We at Mobilesson Ltd. d/b/a Connecteam (“Connecteam“, “us“, “we“, or “our“) recognize and respect the importance of maintaining the privacy of our Customers and their Personnel. This Privacy Notice describes the types of Personal Data (as defined below) we collect from you when you visit our website (“Site“) and/or use our Platform or App (collectively, the “Services“), and also how we collect, process, transfer, store and disclose such Personal Data. It also describes how you are able to control certain uses of the Personal Data. If not otherwise defined herein, capitalized terms have the meaning given to them in the Terms of Service, available at https://connecteam.com/terms-conditions/ (“Terms“). “You” means any adult user of the Site, App, Platform and/or Services.
“Personal Data” means any information that refers to, is related to, or is associated with an identified or identifiable individual or household.
– Data Processor. When we collect, process and manage Personal Data in the context of providing Services to our business customer (“Customer”), our Customer is the data controller with respect to such Personal Data and we are the data processor. This includes Personal Data uploaded to our Platform by our Customers’ employees, service providers and independent contractors (“Customer Data”).
Our processing of such Customer Data on behalf and under the instruction of the respective Customer is governed by our Data Processing Addendum with them. For more information, please refer to Section 11 below.
This Privacy Notice– which describes Connecteam’s independent privacy and data processing practices as a “data controller” – does not apply to the processing of Customer Data and is detailed here for completeness and informational purposes only. If you have any questions or requests regarding Customer Data please contact your Account Administrator directly.
– Controller. When we process Personal Data of Account Owners and Administrators (excluding Customer Data, as detailed above), and visitors to our websites, participants at our events, and any other prospective customer, certain user data or partner, we are the data controller.
– Maetzler Rechtsanwalts GmbH & Co KG (Prighter) has been designated as Connecteam’s representative in the European Union for data protection matters pursuant to Article 27 of the GDPR. Maetzler Rechtsanwalts GmbH & Co KG may be contacted only on matters related to the processing of Personal Data in the EU. To make such an inquiry, please contact Maetzler Rechtsanwalts GmbH & Co KG through this contact form: https://prighter.com/q/14267474.
– Prighter Ltd has been designated as Connecteam’s representative in the United Kingdom for data protection matters pursuant to Article 27 of the UK-GDPR. Prighter Ltd may be contacted only on matters related to the processing of Personal Data in the UK. To make such an inquiry, please contact Prighter Ltd. through this contact form: https://prighter.com/q/14267474.
Privacy Notice Key Points:
The key points listed below are presented in further detail throughout this Privacy Notice. You can click on any section in order to find out more information about any topic.
- Personal Data We Collect, Uses and Legal Basis
1.1. Site Visitors
1.2. Account Owners, Administrators & Employees
- Sharing the Personal Data We Collect
- International Transfer
- Your Rights
- Data Retention
- Cookies and Similar Technologies
- Third-Party Applications and Services
- California Requirements
- Changes to the Privacy Notice
- Comments and Questions
- Personal Data We Collect, Uses and Legal Basis. Depending on your usage, we collect different types of Personal Data, and we and any of our third-party contractors and service providers use the Personal Data we collect for different purposes, as specified below. You do not have to provide us with your Personal Data, but if you refuse to provide such Personal Data we may not be able to register you to the Platform or Apps and/or provide you with the Services.
1.1. Site Visitors – If you are a visitor to the Site, we collect the following types of Personal Data from you:
1.1.1. Contact Information
o What Personal Data We Collect: When you request information from us through the Site, fill out (online) forms, or contact us for any other reason, we will collect any data you provide, such as your name and/or email address, and the content of your inquiry.
o How we use this data & Legal Basis: To respond to your request or inquiry (Legitimate Interest).
1.1.2. Automatically Collected Data
o What Personal Data We Collect: When you visit the Site we automatically collect information about your computer or mobile device, including non-Personal Data such as your operating system and browser type, internet service provider (ISP), and Personal Data such as your IP address, browsing history on our site, as well as referring and exit pages (the pages you clicked to reach our site and the pages
o How we use this data & Legal Basis: (1) to understand how our users use our Site, to help facilitate our operations, including collecting and analyzing aggregated, non-personal analytics, develop new products or services and improve current content, products, and services (Legitimate Interest); (2) to prevent fraud, protect the security of our Site and address any problems with the Site (Legitimate Interest).
1.2. Account Owners, Administrators & Employees. If you are an Account Owner, Administrator, or an Employee (which includes service providers or independent contractors of one of our Customers) (collectively, a “User”), using the Platform and/or an App in connection with a Customer account, we collect the following types of Personal Data from you:
1.2.1. Registration Data
o What Personal Data We Collect: If you are an Account Owner, in order to use our Services, you will be required to register and to provide Personal Data requested by us, which includes your full name, email address and phone number. Administrators and Employees may be requested to provide additional details such as job title, profile picture or any other information as required by either your Administrator or Account Owner.
o How we use this data & Legal Basis: (1) to provide you access to the Platform, Apps, and/or Services, to respond to your inquiries and requests and to contact and communicate with you (Performance of a Contract); (2) to prevent fraud (Legitimate Interest), protect the security of and address any problems with the Platform, Apps, and/or Services (Legitimate Interest); (3) to provide you with informational newsletters, and promotional materials relating to our Platform, Apps, and/or Services, including via email (Legitimate Interest; Consent where applicable). For more information about our direct marketing activities and how you can control your preferences, please see the Direct Marketing section below; and (4) to create a general profile of Customers and usage profile of their respective Users in order to improve and optimize our Services (Legitimate Interest).
1.2.2. Payment Data
o What Personal Data We Collect: When and if you make a payment (using a credit card) to Connecteam for use of the Services, we receive information related to such purchase, including the last four digits of your credit/debit card number, CVV, expiration date, and the name of the cardholder.
o How we use this data & Legal Basis: To process the payment for your purchase (Performance of a Contract) and for the purposes of fraud prevention
1.2.3. Automatically Collected Data
o What Personal Data We Collect: When you use the Services, we automatically collect information about your computer or mobile device, including non-Personal Data such as your operating system and browser type, internet service provider (ISP) and language settings and Personal Data such as your IP address, browsing history, including referring and exit pages, connectivity, technical and usage data, activity logs, the relevant cookies and pixels installed or utilized on your device, clicks, use of features and other interactions, and any information regarding your viewing history on the Platform or App, browser language, and browser time zone. This data is collected and generated automatically, including through the use of analytics tools (including cookies and pixels) which collects data such as: how often Users use the Services, how Users interact with and use the Services and their various features and technical data concerning the performance, functionality, fraudulent activities and stability of the Platform. For more information about the cookies and similar technologies we use and how to adjust your preferences on the Platform or App, please see the section “Cookies and Similar Technologies” below.
o How we use this data & Legal Basis: (1) to review usage and operations, including in an aggregated non-specific analytical manner, develop new products or services and improve current content, products, and services (Legitimate Interest); (2) to prevent fraud (Legitimate Interest), protect the security of our Services and address any problems with the Services(Legitimate Interest); (3) to provide you with customized content, targeted offers, and advertising related to our products and services, based on your usage history on the Services on other third-party sites or apps you may visit and/or use, or via e-mail (Legitimate Interest and Consent where applicable).
1.2.4. Materials You Upload
o What Personal Data We Collect: Any personal data, including text, documents and images you upload to the Platform. The usage of this personal data and legal basis will be determined by the Customer to which your account is associated. For more information on this see Section 11 below.
o What Personal Data We Collect: when you use specific functionalities in our App, you may be asked to share your mobile device’s precise (GPS) geo-location information. Such geo-location information may include physical locations visited (latitude & longitude). Whether or not we collect this geo-location data is entirely determined by your Account Owner or Administrator in their sole discretion. For example, they may only allow you to clock-in or clock out if they are able to verify your location via your device. If you do not wish to allow the collection of your precise location, in most cases you will be able to turn off such data collection at any time by accessing the privacy settings of your mobile device and/or adjusting the permissions for the App. Please note, however, that
some of the App’s features may not work properly if you turn this off, and we are not responsible for any implication of turning off such geo-location tracking.
o How we use this data: Connecteam does not use geo-location data for its own purposes. The usage of geo-location data and legal basis will be determined by the Customer to which your account is associated. For more information on this see Section 11 below.
1.2.6. Data Collected from Third Parties. If you are an Account Owner or Administrator we may receive Personal Data about you from third-party sources. We may use this data to improve our sales & marketing efforts (Legitimate Interest, and Consent where applicable).
2.1. Service Communications. We may send you service-related communications, including service announcements and administrative messages (such as log-in attempts or password reset attempts).
2.2. Promotional Communications. If you are an Account Owner or Administrator, we may use your Personal Data to let you know about our products and services that we believe will be of interest to you. We may contact you by email or through other communication channels approved by you. We will always respect your preferences for how/whether you would like us to communicate with you. To ensure you have control over how we contact you with marketing offers:
2.2.1. We will take steps to limit direct marketing to a reasonable and appropriate level and only send you communications which we believe may be of interest or relevance to you.
2.2.2. You can ask us to stop sending email marketing by following the “unsubscribe” link you will find on all the email marketing messages we send you. Alternatively, you can contact us at [email protected].
- Sharing the Personal Data We Collect. We share your Personal Data with other entities as follows:
3.1. Customers. If you are an Employee, Account Owner or Administrator we may share your Personal Data with the Customer (or any individual acting on their behalf, for example an Account Owner or Administrator) with whom your account is associated. This includes where we are requested to share Personal Data regarding your usage of the Platform or App, your chats, IP address, or geo-location that we have collected. Other Employees within the account may have access to some of your Personal Data (for example Registration Data) depending on the settings within the account (set by you or your Account Owner/Administrator).
3.2. Affiliates. We may share information, including your Personal Data, with our affiliates and subsidiaries (whether existing now or those that may be incorporated in the
future). Should Connecteam or any of its subsidiaries or affiliates undergo any change in control or ownership, including by means of merger, acquisition or purchase of substantially all or part of its assets, your Personal Data may be shared with or transferred to the parties involved in such an event. We may disclose Personal Data to a third-party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal Data may also be disclosed in the event of insolvency, bankruptcy or receivership.
3.3. Service Providers, and Subcontractors. We disclose information, including Personal Data we collect from and/or about you, to our trusted service providers and subcontractors, who have agreed to confidentiality restrictions and who use such information solely on our behalf in order to: (1) help us provide you with the Platform, Apps, and/or Services; (2) aid in our understanding of how you use our Platform, Apps, and/or Services; (3) for the purpose of improving, optimizing and sending promotional communications (see above for more details); and (4) provide us with IT and system administration services, data backup, security, and storage services, data analysis, data enrichment services, and payment processing.
3.4. Law Enforcement Related Disclosure. We may share your Personal Data with third parties: (i) if we believe in good faith that disclosure is appropriate to protect our or a third party’s rights, property or safety (including the enforcement of the Terms and this Privacy Notice); (ii) when required by law, regulation subpoena, court order or other law enforcement related issues, agencies and/or authorities; (iii) as is necessary to comply with any legal and/or regulatory obligation; or (iv) such disclosure is required to protect our legitimate business interests, including the security or integrity of our products and services.
3.5. Feedback or Recommendations. If you submit a public review or feedback, note that we may (at our discretion) store and present your review publicly, on our Sites and Services. If you wish to remove your public review, please contact us at [email protected]. If you choose to send others an email or message inviting them to use the Services, we may use the contact information you provide us to automatically send such invitation email or message on your behalf. Your name and email address may be included in the invitation email or message.
For the avoidance of doubt, Connecteam may share your personal data in additional manners, pursuant to your explicit approval, or if we are legally obligated to do so, or if we have successfully rendered such data non-personal and anonymous.
- International Transfer. We have an affiliate in the US, and we use subcontractors and service providers located in the EEA, the US, and Israel, who process and store Personal Data. We conduct such international transfers for the purposes described above. We ensure that any third parties based in a third country and receiving Personal Data are subject to written agreements ensuring the same level of privacy and data protection as set forth in this Privacy Notice.
4.1. Connecteam is headquartered in Israel, a jurisdiction which is considered by the European Commission, the UK Secretary of State, and the Swiss Federal Data Protection and Information Commissioner, to be offering an adequate level of protection for personal data of individuals residing in EU Member States, the UK and Switzerland, respectively. We transfer data from the EEA, the UK and Switzerland to Israel on this
4.2. Whenever we transfer your Personal Data to third parties based outside of the European Economic Area (“EEA“), the United Kingdom, and Switzerland to a third country which isn’t covered by an “adequacy decision” we ensure a similar degree of protection is afforded to it by signing specific contracts approved by the European Commission, the FDPIC and the UK Secretary of State, which give Personal Data the same protection it has in the EEA, Switzerland and the UK.
4.3. Please contact us at [email protected] if you would like further information on the specific mechanism used by us when transferring your Personal Data out of the EEA, Switzerland, and the UK.
- Security. We have implemented and maintain appropriate technical and organization security measures, policies and procedures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to Personal Data appropriate to the nature of such data. The measures we take include:
5.1. Safeguards – The physical, electronic, and procedural safeguards we employ to protect your Personal Data include secure servers, firewalls, antivirus, and SSL encryption of data.
5.2. Access Control – We dedicate efforts for a proper management of system entries and limit access only to authorized personnel on a need to know basis of least privilege rules, review permissions quarterly, and revoke access immediately after termination of our employees.
5.3. Internal Policies – We maintain and regularly review and update our privacy related and information security policies.
5.4. Personnel – We require new employees of ours to sign non-disclosure agreements according to applicable law and industry customary practice.
5.5. Encryption – We encrypt the data in transit using secure TLS/ SSL protocols.
5.6. Database Backup – Our databases are backed up on a periodic basis for certain data and are verified regularly. Backups are encrypted and stored within the production environment to preserve their confidentiality and integrity, are tested regularly to ensure availability, and are accessible only by authorized personnel.
While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee that our Sites, Apps, Platform, and Service will be immune from any malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse.
As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect user IDs and passwords, please take appropriate measures to protect this information.
- Your Rights – How to Access and Limit Our Use of Certain Personal Data. Subject to applicable law, and in some cases dependent upon the processing activity we are undertaking, you have certain rights in relation to your Personal Data as detailed below.
6.1. Right of Access. You have a right to know what Personal Data we collect about you and, in some cases, to have such Personal Data communicated to you. Subject to applicable law, we may charge you a fee for this access. Please note that we may not be able to provide you with all the information you request, and, in such case, we will endeavor to explain to you why.
6.2. Right to Data Portability. If the processing is based on your consent or performance of a contract with you and processing is being carried out by automated means, you may be entitled to (request that we) provide you or another party with a copy of the Personal Data you provided to us in a structured, commonly-used, and machine-readable format.
6.3. Right to Correct Personal Data. Subject to the limitations in applicable law, you may request that we update, complete, correct or delete inaccurate, incomplete, or outdated Personal Data.
6.4. Deletion of Personal Data (“Right to Be Forgotten”). Subject to applicable law,, you have a right to request that we delete your Personal Data if either: (i) it is no longer needed for the purpose for which it was collected, (ii) our processing was based on your consent and you have withdrawn your consent, (iii) you have successfully exercised your Right to Object (see below), (iv) processing was unlawful, or (iv) we are required to erase it in order to comply with a legal obligation. We cannot restore information once it has been deleted. Please note that to ensure that we do not collect any further Personal Data, you should also delete our App from your mobile devices, terminate your account with us, and clear our cookies from any device where you have used our Platform or an App. We may retain certain Personal Data (including following your request to delete) for audit and record-keeping purposes, or as otherwise permitted and/or required under applicable law.
6.5. Right to Restrict Processing. If you are an EU Individual, you can ask us to limit the processing of your Personal Data if either: (i) you have contested its accuracy and wish us to limit processing until this is verified; (ii) the processing is unlawful, but you do not wish us to erase the Personal Data; (iii) it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise, or defend of a legal claim; (iv) you have exercised your Right to Object (below) and we are in the process of verifying our legitimate grounds for processing. We may continue to use your Personal Data after a restriction request under certain circumstances.
6.6. Right to Object. If you are an EU Individual, you can object to any processing of your Personal Data which has our legitimate interests as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
6.7. Withdrawal of Consent. You may withdraw your consent in connection with any processing of your Personal Data based on previously granted consent. This will not affect the lawfulness of any processing prior to such withdrawal.
6.8. Right to Lodge a Complaint with Your Local Supervisory Authority. You may have the right to submit a complaint to the relevant supervisory data protection authority if you have any concerns about how we are processing your Personal Data, though we ask that as a courtesy you please attempt to resolve any issues with us first.
6.9. Right to equal services and prices. If you are a California resident, you have the right not to be discriminated against when you exercise your privacy rights.
We will investigate and attempt to resolve complaints and disputes and make every reasonable effort to honor your wish to exercise your rights as quickly as possible and, in any event, within
the timescales provided by applicable data protection laws. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any information and/or comply with any of your requests, which may include asking you to sign into your account in the Services. If you are an Employee, for any requests to exercise such rights with respect to information we hold about you, please contact the applicable Customer directly.
- Data Retention
7.1. Subject to applicable law, we retain Personal Data as necessary to maintain and expand our relationship and provide you with our Services and offerings; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (i.e. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), all in accordance with our data retention policy and at our reasonable discretion. We may delete information from our systems without notice to you once we deem it is no longer necessary for these purposes.
7.2. In some circumstances, we may store your Personal Data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax, audit, accounting requirements and so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your Personal Data or dealings. To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data, and whether those purposes can be achieved through other means, as well as applicable legal requirements.
7.3. With respect to data within our Services for which we serve as data processors (see “Materials you Upload” in section 1.2.4 above), we will retain that data for as long as directed by the applicable Customer. For example, a Customer may choose to archive Personal Data within the Platform of Employees who have been terminated, in which case such archived data will be retained until deleted by the Customer. If you have any questions regarding such Personal Data, please contact the relevant Customer directly.
7.4. Please contact us at [email protected] if you have any questions regarding our data retention periods.
8.1. What are Cookies? A cookie is a small piece of text that is sent to a user’s browser or device. The browser provides this piece of text to the device of the originating user when this user returns. Some cookies are removed when you close your browser session. These are the “Session Cookies”. Some last for longer periods and are called
“Persistent Cookies”. We use both types.
8.3. We and/or our service providers use analytics tools, including “Google Analytics” to collect and analyze information about the use of the Site and/or Services, such as how often users visit the Site, what pages they visit when they do so, and what other sites and mobile applications they used prior to visiting the Site. By analyzing the information we receive, we may compile statistical information across a variety of platforms and users, which helps us improve our Site and Services, understand trends and customer needs and consider new products and services, and tailor existing products and services to customer desires. The information we collect is anonymous and aggregated and we will not link it to any Personal Data. We may share such anonymous information with our partners, without restriction, on commercial terms that we can determine in our sole discretion. You can find more information about how Google collects information and how you can control such use at https://policies.google.com/technologies/partner-sites.
- Third-Party Applications and Services. All use of third-party applications or services is at your own risk and subject to such third party’s terms and privacy policies.
- California Requirements. This Privacy Notice describes the categories of personal information we may collect and the sources of such information (in Section 1 above), and our deletion and retention (Section 7) practices. We also included information about how we may process your Personal Information (in Sections 1 & 2), which includes for “business purposes” under the California Consumer Privacy Act (CCPA). We do not sell your personal information for the intents and purposes of CCPA. We may disclose Personal Data to third parties or allow them to collect personal data from our Services as described in Section 3 above, if those third parties are service providers or partners who have agreed to our contractual limitations as to their retention, use, and disclosure of such Personal Data, or if you integrate the services of third parties with our Services, or direct us to disclose your Personal Data to third parties, or as otherwise described in Section 3 above.
11.1. Certain data protection laws and regulations, such as the GDPR or the CCPA, typically distinguish between two main roles for parties processing personal data: the “data controller” (or under the CCPA, “Business”), who determines the purposes and means of processing; and the “data processor” (or under the CCPA, “Services Provider”), who processes such data on behalf of the data controller (or business). Below we explain how these roles apply to our Services.
11.3. Connecteam is the “data processor” of: (1) Materials Uploaded by Users, (2) Employees’ Registration Data, and (3) Geo-Location Data, as submitted by our Customers and their Users to the Services, or automatically collected by our Services during the use of our Services by said Users. We process such data on behalf of our Customer (who is the “data controller” of such data) and in accordance with its reasonable instructions, subject to our Terms, our Data Processing Addendum (to the extent applicable) and other commercial agreements with such Customer.
11.4. Our Customers are solely responsible for determining whether and how they wish to use our Services, and for ensuring that all individuals using the Services on the Customer’s behalf or at their request, as well as all individuals whose Personal Data may be included in the Services, have been provided with adequate notice and given informed consent to the processing of their Personal Data, where such consent is necessary or advised, and that all legal requirements applicable to the collection, use or other processing of data through our Services are fully met by the Customer. Our Customers are also responsible for handling data subject requests under applicable law, by their Users and other individuals whose data they process through the Services.
11.5. If you would like to make any requests or queries regarding Personal Data we process as a data processor on our Customer’s behalf, including accessing, correcting or deleting your data, please contact the Customer’s Account Owner or Administrator directly.
- Children. We do not knowingly collect Personal Data from children under the age of sixteen (16). In the event that you become aware that an individual under the age of sixteen (16) has enrolled without parental permission, please advise us immediately.
- Changes to the Privacy Notice. We may update this Privacy Notice from time to time to keep it up to date with legal requirements and the way we operate our business, and we will place any updates on this webpage. Please check this page regularly to make sure you are familiar with the latest version. If we make material changes to this Privacy Notice, we will seek to inform you by notice on our Site or by email.
- Comments and Questions. If you have any comments or questions about this Privacy Notice or if you wish to exercise any of your legal rights as set out herein, please contact us at [email protected].
- DPO. We have appointed a data protection officer (DPO) who is responsible for overseeing our privacy and data protection practices. If you have any comments or questions about this Privacy Notice, or if you wish to exercise any of your legal rights as set out herein, please contact using the details set out below:
Email address: [email protected]
Last updated: February 5, 2023