Privacy policy

Updated on
March 22, 2024

At Coolset, we value your privacy and are committed to protecting your personal information. This Privacy policy outlines how we collect, use, disclose, and safeguard your data when you interact with our services. By accessing or using our services, you agree to the practices described in this policy.

1. Information we collect

1.1. Account information 

When you sign up for our services, we may collect personal information such as your name, email address, job title, and company information to create and manage your account.

1.2. Financial and organizational data

To provide the services, we may process financial and organizational information provided by you or your organization. This may include financial transactions, invoices, receipts, policies, governance structures, ownership details, operational metrics, compliance records, and related information.

1.3. Usage information 

We may collect information about how you interact with our services, such as your IP address, browser type, device information, pages visited, and actions taken on our platform.

1.4. Cookies and similar technologies

We use cookies and similar technologies to enhance your user experience and collect certain information about your interactions with our website and services. You can manage your cookie preferences through your browser settings. We use both functional cookies and analytical cookies. 

Functional cookies

We have a functional cookie that has a lifetime of one week and remembers whether or not website visitors have accepted our terms of service.

Analytical cookies

Our website uses Google Analytics which allows us to improve our website experience and measure the effectiveness of certain parts of it. We have three main cookies which are used to distinguish between website visitors and how they interact with our website. The lifetime of these cookies varies between 1 day and 2 years.

2. How we use your information

2.1. Provision of services

We use the information you supply to us for the purpose of delivering the services detailed within the Order Form.

2.2. Communication

We may use your contact information to communicate important updates, progress reports and news related to our platform and services.

2.3. Improvement of services

We analyze aggregated and anonymized usage data to improve our platform's functionalities, enhance our services and optimize the user experience for our customers.

2.4. Legal compliance

We may process your data to comply with legal obligations, industry standards, and respond to lawful requests from government authorities related to the services.

3. Data retention

We retain your data for a period of 24 months after the termination of your contract. This retention period allows us to comply with legal obligations, handle disputes, and provide historical data to assist you if needed.

4. Data security

4.1. Encryption and data storage

We recognize the critical nature of the data we manage. All customer data, including financial and organizational details, is encrypted both at rest and in transit. We use industry-standard encryption methods to safeguard your information during storage and transmission.

4.2. Access controls

Access to customer data is limited to authorized personnel who require it for providing the services. Our access controls are designed to prevent unauthorized access, modification, or disclosure of your data.

4.3. Secure servers

Your data is stored on servers located within the European Union (EU) that are hosted by reputable cloud service providers, adhering to strict security standards and certifications. These servers are protected by robust security measures to prevent unauthorized physical access.

4.4. Data minimization

We only collect and retain the data necessary for the provision of the services. We do not store personal data beyond the required retention period, as outlined in section 3: Data retention.

4.5. Employee training

Our employees undergo regular data protection and security awareness training. They are educated about the significance of data privacy and confidentiality, with a strong emphasis on their duty to treat customer data with the highest level of care.

4.6. Third-party vendors

In cases where we engage third-party vendors to support our services, we conduct a thorough vetting process to ensure their security practices align with our high standards. These vendors are bound by contractual obligations to protect customer data and use it solely for the purposes outlined in the service agreement.

4.7. Incident response

We have implemented a comprehensive incident response plan to address any security breaches or data incidents promptly. In the unfortunate event of a data breach, we will notify affected customers and the relevant authorities as required by applicable laws and regulations.

4.8. Data sharing and anonymization

We prioritize data anonymization in the services. Aggregated and anonymized data may be used for research and industry benchmarking purposes without disclosing individual company-specific information.

4.9. User responsibility

As a user of our platform and services, you are responsible for maintaining the security of your account credentials. Please ensure that you keep your login information confidential and refrain from sharing it with unauthorized individuals.

While we take all reasonable measures to protect your data, no data transmission or storage method can be guaranteed to be 100% secure. If you have any concerns or questions about the security of your data, please contact us at security@coolset.com.

5. Sharing of information

5.1. Third-party service providers

We may share your information with trusted third-party service providers who assist us in delivering our services. These third parties are authorized to use your personal information only as necessary to provide these services to us and are bound by confidentiality agreements.

5.2. Legal compliance

We may share your data to comply with legal obligations or in response to lawful requests from government authorities.

5.3. Business transfers

In the event of a merger, acquisition, or sale of our assets, some or all information may be shared or transferred, subject to appropriate and commercially reasonable confidentiality arrangements.

6. Your rights

You have the right to access, rectify, erase, restrict, or object to the processing of your personal information under applicable law. To exercise any of these rights, please contact us at info@coolset.com

7. Updates to Privacy policy

We may update this Privacy policy from time to time to reflect changes in our practices or legal requirements. We encourage you to review the policy periodically for any updates.

8. Contact us

If you have any questions, concerns, or feedback regarding this Privacy policy or our data practices, please contact us at info@coolset.com.

For any questions or concerns regarding the processing of your personal data or to exercise your data protection rights, you may contact our Data Protection Officer (DPO) at dpo@coolset.com.