These Logicalplan Subscription Terms ("Agreement") are entered into by and between LOGICALPLAN Ltd, company number 11348816, Unit Q, 35 Astbury Road, Peckham, London, SE15 2NL, England ("Logicalplan") and the entity or person placing an order for or accessing any Services ("Customer"). If you are accessing or using the Services on behalf of your company, you represent that you are authorized to accept this Agreement on behalf of your company, and all references to "you" or "Customer" reference your company.
This Agreement permits Customer to purchase subscriptions to online software-as-a-service products and other services from Logicalplan pursuant to any Order Form(s) and sets forth the basic terms and conditions under which those products and services will be delivered. This Agreement will govern Customer's initial purchase on the Effective Date as well as any future purchases made by Customer that reference this Agreement.
The "Effective Date" of this Agreement is the date which is the earlier of (a) Customer's initial access to any Service (as defined below) through any online provisioning, registration or order process or (b) the effective date of the first Order Form referencing this Agreement.
Modifications to this Agreement: From time to time, Logicalplan may modify this Agreement. Unless otherwise specified by Logicalplan, changes become effective for Customer upon renewal of Customer's current Subscription Term (as defined below) or entry into a new Order Form. Logicalplan will use reasonable efforts to notify Customer of the changes through communications via Customer's account, email or other means. Customer may be required to click to accept or otherwise agree to the modified Agreement before renewing a Subscription Term or entering into a new Order Form, and in any event continued use of the Services after the updated version of this Agreement goes into effect will constitute Customer's acceptance of such updated version. If Logicalplan specifies that changes to the Agreement will take effect prior to Customer's next renewal or order (such as for legal compliance or product change reasons) and Customer objects to such changes, Customer may terminate the applicable Subscription Term and receive as its sole remedy a refund of any fees Customer has pre-paid for use of the applicable Services for the terminated portion of the Subscription Term.
BY INDICATING YOUR ACCEPTANCE OF THIS AGREEMENT OR ACCESSING OR USING ANY SERVICES, YOU ARE AGREEING TO BE BOUND BY ALL TERMS, CONDITIONS, AND NOTICES CONTAINED OR REFERENCED IN THIS AGREEMENT. IF YOU DO NOT AGREE TO THIS AGREEMENT, PLEASE DO NOT USE ANY SERVICES. FOR CLARITY, EACH PARTY EXPRESSLY AGREES THAT THIS AGREEMENT IS LEGALLY BINDING UPON IT.
This policy explains the what, how, and why of the information we collect when you visit one of our Websites, or when you use our Services. It also explains the specific ways we use and disclose that information. We take your privacy extremely seriously, and we never sell any information.
- We take your and your End Users privacy extremely seriously
- We never sell any information
- Customer data - any information about customers of Logicalplan Services - are shared with some third parties that help us to provide better customer experience within Logicalplan service
- End Users data - any information about customers’ End Users when using People tracking and Analytics features, once Logicalplan is implemented on customer’s application
- are not shared with ANY third-party
- never leaves Logicalplan’s hosting infrastructure (unless exported by Customer)
- Communications between our service, customers portals and Logicalplan products are all encrypted via SSL
Information We Collect
Among the types of Personal Data that Logicalplan collects, by itself or through third parties, there are:
- Usage Data
- First name
- Last name
- Phone number
- Email address
- Various types of Data
Logicalplan Analytics data stored (Note: this feature is optional - affects Customer’s End Users)
- IP address
- Browser headers
- URL location
- Logicalplan related data
- Topic start/end
- Step shown
- Search keywords
Logicalplan Segmentation data stored (Note: this feature is optional - affects Customer’s End Users)
- Uid - mandatory
- Custom fields/data
- Team size
- Job title
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using Logicalplan.
Unless specified otherwise, all Data requested by Logicalplan is mandatory and failure to provide this Data may make it impossible for Logicalplan to provide its services. In cases where Logicalplan specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.
Users are responsible for any third-party Personal Data obtained, published or shared through Logicalplan and confirm that they have the third party's consent to provide the Data to the Owner.
Mode and place of processing the Data
Methods of processing
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of Logicalplan (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
Legal basis of processing
The Owner may process Personal Data relating to Users if one of the following applies:
- Users have given their consent for one or more specific purposes. Note: Under some legislations the Owner may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or any other of the following legal bases. This, however, does not apply, whenever the processing of Personal Data is subject to European data protection law;
- provision of Data is necessary for the performance of an agreement with the User and/or for any pre-contractual obligations thereof;
- processing is necessary for compliance with a legal obligation to which the Owner is subject;
- processing is related to a task that is carried out in the public interest or in the exercise of official authority vested in the Owner;
- processing is necessary for the purposes of the legitimate interests pursued by the Owner or by a third party.
In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
The Data is processed at the Owner's operating offices and in any other places where the parties involved in the processing are located.
Depending on the User's location, data transfers may involve transferring the User's Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Users are also entitled to learn about the legal basis of Data transfers to a country outside the European Union or to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Owner to safeguard their Data.
If any such transfer takes place, Users can find out more by checking the relevant sections of this document or inquire with the Owner using the information provided in the contact section.
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.
- Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
- Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.
The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
The purposes of processing
The Data concerning the User is collected to allow the Owner to provide its Services, as well as for the following purposes: Analytics, Contacting the User, Content commenting, Handling payments, Displaying content from external platforms, Infrastructure monitoring, Interaction with support and feedback platforms, Managing contacts and sending messages, Managing support and contact requests, Social features, Remarketing and behavioral targeting, Tag Management and Data transfer outside the EU.
Users can find further detailed information about such purposes of processing and about the specific Personal Data used for each purpose in the respective sections of this document.
The rights of Users
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, Users have the right to do the following:
- Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
- Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
- Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
- Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User's consent, on a contract which the User is part of or on pre-contractual obligations thereof.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.
Details about the right to object to processing
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.
Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn, whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.
How to exercise these rights
Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.
Detailed information on the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
- Google Analytics (Google Inc.)
- Facebook Ads conversion tracking (Facebook, Inc.)
- Google AdWords conversion tracking (Google Inc.)
- Twitter Ads conversion tracking (Twitter, Inc.)
Managing contacts and sending messages
Managing support and contact requests
Remarketing and behavioral targeting
- Facebook Custom Audience (Facebook, Inc.)
- Facebook Remarketing (Facebook, Inc.)
- AdWords Remarketing (Google Inc.)
- Twitter Remarketing (Twitter, Inc.)
- Twitter Tailored Audiences (Twitter, Inc.)
- Google Tag Manager (Google LLC)
Further information about Personal Data
Analysis and predictions based on the User’s Data (“profiling”)
The Owner may use the Personal and Usage Data collected through Logicalplan to create or update User profiles. This type of Data processing allows the Owner to evaluate User choices, preferences and behaviour for the purposes outlined in the respective section of this document.
User profiles can also be created through the use of automated tools like algorithms, which can also be provided by third parties. To find out more, about the profiling activities performed, Users can check the relevant sections of this document.
The User always has a right to object to this kind of profiling activity. To find out more about the User's rights and how to exercise them, the User is invited to consult the section of this document outlining the rights of the User.
Selling services online
The Personal Data collected are used to provide the User with services, including payment and possible delivery.
Automated decision-making means that a decision which is likely to have legal effects or similarly significant effects on the User, is taken solely by technological means, without any human intervention. Logicalplan may use the User's Personal Data to make decisions entirely or partially based on automated processes according to the purposes outlined in this document. Logicalplan adopts automated decision-making processes as far as necessary to enter into or perform a contract between User and Owner, or on the basis of the User’s explicit consent, where such consent is required by the law.
Automated decisions are made by technological means – mostly based on algorithms subject to predefined criteria – which may also be provided by third parties.
The rationale behind the automated decision making is:
- to enable or otherwise improve the decision-making process;
- to grant Users fair and unbiased treatment based on consistent and uniform criteria;
- to reduce the potential harm derived from human error, personal bias and the like which may potentially lead to discrimination or imbalance in the treatment of individuals etc.;
- to reduce the risk of User's failure to meet their obligation under a contract. To find out more about the purposes, the third-party services, if any, and any specific rationale for automated decisions used within Logicalplan, Users can check the relevant sections in this document.
Consequences of automated decision-making processes for Users and rights of Users subjected to it
As a consequence, Users subject to such processing, are entitled to exercise specific rights aimed at preventing or otherwise limiting the potential effects of the automated decisions taken.
In particular, Users have the right to:
- obtain an explanation about any decision taken as a result of automated decision-making and express their point of view regarding this decision;
- challenge a decision by asking the Owner to reconsider it or take a new decision on a different basis;
- request and obtain from the Owner human intervention on such processing. To learn more about the User’s rights and the means to exercise them, the User is invited to consult the section of this document relating to the rights of the User.
Stripe might also enable the sending of timed messages to the User, such as emails containing invoices or notifications concerning the payment.
Stripe (Stripe Inc) - Stripe is a payment service provided by Stripe Inc.
Additional information about Data collection and processing
The User's Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of Logicalplan or the related Services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
Additional information about User's Personal Data
System logs and maintenance
For operation and maintenance purposes, Logicalplan and any third-party services may collect files that record interaction with Logicalplan (System logs) use other Personal Data (such as the IP Address) for this purpose.
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the end of this document.
How “Do Not Track” requests are handled
Logicalplan does not support “Do Not Track” requests.
To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.
Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.
No Children Under Age 16
Users declare themselves to be adult according to their applicable legislation. Minors may use Logicalplan only with the assistance of a parent or guardian. Under no circumstance persons under the age of 16 may use Logicalplan.
Data transfer outside the EU
The Owner is allowed to transfer Personal Data collected within the EU to third countries (i.e. any country not part of the EU) only pursuant to a specific legal basis. Any such Data transfer is based on one of the legal bases described below.
Data transfer abroad based on consent (Logicalplan)
If this is the legal basis, Personal Data of Users shall be transferred from the EU to third countries only if the User has explicitly consented to such transfer, after having been informed of the possible risks due to the absence of an adequacy decision and appropriate safeguards.
In such cases, the Owner shall inform Users appropriately and collect their explicit consent via Logicalplan.
Data transfer abroad based on standard contractual clauses (Logicalplan)
If this is the legal basis, the transfer of Personal Data from the EU to third countries is carried out by the Owner according to “standard contractual clauses” provided by the European Commission.
This means that Data recipients have committed to process Personal Data in compliance with the data protection standards set forth by EU data protection legislation. For further information, Users are requested to contact the Owner through the contact details provided in the present document.
Other legal basis for Data transfer abroad (Logicalplan)
If no other legal basis applies, Personal Data shall be transferred from the EU to third countries only if at least one of the following conditions is met:
- the transfer is necessary for the performance of a contract between the User and the Owner or of pre-contractual measures taken at the User’s request;
- the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the User between the Owner and another natural or legal person;
- the transfer is necessary for important reasons of public interest;
- the transfer is necessary for establishment, exercise or defence of legal claims;
- the transfer is necessary in order to protect the vital interests of the data subject or of other persons, where the data subject is physically or legally incapable of giving consent. In such cases, the Owner shall inform the User about the legal bases the transfer is based on via Logicalplan.
Users can inquire with the Owner to learn which legal basis applies to which specific service.
“Personal Data (or Data)” means any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
“Usage Data means” information collected automatically through Logicalplan (or third-party services employed in Logicalplan), which can include: the IP addresses or domain names of the computers utilized by the Users who use Logicalplan, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
“User” means the individual using Logicalplan who, unless otherwise specified, coincides with the Data Subject.
“Data Subject” means the natural person to whom the Personal Data refers.
“Data Controller (or Owner)” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of Logicalplan. The Data Controller, unless otherwise specified, is the Owner of Logicalplan.
“Logicalplan (or this Application)” means the means by which the Personal Data of the User is collected and processed.
“Service” means a service provided by Logicalplan as described in the relative terms (if available) and on this site/application.
“European Union (or EU)” means all references made within this document to the European Union include all current member states to the European Union and the European Economic Area, unless otherwise specified.
“Cookies” means a small piece of data stored in the User's device.
Acceptable Use Policy
This Acceptable Use Policy applies to Logicalplan’s (a) websites (including without limitation logicalplan.com and any successor URLS, mobile or localized versions and related domains and subdomains) and (b) communications and messaging products and services ((a) and (b) collectively, “Services”). To keep the Services running safely and smoothly, we need our users to agree not to misuse them. Specifically, you agree not to:
a. probe, scan, or test the vulnerability of any system or network used with the Services;
b. tamper with, reverse engineer or hack the Services, circumvent any security or authentication measures of the Services or attempt to gain unauthorized access to the Services (or any portion thereof) or related systems, networks or data;
c. modify or disable the Services or use the Services in any manner that interferes with or disrupts the integrity or performance of the Services or related systems, network or data;
d. access or search the Services by any means other than our publicly supported interfaces, or copy, distribute, or disclose any part of the Service in any medium, including without limitation by any automated or non-automated “scraping”;
e. overwhelm or attempt to overwhelm our infrastructure by imposing an unreasonably large load on the Services that consume extraordinary resources, such as by: (i) using “robots,” “spiders,” “offline readers” or other automated systems to send more request messages to our servers than a human could reasonably send in the same period of time using a normal browser; or (ii) going far beyond the use parameters for any given Service;
f. solicit any users of our Services for commercial purposes;
g. use the Services to generate or send unsolicited communications, advertising or spam, or otherwise cause Logicalplan to become impaired in its ability to send communications on its own or on its customers’ behalf (e.g., by causing Logicalplan to become registered on any Email DNS blacklist or otherwise be denied services by any other third party communications service provider);
h. misrepresent yourself or disguise the origin of any data, content or other information you submit (including by “spoofing”, “phishing”, manipulating headers or other identifiers, impersonating anyone else, or falsely implying any sponsorship or association with Logicalplan or any third party) or access the Services via another user’s account;
i. use the Services for any illegal purpose or in violation of any laws (including without limitation data, privacy and export control laws);
j. use the Services to violate the privacy of others, or to collect or gather other users’ personal information (including account information) from our Services;
k. use the Services to stalk, harass, bully or post threats of violence against others;
l. submit (or post, upload, share or otherwise provide) data, content or other information that (i) infringes Logicalplan’s or a third party’s intellectual property, privacy or other rights or that you don’t have the right to submit (including confidential or personal information you are not authorized to disclose); (ii) that is deceptive, fraudulent, illegal, obscene, defamatory, libellous, threatening, harmful to minors, pornographic, indecent, harassing, hateful, religiously, racially or ethnically offensive, that encourages illegal or tortious conduct or that is otherwise inappropriate in Logicalplan’s discretion; (iii) contains viruses, bots, worms, scripting exploits or other similar materials; or (iv) that could otherwise cause damage to Logicalplan or any third party;
m. use the Services to promote or advertise products or services other than your own without appropriate authorization;
n. use meta tags or any other “hidden text” including Logicalplan’s or our suppliers’ product names or trademarks;
o. permit or encourage anyone else to commit any of the actions above.
Without affecting any other remedies available to us, Logicalplan may permanently or temporarily terminate or suspend a user’s account or access to the Services without notice or liability if Logicalplan (in its sole discretion) determines that a user has violated this Acceptable Use Policy.
Data Processing Agreement
This Logicalplan Data Processing Agreement (“DPA”), that includes the Standard Contractual Clauses adopted by the European Commission, as applicable, reflects the parties’ agreement with respect to the terms governing the Processing of Personal Data under the Logicalplan Terms of Service (the “Agreement”). This DPA is an amendment to the Agreement and is effective upon its incorporation into the Agreement, which incorporation may be specified in the Agreement, an Order or an executed amendment to the Agreement. Upon its incorporation into the Agreement, the DPA will form a part of the Agreement.
The term of this DPA shall follow the term of the Agreement. Terms not otherwise defined herein shall have the meaning as set forth in the Agreement.
"Affiliate" means any entity under the control of Customer or Logicalplan, as applicable where "control" means ownership of or the right to control greater than 50% of the voting securities of such entity.
"Control" means an ownership, voting or similar interest representing fifty percent (50%) or more of the total interests then outstanding of the entity in question. The term "Controlled" shall be construed accordingly.
"Customer Data" means any Personal Data that Logicalplan processes on behalf of Customer as a Data Processor in the course of providing Services, as more particularly described in this DPA.
“Customer Personal Information” means any information relating to an identified or identifiable natural person.
"Customer Website" means Customer's websites or web application owned and operated by (or for the benefit of) Customer through which the Customer and its End Users use the Services.
"Data Protection Laws" means all data protection and privacy laws applicable to the processing of Customer Personal Information under the Agreement, including, where applicable, EU Data Protection Law.
"Data Controller" means an entity that determines the purposes and means of the processing of Customer Personal Information.
"Data Processor" means an entity that processes Customer Personal Information on behalf of a Data Controller.
"EU Data Protection Law" means (i) prior to 25 May 2018, Directive 95/46/EC of the European Parliament and of the Council on the protection of individuals with regard to the processing of Customer Personal Information and on the free movement of such data ("Directive") and on and after 25 May 2018, Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of Customer Personal Information and on the free movement of such data (GDPR); and (ii) Directive 2002/58/EC concerning the processing of Customer Personal Information and the protection of privacy in the electronic communications sector and applicable national implementations of it (as may be amended, superseded or replaced).
"EEA" means, for the purposes of this DPA, the European Economic Area, United Kingdom and Switzerland.
"End User(s)" means Customer's employees, end user customers, potential customers, and other users of and visitors to the Customer Website.
“GDPR” means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.
"Group" means any and all Affiliates that are part of an entity's corporate group.
"Privacy Shield" means the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield Framework self-certification program operated by the U.S. Department of Commerce and approved by the European Commission pursuant to Decision C(2016)4176 of 12 July 2016 and by the Swiss Federal Council on January 11, 2017 respectively.
"Privacy Shield Principles" means the Privacy Shield Principles (as supplemented by the Supplemental Principles) contained in Annex II to the European Commission Decision C(2016)4176 of 12 July 2016 (as may be amended, superseded or replaced).
"Processing" has the meaning given to it in the GDPR and "process", "processes" and "processed" shall be interpreted accordingly.
"Security Incident" means any unauthorized or unlawful breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Customer Data.
"Service(s)" means Logicalplan's proprietary software-as-a-service solution(s), including the Portal, Logicalplan application programming interfaces (APIs), Logicalplan Code and Logicalplan Apps, and any other Services as referenced in the applicable Order Form.
"Sub-processor" means any Data Processor engaged by Logicalplan or its Affiliates to assist in fulfilling its obligations with respect to providing the Services pursuant to the Agreement or this DPA. Sub-processors may include third parties or members of the Logicalplan Group.
2. Relationship with the Agreement
2.1. The parties agree that DPA shall replace any existing DPA the parties may have previously entered into in connection with the Services.
2.2. Except for the changes made by this DPA, the Agreement remains unchanged and in full force and effect. If there is any conflict between this DPA and the Agreement, this DPA shall prevail to the extent of that conflict.
2.3. Any claims brought under or in connection with this DPA shall be subject to the terms and conditions, including but not limited to, the exclusions and limitations set forth in the Agreement.
2.4. Any claims against Logicalplan or its Affiliates under this DPA shall be brought solely against the entity that is a party to the Agreement. In no event shall any party limit its liability with respect to any individual's data protection rights under this DPA or otherwise. Customer further agrees that any regulatory penalties incurred by Logicalplan in relation to the Customer Data that arise as a result of, or in connection with, Customer’s failure to comply with its obligations under this DPA or any applicable Data Protection Laws shall count toward and reduce Logicalplan’s liability under the Agreement as if it were liability to the Customer under the Agreement.
2.5. No one other than a party to this DPA, its successors and permitted assignees shall have any right to enforce any of its terms.
2.6. This DPA shall be governed by and construed in accordance with governing law and jurisdiction provisions in the Agreement, unless required otherwise by applicable Data Protection Laws.
3. Scope and Applicability of this DPA
3.1. This DPA applies where and only to the extent that Logicalplan processes Customer Data that originates from the EEA and/or that is otherwise subject to EU Data Protection Law on behalf of Customer as Data Processor in the course of providing Services pursuant to the Agreement.
3.2. Part A (being Section 4 – 8 (inclusive) of this DPA, as well as Annexes A and B of this DPA) shall apply to the processing of Customer Data within the scope of this DPA from the Effective Date.
3.3. Part B (being Sections 9-12 (inclusive) of this DPA) shall apply to the processing of Customer Data within the scope of the DPA from and including 25th May 2018. For the avoidance of doubt, Part B shall apply in addition to, and not in substitution for, the terms in Part A.
Part A: General Data Protection Obligations
4. Roles and Scope of Processing
4.1. Role of the Parties. As between Logicalplan and Customer, Customer is the Data Controller of Customer Data, and Logicalplan shall process Customer Data only as a Data Processor acting on behalf of Customer.
4.2. Customer Processing of Customer Data. Customer agrees that (i) it shall comply with its obligations as a Data Controller under Data Protection Laws in respect of its processing of Customer Data and any processing instructions it issues to Logicalplan; and (ii) it has provided notice and obtained (or shall obtain) all consents and rights necessary under Data Protection Laws for Logicalplan to process Customer Data and provide the Services pursuant to the Agreement and this DPA.
4.3. Logicalplan Processing of Customer Data. Logicalplan shall process Customer Data only for the purposes described in this DPA and only in accordance with Customer’s documented lawful instructions. The parties agree that this DPA and the Agreement set out the Customer’s complete and final instructions to Logicalplan in relation to the processing of Customer Data and processing outside the scope of these instructions (if any) shall require prior written agreement between Customer and Logicalplan.
4.4. Details of Data Processing
- (a) Subject matter: The subject matter of the data processing under this DPA is the Customer Data.
- (b) Duration: As between Logicalplan and Customer, the duration of the data processing under this DPA is until the termination of the Agreement in accordance with its terms.
- (c) Purpose: The purpose of the data processing under this DPA is the provision of the Services to the Customer and the performance of Logicalplan's obligations under the Agreement (including this DPA) or as otherwise agreed by the parties.
- (d) Nature of the processing: Logicalplan provides a suite of software-as-a-service tools comprising a digital adoption platform. The Services enable Customers to create End User guidance and support tools when accessing the Customer’s website, such as walkthroughs, onboarding guides, tooltips and product documentation in order to increase engagement and support for End Users. The Portal provides a range of analytics for the Services, enabling the management, optimisation and End User segment targeting for each of the Customer's walkthroughs. Customer may import and export Customer Data between the Services and certain Third-Party Platforms through supported integrations.
- (e) Categories of data subjects: Any individual accessing and/or using the Services through the Customer's account ("Users"); and any individual: (i) whose information is stored on or collected via the Services, or (ii) with whom Users engage or communicate with via the Services (collectively, "End Users").
- (f) Types of Customer Data:
- (i) Customer and Users: identification and contact data (name, address, title, contact details, username); financial information (payment information); employment details (employer, job title, geographic location);
- (ii) End Users: identification and contact data (name, general or other demographic information, contact details, including email address), personal interests or preferences (including purchase history, marketing preferences and publicly available social media profile information); IT information (IP addresses, usage data, cookies data, online navigation data, location data, browser data).
5.1. Authorized Sub-processors. Customer agrees that Logicalplan may engage Sub-processors to process Customer Data on Customer's behalf. The Sub-processors currently engaged by Logicalplan and authorized by Customer are listed in Annex A.
5.2. Sub-processor Obligations. Logicalplan shall: (i) enter into a written agreement with the Sub-processor imposing data protection terms that require the Sub-processor to protect the Customer Data to the standard required by Data Protection Laws; and (ii) remain responsible for its compliance with the obligations of this DPA and for any acts or omissions of the Sub-processor that cause Logicalplan to breach any of its obligations under this DPA.
6.1. Security Measures. Logicalplan shall implement and maintain appropriate technical and organizational security measures to protect Customer Data from Security Incidents and to preserve the security and confidentiality of the Customer Data, in accordance with Logicalplan’s security standards described in Annex B ("Security Measures").
6.2. Updates to Security Measures. Customer is responsible for reviewing the information made available by Logicalplan relating to data security and making an independent determination as to whether the Services meet Customer’s requirements and legal obligations under Data Protection Laws. Customer acknowledges that the Security Measures are subject to technical progress and development and that Logicalplan may update or modify the Security Measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Services purchased by the Customer.
6.3. Customer Responsibilities. Notwithstanding the above, Customer agrees that except as provided by this DPA, Customer is responsible for its secure use of the Services, including securing its account authentication credentials, protecting the security of Customer Data when in transit to and from the Services and taking any appropriate steps to securely encrypt or backup any Customer Data uploaded to the Services.
7. Security Reports and Audits
7.1. Logicalplan shall provide written responses (on a confidential basis) to all reasonable requests for information made by Customer, including responses to information security and audit questionnaires that are necessary to confirm Logicalplan's compliance with this DPA, provided that Customer shall not exercise this right more than once per year.
8. International Transfers
8.1. Data center locations. Logicalplan may transfer and process Customer Data anywhere in the world where Logicalplan, its Affiliates or its Sub-processors maintain data processing operations. Logicalplan shall at all times provide an adequate level of protection for the Customer Data processed, in accordance with the requirements of Data Protection Laws.
8.2. Privacy Shield. To the extent that Logicalplan processes any Customer Data protected by EU Data Protection Law under the Agreement and/or that originates from the EEA, in a country that has not been designated by the European Commission or Swiss Federal Data Protection Authority (as applicable) as providing an adequate level of protection for Customer Personal Information, the parties acknowledge that Logicalplan shall be deemed to provide adequate protection (within the meaning of EU Data Protection Law) for any such Customer Data by virtue of having self-certified its compliance with Privacy Shield. Logicalplan agrees to protect such Customer Personal Information in accordance with the requirements of the Privacy Shield Principles. If Logicalplan is unable to comply with this requirement, Logicalplan shall inform Customer.
8.3. Alternative Transfer Mechanism. The parties agree that the data export solution identified in Section 8.2 shall not apply if and to the extent that Logicalplan adopts an alternative data export solution for the lawful transfer of Customer Personal Information (as recognized under EU Data Protection Laws) outside of the EEA (“Alternative Transfer Mechanism”), in which event, the Alternative Transfer Mechanism shall apply instead (but only to the extent such Alternative Transfer Mechanism extends to the territories to which Customer Personal Information is transferred).
Part B: GDPR Obligations from 25 May 2018
9. Additional Security
9.1. Confidentiality of processing. Logicalplan shall ensure that any person who is authorized by Logicalplan to process Customer Data (including its staff, agents and subcontractors) shall be under an appropriate obligation of confidentiality (whether a contractual or statutory duty).
9.2. Security Incident Response. Upon becoming aware of a Security Incident, Logicalplan shall notify Customer without undue delay and shall provide timely information relating to the Security Incident as it becomes known or as is reasonably requested by Customer.
10. Changes to Sub-processors
10.1. Logicalplan shall (i) provide an up-to-date list of the Sub-processors it has appointed upon written request from Customer; and (ii) notify Customer (for which email shall suffice) if it adds or removes Sub-processors at least 10 days prior to any such changes.
10.2. Customer may object in writing to Logicalplan’s appointment of a new Sub-processor within five (5) calendar days of such notice, provided that such objection is based on reasonable grounds relating to data protection. In such event, the parties shall discuss such concerns in good faith with a view to achieving resolution. If this is not possible, Customer may suspend or terminate the Agreement (without prejudice to any fees incurred by Customer prior to suspension or termination).
11. Return or Deletion of Data
11.1. Upon termination or expiration of the Agreement, Logicalplan shall (at Customer's election) delete or return to Customer all Customer Data (including copies) in its possession or control, save that this requirement shall not apply to the extent Logicalplan is required by applicable law to retain some or all of the Customer Data, or to Customer Data it has archived on back-up systems, which Customer Data Logicalplan shall securely isolate and protect from any further processing, except to the extent required by applicable law.
12.1. The Services provide Customer with a number of controls that Customer may use to retrieve, correct, delete or restrict Customer Data, which Customer may use to assist it in connection with its obligations under the GDPR, including its obligations relating to responding to requests from data subjects or applicable data protection authorities. To the extent that Customer is unable to independently access the relevant Customer Data within the Services, Logicalplan shall (at Customer's expense) provide reasonable cooperation to assist Customer to respond to any requests from individuals or applicable data protection authorities relating to the processing of Customer Personal Information under the Agreement. In the event that any such request is made directly to Logicalplan, Logicalplan shall not respond to such communication directly without Customer's prior authorization, unless legally compelled to do so. If Logicalplan is required to respond to such a request, Logicalplan shall promptly notify Customer and provide it with a copy of the request unless legally prohibited from doing so.
12.2. If a law enforcement agency sends Logicalplan a demand for Customer Data (for example, through a subpoena or court order), Logicalplan shall attempt to redirect the law enforcement agency to request that data directly from Customer. As part of this effort, Logicalplan may provide Customer’s basic contact information to the law enforcement agency. If compelled to disclose Customer Data to a law enforcement agency, then Logicalplan shall give Customer reasonable notice of the demand to allow Customer to seek a protective order or other appropriate remedy unless Logicalplan is legally prohibited from doing so.
12.3. To the extent Logicalplan is required under EU Data Protection Law, Logicalplan shall (at Customer's expense) provide reasonably requested information regarding the Services to enable the Customer to carry out data protection impact assessments or prior consultations with data protection authorities as required by law.
What cookies/tracking technologies do we use?
A cookie is a small text file that’s placed on your computer or mobile device when you visit one of our websites and services. We, and some of our affiliates and third-party service providers, may use a few different types of cookies. Some are persistent cookies (cookies that remain on your hard drive for an extended period of time) and some are session ID cookies (cookies that expire when you close your browser).
We also use other tracking technologies like web beacons (sometimes called “tracking beacons” or “clear gifs”) and local storage. These are tiny graphics files that contain a unique identifier that enable us to recognise when someone has visited our websites or opened an email that we have sent them.
Cookies and other tracking technologies helps us to customise and enhance your experience across our websites and services, perform analytics and deliver advertising and marketing that’s relevant to you.
Cookies set by third parties across our websites and services enable third party features or functionality to be provided on or through our websites and services, such as advertising, interactive content and analytics.
List of cookies used by the Services that are under Logicalplan control
Service using the Cookies
Used for maintaining the user session
App, Help portal, Author
Used to identify anonymous users
Marketing tool, messaging, tracking
Website, App, Help portal, Author
Marketing tool, messaging, tracking
Website, App, Help portal, Author
Chat session cookies
Website, App, Help portal
Chat session cookie
Website, App, Help portal
List of third party cookies used by the Services
Set by or on behalf of
Service using the Cookies
Website analytics cookie for visitor information and source.
Website, App, Help portal, Author
Conversion tracking cookie for ads delivered by Google Adwords
Website, App, Help portal, Author
Google Interest-based ads
Cookie to serve ads based on a user’s prior visits to our website.
Website, App, Help portal, Author
Facebook tracking to track people interactions with the Like button.
Twitter tracking to track people interactions.
Do Not Track
Do Not Track (“DNT”) is an optional browser setting on our Websites that allows you to express your preferences regarding tracking by advertisers and other third parties. We do not use technology that recognizes DNT signals from your web browser.
We partner with a third party to either display advertising on our Websites or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this Website and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union, click here). Please note this does not opt you out of being served ads. You will continue to receive generic ads.
Information security is of paramount importance to Logicalplan, and all of our staff. We respect the trust of our customers and trial users in sharing confidential information. We are constantly developing our security infrastructure and processes to ensure the safeguarding of our customers' sensitive data.
Logicalplan processes personal data only for purposes that are objectively justified by Logicalplan’s services to its subscribing customers, or for those on a trial of Logicalplan’s services. All processing is performed in accordance with the privacy rights, expectations and in respect of customer and trialists’ human rights as aligned with the principles and intent of the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Personal Data Directive). Logicalplan processes personal data both as a processor and as a controller, as defined in the Personal Data Directive.
Information Collection and Use
During a customer’s registration on Logicalplan’s sites, Logicalplan collects information such as company name, company, e-mail, location, telephone, IP address, browser and operating system version. This information is used to identify contact persons within the customer’s organisation in Logicalplan’s system, for billing and demonstration scheduling reasons and to be able to contact customers to provide necessary service and information. The information gathered will be used within the Logicalplan Group only.
At Logicalplan, we treat matters concerning user data with the utmost importance.
Logicalplan implement ongoing, relevant and up-to-date security training with all of our employees. Access to all data is limited only to those necessary, as dictated by the principle of least privilege. We conduct background checks before employment, and all of our staff members are required to read and sign our security and confidentiality policy agreement.
All of our employees are restricted by mandatory company policy to maintain confidentiality concerning user data. Access to data is restricted, limiting availability to only those necessary. In order for staff to access data generated from the daily use of the service requisite employees will only do so after requesting permission from the customer.
Data Handling and Privacy
Logicalplan do not sell, share or otherwise willingly disseminate Personally Identifiable Information sent through People Tracking feature to any third parties. Information gathered in the EU/EEA area will not be transferred outside the EU/EEA area.
Logicalplan Analytics data stored (Note: this feature is optional)
- IP address
- Browser headers
- URL location
- Logicalplan related data
- Topic start/end
- Step shown
- Search keywords
Logicalplan Segmentation data stored (Note: this feature is optional)
- Uid - mandatory
- Custom fields/data
It is entirely up to the customer to set the values of the segmentation fields. Customers with higher levels of sensitive user data who want to use segmentation can hash the values before sending them to Logicalplan portal.
User data will be permanently deleted upon request.
Communications between our service, customers portals and Logicalplan products are all encrypted via SSL/TLS.
Logicalplan is fully PCI compliant. Logicalplan ensure the security of respective customer information by using a PCI compliant payment gateway (Stripe). No credit card information is stored on our servers. Read more about the Stripe payment gateway security services here.
Security Incident Management
Logicalplan is committed to informing all customers in the event of any security breach or unauthorized access to user data.
Service Levels (Uptime) and Monitoring
We have observed 99.99% uptime or higher across our services. Our in-house engineering team (based in Prague, Czech Republic) monitors and logs errors using world-class tools like Pingdom, NewRelic, Datadog, OpsGenie.
Logicalplan employs a staged rollout deployment process when there is a new version of the Logicalplan player. This enables our customers are able to switch to the new release, test it and then deploy it to their users.