Privacy Policy

Last Updated:

This Privacy Policy describes how Desking Oy ("Company", "we", "us", or "our"), the operator of Inbind ("Service"), collects, uses, discloses, and protects your personal information.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Information We Collect

1.1 Information You Provide to Us

We collect information that you voluntarily provide when you:

  • Create an account: Name, email address, company name, and password

  • Use the Service: Content, data, and materials you upload, submit, or transmit through Inbind

  • Communicate with us: Information you provide when you contact our support team or communicate with us

1.2 Information We Collect Automatically

When you use the Service, we automatically collect certain information, including:

  • Usage data: Information about how you interact with the Service, including features used, actions taken, pages viewed, and time spent

  • Device information: IP address, browser type and version, operating system, device identifiers, and device settings

  • Log data: Server logs, error reports, and diagnostic information

  • Cookies and tracking technologies: We use cookies, web beacons, and similar technologies to collect information about your browsing activities. See Section 4 for more details

1.3 Information from Third Parties

  • Connected Platform data: When you connect third-party platforms to Inbind, we access and process data from your connected content management systems as authorized by you through your API credentials

  • Payment information: If you subscribe to a paid plan, our payment processors collect and process your payment information. We do not directly store complete payment card details

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Providing and Improving the Service

  • To operate, maintain, and provide the features and functionality of Inbind

  • To integrate with and sync data from your connected platforms

  • To process your transactions and manage your subscription

  • To provide customer support and respond to your inquiries

  • To monitor and analyze usage patterns and trends to improve the Service

  • To develop new features, products, and services

2.2 Communication

  • To send you technical notices, updates, security alerts, and administrative messages

  • To communicate with you about your account and subscription

  • To respond to your comments, questions, and requests

2.3 Security and Compliance

  • To detect, prevent, and address technical issues, security incidents, and fraudulent activity

  • To protect the rights, property, and safety of Desking Oy, our users, and the public

  • To comply with legal obligations and enforce our Terms of Service

2.4 Analytics and Performance

  • To understand how users interact with the Service using analytics tools

  • To measure the effectiveness of our Service and improve user experience

3. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, our legal bases for processing your personal information include:

  • Contract performance: Processing necessary to provide the Service under our Terms of Service

  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving the Service, ensuring security, and preventing fraud

  • Consent: Where we have obtained your explicit consent to process your information for specific purposes

  • Legal obligations: Processing necessary to comply with applicable laws and regulations

You have the right to withdraw your consent at any time where we rely on consent as the legal basis for processing.

4. Cookies and Tracking Technologies

4.1 What We Use

We use cookies, web beacons, local storage, and similar tracking technologies to:

  • Remember your preferences and settings

  • Authenticate your account and maintain your session

  • Analyze usage patterns and Service performance

  • Understand user behavior and improve the Service

4.2 Types of Cookies

  • Essential cookies: Necessary for the Service to function properly

  • Functional cookies: Enable enhanced functionality and personalization

  • Analytics cookies: Help us understand how users interact with the Service (e.g., PostHog)

  • Performance cookies: Collect information about how the Service performs

4.3 Your Choices

Most web browsers are set to accept cookies by default. You can configure your browser to refuse cookies or alert you when cookies are being sent. However, some features of the Service may not function properly without cookies.

For analytics cookies, you may opt out by using browser privacy controls.

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

We share information with third-party service providers who perform services on our behalf, including:

  • Hosting and infrastructure: Heroku (data hosting and application infrastructure)

  • Content delivery and security: Cloudflare (CDN, security, and performance optimization)

  • Analytics: PostHog and similar analytics platforms

  • Payment processing: Third-party payment processors for subscription billing

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

5.2 Business Transfers

If we are involved in a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction, your information may be transferred as part of that transaction.

5.3 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Legal processes (subpoenas, court orders, legal proceedings)

  • Requests from government authorities or law enforcement

  • Situations where disclosure is necessary to protect our rights, property, or safety, or that of our users or the public

5.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

6. Data Storage and Security

6.1 Data Location

Your personal information is stored on servers located in the European Union. We do not transfer your data outside the EU/EEA.

6.2 Security Measures

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption of data in transit and at rest

  • Regular security assessments and monitoring

  • Access controls and authentication mechanisms

  • Employee training on data protection and security

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6.3 Data Retention

We retain your personal information for as long as necessary to provide the Service and fulfill the purposes described in this Privacy Policy. When you terminate your account, we will delete or anonymize your personal information within a reasonable timeframe, unless we are required to retain it for legal, regulatory, or legitimate business purposes.

7. Your Rights and Choices

7.1 Access and Portability

You have the right to access the personal information we hold about you and, in certain circumstances, to receive a copy of that information in a portable format.

7.2 Correction and Deletion

You have the right to correct inaccurate personal information and request deletion of your personal information, subject to certain legal exceptions.

7.3 Restriction and Objection

You have the right to restrict or object to our processing of your personal information in certain circumstances.

7.4 Withdraw Consent

Where we rely on your consent to process your information, you have the right to withdraw that consent at any time.

7.5 Data Protection Authority

If you are located in the EEA, UK, or Switzerland, you have the right to lodge a complaint with your local data protection authority if you believe we have violated your privacy rights.

7.6 Exercising Your Rights

To exercise any of these rights, please contact us using the information in Section 13. We will respond to your request within the timeframe required by applicable law (typically 30 days).

8. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

8.1 Right to Know

You have the right to request information about the categories and specific pieces of personal information we have collected, the sources of that information, the purposes for collection, and the categories of third parties with whom we share information.

8.2 Right to Delete

You have the right to request deletion of your personal information, subject to certain exceptions.

8.3 Right to Opt-Out

You have the right to opt out of the sale or sharing of your personal information. We do not sell personal information.

8.4 Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA/CPRA rights.

8.5 Authorized Agent

You may designate an authorized agent to make requests on your behalf. We may require proof of authorization.

To exercise your California privacy rights, please contact us using the information in Section 13.

9. International Users

While our Service is available globally and this Privacy Policy applies to all users, please note:

  • Our servers and data processing facilities are located in the European Union

  • We comply with GDPR and other applicable European data protection laws

  • If you access the Service from outside the EU, your information will be transferred to and processed in the EU

By using the Service, you consent to the transfer and processing of your information in the EU.

10. Children's Privacy

The Service is not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete that information promptly.

11. Third-Party Links and Services

The Service may contain links to third-party websites, services, or integrations that are not operated by us. This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services you use.

We are not responsible for the privacy practices or content of third-party services.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this Privacy Policy

  • Notify you by email or through a notice on the Service

  • Provide you with an opportunity to review the changes before they become effective

Your continued use of the Service after the effective date of the updated Privacy Policy constitutes acceptance of the changes.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at [email protected]

For data protection inquiries, including exercising your privacy rights, please email us or contact us through the Service.

14. Data Processing Addendum

If you are a business customer who processes personal data through the Service, please refer to our separate Data Processing Addendum (DPA) which outlines the terms under which we process personal data on your behalf.