This article is intended to provide basic information to SpotMe customers about data processing, user data privacy and user consent.
Please note that the information in this article should not serve as or substitute legal advice, and should not be solely relied as a basis for making any legal, business, or any other decisions.
The processing of personal data should be based on legal grounds in order for it to be compliant with rules and regulations related to personal data. Such grounds may be an explicit consent, legitimate interest, compliance with a legal obligation of the person/entity processing the personal data, and others.
The processing of personal data itself is a process which includes several parties: the person whose data is being processed (data subjects), and the companies who process the data subjects’ data (data controllers) or subcontract some of the processing activities to third parties (data processors).
We, at SpotMe, are the data processor of the personal data that our customers - data controllers, provide us with. It means we will process the data only in accordance with the need to render services as per the concluded agreement and based on customers’ instruction(s).
The relationship with our customers is governed by SpotMe’s Terms of Service and the respective Data Processing Agreement.
Learn more: What is a data controller or a data processor?
What is data processing?
Processing generally refers to any operation that includes the handling of personal data, like data collection, use and storage, data recording, updates, transfers and others.
Personal data may include things that allow an individual to be identified, such as their name, photo, occupation and mailing address. Personal data also encompasses the digital identity that one has, such as their email address or the IP address of the device he/she is using.
Learn more: What constitutes data processing?
What personal data does SpotMe have?
SpotMe processes the data that was shared with us by our customers, which generally contains names and email addresses of app users. Users of SpotMe apps can also additionally provide more personal information like their LinkedIn user name or a phone number to make it easier to connect with other app users.
Additionally, we keep track of IP addresses and other device identifiers. This helps us prevent malicious attacks on our services or resolve support issues faster, if they arise. This type of data is stored temporarily.
SpotMe is not a part of an ad syndication network and we never share your data with third-parties for advertising or targeting purposes. We never sell user data to any third-parties.
What is consent?
Consent, in the context of data privacy, is a freely and explicitly given permission from a user to a company for processing their data for a particular reason.
For consent to be obtained explicitly and clearly, it should never be buried or bundled with other options, or assumed to be given by default.
Learn more: What is a valid consent
How to obtain consent?
As our client and a data controller, it is your responsibility to define what the lawful basis for the processing of personal data is. In the event you consider that the consent of the app user to the processing of their data needs to be obtained, SpotMe provides you with the necessary features for this.
Depending on the type of app users and the purpose of a workspace, consent can be obtained as follows:
Ways to obtain consent
Customer or a partner
How to implement informed consent as part of your registration process
You add a required checkbox to your registration form and sample text, for example: