EU Data Protection

Last updated: February 3rd, 2022

Effective: September 10th, 2020

We securely store your data at our service providers, who are GDPR compliant. We will keep your data for as long as required by law, until we no longer have a valid reason for keeping it, or until you request us to stop using it. Once this time period has expired, we will delete your personal information from our servers and databases.

We want you to be fully aware of all of your data protection rights under the GDPR. Every user located in a country which has adopted the GDPR is entitled to the following:

  • The right to access – You have the right to request copies of your data. We may charge you a small fee for this service.
  • The right to rectification – You have the right to request that Our Company correct any information you believe is inaccurate. You also have the right to request we complete the information you believe is incomplete.
  • The right to erasure – You have the right to request that we erase your data, under certain conditions.
  • The right to restrict processing – You have the right to request that we restrict the processing of your data, under certain conditions.
  • The right to object to processing – You have the right to object to our processing of your data, under certain conditions.
  • The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at the address or e-mail identified in the Contact Us section at the end of this document.

We may ask you to verify your identity before responding to such requests.

What data does Churnkey collect about our users?

  • Username
  • Email address
  • Company Name (Optional)
  • Phone Number (Optional)
  • Job Title (Optional)
  • IP addresses to support secure authentication
  • Churnkey usage statistics (e.g. user content created)

The following additional information may be collected by third parties, but is not stored directly by Churnkey:

  • Billing information (Stripe)
  • Helpdesk tickets (Hubspot)
  • Customer Activity (Hubspot)

When we ask for information, we do so at the time that it’s required. We do not ask for, store or collect information that we do not need. This data is primarily used for:

  • Verifying and creating accounts
  • Providing essential software services
  • Communicating with users about support tickets and service updates
  • Ascertaining location to ensure compliance with local laws and regulations

When you use our Services, we may automatically collect and store information, through cookies or similar technology. We use cookies to collect standard account data and visitor behavior information. Cookies help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services.

Collected information may include:

  • The date and time you used our Services
  • The Internet address of the web site from which you linked to us
  • The page from which you exit our Services
  • Interactions made while visiting the web site
  • The average number of pages visited and the average time spent on our Services.
  • The Internet address from which you accessed our Services (IP address)

We use cookies in a range of ways to improve your experience on our website and in our Services and app, including:

  • Understanding how you use our Services
  • Keeping you signed in to your account
  • Improve site functionality and customer service
  • Remembering your site and service preferences

Our Services use the following types of cookies:

  • Functionality Cookies – used to recognize you on our website and app and to remember your account preferences.
  • Advertising Cookies – used to collect information about your visit to our website or app, the content you viewed, the links you followed and information about your browser, device, the date and time of your visit, the words you searched for, the items you clicked on, and the page you last visited before exiting our Services. We sometimes share some limited aspects of this data with third parties for advertising purposes. We may also share online data collected through cookies with our advertising partners.

You can set your browser to not accept cookies. If you do not accept cookies, some of the features that make your site experience more efficient will be disabled, and some of our services may not function properly as a result.

We use Google Analytics to analyze user patterns on our website. Google Analytics uses cookies to allow us to see how you use our website so we can improve your experience. Google’s ability to use and share information collected by Google Analytics, about your visits to the site, is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can prevent Google Analytics from recognizing you on return visits to the site by disabling cookies in your browser. If you prefer to not have data reported by Google Analytics, you can install the Google Analytics Opt-out Browser Add-on.

We may use remarketing services to advertise to you on third-party websites, after you visit our website. This allows us to display advertisements to visitors who may not have completed a task on our website, such as filling out a request for information or purchasing items in their cart. Remarketing may take the form of an advertisement on the Google search results page or a site in the Google Display Network. We use Google AdWords, a remarketing service provided by Google, Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page. Google also recommends installing the Google Analytics Opt-out Browser Add-on for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.

We do not sell, rent, trade, or otherwise transfer your personally identifiable information to outside parties without advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential.

On rare occasions, we may disclose specific information upon governmental request, in response to a court order, or when required by law to do so. We may also share information with companies assisting in fraud protection or investigation. We do not provide information to these agencies or companies for marketing or commercial purposes.

The following is a list of third party services that may access your data at various times:

  • Google Analytics
  • Amazon AWS
  • Stripe
  • Heap
  • Google Fonts
  • Hubspot

We will retain your data only for as long as is necessary for the purposes set out in this agreement. We will retain and use your data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Your data is securely stored in industry-leading data centers. These include servers protected by PGP encryption protocols, SSL certificates, and password and API keys that are regularly cycled.

In addition to this, the following precautions have been made:

  • Database access is strictly limited to those requiring it
  • Server access is strictly limited to those requiring it

Administrator roles are designed such that those performing routine administrative tasks do not gain access to data that is not relevant to their role

In the unlikely case of a data breach, the following steps will be followed:

  • Site, server and database access will temporarily be disabled
  • All of our passwords and security certificates will be changed
  • Our users will be emailed and notified of the breach
  • An internal investigation will be started to ascertain as much as we can about the breach
  • The Churnkey site, server and databases will be re-enabled once they’ve been proven to be secure
  • Changes will be made, and documented, to prevent a similar breach in the future
  • A follow up an email will be sent to all of our users, detailing what we learned from the investigation, along with the steps to prevent future breaches

Please contact us at [email protected] to request your account, and its associated data, to be deleted from the Churnkey, and associated, servers.

Please contact us at [email protected] to request your account, and its associated data, to be exported from Churnkey.

Data Protection Officer:
Nick Fogle
[email protected]