We have created a Platform that provides You with access to certain products and services (“Services”) designed to connect applications, automate workflows and send or receive messages to/from humans and machines.
For the purposes of this Policy, the following terms shall have the meanings set out below:
- ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
- ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- ‘pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person;
- ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
- ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
- ‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
- ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
- ‘enterprise’ means a natural or legal person engaged in an economic activity, irrespective of its legal form, including partnerships or associations regularly engaged in an economic activity;
- ‘group of undertakings’ means a controlling undertaking and its controlled undertakings;
- ‘binding corporate rules’ means personal data protection policies which are adhered to by a controller or processor established on the territory of a Member State for transfers or a set of transfers of personal data to a controller or processor in one or more third countries within a group of undertakings, or group of enterprises engaged in a joint economic activity;
- ‘supervisory authority’ means an independent public authority which is established by a Member State pursuant to Article 51 the Regulation;
- ‘supervisory authority concerned’ means a supervisory authority which is concerned by the processing of personal data because:
- the controller or processor is established on the territory of the Member State of that supervisory authority;
- data subjects residing in the Member State of that supervisory authority are substantially affected or likely to be substantially affected by the processing; or
- a complaint has been lodged with that supervisory authority;
- ‘cross-border processing’ means either:
- processing of personal data which takes place in the context of the activities of establishments in more than one Member State of a controller or processor in the Union where the controller or processor is established in more than one Member State; or
- processing of personal data which takes place in the context of the activities of a single establishment of a controller or processor in the Union but which substantially affects or is likely to substantially affect data subjects in more than one Member State.
- ‘regulation’ means and refers to General Data Protection Regulation 2016/679, as may be amended from time to time
- ‘Union’ shall collectively mean and refer to the member states of the European Union.
What data do We collect?
AppEQ collects the following personal data:
- Identity: Personal Data about You and Your identity, such as Your First name, Last Name,
- Contact Information Data: Personal Data used to contact an individual like email address,
- Feedback Data and Other Data: This includes the following:
- If You call Our call centre/office, We may record information provided by You to service You or record the calls for quality and training purposes;
- If You provide any feedback or comments to Us on mail, chat or the Portal, we may store the mail , chat or comments for quality purpose
How do We collect Your data?
We collect data in the following manner:
- Data We collect from You: We gather personal data from You directly, for instance, when You input information into a form online or You contact Us directly. Below are the examples of how We get this information:
- When You fill Our form for registration and account opening.
- When You enter or edit details of Your profile.
- Data We receive from others: We receive personal data from third parties with whom We have a relationship, for example, Our customers, third party service providers, dealers, third-party applications or linked websites.
Our Disclosure of Your personal data and other information:
We may share Your personal data with certain third parties without further notice to You, as set forth below:
- Business Deals and other Corporate Actions: In the event of a business deal or other corporate events including but not limited to transfer of business, corporate sale, merger, reorganization, dissolution , personal data will most likely be part of the transferred assets and We may disclose personal data occurring in the due diligence process.
- Subsidiaries and Related Companies:, We may share Your personal data with any of Our current or future affiliated entities, subsidiaries, and parent companies if so needed in order to streamline Our Services.
- Sub-processors and other Service Providers: In order to conduct Our general business operations, enable features and process certain tasks and in connection with Our other lawful business interests, We may share personal data with service providers or sub-processors who perform certain services or process data on Our behalf e.g. payment processing and cloud service. While employing such other entities to perform a function of this kind, We only provide them with the information that they need to perform their specific function.
|AWS||Cloud Infrastructure for our platform|
|Stripe, USA||Customer payments|
|Google, USA||Platform analytics (web) and customer interactions (email)|
|Mixpanel, USA||Business analytics|
|Intercom||Customer Support and Lead Interaction|
|Salesforce CRM||For Lead Management|
|Zendesk||For capturing all Support queries|
|LinkedIn||Retargeting for advertisments|
- Legal Requirements: We may disclose personal data if essential to do so by law such as to conform with a subpoena, bankruptcy proceedings, or similar legal process or in the good faith belief that such action is obligatory to (i) comply with a legal obligation or request, (ii) protect and shield the rights or property of AppEQ, (iii) act in urgent/emergency conditions to protect the security or vital interests of an individual or the public, or (iv) protect against legal liability.
- Consent/direction. We may disclose Your personal information to any other third party with Your prior consent or as You direct.
- Data Sale: We do not sell Your personal data.
How do We Store Your data?
AppEQ securely stores Your data at AWS Mumbai , India. The following are the technical and organizational measures we implement.
AppEQ maintains an ISMS Policy approved and reviewed by Management
- Personal Data in transition is protected by SSL TLS 1.2+ with SSL certificates using SHA-256 with RSA Encryption provided by Amazon Certificate Manager. Intercommunication between microservices encrypted using mutual TLS via mesh management service.
- Personal Data at rest is stored in Mongo Enterprise Database, volume level and item level encrypted using individual encryption keys via AWS KMS.
- Data in memory: Each process in AppEQ is managed within containers, which have their own independent resources(volumes, memory and CPU). The logs of these processes are synced with a centralized logging system.
- Has implemented anti-malware on its systems processing personal data.
- Employees receive regular security and privacy training regarding the treatment and protection of Personal Data.
- Ensures VAPT done by certified third parties to test security and identify vulnerabilities in the system.
- Is ISO 27001 certified and ensures regular audits in line with this standard.
- Ensures that access to information systems is restricted to authorized employees only.
If You are a customer, We may retain Your information for as long as Your account is active or as required to deliver You Services, maintain accurate accounting, financial and other operational records, comply with Our legal obligations, resolve disputes and enforce our agreements. We have established internal policies for the deletion of data from customer accounts following termination of a customer’s subscription to the Platform.
Transfer of Data
Your information, including personal data, may be moved to and preserved on computers situated outside of your state, province, country or other governmental jurisdiction where the data protection laws may vary than those from your jurisdiction.
If You have subscribed to receive any marketing communication from AppEQ, and You do not wish to continue, You can unsubscribe by clicking on the “Unsubscribe” link in the communication or write to us at firstname.lastname@example.org
What are your Data Protection Rights
We value Your trust & respect Your privacy. AppEQ would like to make sure You are fully aware of all of Your data protection rights. Every user is entitled to the following:
- The right to access: You have the right to request AppEQ for copies of Your personal data. We may charge You a small fee for this service.
- The right to rectification: You have the right to request that AppEQ correct any information You believe is inaccurate. You also have the right to request AppEQ to complete the information You believe is incomplete.
- The right to erasure: You have the right to request that AppEQ erase Your personal data, under certain conditions.
- The right to restrict processing: You have the right to request that AppEQ restrict the processing of Your personal data.
- The right to object to processing: You have the right to object to AppEQ processing of Your personal data.
- The right to withdraw consent. You also have the right to withdraw your consent at any time where AppEQ relied on your consent to process your personal data.
- The right to data portability: You have the right to request that AppEQ transfer the data that we have collected to another organization, or directly to you, in structured, commonly used and machine readable formats.
If You make a request, We have one month to respond to You. If You would like to exercise any of these rights, please contact Us at
Our email: email@example.com
Or write to Us: APPEQ INC, 16192 Coastal Hwy, Lewes, Delaware 19958 United States
Moreover, You have the right to complain to a Data Protection Authority about our collection and use of your personal data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
Privacy policies of other websites
How to contact Us
Email Us at: firstname.lastname@example.org
Or write to Us at: APPEQ INC, 16192 Coastal Hwy, Lewes, Delaware 19958 United States