Privacy Policy for Chartbuddy Chrome Extension

Last updated: 30-10-2024

1. Introduction

Chartbuddy (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and share information when you use our Chrome extension (“the Extension”). By using the Extension, you agree to the collection and use of information in accordance with this policy. If you do not agree to this Privacy Policy, please do not use this Service.

2. Information Collection

We collect and/or process the following types of data:

2.1. Account Information

  • User Name, Email Address, and Organization Name: Collected during registration for authentication, customization, and business purposes such as billing.

2.2. Authentication Information

  • Password: Used for account access. Passwords are encrypted and securely stored on our servers.

2.3. Usage Data

  • Charts Data: Charts you create or modify are stored locally on your device. We do not collect or transmit this data to our servers.
  • Extension Interactions: We may collect anonymized data on how you interact with the Extension to improve functionality (logs). This data does not include personal or sensitive information.

3. Lawful Basis for Processing Personal Data

We process your personal data based on the following lawful bases under the General Data Protection Regulation (GDPR):

  • Performance of a Contract: Processing is necessary to provide the services you have requested.
  • Legitimate Interests: Processing is necessary for our legitimate interests in improving and securing the Extension, provided that these interests are not overridden by your rights.
  • Consent: Where required, we will obtain your consent before processing your personal data.

4. How We Use Your Information

We use your information for the following purposes:

4.1. Authentication

  • To verify your identity when accessing the Extension.

4.2. Customer Service

  • To provide you with effective and efficient customer support.

4.3. Customization

  • To tailor the Extension experience based on your preferences and your organization’s settings.

4.4. Security

  • To protect your account and our services from unauthorized access and security threats.

4.5. Improvement

  • To enhance Extension features and performance based on anonymized usage data.

4.6. Research

  • To conduct analysis and produce reports regarding the use of our services, based on anonymized and aggregated data.

5. Information Sharing and Disclosure

We may share your information in the following circumstances:

5.1. Service Providers

  • To assist with business operations, we may share your information with contractors and third-party service providers when it aligns with our legitimate business interests. These service providers are obligated to adhere to data protection standards that meet or exceed legal requirements.

5.2. Legal Requirements and Protection

  • We may disclose your information if required by law or subpoena, or if we believe it is necessary to:
    • (a) Comply with legal obligations or requests from law enforcement.
    • (b) Enforce our Terms of Service.
    • (c) Protect the rights, property, or personal safety of our company, our users, or others.

5.3. Business Transfers

  • In cases where we buy, sell, divest, or transfer the company (including shares or any combination of our products, services, assets, or business segments), your data may be transferred as part of the assets. If this occurs, we will notify you promptly of the change.

5.4. Aggregate/Anonymized Information

  • We may share aggregated or anonymized data about the use of our services for analytics or marketing purposes. This data does not identify individual users and is not restricted by this Privacy Policy.

5.5. Consent

  • We may disclose your information to third parties when we have your explicit consent or a legal basis other than consent.

6. International Data Transfers

All personal data is processed and stored within the European Economic Area (EEA). We do not transfer your personal data outside the EEA. Should such a transfer become necessary, we will ensure appropriate safeguards are in place, such as standard contractual clauses, to protect your data.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. Retention periods are determined based on legal, contractual, and regulatory obligations.

8. Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

8.1. Right to Access

  • You have the right to request access to the personal data we hold about you.

8.2. Right to Rectification

  • You have the right to request correction of any inaccurate or incomplete personal data.

8.3. Right to Erasure

  • You have the right to request deletion of your personal data under certain conditions.

8.4. Right to Restrict Processing

  • You have the right to request the restriction of processing your personal data under certain circumstances.

8.5. Right to Data Portability

  • You have the right to receive your personal data in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller.

8.6. Right to Object

  • You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.

8.7. Right to Withdraw Consent

  • If processing is based on your consent, you have the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact us at legal@chartbuddy.net.

9. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling that produces legal effects concerning you or similarly significantly affects you.

10. Data Security

10.1. Transmission Security

  • All personal and sensitive user data transmitted between the Extension and our servers are encrypted using HTTPS, ensuring secure data transfer.

10.2. Data at Rest

  • Personal data stored on our servers is encrypted using strong encryption methods such as RSA or AES. Our servers are located in Amsterdam, the Netherlands, within the European Union.

11. Data Breach Notification

In the event of a data breach that poses a high risk to your rights and freedoms, we will notify you and the relevant supervisory authorities as required by GDPR.

12. Children’s Privacy

The Extension is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are under 16, please do not use the Extension or provide any personal data to us.

13. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Any changes will be posted on this page with an updated “Last updated” date. We encourage you to review this Privacy Policy periodically.

14. Contact Information

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:

  • Email: legal@chartbuddy.net

15. Complaints

If you believe that our processing of your personal data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority in the European Union, particularly in your country of residence or where the alleged infringement occurred.

16. Compliance with Chrome Web Store User Data Policy

Our use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.

  • Allowed Use: We only use your data to provide or improve the Extension’s features, in line with the Extension’s purpose of helping you create charts.
  • Allowed Transfer: We do not transfer your data to third parties except as necessary for the Extension’s functionality or as required by law.
  • Prohibited Practices: We do not use your data for personalized advertising or allow unauthorized human reading of your data.

17. Information Control

17.1. Access and Update

  • You can access and update your personal information by logging into your account.

17.2. Data Deletion

  • If you wish to delete information you have uploaded to Chartbuddy or stored in your account, please contact us at support@chartbuddy.net. In some instances, we may need to retain certain information even after a deletion request if required to fulfill legal obligations, regulatory standards, or to safeguard against fraud and abuse.

17.3. Managing Communications

  • You can opt out of receiving promotional emails from us by clicking the “unsubscribe” link in those communications. To stop receiving essential service-related notifications (such as account verification, billing confirmations, feature updates, and security alerts), please contact us at legal@chartbuddy.net.

18. Cookies and Similar Technologies

The Chartbuddy Extension, in conjunction with the Chartbuddy web application, uses cookies to enhance functionality, particularly for authentication and security purposes. We do not use cookies for advertising or tracking purposes. The cookies employed include:

  • Session Cookies: These cookies are essential for managing session state, keeping you logged in, and securely tracking user sessions. They are necessary for the web application to function properly.
  • CSRF Cookies: To protect your data, we use cookies to store CSRF (Cross-Site Request Forgery) tokens, ensuring that any data submission to our servers is from authenticated and verified users.
  • Remember Me Cookies (optional): If you choose the “Remember Me” option during login, a cookie will store information to keep you logged in across sessions.

All cookies are stored securely and are only used to support the core functionality of the application. You can control cookie settings through your browser preferences; however, disabling cookies may affect your ability to use certain features of the service.

19. Third-Party Services

The Extension does not use third-party services that collect personal or sensitive user data.

20. Data Protection Officer

If you have any questions about this Privacy Policy or how we handle your personal data, you may contact our Data Protection Officer:

  • Email: tim@chartbuddy.net

By using the Chartbuddy Chrome Extension, you acknowledge that you have read and understood this Privacy Policy and agree to be bound by its terms.