How we commit to protecting your personal information
Effective date: May 25, 2018.
We — meaning Transifex Limited, doing business as Transifex (also “we,” “us,” “our,” and “Transifex”) — take very seriously the respect and protection of your privacy and security, and we are committed to fair practices that protect the information you share with us.
Our commitments to employees are governed by our internal employment policies.
In all instances, we are committed to transparency with our customers, employees and protecting your data privacy.
If you have any questions or concerns about our use of your Personal Information, then please contact us using the contact details provided in the section titled “Contacting Us”.
Overview of the Sources of Personal Data
All of the different forms of data, content, and information described below are collectively referred to as “information.”
1. Information We Collect And Store
When you interact with the Service and in connection with our events, and sales and marketing activities, we collect information that alone or in combination with other information could be used to identify you (“Personal Data”), as described below.
A. Information You Give Us
- We may collect your name, email address, phone number, username, demographic information (such as your occupation), as well as other information you directly give us on our website. For customers who have paid services, we collect your billing details such as credit card information, banking information, and/or billing address.
- We may also collect data from you including without limitation when you attend one of our events, during phone calls with sales representatives, or when you contact customer support.
- We collect and store the files you upload, download, or access with the Transifex Service (“Files”) and we may associate all or a portion of these files with you.
- If you work, and apply to work, for Transifex, please refer to the Personnel section of this policy to read about the information we collect from personnel.
B. Information We Get from Others
- We may also receive Personal Information (for example, your email address) through other users, for example when they share something with you, invite you to their Transifex organization, or refer Transifex to you.
- We may receive data about organizations, industries, website visitors, marketing campaigns, and other matters related to our business from affiliates, subsidiaries, partners, or others that we use to make our own information better or more useful. This data may be combined with other information we collect and might include aggregate level data. One example is to analyze your translated content and provide you suggestions to improve its quality.
C. Information Automatically Collected
- We may collect information about the devices accessing our website and application. Some examples are: type of device, what operating system is used, application information, unique device identifiers and crash data. The type of information we collect depends on the type of device used and its settings.
- We may automatically log information about you and your computer. For example, when visiting our website, we log your computer operating system type, browser type, browser language, pages you viewed, how long you spent on a page, location, access times and information about your use of and actions on our website.
D. Information you upload using our services
- We automatically collect information from the files and content you upload in the Service, including but not limited to files and images you upload, translations you submit, information related to translations, and comments.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses. If you use any of these types of personal data with our service (e.g. in the content you upload), we will not be able to tell. We will treat all the personal data included in files and content uploaded as ordinary personal data.
Changing or Deleting Your Information
You have the right to be ‘forgotten’. Send us an email at email@example.com requesting the deletion of your account and removal of personal information and we will delete your information unless we have another legal reason to hold your personal information (such as a legal claim or a regulatory requirement).
2. How We Use Personal Information
We use your personal information for the following purposes:
- To operate, maintain, and improve our site, products, and services.
- To be able to provide to our users products and services they request from based on our contractual relationship.
- To respond to comments and questions and provide customer service.
- To send information including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages. These communications are strictly necessary and you may not opt out of them.
- To communicate system updates, promotions, upcoming events, and other news about products and services offered by us.
- To link or combine user information with other personal information.
- To protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
3. Our Legal Bases for Processing Your Personal Information
In order to collect and/or use your personal information we have at least one of the following legal bases:
You have given us clear and explicit consent to process your personal information. If you have previously given consent to processing your information, you can withdraw such consent at any time. You can do this by emailing us at firstname.lastname@example.org. If you do withdraw your consent, and if we do not have another legal basis for processing your information we will stop processing your personal information.
Processing your information is necessary for a contract to be formulated and executed in order for us to be able to provide our products and services or because such information is necessary before entering into that contract.
If you have been our customer in the past, we may communicate with you via email, in order to inform you about products and services similar to the ones you showed interest in.
Processing your information is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests may include the following:
- Delivering, developing and improving our services and products.
- Ensuring that our website, platform, and infrastructure operate smoothly.
- Determining whether marketing campaigns are effective.
- Improving data security.
- Gaining insights from your behavior on our website in order to be able to offer you and third-party services and products which they find useful.
In each case, we found that these legitimate interests were not outweighed by your rights and interests. If you require further information about the balancing test that Transifex has undertaken to justify its reliance on the legitimate interest legal basis under the GDPR, please see Section ‘Contacting Us’ for further details on how to contact us.
Processing of your information is necessary for compliance with a legal obligation to which we are subject (for example to provide you with invoices, report to tax authorities etc).
4. How do we share personal information?
We may share personal information as follows:
- We may share information to technical service providers which may operate the technical infrastructure that we need to provide the Transifex Service, in particular providers which host, store, manage, and maintain the Transifex application, its content and the data we process, including translations. We also use technical service providers to help us communicate with you. As of the date this policy went into effect, we use RackSpace storage service to store some of your information (for example, your Words). We use Chargebee and Stripe to manage your online payment service. You can find more information on Rackspace’s data security here, on Chargebee’s systems here and on Stripe’s online payment system here.
- We may share your personal information with other companies of the Transifex Group to carry out our daily business operations and to enable us to maintain and provide the Transifex Service to you.
- We also may share personal data with certain marketing and advertising partners to send you promotional communications about Transifex.
- We may share information per our customers’ instructions.
- We may share information in compliance with any applicable law.
- We may share personal information for legal, protection, information security, and safety purposes. Examples include enforcing contracts or policies, reporting on security breaches, or assisting with investigating and preventing fraud or security issues.
- We may share customer and user access to the customer’s account. Translation administrators for the customer, authorized users and other designated representatives may be able to add, modify or restrict access to users such as translators.
- We may share information to comply with laws and regulatory requests. Examples include responding to lawful requests and legal or regulatory processes.
- We may share information with those who need it to do work for us. An example is granting a Transifex employee the necessary access in order to perform his/her duties.
- We may share aggregated or anonymized data. We may disclose or use aggregated or anonymized data for any purpose. An example would be for marketing, analytics or research purposes.
- We will not share personal information with investors of the Company beyond any personal information that such investors are entitled to for customary legitimate business purposes.
- We may share other information with consent with third parties when we have consent to do so.
- We may display information related to your account such as your name, username, the date you started using the Service and the translation projects made publicly available which you are participating in. Please consider carefully what information you disclose in your profile page and your desired level of anonymity. You can review and revise your profile information at any time.
- We may share information from time to time to our offices or personnel, or to third parties, located throughout the world, and may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data. To the fullest extent allowed by applicable law, by using any of the above, you voluntarily consent to the trans-border transfer and hosting of such information.
5. European Economic Area Residents
If you are residing in a country that is a member state of the European Economic Area (i.e. EU, Norway, Lichtenstein, Iceland) and pursuant to applicable data privacy legislation, we shall make sure that you exercise the following rights:
- You have the right to access the information we hold about you. You can contact us and we shall inform you about:
- The categories of data we’re processing.
- The purposes of data processing.
- The categories of third parties to whom the data may be disclosed.
- How long the data will be stored (or the criteria used to determine that period).
- Other rights you have regarding our use of your information.
- You have the right to ask us to correct or rectify personal information about you if they are inaccurate or incomplete.
- You can object to us using your information for profiling you or making automated decisions about you. Please note that exercising this right does not equal to an obligation on our behalf to not show advertisements at all.
- You have the right to ask us to directly transfer your information to another service, as long as it is technically feasible or to provide you a copy in a common machine-readable format. Please note that if such information also contains personal data about another person, we may not choose to include such data in our deliverables.
- You have the right to be ‘forgotten’. All you have to do is ask and we will delete your information unless we have another legal reason to hold your personal information (such as a legal claim or a regulatory requirement).
- You can ask us not to use your information for direct marketing purposes.
You can exercise all the aforementioned rights by emailing us at email@example.com. We shall address your request within 30 days of its receipt unless it is too complicated or we are dealing simultaneously with too many such requests. In the latter case, it may take us up to two additional months to address your request, but we will let you know if that is the case within 30 days of the receipt of your initial request.
Please note that exercising the above rights presupposes that we have collected such personal information ourselves and/or process them for our own purposes. If these data have been entrusted to us by third parties while we are providing our services to them (for example while customers upload content on our platforms) we are only processing such data on their behalf and under their instructions (we are processors under EU Law). Accordingly, if we receive a request from you to exercise your right we are not obliged to address it since such a request should be forwarded to our customers instead (controllers).
We would be happy to spend the time and effort necessary to address any of your privacy concerns, however, if you believe that your rights have not been properly addressed you can file a complaint regarding our use of your information to the Data Protection Authority of your habitual residence or place of work.
6. Word Retention
We will retain your information, which may include general personal information, for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services, you may delete your account. We may retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Consistent with these requirements, we will try to delete your information quickly upon request. Please note, however, that there might be latency in deleting information from our servers and backed-up versions might exist after deletion. In addition, we do not delete from our servers files that you have in common with other users.
7. Transifex Community
Our Service offers publicly accessible community services such as blogs, forums, and wikis. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. Your posts may remain even after you cancel your account. For questions about your Personal Information on our Service, please contact firstname.lastname@example.org.
Our Site includes links to other Web sites whose privacy practices may differ from those of Transifex. If you submit personal information to any of those sites, your information is governed by their privacy statements. We cannot control or be held responsible for third parties’ privacy practices and content. Please read their privacy policies to find out how they collect and process your personal data.
The security of your information is important to us. We thus implement appropriate technical and organisational measures to help protect the security of your information.
We follow generally accepted standards to protect the information submitted to us, both during transmission and once we receive it. No method of electronic transmission or storage is 100% secure, however. Therefore, we cannot guarantee its absolute security.
When you enter sensitive information (such as a credit card number) on our order forms, we encrypt the transmission of that information using secure socket layer technology (SSL).
We have implemented various policies including pseudonymization, encryption, access, and retention policies to guard against unauthorized access and unnecessary retention of personal data in our systems.
Your password protects your user account, so we encourage you to use a unique and strong password, limit access to your computer and browser, and log out after having used the Transifex Service.
If you have any questions about security on our website, you can contact us at email@example.com.
9. Our Policy Toward Children
Our Services are not directed to persons under 18. We do not knowingly collect personal data / personally identifiable information from children under 18. If a parent or guardian becomes aware that his or her child has provided us with Personal Information without their consent, he or she should contact us at firstname.lastname@example.org. If we become aware that a child under 18 has provided us with Personal Information, we will take steps to delete such information from our files.
11. Contacting Us
Thank you for using Transifex!