At Twimo, we respect your privacy and are committed to protecting your information.

In this Privacy Policy, we describe how Twimo collects, uses and discloses information, when you access or use Twimo’s online collaboration and data management platform that includes its web-based application, website, services and systems (collectively, the “Services”) or when you otherwise interact with us, and the choices you have with respect to the information.

By accessing or using the Services or otherwise providing your data to us via any other means, you accept and consent to the rights, obligations and practices described in this Privacy Policy. If you do not consent to these terms, do not access or use the Services or any other aspect of Twimo’s business.

We reserve the right to make changes or modifications to this Privacy Policy at any time, without notice and at our sole discretion. Any changes or modifications to this Privacy Policy will be effective immediately upon posting the revisions on our Services. Your continued use of our Services following the posting of changes or modifications to this Privacy Policy will constitute your acceptance of such changes or modifications. If you do not agree to such changes or modifications, do not continue to use the Services.

DEFINITIONS

In this Privacy Policy,

• “Twimo”, “we” or “us” refers to Twimo Solutions Private Limited;
• the “Customer” refers to an organisation or entity which has contracted with us to use our Services and is bound by the Customer Terms of Use and all other terms incorporated by reference (the “Customer Agreement”);
• “you” or the “User” refers to an individual, bound by the User Terms of Use and all other terms and policies incorporated by reference (the “User Terms”), who is invited and authorised by the Customer to create an account (“User Account”) and join teams that the Customer has created on the Services for the purpose of collaboration and data management;
• “Customer Representative” refers to the User elected by the Customer to be the ultimate authority and representative of the Customer in its interactions and transactions with us, with the responsibility to discharge the responsibilities and obligations of the Customer under the Customer Agreement;
• “Personal Information” refers to information that is associated with an identified or identifiable natural person, can be used to identify a natural person and is protected as personal data under applicable data protection law or regulation.
• “Controller”, “Processor” and “Subprocessor” have the meanings as defined in the Data Processing Addendum.

OUR APPROACH TO PRIVACY

We collect, use, share and disclose information for purposes described in this Privacy Policy or otherwise disclosed to you on or in connection with our Services.

We ask for only the least amount of information necessary to provide our Services to you, improve them and conduct business. Barring a few exceptions (mentioned in “Other Information” below), the information we collect comes from you. For all cases, we share with you what we collect, how and to what end, and inform you of the choices you have.

We neither sell nor make money off your information in any way from any third-party. We do not allow advertising on our Services in any form or fashion. We treat your Personal Information the way we would like ours to be treated.

TYPES OF INFORMATION

The information Twimo collects or receives from you is of two types:

1. “Customer Data” refers individually and collectively to any and all content submitted to the Services via User Accounts related to the Customer’s use of the Services.
2. “Other Information” refers to information and data that we collect or receive that is not Customer Data.

You are not under any statutory or contractual obligation to provide any Customer Data or Other Information (collectively, the “Information”). However, certain Information is collected automatically and certain Information, if absent, may make it difficult or impossible to provide our Services to you or the Customer.

CUSTOMER DATA

What is collected

You and other Users authorised by the Customer to join the Customer’s teams, routinely submit Customer Data to Twimo when you use the Services. Such Customer Data includes, without limitation, User Personal Information submitted to the Services via the User’s profile page, conversations, notes, files, documents, links, email invitations to third-party persons to join the Customer’s teams on the Services, Personal Information of third-party donors, volunteers, customers or beneficiaries, fundraising or program records, email communication, and other information.

How Customer Data is used, shared, disclosed and retained

Customer Data is created and used for the purposes of collaboration between the Customer’s Users, and management of the Customer’s data towards fulfilling the Customer’s plans and goals, or, in other words, the very reason why the Customer has requested the use of our Services.

The Customer is the Controller of the Customer Data, owns all Customer Data, determines the access and disposition of the Customer Data, its teams and its User Accounts, and applies its own policies to the Services as applicable and appropriate.

Twimo is only the Processor of Customer Data. Twimo will use, share, disclose or retain Customer Data in accordance with

• the provision, delivery, operation and improvement of the Services subject to the Customer Agreement,
• any Customer instructions subject to the Customer Agreement,
• any applicable law or regulation.

Exercising your rights related to Personal Information in Customer Data

Any Personal Information that is part of the Customer Data will be processed in accordance with the Data Processing Addendum entered into by the Customer and Twimo and incorporated in the Customer Agreement. The Customer is the Controller and Twimo, only the Processor, of such Personal Information in Customer Data.

Twimo provides the Customer and its Users the tools and settings they need to manage Personal Information in Customer Data in accordance with the consent and instructions given by the individual to whom the Personal Information belongs.

If the Customer Data contains your Personal Information, as a User, you may be able to manage, update or delete such Personal Information by using the tools and settings provided by the Services. For any other processing not supported by such tools and settings or if the individual exercising his / her rights is not a User of the Services under the Customer’s teams, please contact the Customer for further assistance or clarifications.

OTHER INFORMATION

What is collected

1. User Account and team information provided by you or the Customer that includes your name, email address, password and the teams to which you should have access. This enables you to accept the Customer’s invitation, create a User Account, access and use the Services and keep such access secure. Your team affiliation is essential to determine the teams to which you ought to have access and the permissions or level of participation you ought to have.
2. Customer Representative information provided by the Customer that includes the names, emails, phone numbers and other contact information of its Customer Representatives. This allows us to contact such Customer Representatives for important updates related to the Customer’s use of the Services, its User Accounts, payments, etc.
3. Payment information provided by the Customer or the Customer Representative related to payments, billing and refunds. The Customer’s payments to us are processed via a payment gateway provider. We do not store credit card information on our Services.
4. Device, browser and server information like your Internet Protocol (IP) address, Internet Service Provider (ISP), device hardware type, its operating system and version, the browser type and version, language preference, timezone, city and country information, referrer URL, access date and time. This information helps us better understand the visitors to our website. It helps us ensure that our Services are compatible across the spectrum of devices, OS and versions that our Users have.
5. Log information about how you access or use our Services, the features you use, access times, access frequency, errors or warnings encountered, performance data, User settings and configuration, usage quota, etc. This information helps us improve our Services and your experience, resolve bugs, determine feature usage, and better plan for infrastructure.
6. Cookie information that includes
   • Twimo’s cookies help us to identify the logged-in User and their settings, and validate that the requests purportedly coming from a User are indeed coming from that User’s valid, logged-in session.
   • Third-party analytics tools that in turn use cookies and tracking technologies like web beacons, pixel tags, tracking pixels, scripts and other similar technologies to identify visitors, track website navigation, gather demographic information about our visitors and email responses. This helps us improve our Services through better understanding of feature usage, user flows on our Services, user experience difficulties, comparative design decisions, effectiveness of email campaigns, etc.
7. Referral information we receive about a prospective customer of our Services, which may include name, email, organisation or other information. Before you refer someone to us, we urge you to get their consent to share their information with us.
8. Third party information from partners, affiliates, social media sites or publicly-available sources may be collected and combined with Other Information we have to help us make marketing, product or design decisions, better engage with you on your requirements and to improve our Services. Twimo does not integrate with third-party services for User authentication and therefore, does not collect any Personal Information via authentication requests to other services.
9. Interaction information that you give us when you request support, participate in promotions, events or surveys, apply for a job, provide feedback or otherwise communicate with us. We use this information to make our Services better, provide support, respond to your requests, process payments and inform you of updates related to the Services.

How Other Information is used

Twimo may use Other Information in furtherance of our legitimate interests in operating, delivering and improving our Services and business. The preceding section on the list of Other Information that we collect also explains the specific intent behind the collection and use of the various types of Other Information.

Additionally and in general, Twimo uses Other Information to

• provide, operate, improve and protect our Services;
• monitor and analyse trends, problems or bugs, usage and activities in connection with our Services;
• prevent, address or resolve technical issues and provide support;
• personalise the Services, which may include arranging content or providing features that match User preferences and settings;
• send you technical notices, updates, security alerts, and administrative messages related to your User Account or the Services;
• communicate with you about products and services, solicit or respond to feedback about our Services;
• detect and prevent fraudulent transactions and other illegal activities, to report spam, and to protect the rights and interests of Twimo, its Users, Customers, partners, third parties and the public;
• comply with applicable law, legal process or regulation.

Twimo may use aggregated or anonymised information toward any business purpose, as long as it is no longer Personal Information.

We will never use your Personal Information and any feedback you give us as a testimonial or for marketing purposes, without first getting your consent. You will have an opportunity to review the testimonial and the details we publish before we publish them. If you wish to revoke a testimonial, you can write to us at support@twimo.co.

How Other Information is shared or disclosed

Without prejudice to and subject to the Customer Agreement, we do not share Other Information (and any Personal Information it includes) with any party except:

• with the Customer and other Users who belong to the same Customer teams as you,
• with Twimo’s employees on a need-to-know basis,
• with third-party companies or individuals who are Twimo’s business partners, consultants or services providers who need access to such information to carry out their work for us,
• with third-party payment processors to process payments towards the Customer’s use of the Services,
• with another company, subject to confidentiality agreements, in connection with, or during negotiations of, any merger, reorganisation, bankruptcy, dissolution, sale of company assets, public offering, financing or acquisition of all or a portion of our business,
• to assess our compliance with industry standards,
• to comply with applicable law, regulation, legal process or a court-ordered governmental request,
• to enforce our agreements, policies and rights; to protect the security and integrity of our Services; to protect Twimo, our users or the public from harm or illegal activities.

We may share publicly or with our partners for any purpose, aggregated or anonymised information that does not contain Personal Information.

Your choices with respect to Other Information and its retention

The following points outline the choices and methods you have to manage your Personal Information in Other Information, most of which can be done by managing and updating your Personal Information on our Services, or using the guidelines given below.

• User Account and profile information : You may update or correct the Personal Information about you, your name, location, contact details, login email and password at any time from your User Account’s profile and account settings page. You can remove any and all information in your profile with the exception of your name, login email address and password, which are required for your continued use of the Services.
• Team information : The profile and account settings page also shows the Customer teams you currently belong to, your administrator role on them (if any) and any invites to Customer teams you have received that are pending and yet to be accepted. Your profile information is not visible to Users outside your teams at any time.
• Joining teams : Accept invitations only to those Customer teams to which you truly belong. You can also decline invites you have received or leave a team at any time from this page.
• Leaving teams : When you leave a team, the other Users of the team can no longer see your name, photograph or any of your profile information. However, the Customer Data you created while you were part of the team (including your interactions with other Users of the team) which belong to the Customer, are retained for the Customer’s use (see “Customer Data” section above).
• Deleting your User Account : If you wish to delete your User Account, you can do so on the account settings page. All your profile information, except your name and login email address, are deleted from the Services. We retain your name and login email address in the event of a future legal or legitimate business need for this information, for example, to enforce agreements, investigate copyright claims against content that you posted before deleting your account, etc. The other Users of the team will not be able to see your your name or login email address. However, the Customer Data you created while you were part of the team (including your interactions with other Users of the team) which belong to the Customer, are retained for the Customer’s use (see “Customer Data” section above). Please note that a purge of your deleted profile information from our logs and backups could take upto 60 days from the date of deletion of your User Account.
• Emails and notifications : We send to your login email address (a) email notification digests of the activity in your teams and mark those that are of particular relevance to you, (b) any invitations sent to you by your Customer (or by Twimo on the explicit request by and on behalf of the Customer), to join teams on Twimo, and (c) updates or notifications from Twimo on matters of importance, including but not limited to, your User Account or your use of the Services. You may opt out of receiving notification digests from Twimo or change their frequency from the account settings page. You cannot opt out of receiving invitations or important User Account updates, unless you delete your User Account on the Services.
• Cookies : Most web browsers are set to accept cookies by default. You can also choose to set your browser to remove or reject any browser cookies. Mixpanel respects your browser’s Do-Not-Track (DNT) settings which you can set with the help of this resource (external link). Twimo’s cookies cannot be disabled if you wish to use our Services because they provide vital information needed to identify the logged-in user and to validate genuine requests. If you do not want to allow Twimo’s cookies on your browser, please delete your account on the Services and do not visit our website. If you use our Services with your browser configured to reject cookies, we cannot guarantee that our Services would function properly or as intended.

If you are not a User of our Services and wish your Personal Information in Other Information removed from our records or database, you can send us an email to support@twimo.co. If you are a User of our Services, you need to cease the use of our Services before requesting us to remove all your Personal Information in Other Information from our database.

Twimo may retain Other Information pertaining to you for as long as necessary for the purposes described in this Privacy Policy, including keeping certain Other Information after deletion of your User Account. Such retention is done where the Other Information concerned is needed for Twimo’s legitimate business interests, to conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.

If you need additional help or have any questions related to your Information choices, you can email us at support@twimo.co.

SECURITY

Twimo takes the security of your Information very seriously. We work hard to safeguard your Information and protect your Information from loss, misuse, unauthorised access or disclosure. Please review our Security Practices document to understand the technical, administrative and organisational measures that Twimo takes to safeguard your Information.

THIRD-PARTY LINKS AND CONTENT

Our Services do not include social media widgets, blogs or public forums. Our Services or the Customer Data in our Services may contain links to third-party websites, applications or other services (“Third Party Services”) that are not under the scope of this Privacy Policy. This Privacy Policy applies only to our Services.

If you submit Information (including your Personal Information) to any of these Third Party Services, please review their privacy policies and terms to ensure that your Information is handled in accordance with your expectations. We are not responsible for any breach of your privacy or Information or any other loss arising to you as a result of collection of your Information by such Third Party Services.

GDPR COMPLIANCE AND ROLES

The EU General Data Protection Regulation (GDPR) comes into effect starting 25 May 2018. GDPR applies to the collection, processing and transmission of Personal Information of a natural EU person.

Twimo assumes two roles in relation to GDPR.

1. Twimo acts as the Controller of Other Information. This Privacy Policy details the Personal Information we collect as part of Other Information, how we use, share, disclose it and how you can exercise your rights under GDPR over your Personal Information in this Other Information.
2. Twimo acts solely as a Processor of Customer Data and the Customer is the Controller of Customer Data. Twimo’s Processing of Customer Data is governed by the Data Processing Addendum, incorporated into the Customer Agreement.

SUBPROCESSORS AND INTERNATIONAL TRANSFERS OF DATA

Twimo is headquartered in Bangalore, India. We use third-party Subprocessors located globally, including in the United States, to provide us the infrastructure or services we need, to be able to deliver our Services to you.

You understand that your use of our Services may result in Information being transferred to, stored and/or processed in any country where Twimo or our Subprocessors maintain infrastructure or facilities and you consent to such transfer, storage and/or processing. While in such jurisdictions, your Information may be subject to access pursuant to the laws of those jurisdictions (which may be more or less comprehensive than the laws of your country).

We ensure that such Subprocessors are used only to the extent necessary and where possible, we use Subprocessors who themselves have robust GDPR-compliant privacy policies. You can obtain a current list of our Subprocessors here.

For our Customers who operate in the European Union, the European Economic Area and/or their member states and Switzerland, Twimo offers European Union Model Clauses (also known as Standard Contractual Clauses), as part of our Data Processing Addendum (incorporated into the Customer Agreement), to meet the adequacy and security requirements of Customer Data and to govern the international transfers of such Customer Data.

CONTACT

We recommend that you first contact the Customer for any clarifications you seek about the handling of your Personal Information or if you need help in exercising your statutory rights.

If you have any further clarifications or other questions regarding this Privacy Policy or need further assistance, you can email us at support@twimo.co.