Privacy Policy


This Privacy Policy governs the manner in which teamsuccess.io collects, uses, maintains and discloses information collected from users of the teamsuccess.io website.This privacy policy applies to the site and all products and services offered by teamsuccess.io.

When we refer to "teamsuccess.io," "we", or "us" in this policy, we mean Interthings GmbH.

In order for you to create a teamsuccess.io account, we require that you provide a valid work email address of your company. The email you use must be one where we can reach you. In the event we cannot correspond with you via this work email address, your content may be rejected and your account may be disabled. If you do not agree with this policy, please do not access or use our services.

Information Collection And Use

We collect different types of information to provide and improve our service to you.


Types of Data Collected:

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (this is called "Personal Data"). Personally identifiable information may include the following, but is not just limited to:

  • Work Email address
  • Cookies, log information, and Usage Data (details below)
  • IP address (your location)
  • Information whether you have paid for a subscription: We use a secure service called Paddle (https://paddle.com/) when you register for paid services (for example the monthly subscription).
Usage Data

We may also collect information how the service is accessed and used (this is called "Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data. We collect and use this information to, for example, calculate how many people visit our services from certain geographic regions.

We use your work email address, for example, to communicate with you about new Risk Assessments that you or your admin created on TeamSuccess.io, to verify your user account when signing up to TeamSuccess.io, or keep you up to date on TeamSuccess.io and our products (which you can unsubscribe from at any time). These emails are sent using Sendgrid.

By using our services, you signify your acceptance of us sharing your personal data with SendGrid, which is a GDPR-compliant email service that we use to send emails with. Please read the Sendgrid ("Twilio") Privacy Policy for more information.

As an option, you can invite people to your risk assessments. In this case, TeamSuccess.io needs to know the e-mail addresses of the people to be invited. You can enter these work e-mail addresses in the invitation field. TeamSuccess stores these e-mail addresses for your convenience.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.

Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our service.

Examples of Cookies we use:

  • Session Cookies. We use Session Cookies to operate our Service.
  • Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
  • Embedded third-party widgets ( for example Youtube or Vimeo iframes) store a cookie through its iframe player.
  • More info about cookies on our Cookies page: https://teamsuccess.io/cookies
Use of Data

Teamsuccess.io uses the collected data for different purposes:

  • To provide and maintain the service
  • To notify you about changes to our service
  • To allow you to participate in interactive features of our service when you choose to do so
  • To provide customer care and support
  • To provide analysis or valuable information so that we can improve the service
  • To monitor the usage of the service
  • To detect, prevent and address technical issues
Transfer Of Data

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction. Our servers are located in the United States (US). If you are located outside of the US, please be aware that any information provided to us, including Personal Information, will be transferred from your country of origin to the US. Your decision to provide such data to us, or allow us to collect such data it through our Website or the Services, constitutes your consent to this data transfer.

We use Heroku's and Cloudflare's products, which are certified under the EU-U.S. Privacy Shield framework set forth by the U.S. Department of Commerce and the European Union. Salesforce (the parent company of Heroku) has a data processing addendum in place (more information can be found here: https://www.salesforce.com/content/dam/web/en_us/www/documents/legal/Privacy/privacy-shield-notice.pdf). We have signed Data Processing Addendums (DPAs) to ensure onward transfer of your data is safe.

If we are involved in a merger, acquisition or asset sale, your personal information may be transferred. We will provide notice before your personal information is transferred and becomes subject to a different Privacy Policy.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

Security

We use industry standard Transport Layer Security (“TLS”) to create a secure connection.

TeamSuccess.io uses Cloudflare (https://www.cloudflare.com) for e.g. DDoS protection.

We use PCI compliant provider Paddle (https://paddle.com/legal/) to handle taxes and billing. Paddle also supports Strong Customer Authentication (SCA), a new rule coming into effect on September 14, 2019, as part of PSD2 regulation in Europe.

Data and backups are stored encrypted in the US, by a service provided by Heroku (https://www.heroku.com/policy/security). Data is encrypted in Transit and at Rest.

In the case of a TeamSuccess.io user account being deleted by the user on his / her account page, upon deletion, we delete the user’s personal data, including email address. Personal data will remain in encrypted TeamSuccess.io database backups until those backups fall out of the 4-week retention window and are destroyed.
In certain cases where we have a legal purpose to do so, we may keep user's personal data. Some examples of this include financial information related to things like purchases and billing records; records showing why the account was deleted; or data relating to a litigation or other legal inquiry.
When deleting an individual non-admin user account, we do not automatically delete the content that was created by the individual users in TeamSuccess.io. For example, risks typed into risk assessments will remain visible even if the removed user no longer exists. The applicable risk assessment's admin or users, depending on the permission settings, would need to delete that content manually. All risk assessments that the admin has created are destroyed, when the admin's user account is destroyed, and also all the risks that were recorded in that risk assessment are then destroyed automatically.

Disclosure Of Data Legal Requirements

Teamsuccess.io may disclose your Personal Data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of teamsuccess.io
  • To prevent or investigate possible wrongdoing in connection with the service
  • To protect the personal safety of users of the service or the public
  • To protect against legal liability
Security Of Data

The security of your data is very important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. Please use strong passwords, and keep them secure.

Your Rights
    If you are located in certain countries, including those that fall under the scope of the European General Data Protection Regulation (GDPR), data protection laws give you rights with respect to your personal data, subject to any exemptions provided by the law, including the rights to:
  • Request access to your personal data;
  • Request correction or deletion of your personal data;
  • Object to our use and processing of your personal data;
  • Request that we limit our use and processing of your personal data; and
  • Request portability of your personal data.
  • You can access, correct, or delete your personal data using your account settings and tools that we offer.

Please note that we may ask you to verify your identity before responding to requests.

Service Providers

We may employ third party companies and individuals to facilitate our service (these are also called "Service Providers"), to provide the service on our behalf, to perform service-related services or to assist us in analyzing how our service is used. For example, we use a secure service called Paddle (https://paddle.com/), when you register for paid services (e.g. monthly subscription). Your data (e.g. email address, IP address and id) will be shared with Paddle for product fulfillment. We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy.


We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our services. For example, we work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you.

We may use third-party Service Providers to monitor and analyze the use of our service. For example:

  • Cloudflare. Cloudflare, Inc. is a U.S. company that provides content delivery network services, DDoS mitigation, Internet security and distributed domain name server services. Cloudflare's services sit between the visitor and the Cloudflare user's hosting provider, acting as a reverse proxy for websites.

  • SendGrid for sending emails. By using this site, you signify your acceptance of us sharing your email address with SendGrid, which is a GDPR-compliant email service.

  • Heroku, and possible Heroku addons to log any events for development purposes. Heroku is a platform as a service (PaaS) that enables developers to build, run, and operate applications entirely in the cloud.

  • Information whether you have paid for a subscription: We use a secure service called Paddle (https://paddle.com/) when you register for paid services, to handle taxes and billing. We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy.

  • Google Analytics
  • Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.

    You can opt-out of having made your activity on the service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.

    For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en

Links To Other Sites

Our service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites, providers or services.

Third party websites

Users may find advertising or other content on our website that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our website. In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our website, is subject to that website's own terms and policies.

Changes to this privacy policy

Teamsuccess.io has the discretion to update this privacy policy at any time. When we do, we will revise the updated date at the bottom of this page. We encourage Users to check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

Your acceptance of these terms and policies

By using this site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our website. Your continued use of the website following the posting of changes to this policy will be deemed your acceptance of those changes.

How to contact us

If you have any questions, please email us at [email protected]

This document was last updated on July 11, 2019