data, which is kept until you (1) request its deletion (which may render some services or functions unavailable), (2) unsubscribe and request deletion, or 3) unsubscribe and a set period of time elapses, in accordance with our data retention policy:

  • Contact Data
  • Account Data
  • Billing Data
  • Communications Data
  • Cookie Data
  • Device and Service Data
  • Activity Data

The purpose of processing this data is to provide, maintain, promote, and optimize services, communicate with you, process payments, monitor and analyze trends and usage, prevent misuse, personalize our websites and services, and for other purposes for which we obtain your consent.

Newsletter Subscriptions

When you subscribe to our newsletter, you provide the following data, which is kept until you unsubscribe from the newsletter:

  • Your email address

The purpose of processing this data is to send newsworthy updates to our subscribers. Please note that you will continue to receive legal notices and other important account information after you unsubscribe from our newsletter.

Marketing Communications

When you download gated content from us, or otherwise provide us with a means of contacting you, we may use it to communicate with you. For example, we may send you product updates, information about webinars and podcasts, promotional offers, industry news, or other communications about your use of the services. We may receive confirmation when you open a message from us, which helps us make our communications more interesting and improve our services. If you do not want to receive marketing communications from us, please indicate your preference by using the unsubscribe mechanism provided by the communication. Please note, however, that you will continue to receive legal notices and other important account information after you unsubscribe from our marketing list. When you request gated content from us, you provide the following data, which is kept until you unsubscribe:

  • Your email address

The purpose of processing this data is to send marketing updates, promotional offers, and other communications, as well as to improve our services.

Job Applications and Employment

It is possible to apply for jobs at ChartMogul through our online application system hosted by Recruitee (see details below). When you do so, we will process the personal data you send us, and save it to continue the application process.

If the application leads to an employment relationship, the supplied personal data will be retained, according to the requirements of relevant law. Should the application not lead to an offer of employment, the personal data of the applicant will be deleted in accordance with our data retention policy, except when required to comply with §22 of the Allgemeines Gleichbehandlungsgesetz or other applicable law.

The following personal data may be processed to advertise open positions, recruit and communicate with candidates, source and select applicants for open positions, and communicate offers:

  • Contact Data
  • Professional Data
  • Communications Data

Securing your Data

To secure your data, we have put in place technical, organizational, and personnel procedural measures to safeguard personal data against loss, theft, and unauthorised access, uses, or modifications. These measures meet the requirements of the GDPR, and we require any third party service providers we use to do the same. Security and testing are performed on systems containing personal data to verify and control effectiveness. Security of these systems is monitored continuously.

Your data is only ever saved on secure servers, which may only be accessed by a few authorized personnel. When you use a form on our website to transmit data to us, this transmission is only performed over an encrypted TLS connection.

Deletion of Personal Data

Unless you specifically ask us to delete your personal data, ChartMogul keeps and processes personal data for as long as it is necessary to comply with our data retention requirements, provide you with services, and successfully run our business. However, even if you request a deletion, we may be required to retain your data for as long as necessary to:

  1. comply with our legal or regulatory compliance needs (e.g. maintaining records of transactions you have made with us);

  2. to exercise, establish or defend legal claims; and/or

  3. to protect against fraudulent or abusive activity on our service.

When the purpose of the processing has been fulfilled, your personal data will be deleted in accordance with our data retention policy, unless we are required to retain it. There may be occasions where we are unable to fully delete, anonymize, or de-identify your information due to technical, legal, regulatory compliance, or other operational reasons. Where this is the case, we will take reasonable measures to securely isolate your personal data from any further processing until such time as we are able to delete, anonymize, or de-identify it.

Your Rights

You have the following rights concerning your personal data:

  • The right to access your personal data
  • The right to correct or delete your personal data
  • The right to restrict processing of your personal data
  • The right to object to the processing of your personal data
  • The right to data portability
  • The right to confirm whether your personal data is being processed or not
  • The right to withdraw consent at any time where processing is based on consent
  • The right to information on the existence of automated decision-making, if any, as well as meaningful information about the logic involved, its significance, and its envisaged consequences
  • The right to lodge a complaint with a supervisory authority

If you have given your consent to the processing of your personal data, you can freely withdraw this consent at any time. This will only affect the processing of your personal data after you have withdrawn consent.

Please note that even if you request your personal information to be deleted, certain data may be retained for us to meet our legal or regulatory compliance, exercise, establish, or defend against legal claims, and protect against fraudulent or abusive activity. Personal data retained for these purposes will be handled as described in the section above, entitled Deletion of Personal Data.

Should we continue to process your personal data because we assess our legitimate interests to do so outweigh your legitimate interests (per Article 6, paragraph 1(f) of the GDPR) you may object to this processing. This is only applicable in the case where the processing of personal data is not required for us to fulfill a contract with you. To exercise such an objection, we request that you detail the grounds based on which we should no longer process your personal data. We will check the details of your circumstances based on the grounds you provide, and either stop processing your personal data, or detail to you the legal basis on which we continue to process your personal data.

How you can exercise your rights

Should you wish to exercise any of these rights, you will need to provide proof of identification that you are the person to whom the personal data relates. When you exercise your right to access, the information you will receive includes the personal data we have related to you, the source of that personal data, the recipients or types of recipients to whom the data was transferred, how long the personal data will be stored, and the purposes for data processing. To exercise any of these rights, please contact our data protection officer named in the beginning of this document either by email: privacy@chartmogul.com, or by post: ePrivacy GmbH, Große Bleichen 21, 20354 Hamburg, Germany

California Residents

If you are a consumer located in California, we process your personal data in accordance with the California Consumer Privacy Act (CCPA). Any references to personal data in this policy will also mean “personal information” as that term is defined in the CCPA.

How We Collect, Use, and Disclose your Personal Information

The section above entitled What Personal Data We Collect describes the personal data we may have collected about you, including the categories of sources of that information. We collect this information for the purposes described in the section above entitled How We Use Your Personal Data. We share this information as described in the section above entitled Third Party Service Providers. ChartMogul uses cookies, including advertising cookies, as described in the section above, entitled Use of Cookies.

Your CCPA Rights and How to Exercise Them

As a California consumer and subject to certain limitations under the CCPA, you have rights regarding your privacy, and corresponding choices regarding our use and disclosure of your personal information. Below you will find details about your rights and how to exercise them.

  • Right to know: You may request the following information about the personal information we have collected about you:
    • the categories of personal information we have collected
    • the categories of sources from which we collected the personal information
    • the business or commercial purpose for collecting the personal information
    • the categories of third parties with whom we shared the personal information
    • the categories of personal information that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose
  • Right to delete: You may request that we delete the personal information we have collected about you, subject to certain limitations under applicable law.

  • Right to opt-out: You may request to opt out of any “sale” of your personal information that may take place. We do not sell your personal information in the conventional sense. However, like many companies, we use advertising services that tailor online ads to your interests based on information collected via cookies and similar technologies about your activity on our websites and other online services. The definition of “sale” under the CCPA is broad and may include use of retargeting and interest-based advertising services. You can read more information about cookies and your ability to opt-out in the section above entitled Use of Cookies.

  • Right to non-discrimination: The CCPA provides that you may not be discriminated against for exercising these rights.

To submit a request to exercise any of the rights described above, contact privacy@chartmogul.com

When exercising your rights, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file. Authentication based on a government-issued and valid identification document may be required.

How We Share Your Data

ChartMogul may process your personal data in the European Economic Area and in any other country where our subsidiaries or service providers operate facilities in accordance with and as permitted by applicable laws and regulations. Some of these countries may have data protection laws that are different from the laws of your country (and, in some cases, may not be as protective).

When we process personal data outside of the European Economic Area, we take appropriate safeguards to require that it remains protected in accordance with this policy and applicable law. We may use contracts, the Standard Contractual Clauses approved by the European Commission, or other contractual regulations provided for by law, which are intended to ensure adequate protection of your data and which you can review on request.

Partners

You may be provided with offers, products, and services from third party companies who, for example, integrate with our Services. If you choose to export your data to a third party, interact with or apply for services or offerings from a third party, or otherwise link or sync your ChartMogul account to a third party’s product or service, you consent and instruct ChartMogul to share your information, including personal information, to the third party providing the service or offering. Remember that any information you provide to a third party, whether through us or on your own, will be subject to their privacy policies and terms and conditions.

Third Party Service Providers

In order to operate and perform functions such as hosting our application, storing and analyzing data, processing payments, communicating with you, and providing and optimizing our services, we use third party service providers. Some of these third party service providers are located outside the European Economic Area. We shall disclose your information to third parties only when you have authorised us to do so, it is necessary as part of business practices, or when there is a legal or statutory obligation to do so. Whenever we disclose information to third parties, we will only disclose that amount of personal information necessary to meet such business need or legal requirement.

We only engage third party service providers after a comprehensive review which carefully considers each third party service provider’s competence, as well as their technical and organizational data protection measures. The results of this review are recorded in writing. To protect your personal data, we also sign data processing agreements, complete with standard contractual clauses, as applicable, that comply with Article 28 of the GDPR with third party service providers. Here are the details of our main third party service providers and the data they collect or that we share with them:

Infrastructure

Amazon Web Services

ChartMogul uses Amazon Web Services (AWS) to host its infrastructure. All persistent data (such as databases, file storage, and temporary data), as well as compute power (such as web servers and processing machines), run on AWS EU Ireland Region (eu-west-1).

The responsible entity is: Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109, United States

Data processed:

  • Contact Data
  • Account Data
  • Communications Data
  • Cookie Data
  • Device and Service Data
  • Activity Data

The legal basis is our contractual obligation to provide services to you, Art. 6 1(b) of the GDPR. You can find further information about AWS’ data processing and data protection at: https://d1.awsstatic.com/legal/aws-gdpr/AWS_GDPR_DPA.pdf

Web Performance and Security

Cloudflare

ChartMogul uses Cloudflare to manage traffic and secure its websites and services.

The responsible entity is: Cloudflare, Inc., 101 Townsend Street, San Francisco, CA 94107, United States

Data processed:

  • Device and Service Data
  • Activity Data

The legal basis is our legitimate interest in fraud prevention and information security, Art. 6 1(f) of the GDPR. You can find further information about Cloudflare’s data processing and data protection at: https://www.cloudflare.com/en-gb/privacypolicy/ and https://www.cloudflare.com/en-gb/cloudflare-customer-dpa/

Datadog

ChartMogul uses Datadog to aggregate logs for debugging, and to monitor traffic and interactions with our websites and application to identify security risks.

The responsible entity is: Datadog, Inc., 620 8th Avenue, Floor 45, New York, NY 10018, United States

Data processed:

  • Account Data
  • Device and Service Data
  • Activity Data

The legal basis is our legitimate interest in fraud prevention and information security, Art. 6 1(f) of the GDPR. We have concluded an agreement, with Standard Contractual Clauses, with Datadog with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Datadog’s data processing and data protection at: https://www.datadoghq.com/legal/privacy/

Rollbar

ChartMogul uses Rollbar to discover, predict, and resolve errors.

The responsible entity is: Rollbar, Inc., 51 Federal Street, Suite 401, San Francisco, CA 94107, United States

Data processed:

  • Account Data
  • Device and Service Data
  • Activity Data

The legal basis is our legitimate interest in this information for error resolution purposes, Art. 6 1(f) of the GDPR. We have concluded an agreement, with Standard Contractual Clauses, with Rollbar with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Rollbar’s data processing and data protection at: https://docs.rollbar.com/docs/privacy-policy and https://docs.rollbar.com/docs/data-processing-agreement

Snowflake

ChartMogul uses Snowflake as a data warehouse solution and data analysis engine to improve the performance of our subscription analytics platform.

The responsible entity is: Snowflake Computing Netherlands B.V., FOZ Building, Gustav Mahlerlaan 300-314, 1082 ME Amsterdam, Netherlands

Data processed:

  • Contact Data
  • Account Data
  • Communications Data
  • Cookie Data
  • Device and Service Data
  • Activity Data

The legal basis is our legitimate interest in this information for data warehousing and analytics purposes, Art. 6 1(f) of the GDPR. We have concluded an agreement, with Standard Contractual Clauses, with Snowflake with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Snowflake’s data processing and data protection at: https://www.snowflake.com/legal/ and https://www.snowflake.com/privacy-policy/

Communications

Avoma

ChartMogul uses Avoma to record sales and training calls in order to prepare, collaborate, and improve the sales experience, customer support, and services. Calls are only recorded with consent, so if you do not want your call recorded, you may indicate such.

The responsible entity is: Avoma, Inc. 49034 Wedge Grass Terrace, Fremont, CA 94539, United States

Data processed:

  • Contact Data
  • Communications Data
  • Video and voice recording
  • Other optional information, depending on context

The legal basis is your consent, which may be freely withheld, Art. 6 1(a) of the GDPR. We have concluded an agreement with Standard Contractual Clauses with Avoma with regard to the processing of your data in accordance with Art. 28 GDPR. You may find further information about Avoma’s data processing and data protection here: https://www.avoma.com/privacy-policy

Calendly

ChartMogul uses Calendly to allow customers to schedule calls with our Sales and Customer Success teams.

The responsible entity is: Calendly, LLC, BB&T Tower, 271 17th St NW, Atlanta, GA 30363, United States

Data processed:

  • Contact Data
  • Device and Service Data
  • Optional information

The analyses of your actions to schedule calls through Calendly are transferred to us in the form of reports. Calendly may give any of your information to further parties where legally required to do so, or as contracted by Calendly.

The legal basis is our legitimate interest in effective communication, Art. 6 1(f) of the GDPR. We have concluded an agreement with Calendly with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Calendly’s data processing and data protection at: https://calendly.com/privacy

Contractbook

ChartMogul uses Contractbook to store and manage contracts.

The responsible entity is: Contractbook ApS, 22, st. Masnedøgade, Copenhagen Ø, 2100, Denmark

Data processed:

  • Contact Data
  • Account Data
  • Billing Data
  • Professional Data
  • Communications Data
  • Other information depending on context

The legal basis is our legitimate interest in file management, Art. 6 1(f) of the GDPR. We have concluded an agreement with Contractbook with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Contractbook’s data processing and data protection at: https://contractbook.com/privacy-policy

Disqus

Disqus provides the infrastructure for comments in ChartMogul’s blog. The blog comment hosting services are made possible through the use of JavaScript, cookies, and clear gifs.

The responsible entity is: Disqus, Inc., 717 Market Street, Suite 700, San Francisco, CA 94103, United States

Data processed:

  • Contact Data
  • Communications Data
  • Cookie Data
  • Other optional information, including content of comment

The analyses of your actions on our website are transferred to us in the form of reports. Disqus may give this information to further parties where legally required to do so, or as contracted by Disqus. Disqus also uses this information to provide targeted advertising to users.

Users that have a Disqus account can update the privacy settings in their account to opt out of targeted advertising. Users that do not have a Disqus account can opt out of targeted advertising by visiting https://disqus.com/data-sharing-settings/

The legal basis is our legitimate interest in facilitating interaction with our blogs, Art. 6 1(f) of the GDPR. We have concluded an agreement with Disqus with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Disqus’ data processing and data protection at: https://help.disqus.com/terms-and-policies/disqus-privacy-policy

Eventbrite

ChartMogul uses Eventbrite to manage registrations to events hosted or sponsored by ChartMogul. The option to subscribe to events is made possible through the use of cookies and JavaScript widgets.

The responsible entity is: Eventbrite, Inc. 155 5th Street, Floor 7, San Francisco, CA 94103, United States

Data processed:

  • Contact Data
  • Cookie Data

The analyses of your actions on our website are transferred to us in the form of reports. Eventbrite may give this information to further parties where legally required to do so, or as contracted by Eventbrite.

The legal basis is our legitimate interest in event management, Art. 6 1(f) of the GDPR. We have concluded an agreement with Eventbrite with regard to the processing of your data in accordance with Art. 28 GDPR. You may find further information about Eventbrite’s data processing and data protection here: https://www.eventbrite.com/support/articles/en_US/Troubleshooting/eventbrite-privacy-policy?lg=en_US

Formspree

ChartMogul uses FormSpree to allow you to book demonstrations with our Sales team. The ability to submit an online form is made possible using JavaScript and cookies.

The responsible entity is: Formspree, Inc., 309 East 21st Street, Room 3331, Austin, TX 78705, United States

Data processed:

  • Contact Data
  • Cookie Data
  • Optional information

The legal basis is our legitimate interest in effective communication, Art. 6 1(f) of the GDPR. We have concluded an agreement with Formspree with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Formspree’s data processing and data protection at: https://formspree.io/legal/privacy-policy

Google Workspace

ChartMogul uses Google Workspace, including its applications for email (Gmail), calendar (Google Calendar), cloud storage (Google Drive), word processing (Google Docs), and spreadsheets (Google Sheets).

The responsible entity is: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Data processed:

  • Contact Data
  • Account Data
  • Billing Data
  • Professional Data
  • Communications Data

The legal basis is our legitimate interest in communications and file management, Art. 6 1(f) of the GDPR. We have concluded an agreement with Google with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Google’s data processing and data protection at: https://policies.google.com/

HelloSign

ChartMogul uses HelloSign to facilitate electronic signing of documents.

The responsible entity is: JN Projects, Inc., d/b/a HelloSign, 1800 Owens Street, San Francisco, CA 94158, United States

Data processed:

  • Contact Data
  • Account Data
  • Billing Data
  • Professional Data
  • Communications Data
  • Other information depending on context

The legal basis is our legitimate interest in file management, Art. 6 1(f) of the GDPR. We have concluded an agreement with HelloSign with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about HelloSign’s data processing and data protection at: https://www.hellosign.com/privacy

SendGrid

ChartMogul uses SendGrid to send transactional emails (not marketing email) from the ChartMogul product to our customers. Customers can manage under what conditions they receive some of these emails in their account settings.

The responsible entity is: SendGrid, 1801 California Street, Suite 500 Denver, Colorado 80202, USA

Data processed:

  • Contact Data

The legal basis is our legitimate interest in effective communication, Art. 6 1(f) of the GDPR. We have concluded an agreement, with Standard Contractual Clauses, with Slack with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about SendGrid’s data processing and data protection here: https://api.sendgrid.com/privacy.html

Slack

ChartMogul uses Slack as a chat tool to discuss such matters as operations, projects, support needs, and feature requests.

The responsible entity is: Slack Technologies Limited, 4th Floor, One Park Place, Hatch Street Upper, Dublin 2, Ireland

Data processed:

  • Contact Data
  • Account Data
  • Professional Data
  • Communications Data

The legal basis is our legitimate interest in effective communication, Art. 6 1(f) of the GDPR. We have concluded an agreement, with Standard Contractual Clauses, with Slack with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about Slack’s data processing and data protection at: https://slack.com/trust/privacy/privacy-policy

Typeform

ChartMogul uses Typeform to collect customer feedback in NPS surveys.

The responsible entity is: TYPEFORM S.L., Carrer Bac de Roda, 163, 08018 Barcelona, Spain

Data processed:

  • Contact Data
  • Account Data
  • Optional information, including comments

The user’s responses to the survey, including service rating and comments, are submitted to Typeform’s servers and saved there when a user submits the survey. Typeform may give this information to further parties where legally required to do so, or as contracted by Typeform.

The legal basis is our legitimate interest in customer feedback, Art. 6 1(f) of the GDPR. We have concluded an agreement with Typeform with regard to the processing of your data in accordance with Art. 28 GDPR. You You may find further information about Typeform’s data processing and data protection here: https://admin.typeform.com/to/dwk6gt

Whereby

ChartMogul uses Whereby for video conferencing.

The responsible entity is: Whereby AS, Gate no. 107, 6700 Måløy, Norway

Data processed:

  • Contact Data
  • Communications Data
  • Video and voice recording
  • Other optional information, depending on context

The legal basis is our legitimate interest in effective communication, Art. 6 1(f) of the GDPR. We have concluded an agreement with Whereby with regard to the processing of your data in accordance with Art. 28 GDPR. You You may find further information about Whereby’s data processing and data protection here: https://whereby.com/information/tos/privacy-policy/

Zoom

ChartMogul uses Zoom for video conferencing.

The responsible entity is: Zoom Video Communications, Inc., 55 Almaden Boulevard, Suite 600, San Jose, CA 95113, United States

The designated EU representative is: Lionheart Squared Ltd, 2 Pembroke House, Upper Pembroke Street 28-32, Dublin, DO2 EK84, Ireland

The designated UK representative is: Lionheart Squared Limited, 17 Glasshouse Studios, Fryern Court Road, Fordingbridge, Hampshire, SP6 1QX, United Kingdom

Data processed:

  • Contact Data
  • Communications Data
  • Video and voice recording
  • Other optional information, depending on context

The legal basis is our legitimate interest in effective communication, Art. 6 1(f) of the GDPR. We have concluded an agreement with Zoom with regard to the processing of your data in accordance with Art. 28 GDPR. You You may find further information about Zoom’s data processing and data protection here: https://explore.zoom.us/en/privacy/

Payments

Recurly

ChartMogul uses Recurly to process payments from some of our customers and provide billing information to these customers.

The responsible entity is: Recurly Inc., 400 Alabama St, Suite 202, San Francisco, CA 94110, United States

The designated EU representative is: DP-Dock GmbH, Attn: Recurly Inc., Ballindamm 39, 20095 Hamburg, Germany

The designated UK representative is: DP Data Protection Services UK Ltd., Attn: Recurly Inc., 16 Great Queen Street, Covent Garden, London, WC2B 5AH, United Kingdom

Data processed:

  • Contact Data
  • Account Data
  • Financial Data
  • Billing Data
  • Device and Service Data

If you wish to avoid sending your data to Recurly, you can do so by not signing up for a paid ChartMogul plan. If you do so however, your ability to use ChartMogul’s services could be severely reduced.

The legal basis is performance of our contract to provide you services, Art. 6 1(b) of the GDPR. We have concluded an agreement with Recurly with regard to the processing of your data in accordance with Art. 28 GDPR. You You may find further information about Recurly’s data processing and data protection here: https://recurly.com/legal/privacy

Stripe

ChartMogul uses Stripe to process payments from some of our existing customers and provide billing information to these customers.

The responsible entity is: Stripe, Inc, 354 Oyster Point Boulevard, South San Francisco, CA 94080, United States

Data processed:

  • Contact Data
  • Account Data
  • Financial Data
  • Billing Data
  • Device and Service Data

If you wish to avoid sending your data to Stripe, you can do so by not signing up for a paid ChartMogul plan. If you do so however, your ability to use ChartMogul’s services could be severely reduced.

The legal basis is performance of our contract to provide you services, Art. 6 1(b) of the GDPR. We have concluded an agreement with Stripe with regard to the processing of your data in accordance with Art. 28 GDPR. You You may find further information about Stripe’s data processing and data protection here: https://stripe.com/en-gb-de/privacy

Project Management

Shortcut

ChartMogul uses Shortcut to create tickets and epics in order to process and collaborate on UI development projects and product updates.

The responsible entity is: Shortcut Software, Inc., 45 W 27th Street, 3rd Floor, New York, NY 10001, United States

The designated EU representative is: ePrivacy GmbH, Große Bleichen 21, 20354 Hamburg, Germany

Data processed:

  • Account Data
  • Communications Data

The legal basis is our legitimate interest in project management, Art. 6 1(f) of the GDPR. We have concluded an agreement with Shortcut with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about Shortcut’s data processing and data protection at: https://shortcut.com/privacy

Notion

ChartMogul uses Notion as an internal note-taking and project management tool.

The responsible entity is: Notion Labs, Inc., 548 Market Street #74567, San Francisco, CA 94104, United States

Data processed:

  • Contact Data
  • Account Data
  • Professional Data
  • Communications Data

The legal basis is our legitimate interest in project management, Art. 6 1(f) of the GDPR. We have concluded an agreement with Notion with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about Notion’s data processing and data protection at: https://www.notion.so/Terms-and-Privacy-28ffdd083dc3473e9c2da6ec011b58ac

Trello

ChartMogul uses Trello to create tickets and tasks to process and track UI development and product updates and requests.

The responsible entity is: Atlassian Pty Ltd, ℅ Atlassian, Inc., 350 Bush Street, Floor 13, San Francisco, CA 94194, United States

The designated EU representative is: Atlassian B.V., ℅ Atlassian, Inc., 350 Bush Street, Floor 13, San Francisco, CA 94104, United States

Data processed:

  • Contact Data
  • Account Data
  • Communications Data

The legal basis is our legitimate interest in task management, Art. 6 1(f) of the GDPR. We have concluded an agreement with Trello with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about Trello’s data processing and data protection at: https://www.atlassian.com/legal/privacy-policy

Customer Support and Management

Brightback

ChartMogul uses Brightback to allow certain users to self-service cancel their subscriptions.

The responsible entity is: Brightback, Inc., 548 Market Street, #69224, San Francisco, CA 94104, United States

Data processed:

  • Account Data

The legal basis is our legitimate interest in providing options to manage subscriptions, Art. 6 1(f) of the GDPR. We have concluded an agreement, with Standard Contractual Clauses, with Brightback with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about Brightbacks data processing and data protection at: https://brightback.com/legal/dpa/

Custify

ChartMogul uses Custify to manage its customer relationships and improve customer satisfaction.

The responsible entity is: CUSTIFY S.R.L, Bulevardul Alexandru Ioan Cuza, Nr. 99, 3rd Floor, Ap. 25, District 1, 012312 Bucharest, Romania

Data processed:

  • Contact Data
  • Account Data
  • Communications Data
  • Device and Service Data
  • Activity Data

Some of your actions in the ChartMogul application are recorded and analyzed in Custify and transferred to ChartMogul in the form of reports. Custify may give any of your information to further parties where legally required to do so, or as contracted by Custify.

The legal basis is our legitimate interest in customer relationship management, Art. 6 1(f) of the GDPR. We have concluded an agreement with Custify with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about Custify’s data processing and data protection at: https://www.custify.com/privacy

Intercom

ChartMogul uses Intercom to notify users of new features in our application, websites, and/or services. We also use Intercom to advertise events hosted or sponsored by ChartMogul and to manage information about our customers and leads. The option to subscribe to notifications about new features, events, and other news about ChartMogul is made possible using JavaScript and cookies.

The responsible entity is: Intercom R&D Unlimited Company, 2nd Floor, Stephen Court, 18-21 St. Stephen’s Green, Dublin 2, Ireland

Data processed:

  • Contact Data
  • Account Data
  • Communications Data
  • Cookie Data
  • Other information, including Device and Service Data, is submitted to Intercom when a user loads resources embedded in, or a link contained in, an email sent through Intercom
  • Activity Data

The analyses of your actions on our website and the notifications sent through Intercom are transferred to us in the form of reports. Intercom may give any of your information to further parties where legally required to do so, or as contracted by Intercom.

The legal basis is our legitimate interest in effective communication, Art. 6 1(f) of the GDPR. We have concluded an agreement, with Standard Contractual Clauses, with Intercom with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about Intercom’s data processing and data protection at: https://www.intercom.com/legal/privacy

Twilio

ChartMogul uses Twilio, a Customer Data Platform, to track information from our websites and application, consolidate customer data, and integrate that data with other services.

The responsible entity is: Twilio Ireland Limited, 25-28 North Wall Quay, Dublin 1, Ireland

Data processed:

  • Contact Data
  • Account Data
  • Device and Service Data
  • Cookie Data

The legal basis is our legitimate interest in analytics and advertising Art. 6 1(f) of the GDPR. We have concluded an agreement with Twilio with regard to the processing of your data in accordance with Art. 28 GDPR. You You may find further information about Twilio’s data processing and data protection here: https://www.twilio.com/legal/data-protection-addendum and https://www.twilio.com/legal/privacy

SimplyBook.me

ChartMogul uses SimplyBook.me to allow customers to schedule calls with our Customer Success team.

The responsible entity is: SimplyBook.me Ltd, 21 Karaiskaki Street, Oasis Center, Office 23, 3032 Limassol, Cyprus

Data processed:

  • Contact Data
  • Other information, Device and Service Data, is submitted to SimplyBook.me when a user loads the form or a confirmation email sent by SimplyBook.me.

The analyses of your action to schedule a call through SimplyBook.me is transferred to us in the form of reports. SimplyBook.me may give any of your information to further parties where legally required to do so, or as contracted by SimplyBook.me.

The legal basis is our legitimate interest in effective communication, Art. 6 1(f) of the GDPR. We have concluded an agreement with SimplyBook.me with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about SimplyBook.me’s data processing and data protection at: https://simplybook.me/en/policy and https://simplybook.me/en/legal/dpa

Zendesk

ChartMogul uses Zendesk for customer service and relationship management purposes. Zendesk enables us to a) provide support to our customers and users by offering help desk articles online and a means to contact ChartMogul (e.g. by emailing support@chartmogul.com or by submitting a ticket through the contact for on our website or the Zendesk Webwidget), and b) manage information about, and communicate with, our customers and leads. Access to help desk articles is provided using a dedicated website, a JavaScript widget embedded on ChartMogul’s website (Zendesk Webwidget), and the use of cookies.

The responsible entity is: Zendesk, Inc., 989 Market Street, San Francisco, CA 94103, United States

Data processed:

Help Desk Articles

  • Information obtained via cookies and / or the JavaScript widget

Contacting ChartMogul

  • Contact Data
  • Communications Data
  • Other content that the user chooses to submit

Sales management of customers and leads

  • Contact Data
  • Account Data
  • Communications Data
  • Device and Service Data is submitted to Zendesk when a user loads resources embedded in, or a link contained in, an email sent through Zendesk

The analyses of your actions with the messages sent through Zendesk are transferred to us in the form of reports. The content and metadata of your messages sent to our Customer Success or Sales teams are submitted by Zendesk to ChartMogul. Zendesk may give any of your information to further parties where legally required to do so, or as contracted by Zendesk.

The legal basis is our legitimate interest in customer relationship management, Art. 6 1(f) of the GDPR. We have concluded an agreement, with Standard Contractual Clauses, with Zendesk with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about Zendesk’s data processing and data protection at: https://www.zendesk.com/company/customers-partners/privacy-policy/

Marketing

Facebook

ChartMogul has integrated Facebook into its website and uses it to advertise and track activities for analytics and marketing purposes.

The responsible entity is: Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States.

When a data subject lives outside the United States or Canada, and Meta undertakes data processing, the responsible entity is: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Data processed:

  • Cookie Data
  • Device and Service Data
  • Activity Data

When a user clicks the Facebook button, Facebook’s website will be contacted, and user acquisition data will be transferred from ChartMogul to Facebook. Facebook will thereby receive information that the user has visited ChartMogul’s website. Details of the Facebook-supplied plugins can be accessed at: https://developers.facebook.com/docs/plugins

If you are logged into a Facebook account (even if it is not your own account) at the same time you access our website, Facebook will additionally receive a notification that you visited ChartMogul’s website. Facebook collects this information, so the theoretical possibility exists that it could associate it with the Facebook account. The same also applies to the “Like” button, or to the usage of Facebook comment forms; Facebook could associate this information with the logged-in Facebook account. To prevent this, you can log out of any Facebook accounts prior to visiting the ChartMogul website. To do this, you must visit the Facebook website.

The legal basis is our legitimate interest in analytics and advertising, Art. 6 1(f) of the GDPR. We have concluded an agreement with Facebook with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Facebook’s data processing and data protection at: https://www.facebook.com/legal/EU_data_transfer_addendum/update and https://facebook.com/about/privacy

Instagram

ChartMogul uses Instagram to advertise and track activities for analytics and marketing purposes.

The responsible entity is: Meta Platforms, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States.

When a data subject lives outside the United States or Canada, and Instagram undertakes data processing, the responsible entity is: Meta Platforms Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland

Data processed:

  • Cookie Data
  • Device and Service Data
  • Activity Data

If you are logged into an Instagram account (even if it is not your own account) at the same time you access our website, Instagram will additionally receive a notification that you visited ChartMogul’s website. Instagram collects this information, so the theoretical possibility exists that it could associate it with the Instagram account. The same also applies to the “Like” button, or to the usage of Instagram comment forms; Instagram could associate this information with the logged-in Instagram account. To prevent this, you can log out of any Instagram accounts prior to visiting the ChartMogul website. To do this, you must visit the Instagram website.

The legal basis is our legitimate interest in analytics and advertising, Art. 6 1(f) of the GDPR. We have concluded an agreement with Instagram with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Instagram’s data processing and data protection at: https://www.facebook.com/legal/EU_data_transfer_addendum/update and https://facebook.com/about/privacy

LinkedIn

ChartMogul uses LinkedIn to source candidates for open positions. ChartMogul also uses LinkedIn on our website to advertise and track activities for analytics and marketing purposes.

The responsible entity is: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Data processed:

  • Contact Data
  • Professional Data
  • Communications Data
  • Cookie Data
  • Device and Service Data
  • Activity Data

If you are logged into a LinkedIn account (even if it is not your own account) at the same time that you access the ChartMogul website, LinkedIn will additionally receive a notification that you visited our website. LinkedIn collects this information, so the theoretical possibility exists that it could associate it with the LinkedIn account. To prevent this, you can log out of any LinkedIn accounts prior to visiting our website. To do this, you must visit the LinkedIn website.

LinkedIn processes data to provide analytics services that allow ChartMogul to understand how individuals interact with our pages and content. We are jointly responsible with the LinkedIn for the processing of information about visitors to our page. The legal basis is our legitimate interest in analytics and advertising, Art. 6 1(f) of the GDPR. We have concluded an agreement with LinkedIn with regard to the processing of your data in accordance with Art. 26 GDPR. In particular, the agreement also regulates which security measures LinkedIn must observe and provides that LinkedIn must comply with the rights of data subjects. You can find further information about LinkedIn’s data processing and data protection at: https://www.linkedin.com/legal/privacy-policy and https://legal.linkedin.com/pages-joint-controller-addendum

Mailchimp

ChartMogul uses Mailchimp to send newsletters to subscribers. This is a service provided by Intuit, Inc.

The responsible entity is: The Rocket Science Group LLC d/b/a Mailchimp, 675 Ponce de Leon Avenue Northeast, Suite 5000, Atlanta, Georgia 30308, United States

For EEA residents, the representative is: Bird & Bird GDPR Representative Services Ireland, Deloitte House, 29 Earlsfort Terrace, Dublin 2, D02 AY28, Ireland

For UK residents, the representative is: Bird & Bird GDPR Representative Services UK, 12 New Fetter Lane, London, EC4A 1JP, United Kingdom

Data processed:

  • Contact Data
  • Communications Data
  • Cookie Data
  • Other information, including Device and Service Data, is submitted to Mailchimp when a user loads resources embedded in, or a link contained in an email sent through Mailchimp

Newsletters contain single pixel gifs, also known as web beacons. These are tiny graphic files that contain unique identifiers that enable us to recognize when subscribers have opened an email or clicked certain links. The analyses of your actions with the messages sent through Mailchimp are transferred to us in the form of reports. Mailchimp may give any of your information to further parties where legally required to do so, or as contracted by Mailchimp.

The legal basis is your consent to subscribe to and receive our newsletter, Art. 6 1(a) of the GDPR. You may withdraw this consent at any time. We have concluded an agreement with Mailchimp with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Mailchimp’s data processing and data protection at: https://www.intuit.com/privacy/statement/ and https://mailchimp.com/legal/data-processing-addendum/

SharpSpring Ads

ChartMogul uses SharpSpring Ads to advertise to previous visitors of our website and allows us to track the effectiveness of these ads. The analysis of your use of our website and retargeting with ads is made possible using cookies and clear gifs.

The responsible entity is: SharpSpring Reach, Inc., 5001 Celebration Pointe Avenue, Suite 410, Gainesville, FL 32608, United States

Data processed:

  • Cookie Data
  • Device and Service Data
  • Activity Data

The analyses of your actions on our website are transferred to us in the form of reports. SharpSpring Ads may give this information to further parties where legally required to do so, or as contracted by SharpSpring Ads.

You can stop the placement of SharpSpring Ads cookies on your computer through the settings of your web browser. If you do so, we cannot guarantee that all the functions of our website will be fully available to you.

You may also opt-out of targeted advertising through SharpSpring Ads by visiting SharpSpring Ads’ Privacy Policy referenced below and following the instructions outlined there.

The legal basis is our legitimate interest in advertising, Art. 6 1(f) of the GDPR. We have concluded an agreement with SharpSpring Ads with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about SharpSpring Ads’ data processing and data protection at: https://sharpspring.com/ads/dpa/ and https://sharpspring.com/ads/privacy/

Sitechecker

ChartMogul uses Sitechecker to review and improve the SEO of our websites.

The responsible entity is: Boosta Inc. OÜ Peterburi tee 47, Tallinn city, Harju county, 11415, Estonia

Data processed:

  • Cookie Data
  • Device and Service Data

The legal basis is our legitimate interest in analytics, Art. 6 1(f) of the GDPR. We have therefore concluded an agreement with Sitechecker with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Sitechecker’s data processing and data protection at: https://sitechecker.pro/privacy-policy/

Twitter

ChartMogul uses Twitter to track activities for analytics and marketing purposes.

The responsible entity is: Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, United States

For EEA and UK residents, the representative is: Twitter International COmpany, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland

Data processed:

  • Cookie Data
  • Device and Service Data
  • Activity Data

When a user clicks the Twitter button, Twitter will be contacted, and user acquisition data will be transferred from ChartMogul to Twitter. Twitter will thereby receive information that the user has visited ChartMogul’s website.

If you are logged into a Twitter account (even if it is not your own account) at the same time you access our website, Twitter will additionally receive a notification that you visited ChartMogul’s website. Twitter collects this information, so the theoretical possibility exists that it could associate it with the Twitter account. To prevent this, you can log out of any Twitter accounts prior to visiting the ChartMogul website. To do this, you must visit the Twitter website.

The legal basis is our legitimate interest in analytics and advertising, Art. 6 1(f) of the GDPR. We have concluded an agreement with Twitter with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Twitter’s data processing and data protection at: https://privacy.twitter.com/en/for-our-partners/global-dpa and https://twitter.com/en/privacy

Analytics

Google AdSense

ChartMogul uses Google AdSense, a service provided by Google Inc, to advertise to previous visitors of our website and to track the effectiveness of these ads. The display of ads and measurement of their effectiveness is made possible through the use of cookies and clear gifs.

The responsible entity is: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States

Data processed:

  • Cookie Data
  • Activity Data

The analyses of your actions on our website are transferred to us in the form of reports. Google may give this information to further parties where legally required to do so, or as contracted by Google.

You may opt-out of targeted advertising through Google AdSense by visiting: https://www.google.com/ads/preferences/

The legal basis is our legitimate interest in analytics and advertising, Art. 6 1(f) of the GDPR. We have concluded an agreement with Google AdSense with regard to the processing of your data in accordance with Art. 28 GDPR. You You can find further information about Google’s data processing and data protection at: https://policies.google.com/

Google Analytics

ChartMogul uses Google Analytics, a service provided by Google Inc, to analyze website access and improve our website. The analysis of your use of our website is made possible through the use of cookies. The Google tracking on our website uses the “anonymizeIp()” function, which truncates the transmitted IP addresses so as to prevent the direct identification of any individual users.

The responsible entity is: Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States

Data processed:

  • Cookie Data
  • Activity Data

The analyses of your actions on our website are transferred to us in the form of reports. Google may give this information to further parties where legally required to do so, or as contracted by Google.

You can stop the placement of Google Analytics cookies on your computer through the settings of your web browser. If you do so, we cannot guarantee that all the functions of our website will be fully available to you. You may also stop the placement of cookies with browser extensions, such as: https://tools.google.com/dlpage/gaoptout

The legal basis is our legitimate interest in analytics, Art. 6 1(f) of the GDPR. We have concluded an agreement with Google Analytics with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Google’s data processing and data protection at: https://policies.google.com/ and https://www.google.com/analytics/terms/

Workflow Management

Pipedream

ChartMogul uses Pipedream to connect and share data between multiple web services used by ChartMogul.

The responsible entity is: Pipedream, Inc., 36 Palm Avenue, San Francisco, CA 94118, United States

Data processed:

  • Contact Data
  • Account Data
  • Communications Data
  • Cookie Data
  • Activity Data

Any information, including personally identifiable information, collected by any other service listed in this policy, may be transferred via Pipedream when a user takes an action that results in the submission of information to the original service. Pipedream may give this information to further parties where legally required to do so, or as contracted by Pipedream.

The legal basis is our legitimate interest in effective data management, Art. 6 1(f) of the GDPR. We have concluded an agreement, with Standard Contractual Clauses, with Pipedream with regard to the processing of your data in accordance with Art. 28 GDPR. You may find further information about Pipedream’s data processing and data protection here: https://pipedream.com/privacy

Zapier

ChartMogul uses Zapier to connect and share data between multiple web services used by ChartMogul.

The responsible entity is: Zapier, Inc., 548 Market Street #62411, San Francisco, CA 94104, United States

Data processed:

  • Contact Data
  • Account Data
  • Communications Data
  • Cookie Data
  • Activity Data

Any information, including personally identifiable information, collected by any other service listed in this policy, may be submitted to Zapier’s servers, located in the United States, and saved there when a user takes an action that results in the submission of information to the original service. Zapier may give this information to further parties where legally required to do so, or as contracted by Zapier.

The legal basis is our legitimate interest in effective data management, Art. 6 1(f) of the GDPR. We have concluded an agreement, with Standard Contractual Clauses, with Zapier with regard to the processing of your data in accordance with Art. 28 GDPR. You may find further information about Zapier’s data processing and data protection here: https://zapier.com/privacy/

Recruitment and Job Applications

AngelList

ChartMogul uses AngelList to source candidates for job openings.

The responsible entity is: AngelList Holdings, LLC, 90 Gold Street, San Francisco, CA 94133, United States

The designated EEA representative is: PrighterGDPR-Rep by Maetzler Rechtsanwalts GmbH & Co. KG, ℅ AngelList, Schellinggasse 3/10, 1010 Vienna, Austria

The designated UK representative is: AngelList Ltd., 2nd Floor, White Bear Yard, Clerkenwell Road, London, UK EC1R 5DF

Data processed:

  • Contact Data
  • Professional Data

The legal basis is our legitimate interest in recruitment, Art. 6 1(f) of the GDPR. We have concluded an agreement with AngelList with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about AngelList’s data processing and data protection at: https://angel.co/privacy

LinkedIn

ChartMogul uses LinkedIn to source candidates for open positions. ChartMogul also uses LinkedIn on our website to track activities for analytics and marketing purposes.

The responsible entity for LinkedIn is: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

Data processed:

  • Contact Data
  • Professional Data
  • Communications Data
  • Cookie Data
  • Activity Data

If you are logged into a LinkedIn account (even if it is not your own account) at the same time that you access the ChartMogul website, LinkedIn will additionally receive a notification that you visited our website. LinkedIn collects this information, so the theoretical possibility exists that it could associate it with the LinkedIn account. To prevent this, you can log out of any LinkedIn accounts prior to visiting our website. To do this, you must visit the LinkedIn website.

The legal basis is our legitimate interest in recruitment Art. 6 1(f) of the GDPR. We have concluded an agreement with LinkedIn with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about LinkedIn’s data processing and data protection at: https://www.linkedin.com/legal/privacy-policy and https://www.linkedin.com/legal/l/dpa

Lusha

ChartMogul uses Lusha to gather email addresses for recruitment purposes.

The responsible entity is: Lusha Systems, Inc., 1177 Avenue of the Americas, 5th Floor, New York, NY 10036, United States

Data processed:

  • Contact Data

The legal basis is our legitimate interest in recruitment, Art. 6 1(f) of the GDPR. We have concluded an agreement with Lusha with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Lusha’s data processing and data protection at: https://www.lusha.com/legal/dpa-2-2/

Recruitee

ChartMogul uses Recruitee to advertise open positions at ChartMogul, receive applications to these positions, and manage and optimize the application process. The hosting of job description and the application form is made possible through the use of JavaScript and cookies.

The responsible entity is: Recruitee B.V., Keizersgracht 313, 1016 EE Amsterdam, The Netherlands

Data processed:

  • Contact Data
  • Professional Data
  • Communications Data
  • Cookie Data

The analyses of your actions on our Career website are transferred to us in the form of reports. Recruitee may give this information to further parties where legally required to do so, or as contracted by Recruitee.

The legal basis is our legitimate interest in recruitment, Art. 6 1(f) of the GDPR. We have concluded an agreement with Recruitee with regard to the processing of your data in accordance with Art. 28 GDPR. You can find further information about Recruitee’s data processing and data protection at: https://recruitee.com/privacy-policy

Rocketreach

ChartMogul uses Rocketreach to gather email addresses for recruitment purposes.

The responsible entity is: Rocketreach, 800 Bellevue Way NE, Floor 5, Unit 110, Bellevue, WA 98004, United States

The designated EEA representative is: DataRep, The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland

The designated UK representative is: DataRep, BPM 335368, 372 Old Street, EC1V 9AU, London, United Kingdom

Data processed:

  • Contact Data

The legal basis is our legitimate interest in recruitment, Art. 6 1(f) of the GDPR. Rocketreach provides publicly available information only. You can find further information about Rocketreach’s data processing and data protection at: https://rocketreach.co/privacy

Changes to this Privacy Policy

ChartMogul reserves the right to update this policy from time to time without notice. Any changes are effective when we post the updated policy on our website. We recommend that you regularly check back. We may provide you with notices about changes to this policy if you are a registered user of the ChartMogul application.

Contact

Should you have further questions, or wish to contact us, you can do so through our website at www.chartmogul.com. When you do so, the data required to answer your query will be automatically saved and processed. Your data will not be transferred to third parties unless ChartMogul has a lawful ground to do so.

Updated: March 25, 2022

Basic Principles

  • ChartMogul limits the data we collect as much as possible, storing only what is necessary to provide the ChartMogul application, operate ChartMogul in a secure and resilient fashion, and to comply with all relevant laws.
  • ChartMogul only retains data for the length of time necessary to operate the application.

What Personal Data does ChartMogul collect?

Your Account Settings and Team Member Data

For users of ChartMogul, where ChartMogul is acting as the controller of the data, we collect the following data:

  • Name
  • Email Address
  • Phone number (optional)
  • Payment data and history
  • Device ID numbers
  • Location
  • IP address
    • Tracking cookie ID
Your Customers’ Data

When ChartMogul is acting as the processor of your data, specifically the data about your customers, we collect:

  • Name
  • Email Address
  • Location (but only to the granularity of a city or locality)
  • Payment data and history
  • Optional information, for example added via tags and custom attributes

How long does ChartMogul retain data?

  • We retain data indefinitely while you remain a paying customer of ChartMogul.
  • When you cease to be a paying or Launch plan customer of ChartMogul, or do not become a paying or Launch plan customer after trialing our software, we will automatically delete your customers’ data within 60 days. We will email account admins prior to scheduled data removal so you can timely select a plan for which you are eligible and prevent data removal.
  • If you are a customer that is on a Launch plan (or any other free plan) and you haven’t logged in for 1 year + 30 days, we automatically mark your account as canceled and will remove your customers’ data in 60 days. We will email account admins before the account is marked as canceled, so you can timely login and prevent the removal of your data if you wish. Once your account has been marked as canceled, you can prevent data removal by contacting support@chartmogul.com or going to the billing page and selecting Launch plan again before 60 days elapse.
  • If you wish to delete a customer’s data, you can do so using either our API, or the “Delete” functionality in the UI. These actions will delete a customer’s data immediately. You can do this on the customer level or on the data source level.
  • If you wish to delete your account settings and team member data, you must make the request by contacting support@chartmogul.com.
  • Notwithstanding the foregoing, we retain copies of data in accordance with routine backup and archiving procedures and as required to comply with applicable law and other legal and business requirements.
Database backups
  • ChartMogul databases are backed up on a continual basis, with full daily snapshots.
  • All database backups are encrypted before being sent to our backup storage.
  • We retain database backups for 14 days, after which they are automatically deleted.