Privacy Policy

last revised on June 30, 2022

PRIVACY NOTICE FOR CLIENTS AND USERS

Memsource a.s., with its registered office at Spálená 108/51, 110 00 Prague 1, Czech Republic and Memsource GmbH, with its registered office at ABC-Straße 4, 20354 Hamburg, Germany (both together as “we” or “us” or “our”) act as joint controllers of the processing of your personal data. This privacy notice describes how your personal data is processed and for what purposes.

What personal data do we collect about you?

We collect the following personal data in connection with your relationship with us: your name and surname, job title, name of your organization, user name, email address, phone number, Skype contact details, Memsource / Phrase ID, billing address, VAT number, information from your LinkedIn profile, information about your participation in conferences, information about our historic interaction with you or your organization, IP address of the device and type of Internet browser you use to connect to Memsource / Phrase, information about the use of Memsource / Phrase by you or your organization and information about opportunities for further sale of our products to you or your organization. This personal data falls under the following California Consumer Privacy Act categories: identifiers, commercial information and usage (information on your interaction with us).

How do we obtain your personal data?

Your personal data can be:

  • Obtained directly from you, such as your name, surname, and contact details.
  • Created in the course of our relationship with you or your organization, such as information about our interaction with you.
  • Collected from public sources such as your LinkedIn profile.

How do we use your personal data?

Your personal data will be processed for the following purposes:

  • To enable you or your organization to use Memsource / Phrase and to enhance its functionality
  • To maintain our business relationship with you or your organization
  • Our internal reporting
  • To ensure network and information security
  • To analyse and understand how Memsource / Phrase is being used and to enhance its functionality
  • To provide you or your organization with business proposals
  • For future marketing, including sending you marketing materials about us and our services and products by email (unless you have indicated that you do not want to receive these marketing materials).

The above listed purposes are the following categories of business purposes under Section 1798.140(d)(3), (5), (6) and (7) of the California Consumer Privacy Act (the “business purposes”).

On what legal basis do we use your personal data?

We use your personal data on the following basis:

  • Processing your personal data to enable your use of Memsource / Phrase is necessary so that we can perform the services set out in the contract we have established with you or your organization (Article 6 (1) b) GDPR).
  • Processing of your personal data to comply with our legal obligations (Article 6 (1) c) GDPR), e.g. obligation to archive accounting documents.
  • Processing of your personal data for other purposes listed in Section “How do we use your personal data?” is based on our legitimate interest (Article 6 (1) f) GDPR) as processing of personal data for these purposes: (i) to help us to maintain a productive business relationship with you or your organization, (ii) to improve our ability to understand your business needs; (iii) to improve and enhance our services; and (iv) to ensure network and information security.

How long will we keep your personal data?

If you are a user, i.e. an employee, contractor or other person acting on behalf of your organization having a user account, we will always keep your personal data for the period for which you will be using our services. We will also keep your personal data where required by law or where we need to do so in connection with potential or actual legal action, or an investigation involving Memsource a.s.

We will also delete your user data within 3 months from the moment your user account no longer contains any jobs, projects, translation memories, term bases or other content.

If you are acting on behalf of your organization, but you do not have a user account, your personal data will be held until you opt-out or until two years have passed since your last active communication with us.

With whom do we share your personal data?

Your personal data will be accessible to our employees, as well as to authorized employees of our suppliers which provide us with a variety of essential services. Below you can find some of our most important suppliers:

List of our authorized suppliers

Salesforce.com

Salesforce.com, Inc. headquartered in San Francisco, USA
Salesforce provides customer relationship management software and applications focused on sales, customer service, marketing automation, analytics, and application development.

Chargebee

Chargebee, Inc. headquartered in San Francisco, USA
Chargebee is our billing platform. We use it for the purpose of processing and creation of payments, invoices, and contract-related tasks and details.

Amazon.com

Amazon.com, Inc. headquartered in Seattle, USA
Amazon.com is our server provider. When transferring data outside of the EU into the USA, the adequate means of protection is ensured by the European Commission’s approved model contract clauses.

Stripe

Stripe, Inc. headquartered in the Republic of Ireland
We use Stripe as a payment processing software for the purposes of the processing of credit card payments and billing information.

Mailchimp

Mailchimp headquartered in Atlanta, USA
Mailchimp is a marketing automation platform and email marketing service that helps us manage and talk to our clients, customers, and other interested parties.

Pardot

Pardot LLC headquartered in Atlanta, USA
Pardot is a marketing automation platform that, among other features, helps us to create automated marketing campagnes and analyze prospect activity and engagement.

Sendgrid

Sendgrid, Inc. headquartered in Denver, USA
Sendgrid is a customer communication platform for transactional and marketing email. We use Sendgrid as our internal product related email service.

Google Analytics

Google LLC headquartered in California, USA
We use Google Analytics to analyze the use of our website and to improve it on a regular basis. Google Analytics uses cookies. In exceptional cases in which personal data is sent to the USA, Google is relying on the European Commission’s approved model contract clauses as a means of ensuring adequate protection when transferring data outside of the EEA.

AdRoll

AdRoll, Inc. headquartered in San Francisco, USA
We use the services of AdRoll Advertising Limited to optimize the display of advertising for visitors. In some circumstances, AdRoll may also transfer the information to countries outside the EEA. AdRoll will, however, take the necessary steps to ensure that an appropriate level of data protection is maintained.

HubSpot

HubSpot, Inc. headquartered in Cambridge, Massachusetts,USA
We use HubSpot to tailor communication with visitors and users of our website as well as to keep improving it and making it more attractive to you. HubSpot is also used to optimize the care and support we give customers.

Chili Piper

Chili Piper, Inc. headquartered in New York, USA
Chili Piper is a meeting automation platform which helps us to automatically schedule appointments with leads.

Hotjar

Hotjar Ltd. headquartered in St. Julians, Malta
Our website uses the Hotjar analytics service to improve its user friendliness and the customer experience. That permits tracking of the various ways in which visitors interact with our website so that it can then be optimized for the user. The Hotjar servers are located exclusively in Ireland.

Mixpanel

Mixpanel, Inc. headquartered in San Francisco, California, USA
Mixpanel is a tracking tool used by us to understand how our customers use our applications and to keep on improving them. Mixpanel is used to gather information on which features of our website are used by customers and to what extent. When transferring data outside of the EU into the USA, the adequate means of protection is ensured by the European Commission’s approved model contract clauses.

Zapier

Zapier, Inc. headquartered in San Francisco, California, USA
Zapier enables us to integrate the services of various applications in one application and to automate workflows in it. We use Zapier on the basis of legitimate interest, since Zapier is used to automate workflows from various services and to optimize processes

Bugsnag & Sentry

Bugsnag, Inc. and Sentry headquartered in San Francisco, California, USA
These services enable us to quickly identify bugs in our software which have led to a disruption or crash and so to improve our offering. When transferring data outside of the EU into the USA, the adequate means of protection is ensured by the European Commission’s approved model contract clauses.

Albacross

Albacross Nordic AB headquartered in Stockholm, Sweden
We use Albacross for targeted advertising purposes. For the purpose of clarity, targeted advertising is focused on companies, not individuals.

Transfers of your personal data outside of your home country

Your personal data may be transferred to countries outside the European Economic Area. These countries include: The USA, Canada, and Japan. The countries to which we transfer personal data may not have data protection laws that provide an adequate level of protection to your personal data.

We therefore take steps (which may include entering into data transfer agreements based on the model clauses approved by the European Commission) to ensure that the persons to whom we transfer data in those countries commit to ensure an adequate level of protection for your personal data. You can find more information about data transfer agreements here.

Protecting your personal data

We may share your personal data with our suppliers under a written agreement which commits the suppliers to appropriate safeguards in relation to handling of your personal data (including in relation to maintaining confidentiality of your personal data and implementing appropriate technical and organizational security measures).

We will take appropriate legal, organizational and technical measures to protect your personal data consistent with applicable privacy and data security laws.

We do not sell your personal data.

Your rights

You are entitled to:

  • Opt out from your personal data being processed for direct marketing purposes

If you have given your consent you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal. The data subject shall have the right to withdraw his or her consent at any time.

  • Request access to processing information

You have the legal right to request information at any time about whether we are processing your personal data. If this is the case, you have the right to be informed about the extent to which your personal data is being processed as well as to be provided with a copy of your personal data.

  • Request the correction and/or deletion of your personal data

You have the right to obtain the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed. In certain circumstances you have the right to erasure of the personal data concerning you without undue delay. The right to erasure does not apply if processing is necessary to comply with legal obligations.

  • Object to the processing of your personal data

You have the right to object at any time to the processing of your personal data for any advertising purposes.

  • Request the restriction of the processing of your personal data

You have the right to request the restriction of the processing of your personal data where you have contested its accuracy or if the processing is deemed unlawful.

  • Request receipt or transmission to another organization, in a machine-readable form, of the personal data that you have provided to us

You have the right to transmit your personal data to another company in a safe and secure way without hindrance to usability.

  • Complain to your local data protection authority, or to a court of law, if your data protection rights are violated. You may be entitled to claim compensation for damages or distress incurred or suffered in consequence of unlawful processing of your personal data.

You are not required by law to provide your personal data to us, however, if you don’t, then we may not be able to provide you or your organization with our service. If you object to the processing of your personal data, we will respect that choice in accordance with our legal obligations. Depending on the scope of your request, this could mean that we will not be able to provide you or your organization with our service.

If you would like to exercise any of your rights, please let us know by getting in touch using the contact details below.

Contact Us

If you have questions or requests regarding the processing of your personal data, or require additional information, please contact: security@memsource.com.

CONSENT AND PRIVACY NOTICE FOR SENDING OF MARKETING COMMUNICATION

Memsource a.s., with its registered office at Spálená 108/51, 110 00 Prague 1, Czech Republic and Memsource GmbH, with its registered office at ABC-Straße 4, 20354 Hamburg, Germany (both together as “we” or “us” or “our”) act as joint controllers of the processing of your personal data. This privacy notice describes how your personal data is processed and for what purposes.

What personal data do we collect about you?

We only collect and process your personal data in compliance with the provisions of the EU General Data Protection Regulation ("GDPR“) and other provisions of European data protection law. This data includes your name and surname, job title, name of your organisation, email address, phone number, country of your location, languages you speak, and identification of your social media account.

How do we obtain your personal data?

We obtain your personal data either directly from you or from public sources such as your LinkedIn profile.

How do we use your personal data?

Your personal data will be processed for marketing purposes, including sending you marketing materials about us and our services and products by email.

On what legal basis do we use your personal data?

We use your personal data on the following basis:

  • If you are not our former or existing client our processing of your personal data is legitimate if you have given your consent as stipulated in Article 6 (1) a) GDPR.
  • If you are our former or existing client then processing of your personal data is based on our legitimate interest in accordance with the Article 6 (1) f) GDPR, as it helps our business to offer you new products and services, and provide you with some other information about us that you may find interesting.

How long will we keep your personal data?

We will always keep your personal data for the period for which we maintain an active interaction with you or your organization. We will also keep your personal data where required by law or where we need to do so in connection with potential or actual legal action, or an investigation involving us. Otherwise, Data will be held until you opt-out, until you do not engage with us for more than one year, or until they are no longer subject to contractual or legal retention obligations.

With whom do we share your personal data?

Your personal data will be accessible to our employees, as well as to authorized employees of our suppliers which provide us with a variety of essential services. Below you can find some of our most important suppliers:

List of our authorized suppliers

Google Analytics

Google LLC headquartered in San Francisco, California, USA
We use Google Analytics to analyze the use of our website and to improve it on a regular basis. Google Analytics uses cookies. In exceptional cases in which personal data is sent to the USA, Google is relying on the European Commission’s approved model contract clauses as a means of ensuring adequate protection when transferring data outside of the EEA.

Google Adwords Conversion

Google LLC headquartered in San Francisco, California, USA
We use the offering from Google Ads ("Ads“), a marketing tool from Google. Ads is used to attract attention to our offerings by means of advertising (termed "Google Ads") on external websites. We can thus determine and see how successful the individual promotional measures are in relation to the data for the campaigns. Our interest in doing that is to display advertising that appeals to you.

AdRoll

AdRoll, Inc. headquartered in San Francisco, California, USA
We use the services of AdRoll Advertising Limited to optimize the display of advertising for visitors. AdRoll displays advertising campaigns based on your browsing behavior on the Internet. That means that, after you visit our website, ads may also be displayed on other third-party sites. In some circumstances, AdRoll may also transfer the information to countries outside the EEA. AdRoll will, however, take the necessary steps to ensure that an appropriate level of data protection is maintained.

Salesforce.com

Salesforce.com, Inc. headquartered in San Francisco, California, USA
Salesforce provides customer relationship management software and applications focused on sales, customer service, marketing automation, analytics, and application development.

HubSpot

HubSpot, Inc. headquartered in Cambridge, Massachusetts, USA
We use HubSpot to tailor communication with visitors and users of our website as well as to keep improving it and make the website more attractive to you. HubSpot is also used to optimize the care and support we give customers.

Mailchimp

Mailchimp headquartered in Atlanta, Georgia, USA
Mailchimp is a marketing automation platform and email marketing service that helps us manage and talk to our clients, customers, and other interested parties.

Pardot

Pardot LLC headquartered in Atlanta, Georgia, USA
Pardot is a marketing automation platform that, among other features, helps us to create automated marketing campaigns and analyze prospect activity and engagement.

Chili Piper

Chili Piper, Inc. headquartered in New York, New York, USA
Chili Piper is a meeting automation platform which helps us to automatically schedule appointments with leads.

Hotjar

Hotjar Ltd. headquartered in St. Julians, Malta
Our website uses the Hotjar analytics service to improve its user friendliness and the customer experience. That permits tracking of the various ways in which visitors interact with our website so that it can then be optimized for the user. During your visit to our website, the tracking cookie automatically collects your activity data and stores them on the Hotjar servers. The Hotjar servers are located exclusively in Ireland.

Mixpanel

Mixpanel, Inc. headquartered in San Francisco, California, USA
Mixpanel is a tracking tool used by us to understand how our customers use our applications and to keep on improving them. Mixpanel is used to gather information on which features of our website are used by customers and to what extent. Such an analysis offers a means to control planning as part of product development, since it enables the specific demand for features to be taken into account.

When transferring data outside of the EU into the USA, the adequate means of protection is ensured by the European Commission’s approved model contract clauses.

Jetpack from Wordpress

Automattic, Inc. headquartered in San Francisco, California, USA
Jetpack from Wordpress is a tool for statistical analysis. The purpose of Jetpack is to analyze the number of visitors to our blog, create anonymized, aggregate access statistics, and to enable technical support for the search function in the blog (Elasticsearch) and SEO support.

Zapier

Zapier, Inc. headquartered in San Francisco, California, USA
Zapier enables us to integrate the services of various applications in one application and to automate workflows in it. We use Zapier on the basis of legitimate interest, since Zapier is used to automate workflows from various services and to optimize processes.

Twitter

Twitter, Inc. headquartered in San Francisco, California, USA
We use Twitter tracking pixel to recognize visitors who access our website from ads on Twitter.

Quora

Quora, Inc. headquartered in Mountain View, California, USA
We use the Quora tracking pixel to recognize visitors who access our website from content marketing on the Quora.com website.

Bugsnag & Sentry

Bugsnag, Inc. and Sentry headquartered in San Francisco, California, USA
These services enable us to quickly identify bugs in our software which have led to a disruption or crash and so to improve our offering. We have a legitimate interest in using Bugsnag and/or Sentry since it enables us to identify and remedy bugs as efficiently as possible. When transferring data outside of the EU into the USA, the adequate means of protection is ensured by the European Commission’s approved model contract clauses.

Bitbucket

Bitbucket headquartered in San Francisco, California, USA
Bitbucket is a software for collaborative versioning management. The synchronization between us and Bitbucket’s versioning management enables users to export localization files from the versioning management software into their accounts.

Albacross

Albacross Nordic AB headquartered in Stockholm, Sweden
We use Albacross for the targeted advertising purposes. The purpose for the processing of the personal data is that it enables Albacross to improve a service rendered to us and our website (e.g “Lead Generation” service), by adding data to their database about companies. The Albacross database is also used for targeted advertising towards companies and for this purpose data will be transferred to third party data service providers. For the purpose of clarity, targeted advertising is focused on companies, not individuals.

Transfers of your personal data outside of your home country

Your personal data may be transferred to countries outside the European Economic Area. These countries include: The USA, Canada, and Japan. The countries to which we transfer personal data may not have data protection laws that provide an adequate level of protection to your personal data.

We therefore take steps (which may include entering into data transfer agreements based on the Model Clauses approved by the European Commission) to ensure that the persons to whom we transfer data in those countries commit to ensure an adequate level of protection for your personal data. You can find more information about data transfer agreements here.

Protecting your personal data

We may share your personal data with its suppliers under a written agreement which commits the suppliers to appropriate safeguards in relation to the handling of your personal data (including in relation to maintaining confidentiality of your personal data and implementing appropriate technical and organizational security measures).

We will take appropriate legal, organizational and technical measures to protect your personal data, consistent with applicable privacy and data security laws.

Your rights

You may be entitled to:

  • Opt out from your personal data being processed for direct marketing purposes

If you have given your consent you have the right to withdraw your consent at any time. The withdrawal of your consent does not affect the lawfulness of processing based on consent before its withdrawal. The data subject shall have the right to withdraw his or her consent at any time.

  • Request access to processing information

You have the legal right to request information at any time about whether we are processing your personal data. If this is the case, you have the right to be informed about the extent to which your personal data is being processed as well as to be provided with a copy of your personal data.

  • Request the correction and/or deletion of your personal data;

You have the right to obtain the rectification of inaccurate personal data concerning you and/or to have incomplete personal data completed. In certain circumstances you have the right to erasure of the personal data concerning you without undue delay. The right to erasure does not apply if processing is necessary to comply with legal obligations.

  • Object to the processing of your personal data;

You have the right to object at any time to the processing of your personal data for any advertising purposes.

  • Request the restriction of the processing of your personal data;

You have the right to request the restriction of the processing of your personal data where you have contested its accuracy or if the processing is deemed unlawful.

  • Complain to your local data protection authority, or to a court of law, if your data protection rights are violated. You may be entitled to claim compensation for damages or distress incurred or suffered in consequence of unlawful processing of your personal data.

You are not required by law to provide your personal data to us. If you object to the processing of your personal data, we will respect that choice in accordance with our legal obligations.

If you would like to exercise any of your rights, please let us know by getting in touch using the contact details below.

Contact us

If you have questions or requests regarding the processing of your personal data, or require additional information, please contact: security@memsource.com