ASPV Apps Privacy Policy

1            About this Privacy Policy 

1.1         Welcome to ASPV Apps.

1.2        ASPV Apps supplies apps and plugins (‘Software’) through the Trello Power-Up platform (our ‘Services’) at Trello.com operated by Trello, Inc. (‘Trello’). We are not affiliated, associated, authorized, endorsed by or in any way officially connected to Trello. This Software is owned and operated by ASPV Apps Ltd (company number 12358486) (“ASPV”).

1.3    ASPV is committed to maintaining the security of Personal Data provided to us. When you share Personal Data with us, we treat it with care and take our responsibility to protect it seriously.

1.4       We adhere to the General Data Protection Regulation (‘GDPR’) and any information will be collected, stored and processed within countries that comply with GDPR. Primarily data is stored within UK / EU/ USA data centres, all of which have the appropriate frameworks – including support for GDPR and EU Privacy Shield.

1.5         By using our Software, you consent to the collection and use of your data through your use of our Services as described in this Privacy Policy. If you do not accept our Privacy Policy, please do not access or use our Software.

1.6         We may update this Privacy Policy from time to time. Amendments to these Terms will be effective upon posting and operate as a condition of your continued use of our Software. It is your responsibility to check this page periodically for any updates to this Privacy Policy.

1.7         Any reference to “ASPV”, “we”, “our”, or “us” means ASPV Apps Ltd (company number 12358486). Any reference to “you”, or “your” means you as a user of our Software.

2         About the ASPV Software and Services

2.1         This Software is designed to be operated and managed as a “Power-Up” at Trello through the Trello Power-Up platform.

2.2         You warrant that you have familiarised yourself and agree to be bound by any applicable Trello.com terms and conditions of use and if applicable to this Software, Atlassian’s Cloud Terms of Service located at https://www.atlassian.com/legal/cloud-terms-of-service.

3        What Personal Data is collected

3.1         We collect bare minimum information from you if you purchase a licence key from Gumroad, Inc., the operator of the website located at https://gumroad.com (‘Gumroad’) to purchase and use the Software. This information consists of your Trello username and the email address that you may supply to Gumroad if you are processing your purchase of a licence key at Gumroad. Alternatively, we may require you to make your purchase from the Orah Apps Store, where we shall collect bare minimum information from you.

3.2         We use this information to validate you as the legitimate purchaser of the license key for our Software. If you use Gumroad to process the transaction and create an account with Gumroad, you warrant that you have familiarized yourself with, and agree to be bound by, the applicable Gumroad Terms located at https://gumroad.com/terms and Gumroad Privacy Policy located at https://gumroad.com/privacy. If you use Orah Apps Store to process the transaction, you warrant that you have familiarized yourself with, and agree to be bound by the Stripe Privacy Policy at stripe.com/privacy.

4        How we collect your Personal Data

4.1         ASPV collects Personal Data from you when you purchase a licence key at Gumroad or from the Orah App Store.

4.2         We may also receive Personal Data from you when you interact with us or from third parties in connection with the supply of our Services. If we do, we will protect your Personal Data in accordance with this Privacy Policy.

5        How we use your Personal Data

5.1         ASPV uses your Personal Data and you consent to us using your Personal Data to validate you as the purchaser of a licence key for our Software.

5.2         If you choose to withhold your Personal Data, it may not be possible for us to provide you with our Services.

6        Legal basis in the European Union (EU) for the collection and processing of your Personal Data

6.1         “Personal Data” refers to any information relating to an identifiable natural person who can be identified directly or indirectly (‘Data Subject’) (Article 4).

6.2       The GDPR applies to the data processing activities of businesses with an establishment in the EU or where the processing activities relate to offering goods or services to individuals in the EU or monitor the behaviour of individuals in the EU.

6.3        If you are an individual residing in the EU, we may collect and process Personal Data about you in accordance with the GDPR. A “Controller” says how and why personal data is processed and a “Processor” acts on behalf of the Controller by processing the data.

6.4         When you purchase our Software, we process Personal Data on your behalf as a Controller and otherwise to the extent that we are a Processor as defined in the GDPR.

6.5         The legal basis we rely on to collect and process your Personal Data is based on the following:

6.5.1         Contractual basis. This legal basis applies to the collection or processing of Personal Data in order to fulfil or perform a contract with you, or to which you are a party.

6.5.2         Consensual basis. This applies where you have provided your consent to the collection or processing of Personal Data for a specific purpose.

6.5.3         Legitimate interests. This applies where we have a legitimate interest to collect or process your Personal Data. For example, it may be to respond to an enquiry about our Services.

6.6         Legal obligations. This applies where it is necessary to disclose your Personal Data to comply with a legal obligation. In the event of a Personal Data breach including any breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data transmitted, stored or processed, we will report the breach to you (where we are required to do so under the GDPR) without undue delay after becoming aware of the breach, and not later than 72 hours after the breach giving you a description of the nature of the breach.

7        The Personal Data rights of individuals under the GDPR

7.1         If you are an individual residing in the EU, you have certain rights as to how your Personal Data is being controlled and used.

7.2         We comply with your rights under the GDPR (subject to the grounds set out in the GDPR) that permit you:

7.2.1         to be informed as to how your Personal Data is being used;

7.2.2         to access your Personal Data and to know specifically what information is held about you and how it is processed, where and for what purpose (we will provide you a copy of your Personal Data in electronic format free of charge if requested);

7.2.3         to rectify your Personal Data if it is inaccurate or incomplete;

7.2.4         to erase your Personal Data (also known as ‘the right to be forgotten’) if you wish to delete or remove your Personal Data;

7.2.5         to restrict processing of your Personal Data;

7.2.6         to retain and reuse your Personal Data for your own purposes (Personal Data portability);

7.2.7         to object to your Personal Data being used; an

7.2.8         to object against automated decision making and profiling.

7.3         You can contact us any time to exercise your
rights under the GDPR including as to:

7.3.1         request access to Personal Data that we hold about you;

7.3.2         to correct any Personal Data that we hold about you;

7.3.3         delete Personal Data that we hold about you; or

7.3.4         opt out of emails, marketing, and any other push notifications that you receive from us.

We may ask you to verify your identity before acting on any of your requests.

8        Security of your Personal Data

8.1         We are committed to ensuring that the data you provide to us is secure.

8.2         To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, such as encryption of Personal Data, to safeguard and secure data and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

9        Access to and how you can control your Personal Data

9.1         You may request details of Personal Data that we hold about you.

9.2     If you would like a copy of your Personal Data or believe that your Personal Data is inaccurate, out of date, incomplete, irrelevant, please contact us at support@orahapps.com.

10      Third-party tools and cookies

10.1     We may use technologies and third-party services that use Google Analytics, pixels, tags and web beacons (code snippets) on our Software to improve user experience, the supply of our Services and to analyse how our Software is used.

10.2       The information collected is mostly anonymous traffic data and may include your IP address, browser type, device information, and language. The information collection is in aggregate form so that it cannot identify any individual user and provides an overview of how people use our Software. It is not used for any additional purpose.

 

10.3       We may use cookies on our Software. Cookies are very small files which a Software uses to identify you when you come back to the Software and to store details
about your use of the Software.

11      How to Contact Us

11.1       You can contact us at support@orahapps.com.

© 2020 ASPV Apps Ltd. ALL RIGHTS RESERVED.
Privacy Policy last updated 5 February 2020.