apprais.ly as a software business solution owned by apprais.ly d.o.o. (hereinafter apprais.ly), hereby provides you with information on the processing of your personal data and on your rights based on the applicable regulations on personal data protection.
We also want to provide a complete insight into the way personal data is collected and processed on this website. Please read these Rules carefully to find out how we collect, process, protect or in any other way use your personal data.
What are the privacy policies
These Rules define the basic principles and rules of personal data protection in accordance with the business and security requirements of apprais.ly d.o.o., as well as legal regulations, best practices and internationally accepted standards. In order to ensure fair and transparent processing, apprais.ly wants to provide clear information on the processing and protection of personal data that it collects and processes, and to enable easy monitoring and management of personal data and consents.
- what personal data we collect and process
- how we collect personal data, for what purposes and what are the grounds for it
- how long we store them and with whom we share them
- what rights they have in terms of data protection and how we protect them
What kind of data is collected?
The types of data that are necessary for the apprais.ly application to be used and for it to function fully, i.e. to fulfill the functionalities for which it was intended, are collected.
apprais.ly collects and processes the following types of data:
- Name, surname, email address and photo of the application user
The name, surname and business email address and photos are used to identify users of the application, and to enable the finding of users within the application. Likewise, an email address is used to help users of the application receive important notifications regarding the use of the application. Users can manage their notification settings via notification settings within the Settings functionality.
- Application user’s mobile phone ID and operating system (if the user uses apprais.ly iOS or Android applications)
If the user of the mobile application gives permission for push notifications, information about his mobile operating system (iOS and Android) and his unique mobile device ID are stored in the system. This information is used only to send push notifications to the user, if the user has allowed it.
- Technical information about the application user device
Which can include the user’s IP address, browser type, operating system type, device characteristics (screen size, mobile device model, network provider name).
This information is used for analytics and tracking purposes, eg to identify devices running apprais.ly, to improve application features, troubleshoot, and increase data security.
- Cookies and similar technologies
Additional information provided by apprais.ly to the user or his employer
Additional information may include the user’s role at work, who his or her immediate superior or subordinate is, and the feedback he or she sends and receives from others. This data is collected as part of the normal use of apprais.ly’s features, and is used exclusively for this purpose.
Who can we share personal information with?
apprais.ly may, on the basis of its legitimate interest, share personal data within the company, which may process them for the purpose of fulfilling legal obligations, preventing misuse, improving products and services or on the basis of given consent.
There is the possibility of cooperating with third parties in order to support the best possible performance of apprais.ly features, which may include, but are not limited to, reliable e-mailing, customer support, etc. All third parties with whom apprais.ly cooperates must be comply with the provisions of the General Data Protection Regulation, and take the same care of user privacy as apprais.ly.
No third party may use the data provided to them by apprais.ly for any purpose other than that for which apprais.ly provided the data.
As much as possible, data shared with third parties is minimized, using methods such as anonymization (removal of personally identifiable information), or pseudonymization (replacing identifying information such as user ID, name, or email with opaque identifiers that do not can be traced back to users from unwanted parties).
We will also have to provide user data to judicial or state bodies on the basis of their official request or in order to fulfill the obligations specified in the regulations.
How the data collected is used
User data can be used to:
- activated apprais.ly and provided the user with his Services
- create a user profile and make it visible
- ensure the security of logging in to apprais.ly using a security infrastructure
- were in accordance with the legal regulations in force in the Republic of Croatia
- provide the user with assistance in using the application
- users contacted via apprais.ly and / or other channels
- save and maintain user responses (Responses are available to other users of the organization, such as Administrators and Managers, based on their allowed level of access. The user can contact the Administrator or Manager, who has subscribed to apprais.ly services, to understand As mentioned above, the user’s email and contact information are not related to the answers available to his organization, but Administrators and Managers may be able to guess who gave certain answers and will know the identity user if he chooses to include information that identifies him in the response.)
- analyze user usage patterns to improve or optimize services
- prevent potentially illegal activities
- detected unwanted or offensive activities
- create new services, features or content – only public data and metadata, public survey data and anonymous survey metadata, ie survey characteristics data, but not private content, can be used to create and provide new services, features or content; for example, statistics such as response rates to feedback, number of likes per grade, average grades of certain or all competencies, divisions by teams, organizations, etc. can be viewed, but all data used for this purpose will be anonymized )
- contact users regarding the user’s account (the user is periodically contacted regarding transactions, such as service announcements, billing issues, changes to services or rules, or a welcome email when you first register; the user cannot be excluded from these communications because they are necessary to provide the Service)
- respond to legal requests and prevent damage. If we receive a subpoena or other legal request, we may need to review the stored information to determine how to proceed)
We conduct inspections of our third party service providers and require them to respect the security of your personal information and to treat it in accordance with the law. We do not allow them to use your personal data for their own purposes, but to process your personal data only for the intended purposes and in accordance with our instructions.
Service providers and third parties will process personal data based on the instructions of apprais.ly and in accordance with these Rules and other relevant regulations (General Data Protection Regulation (EU) 2016/679, Actu on the implementation of the general regulation on data protection and other applicable laws depending on the processing).
For more information on data transfer to third parties send an inquiry by e-mail to GDPR@apprais.ly.
Users use the services of the application to provide and receive and collect and use grades and other information related to the level of competencies being assessed. The purpose of collecting this information is to better quantify the state of individual competencies of users as well as their development. Users of the application give ratings of competencies of other users and ask for ratings of their own competencies and provide other information (collectively “Answers”).
- Administrators and Managers
Users with administrative or managerial permissions may access responses submitted by other users within their organization based on a particular Service (s) and their permitted level of access.
- By default, responses are anonymous. It is not revealed which responses are associated with which user, email address or IP address, unless the user marks a particular rating with a Report tag. In this case, the Administrator or Manager can see who sent the Response and to whom it was addressed in order to resolve the situation due to which the user initiated the login by selecting Report. Likewise, users can reveal their identity in their Answers. Because apprais.ly does not modify or edit the responses, in that case other users may find out who submitted that Response.
How long is user data stored?
Personal data is deleted upon termination of the contractual relationship. Exceptions are cases of initiated court or other similar proceedings that require data retention. We will only retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including to meet any legal, accounting or reporting requirements.
In order to determine the appropriate retention period, we consider the amount, nature and sensitivity of personal data, the potential risk of unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve such purposes by other means and applicable legal requirements.
Upon expiration of the storage period, the data is removed from the system.
In certain circumstances, according to the General Data Protection Regulation, you have certain rights in relation to your personal data. If you wish to exercise any of the rights listed below, please contact us via the following email: GDPR@apprais.ly
The right to request access to your personal data (commonly known as a “request for access to data”) allows you to obtain a copy of the personal data we hold about you and to verify that we are processing it lawfully.
The right to request correction of any information we hold about you – allows you to correct any incomplete or inaccurate information about you, although we may need to verify the accuracy of the new information you have provided to us.
Right to request a restriction on the processing of your personal data – you can request a suspension of the processing of your personal data in the following scenarios: (a) if you want us to determine the accuracy of the data; (b) where our use of the data is unlawful; (c) in the event that you wish to retain information, even if we no longer request it because you need it to identify, use or defend legal claims; or (d) in the event that you object to our use of your data, but we must verify that we have exceeded the legal basis for their use.
Right to request the deletion of your personal data – allows you to request the deletion or removal of personal data if there is no good reason to continue processing. You also have the right to request the deletion or removal of your personal data if you have successfully exercised your right to object to the processing (see below), if we may have processed your data unlawfully or where deletion of your personal data is required under local law. Please note that we may be legally required to retain your information for certain purposes. You can request the deletion of personal data in writing to our address, orally or by sending an e-mail to GDPR@apprais.ly
The right to object to the processing of your personal data – allows you to file an objection to apprais.ly as the Processing Manager and / or the competent body for the protection of personal data if you believe that the processing adversely affects your fundamental rights and freedoms. In some cases, we may show that we have a compelling legal basis for processing your data that goes beyond your rights and freedoms.
Right to request the transfer of your personal data to you or a third party – We will provide you or a third party of your choice with your personal data in a structured, commonly used, machine-readable form.
The right to withdraw your consent to the processing of personal data – is possible at any time. This does not affect the legality of bilabout which processing we have already performed on the basis of previously given consent.
There is usually no fee to meet your requirements. You will not have to pay a fee to access your personal information (or to exercise any other right). However, we may charge a fee if your request is manifestly unfounded, recurring, or excessive. We may also refuse to comply with your request in such circumstances.
Time limit for response: We strive to respond to all valid requests within one month. Occasionally we will need more than a month if the application is particularly complex or if you have submitted several applications. In that case, we will inform you and continue to inform you.
You can revoke the consent you have given for a particular processing purpose at any time. We will no longer use your personal data collected on the basis of consent for the aforementioned purposes.
You can revoke your consent by sending an e-mail to GDPR@apprais.ly.
However, before you file a complaint with the data protection authority, we would like to try to resolve the situation within the organization, so please contact our privacy office via our e-mail address: GDPR@apprais.ly
User login to the application and his profile
If the user decides to use apprais.ly and the Services related to the said software solution, his personal data is required, namely name, surname, e-mail address, work location and job title. This information is mandatory and necessary in order for the user to log in and use apprais.ly and is entered in his profile.
Where will user data be processed?
The data we collect will be stored and processed within the EU, on secure servers in order to provide the best possible user experience.
Communication and marketing
We will communicate with you via email or in-app notifications regarding our services. Since we need to provide such information, there is a possibility that you will not be able to give up such messages.
Upon registration, there is the possibility of giving consent to receive marketing content. By giving your consent to receive marketing content, you agree to receive notifications related to the business, new services and products of apprais.ly d.o.o. and affiliates. You can withdraw your consent at any time by clicking on the “unsubscribe” link at the bottom of each received message.
Protection of personal data
In order to protect your personal data, apprais.ly implements appropriate physical, technical and organizational protection measures, taking into account the nature, scope, context and purposes of processing, as well as the risks of different levels of probability and seriousness for the rights and freedoms of respondents.
We update and test our security technologies on an ongoing basis and continuously improve them at the group level. We use advanced tools to protect and prevent data leakage, permanently monitor critical systems within the group, encrypt certain sensitive data and protect data from unauthorized access, alteration, loss, theft and any other data breaches and misuse.
Access to data within apprais.ly is limited to those data that are necessary to perform certain business tasks and only to authorized persons who work directly on the provision, maintenance, quality improvement and billing of the service – in accordance with clearly defined roles and responsibilities within groups. All employees of apprais.ly and associated companies are bound by data confidentiality agreements, and we only hire partners with whom we contract appropriate protection measures.
All information we receive about you is stored on secure servers and we have implemented technical and organizational measures appropriate and necessary for the protection of personal data. Apprais.ly continuously assesses the security of its network and the suitability of its internal information security program designed to (a) help secure your data from accidental or unlawful loss, access or disclosure, (b) identify reasonably foreseeable risks to the security of the apprais.ly solution; and (c) minimize safety risks, including risk assessment and regular testing. Furthermore, we ensured that all payment data was encrypted using SSL technology.
apprais.ly cannot guarantee 100% security of data transmission over the Internet, websites, mobile applications, computer systems or any other public network. Please note that, despite the measures we have taken to protect your data, data transmission over the Internet or other open networks is never completely secure, and there is a risk that unauthorized third parties may access your personal data.
Change notifications and contacts
In writing to the registered office address apprais.ly d.o.o
via email to: GDPR@apprais.ly
If there are any issues not covered by this document, contact the support team at:
The security of user data is extremely important, and to increase security, the help of the user of the application is needed. It is the user’s responsibility to ensure that personal information is accurate and that passwords and registration information are secure and not shared with third parties.
Valid from June 3, 2019