Last Updated: Apr 15th, 2020
Please review the following text to understand our protocol with regards to Personal Data and how we treat it. By visiting https://fellow.app or installing our Bot, you are providing your acceptance and consent to practices outlined here.
When we refer to “Users”, we are referring to both individual users (“Individual Users”) and Organizational users that hold an Account on the Site or have installed the Bot. The Services allow Users the opportunity to track and take notes on 1:1s and other meetings, exchange feedback, track goals/priorities and other items as they relate to working together. In the event that an Organization purchases a subscription to the Services, they will have access to aggregate reporting relating to usage of the Services by Users and other related analytics associated with their Organization. By default, Organizations will not have access to the content of Notes or Feedback Messages of Users who create this content. If an Organization’s policies require access to this data, then Fellow will comply. It is your responsibility to read and understand your Organization’s internal privacy policies.
- “Notes” refers to any content written in relation to interactions that Users have with other Users (whether in a 1:1 or group setting).
- “Feedback Messages” include the related messages that are exchanged by Users in the process of requesting or giving feedback.
- “Organization” refers to the entity that entered into a subscription agreement with Fellow and that you provided to us when you created an Account with Fellow (or that we otherwise retrieve during the signup process). The Organization will generally be your employer, or a subsection of your employer (i.e. department).
- “Personal Data” means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession), and any information about the individual associated with that information.
- “Work Network” is the group of employees, contractors or other authorized Users at your Organization.
To: Privacy Department
111 Albert St, Suite 300, Ottawa ON K1P 1A5
Children under 13
Fellow does not knowingly offer its Services to children who are under 13 years of age. If we become aware of usage of its services by individuals in this age group, we will attempt to delete all related information immediately. If you have any information related to such usage, please report it to us at firstname.lastname@example.org
General Data Protection Regulation (GDPR) Compliance
When we process data on behalf of Organizations under an agreement with that Organization, Fellow is acting as the “data processor” and the Organization is the “data controller”.
Residents of the European Economic Area (“EEA”) have certain data protection rights under applicable laws (including under the GDPR), including the right to request access to, obtain, correct, amend, delete, or limit the use of your personal data. Individual Users who wish to exercise these rights, should contact Fellow using the contact information. In circumstances where Fellow is a data processor and the Organization is the data controller, Individuals may be required to contact the Organization to avail themselves of such rights.
Data transferred from the European Economic Area to Fellow or a Sub-Processor shall be in accordance with approved international transfer mechanisms under applicable law.
We take security seriously and have the necessary measures in place to protect and secure your data. No security system is perfect though and for this reason while we cannot guarantee the impenetrability of our systems, we do treat the protection of your data and security with the highest priority.
Types of Data We Collect
When using our Services, we collect information from you – some of which is considered “Personal Data” and can be used to identify you and some of which is “Anonymous Data” which is not linked in any identifiable individual. In the following sections, we will outline the details of what we collect and how:
Information You Provide
When you sign up, we create an account for you on our servers (“Account”) to access our Services. We will store information such as your first name, last name, job title, department and email address.
Fellow’s primary objective is to help you manage your work relationships through the logging of discussions, feedback, goals/priorities and more with others that you work with (whether individually or in groups). Fellow also offers smart suggestions on what actions you may want to take in order to optimize these relationships (for example, “you should ask for feedback from someone in particular”). In order to provide such suggestions, we need to compute a “work-graph” that will give us insights into the people that you work with and how often you work with them. In order to offer these Services, we require access to the following information:
- Slack (applicable if you or your organization have installed our Slack bot): Information about the users in your Slack account and the individuals you interact with most often. In particular, If Slack is connected: Slack Avatars, Slack Team Names, Slack Channel Membership, Communications within the @Fellow bot and metadata derived from such communications and Slack Tokens. We do NOT request access to the content of your direct messages (“DMs”) or the content of your private channels.
- Calendar (applicable if you connect your calendar): We access data about the events that you participate in such as organizer, title, attendees and optional attendees (names and emails), date, time, duration, calendar resources (meeting rooms) and recurrence of events.
Once you sign up, we may ask you more information including your job title, department, who your manager is and whether you have a 1on1 with this manager and which calendar event this corresponds to. We also provide the opportunity for you to invite other individuals into the platform so that you may collaborate with them (in order to invite others, we may will ask you for some further information about those Users including their name, email address and reporting relationship with you).
The main interactions with Fellow will be both through the Bot and on our Platform. Users on the system will be able to collaborate on notes in relation to 1:1 and group meetings, goals/priorities and request feedback from one another and provide feedback to each other. The content created by these Users will be stored and accessible through the Services. This information is by default only accessible to Users who were part of the interactions and is not accessible by managers of the company (unless those that were part of the feedback interactions explicitly share such feedback with others such as managers). Metadata about the interactions (such as stats on usage) will be available to managers. The only exception to this rule will be if the policies of the Organization require us to share this information upon request from the Organization.
Information Collected through Systems
Our servers (hosted by Amazon Web Services) collect information including the type of browser and O/S you use, your IP Address, domain name and the timing / duration of your visit to our Site. This information is collected to make our Services more useful to you.
We record some information from your interactions with our Services automatically in our logs. This data includes IP addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data. This information is used to analyze trends and usage patterns all in an effort to better tailor our Services to your needs.
We use “cookies” to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a Web server. Cookies are not used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a Web server in the domain that issued the cookie to you. One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you personalize pages on our Websites, or register for the Services, a cookie helps us to recall your specific information on subsequent visits. When you return to the same Website, the information you previously provided can be retrieved, so you can easily use the customized features.
You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Fellow Services when you visit. Fellow keeps track of the pages you visit within Fellow, in order to determine what portion of the Fellow Services is the most popular or most used. This data is used to deliver customized content and promotions within the Fellow Services to customers whose behavior indicates that they are interested in a particular subject area.
We use “Clear Gifs” also known as “Pixel Tags” similar to cookies to track the usage of our Services by Users. These “Clear Gifs” are effectively transparent images that allow us to glean some information about said usage. An example common use case is to use this technology to understand the open-rate of emails that we send to you. Ultimately, like cookies, we use this tool as another method to customize our offerings for our customers.
Information Collected from Others
By connecting to Slack and Calendar as mentioned earlier in this document, we will be able to determine who works with whom with your organization so as to offer you smart suggestions on how to improve your working relationships with people in your network.
Information Collected from Your Organization
If your Organization becomes a customer of ours, we will create accounts for your usage of our Services. We may obtain from your Organization information about you such as your name, email address, title, department and reporting relationships.
We collect names, email addresses and other business contact information about individuals who represent our customers as well as individuals who we consider to be prospective customers and business partners (“Prospects”). We use the information to contact Prospects with information about Fellow products and services.
Use of Your Personal Data
In general, we use the Personal Data we have about you to offer you a more tailored experience and to respond to any requests you send us in a more comprehensive fashion. We use this data in the following ways:
- Allow for the creation of your account.
- Identify you on our system and keep track of the Work Network you are involved in.
- Improve the Services that we offer you and provide a more tailored experience.
- Respond to the requests that you send us.
- Send you messages (via Slack and Email and our Web Application) that relate to your usage of our system or security and administrative messages.
- Send you smart suggestions and feedback received from others in your Work Network.
- Send you communication request for the purpose of improving our Services (i.e. request for phone call, completion of a survey).
- Send marketing related messages to our Services with your consent (from which you will be able to unsubscribe).
- To Send you other notifications that relate to your usage of the system (for example, the fact that you have some pending feedback requests or if you have some unviewed feedback).
We use anonymized data retrieved from our database (i.e. where personally identifiable information has been obfuscated) in order to create analytics that will help us surmise how to improve our Service. Some of the reports created with this anonymized data may be share with your Organization so that they can understand the overall usage of our product by their employees/constituents.
Disclosure of Personal Information
Disclosures of your Personal Data are described as below
Designated 3rd Parties
We will share your Personal Data with parties that you have already consented to share information with such as your Organization and those in your Work Network. For example, feedback that you exchange with other Users in your Work Network will be viewed by them.
Third Party Service Providers
We use a set of third parties as part of our system in order to offer you the Services that we do. Examples include analytics services (as described previously) and email service providers. Service Providers who process Personal Data on our behalf are considered Sub-Processors.
Disclosure to Organization
In the event that your Organization becomes a customer of our Services, we will share information about your account related to usage statistics (such as number of feedback exchanges and with whom these exchanges happened) but will not share the content of the feedback exchanged. Your organization may have specific policies in place regarding how Personal Data is shared to which we will have to comply.
If our business (or substantially all of our assets) are acquired by a third party, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Data may be made available or otherwise transferred to the new controlling entity, where permitted under applicable law.
In certain situations, we may receive a demand to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Fellow may disclose your Personal Data (a) to any governmental authority as part of an investigation to determine our compliance with any applicable law, rule, or regulation (including privacy laws, rules, and regulations), (b) in response to a court order, subpoena, discovery request, or other lawful judicial or administrative proceeding, (c) as otherwise required under any applicable law, rule, or regulation, and (d) in good faith, to defend the rights or property of Fellow and other Users and (e) if Fellow is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your Personal Data, as well as any choices you may have regarding your Personal Data.
Third Party Websites
Sensitive Personal Data
If you provide us with sensitive information in the course of interacting with the system, we will only use sensitive information for the purpose of storing and processing it as part of our Services. Sensitive information may include information about you such as racial or ethnic origin, religious beliefs, political affiliation, sexual preferences and criminal records, as well as health and genetic information about you. If you do not consent to the processing and storing of your sensitive information, it is therefore important that it not be submitted to us in the course of your usage.
Options Considering Personal Data
We describe some of the changes and options available to you on Personal Data below:
You may unsubscribe from our marketing communications by clicking on the “unsubscribe” link located on the bottom of our e-mails, or by sending us email us at email@example.com. Customers cannot opt out of receiving transactional emails related to their account with us or the Services.
If you do not want to accept Cookies from our site, you may change your browser settings to not accept cookies. If you do not accept these cookies, you may not be able to use our Site and Services to the fullest extent.
Access, Modification or Deletion of Your Data
You may contact us at firstname.lastname@example.org in order to request a copy, change or delete any Personal Data that we have on file for your Account. Please note that feedback exchanged cannot be deleted as it involves more than one party. As an Organizational customer, you may request the deletion of your entire Account (and all individual Users within that account). We will delete this information within 15 days of your request. Your information may stay on our backup servers for up to an additional 30 days but will no longer be present thereafter.
Residents of the European Economic Area (“EEA”) have additional data protection rights under applicable laws (including under the General Data Protection Regulation), including the right to request access to, obtain, correct, amend, delete, or limit the use of your personal data. Individual Users who wish to exercise these rights, should contact Fellow using the contact information. In circumstances where Fellow is a data processor and the Organization is the data controller, Individuals may be required to contact the Organization to avail themselves of such rights.
We retain Personal Data that you provide us as long as we consider it necessary for the purpose it was collected, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements, and then we securely delete the information. We will delete this information from the servers at an earlier date if you so request, as described above. If a customer terminates its use of the Services, we will, unless legally prohibited, delete all customer information, including your Personal Data, from the Services.