Povio's Privacy Policy

Date of Last Revision: Dec 18, 2024

1. GENERAL

Controller:
Povio, Inc. ("Povio")
1390 Market Street, Suite 200
San Francisco
CA 94102
USA

If you have any questions about this Privacy Policy, please contact us at dpo@povio.com (Data Protection Officer) or for general questions at info@povio.com. You also have the right to lodge a complaint with a supervisory authority.

This Privacy Policy is meant to help you understand what information we collect, why we collect it, and how you can update, manage, export and delete your information.

At Povio we respect your privacy, are committed to protecting it, and want you to be informed about the ways we use, share and protect the information that we collect. This Privacy Policy (“Policy”) serves to inform you of our policies and procedures regarding the processing (collection, use, disclosure or other operation) of the information at www.povio.com, www.pov.io, www.povioremote.com, app.povio.com and www.povio.academy (the “Sites”) and any other websites, features, applications or online services that are owned or controlled by Povio and that post a link to this Privacy Policy (together with the Sites, the “Services”), as well as any information Povio collects outside of the Sites in connection with the Services or where links to this Privacy Policy. This policy also explains your choices about how we use information about you, how you can object to certain uses of information about you, and how you can access and update certain information about you.

In some cases of personal data processing, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation, “GDPR”) applies based on the “targeting” criterion. This Policy is compliant with the GDPR.

By accessing or using the Services, you consent to the information collection, disclosure, and use practices described in this Privacy Policy. Please also review our Povio Websites Terms & Conditions, which apply to your access and use of the Sites, including all texts, images, sounds, videos, data, software, and content made available through the Sites (the “Content”).

2. INFORMATION WE COLLECT AND PROCESS

At Povio, we collect and process the information you provide to us, automatically collected information and information received from third parties.

Information you provide to us

You may provide us with information about you when you use our Services:

  • Personal Information or Personal Data (“Personal Information”): In the course of using the Services (whether as a Client, Contractor, Site Visitor, Mobile Application user), we may require or otherwise collect information that identifies you as a specific individual and can be used to contact or identify you (“Personal Information”), such as your name and surname, email address, billing address, phone number, location, photos, financial account information.
  • Non-Identifying Information: We may also collect other information, information regarding your use of the Services, and general project-related data (“Non-Identifying Information”). If possible, we render Personal Information into a form of Non-Identifying Information referred to as “Pseudonymised information”, in such a manner that it can no longer be attributed to you without the use of additional information.
  • Combination of Personal and Non-Identifying Information: Certain Non-Identifying Information would be considered a part of your Personal Information if it were combined with other identifiers in a way that enables your identification. We may combine your Personal Information with Non-Identifying Information and will treat the combined information as Personal Information.

Automatically collected information

We may receive technical information when you use our Services. We use these technologies to analyze how people use our Services, to improve our Site functions, and save your log-in information for future sessions. This information may include the browser and operating system you are using, the Internet Protocol (“IP”) address, or other unique device identifiers (“Device Identifier”) for any device (computer, mobile phone, tablet, etc.) used to access our Services.

Povio and its partners use cookies or similar technologies to analyze trends, administer the website, and track your movement around the website. The technology used to collect information automatically from Povio Users may include the following:

  • Cookies: A cookie is a small file containing a string of characters sent to your computer when you visit a website. When you revisit the website, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some website features or services may not function properly without cookies. For further information on cookies and how they are used, please visit our Cookie Policy here. You can manage your cookie preferences at any time by accessing our Cookie Policy Configuration link. This allows you to enable or disable cookies according to your preferences and provides further details about how cookies are used.
  • Embedded Scripts: We may also employ software technology known as an Embedded Script, a programming code designed to collect information about your interactions with the Services, such as the links you click on. The code is temporarily downloaded onto your computer or other device and is deactivated or deleted when you disconnect from the Services.

In addition, we may use a variety of other technologies (such as tags) that collect similar information for security and fraud detection purposes. We may use third parties to perform these services on our behalf.

Information received from third parties

We may collect the information about you from the following third-party sources:

  • third parties who license, sell, or otherwise provide data they have collected (“Third-party Data”) or
  • publicly available sources, such as via the Internet and social networks (“Public Data”)

As part of the Services, we may combine your Information with Third-party Data and/or Public Data to create more complete data records. If we combine the information we receive from others with information we collect through our Services, we will treat the combined information as described in this Privacy Policy.

3. HOW WE USE YOUR INFORMATION

We process your information for the purposes described in this policy, based on the following legal grounds:

  • your consent We ask for your consent to the processing of your information for specific purposes. You have the right to withdraw your consent at any time
  • when we are providing services We process your data to provide the services you’ve asked for under a contract or service agreement. Such processing is necessary for the performance of our contract or in order to take steps at your requests prior to entering into a contract
  • when we are complying with legal obligations We will process your data when we have a legal obligation to do so, for example, if we respond to a legal process or an enforceable governmental request
  • when we are pursuing legitimate interests We process your information for our legitimate interests and those of third parties while applying appropriate safeguards that protect your privacy. That means that we process your information for things such as developing new products and features useful to our Services’ users, marketing to inform users about our services, performing research that improves our services, etc

We use the information for the following purposes:

  • to provide and improve our Services
  • to complete your transactions, address your inquiries
  • to verify the information you provide is valid and for compliance and internal business purposes
  • to contact you
  • to administer and develop our business relationship with you
  • for the purposes disclosed at the time you provide your information
  • internal accounting, bookkeeping and tax reporting purposes

4. INFORMATION SHARING AND DISCLOSURE

We may share information about you if sharing and disclosure are necessary for the performance of our Services, for compliance with any legal obligations, for the purposes of legitimate interests, or if you give us your consent to do so.

We may employ third parties (companies and individuals) to facilitate or enhance the Services, to provide the Services on our behalf, to assist us in analyzing how the Services are used, and to perform services related to administration of the Services or the Site (such as maintenance, payments, accounting, bookkeeping, tax preparation, legal, hosting and database management services, website analytics and administration). We may share your information with such third-party service providers so that they may perform these tasks on our behalf.

5. DATA RETENTION

We retain personal data for as long as necessary to fulfil the purposes described in this Privacy Policy, subject to our own legal and regulatory obligations.

Profiles: In accordance with our record keeping obligations, we will retain basic account information and information about performed transactions for 10 years after the account is closed.

6. ACCESSING, CHANGING OR DELETING YOUR INFORMATION

Suppose European Union (EU) data protection law applies to the processing of your information. In that case, we provide the controls described in this Privacy Policy so you can exercise the following rights:

  • right of access by the data subject
  • right to rectification
  • right to object
  • right to erasure (‘right to be forgotten’)
  • right to restriction of processing
  • right to data portability
  • and explicitly the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal

all in accordance and within the deadlines as set out in GDPR.

You may review, update, correct or delete your Information, if not required to be retained by law or for legitimate business reasons, by making updates to that information through your online account or by contacting Povio at dpo@povio.com. If you request to access, change or delete your personal information, we will respond to your request within 30 days.

We will use all reasonable efforts to honor your request to delete your information; however, certain information will actively persist on the Services even if you close your account/if we delete your information. In addition, your Personal Information may remain in our archives and information you update or delete, or information within a closed account, may persist internally or for our administrative purposes, especially if it is technically impossible to delete. It is not always possible to completely remove or delete information from our databases.

In relation to all procedures relating to the collection, processing and storage of your personal data, you have the right to appeal to the Information Commissioner of the Republic of Slovenia (https://www.ip-rs.si/o-pooblascencu/osebna-izkaznica/).

7. SECURITY AND DATA BREACH

Because we are very concerned about your information’s confidentiality and security, we employ administrative, physical, and electronic measures designed to protect your information from unauthorized access. We implemented all appropriate technical and organizational measures to ensure a sufficient level of security:

  • we use encryption and data pseudonymization
  • we use different security features like 2 Step Verification
  • we review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access
  • we restrict access to personal information to our contractors and processors who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations
  • our data access rights and levels are based on job function and role, using the least-privilege and need-to-know concepts to match access privileges to defined responsibilities

In the case of a personal data breach, we implemented appropriate procedures to notify competent authorities and, when the personal data breach is likely to result in a high risk to your rights and freedoms, we will communicate the personal data breach to you in accordance with the legal requirements and without undue delay.

8. INTERNATIONAL TRANSFER OF PERSONAL INFORMATION

Because Povio is established in the United States, we process and store your information in the United States. If you are located outside the United States and choose to provide information to us, Povio transfers Personal Information to the United States for processing. When we transfer your information to the United States, we will protect it as described in this Privacy Policy. Using our Services or providing Povio with any information, you fully understand and unambiguously consent to this transfer, processing, and storage of your information in the United States.

Povio protects personally identifiable information from residents of the European Union, other European Economic Area countries, and Switzerland in accordance with applicable law, above all with the GDPR (including, as applicable, reliance upon your consent and EU-approved Standard Contractual Clauses).

9. CHANGES TO THIS POLICY

Povio reserves the right to change and update this Privacy Policy at any time at its discretion. Povio will post the changes to this Privacy Policy on the Sites and will indicate the date this Privacy Policy was last revised at the top of this page. Any changes will be effective upon posting.