Data privacy policy of DoneDeal

Don’t be evil. A statement previously used by Google in their Code of Conduct. A statement which we follow, believe and our values meet. Our as founders, our as early employees, our as product designers, our as value creators for you – users of the DoneDeal Today.

Data privacy is a key concern for us. Taking it not seriously enough or abusing stands against the Don’t be evil policy. As founders we started building a product for ourselves and have these main areas where data privacy can not be compromised:

  • Personal data
  • Company data
  • Partners data
  • Sales related data
  • IP of DoneDeal Today

Each of this topic is covered in the section below. We are ready for an open discussion if you disagree with anything written here. Please note that as texts are written by non-native speakers there might some mistakes and things that can be interpreted. By accepting these agreements you still understand, that there exist risks, like:

  • risk of being hacked. Hacked directly (website or other software we programmed) or through our service providers (like payment gateways, Mail delivery services, API and other).
  • risk of human factors. Even though we have processes, policies, access rights limitations and more there is always a risk associated to human behavior.
  • risk of hardware failure. It can just fail.
  • risks of poor coding at our side. It is hard to admit, but there is always more then one option how to code a function. At the same moment there is a risk of choosing the wrong path and leaving a hole. To avoid this we do pen-testing (security tests), have code quality reviews and different kind of scenarios. Still even the biggest providers sometimes gets hacked. We have this risk too.

This list is not finite and by using our service you understand, that we can not guarantee more then providing the service on the highest quality we can without accepting any liabilities or loss for you or your clients in case our service malfunctioned, was compromised or hacked.

Yet we took actions to minimize/prevent these risks from happening. And we are constantly on a timely manner reviewing the code of ours, partners and others to ensure the highest security level.

Personal data

Personal data is any information that relates to an identified or identifiable living individual. For contract generation we might require this information, based on the template you choose. In addition we might require this information to identify if you are eligible to represent your company. It is optional for you to decide what can be provided to our service while this information is not required by us.

Yet you take the full responsibility to ensure that the person whose information stored agrees to provide this information. 

Under the regulation of EU for GDPR related question we assume ourselves as a data processing service while you keep the ownership and control (data control) role.

Data is sent to third parties (our partners) only for transcription service. The data about contract parties, except you provide it verbally, is not sent to these mentioned third parties. While no contract storage service is provided from our side (you will be informed once it is rolled out), your partners (other parties of the contract with potential personal data) data is deleted, once provided for you.

No personal data is used for our Machine Learning mechanisms.

Company data

We understand what is sensitive data for business. For contracting we focus on catching deliverables and what is important for you instead of pricing and timeline data. The information you enter is kept in our servers as short as possible to provide you the document ready to use.

For machine learning part we keep only terms – phrases/sentences/block of sentences used to form a document. If the amount of users using the same term is relatively low, your used term is not appearing for other users. If the term is widely used, we assume it is not a business secret in provided contracting/scoping context.

As you are receiving a ready to use document, you should exclude any part that includes a business secret from the app usage. You may enter this information later on.

Yet we keep the information discrete. Blocks we transcribe are sent in portions to transcription service. We are paying extra and this data is not used for Machine Learning part of our partners. You do not train them. Most of the time your audio portions are mixed into other recordings (made by other users) meaning there is hard to build a full scoping part for your specific contract (assuming someone is actively listening).

Recommendations DoneDeal.Today provide are based on publicly available agreements and requirements for work. In addition we are working ourselves to support offers on what needs / can be included into different sets of documents. You opt in yourself into providing information, if you choose. Otherwise your data is your data, not ours.

If you choose to have extra services for quality control, information is provided only to our partners with whom we have signed NDAs, liabilities agreed (including fines) and mutual trust. We do not use cheep services for outsourcing taking care of your data with highest consciousness and love. Otherwise only machines access your data.

Partners data

We choose only well known and highly trustful service providers when there is no economical sense into developing stuff ourselves. Stuff can be defined as anything needed for you to receive the quality service and make an agreement in a minute.

We send data to partners only which is needed for them to provide service. We constantly review what do they get and if it is a must. Nice to have stuff is not sent to them. Never. The biggest partner of ours is Google.

Sales related data

To acquire users we might store some information into the CRM. Data is stored only for sales purposes with your knowledge. When you are submitting an inquiry to us we assume that you allow us to store information, necessary to ensure the best experience for you.

Once you become our customer we keep storing data on your general usage of the service (without content), your activity, payments, other client related information. When (if) you leave us we keep only necessary data for the book keeping and re-onboarding of you. Otherwise we respect your privacy.

IP of DoneDeal Today

We develop a lot. We use some of the best Open Source projects leaving all required credits. We also build our own solutions. We keep main principles doing that:

  • to separate customer data from the processing layer – meaning that our experiments and development is not affecting the data and policies related to data manipulations in any ways.
  • to use only well tested and well maintained Open Source solutions.
  • To contribute back to the community with code, not the data.

End Notes

This policy is a subject of change. Yet principles remain the same. As mentioned before, feel free to contact us, help us to improve this policy and ensure, that your property – your data is treated in a best positive way.