23.11.2021
16054

Privacy Policy

Publication: 07/12/2024.
From the date of publication, the document applies to new and existing ApiX-Drive Users.

Terms and definitions not defined in this document are defined in the ApiX-Drive Terms of Use.

GDPR ” means Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and the free movement of such data.

Personal data, processor and controller have the meaning given to them in Article 4 of the GDPR.

1. Information about the Company and the Service

1.1. About Us

The operator of this Service and the person in charge in the sense of the GDPR is the limited liability company Apicom Solutions OÜ, registered in accordance with the laws of Estonia, with registration number: 16182813 and legal address: Harju maakond, Kuusalu vald, Pudisoo küla, Männimäe/1, 74626. ( hereinafter referred to as " Company ", as well as " we ", " us ", " our ", etc.)

We are committed to ensuring that your data is stored and processed securely. The protection and security of not only your personal data, but also your User Content, which is transmitted through our Service, is important to us. As part of this principle, we process personal data in accordance with the GDPR and in accordance with the data protection rules applicable to us and our Service.

BY AGREEING TO THE TERMS OF USE, YOU AGREE TO THE COLLECTION, USE AND TRANSFER OF YOUR PERSONAL DATA FOR THE PROCESSING DESCRIBED IN THIS PRIVACY POLICY AND OUR TERMS OF USE.

Please read this Privacy Policy carefully, as your access to and use of the Service means that you have read and understood all the terms of this Privacy Policy.

If you do not wish to transfer your personal data to us, you can use all areas of our Service and Site that do not require authorization, without the need to disclose your personal data.

1.2. Additional Information

Our Site and/or Service may contain links to other sites or services, for the content and functions of which the Company is not responsible. Please read the data protection regulations on the respective websites or services of the respective operators. If you use the Service to transfer your User Content from one service or system to another, then you are solely responsible for the compliance of such data transfer with the protection rules of such services or systems from where and where you transfer your User Content.

We take appropriate technical and organizational measures to protect against unauthorized access and/or illegal processing of your personal data or your User Content, as well as from accidental or illegal destruction, loss, alteration or unauthorized disclosure of such data. However, please note that we cannot completely eliminate the security risks associated with the storage and transmission of such data.

Since our Service is not specifically designed for minors and adolescents, the transfer of their personal data to us should not take place without the consent of parents or legal guardians. If we become aware that a minor has sent us his personal data through the Service or the Site without the consent of parents or guardians, we will immediately delete this information. We encourage parents to instruct their children about the safe handling of personal information on the Internet.

2. Information we collect

2.1. Information that is processed by default

In order to ensure the technical functionality of our Service, in order to investigate security incidents and track technical failures or attacks, in order to resume your User Content or personal data in the event of technical problems with the Service, we collect the standard data necessary for this.

When you visit our Site or use our Service, we automatically record information from your browser, which helps us to improve the usefulness of our Site and to manage the provision of our services through the Service. Such log files may include:

  • your IP address;
  • browser type;
  • the web page you visited before you went to our Site;
  • the information you are looking for on our Site;
  • local settings; - history of access to our Site;
  • the time and date of visiting our Site or using the Service;
  • information about the activity of Users and the amount of data transferred on the Site or Service;
  • the device from which you accessed the Site.

As a rule, this is not personal data and this information is not mixed with other data processed by us.

We may create anonymized or anonymous data from Users' personal data, excluding data components (such as your name, email address or linkable identifier) that make the data personally identifiable to you, through anonymization or other means. Our use of anonymous and anonymized data is not governed by this Privacy Policy.

Providing some data is required and obligatory. Without the transfer of technically necessary information, the functionality and provision of access to our Service are not guaranteed.

2.2. Information you provide us directly

We also collect, store and process the following information, which you directly transmit to us and for which we are the controller:

  • Registration information: your email address, your password for the Account in the Service in encrypted format and your name. This information is required.
  • Additional profile information: phone number, time zone, your billing information.
  • Information for connecting to the Affiliate Program: full name, phone number, e-mail address, the name of the legal entity of the Affiliate (if applicable).
  • Authentication tokens, API keys, encrypted third-party service credentials, which are necessary for their integration, setting up communication and performing actions with connections through the Service.

2.3. Information we receive as a result of your use of our Service

We also collect, store and process the following information that we receive as a result of your use of our Service:

  • Data of actions taken in connections - for 7 (seven) calendar days we store log files with encrypted information about your actions performed with connections in the Service, so that you can view detailed information about the implementation of a specific action or find out what data was transmitted where and where, find out the details of the error in action and why such an error occurred. Among other things, this information includes: information about errors with links, log files of configured links, etc. For such data, we are the processor, and the User is the controller.
  • Data on the actions performed in the Personal Account - these include statistics on data transmission over links, test data in custom links, etc. Such data is needed so that you can control the use of the Service and customize the Service. For such data, we are the processor, and the User is the controller.

2.4. Use of cookies .

We use cookies for your convenience. A cookie is a data file that we transfer to your device. We use several types of cookies: (1) wbsid cookies, which store your registration email address and password so that you do not have to enter it every time you enter our Service, as well as to store your registration ID so that you can stay on our Service, (2) wbsid cookies that allow us to track and remember from which source you came to our Site, including whether you came from the Partner's referral link, and (3) apix_rf cookies, which are used within advertising campaigns, etc.

When you start using our Site, we will additionally ask for your consent to our use of cookies. Please read the information in the pop-up window and in this document about which cookies we use and for what purpose, and give us your consent or refusal to use such cookies.

Cookies are optional and you can choose to use them or not. But if you choose not to use them, then we are not responsible for the results of such a refusal. If you agree to save such a file, the cookie is deleted from your device (1) after 30 days of your inactivity, or (2) after clearing the browser cache.

If you do not agree to our use of cookies, please manage your cookie settings on the Site and in your browser in order to establish a satisfactory cookie behavior.

3. Legal bases and purposes of information processing

3.1. Legal basis for data processing

The processing of your data by the Company is carried out on the basis of the GDPR, namely:

  • based on your consent, if you have given us such consent (Art. 6 para. 1 lit. a) GDPR;
  • for the conclusion or performance of a contract with you (Art. 6 para. 1 lit. b) GDPR;
  • to fulfill legal obligations (Art. 6 para. 1 lit. c) GDPR;
  • within the framework of a legitimate interest (Art. 6 para. 1 lit. f) GDPR.

We only process personal data that you provide to us for use in connection with the use of our Service.

3.2. Purposes of data processing

The purposes of data processing specified in section 2 of this document are:

  • Providing access to the Service and organizing its use by Users;
  • Communication between the Company and the User;
  • Advertising purposes, including advertising mailing;
  • Consideration of your application, including with regards to participation in the Affiliate program;
  • Improving our Service;
  • Fulfillment of the contract with you;
  • Company accounting;
  • The legitimate interest of the Company, including within the framework of statistics, marketing purposes and the protection of the Service from unlawful use.

4. Period of data processing and storage

We store your personal data and your User Content only as long as it is necessary for the purposes for which they are processed, including to provide you with services, that is, as long as you keep your Account on the Service. We will also retain some of your personal and other information as needed to comply with our legal obligations, resolve disputes, and ensure our legitimate interests are respected.

We will delete your personal data and your User Content stored by us as soon as we no longer need to process them for the purposes specified in this Privacy Policy. If it is permissible, we will also delete your personal data upon your written request to the Service support service.

We store your data:

  • if you have consented to the processing until you withdraw your consent;
  • if we need the data to fulfill a contractual obligation as long as there is a contractual relationship with you or a legal storage period;
  • if we use the data based on a legitimate interest, then no longer than until your interest in deletion or anonymization prevails;
  • if there is a legal storage obligation, until the end of those storage obligations;
  • as indicated in section 2 of this document for different types of information.

5. Rights of data subjects

As a data subject under the GDPR, you have the following rights:

  • request access to information about the processing and personal data processed by us about you and receive a copy of such data;
  • request correction, deletion or blocking of your personal data;
  • request the restriction of the processing of your personal data;
  • object to the processing of your personal data;
  • the right to the portability of your personal data;
  • the right not to subject the data to automation, including profiling;
  • withdraw your consent at any time if you have given your consent to the processing of your personal data;
  • the right to report a violation of the rules for the processing of personal data;
  • the right to lodge a complaint with the competent supervisory authority about a violation of applicable data processing legislation.

In addition to making a request to the Service support service, you can partially exercise your rights as a data subject in the Service using the tools in your Personal Account. For example, you have the opportunity to ask the support service to delete your personal data or independently change the data in your Personal Account. In the event that we are required to keep records of some of your personal data, for example, for accounting purposes, this information is stored. All other information, including personal data, we delete within 5 calendar days from the date of your request to do so.

6. How we process and store your data

We process and store the information received on the terms described in this document.

For example, we store your User Content in an encrypted raw format for no longer than the period specified in this document. You can make a request to our support service from the e-mail to which your Account is registered, so that we do not save log files containing your User Content and information about it. After receiving the request, we will disable data logging within 5 (five) business days. After disabling the storage of log files of your User Content and information about it, we are not responsible for investigating errors in the operation of the Service for the transfer of your User Content and do not respond to requests to the support service about investigating errors in the operation of links, because we have no data to analyze the errors that have occurred.

If you do not disable data logging for your User Content, please note that we save it for a limited period of time, as indicated in section 2.3., And only during this period of time can we investigate the error that occurred in the work of links, if such occurred. If you contact us after the expiration of the storage period for such data, the support staff will not be able to help you, therefore all claims for the incorrect operation of the Service and/or connections are accepted by the support service only within 5 (five) business days from the moment such an error occurs in connection. Please take into account business hours and support days, we will not be able to provide assistance if you contact us on the sixth or seventh calendar day after an error occurred, just prior to a weekend or a public holiday.

All data that we process as a processor, we process under the terms of this document and the GDPR.

Data security

We keep your data safe. All our partners are bound by non-disclosure obligations and should not use the transmitted data for any purpose other than those for which we provided them with such data.

In particular, we ensure this level of security by pseudonymizing and encrypting personal data and your User Content, regularly testing and evaluating the effectiveness of technical and organizational measures to ensure the security of processing. We implement and maintain various security measures designed to protect the Service and your data from unauthorized access, unauthorized processing or disclosure to unauthorized third parties.

We undertake to notify you of any breach of the security of data processing and storage and/or data leakage by the method and within the time frame provided for by applicable law.

Depending on which jurisdiction you are from, your personal data and User Content are stored in secure web hosting centers in Germany and/or the United States.

Transfer of your User Content through the Service

The Service works on the principle of transferring User Content from one service, system, site, program ("Source") to another service, to a site, system, program ("Reception"). We do our best to protect your User Content and keep it confidential. We use the best security practices to keep your data safe.

  1. The user connects the Source. During the setup of the Source, the Service shows the User test data (real data of its User Content or fake data (an example of data compiled by us)) in order to improve the User's user experience in the Service.
  2. The user connects Reception. When configuring the Reception, the Service displays a list of columns, and in these columns the User specifies what data should be transmitted from the Source.
  3. When the connection between the Source and the Reception is connected, the Service, taking into account the configured filters, receives your User Content from the Source and transmits it to the Reception.
  4. The fact of transfer is displayed in the Personal Account - the Service received one order - and transferred one order. You cannot view in the Service which User Content was transferred, only the fact of transfer. The User Content that is transmitted using the Service is not stored on the Service, with the exception of test data if the real User Content was used.
  5. For each transfer, we record the transfer log file in encrypted form on a secure server. In it, the Company can see what User Content was received from the Source and transferred to the Receiving for the last 7 (seven) calendar days. Such logging can be canceled at the request of the User.

We do not sell your personal data.

You have the right to know if your personal data is being sold. Personal data is considered "sold" when it is provided to third parties in exchange for monetary or other valuable consideration for purposes not related to "business purposes" as defined in the CCPA or other state data privacy laws in the United States. Please note that "sale" does not include the disclosure of your personal data at your direction or when permitted by law.

ApiX-Drive does not sell your personal data.

Your data is never passively or automatically shared with third-party generative AI partners. Only when you use features that involve AI will data relevant to your explicit request or command be sent to vetted third-party generative AI partners. Their software will perform tasks with your information on your behalf. Your data is never used to train their internal models.

7. Who we share data with

WE DO NOT SELL ANY PERSONAL OR OTHER USER DATA.

To ensure the operation of our Service, we work with various providers of services and services (for example, a hosting provider). In addition, your data will be transferred to parties that are unavoidable for the fulfillment of contractual obligations or where there is a legal obligation to transfer them. All such third parties must agree to respect the confidentiality of Users and protect the confidentiality of your personal data.

Your data may be transferred to providers and contractors in countries outside the European Economic Area (EEA). We only transfer personal data to third countries in countries where the EU Commission has confirmed an adequate level of protection or where we and our contractors can ensure that personal data is treated with care.

When processing your data, we work with the following service providers who have access to your data:

Title: Google Analytics  (Google LLC, 1600 Amphitheatre Parkway
Mountain View, California, 94043, США)  
Address : https://analytics.google.com
Provides us with the following services: Analytics of user behavior on the site.
Purpose of data transfer: Analytics of user interaction with the site and personal account to improve usability
Link to privacy policy :  
https://policies.google.com/privacy

Name: Facebook (Facebook, Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA)
Address : https://www.facebook.com
Provides us with the following services: Targeted advertising Facebook ADS.
Purpose of data transmission: Display of targeted advertisements for users who have already been on the site (remarketing)
Link to privacy policy :  
https://www.facebook.com/about/privacy/previous

Name: Gmail (Google LLC, 1600 Amphitheatre Parkway
Mountain View, California, 94043, США)  
Address : https://gmail.com
Provides us with the following services: Sending emails.
Purpose of data transmission: Sending a notification of the need for payment and receiving support requests via e-mail
Link to privacy policy :  
https://policies.google.com/privacy

Name: Google ADS (Google LLC, 1600 Amphitheatre Parkway
Mountain View, California, 94043, США)  
Address : https://ads.google.com
Provides us with services: Google ADS Contextual Advertising.
Purpose of data transfer: Display of contextual advertising for users who have already been on the site (remarketing)
Link to privacy policy :  
https://policies.google.com/privacy

Title: Google Recaptcha (Google LLC, 1600 Amphitheatre Parkway
Mountain View, California, 94043, США)  
Address : https://www.google.com/recaptcha/about
Provides us with the following services: Protection against massive registrations of bots on the site.
Purpose of data transfer: Protection against registrations created in automatic mode through a network of bots
Link to privacy policy :  
https://policies.google.com/privacy

Title: DigitallOcean (DigitalOcean LLC, 101 Avenue of the Americas, 10th Floor, New York, NY 10013 USA)
Address : http://digitallocean.com
Provides us with services: Hosting.
Purpose of data transfer: Processing of data by servers at the time of transfer of data from one system to another
Link to privacy policy :  
https://www.digitalocean.com/legal/privacy-policy/

Title: OVH (OVH Hosting Limited, Enterprise House, O'Brien Road, Co. Carlow, Carlow, R93Y0Y3, Ireland)
Address : http://ovh.com
Provides us with services: Hosting.
Purpose of data transfer: Processing of data by servers at the time of transfer of data from one system to another
Link to privacy policy :  
https://www.ovh.com/ca/en/support/privacy-policy.xml

Title: Stripe (Stripe, Inc., 354 Oyster Point Boulevard, South San Francisco, California, 94080)
Address : https://stripe.com
Provides us with the following services: Acceptance of payments.
Purpose of data transfer: Acceptance of payments from users, the payment provider receives data for making payments from the user's card
Link to privacy policy :  
https://stripe.com/privacy

Name: SendPulse (SendPulse Inc, 220 E 23rd St #401, New York, NY 10010)
Address : https://sendpulse.ua
Provides us with the following services: Email mailing to users.
Purpose of data transmission: Sending a digest with the news of our service, notification of the need for payment
Link to privacy policy :  
https://sendpulse.com/legal/pp

Title: MeisterTask (MeisterLabs GmbH, Zugspitzstrasse 2, 85591 Vaterstetten, Germany)
Address : https://www.meistertask.com
Provides us with the following services: Task scheduling and team communication.
Purpose of data transfer: Processing bugs received from users. Data may be needed in the process of investigating the causes of bugs
Link to privacy policy :  
https://www.meisterlabs.com/privacy

Data processing by individual entrepreneurs: some of the personal data of Users can be transferred for processing to individual entrepreneurs registered in accordance with the legislation of Ukraine. Such individual entrepreneurs provide services to the Company in accordance with agreements between the Company and such individual entrepreneurs and process such data in the interests and on behalf of the Company. Such individual entrepreneurs process the personal data of Users in accordance with this Privacy Policy and the legislation applicable to the Company on the processing of personal data. If you have questions about the processing of your personal data by individual entrepreneurs or you want to refuse such processing, please contact the support service.

Information about Google services

We use various services of Google LLC ("Google"), 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

By integrating Google services, Google may collect and process information (including personal data) about you. It cannot be excluded that Google may also transfer the information to a server in a third country.

As stated in Google’s Privacy Shield certification (you can find it under https://www.privacyshield.gov/list by searching for “Google”), Google committed to comply to the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework for the collection, usage, and storage of personal data from EU or Swiss member states. Google, including Google LLC and its wholly-owned subsidiaries in the USA, has stated via certification to comply to the Privacy Shield principles. Further information can be found at https://policies.google.com/privacy/frameworks?gl=en

8. Contacts for all data protection issues

If you have any questions regarding our data protection measures, the processing of your personal data or the protection of your rights, please contact us as follows:

Apicom Solutions OÜ, location: Harju county, Kuusalu parish, Pudisoo village, Männimäe/1, 74626.

Email address: [email protected]

If you have particularly sensitive questions, please contact our data protection officer or our support by mail, as there can always be security issues when communicating by e-mail.

9. Our social networks

You can follow the news of the Service and the Company by subscribing to our pages on social networks, but you cannot use the subscription to our social networks as a substitute for familiarization with the newsletter sent to you in your Personal Account or to your e-mail address.

Facebook - https://www.facebook.com/apixdrive/ 

LinkedIn - https://www.linkedin.com/company/apix-drive-com/ 

Youtube - https://www.youtube.com/c/ApiXDriveSaaSService/   

Twitter - https://twitter.com/ApixDrive 

Instagram - https://www.instagram.com/apix_drive/

10. Changes to the Privacy Policy

This Privacy Policy contains information about data protection in our Company. If our processes change, we will adjust the information in this document accordingly so that you are always informed about the processing of your data and will notify you of this.

11. Support

If you have any questions regarding the Service, organizational or administrative issues, you can seek advice or assistance from the Service support service by using the support service email address or writing to the support service in the online chat on the Company's Website.

Requests for e-mail of the support service are accepted only from the User's e-mail registered in the Service.

The support team will use their best efforts to quickly respond to the problem, usually within one to three business days.

The time and days of the Service support service are indicated on the Site.

Support email: [email protected]

If you want to receive any clarifications by mail, then make an appropriate request to the Company:

Apicom Solutions OÜ, location: Harju county, Kuusalu parish, Pudisoo village, Männimäe/1, 74626.