Privacy Policy

How we treat your and your users' data

Overview

Chameleon Intelligent Tech Inc. (“Chameleon,” “we,” or “us”) is committed to protecting the privacy of its customers and end users.

This page summarizes the data we collect from the Chameleon website (“site”) or software application, including API (“app”) and how we help ensure excellent privacy standards. When you use our site or app you agree to the data practices as per this policy.

Chameleon:

  • Fully complies with the EU General Data Protection Regulation (“GDPR”).
  • Implements ‘privacy by design’ within our software systems and platform
  • Encrypts all customer and end-user data
  • Uses best-in-class cloud vendors with excellent security standards.

Data collected

Chameleon collects data about customers and processes data on behalf of customers, about their end users. Chameleon does not sell any data to third-parties, and makes clear it’s responsibilities as a Data Controller and Data Processor under the GDPR.

Detailed information about the data we collect and our lawful bases for this is available here.

Customer data

Chameleon collects email address when someone signs up for the service from our site. We use this as your unique identifier and attach all your account data to this. It is required to use Chameleon.

We will only use your email address for necessary purposes to use Chameleon. For tangential purposes (such as sending you product updates and leveraging usage information for improvements) we offer a clear opt-in when signing up.

Chameleon also collects email address and may also collect phone number when someone requests a demo. This is used for scheduling a call and contacting you about this.

Chameleon also collects email addresses when someone subscribes to our blog, and we fulfil this request by sending product updates and relevant content.

End user data

Chameleon does not collect any personal data from end users automatically. Our customers may send us data about end users that contains personal data, such as name, email address etc. This is valuable for customers to know which users are engaging in product tours and to help target and personalize tours based on user data and actions.

We provide a range of methods to support customers in providing their end users with their individual rights under GDPR, including erasure, restriction etc. Learn more about that here.

Data retention

Our data retention policy is to delete all data associated with any Chameleon account that has not seen any activity for 1 year. We do support specific requests for data deletion, either by emailing help@trychameleon.com or via our API.

Data security

Chameleon leverages best-in-class practices around data security including serving over HTTPS, 256 bit SSL and controls to prevent data access between customers. We backup data daily and all backups are encrypted.

To learn more about our security practices and protocols, please read this article.

Regulatory compliance

We never sell data to third parties or share it in ways not listed in our vendor overview. However we reserve the right to share data with other organizations in the following circumstances:

To investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of the Terms of Service, or as otherwise required by law If Chameleon is acquired by or merged with another company. In this event, Chameleon will notify you before information about you is transferred and becomes subject to a different privacy policy.

Updates and more info

For more information about GDPR compliance please review this article.

We may update and improve this Privacy Policy and will attempt to notify you. Regardless, if you continue to use our services, you accept our current Privacy Policy.

For questions or comments, please contact us at privacy@chameleon.io.

Last updated - 24 May 2018