Last updated on: 12 July 2020
This Data Processing Addendum (the Addendum) forms part of the Conjoint.ly Privacy Policy (and any ancillary or related documentation), as updated or amended from time to time (the Agreement), between you, the Customer (as defined below) and Conjoint.ly. All capitalised terms not defined in this Addendum have the meaning set out in the Agreement.
This addendum only applies if and to the extent Conjoint.ly processes personal data on behalf of a Customer that qualifies as a controller with respect to that personal data under Applicable Data Protection Law (as defined below). If the Customer had entered into earlier data processing terms with Conjoint.ly, those terms are replaced by this Addendum.
- Definitions: In this Addendum, the following terms have the following meanings:
- controller, processor, data subject, personal data, processing (and process) and special categories of personal data have the meanings given in Applicable Data Protection Law
- Applicable Data Protection Law means the EU General Data Protection Regulation (
Regulation 2016/679) (the GDPR) and any applicable national laws made under the GDPR - Customer has the same meaning as ‘you’ in the Conjoint.ly Terms and Conditions
- Relationship of the parties: The Customer (the controller) appoints Conjoint.ly as a processor to process the personal data described in Annex A (the Data) only on the controller’s documented instructions (and as per the terms set out in this Addendum) for the purposes described in the Agreement or as otherwise agreed in writing by the parties (the Permitted Purpose). Each party must comply with the obligations that apply to it under Applicable Data Protection Law.
- Prohibited data: Unless explicitly requested by Conjoint.ly to do so, the Customer will not disclose (and will not permit any data subject to disclose) any special categories of personal data to Conjoint.ly for processing.
- International transfers: Conjoint.ly will not transfer the Data outside of the European Economic Area (EEA) unless it has taken such measures as are necessary to ensure the transfer is in compliance with Applicable Data Protection Law. Such measures may include (without limitation) transferring the Data to a recipient in a country that the European Commission has decided provides adequate protection for personal data (e.g., Australia), to a recipient in the United States that has certified its compliance with the EU-US Privacy Shield, or to a recipient that has executed standard contractual clauses adopted or approved by the European Commission.
- Confidentiality of processing: Conjoint.ly will ensure that any person it authorises to process the Data (an Authorised Person) will protect the Data in accordance with Conjoint.ly’s confidentiality obligations under the Agreement.
- Security: Conjoint.ly will implement technical and organisational measures, as set out in Annex B, which may be amended and updated from time to time, to protect the Data (i) from accidental or unlawful destruction, and (ii) loss, alteration, unauthorised disclosure of, or access to the Data (a Security Incident).
- Subcontracting: The Customer consents to Conjoint.ly engaging third-party subprocessors to process the Data for the Permitted Purpose provided that:
- Conjoint.ly maintains an up-to-date list of its subprocessors, which is available on its website at the Conjoint.ly subprocessors page, which it will update with details of any change in subprocessors at least 30 days prior to the change;
- Conjoint.ly imposes data protection terms on any subprocessor it appoints that require it to protect the Data to the standard required by Applicable Data Protection Law; and
- Conjoint.ly remains liable for any breach of this Addendum that is caused by an act, error or omission of its subprocessor. The Customer may object to Conjoint.ly’s appointment or replacement of a subprocessor prior to its appointment or replacement, provided such objection is based on reasonable grounds relating to data protection. In such an event, Conjoint.ly will either not appoint or replace the subprocessor or, if Conjoint.ly determines at its sole discretion that this is not reasonably possible, the Customer may suspend or terminate the Agreement without penalty (without prejudice to any fees incurred by the Customer up to and including the date of suspension or termination).
- Cooperation and data subjects’ rights: Conjoint.ly will provide reasonable and timely assistance to the Customer (at the Customer’s expense) to enable the Customer to respond to:
- any request from a data subject to exercise any of its rights under Applicable Data Protection Law; and
- any other correspondence, enquiry or complaint received from a data subject, regulator or other third party in connection with the processing of the Data. If any such request, correspondence, enquiry or complaint is made directly to Conjoint.ly, Conjoint.ly will promptly inform the Customer, providing full details.
- Data Protection Impact Assessment: If Conjoint.ly believes or becomes aware that its processing of the Data is likely to result in a high risk to the data protection rights and freedoms of data subjects, it will inform the Customer and provide reasonable cooperation to the Customer in connection with any data protection impact assessment that may be required under Applicable Data Protection Law.
- Security incidents: If it becomes aware of a confirmed Security Incident, Conjoint.ly will inform the Customer without undue delay and will provide reasonable information and cooperation to the Customer so that they can fulfil any data breach reporting obligations they may have under (and in accordance with the timescales required by) Applicable Data Protection Law. Conjoint.ly will further take reasonably necessary measures and actions to remedy or mitigate the effects of the Security Incident and keep the Customer informed of all material developments in connection with the Security Incident.
- Deletion or return of Data: Conjoint.ly will retain the Data for a period of 30 years after a subscription is terminated in case the Customer later needs access to it. On expiry of this period or on the Customer’s earlier request, Conjoint.ly will delete or return the Data in a manner and form decided by Conjoint.ly, acting reasonably. The data may be also deleted at our sole discretion if it pertains to discontinued features of the platform. This requirement will not apply to the extent that Conjoint.ly is required by applicable law to retain some or all of the Data, or to Data it has archived on back-up systems, which Data Conjoint.ly shall securely isolate and protect from any further processing.
Annex A – Data Processing Schedule
1. Subject Matter and Duration of Processing of Personal Data
The subject matter of this Annex concerns the provision by Conjoint.ly of data processing services connected with providing services to the Customer.
The duration of processing personal data shall be for as long as we have a business relationship with the Customer, and at the end of that relationship, we will act in accordance with clause 11 regarding deletion or return of such personal data.
2. Nature and Purpose of Processing Personal Data
The nature and purpose of processing personal data is to enable the functionality of the Conjoint.ly platform as set out in the Conjoint.ly Terms and Conditions and related documentation. This involves inter alia:
- Storage
- Access for reporting (online dashboards and Excel, PowerPoint, .csv, PDF, and other exports)
3. Categories of Data Subjects
The categories of data subjects include:
- Employees and contractors of Customer ("Users")
- Survey respondents ("Respondents")
A user can be a respondent if they preview or answer a survey.
4. Types of Personal Data Processed
The types of data processed differs between users and respondents.
| Type of data | For users | For respondents |
|---|---|---|
| Names | Yes | Only if asked in a survey or uploaded by user |
| Address | Only if provided | Only if asked in a survey or uploaded by user |
| Contact details | Yes | Only if asked in a survey or uploaded by user |
| Identification details (eg, tax registration numbers) | Only if provided | Only if asked in a survey or uploaded by user |
| Other personal data types for use on the Conjoint.ly platform | Only if provided | Only if asked in a survey or uploaded by user |
| Personal identifier (ID) | Yes | Yes |
| Responses to surveys* | No | Yes |
| Access logs to Conjoint.ly platform (including hashed passwords) | Yes | No |
| The time of opening the survey | Yes | Yes (unless the Anonymise Responses function is used) |
| IP address and associated location | Only if provided | Yes (unless the Anonymise Responses function is used) |
| Browser location | No | Yes, if respondent permits (unless the Anonymise Responses function is used) |
| Browser cookies and identification strings | Yes | Yes |
| Type of device used | Yes | Yes |
| Information from third-party sign-up systems, such as LinkedIn | Yes, if user chooses to log in through LinkedIn | No |
| Credit card information | Stored by Stripe (if provided) | No |
* Responses to surveys may include sensitive personal data (i.e., personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation). Such data is only collected if it is asked of respondents in the survey or if it is uploaded by the employees to the report.
Annex B – Security Measures
We’re committed to the security of your data and provide multiple layers of protection for the information you trust to Conjoint.ly.
You control access
As a Conjoint.ly customer you have the flexibility to invite unlimited users to collaborate on your experiments. The owner of the experiment has control over who has access and what they are able to do.
User authentication
We provide standard access to the Conjoint.ly software through a login and password. In addition we offer the option of using two-step authentication. This provides a second level of security for your Conjoint.ly account. It means you’re also asked to enter a unique code generated by a separate authenticator app on your smartphone. We recommend you use two-step authentication as it reduces the risk of your Conjoint.ly account being accessed if your password is compromised.
Data encryption
We encrypt all data that goes between you and Conjoint.ly using industry-standard TLS (Transport Layer Security), protecting your data. Your data is also encrypted at rest when it is stored on our servers, and encrypted when we transfer it between data centres for backup and replication.
Secure data centres
Conjoint.ly’s servers are located within enterprise-grade hosting facilities that employ robust physical security controls to prevent physical access to the servers they house. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits. Conjoint.ly maintains multiple geographically separated data replicas and hosting environments to minimise the risk of data loss or outages.
We store information on secure servers located in the United States. On custom projects and during execution of support activities, the data may be transferred to Australia and other countries to our employees and direct contractors.
Security monitoring
Conjoint.ly continuously monitors security systems, event logs, notifications and alerts from all systems to identify and manage threats.