BANAFO PRIVACY POLICY

Effective date: August 2022

Privacy policy

This Privacy Policy (“Policy”) describes our practices with respect to Personal Data collected via the Website at https://banafo.com (“Website”), mobile apps, browser extensions, desktop applications, and other services (“Services”).

This Privacy Policy further provides information on your rights under applicable laws, including the General Data Protection Regulation (“GDPR”). No matter where you are, where you live, or what your citizenship is, we provide the same high standard of privacy protection to all our users around the world, regardless of their country of origin or location.

This Privacy Policy describes how Banafo uses and protects any information that you give us. In this Policy “Banafo”, “we” or “us” refers to Banafo EOOD, a company duly registered under the laws of Bulgaria, with a registered address at 11 Gen. Ivan Kolev Str., fl. 1, 1407 Sofia, Bulgaria.

In relation to the processed personal data Banafo entity acts as a Data Controller or Data Processor of your personal data.

When Banafo acts in the capacity of a Data Controller, Banafo determines the purposes and the essential means of the processing of personal data. The Privacy Policy presents the purposes and the legal basis for data processing.

By using the Service, you may disclose, share, record, or otherwise use various types of data. The type of the content is determined by the person that upload the information and not by us. The extent to which personal data is processed while using the Service also depends on the Banafo functionalities that the owner of the account decides to use. In this case, Banafo is the Data Processor, and the uploader of the information is the Data Controller.

1. PERSONAL INFORMATION WE COLLECT

“Personal Information” is any information about one of our users which could, alone or together with other information, personally identify them or otherwise be reasonably linked or connected with them. Personal Information does not include aggregated, non-personally-identifying information that does not identify a user or cannot otherwise be reasonably linked or associated with them. Such aggregated, non-personally-identifying information may be used for research purposes and to analyse, improve and optimize our Website and Services.

Information you actively provide to us when you use our Services:

  • Registration Information – we primarily receive information when you create an account on our Services. This includes but is not limited to: email and password; you may voluntarily add any other information upon registering to our Services. If you sign into the Services through a third-party site or service (such as Google or Microsoft Office365), some personal data from those accounts may be shared with us and transmitted into your Banafo account. Both our Privacy Policy and the specific user data policies the third-party sites or services have in place will cover the transferred personal data.

  • Usage information – when using the Services or access our website, you may provide to us audio or video conversation recording, notes, call duration, contact lists, comments, responses to surveys, or requests for feedback. When you use Banafo for recording conversations, you are solely responsible for ensuring that you comply with all applicable regulations. This might mean that you need to inform every user and obtain their consent prior to the recording. You should also make sure that all the personal data in the contact lists you share with Banafo is obtained in a compliant manner and in accordance with all applicable laws. You might also share personal data with us if you use Banafo’s transcription and voice analytics services, either by uploading a conversation recording or through using our voice recording functionality. Based on your account settings and the permissions you grant us, we may use your conversation to train and improve the machine learning models that power our Services.

  • Conversation Information

    We maintain records of the conversation metadata, such as, but not limited to, time, duration, telephone number, as well as information, derived from the conversation and other details for all users.

  • Device Information

    When you use our Services, we may collect certain information about your device, such as its Internet Protocol (“IP”) address, web browser or client application information and operating system, application version. Banafo needs to process this data to guarantee the functionality and security of the website.Additional device information may be stored for licensing related purposes. We may collect data about your google or apple account, app version, device ID, IP address in case of a crash for troubleshooting problems and crash reports. We also use the device information to improve the Services – for example, this data can tell us how often users use a particular feature of the Services, and we can use that knowledge to make decisions about future development focus. You may be able to change your browser or device preferences to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features.

  • Payment Information

    When you subscribe to a paid plan, you will be able to choose which one of our payment processing partners should handle the transfer. We won’t ask you to share any payment information directly with us.

Information we receive from third-party platforms:

If you decide to integrate Banafo with one of the supported third-party services, including by providing credential information to the third party or to us, it might result in personal data being transmitted both from the third-party service to us and from us to the third-party service. This Privacy Policy will cover all the personal information Banafo collects from and shares with the supported third-party service. However, we encourage you to learn about their privacy and security practices before connecting them with your Banafo account.

DISCLOSURE NOTICE for Banafo users who have integrations with Google Drive:

Banafo’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Information you provide us about others:

  • If you choose to invite other users to Banafo, or refer us to them, you share with us their email address and contact information. Before you do so, please make sure you have all the necessary legal rights to provide us with this information and be aware that you are solely responsible to comply with all applicable regulations.

  • If you provide a conversation recording, it may contain the Personal Information of third parties. Please make sure you have all the necessary legal rights before you do so.

2. PERSONAL INFORMATION WE DO NOT COLLECT

We do not intentionally collect, and we ask that you not send or disclose to us any “Sensitive Personal Information,” such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, biometrics or genetic characteristics, data concerning health status or sexual orientation, criminal background, or union membership. If you choose to send or disclose any Sensitive Personal Information to us (such as when you share your screen or place a telephone call using the Service), you are responsible for complying with any regulatory controls regarding that data.

3. HOW BANAFO USES YOUR PERSONAL INFORMATION

We may use your information for the following purposes:

To provide you with our Services

  • To set up your account – we use the registration information you provide us with, the personal data we receive from third-party services, and your device details so we can set up an account for you, and you can start using our Services.

  • To connect your Banafo account with third-party services – we use your account information and any credential information that you decide to provide us with to integrate Banafo with any one of the supported third-party services.

  • To provide you with Banafo’s transcription and voice analytics services – we use your conversation recordings and records, as well as device and platform information, so we can provide you with our transcription and voice analytics services.

  • To support your use of our Services – we use your communication details, device information, and usage data so we can support you whenever necessary – for example, when you are having issues logging in or simply when you have a question or feedback for us.

To communicate with you

  • To notify you about important updates to our Services and other urgent matters, related to your account – we may use your contact details to send you e-mails and other notifications when there are relevant changes to our Services that might affect you or when your attention is required due to matters, related to your Banafo account.

  • To send you marketing information and information materials related to Banafo – if you request information from us, register for our Services, or take part in any surveys or feedback forms, we may send you newsletters, product news, and other information that you might find interesting. We will only do this if it is permitted by law and we have your prior consent, and you will always have the option to unsubscribe.

To comply with law

If necessary and appropriate, we may use your personal data to comply with applicable laws, lawful requests, and any other relevant legal reason, such as a subpoena or an official request from a government authority.

To prevent fraud, defend ourselves against legal claims and disputes, and ensure safety

We will use your personal data if necessary or appropriate:

  • to enforce the terms and conditions that govern our Services;
  • to protect our rights, privacy, safety, property, and that of you and others;
  • to monitor the use of our Services to detect fraud or any other harmful and illegal behaviour.
4. HOW WE SHARE INFORMATION WE COLLECT

Banafo is a cloud-based service intended to help your team collaborate. This naturally means that information, including personal data, is often shared with both users and third-party service providers.

  • Sharing with other users

    Depending on your specific settings, or enabled functionalities, (e.g., if you decide to share a recording with other users), other users of our Services might be able to see information about you, including, but not limited to personal data such as your name, contact details and conversation metadata.

  • Sharing with cloud service providers

    We want to keep your personal data as safe as possible, which is why we have invested in our own EU-based infrastructure. The data uploaded by the users is stored on servers managed and operated by Banafo and/ or our subsidiaries and affiliates and is not stored or processed on cloud service providers, except for possible third-party transcription services.

  • Sharing with transcription service providers

    Until we become 100% independent when handling your voice-to-text transcriptions, we might have to rely on third-party transcript providers for some of the transcripts.

  • Sharing with payment processors

    We work with Stripe, PayPal, and other payment processors, who are responsible for the processing of all your payments to us. The payment processors may use your Personal Information for their own purposes in accordance with their privacy policies.

  • Sharing with the providers of the integrated third-party services

    When you connect Banafo to any of the supported third-party service providers, you specify the information that we are authorized to share and receive on your behalf. We are not responsible for their data protection practices and policies, which are part of your legal relationship with them as a user of their services. We encourage you to learn about their privacy and security policies before deciding to integrate your Banafo account with them.

  • Sharing with Banafo’s subsidiaries & affiliates

    We might share your personal data with our subsidiaries and affiliates for purposes consistent with this Privacy Policy.

  • Sharing with law enforcement authorities

    We might be legally obliged to disclose your personal data to law enforcement agencies, public authorities, or other judicial bodies and organizations in connection with any actual or prospective legal proceedings or in order for us to exercise or defend our legal rights.

5. HOW LONG WE STORE YOUR PERSONAL INFORMATION

Banafo will store your Personal Information for as long as necessary to fulfil the purpose for which it was collected, including but not limited to satisfy any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider various factors, such as the amount, nature, level of sensitivity, the potential risk of harm from unauthorized use or disclosure, as well as the specific purposes for which it was collected and whether or not it has become possible to achieve those purposes through other means. In many cases, we are legally obligated to keep your data for a specific period of time, which is the case with your billing information.

We may pseudonymize your personal data so we can use it to improve further the services we provide to you.

6. WHAT LEGAL RIGHTS DO YOU HAVE

As a data subject under the GDPR, in certain circumstances, you have the rights below in relation to your Personal Information that we hold when we operate as a Data Controller:

  • ACCESS: You have the right to access the personal information we hold about you and to receive an explanation of how we use it and with whom we share it.

  • RECTIFICATION: You can ask us to have inaccurate Personal Information amended.

  • ERASURE: You have the right to request to have your account deleted, along with all your personal data.

  • OBJECTION: You have the right to object to our processing of your PersonalInformation. If you object, we will no longer process your personal data in the future unless we can prove compelling grounds for the processing that outweigh your interests.

  • RESTRICTION: If you have previously agreed to us collecting and using yourPersonal Information, you are free to change your mind at any time by contacting us at privacy@banafo.com. However, keep in mind that this might mean that you will no longer be able to use our Services.

  • PORTABILITY: Where you have provided personal data to us, you have the rightto receive such personal data back in a structured, commonly used and machinereadable format, and to have those data transmitted to a third-party Data Controller without hindrance but in each case only if the processing is carried out by automated means and the processing is based on your consent or the performance of a contract with you. You should be aware that the right of data portability concerns only the personal data provided by you, but not the transcripts made by us.

  • WITHDRAWAL OF CONSENT: You have the right to withdraw any consent youhave previously applied to us and prevent further processing if there is no other legitimate ground upon which Banafo can process your Personal Information. This will not affect the lawfulness of the processing before you have withdrawn your consent.

  • COMPLAINTS: We believe we can resolve any issues regarding our dataprotection practices. Please contact us in writing or by e-mail if questions or complaints arise. You also have a right to lodge a complaint with the competent data protection supervisory authority. In order to do this, you can contact the Commission for Personal Data Protection (address: 2 Prof. Tsvetan Lazarov Bvd, 1592 Sofia).

UNSUBSCRIPTION: You can always unsubscribe from our non-transactional and non-account-related promotional emails by clicking on the “unsubscribe” link located at the bottom of all our email communication with you. You can submit these requests by email by sending them to privacy@banafo.com. We may ask for specific information from you so we can confirm your identity and process your request. Depending on the applicable law, we might not be able to fulfil your request, in which case we will provide you with information about the reasons. We may also redact from the data which we make available to you any personal data related to others.

7. CHILDREN

Banafo does not provide services designed to be used by children under the age of 16, nor do we knowingly collect or solicit personal data from anyone under the age of 16. If we learn that we have collected any such data, we will delete it right away – both from our service and backups and third-party service providers.

If you learn that a child under the age of 16 has provided us with any Personal Information in violation of this Policy, please contact us at privacy@banafo.com.

8. DATA SECURITY

We use situation-appropriate security measures to protect the security of your Personal Information. These measures may vary in accordance with the level of sensitivity of the personal data. We also take measures to ensure that all the third-party service providers that we use for personal data processing on our behalf have appropriate security controls in place.

However, please keep in mind that no service is completely secure. We cannot guarantee that unauthorized access, hacking, data loss, or a data breach will never occur. The transfer of Personal Information through the internet will carry its own inherent risks, and we do not guarantee the security of your data transmitted through the internet. You make any such transfer at your own risk.

Please, be informed, that Banafo beta version does not represent the final product and may contain bugs that may cause system or other failure and data loss. Any beta integrations will be automatically transitioned to the final version and data may be lost during the migration.

9. CALIFORNIA RESIDENTS’ PRIVACY NOTICE

This Privacy Notice for California residents supplements the information contained in the Privacy Policies of Banafo, and applies solely to visitors, users, and others who reside in the State of California. We provide this Notice to comply with the California Consumer Privacy Act of 2018 (CCPA) and the regulations issued under it; accordingly, this Notice addresses the specific requirements of the CCPA and should be read together with the other Banafo policies that apply based on your relationships with us. Any terms defined in the CCPA have the same meaning when used in this Notice; that may differ from what those terms mean when we use them in other policies or disclosures. This Notice makes an integral part of our Privacy Policy and Terms of Use.

10. AMENDMENTS

This Privacy Policy was last updated in August 2022. We may update this Privacy Policy from time to time. If we make any substantial changes in the way, we use your Personal Information we will notify you by posting a prominent announcement on the Website. Please check this page frequently to see any updates or changes to this Policy.

If necessary for complying with applicable law, we will seek your consent to any important changes.

11. CONTACT

Should you have any further questions, comments, or concerns about our Privacy Policy or the exercise of your rights, do not hesitate to get in touch at privacy@banafo.com