New

Incognia Platform Privacy Policy

Last update: 10/30/2020

About Incognia

Incognia is a technology company that provides intelligence to client applications from geolocation data.

This Privacy Policy covers the processing of personal data of the natural persons (the "users") who operate our Platform on behalf of the client company.

Incognia Platform is the tool that enables you to access and operate the Incognia services used by your company. However, in order to make this possible, we may collect some personal information about you for authentication, qualification and improvement purposes.

Throughout this Policy, we will detail all the processing of Platform users’ personal data, in addition to providing a contact channel for matters relating to privacy and data protection of these users.

Privacy and security

To protect your privacy and ensure your security, Incognia follows the minimization principle established by the EU General Data Protection Regulation, which states that “personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed” (Art. 5, 1, (c), GDPR). This means that we store as little data as possible to enable the application to function without damaging its purpose.

In addition, only a limited number of Incognia's employees have access to user data, as well as to the third-party platforms which process this data.

Finally, we emphasize that encryption functions are applied to the transport and storage of data.

Personal data processing

Category

Purpose

Data

Registration

User registration and access control

Name

Email address

Language

Company

Image

Device type

Last IP address

Login history (two days)

Platform Usage[1]

General product  improvement

Name

Email address

City (through the IP address)

Memory and network use

Browser data (e.g.: name, version, language)

Session data (e.g.: duration, login/logout time)

Operating system

Third-party service platform identifier

Date/time of last access to Incognia Platform


Third-party services

[1]Some Platform usage data is collected through LogRocketMixpanelRaygunHubspot and Segment tools for metrication and qualification, and we use Auth0 and AWS platforms for storing user data and credentials. These services, which act as data processors, allow us to monitor user activity in order to identify errors or improvement points. The information collected by these services is accessed by us on their respective platforms, and is stored on their own servers. 


Data Sharing

We share user data with the processors mentioned in the previous topic ("Third-party Services") in order to deliver the services needed for general product improvement. This data is processed according to our instructions and must not be used for third parties' own purposes.

All third parties with whom we share data comply with the General European Data Protection Regulation ("EU/EEA GDPR").

LogRocket, Mixpanel, Segment, Hubspot, Auth0 and AWS servers are located in the United States; Hubspot also stores data in Ireland; and Raygun has servers in New Zealand. Sharing data with such third parties characterizes international data transfer.

Data retention and storage

Registration data is stored in AWS RDS and Auth0 encrypted databases for an indefinite time. Any personal data processed shall be stored in accordance with the principles of proportionality and necessity and, in any case, until the purposes of the data processing have been completed. 

Platform usage data, in turn, is stored in the databases of the processors mentioned in "Third-party Services" and are accessed when necessary. Date and time of last access to Incognia Platform are  also stored in AWS cloud servers.

Data subjects’ rights

With respect to the personal data provided, you have the following rights:

1. Data processing confirmation

You have the right to know if any personal information about you is being processed.

2. Access your own personal information

You have the right to know which personal data of yours is being collected, as well as to request a copy of any collected information. 

3. Request Erasure

You can request the erasure of personal data collected by the Incognia Platform. All data collected will be deleted from our servers when you request it or when it is no longer necessary or relevant to offer our services to you, unless there is any other reason for its maintenance, such as a legal obligation to retain data.  

4. Information on data sharing

You have the right to know if your personal data is being shared, and with whom. This information can be observed in the previous section “Data sharing", in which we explain how and why we share data with our clients. 

5. Opt-out

In order to have control over your own personal information, you shall have the right, at any time, to direct a business not to sell personal information about you to third parties. This right may be referred to as the right to opt out. 

6. Anti-discrimination clause

You have the right to equal service and price, even when they exercise privacy rights. Incognia encourages personal data subjects’ control over their data and users will not be harmed morally or financially for the exercise of rights. However, providing personal data is a requirement necessary for the performance of services and functionalities offered by Incognia.

You can exercise your rights writing an e-mail to dpo@incognia.com.

Privacy Policy amendments

We may update and change the terms of this Privacy Policy from time to time. You will always find the latest version of the terms on our platform.

Contact us

If you have any questions, comments or suggestions, please contact our Data Protection Officer by sending an email to dpo@inloco.com.br.