We will use your personal data only for the purposes and in the manner outlined below, which describes the steps we take to ensure the processing of your personal data is in compliance with the Data Protection Act 2018 and any subsequent data protection and privacy legislation, European Union law including Regulation (EU) 2016/679 (known as the General Data Protection Regulation or GDPR) and any subsequent amendments (collectively referred to as “Data Protection Legislation”).
We seek to maintain the privacy, accuracy, and confidentiality of data (including your personal data) that we obtain during your use of the Services.
All Woebot Platforms
If you choose to create a user account, you will be asked to provide an email address so that we can identify you to comply with your potential request to delete or access your data. If you decline to provide your email address, your information is not linked to you in any identifiable way.
Conversations with Woebot are not shared with any other company or service. We will never sell or give away your personal data or conversation history.
Woebot only sees your activity within the conversation. We receive basic information from Facebook: first name, locale, timezone, to personalize the experience. We do not access your Facebook profile, and do not have access to your news feed or friend list.
We do not post anything to your Facebook wall or notify your friends that you are using Woebot. If you choose to share a GIF or video from your conversation with Woebot, however, they may see that it’s from the Woebot page.
iOS and Android Apps
We use your email to create a user account. This step is optional; it is not required in order to use the platform. You can also bypass providing your email address if you wish. We use your time zone to personalize the experience.
Conversations with Woebot within Mobile App are not shared with any other company or service. We will never sell or give away your personal data or conversation history.
Identity of the Controller of Personal Information
For the purposes of Data Protection Legislation, the Data Controller for Woebot Platforms is Woebot, a company and registered in the United States (EIN 38-4034738) and having its registered office address at 650 5th Street Suite 303 San Francisco CA 94103
Contact Details of the Data Protection Officer / Representative
The contact details of Woebot’s data protection officer / representative are as follows:
Name: Athena Robinson, PhD
Email Address: firstname.lastname@example.org
Address: 650 5th Street Suite 303, San Francisco, CA 94107
Processing of your Personal Data
How and why do we process your personal data?
When you use the Services, we may collect and process different personal data about you. The personal data we process, the basis of processing and the purposes of processing are detailed below. Sometimes, these activities are carried out by third parties (see “Sharing of Personal Data” section below).
We encourage you to supply only the information you are comfortable with.
|Personal data||Basis of processing||Purpose of processing|
|Personal information (including first name) and email address.||It is necessary to take steps for entering into a contract with you or for the performance of our contract with you.||This is required to provide the Services, to maintain our customer/visitor lists, to respond to your inquiries or provide feedback, for identification and authentication purposes, for service improvement, and to address issues like malicious use of the Services.|
|Financial and billing information (when purchasing the Services) (including billing name, address and credit card number), as applicable.||It is necessary to take steps for entering into a contract with you or for the performance of our contract with you.||We use a 3rd party processor (i.e., Stripe Inc.).|
Data, diagnostic and login information:
Information, data, text, graphics, video, messages or other materials,
Diagnostic information (including crash report along with certain logging information from your system documenting the error)
Information regarding your Operating System version, hardware, browser version (and .NET version information in case of Windows systems), and your email address, if provided.
Additionally, certain login information may be maintained in a cookie stored locally on your personal computing device (i.e. not on a server) in order to streamline the login process.
|It is necessary to take steps for entering into a contract with you or for the performance of our contract with you.||To enable us to administer and improve our Services to you.|
We use this information to provide you with the Services.
We may also use your Analytics Information in a de-identified, anonymous way in conjunction with an analytics service such as Google Analytics and Mixpanel to monitor and analyze use of the Services, for the Services’ technical administration, to increase the Services’ functionality and user-friendliness, and to verify users have the authorization needed for the Services to process their requests.
Where does Woebot obtain my personal data from?
Most of the personal data we process is obtained from you when, through the application you: register for a Woebot account and exchange text or button messages with Woebot. Other types of personal data may be obtained from third parties, including, for example, your name and timezone from Facebook. We do not obtain data from any other 3rd parties.
Sharing of Personal Data
1. Internally within Woebot
Your personal data will be held by Woebot’s team. Your personal data will only be shared internally with members of the team, managers and IT staff if access to the data is necessary for the performance of their roles. Woebot takes appropriate steps to ensure that such personnel is bound to duties of confidentiality with respect to your personal data.
2. Service Providers
We use third party service providers who provide technical and support services to help us improve the product. In providing the services, these third party service providers may have limited access to databases of user information or registered member information solely for the purpose of helping us to improve the product and they will be subject to contractual restrictions prohibiting them from using the personal data of our members for any other purpose. Such agents or third parties do not have any rights to use personal data beyond what is necessary to assist us.
We will check any third party that we use to ensure that they can provide sufficient guarantees regarding the confidentiality and security of your personal data. We will have written contracts with them which provide assurances regarding the protections that they will give to your personal data and their compliance with our data security standards and international transfer restrictions.
3. Disclosure through Facebook Messenger with third parties
4. Disclosure to other third parties
In certain circumstances, we share and/or are obliged to share your personal data with third parties for the purposes described above and in accordance with Data Protection Legislation.
These third parties include:
- administrative authorities (tax or social security authorities)
- financial institutions
- police, public prosecutors
- external advisors
Tranfer outside the European Economic Area
Your personal information may be transferred, stored and processed in one or more countries outside the European Economic Area (“EEA”), for example, when one of our service providers use employees or equipment based outside the EEA. For transfers of your personal data to third parties outside of the EEA, we take additional steps in line with Data Protection Legislation. We will put in place adequate safeguards with respect to the protection of your privacy, fundamental rights and freedoms, and the exercise of your rights, e.g. we will establish an adequate level of data protection through EU Standard Contractual Clauses based on the EU Commission’s model clauses.
If you would like to see a copy of any relevant provisions, please contact Woebot’s Data Protection Officer / Representative (see “Contact Us” section below).
How is my Personal Data secured
Woebot operates and uses appropriate technical and physical security measures to protect your personal data.
We have in particular taken appropriate security measures to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access, in connection with your job application.
Access is only granted on a need-to-know basis to those people whose roles require them to process your personal data. [In addition, our service providers are selected carefully to ensure they have an appropriate level of technical, organisational and security measures.]
You are also responsible for helping to protect the security of your Personal Information. For instance, never give out your Facebook password, and safeguard your user name, password and personal credentials when you are using the Services, so that other people will not have access to your Personal Information. Furthermore, you are responsible for maintaining the security of any personal computing device on which you utilize the Services.
Storage of Personal Data
Your personal data will be encrypted and stored in our primary datastore for analytical processing (i.e., graph images).
We will keep your personal data for as long as it is necessary to fulfil the purposes for which it was collected as described above and in accordance with our legal and regulatory obligations. This may mean that some information is held for longer than other information.
If you would like further information about our data retention practices you can ask for this at any time (see “Contact Us” section below).
You may have various rights under data protection legislation in your country (where applicable).
These may include (as relevant):
- The right of access enables you to check what type of personal data we hold about you and what we do with that personal data and to receive a copy of this personal data;
- The right to object to processing of your personal data where that processing is carried out on the basis of our legitimate interests. We will stop using your personal data unless we can demonstrate an overriding legitimate ground for the continued processing of this personal data;
- The right to rectification enables you to correct any inaccurate or incomplete personal data that we hold about you;
- The right to erasure enables you to request that we erase personal data held about you in certain circumstances;
- The right to restrict processing of your personal data by us in certain cases, including if you believe that the personal data held about you is inaccurate or our use of the personal data is unlawful; and
- The right to data portability enables you to receive your personal data in a structured, commonly used and machine readable format and to have that personal data transmitted to another data controller.
1. For Android and iOS apps:
Upon request of the data, the User will be emailed a link to a personalized dashboard page, hosted on our website (woebot.io) protected by the User’s login information (that is provided by the User on first download of the app). On the dashboard, the User will find a button to request a copy of their data. Users who indicate that they would like to retrieve their data, will be sent an email that contains an individualized link to use to download a .zip file containing their data files. This link can be used one-time only and is only active for 60 minutes.
2. Facebook Messenger
If you wish to exercise any of the above rights, please contact us (see “Contact Us” below).
Your right to lodge a complaint with a Supervisory Authority
If you are unhappy about any aspect of the way we collect, share or use your personal data, please let us know using the contact details below.
You also have a right to complain to the Office of the Data Protection Commission at Canal House, Station Road, Portarlington, Co. Laois by telephone at 1890 25 2231 and/or by email to email@example.com.
Changes to this Information
/ and/or please contact us at: Woebot Help Center.