Date of Update: June 12, 2024
Intenseye provides AI based occupational health and safety solutions to its customers. It is Intenseye’s policy to respect your privacy regarding any information we may collect from you across our Website and Software. This Privacy Policy (“Policy”) has been prepared to inform you about the personal data collected from you through the Website and Software, purposes and legal bases for processing your personal data, transfer of your personal data, and your rights regarding your personal data under the applicable law.
1. Definitions
"Cookie Policy” means the document presented in our Website and Software regarding the data processing we conduct via cookies.
“Data controller” means a natural or legal person that determines the purposes and means of the personal data processing.
“Data processing” or simply “processing” means any activity relating to the use of personal data, including collection, retention, transfer, and disposal.
“Data processor” means a natural or legal person which processes personal data on behalf of the data controller.
“Data subject” means the person whose personal data is being processed.
“EU” means the European Union.
“GDPR” means Regulation (EU) 2016/679.
“CCPA” means California Consumer Privacy Act.
“Intenseye” means Intenseye Inc. or Intenseye GmbH.
“Personal data” means any information which relates to an identifiable natural person.
“Software” means the AI-powered image processing based workplace safety and security software application that has been developed and owned by Intenseye or applications and any third-party or other software, and all new versions, updates, revisions, improvements, and modifications of the foregoing, that Intenseye provides remote access to and use of as part of the Intenseye services.
“Website” means the Intenseye website with the domain name https://www.intenseye.com.
2. Principles for processing
Intenseye processes your personal data in accordance with the principles given below:
- Lawfulness, transparency and fairness: We process your personal data in full compliance with the law, in a manner that can be reasonably expected and take care to be fully transparent to you, data subjects on our processing activities.
- Purpose limitation: We only process your personal data for the specific reasons we collect your data as stated in this Policy.
- Data minimization: We take care to not process any personal data that we do not need.
- Accuracy: We take measures to make sure that the personal data we collect is adequate and accurate.
- Storage limitation: We only store your personal data for the duration necessary to accomplish the reason of our processing or the duration specified in the relevant laws.
- Confidentiality and integrity: We make sure your personal data is kept confidential and secure, that access to your data is limited to the persons who need to access it to fulfill the purposes stated in this Policy, and measures are taken to prevent unlawful processing and data loss, destruction or damage.
3. Personal data we collect
3.1. Data we collect as the data controller:
The data controller means the natural or legal person who determines the purposes and means of data processing. As Intenseye, we act as a data controller when processing your personal data below.
DISCLAIMER: Please be informed that Intenseye, Inc. and Intenseye GmbH. are not “joint controllers” under GDPR, as there is no oral or written agreement between these parties regarding the purposes and methods of data processing, and each mentioned party acts as an independent data controller with regards to their customers. If you wish to exercise your rights under this Policy, the liable entity will be determined by your location, your transactions and the contract (if any) you have entered into with that entity. If you have any hesitation in this regard, you can contact us through the communication channels we have provided in this Policy.
A. Data from your use of Website:
i. Personal data you provide to us
- Data collected for newsletter: To send you newsletters about our products, services and other activities, we collect your e-mail data.
- Data collected from our designated contact e-mail accounts: In our “Contact” page we list e-mail addresses, based on the subject of your application, to conduct our support services. If you choose to send an e-mail to those addresses, we collect your e-mail address along with any additional information you may choose to submit to us.
- Data collected from potential customers: From visitors who apply for a demo, we may collect personal data such as name, surname, work e-mail, work position, company industry, location, the products/services requested and any additional information you may choose to submit.
- Data collected from potential employees: From visitors who apply to a job posting in our “Careers” section, we may collect personal data such as your name and surname, e-mail address, phone number, current employer, location, data you included in your resume/CV if you submit it, LinkedIn profile and other website links you may provide, and additional information you may choose to submit.
- Data collected from potential partners: From visitors who apply for potential partnership with Intenseye in our “Partner with us” section, we may collect personal data such as your name, surname, company name, location and additional information you may choose to submit.
ii. Personal data we collect automatically
- Log data: When you visit our Website, our servers may automatically log the standard data provided by your web browser. It may include your computer’s Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details.
- Device data: We may also collect data about the device you’re using to access our Website. This data may include the device type, operating system, unique device identifiers, device settings, and geo-location data. What we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us.
- Cookies: We use “cookies” to collect information about you and your activity across our Website. A cookie is a small piece of data that our website stores on your computer, and accesses each time you visit, so we can understand how you use our Website. This helps us serve you content based on preferences you have specified.
B. Data from your use of the Software
i. Personal data you provide to us
- Data collected for registration / log-in to the Software: We collect name, surname, e-mail address and photo data of our users to ensure access to the Software and open your personal account.
- Data regarding the use of the Software: We collect the data on the use of the Software, such as which modules are used and location of the customer’s facilities.
- Data collected for support services: We collect your e-mail address along with any additional information you may choose to submit to us to provide support regarding the Software, including your requests and complaints regarding the software.
- Service notifications: If you choose, we use your e-mail and phone number data to send you notifications regarding the use of Software, such as non-compliant situation alerts in your facilities.
ii. Personal data we collect automatically
- Log data: When you use our Software, our servers may automatically log the standard data provided by your web browser. It may include your computer’s Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details.
- Device data: We may also collect data about the device you’re using to access our Software. This data may include the device type, operating system, unique device identifiers, device settings, and geo-location data. What we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us.
- Cookies: We use “cookies” to collect information about you and your activity across our online Software. A cookie is a small piece of data that our website stores on your computer, and accesses each time you visit, so we can understand how you use our Software. This helps us serve you content based on preferences you have specified.
3.2 Data we collect as the data processor during your use of Software:
Data processor is defined as natural or legal persons outside the organization of the data controller who process personal data on behalf of the data controller based on the authorization granted by the data controller.
The Software is an occupational health and safety platform based on artificial intelligence and image processing. Thus, as Intenseye, during the data processing specified below, we can process personal data on behalf of our customers as a data processor based on the authorization given by our customers and in accordance with the purpose of helping our customers ensure occupational health and safety and fulfilling our contractual obligations, within the periods specified by our customers, without the opportunity to directly reach the relevant persons, within a system where our customers can unilaterally prevent our data processing at any time.
In this context, we process non-biometric images (visual data) obtained as a result of camera recordings taken by our customers and transferred to Intenseye by our customers.
During such visual data processing, we do not continuously record camera footage of our customers and we do not perform any tracking or data processing activities in addition to the camera monitoring activities carried out by our customers. We only give warnings through the Software if the Software detects an erroneous or dangerous situation in terms of occupational health and safety in the image processed through the cameras available at its customers' facilities. If there is no faulty or dangerous situation in terms of occupational health and safety in the processed image, the analyzed video frame is deleted and not stored on Intenseye servers. Only in case of faulty or hazardous situations or to increase the accuracy rates of artificial intelligence, data is collected from the selected camera for labeling and model training purposes and the images are saved.
In all the images on the Software, human faces are completely blurred/masked and pseudonymized.
DISCLAIMER: We provide our services by connecting to cameras already located on our customers' facilities and act as a data processor on behalf of our customers. Thus, it is not possible for us to fulfill the clarification obligation for data processing activities under the applicable law directly to the data subjects (employees). Our customers may need to add "ensuring occupational health and safety" or any other statement they deem appropriate among the data processing purposes stated in their existing clarification texts regarding camera surveillance activities.
4. Legal bases for processing
We collect and process your personal data only when we have legal bases for doing so under the applicable law.
In cases where we are the data controller; we process your personal data based on the following legal reasons:
4.1. For the Website; we depend on the following legal bases for processing:
4.2. For the Software; we depend on the following legal bases for processing:
Where you consent to our use of your personal data for a specific purpose, you have the right to change your mind at any time (but this will not affect any processing that has already taken place).
5. Collection and use of information
We may collect, hold, use and disclose personal data for the following purposes and personal data will not be further processed in a manner that is incompatible with these purposes:
5.1. For the Website:
- • To enable you to customize or personalize your experience of our Website,
• To enable you to access and use our Website, associated applications and associated social media platforms,
• To contact and communicate with you,
• To consider your demo/sales application,
• To conduct our support services,
• For internal record keeping and administrative purposes,
• To be able to provide internal and external audit and to provide information/documents to authorized institutions and organizations,
• For analytics, market research and business development, including to operate and improve our Website, associated applications and associated social media platforms,
• To offer additional benefits to you,
• For advertising and marketing, including to send you promotional information about our products and services and information about third parties that we consider may be of interest to you,
• To comply with our legal obligations and resolve any disputes that we may have,
• To consider your partnership application and/or
• To consider your employment application.
5.1. For the Software:
- • To be able to fulfill the requirements of our services provided via our Software,
• To be able to carry out sales and after-sales services for Software,
• To manage requests and complaints regarding the Software,
• To conduct our support services,
• To increase the accuracy rates of artificial intelligence,
• For analytics, market research and business development, including to operate and improve our Website, associated applications and associated social media platforms,
• For advertising and marketing, including to send you promotional information about our products and services and information about third parties that we consider may be of interest to you,
• To comply with our legal obligations and resolve any disputes that we may have,
• For internal record keeping and administrative purposes, and/or
• To be able to provide internal and external audits and to provide information/documents to authorized institutions and organizations.
6. Retention
We don’t keep personal data for longer than is necessary. In order to provide our services and fulfill our contractual obligations to you, we retain your personal data for a minimum period of thirty (30) days.
You are free to change the retention period for different data categories via our Software or by contacting us directly, provided that such retention period remains higher than thirty (30) days. Please note that any change to retention period will not be applicable for data acquired by Intenseye before the date of change. Your right to request the erasure of your data under applicable law is always reserved.
If necessary, we may retain your personal data for our compliance with a legal obligation or to protect your vital interests or the vital interests of another natural person.
7. Disclosure of personal data to third parties
We do not sell, trade, or otherwise transfer your personal data like phone number to third parties/affiliates/business partners. We may disclose personal data to:
- • Third party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, hosting and server providers, ad networks, analytics, error loggers, maintenance or problem-solving providers, marketing or advertising providers, professional advisors;
• Our employees, contractors and/or related entities;
• Courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
• Courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights; and
• Third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing to you.
You can view the full list of our sub-processors here.
8. International transfers of personal data
The personal data we collect is stored and processed in where we or our partners, affiliates and third-party providers maintain facilities. For renting GPU servers, we use Google Cloud. For static media storage we use AWS S3 (in cases where we process your visual data as data processor in accordance with this Policy). If you request, we can move your data to other regions depending on the options presented by our cloud service providers.
By providing us with your personal information, you consent to the disclosure to these overseas third parties. As Intenseye, we do our best to ensure the necessary measures to protect your data under the applicable law, international standards and sectoral practices in cases of such transfer.
If you reside in the EU; we will ensure that any transfer of personal data from countries in the European Economic Area (EEA) to countries outside the EEA will be protected by appropriate safeguards, for example by using standard contractual clauses approved by the European Commission, or the use of binding corporate rules or other legally accepted means.
Where we transfer personal data from a non-EEA country to another country, you acknowledge that third parties in other jurisdictions may not be subject to similar data protection laws to the ones in our jurisdiction. There are risks if any such third party engages in any act or practice that would contravene the data privacy laws in our jurisdiction and this might mean that you will not be able to seek redress under our jurisdiction’s privacy laws.
9. Data security
We establish and maintain administrative and technical measures designed to provide reasonable security for your personal data against unlawful access, use, disclosure, alteration and loss. The security measures include but are not limited to firewalls, data encryption, dedicated servers, physical access controls to our data centers and offices, information access authorization controls, pseudonymization, anonymization, and randomization. That said, we advise that no method of electronic transmission or storage is 100% secure and cannot guarantee absolute data security.
10. Your rights and controlling your data
10 .1. Your rights: As a data subject, you have the following rights regarding your personal data:
- The right to be informed: You can request information about the processing activities we conduct with your personal data.
- The right of access: You can request a copy of your personal data. Where possible, we will provide this information in CSV format or other easily readable machine format.
- The right to rectification: You can request us to correct any incomplete/inaccurate data we hold about you.
- The right to erasure: You can request us to delete/remove your personal data unless there is a lawful basis for us to continue processing it.
- The right to restrict processing: You have the right to restrict the collection or use of your personal data unless there is a lawful basis for us to continue processing. If you have previously agreed to us using your personal data for direct marketing purposes, you may change your mind at any time by contacting us using the details below. If you ask us to restrict or limit how we process your personal data, we will let you know how the restriction affects your use of our Website/Software.
- The right to data portability: You may request that we transfer your personal data to another third party.
- The right to object: You have the right to object to your personal data being processed unless there is a legal basis for such processing.
- Rights in relation to automated decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you.
We will respond to you in case of such requests within one (1) month.
10.2. Legal capacity: If you are under 16 years of age, you must have, and warrant to the extent permitted by law to us, that you have your parent or legal guardian’s permission to access and use the Website/Software and they (your parents or guardian) have consented to you providing us with your personal data.
10.3. Information from third parties: If we receive personal data about you from a third party, we will protect it as set out in this Policy. If you are a third party providing personal data about somebody else, you represent and warrant that you have such person’s consent to provide the personal data to us.
10.4. Notification of data breaches: In case of a data breach, we will quickly (and not later than 72 hours) notify it to you.
10.5. Unsubscribe from communications: To unsubscribe from our e-mail database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.
11. Business transfers
If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may continue to use your personal data according to this Policy.
12. Applicable law
12.1. GDPR
GDPR will be applicable for the below mentioned data processing activities under this Policy.
- The data processing activities of Intenseye Inc. within the EU for its activities related to the offering of goods and services via Website/Software.
- The data processing activities of Intenseye GmbH as an entity established in the EU, via our Website/Software.
12.2. California
Pursuant to California law; we detail the categories of personal data that we process and disclose for certain “business purposes” to third parties such as our service providers in this Policy. We don’t sell the personal information we collect, under any circumstances. We use the data we collect solely for the purposes stated in this Policy and only share with third parties who have agreed to undertake obligations under the applicable law regarding the protection of personal data and implement measures to this effect which are at the very least equivalent to those taken by us.
Pursuant to the CCPA, unless there is a legal basis for us to refuse such request, you have the right to request information on the processing of your personal data, correction or erasure of your data, and not be discriminated against for exercising those rights.
To this effect, you may file a request with us to exercise such rights under the CCPA via the contact information given below, or designate an authorized agent to exercise these rights on your behalf, provided that such person provides proof of authorization.
12.3. Other
Depending on your location and from which one of our companies you procure our services, the applicable law may vary. As Intenseye, we show our absolute best effort to ensure your data is protected in accordance with the applicable law, international standards and sectoral practices.
13. Limits of our Policy
Our Website/Software may link to external websites that are not operated by us. Please be aware that we have no control over the content and policies of those websites and cannot accept responsibility or liability for their respective privacy practices.
14. Changes to this Policy
At our discretion, we may change our Policy to reflect current acceptable practices. We will take reasonable steps to let users know about changes via our Website/Software. Your continued use of this Website/Software after any changes to this Policy and its notification will be regarded as acceptance of our practices around privacy and personal data.
15. Contact Information
If you have any questions about our Policy, our data processing activities or you would like to exercise one of your rights, you can contact us via the contact information detailed below. If you would like to report a complaint or believe our return to your communications were insufficient, you can contact the relevant supervisory authority in your jurisdiction:
Data Controller (please check Article 10)
Intenseye Inc.
1250 Broadway, Suite 401, New York NY 10001
privacy@intenseye.com
Intenseye GmbH
Oranienburger Str. 23 10178 Berlin – Germany
Data Protection Officer
Melih Yönet
SUB-PROCESSORS
Last update: February 01, 2024
To support delivery of our Services, Intenseye, Inc. may engage and use data processors with access to certain Customer Data (each, a "Subprocessor"). This page provides important information about the identity, location and role of each Subprocessor. Terms used on this page but not defined have the meaning set forth in the Master SaaS Agreement (or if applicable, the superseding written agreement between Customer and Intenseye) (the "Agreement").
Intenseye currently uses Subprocessors to provide cloud storage, infrastructure services, and to help us provide customer support and email notifications. Prior to engaging any third party Subprocessor, Intenseye performs diligence to evaluate their privacy, security and confidentiality practices, and executes an agreement implementing its applicable obligations.
- Amazon Web Services, Inc
- Type of Service: Hosting and Infrastructure
- Purpose: Used for hosting services, file storage and backup services
- Location/Hosting Region: European Union
- Link to Legal / Privacy Portal(s): AWS Legal Portal
- Google LLC
- Type of Service: Cloud computing provider, statistical reporting
- Purpose: Used for hosting services, file storage and backup services
- Location/Hosting Region: European Union
- Link to Legal / Privacy Portal(s): Google Cloud Terms
- Amplitude, Inc.
- Type of Service: Product Analytics
- Purpose: Used for tracking user behavior on our platforms to improve product offerings and customer experience.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://amplitude.com/privacy
- Auth0 (Okta, Inc.)
- Type of Service: Identity Management
- Purpose: Used for secure authentication and authorization services across applications.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.okta.com/privacy-policy/
- Chili Piper, Inc.
- Type of Service: Appointment Scheduling
- Purpose: Used for scheduling meetings and appointments with customers more efficiently.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.chilipiper.com/privacy-policy
- DocuSign, Inc.
- Type of Service: Electronic Signature Technology
- Purpose: Used for managing electronic agreements including the ability to sign documents digitally.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.docusign.com/company/privacy-policy
- Gong.io, Inc.
- Type of Service: Conversation Analytics
- Purpose: Used for capturing and analyzing conversations with customers to improve sales strategies and customer engagement.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.gong.io/privacy-policy
- HubSpot, Inc.
- Type of Service: Customer Relationship Management
- Purpose: Used for managing and analyzing customer interactions and data throughout the customer lifecycle.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://legal.hubspot.com/privacy-policy
- Intercom, Inc.
- Type of Service: Customer Messaging Platform
- Purpose: Used for communicating with customers through a variety of channels including chat, email, and social media.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.intercom.com/legal/privacy
- Microsoft Corporation
- Type of Service: Productivity Software
- Purpose: Used for productivity and collaboration tools
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://privacy.microsoft.com/en-us/privacystatement
- Planhat AB
- Type of Service: Customer Success Platform
- Purpose: Used for managing customer relationships, reducing churn and increasing upsell.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.planhat.com/data-protection-and-privacy-policy/
- Notion Labs, Inc.
- Type of Service: Collaboration and Productivity Software
- Purpose: Used for note-taking, knowledge sharing, project management, and collaboration within teams.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.notion.so/Privacy-Policy-3468d120cf614d4c9014c09f6adc9091
- PandaDoc, Inc.
- Type of Service: Document Automation Software
- Purpose: Used for creating, approving, and eSigning proposals, quotes, and contracts.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.pandadoc.com/privacy-policy
- Productboard, Inc.
- Type of Service: Product Management
- Purpose: Used for understanding what users need, prioritizing what to build and rallying everyone around the roadmap.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.productboard.com/privacy-policy
- Salesforce.com, Inc.
- Type of Service: Customer Relationship Management
- Purpose: Used for managing and analyzing customer interactions and data throughout the customer lifecycle.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.salesforce.com/company/privacy/
- Segment.io, Inc.
- Type of Service: Customer Data Infrastructure
- Purpose: Used for collecting, cleaning, and controlling customer data.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://segment.com/legal/privacy
- Slack Technologies, Inc.
- Type of Service: Collaboration Hub
- Purpose: Used for team communication and collaboration.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://slack.com/privacy-policy
- Twilio, Inc.
- Type of Service: Cloud Communications Platform
- Purpose: Used for programmable communication functions such as voice, text, chat and video.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://www.twilio.com/legal/privacy
- Zoom Video Communications, Inc.
- Type of Service: Video Conferencing
- Purpose: Used for remote conferencing services using cloud computing. It provides a remote conferencing service that combines video conferencing, online meetings, chat, and mobile collaboration.
- Location/Hosting Region: United States, European Union
- Link to Legal / Privacy Portal(s): https://zoom.us/privacy