cookie

We use cookies to improve your browsing experience. By clicking «Accept all», you agree to the use of cookies.

Company Privacy Policy

Effective date: 26.10.2023

Telemetr.io (“Telemetr.io”, “we”, “us”, “our”) owns, operates, and provides a Website https://telemetr.io/, Chatbots https://t.me/telemetr_io_bot (@telemetr_io_bot), https://t.me/TelemetrioAlertBot (@TelemetrioAlertBot) andhttps://t.me/telemetrio_api_bot(@telemetrio_api_bot) in Telegram and API (collectively “Software”), as well as any other related products or services (“Services”), o a capable natural person (“User” and “users”), who uses our Software and Services according to the Terms of Use.

This Company Privacy Notice was created for employees and subcontractors (collectively “Employees”,they”, “you” and “your”), of Telemetr.io for an explanation of how Telemetr.io and they must use and process Users’ personal data.

  1. Terminology

      Consent. Any freely given, specific, informed, and unambiguous indication of the data subject’s wishes, signifies agreement to the processing of personal data relating to him or her.

      Controller. The natural or legal person (and others) who determines the purposes and means of processing.

      Co-controller. The natural or legal person (and others) who determines the purposes and means of processing with another controller.

      Cookies. Refers to small text files that are placed on your computer by websites that you visit. Websites use cookies to help users navigate efficiently and perform certain functions. Cookies that are required for the website to operate properly are allowed to be set without your permission. All other cookies need to be approved before they can be set in the browser. Cookies have the following types:
      • Strictly Necessary. Strictly necessary cookies allow core website functionality such as user login and account management. The website cannot be used properly without strictly necessary cookies;
      • Performance. Performance cookies are used to see how visitors use the website, eg. analytics cookies. Those cookies cannot be used to directly identify a certain visitor;
      • Targeting. Targeting cookies are used to identify visitors between different websites, eg. content partners, and banner networks. Those cookies may be used by companies to build a profile of visitor interests or show relevant ads on other websites;
      • Functionality. Functionality cookies are used to remember visitor information on the website, eg. language, timezone, enhanced content;
      • Unclassified. Unclassified cookies are cookies that do not belong to any other category or are in the process of categorization.;

      Cookie Banner. A special message (banner) is used to grant permission to use cookies and block them at the request of the User. Allows you to consent and set cookies.

      Data Protection Authority. The public organization or governmental body protects the data subjects from unlawful processing.

      Data Subject. The natural person, whose personal data is processed.

      Legal Ground for Processing. One of the legally defined grounds for which the processing of personal data is permitted. There are the following reasons:
      • Consent
      • Legitimate interest
      • Obligation

      Personal Data. Any information relating to an identified or identifiable natural person.

      Personal Data Breach. A breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored, or otherwise processed.

      Processing. Any action or set of actions with personal data.

      Processor. The natural or legal person, who processes personal data on behalf of the controller.

      Profiling. Any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

      Third-Party. Any person, except the subject of personal data, the Controller or Processor and the Data Protection Authority, to whom the Controller or Processor transfers personal data.

  2. Principles of Data Processing
    Principles of personal data protection. Telemetr.io processes personal data according to the following principles:
    • Lawfulness, fairness, and transparency;
    • Purpose limitation;
    • Data minimization;
    • Accuracy;
    • Integrity and confidentiality;

    Lawfulness, fairness, and transparency. Personal data must be processed lawfully, fairly, and in a transparent manner.

    Purpose limitation. Personal data must be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes..

    Data minimization. Personal data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.

    Accuracy. Personal data must be accurate and, where necessary, kept up to date.

    Integrity and confidentiality. Personal data must be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

  3. Data Subject Rights
    Right to access personal data. The User can receive information regarding specific personal data Telemetr.io has collected about the User, as follows:
    • Purpose of processing;
    • Categories of personal data concerned;
    • Recipients of categories of recipients to whom the personal data has been, or will be, disclosed;
    • The envisaged period for which the personal data will be stored or the criteria used to determine that period;
    • The existence of the right to rectification, erasure, or restriction of processing personal data concerning the User or to object to such processing;
    • The right to lodge a complaint with a supervisory authority;
    • Where personal data is not collected from the User, any available information as to the source;
    • The existence of any automated decision-making, including profiling as well as the significance and envisaged consequences of such processing for the User;
    • Where personal data is transferred outside of the EEA (which consists of EU member states and Iceland, Lichtenstein, and Norway), the User has the right to be informed of the appropriate safeguards in place and to request a copy of them.

    Right to rectification of personal data. The User can correct your personal data if it has been changed or incorrectly collected.

    Right to erasure (deletion) of personal data. The User can ask us to delete personal data.

    Right to restrict processing of your personal data. The User can temporarily restrict the processing of personal data.

    Right to personal data portability. The User may receive personal data in a human and machine-readable format for transmission to another controller.

    Right to object. The User may object to data processing if Telemetr.io:
    • Process personal data for direct marketing purposes, including profiling related to direct marketing.
    • Process personal data that we consider necessary for its or a third party’s legitimate interest.

    Right to reject automated individual decision-making (profiling). The User shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning.

    Right to withdraw consent. The User can withdraw your consent on personal data processing if Telemetr.io uses this ground for processing.

    Right to opt-out from Marketing/Send Out. The User can withdraw your consent on personal data processing for marketing and send-out purposes.

    Right to ask a question and/or make a claim on data processing. The User allows to ask us any question according to data processing or privacy legislation.

  4. Data Subject’s Rights Enforcement

    Data Subject Request Form. The User can enforce his rights, ask us any question about your personal data or make a complaint through the following e-mail:[email protected]

    User Verification. When the User submits an inquiry to Telemetr.io, we may need to verify his identity to protect his privacy and prevent unauthorized access to his personal data.

    Verification Methods. The specific verification methods we use include:
    • Request for additional information;
    • The request for documents;
    • Mobile call;

    Failed Verification. If the User failed verification or Telemetr.io has reasonable personality doubts, we shall provide a message stating that we have doubts about the identity, why we have these doubts, and why in this case we cannot provide a response. In addition, the name, surname, and patronymic of the responsible person who denies access must be indicated.

    Successful Verification. If the User has successfully passed the data verification, we notify him or her and provide a response to the request.

    Inquiry in general. Telemetr.io shall provide in response to the information requested by the User, depending on the type of inquiry.

  5. Personal Data
    User’s Website Visit. When the User visits the Website, he gives us his personal data under the following conditions:
    • Personal Data. A version of a web browser, IP address, time zone, cookie information, what sites or products he views, search terms, and how he interacts with the Site.
    • Purpose of collection. To load the Website accurately for the User, and to perform analytics on Website usage to optimize our Website.
    • Source of collection. Collected automatically when the User accesses our Website.
    • Legal Ground. Legitimate interest.
    • Terms. While the User is using our Website and 1 year after.
    User’s Chatbots Visit and Registration. When the User visits the Chatbots or registers in the Software, he gives us his personal data under the following conditions:
    • Personal Data. First and last name, patronymic (if applicable), IP address, username in Telegram, photo, language, Telegram ID, and how he interacts with the Software.
    • Purpose of collection. To load the Software accurately for the User, to perform analytics on Software usage to optimize our Software, to provide Services, and make marketings send out.
    • Source of collection. Collected automatically when the User accesses our Software and Services.
    • Legal Ground. Consent.
    • Terms. While the User is using our Software and Services and 1 year after.
    Subscriber’s Personal Data from Channels in Telegram. When the User adds Chatbots to his Channels or groups on Telegram, Telemetr.io process the personal data of the Subscribers under the following conditions:
    • Personal Data. First and last name, patronymic (if applicable), username in Telegram, language, Telegram ID, gender, account status, messages, photo, and how they interact with the Channels on Telegram.
    • Purpose of collection. To provide Services to the User, to perform analytics on Software, and improve its.
    • Source of collection. Collected automatically when the Subscribers access Channels on Telegram.
    • Legal Ground. Legitimate interest or other legal grounds, which the User uses for data processing with help of Telemetr.io.
    • Terms. While the User is using our Software and Services and 1 year after.
    User’s and admins’ Personal Data from Channels in Telegram. When the User adds Chatbots to his Channels or groups on Telegram, Telemetr.io process the personal data of the User and his admins under the following conditions:
    • Personal Data. First and last name, patronymic (if applicable), username in Telegram, language, Telegram ID, gender, the right to administer other channels, and how they interact with the Channels on Telegram.
    • Purpose of collection. To provide Services to the User, to perform analytics on Software, improve its and make marketings send out.
    • Source of collection. Collected automatically when the User and admins access Channels on Telegram.
    • Legal Ground. Legitimate interest.
    • Terms. While the User is using our Software and Services and 1 year after.
    Customer Support Information. When the User contacts our customer support, you give us your personal data under the following conditions:
    • Personal Data collected. First and last name, patronymic (if applicable), username in Telegram, language, Telegram ID, gender, the right to administer other channels, and how they interact with the Channels on Telegram.
    • Purpose of collection. To provide information about our product and services, consult how to use our Software, etc.
    • Source of collection. Collected from the User.
    • Legal Ground. Consent.
    • Terms. While the user is using the Software and 1 year after.
    Other processing conditions. These are other conditions apply to your data processing:
    • Data source. We process personal data received from the User and public sources. If in the future, we process personal data obtained from Third Parties, we will notify the User of this.
    • Data storage. User’s personal data is stored on servers in Germany and Finland.
  6. Cookies

    Consent on Cookies. The User consent to the use of cookies by clicking the appropriate button at the first appearance of the Cookie banner. At the same time, the User can choose which cookies will be used and later change the settings.

    Withdrawal of consent. The User may not consent to the use of cookies by clicking on the appropriate button at the first appearance of the Cookie banner or later withdraw such consent. Only Strictly Necessary Cookies will be collected and processed in this way.

    Cookie:Goal:Timeframe:Co-controller:
    Strictly Necessary
    _hjSession_{site_id}Holds current session data Ensures subsequent requests in the session window are attributed to the same session30 minutes, extended on user activity.Hotjar
    Connect.sidThis cookie is used for authentication and for secure log-in. It registers the log- in information1 dayMopad
    OptanonConsentStores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category1 yearMailchimp
    Performance
    _gaAnalytics2 yearsGoogle
    _hjSessionUser_{site_id}Persists the User ID which is unique to that site Ensures data from subsequent visits to the same site are attributed to the same user ID365 daysHotjar
    _gcl_auAnalytics, advertising90 daysGoogle
    Targeting
    _cs_idAdvertising13 monthsContentSquare
    _hjIncludedInSessionSample_{site_id}Determine if a user is included in the data sampling defined by your site's daily session limit2 minutes, extended every 30 seconds.Hotjar
    Ajs_user_idThis cookie helps track visitor usage, events, target marketing, and can also measure application performance and stability1 yearSegment.com
    ajs_anonymous_idTo store last visit1 yearSegment.com
    Functionality
    langUsed to remember the user's language settings.sessionTelemetr.io
    _BEAMER_FIRST_VISIT_This cookie stores the date of the user's first visit to the site so it can display recent updates.300 daysBeamer
    _BEAMER_USER_ID_Stores an internal ID for this user.300 daysBeamer
    NEXT_LOCALEThis cookie helps us with remembering your preffered language and contains only the ISO code of the language.365 daysTelemetr.io
    _hjSessionUser_{site_id}Ensures data from subsequent visits to the same site are attributed to the same user ID.365 daysHotjar
    _cs_cTo store cookie consent preferences.13 monthsContentSquare
    Unclassified
    Utm_paramsPendingsessionTelemetr.io
    In case of disagreement between this Cookie Notice and the cookie banner regarding the classification, number, description and properties of cookies, the cookie banner takes precedence.
  7. Advertisement

    Direct marketing. We will send the User emails, SMS, push messages and another type of electronic messages and make a phone call if you give your consent or ask us to do so.

    Advertisement on the Software. Telemetr.io will display advertisements on our Software based on a legitimate interest to promote our services and earn money on our business, or if the User gives consent to another physical or legal entity to use your personal data through, for example, Google AdSense or Facebook Network Audience.

    Targeting Marketing. We will use targeting marketing via Co-controllers services based on User’s consent given to our Co-controller (for example, social networks, search engines, websites, mobile applications, and other Internet platforms).

    Data for Targeting Marketing. Telemetr.io may use the next type of personal data for targeting the User:
    • Full name.
    • Sex, gender, marital status, and age.
    • Registration and residence address.
    • Phone number links to social networks, and instant messengers.
    • Information about friends and contacts.
    • Physical and email address.
    • Place of work.
    • Search terms and preferences.
    • Reactions.
    • Information from accounts.
    • Any other information.

    Basis of targeting marketing. Telemetr.io processes this personal data based on joining to the Terms of Use and under the Privacy Notices of our Co-controllers, on the grounds and for the purposes specified in the documents of the respective platforms.

    Right exercise on targeted marketing. To exercise Users’ rights, they need to check the settings of the respective platforms and/or contact their support services.

  8. Other Processing

    Minors. We don’t process the personal data of people who are under 16 years.

    Profiling. We don’t use profiling on the User.

    Selling Personal Data. We will not sell User’s personal data at all, without their consent.

    Data processing in corporate changing. During a corporate change of our legal entity, User’s personal data may be given to a new Controller, Co-controller, and/or processor.

  9. Processors
    Software:Co-controller:Goal of use:Privacy Notice:
    Google WorkspaceGoogle LLCCreating e-mail with the company’s domain name, document workflow, creating forms etc.Link
    TelegramTelegram Messenger IncCommunication, marketing and service provisionLink
    JiraAtlassian, Inc.Track issues, manage projectsLink
    ConfluenceInformation management, documentation workflowLink
    SentryFunctional Software, Inc. d/b/a SentryApplication monitoring solutionLink
    MiroRealtimeBoard, Inc. dba MiroMind map and wireframe creationLink
    FigmaFigma, IncDesign and mind map creationLink
    GitLabGitLab B.V. and GitLab, IncSoftware Development, hosting and versions controlLink
    PeopleforcePEOPLEFORCE LTDHR and recruiting automatizationLink
    HetznerHetzner Online GmbHHosting for Website, Chatbots, etc.Link
    FreehostПП «Фріхост»Hosting for Website, Chatbots, etc.Link
    CloudflareClouldflare Inc.Software protectionLink
    We may share User’s personal data with any processors when it is necessary to provide services to you or for our business.
  10. Co-controllers
    Software:Co-controller:Goal:Privacy Notice:
    TelegramTelegram Messenger Inc.Communication, marketing and service provisionLink
    GoogleGoogle LLCSearch engine and advertisementLink
    FacebookMeta Platforms, Inc.AdvertisementLink
    InstagramMeta Platforms, Inc.AdvertisementLink
    Google AnalyticsGoogle LLCAnalytics, advertisingLink
    HotjarHotjar LtdTo persist the User ID, to ensure data from subsequent visitsLink
    BeamerJoincube IncSoftware development, hosting, and versions controlLink
    SegmentTwilio Ireland LimitedAnalytics, marketingLink
    ContentSquareContent Square SASAnalyticsLink
    MopudAppLovin CorporationAnalyticsLink
    MailchimpIntuit IncStores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category.Link
    -User and owners of groups and channels in TelegramAnalytics of groups and channels in Telegram-
    We may share User’s personal data with any processors when it is necessary to provide services to you or for our business.
  11. Personal Data Protection

    Protection in general. Telemetr.io protects personal data through technical and organizational measures.

    Measures of protection. These measures include:
    • HTTP connection with SSL and TLS certificates.
    • Training employees in cyber security and data privacy via onboarding;
    • Employees distribute access to personal data;
    • Distribute storing in different databases;
    • Safe servers for web hosting and data storage;
    • Integration with Third Party’s software through official APIs;
    • Strong password requirements.

    HTTP connection with SSL and TLS certificates. An HTTP connection with SSL (Secure Sockets Layer) and TLS (Transport Layer Security) certificates is a secure method of establishing a connection between a client and server over the internet, encrypting the data transmitted between them to prevent eavesdropping, tampering or forgery.

    You should visit only websites with an HTTP connection with SSL and TLS certificates.

    Training employees in cyber security and data privacy via onboarding. This type of training covers topics such as password security, phishing awareness, social engineering attacks, data classification and handling, incident reporting, and other related topics to ensure that employees are aware of their role in maintaining the security of the organization's information assets and are equipped with the knowledge and skills to identify and mitigate security risks

    You visit our training in cyber security and data privacy.

    Distribute access to personal data. Employees' distribution access to personal data refers to the practice of granting access to personal data on a need-to-know basis, where employees are only given access to the personal data that is necessary for them to perform their job responsibilities.

    You must not attempt to gain unauthorized access to personal data to which you should not have access and report any known to you such access by another employee or contractor.

    Distribute storing in different databases. This approach ensures that the data is not stored in a single point of failure and can be accessed even if one of the databases or data centers is offline or unavailable. By distributing data storage in this way, Telemetr.io can improve its overall data resilience and reduce the impact of any potential data breaches or disasters that could affect the availability or integrity of data.

    You must not attempt to gain unauthorized access to personal data in different databases to which you should not have access and report any known to you such access by another employee or contractor.

    Safe servers for web hosting and data storage. This includes implementing security measures such as firewalls, intrusion detection systems, access controls, data encryption, backups, and disaster recovery plans. Safe servers also provide physical security measures, such as access controls, environmental controls, and power backups to ensure that servers remain operational even during power outages or other disruptions.

    You must not attempt or interfere with the operation of these systems and report any incident of infringement.

    Integration with Third Party’s software through official APIs. By using official APIs, organizations can securely exchange data and information with third-party services while minimizing the risk of security breaches or other issues that can arise from unauthorized integration. Official APIs provide a standardized, secure, and controlled way for applications to interact with each other, ensuring that data is transmitted and received in a secure and reliable manner.

    When integrating with third-party software, employees and contractors must use only official APIs provided by the third-party service. The use of unauthorized integration methods or non-standardized APIs is strictly prohibited.

    Strong password requirements. Include a combination of length, complexity, and uniqueness:
    • The password length must be at least 12 characters;
    • Use at least one uppercase letter, one lowercase letter, one number, and one symbol from the set of @#$%^&+=!?;
    • Avoid using simple words and phrases, as well as personal information such as names, dates of birth, etc;
    • Passwords must be unique and not reused for different accounts;
    • It is recommended to change the password every 90 days. It is recommended to use two-factor authentication for additional account protection.
  12. Personal Data Deletion

    Consent. If Telemetr.io processes personal data based on the User’s consent and the User revoked this consent, we shall delete this personal data within 12 months after the revocation.

    Contract. If Telemetr.io processes personal data based on the contract between us and the User or to conclude such contract and this contract was terminated or the conclusion of such contract was declined, we shall delete this personal data within 12 months after the termination or rejection.

    Legal obligation. If Telemetr.io processes personal data based on our legal obligation, we shall delete this personal data within 12 months after the cancellation of this legal obligation.

    Vital interest. If Telemetr.io processes personal data based on the User’s vital interest, we shall delete this personal data within 12 months after the termination of such vital interest.

    Legitimate interest. If Telemetr.io processes personal data based on our legitimate interest and the User objects to our legitimate interest, we shall delete this personal data within 12 months after the objection.

    Exceptions. The above-mentioned rules have the following exceptions:
    • Business needs.Timeframes can be prolongated, but no longer than up to 24 months, in the case that the data deletion will interrupt our ongoing business;
    • Legal requirements.The retention period can be prolongated if it is required by laws or ordered by a government body. In this case, the period will be prolongated according to such requirements;
    • Technical impossibility.Some information is technically impossible or disproportionally difficult to delete. For e.g. deletion of the information may lead to a system integrity violation, or it is impossible to delete the information from the backup copies. In such cases, the information can be further stored;
    • Anonymization.The User’s data can be further processed for our own purposes (e.g. marketing) if we fully anonymize these data after the retention period is expired. This means that all personal identifiers and connections to them will be deleted from the data.
  13. Data Breach Notification

    Response Team. If a Data Breach is detected, a team consisting of specialists, including external specialists, and the management of Telemetr.io must be established. The team should deal with eliminating Data Breach and/or minimizing its consequences. One of the authorized members of the group shall alert the DPA about Data Breach. And, if necessary, also the data subject. Each Data Breach must be recorded and described.

    Notifying the DPA. We shall notify the respective DPA within 72 hours after we become aware of the data breach and report the following information:
    • Describe the nature of the data breach.
    • Contain the name and contact details of the responsible person from whom more can be obtained more information.
    • Describe the possible consequences of the data breach.
    • Describe the measures taken or proposed by us to address the data breach.
    Notifying the User. If a data breach may lead to a violation of the User’s rights and freedoms or has a high risk of this, we shall immediately inform you of the fact of the data breach and report the following information:
    • Describe in clear and simple language the nature of the data breach.
    • Contain the name and contact details of the responsible person from whom more can be obtained more information.
    • Describe the possible consequences of breaching the security of personal data.
    • Describe the measures taken or proposed by us to address the data breach.
    • Provide you with useful tips and know-how that can help you in reducing the risks of a data breach.
  14. Contact Information

    Contact Telemetr.io. The User can ask us any question about his personal data or make a complaint through the following e-mail: [email protected]. We will give you an answer as soon as possible, but no more than 30 calendar days

    Contact our Processors and Co-controllers. The User can make inquiries or complaints to our Processors and Co-controllers via any available means of contact on their websites. The timing and procedure for responding depend on the internal policies of our Processors and Co-controllers

    Contact DPA. The User can ask DPA any question about his personal data or make a complaint through the following link:https://edpb.europa.eu/about-edpb/about-edpb/members_en The timing and procedure for responding depend on the internal policies of DPA.

  15. Miscellaneous

    Effective date. This version of the Company Privacy Policy is valid from the Effective date

    Employees Consent. Employees grant their consent to obey the Company Privacy Policy by signing labor contracts and/or service agreements with reference to the Company Privacy Policy. Employees oblige to obey the Company Privacy Policy during the duration of their contracts with Telemetr.io (if another not stated in the respective contracts)

    Changes. Telemetr.io may make changes from time to time to the Company Privacy Policy. The new version will be valid from the time of the changes of the Effective date.

    Governing law and Dispute resolution. This Company Privacy Policy is construed in accordance with Estonian legislation.

    Languages. This Company Privacy Policy is available in English. If there are any differences between the English and any other translated versions, the English version will be the correct one.

  16. Legal Information

Company Name: TELEMETRIO OÜ

Company Number: 16802664

VAT Number: Not applicable

Business Address: Harju maakond, Tallinn, Kesklinna linnaosa, Narva mnt 5, 10117

Email: [email protected]