Privacy policy

We work hard to protect your information

Last update: June 2020

Summary

When you use our services you entrust us with your valuable information. We have made it a priority to protect your data and to provide you with choices about controlling it. We understand that there are particular concerns from companies in the EU about how we use and protect your data, so we put this page together as a guide to answer some of the most common questions you may have.

  • The Privacy & Data retention page provides an overview of our data center and our data retention policy.
  • The GDPR page provides detailed information about how we comply with GDPR.
  • The Third parties tab provides a list of our sub-processors under GDPR.

For general inquiries, contact us.

Privacy & Data retention

Your privacy is important to us. It is Rate My Meeting's policy to respect your privacy regarding any information we may collect from you across our website, https://ratemymeeting.co, and other sites we own and operate.

We only ask for personal information when we truly need it to provide a service to you. We collect it by fair and lawful means, with your knowledge and consent. We also let you know why we’re collecting it and how it will be used.

Data center

Our primary data and servers are hosted at Amazon Web Services (AWS) in Frankfurt and Ireland.

Data retention

We only retain collected information for as long as necessary to provide you with your requested service. What data we store, we’ll protect within commercially acceptable means to prevent loss and theft, as well as unauthorized access, disclosure, copying, use or modification.

We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

We don’t share any personally identifying information publicly or with third-parties, except when required to by law.

With your active consent we store only non-identifiable information to provide a bridge between our service and third-party service integrations. We store this information for the duration that the integration is active.

Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites, and cannot accept responsibility or liability for their respective privacy policies.

You are free to refuse our request for your personal information, with the understanding that we may be unable to provide you with some of your desired services.

EU General Data Protection Regulation (GDPR)

What is GDPR?

In 2016, the European Commission approved and adopted the new General Data Protection Regulation (GDPR). GDPR is a significant change in data protection regulation in the EU and replaces the existing legal framework (the Data Protection Directive and the various member state laws). It came into effect on May 25, 2018.

Why is GDPR important?

GDPR adds some new requirements regarding how companies should protect individuals' data that they process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breaches.

What has Rate My Meeting done to comply with GDPR?

We work hard to meet our obligations as a processor under Article 28 of GDPR. To this end:

  • We continue to process your customer and end user data per your instructions.
  • We have implemented appropriate technical and organizational measures to protect the data with which you entrust us.
  • We have provided a list of our sub-processors.
  • We have instituted a policy informing and obligating our employees to maintain the confidentiality of your information.
  • We have instituted a procedure to assist you in complying with requests for access, amendment or deletion that you may get from your customers or end users.
  • We will delete your customer/end user information at the end of our agreement with you, if you ask us.
  • We have appointed a representative as required by Article 27 of GDPR.

Does GDPR require that my information be stored in the EU?

No. Under GDPR a company is allowed to transfer personal data outside of the EU provided that it puts in place a mechanism, approved under GDPR, to make sure that personal data is adequately protected even when it is transferred outside of the EU.

How do you manage access to my information?

As of now our intention is to service DSR requests (such as delete and export) manually. If you have an account with us, you may access, correct, or request that we delete your personal data by contacting us at hello@ratemymeeting.co.

This request can include personal data of other individuals, like your employees or customers that you have provided to us and who have requested this of you. We will respond to these requests within 14 days or less, which is well within the GDPR requirement of 30 days.

Working with 3rd parties

We share certain information with companies that may be considered our "sub-processors" under GDPR. This information is limited to the following:

  • We use Amazon Web Services, PCExtreme, and Postmark to offer our end to end services. These companies host any of our data on physical and cloud servers that we pay for.

Sub-processors and 3rd party services

ProviderPurpose
GoogleClient side tag management. No identifiable information is collected.
SegmentServer side tag management. Non-identifiable usage data may be collected.
StripePayment provider. Stores your payment information and shares an non-identifiable token with us.
HotjarOn-page analytics. No identifiable information is collected.
LinkedInSingle sign-on provider. Optional service to provide identifiable information on the 3rd party service with us.
PostmarkInbound e-mail processor. Optional service to provide identifiable information on the content send in with us.
ZoomThird party service. When connected provides non-identifiable information to maintain a connection between them and us.
SlackThird party service. When connected provides non-identifiable information to maintain a connection between them and us.