At Napkin, we care deeply about the privacy and security of your data. This Privacy Policy will help you understand what data we collect, what we use it for and how you can exercise your rights. We abide by the following principles while processing your data:

This Privacy Policy applies to services offered through our websites and to services that we provide in connection with our software. Our websites may contain links to other websites. Once redirected to a website outside of our domains, this Privacy Policy is no longer applicable.

You can browse our homepage without giving away any information about you. Just decline the cookies, and no data will be collected. However, if you accept cookies the Google Tag Manager will be loaded in the background. We don't collect any personal data at this point and also anonymized the IPs. The anonymous data we collect for analytics help us to figure out how many people visit our website, which languages they speak and so on. This is important for optimizing the homepage and marketing efforts we undertake to bring Napkin to the world. Once you decide to contact us or test or use the Napkin app, you will be asked to provide personal details which – depending on the context – may encompass your name, your email address, and your motivation to use Napkin. We may use this data e.g. to perform an agreement concluded with you, communicate with you and inform you about updates and bug fixes, seek your feedback on our software and pursue other legitimate goals (e.g. prevent ourselves against fraud). Within the app we may use Firebase and Intercom to gather anonymized data about user behavior. This helps us with improving the app quickly. You can find more information about how we process your data in these contexts in the What information do we collect and when? section. Our software is web-based. Your personal data is hosted on state-of-the-art server technology located in Europe. You can find more information about how we process data in the What information do we collect and when? section and in our Terms of Service. You have the right to request access to your data and the right to have information about you corrected or deleted. You also have the right to have the processing of your data restricted. If the processing of your data is based on your consent, you also have the right to withdraw it at any given time. Withdrawal of your consent will not influence the lawfulness of processing based on this consent before its withdrawal. If the processing of your personal data is based on our legitimate interests, you also have the right to object against such processing. We will not use your data for the purposes of automated decision-making or profiling. You can find more information about your rights in the What are your rights? section. If you want to exercise your rights or have any other questions relating to this Privacy Policy you can contact us via team@napkin.one.

You can browse our websites without giving away any information about you. We do not use cookies on our homepage. However, recording of your IP address is necessary for technical purposes related to the administration of our servers. We will not be able to identify you based only on your IP address.

Within the application we have to use cookies. The so-called 'cookies', which are small information files saved to your hard drive. We make use of (1) session cookies, which remain on your device until a web browser session is completed or the web browser is closed, and (2) persistent cookies, which remain on your device until their expiry date is reached or until you delete them. The persistent cookies that we use are never stored for more than a year.

We use cookies for several purposes:

Unless you set up your internet browser (e.g. Google Chrome) not to accept cookies, it will accept the use of them. You can always disable cookies in your browser’s preferences even if you have consented to the use of cookies in the past. You can also delete cookies stored on your computer at any given time. Please note that disabling cookies may negatively impact your online experience in the Napkin app and prevent you from using certain functions and features.

Once you decide to contact us you will be asked to provide your personal details such as your name. Depending on the type of your question, we will use this data to communicate with you. If you are not our customer and decide not to become one, we will delete your data after your matter is solved and information about you is no longer needed. The processing of your personal data in all of the above cases is based on our legitimate interest, i.e. the need to respond to business queries received from current and potential customers.

We use your Information to:

We will use your information to perform our contractual obligation towards you to allow you to create an account and use the services. The information we process when doing so includes your registration information, information you provide to us when using the app and information you provide when communicating with us.

It is in our legitimate interests to improve our services for our customers. When doing so, we may collect information we automatically collect or is generated about you when you use the app, as well as non-personal information about your device such as device manufacturer, model and operating system.

If you reach out to us for support, we will use your information to respond to and resolve your queries and complaints and facilitate support (e.g. retrieval of a forgotten password). When doing so, we perform our contractual obligation towards you. The information we process doing so includes your registration information, your identifiers, and any other information about you collected via our customer support channels.

It is in our legitimate interests to analyze the use of, and any other interaction or interest in our app. When doing so we will process information we automatically collect or is generated about you when you use the services to create anonymized and/or aggregated data regarding your app usage.

We will send you emails with reports, opt-in newsletters with product news, and tips and tricks to use our services. When doing so, we process your registration information. Your consent can be withdrawn at any time by replying "unsubscribe".

It is in our legitimate interest to protect our interests by (1) monitoring the use of the services to detect fraud or any other user behavior which prejudices the integrity of our services, (2) taking steps to remedy aforementioned fraud and behavior, (3) defending ourselves against legal claims or disputes, and (4) enforcing our terms and policies. When doing so, we will process the Information relevant in such a case, including information you provide us, information we automatically collect about you, and information which is provided to us by third parties.

From time to time, we may ask you to participate in surveys we conduct which are in our legitimate interest because they help us understand our user base and improve the services. If you participate, we process your registration information and any other information collected through the survey questions.

Your information will be processed by our employees and service providers in the U.S and Europe. We take steps to ensure all transfers are protected by adequate safeguards, including the standard contractual clauses approved by the European Commission.

Your information is kept for as long as necessary to achieve the purposes set out above. Generally, it is stored for as long as you are registered and using our services, and then for up to 6 years from the date you stop using the services, or promptly following a valid erasure request. Some information we collect will be stored for longer where we have an overriding legitimate interest to retain such information (for example, information on suspicious behavior of certain users of our Services and transaction records). When deleting information, we will take measures to make the information irrecoverable or irreproducible, and electronic files which contain Information will be deleted permanently.

In order to comply with requests concerning your rights, sometimes we may ask you to give us some additional information that we will use to verify your identity. If you fail to provide such information and the information that you have already given to us is not sufficient to identify you, we may refuse to fulfill your request. If you wish to exercise any of the rights described below you can do this by contacting us using via team@napkin.one.

You have the right to access the information that we have on you. If you choose to exercise this right, we will also make sure to provide you with a copy of the data we process about you.

We will fulfill your request by sending your copy electronically, unless the request expressly specifies a different method. For any subsequent access request, we may charge you an administrative fee.

If you believe that the information we have about you is incorrect, you are welcome to contact us, so we can update it and keep your data accurate. We will automatically delete information about you after it is no longer needed for the purposes it was collected for. Nonetheless, if at any point you wish for us to delete information about you, you have the right to do so. You also have the right to obtain restriction of processing of your data.

In case the processing of your personal data is based on a contract, you have the right to receive the personal data that you have provided to us in a structured, commonly used and machine-readable format. You can also request us to transmit such data to another controller if it is technically feasible.

If the processing of your data is based on a consent, you have the right to withdraw your consent at any time. Remember that withdrawal of consent will not affect the lawfulness of processing based on this consent before its withdrawal. In case the processing of your data is based on our legitimate interest you have the right to object to such processing.

We guarantee that all your personal information is protected, and that we will not make this information available to third parties in cases different than those specified below, unless you give us a permission to do so or unless such disclosure is necessary to comply with a legal obligation that is imposed on us.

We may share information that you provided us with while purchasing a license for our software, or that you defined in our software, with:

Whenever possible, we will try to use processors which process personal data within the European Economic Area (“EEA”). In case there is a need for us to use processors located outside of the EEA, we will only disclose personal data to them provided that appropriate international data transfer safeguards described in the GDPR are in place.

As of the date of this Privacy Policy, we may transfer information that you provided us with to the United States of America. Such transfer will rely on the mechanisms provided in the GDPR that allow the transfer of personal data outside the EEA, including in particular standard contractual clauses approved by the European Commission.

If you have further questions about international data transfers that we make or want to obtain a copy of the safeguards that are in place to guarantee the legality of the transfer you can contact us via team@napkin.one.

We constantly review our Privacy Policy and strive towards making it better. That is why we reserve the right to amend this Privacy Policy from time to time. We will not reduce any of your rights stated in this Privacy Policy without asking for explicit prior consent to the changes. Each amendment to the Privacy Policy will be signed with the date of publishing and will be effective from that date.

If you have any questions or doubts related to this Privacy Policy or want to know more about how we protect your personal data or your rights, contact us via team@napkin.one.