What information do we collect?
To provide the Tably Service, we must process information about you.
Information and data you provide. We collect the details and content you provide when you use the Service, including when you sign up, create a profile, open/import a data file, database, service or other data source, or edit data.
Usage and device metadata. Metadata includes browser, operating system and hardware type & version, language, country, timezone, page views, page interactions, IP address and cookie information.
How do we use this information?
To provide and support the Service and related services described in the Terms of Service.
To discover and fix bugs in and improve the Service. Including product research and development.
To ensure the security and integrity of the Service. Including detecting and preventing spam.
To communicate with you. We use the information that we have to send you marketing communications, communicate with you about the Service and let you know about our Policies and Terms. We also use your information to respond to you when you contact us.
How is this information shared?
Data locality. The Service is hosted in the United States. If you access the Service from any other region of the world with laws or other requirements governing personal data collection, use, or disclosure that differ from applicable laws in the United States, then through your continued use of the Service, you are transferring your data to the United States, and you agree to have your data transferred to and processed in the United States.
Accounts that you share with. You can choose the audience for what you share on the Service, whether it’s private, visible to specific accounts, or public. Public information can be seen by anyone, including if they don’t have an account.
Our vendors and service providers. Information is shared with our service providers including our hosting provider Amazon Web Services EMEA SARL, payment processor, measurement partner and accountant.
Law enforcement or legal requests. We share information with law enforcement or in response to legal requests in the circumstances outlined below.
What is our legal basis for processing data?
We collect, use and share the data that we have in the ways described above:
- as necessary to fulfil our Terms of Service;
- consistent with your consent, which you may revoke at any time through the Service settings;
- as necessary to comply with our legal obligations;
- to protect your vital interests, or those of others;
- as necessary in the public interest and;
- as necessary for our (or others’) legitimate interests, including our interests in providing an innovative, personalised, safe and profitable service to our users and partners, unless those interests are overridden by your interests or fundamental rights and freedoms that require protection of personal data.
How can you exercise your rights provided under the GDPR?
Under the General Data Protection Regulation, you have the right to access, rectify, port and erase your data. Learn more about these rights and find out how you can exercise your rights in the Service settings. You also have the right to object to and restrict certain processing of your data. This includes:
- the right to object to our processing of your data for direct marketing, which you can exercise by using the “unsubscribe” link in such marketing communications, and
- the right to object to our processing of your data where we are performing a task in the public interest or pursuing our legitimate interests or those of a third party. You can exercise this right on the Service.
Data retention, account deactivation and deletion
We store data until it is no longer necessary to provide our services or until your account is deleted — whichever comes first.
How do we respond to legal requests or prevent harm?
We access, preserve and share your information with regulators, law enforcement or others:
- In response to a legal request, if we have a good-faith belief that the law requires us to do so. We can also respond to legal requests when we have a good-faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction and is consistent with internationally recognised standards.
- When we have a good-faith belief that it is necessary to: detect, prevent and address fraud, unauthorised use of the Service, breaches of our Terms or Policies, or other harmful or illegal activity; to protect ourselves (including our rights, property or Service), you or others, including as part of investigations or regulatory enquiries; or to prevent death or imminent bodily harm. For example, if relevant, we provide information to and receive information from third-party partners about the reliability of your account to prevent fraud, abuse and other harmful activity on and off the Service.
Information we receive about you can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for term breaches for at least a year to prevent repeat abuse or other term breaches.
How will we notify you of changes to this Policy?
We’ll notify you before we make changes to this Policy and give you the opportunity to review the revised Policy before you choose to continue using the Service.
How to contact Tably with questions
The data controller responsible for your information is Tably, which you can contact at email@example.com.
You can contact the Data Protection Officer for Tably at firstname.lastname@example.org.
You also have the right to lodge a complaint with Tably’s lead supervisory authority, the UK Information Commissioner, or your local supervisory authority.