1.2. This Data Policy applies when the User installs Njinn’s software, accesses or uses any of Njinn’s websites and online services, or other digital properties and when the User otherwise interacts with Njinn, including when the User contacts Njinn for customer support (collectively, the “Services”). The User hereby explicitly agrees to all terms set forth herein when using the Services.
1.3. To the extent that Njinn processes, through its Services and upon instruction of the User, any data which relates to an identified or identifiable individual natural person (“Personal Data”), Njinn shall be the data processor and the User the controller in the terms of the GDPR. For all such processing of Personal Data the DATA PROCESSING AGREEMENT shall apply and the User, by accepting this Data Policy, also explicitly agrees to enter into this DATA PROCESSING AGREEMENT.
2. General Rights and Obligations relating to User Data
2.1. The User shall be responsible in relation to Njinn for all (i) Personal Data and non-personal data entered by the User or transmitted to Njinn by or on behalf of the User for the purpose of using the Services and (ii) all Personal Data and non-personal data generated, stored and otherwise processed by the Njinn in connection with the User’s use of the Services (hereinafter “User Data”).
2.2. The User is solely responsible for (i) the legality of the User Data; (ii) the accuracy and completeness of the User Data; (iii) obtaining the necessary consent by the data subjects concerned required to enable Njinn to process such User Data – this includes both Personal Data and non-personal data; and (iv) obtaining and maintaining all other necessary authorizations and licenses in connection with the User’s use of the Services.
2.3. Njinn is not responsible for any infringement of any intellectual property or other rights of any third-party or any breach of any law relating to the User Data and the communication thereof.
2.4. Njinn will collect, store and process any and all User Data to the extent required to fulfill Njinn’s obligations under the Terms and Conditions of Service and this Data Policy and in accordance with all applicable law, in particular all applicable data protection legislation, and as Confidential Information (as defined in section 12.2. of the Njinn Terms and Conditions of Service https://www.njinn.io/tos and shall not do anything that would cause the User to be in breach of any applicable laws, including data protection legislation.
2.5. The User grants Njinn a non-exclusive, worldwide, transferable right to store, transmit, display, edit and otherwise use User Data as necessary (i) for the purpose of providing the Services and (ii) to store, transmit, display, process and otherwise use the User data for the purpose of verifying the User’s compliance with the provisions of the Njinn Terms and Conditions of Service https://www.njinn.io/tos.
2.6. During the User’s subscription to Njinn’s online services and software, the User has the option of accessing the User Data, extracting it and exporting it. Retrieval and export may be subject to technical restrictions and requirements. In this case, Njinn and the User will agree on a reasonable method to enable the User to access the User Data.
2.7. The User shall defend, indemnify and hold Njinn harmless from any and all claims, losses, expenses or damages arising from or related to claims resulting out of Njinn’s processing of User Data for the provision of the Services, with the sole exception of claims arising out of willfull or grossly negligent acts by Njinn.
3. Use of Anonymized Data for Online Service Development
Njinn and may collect, use and disclose all User Data and any other Personal Data relating to the User for the purpose of benchmarking studies, marketing or other business purposes, and may perform analyses using (in part) User Data and information resulting from the use of the Services by the User. All Personal Data and analyses collected, used and passed on in this way will be anonymized and will not identify the User or other third-parties included in this data. Examples of how to use analyses include: Resource and support optimization, research and development; process automation for continuous improvement, performance improvements, development of new Njinn products and services, verification of data security and integrity; internal demand planning and data products such as industry trends and developments, indices and anonymous benchmarking.
4. Personal Data Collected by Njinn
4.1. Depending on the User’s actions, Njinn may process the following Personal Data of the User, either automatically or as submitted by the Users:
- First and last name
- Email address
- Phone number
- VAT number
- Billing address
- Organizational affiliation
- Role/Job title
This Personal Data is saved by Njinn in combination with the specification of the User’s order. It is exclusively used for the fulfillment of the specific order and for providing the Services to Users. The legal basis for this collection of Personal Data is Art. 6 para. 1 sentence 1 lit. b GDPR (necessary for the performance of a contract).
4.2. In addition to the processing of data set forth under 4.1 above, Njinn may process the following Personal Data of the User, either automatically or as submitted by the Users:
- Details about interaction with the Service (website, API and UI) (e.g. user client used (browser, device, OS), time and duration of access, clicks, taps, sequence and duration of access, origin of access (MAC and IP address, geo location, referrer domain))
- Definitions of any entity (e.g. workflows, tasks) in the Njinn platform
- Process runs/runtime data
This Personal Data is processed by Njinn for the purpose of actual Service delivery, support case processing, creation of benchmarking studies, personalized marketing in the form of newsletters and personalized marketing-E-mails or offers, improvement of the Service and may perform analyses using (in part) User Data and information resulting from the use of the Services by the User. The user hereby explicitly consents to such processing of Personal Data as set forth in this section. The legal basis for this collection of Personal Data is Art. 6 para. 1 sentence 1 lit. a GDPR (consent). The User may revoke or restrict such consent at any time – see section 6. below.
4.3. By accepting this Data Policy, the User allows Njinn to send newsletters and personalized marketing E-mails. The User can opt out of receiving a newsletter each time such newsletter is received. Upon opting out, the user will not receive any further newsletters from Njinn.
4.4. Moreover, in the course of a purchase, the User will also be prompted to provide his payment details via third-party payment providers such as PayPal, Stripe, Braintree, Klarna; however, this data is not provided to Njinn. Rather, the user is forwarded to the respective third-party payment providers to effect such payment. This data and the authorization to take recurring payments will be stored by the respective payment providers for the purpose of fulfilling the order, but will not be made accessible to Njinn.
4.5. Njinn has implemented appropriate technical and organizational measures to ensure that all Personal Data processing is performed in accordance with applicable data protection legislation and that all Personal Data is protected against breaches, loss or manipulation. Please note that Users are themselves responsible for the adequate security and protection of their log-in data (username and password).
Information on Njinn’s Use of Data
5.1. Njinn cannot carry out all of its data processing on its own. For the purpose of performing contract obligations with Users, Njinn is using the services of trusted third-parties. These partners of Njinn have implemented appropriate technical and organizational measures to ensure the protection of data.
5.2. The following cases of data usage and transfer are not subject to a user’s consent under applicable data protection legislation, either because they are required for the performance of contracts only or because they involve only anonymized, non-personal data. Nonetheless, for reasons of transparency, Njinn hereby informs about how this data is used:
- Contract performance: Njinn itself will use the Email address, first and lastname submitted to send out an order confirmation and for possible subsequent coordination and support request regarding the order and the usage of the Service itself.
- Website: The Njinn Website is hosted by the following company: Hetzner Online GmbH, Germany. Njinn is using Google Analytics in its website to improve the web appearance. Njinn is using Google reCaptcha to secure and avoid abuse of provided services.
- Data storage and processing: All User Data and all other Personal Data collected by Njinn is stored and processed securely at servers of the following company: Hetzner Online GmbH, Germany
User Rights regarding User’s Personal Data
The User has the following rights in connection with the processing of its Personal Data. Any of the following rights may be exercised by sending a specific Email outlining the User’s request from the Email-address registered with the User’s username to firstname.lastname@example.org.
6.1. The User has the right to information about the Personal Data stored by Njinn. This means that the User may have the right to obtain from Njinn confirmation as to whether or not Personal Data concerning the User is processed, and, where that is the case, to request access to the Personal Data. The access information includes – inter alia – the purposes of the processing, the categories of Personal Data concerned, and the recipients or categories of recipients to whom the Personal Data have been or will be disclosed. However, this is not an absolute right and the interests of other individuals may restrict the User’s right of access.
6.2. The User has the right to obtain a copy of its Personal Data undergoing processing.
6.3. The User has the right to have incorrect Personal Data corrected. This means that the User may have the right to obtain from Njinn the rectification of inaccurate Personal Data concerning the User. Depending on the purposes of the processing, the User may have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.
6.4. The User has the right to fully or partially withdraw the consent granted to Njinn’s data use under this Data Policy at any time or to request a restriction on the processing of the User’s Personal Data. Such a withdrawal will not affect the lawfulness of the processing prior to the consent withdrawal. If requested, Njinn will stop processing or transferring the data as outlined in this Data Policy. If such partial or full withdrawal makes it impossible or impractical for Njinn to perform the Services, Njinn reserves the right to terminate the contract relationship, provided the User’s payments already made are adequately refunded.
6.5. The User has the right to have the User’s Personal Data deleted. If requested by the User, all Personal Data relating to the User will be terminally deleted.
6.6. The User has the right to data portability, i.e. to receive the data concerning the User in a structured, commonly used and machine-readable format and have Njinn transmit this data to another controller
6.7. The User also has the right to lodge a complaint with the competent data protection supervisory authority, in particular in the EU Member State of the User’s habitual residence or of an alleged infringement of data protection legislation.
Duration of Storage of Personal Data
All Personal Data collected by Njinn will be stored only as long as required to perform the contract with users, but in no case longer than 2 YEARS after contract termination, unless longer storage is required by law (e.g. 7 years for tax and auditing purposes for billing data).
8.1. Several areas of the Njinn Services use ‘cookies’ ─ small text files that are placed on the User’s computer and stored by the browser. They are used by Njinn to provide a more user-friendly, effective and secure service. Cookies also enable Njinn to identify the User’s browser and offer services to the User. Some Cookies may contain any personally identifiable information or permit any conclusions on Personal Data.
8.2. The User can prevent the installation of cookies by entering the corresponding settings in the User’s browser software. In this case, the User may not be able to use the complete range of functions of the Njinn Services to its full extent.
Changes to Data Policy
Njinn may change this Data Policy at any time or substitute this Data Policy at Njinn’s sole discretion. The User should check regularly for the most up-to-date version of this Data Policy whenever the User accesses the Services. This Data Policy was last updated on 5.9.2019.