Privacy policy
Privacy and security of users’ personal information is Goodera’s top priority. This Privacy Policy explains principles and practices related to our collection, usage, storage, security, sharing, transfer, access, control and deletion of personal information within the Goodera Platform. This policy should be read in conjunction with the Terms of Use available at about.goodera.com/terms. Your usage of Goodera products and services assumes full agreement with terms outlined in this document.
The Goodera Platform refers to the cloud-based products and services operated by NextGen Project Management Systems Pvt Ltd and NextGen Impact Inc (hereafter collectively referred to as “us”, “we” or “Goodera”). The platform can be accessed through several products and services including websites, mobile apps, support services etc. (hereafter referred to as “platform”, “products”, “services”, “systems” or “software”).
Organizations allowed to use the platform through formal agreements with Goodera are hereafter referred to as “clients”. Only users authorized by clients must use the platform. These users may be employees of the clients, employees of client's partners or any other user the client authorizes to access the platform.
Information we collect
We collect information about you when you directly provide it to us through our products or services, when your company administrators provide it to us on your behalf or when it is automatically generated through your usage of our systems.
Information provided by you or your company administrator
- Your registration and profile details provided by you or your company representative required to access and use the platform. This may include email, username, password, name, gender, job title, profile photo and other details displayed in “My Profile” and “Security” sections of the platform.
- Content entered by you into the platform while using it. Examples of such information include volunteering event registrations, photos, comments, ratings, invitations, project data provided through forms in web and mobile apps, configuration of CSR programs and dashboards etc.
- Information you choose to provide automatically through integrations of Goodera platform with legacy applications owned by you, single sign on systems and other IT applications.Information you provide us through support channels. This includes details of issues raised by you when creating a support ticket (through email or other means) as well as follow-up details provided during the resolution of such issues.
- Information provided by you or your company representative to contacts within Goodera via email and attachments with the aim of entering, modifying, cleaning or deleting indicated data within the Goodera platform on your behalf.
Certain features of the product (e.g. donations) may require you to enter payment related information such as credit card number or bank details. Goodera partners with secure third parties in order to process such payments and does not itself store a copy of credit card, bank or other sensitive payment method information.
Information automatically generated through usage of platform
- We keep track of your interactions with the system with the objective of maintaining secure audit trails as well as providing you better experience and value from our products. Examples of information captured in this way includes features you use, links you click, data or configuration changes you make, time and location of changes etc.
- Device and connection information including device type, operating system, browser type, IP address, URLs of referring/exit pages, device identifiers and crash data.
Scope and consent for personal information collection
- Wherever information can be used to identify you, we collect such information only when:It is necessary to deliver our product current features and services, is necessary for their future improvement or is required for legal and contractual reasons.
- You give us your consent to do so – either directly or via your company representative.
Use of collected information
Goodera only collects information that is necessary to deliver product features, customized and easy user experience, security, maintain direct communication channels with users and perform R&D necessary to improve future value and security of its products and services. Specifically, we use this information for the following purposes:
- Provision of promised product features. Examples of such features include managing, searching and registering for volunteering events, tracking “Karma Points”, displaying leaderboards, managing data collection for CSR programs, automatically generating and validating forms, assignments of tasks to users, displaying analytics and visualizations in dashboards etc.
- Personalization of user experience. For example, when you sign into the Goodera platform using your email, username or via company SSO we identify you and show you information and actions relevant to you.
- For research and development required to enhance future value and security of the platform. For example, we may analyze patterns of actions among multiple users and build features that can facilitate performing such actions. We may also build statistical models of data entry and platform usage in order to proactively identify and address data quality anomalies and potential security threats.
- To establish a direct communication channel with you we collect email addresses and, in some cases, mobile phone numbers in order to directly send you important messages. Examples of such messages include links for setting passwords, confirmations of your own actions, notifications and reminders about actions you must perform, system generated reports etc.
- To provide analytics required by your company management for managing and improving the business processes our products help automate. For example, we may provide aggregated reports and dashboards about company-wide volunteering activity to the HR department, provided ability to drill-down to individual office level etc.
- To promote relevant services and products. For example, we may send you links to fundraising campaigns promoted by our NGO partners using the Goodera platform based on your preferences for certain causes.
- For customer support. We review and understand details of issues raised by you, seek more information if necessary to resolve such issues, automatically receive crash reports etc.
Security and storage of personal information
Security
Goodera uses industry standard technology and best-practices designed to help keep your personal information safe. Key security measures include (but are not restricted to) robust encryption of all information transferred in and out of the platform, anonymization and encryption of sensitive information stored within the platform, strict access control of data and actions based on permissions assigned to a user by his/her administrator, extensive logging and monitoring of activity within the platform, proactive testing and hardening of all our systems, security-aware processes, employee screening and training etc. We also ensure on reasonable commercial efforts basis that any agent or third party that we employ complies with the same security standards as us for the protection of your data.While we implement safeguards designed to protect your information, it must be understood that no security system is impenetrable due to the inherent nature of the Internet.
Storage
We use state-of-the-art cloud infrastructure providers to deliver our products and services as well as store data. We retain user and customer data within our systems only until there is a valid business or legal reason to do so. The actual duration of storage depends upon the kind of information as mentioned below. Beyond this period we either permanently delete or anonymize your information. This happens separately for each medium of storage (e.g. databases, logs, backups etc.) depending upon the appropriate schedule for the medium.
- Your registration and profile details are retained while you are a user of the system and for a reasonable period beyond that in case you want to re-activate your account. We may also retain some of this information if it may be required to comply with our legal obligations, to resolve disputes and to enforce our agreements. Where we retain information for product improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our products, not to specifically analyze personal characteristics about you.
- Content entered by you, collected via system integrations or provided to Goodera via emails that is not registration or profile detail of users is deemed property of the client company. At the termination of agreement, such information may be provided back to the client, deleted or retained for an agreed period of time depending upon client’s instruction. If no specific instruction is provided this information is retained for a reasonable period of time to allow re-instatement and, thereafter, anonymized or deleted.
- Information provided through support channels is retained for a reasonable period after closure of support tickets to allow referencing in case of re-opening of cases or creation of related cases. Thereafter, information necessary for contractual enforcement and support statistics is retained while the remaining details are deleted.
- Automatically generated information is anonymized and retained forever for R&D and future improvement of products.
Sharing of personal information with third parties
Goodera does not sell your information to advertisers or other third parties. However, in order to provide a good user experience and deliver necessary product features we sometimes needs to integrate or partner with selected partners and in such cases some information may be shared with them. Whenever we do so we ensure that these third parties are reputed, deliver value adding services and have the same level of security controls in place that we do. We also minimize the information that must be shared.
Following are the situations in which your information is shared with third parties:
- Through use of infrastructure provided by cloud providers. We deliver our products and services through state-of-the-art cloud providers and use their infrastructure to store data.
- For support helpdesk. We use reputed helpdesk providers to implement a streamlined support ticketing system. With such providers, user contact details (primarily email address) and details of the support cases are shared.
- For payments. We use secure payment gateways to process donations etc. Your credit card or bank details will be shared with these partners when you use these features. Goodera does not itself store your credit card, bank or other sensitive payment method information.
- For analytics. We use reputed internet services for collecting data about usage of our products with the intention of analyzing and improving user experience and product features over time. Wherever possible we anonymize personal information.
- For providing useful product features that already exist in other reputed products, we may partner with respective companies and integrate their products with ours. This may involve sharing of some information depending upon the feature.
Sharing of data for legal or regulatory reasons
Goodera cooperates with mandated government and law enforcement agencies whenever necessary. We will disclose any information about you to government or law enforcement officials if we believe it is necessary or appropriate to respond to claims and legal process, to protect our property and rights, to protect the safety of other persons or to prevent or stop any illegal, unethical or legally actionable activity.
Business transfers
Goodera may sell, transfer or otherwise share some or all of its assets in connection with a merger, acquisition, reorganisation or sale of assets or in the event of bankruptcy. Should such a sale or transfer occur, management of all data stored by Goodera including your personal information will be transferred to the relevant entity.
International transfer of personal information
We collect information globally and primarily store that information in the Germany, India and United States. We may transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing you the services. Whenever we transfer your information, we take steps to protect it.
Accessing and controlling your information
You have certain choices available to you when it comes to your personal information. Below is a summary of those choices, how to exercise them and any limitations.
- You have the right to request a copy of your information, to object to our use of your information by providing a valid reason, to request the deletion or restriction of your information, or to request your information in a structured, electronic format. You can do so by sending a request to Goodera support.
- You may access and update your personal information by signing into the platform and accessing “My Profile” and “Security” sections at any time.
- You or your administrator may deactivate your account at any time by contacting Goodera support. You administrator may additionally disable your access to our products and contained data so that even though your account still exists you will be denied access to organizational data.
- You may opt out of receiving majority of system notifications from us by using the unsubscribe link within each email or updating your notification preferences within your account or by contacting Goodera support. Even after you opt out from receiving some or all notifications we will continue to send you important messages related to product updates, changes in terms and privacy clauses, security related alerts and requests and any other notifications with contractual or legal relevance.
- Your request and choices may be limited in certain cases. For example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep. Where you have asked us to share data with third parties, for example, by installing third-party apps, you will need to contact those third-party service providers directly to have your information deleted or otherwise restricted.
Your responsibilities
You are required to use the Goodera platform in a manner that is lawful and compliant with policies of Goodera, relevant client and your employer. The platform provides extensive data collection and analysis functionality. To a great extent a user can decide what information he/she want to store in the system. Users are required to take necessary consent and security measures when they use such tools before storing personal information about others or before storing any other sensitive data. Goodera is not responsible for legal, contractual or policy violations resulting from the intentional or unintentional misuse of Goodera functionality by the users of the platform.
Actions of administrators
Goodera builds business software which is used to automate business processes and manage organizational data. Therefore, client administrators manage the way Goodera products are configured and used by authorized users. In order to facilitate their job Goodera products provide extensive functionality and services to such administrators including creation of user accounts, deactivation or deletion of accounts, accessing information about users authorized by clients, viewing audit trails, allowing or disallowing usage of Goodera products, changing information entered by other users, changing product configuration etc. Actions of administrators are governed by internal policies of our clients and Goodera is not responsible for these actions. In order to better understand what these policies are please contact your system administrators, HR or CSR department.
Changes to this policy and additional terms
We may change this privacy policy from time to time. We will post any privacy policy changes on this page and, if the changes are significant, we will display a prominent notice on product home page or send you an email notification. We encourage you to review our privacy policy whenever you use the platform to stay informed about our information practices and the ways you can help protect your privacy.
Links to other websites and apps
We may provide links to other websites for your convenience and information. These sites may have their own privacy policies in place, which we recommend you review before using them.
Data Protection Office contact detailsFor further clarification about privacy matters, reporting of issues, guidance, suggestions for improvement etc. you may reach Goodera’s Data Protection Officer at any time at privacy@goodera.com.
Following are full contact details:
Data Protection Officer
Goodera
Ward No. 57, 3rd Floor
Artisane RPS TECH Centre No. 32
1st Main Road Corporation, 3rd Phase J. P. Nagar
Bengaluru, Karnataka - 560078
Phone: +91 80 6848 4666
Email: privacy@goodera.com
