Staffbeat

Privacy Policy

About Us

Who Are We?
We are Staffbeat ApS, also known as “Staffbeat.” We are a global software company offering a hosted software-as-a-service (SaaS) solution, the Staffbeat Platform, designed for employee engagement. This platform is accessible via the internet or our mobile application.
Staffbeat ApS acts as the Data Controller for Personal Data under the EU’s General Data Protection Regulation (GDPR). Our registered office is located at Staffbeat ApS, Frydenlund 30, 2950 Vedbæk, Denmark.

For any enquiries regarding this policy, please contact us at info@staffbeat.net.

Scope of Our Privacy Policy

This Privacy Policy applies to the Staffbeat Platform https://staffbeat.app, our website at www.staffbeat.net, and other interactions (e.g., customer service enquiries, user conferences) collectively referred to as the “Services.” It includes any related software, tools, and services provided in connection with the Staffbeat Platform or the Website.

This policy does not cover third-party applications or software accessible through or integrated with the Staffbeat Platform or other third-party products, services, or businesses (“Third-Party Services”).

Your access to and use of the Services are governed by the Master Subscription Agreement (MSA). The organisation that entered into the MSA controls the use of the Services and any associated Customer Personal Data, as defined in the Data Processing Agreement (DPA).

“Personal Data” refers to any information related to an identified or identifiable natural person.

The Services are not intended for children, and we do not knowingly collect data concerning children.

How We Collect Personal Data

Visiting Our Website
While visiting our website, we may collect:

  • Device identifiers such as your IP address.
  • The domain name of the website that directed you to our site.
  • The number of times you visit and the average time spent on each page.
  • Pages you viewed on our Website.
  • Contact details provided through referral forms, under the user’s responsibility.
  • Cookie information, detailed in our Cookie Policy, including opt-out options.

Do Not Track Disclosure: We do not honour Do Not Track (“DNT”) signals from web browsers. However, you may disable certain tracking, for example, by disabling cookies as outlined in our Cookie Policy.

Clear GIFs, Pixel Tags, and Other Technologies: We use clear GIFs (web beacons), pixel tags, and other technologies to track user activities, manage content, and compile usage statistics. These tools are used in HTML emails to monitor response rates, identify when our emails are viewed, and track forwarded emails.

Log Files: Browsers collect information such as IP addresses, device type, screen resolution, operating system, and browser type automatically, stored in log files.

Third-Party Analytics: We use automated devices and applications like Google Analytics to evaluate site and service usage. These tools may use cookies and other technologies. The information they collect about you may be combined with other data for broader analysis. Adjust your cookie settings to manage third-party analytics preferences.

Using the Services

When our Customers engage us to provide our Services, we collect and process personal data for valid business reasons. This includes data from individuals not directly our clients, such as the Customer’s employees:

  • Contact information, including names and email addresses.
  • Usernames from other sites or platforms.
  • Device information, including type, operating system, settings, application IDs, unique identifiers, and crash data.
  • Location information from business addresses or IP addresses, with consent provided by your device.
  • Contact Information from imported sources like address books, with user consent.
  • Third-Party Data from various sources to enhance our understanding and use of information, including aggregate data like IP addresses corresponding to postcodes or specific data like marketing campaign performance.

Staffbeat generates metadata to enhance our Services, tracking interactions with workspaces, channels, people, content, links, and Third-Party Services.

Failure to provide required Personal Data as mandated by law or the Master Subscription Agreement may affect our ability to deliver Services.

Attending Professional Events

We collect contact information such as names, mailing addresses, phone numbers, email addresses, and contact preferences.

Accessing Third-Party Services

We collect:

  • Contact information like names and email addresses.
  • Usernames from other platforms.
  • Additional information made available by the third party for integration.
  • Any other information made public or shared with authorised users of Third-Party Services.

Other Data Collection Activities

We receive additional information through various means such as focus groups, contests, events, job applications, educational programmes, support requests, social media interactions, and other communications.

Requesting Marketing Materials

We collect:

  • Contact information like names, mailing addresses, phone numbers, email addresses, and contact preferences.
  • Login information including account numbers and passwords.
  • Marketing preferences and social media account details.

Recruitment

When applying for a job, we collect:

  • Resumes or CVs, identification documents, academic records, work history, employment information, and references.
  • Depending on the location, data may be sourced from you, recruitment agencies, online sources (e.g., LinkedIn), or through background screening.

Employees and External Resources

For our employees and external resources, we collect:

  • Data from recruitment processes.
  • Employee data like identity, contact information, employment and education details, marketing materials, e-meeting recordings, email archives, and corporate IT tool contents.
  • Emergency contact details.
  • Technical data from our website, premises, or services.
  • Special category data for ensuring an equal and accessible working environment, health status, legal requirements (e.g., COVID certificates), and sensitive personally identifiable information as per privacy laws.

We process your personal data to manage employment contracts, develop training opportunities, organise events, manage business activities, ensure safety, and care for our employees’ welfare. Some tools may scan elements of our employees’ corporate IT tools, and platforms may process some of the mentioned personal data to improve the employee experience.

Purposes for Using Your Personal Data

We use the Personal Data collected from you for several essential purposes:

  • To provide, update, maintain, and protect our services and website. This includes using information to support the delivery of Services under the Master Subscription Agreement, addressing service errors, security or technical issues, and analysing usage, trends, and activities at a user’s request.
  • To optimise the website and enhance user experience. We aim to ensure the Website’s content is presented efficiently and use data for troubleshooting, data analysis, testing, research, and statistical purposes.
  • To develop and improve search, learning, and productivity tools. Our goal is to make the Services as useful as possible. For instance, enhancing search functionality with Personal Data to rank content relevance, making suggestions based on historical use and predictive models, or identifying trends to customise the Service experience and create new features.
  • To communicate with you. We send Service-related, technical, and administrative communications, which are essential to the Services and cannot be opted out of. We also inform you about changes in our Services, offerings, and important notices like security and privacy updates.
  • To market our products and services. We send emails (including newsletters) about new features, promotions, and other news. These are marketing messages, and you have the option to manage preferences or opt-out through links in these messages.
  • To organise events. We occasionally host events for our Customers, employees, and prospects to enhance engagement and networking.
  • For security reasons. We strive to provide robust security when you use our Website and Services, ensuring a safe and secure experience.
  • For billing, account management, and administrative matters. Personal Data is used for invoicing, account management, and to keep track of billing and payments.
  • To comply with legal or contractual obligations. We use Personal Data to identify Website visitors, fulfil contracts, and respond to legal requests for information, including for account authentication and enforcement of our rights.
  • To prevent fraud and illegal activities. We utilise Personal Data to detect, prevent, and respond to fraud, abuse, misuse, or illegal activities involving our Services.

Failure to provide required Personal Data may prevent us from fulfilling these purposes.

Disclosure of Your Personal Data

We may share your Personal Data with various parties to enhance our Services and fulfil our commitments as follows:

  • To our partners and affiliates. We share Personal Data with our partners (such as marketing, education, distribution, and reseller partners, online marketplaces, data hosting providers, and other service providers) and affiliated Staffbeat companies. These parties assist us in functions like data analysis, data hosting, customer support, educational course delivery related to our products, and executing online and offline marketing communications.
  • For legal and regulatory compliance. We disclose Personal Data when legally required, such as in response to court orders, subpoenas, or other legal processes. Additionally, we share information when we believe it is necessary to protect our rights, ensure your safety or the safety of others, investigate fraud, or respond to a government or regulatory request.
  • Within related Staffbeat entities. We share Personal Data with related Staffbeat entities to facilitate customer support, marketing, technical operations, and account management.
  • To buyers or successors. In the event of a merger, sale, or transfer of some or all of Staffbeat’s assets, we may transfer Personal Data to the acquiring parties or other successors.

Third parties with whom we share Personal Data are bound by applicable data privacy laws and/or confidentiality agreements that protect the integrity and privacy of the shared information.

Legal Bases for Processing Your Personal Data

In specific jurisdictions, our processing of Personal Data is contingent upon having a lawful basis. The legal foundations for the processing activities described are as follows:

  • Performance of the Contract. We process Personal Data to fulfil the services you have requested. For instance, using your contact information to deliver requested information falls under this category.
  • Legitimate Interests. We process Personal Data when it aligns with our legitimate interests, which do not outweigh your privacy rights. This includes situations like fraud prevention, where our legitimate interest is in ensuring the proper use of our services and products, or collecting business analytics data to enhance our business, services, and offerings.
  • Consent. In certain cases, we only process your Personal Data with your explicit consent.
  • Legal Obligation. We may collect, process, and share Personal Data due to legal obligations. For instance, if we are compelled by a valid legal process, we must comply by providing the necessary information.

Your Rights Under GDPR

Under the GDPR, if you are in a jurisdiction where these regulations apply, you may have specific rights that you can exercise under certain circumstances. These rights include:

  • Right of Access/Right to Know/Right to Data Portability. You have the right to request details about the Personal Data we collect, use, or share about you, as well as information about our data privacy practices.
  • Right of Erasure/Deletion. You can request the deletion of the Personal Data that we have collected from or about you.
  • Right to Object. You have the right to object to or opt out of specific processing activities involving your Personal Data.
  • Right to Rectification. You are entitled to update or correct any incomplete or inaccurate Personal Data that we hold about you.
  • Right to Non-Discrimination. We will not discriminate against you for exercising any of your GDPR rights.
  • Right to Lodge a Complaint. Under GDPR, you have the right to lodge a complaint with an appropriate data protection authority if you believe there are issues with how we process your Personal Data.

To ensure the security, confidentiality, and integrity of your Personal Data, we may require verification of your identity before processing your request. This verification may involve collecting additional information, such as a government-issued ID.

Safeguarding Your Personal Data

We take the security of your Personal Data very seriously and are committed to protecting it from loss, misuse, unauthorised access, or disclosure. We do not engage in the sale of personal data or information. The Personal Data or Information collected through our website or as a result of using our products and services is processed solely for those purposes or any other purposes to which you have consented.

Retention of Your Personal Data

We retain Personal Data pertaining to you for as long as necessary to fulfil the purposes outlined in this Privacy Policy. This includes maintaining your Personal Data for the time required to pursue legitimate business interests, conduct audits, comply with legal obligations, resolve disputes, and enforce our agreements.

Regarding Personal Data collected while using our services, we retain such data in accordance with our Customer’s instructions, including any applicable terms in the Master Subscription Agreement, and as required by applicable law. The deletion of Customer Data and other uses of the Services by the Customer may result in the deletion and/or de-identification of certain associated information.

International Data Transfers

As a global organisation, we may need to transfer Personal Data to, or allow it to be accessed by, our Staffbeat entities worldwide.

For transfers of Personal Data collected in the European Economic Area to third countries lacking the same level of data protection as European law, we utilise the EU’s approved Standard Contractual Clauses (“SCCs”).

Links to Third-Party Websites

Our Website may include links to other websites for additional information and convenience. Staffbeat does not control, endorse, or make representations about these third-party websites and is not responsible for their privacy practices.

Updates to This Privacy Policy

We reserve the right to modify this privacy policy at any time, reflecting changes in our operations, services, or applicable law. These changes become effective immediately for new users and for existing users through continued use of the services after the change date. For minor updates, we will revise the latest version available on our systems. For material or significant changes, we will take additional steps to inform you, as required by law (e.g., posting notice of the changes on the website). Regularly reviewing our website is advisable to stay informed.

This privacy policy was last updated on 21 May 2024.

Book A Demo

We look forward to giving you a demo of Staffbeat. To make it as relevant and targeted as possible, please answer the following questions, if possible: