Privacy policy

Last updated: July 9th, 2021

This privacy policy aims to give you information on how Spidergap collects and processes your personal data through your use of this website, including any data you may provide through this website and/or when you purchase a product or service from us.

In addition, you may use Spidergap’s features to collect Personally Identifiable Information about other people. In this regard, Spidergap acts as your “Data Processor”, for which the related policy and terms are covered in a separate Data Processing Agreement .

Key points:

  • We will not share your Personal Information with any 3rd party for marketing purposes or for any other purpose not detailed in this policy.
  • You own the data associated with customizations you make to Spidergap’s templates. This includes any updates you make to Spidergap’s document templates, or documents you upload.
  • We follow best-practices to keep your personal data secure. Spidergap’s Security Statement covers this in more detail.
  • We store your data on servers located in the UK and the European Economic Area.

Throughout this policy, the words “you” and “your” to refer to you and the organization that you’re working on behalf of. If you’re not working on behalf of an organization, then “you” and “your” refers only to you personally.

Controller

Spidergap is the controller and responsible for your personal data (collectively referred to as “Spidergap”, “we”, “us” or “our” in this privacy policy).

If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us using the details set out below.

Contact details

If you have any questions about this privacy policy or our privacy practices, please contact us in the following ways:

  • Email address: privacy@spidergap.com
  • Postal address:
    c/o Bridging Insight Ltd, Floor 6, Quadrant House, 4 Thomas More Square, London, England, E1W 1YW

We are regulated under the General Data Protection Regulation (EU) 2016/679 which applies across the European Union (including in the United Kingdom) and the Data Protection Act 2018 and we are responsible as ‘controller’ of that personal information for the purposes of those laws.

1. Who Spidergap collects Personal Information about

For the purpose of this Privacy Policy, “Personal Information” means any information relating to an identified or identifiable individual.

We collect Personal Information about:

  • Administrators. Administrators are people that sign up to the Spidergap site in order to administer your organization’s account and 360° Feedback projects.
  • Visitors. Visitors are visitors to Spidergap’s website who have not yet identified themselves as an administrator.

2. The types of data Spidergap collects

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Account and Identity Data. This includes your name, email address, phone number, profile picture, password, purchases or orders made by you, your interests and preferences, and details about your organization and role.
  • Account settings. We allow you to configure settings for your account — for example, your communication preferences.
  • Project and organization data. Spidergap lets you create and customize project and organization spaces in which you can set-up questionnaires, reports, branding and further customizations.
  • Administrator feedback. We may collect feedback from Administrators, to help us to make improvements in future — for example, a testimonial.
  • Details about your planned usage. We ask for information about your planned usage so that we can offer you the right guidance and support.
  • Device data. We record information about the device you are using, including the IP address, web browser and operating system.
  • Billing and financial data. For the purpose of billing, we may collect bank account and payment card details as well as your name, address and VAT number. However, Spidergap does not store or process credit card details — these are processed by a secure and PCI-accredited third party, namely Stripe.
  • Information from social media. We may collect publicly available information from social media to expand Spidergap’s understanding of your role and how we can support you.
  • Personal Information from other services. If you choose to use a service that integrates with Spidergap, then we may collect additional Personal Information relating to that service.
  • Support and sales conversations. When you send Spidergap a question, feedback, or any other type of message, we keep a record for future reference. We also keep a record of conversations Spidergap have through other channels, such as on the phone.
  • Usage Data. Spidergap will collect information about how you use our website, products and services.

3. How Spidergap collects your Personal Information

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Personal Information by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
    • Apply for our products or services
    • Create an account on our website
    • Subscribe to our service or publications
    • Request marketing to be sent to you
    • Enter a competition, promotion or survey
    • Give us feedback or contact us.
  • Automated technologies or interactions. As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies. You can update your tracking preferences at any time. Please see our Cookie policy for further details.
  • Contact, Financial and Transaction Data from providers of technical, payment and delivery services.
  • Identity and Contact Data from publicly available sources such as Companies House.

4. How Spidergap uses your Personal Information

We use your Personal Information to:

  • Provide Spidergap’s services to you. This includes providing technical support for which Spidergap’s site administrators may need to access your account or documents.
  • Monitor, maintain and optimize Spidergap’s services.
    • We monitor your usage to see when things are going well, when you might need help, and identify opportunities to optimize Spidergap’s services.
    • This includes reviewing possible technical or legal issues; data that enables Spidergap to tailor our services such as your location or documents created; and other data that gives us insights to help improve services in future.
  • Contact you about your usage of Spidergap’s service or your account.
    • We use the contact details you provide to share updates that will affect your account and use of Spidergap, and to support you in using your account effectively. For example, when you create a new account, you will receive welcome emails to help you get set-up. These emails are required as part of Spidergap’s service, and so cannot be opted out of unless you choose to cancel your account.
    • We may assign an Account Manager to your account to help you get more value out of Spidergap’s services. As part of this role, the Account Manager may review your data, and may share your data with you to help you better understand your usage.
  • Contact you for sales and marketing purposes.
    • We may contact you for Spidergap’s own marketing purposes, such as to promote a new service Spidergap offers. We will only contact you if you have given explicit consent for this type of communication, and you can opt out at any time.
    • We may use your contact details to connect on social media platforms such as Twitter and LinkedIn. You can opt out of any request to connect via the platform being used.
  • Demonstrate the value Spidergap provides to 3rd parties.
    • We may share data to demonstrate the value Spidergap provides to 3rd parties.
    • Unless Spidergap have your explicit consent, any information shared with 3rd parties will be aggregated or anonymized so that it cannot be linked back to a specific individual or organization.
  • Respond to legal requests. If Spidergap receive a legal request for data, we may need to review your data to plan how to respond. Any such review will be in line with the legal framework of the applicable data protection legislation.

5. Who Spidergap shares your Personal Information with

We may share:

  • Your Personal Information with Spidergap’s service providers.
    • We use third party services for areas such as infrastructure, payment and support. This helps us to provide a better and more secure service to customers. For the purposes of Spidergap transactions we may share your personal information with our payment processor, who will fulfill the transaction process.
    • When using third parties, Spidergap ensures that there is an agreement in place that meets our standards and legal requirements for data protection.
  • Your email address with your organization.
    • If your account uses an email address that can be associated with a specific organization, we may share your email address with others from that organization. This is to help your organization identify who in the organization currently has access to Spidergap’s services.
    • You can choose to use an alternative email address if you are not happy with your email address being shared.
  • Your email address with users in your organization. If we are contacted directly by a user in one of your organizations in Spidergap, we will typically provide your email address so that they can contact you directly for support.
  • Aggregated or anonymized data with third parties. Spidergap may share this data to promote or help improve the service. We will ensure that no individual or organization can be identified from the data shared.
  • A cookie with Spidergap’s advertising partners.
    • Spidergap’s website may create a cookie that is stored by your web browser and helps Spidergap’s partners to deliver targeted advertisements to you about Spidergap’s services. This cookie will not include any data that would allow a third party to identify you or your organization.
    • You can opt out of targeted advertisements at http://www.youronlinechoices.eu if you’re in the European Union, or at http://preferences-mgr.truste.com/ for the rest of the world. You can also clear the cookies from your web browser at any time.
    • For more details on how we use cookies you can view our Cookie Policy.
  • Your organization name and logo to help us to promote our services. We will not identify any individuals without express consent. If you do not want this data to be used in this way, you can contact our support team to opt out.
  • Your data if Spidergap’s business ownership or structure changes. If the business ownership or structure supporting Spidergap changes in future, the data may be transferred to any new owner such that we can continue to provide Spidergap’s service.
  • Your data if required to by law or legal process. If the law requires us to share your data, we will only share any data after making commercially reasonable efforts to notify you in advance to give you an opportunity to challenge the requirement to disclose.
  • Information you expressly consent to be shared. There are other times that we may ask for your permission to share specific data or Personal Information — for example, to share your contact details with Spidergap’s partners that provide other services such as process design.

6. Your rights to your Personal Information

Under the Data Protection Laws, you have a number of important rights including:

  • The right of access to the personal data that we process about you, which includes the right to obtain confirmation as to whether or not we process any of your personal data and if this is the case, you have the right to request a copy of your personal data, and the details of our processing of your personal data.
  • The right to require us to correct any inaccuracies in your data that we process.
  • The right to object to our processing of your personal data (including for direct marketing purposes) or to withdraw your consent if you have previously given us your consent.
  • The right to request erasure of your personal data (often referred to as the “right to be forgotten”).
  • The right for your personal information to be processed in a fair and transparent manner .

Should you have any questions about your privacy rights in usage of this website, please contact privacy@spidergap.com .

7. How Spidergap keeps your Personal Information secure

We have embedded security into every part of Spidergap’s business, from recruitment through to end-user support. Spidergap’s Security Statement summarizes how we keep data secure.

We use the guidance provided by the Information Commissioner’s Office and the best practice guidance and controls defined by ISO 27001 to help us to meet Spidergap’s responsibilities.

Regardless of the steps we take, there is always a risk of your Personal Information being accessed by unauthorized third parties. In the unlikely event of a security breach that may affect your data:

  • We will contact you within 24 hours of identifying the breach and confirming whether your Personal Information is at risk.
  • We will provide guidance on how to remedy or mitigate any potential damage as soon as possible, with regular status updates if the breach is ongoing.
  • We will provide a full written report within 2 weeks that details the root causes behind the breach, the steps we’ve taken to address it, and the steps we’ll take to prevent a similar breach from occurring.

If you would like your security team to be notified in the event of a security breach, you can provide additional email addresses to Spidergap’s support team.

8. How Spidergap deletes Personal Information

You can delete your workspace and content at any time using features available online. You can also request for your entire account to be deleted.

If you choose to unsubscribe, or finish a free trial without making purchase, we may choose to delete your workspaces and content after the subscription or free trial has ended. We will notify you at least 7 days before deletion with guidance on how to avoid deletion by making payment.

Your Personal Information will initially be ‘soft-deleted’ such that it can be recovered by Spidergap’s system administrators if needed. Your Personal Information will then be permanently deleted within 30 to 60 days.

Please note that we continuously maintain backup systems of your data for approximately 12 months throughout the lifetime of Spidergap’s Agreement with you. If you delete any Personal Information during the period of the Agreement data that has been deleted will remain in Spidergap’s back up systems and it will not be possible to extricate deleted data from these back ups.

9. Where your data is stored and processed

Spidergap servers are based in the UK and the European Economic Area.

Spidergap’s servers are managed by Google who are accredited with SSAE16 Type II SOC1, SOC2 (Security and Availability Only), and SOC3.

Spidergap has a global team of employees and contractors that may access and process your personal data, including team members outside of the European Economic Area. We have direct contracts and confidentiality agreements in place with all employees and contractors to provide adequate protection for your Personal Information in line with Spidergap’s Privacy Policy and Terms of Use. These direct contracts and confidentiality agreements include GDPR standard contractual clauses.