Terms of use - Telemetrio

Telemetr.io (“Telemetr.io”, “we”, “us”, “our”) owns, operates, and provides a Website https://telemetr.io/, Chatbots https://t.me/telemetr_io_bot (@telemetr_io_bot) andhttps://t.me/telemetr_io_bot(@telemetr_io_bot) in Telegram and API (collectively “Software”), as well as any other related products or services (“Services”), o a capable natural person (“User” and “users”), who uses our Software and Services according to the Terms of Use.

This Company Privacy Notice was created for employees and subcontractors (collectively “Employees”,they”, “you” and “your”), of Telemetr.io for an explanation of how Telemetr.io and they must use and process Users’ personal data.

Terminology
Principles of Data Processing
Principles of personal data protection. Telemetr.io processes personal data according to the following principles:
- Lawfulness, fairness, and transparency;
- Purpose limitation;
- Data minimization;
- Accuracy;
- Integrity and confidentiality;
Lawfulness, fairness, and transparency. Personal data must be processed lawfully, fairly, and in a transparent manner.
Purpose limitation. Personal data must be collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes..
Data minimization. Personal data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
Accuracy. Personal data must be accurate and, where necessary, kept up to date.
Integrity and confidentiality. Personal data must be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.
Data Subject Rights
Right to access personal data. The User can receive information regarding specific personal data Telemetr.io has collected about the User, as follows:
- Purpose of processing;
- Categories of personal data concerned;
- Recipients of categories of recipients to whom the personal data has been, or will be, disclosed;
- The envisaged period for which the personal data will be stored or the criteria used to determine that period;
- The existence of the right to rectification, erasure, or restriction of processing personal data concerning the User or to object to such processing;
- The right to lodge a complaint with a supervisory authority;
- Where personal data is not collected from the User, any available information as to the source;
- The existence of any automated decision-making, including profiling as well as the significance and envisaged consequences of such processing for the User;
- Where personal data is transferred outside of the EEA (which consists of EU member states and Iceland, Lichtenstein, and Norway), the User has the right to be informed of the appropriate safeguards in place and to request a copy of them.
Right to rectification of personal data. The User can correct your personal data if it has been changed or incorrectly collected.
Right to erasure (deletion) of personal data. The User can ask us to delete personal data.
Right to restrict processing of your personal data. The User can temporarily restrict the processing of personal data.
Right to personal data portability. The User may receive personal data in a human and machine-readable format for transmission to another controller.
Right to object. The User may object to data processing if Telemetr.io:
- Process personal data for direct marketing purposes, including profiling related to direct marketing.
- Process personal data that we consider necessary for its or a third party’s legitimate interest.
Right to reject automated individual decision-making (profiling). The User shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning.
Right to withdraw consent. The User can withdraw your consent on personal data processing if Telemetr.io uses this ground for processing.
Right to opt-out from Marketing/Send Out. The User can withdraw your consent on personal data processing for marketing and send-out purposes.
Right to ask a question and/or make a claim on data processing. The User allows to ask us any question according to data processing or privacy legislation.
Data Subject’s Rights Enforcement
Data Subject Request Form. The User can enforce his rights, ask us any question about your personal data or make a complaint through the following e-mail:[email protected].
User Verification. When the User submits an inquiry to Telemetr.io, we may need to verify his identity to protect his privacy and prevent unauthorized access to his personal data.
Verification Methods. The specific verification methods we use include:
- Request for additional information;
- The request for documents;
- Mobile call;
Failed Verification. If the User failed verification or Telemetr.io has reasonable personality doubts, we shall provide a message stating that we have doubts about the identity, why we have these doubts, and why in this case we cannot provide a response. In addition, the name, surname, and patronymic of the responsible person who denies access must be indicated.
Successful Verification. If the User has successfully passed the data verification, we notify him or her and provide a response to the request.
Inquiry in general. Telemetr.io shall provide in response to the information requested by the User, depending on the type of inquiry.
Personal Data
User’s Website Visit. When the User visits the Website, he gives us his personal data under the following conditions:
- Personal Data. A version of a web browser, IP address, time zone, cookie information, what sites or products he views, search terms, and how he interacts with the Site.
- Purpose of collection. To load the Website accurately for the User, and to perform analytics on Website usage to optimize our Website.
- Source of collection. Collected automatically when the User accesses our Website.
- Legal Ground. Legitimate interest.
- Terms. While the User is using our Website and 1 year after.
User’s Chatbots Visit and Registration. When the User visits the Chatbots or registers in the Software, he gives us his personal data under the following conditions:
- Personal Data. First and last name, patronymic (if applicable), IP address, username in Telegram, photo, language, Telegram ID, and how he interacts with the Software.
- Purpose of collection. To load the Software accurately for the User, to perform analytics on Software usage to optimize our Software, to provide Services, and make marketings send out.
- Source of collection. Collected automatically when the User accesses our Software and Services.
- Legal Ground. Consent.
- Terms. While the User is using our Software and Services and 1 year after.
Subscriber’s Personal Data from Channels in Telegram. When the User adds Chatbots to his Channels or groups on Telegram, Telemetr.io process the personal data of the Subscribers under the following conditions:
- Personal Data. First and last name, patronymic (if applicable), username in Telegram, language, Telegram ID, gender, account status, messages, photo, and how they interact with the Channels on Telegram.
- Purpose of collection. To provide Services to the User, to perform analytics on Software, and improve its.
- Source of collection. Collected automatically when the Subscribers access Channels on Telegram.
- Legal Ground. Legitimate interest or other legal grounds, which the User uses for data processing with help of Telemetr.io.
- Terms. While the User is using our Software and Services and 1 year after.
User’s and admins’ Personal Data from Channels in Telegram. When the User adds Chatbots to his Channels or groups on Telegram, Telemetr.io process the personal data of the User and his admins under the following conditions:
- Personal Data. First and last name, patronymic (if applicable), username in Telegram, language, Telegram ID, gender, the right to administer other channels, and how they interact with the Channels on Telegram.
- Purpose of collection. To provide Services to the User, to perform analytics on Software, improve its and make marketings send out.
- Source of collection. Collected automatically when the User and admins access Channels on Telegram.
- Legal Ground. Legitimate interest.
- Terms. While the User is using our Software and Services and 1 year after.
Customer Support Information. When the User contacts our customer support, you give us your personal data under the following conditions:
- Personal Data collected. First and last name, patronymic (if applicable), username in Telegram, language, Telegram ID, gender, the right to administer other channels, and how they interact with the Channels on Telegram.
- Purpose of collection. To provide information about our product and services, consult how to use our Software, etc.
- Source of collection. Collected from the User.
- Legal Ground. Consent.
- Terms. While the user is using the Software and 1 year after.
Other processing conditions. These are other conditions apply to your data processing:
- Data source. We process personal data received from the User and public sources. If in the future, we process personal data obtained from Third Parties, we will notify the User of this.
- Data storage. User’s personal data is stored on servers in Germany and Finland.

Consent on Cookies. The User consent to the use of cookies by clicking the appropriate button at the first appearance of the Cookie banner. At the same time, the User can choose which cookies will be used and later change the settings.

Withdrawal of consent. The User may not consent to the use of cookies by clicking on the appropriate button at the first appearance of the Cookie banner or later withdraw such consent. Only Strictly Necessary Cookies will be collected and processed in this way.

Cookie:	Goal:	Timeframe:	Co-controller:
Strictly Necessary
_hjSession_{site_id}	Holds current session data Ensures subsequent requests in the session window are attributed to the same session	30 minutes, extended on user activity.	Hotjar
Connect.sid	This cookie is used for authentication and for secure log-in. It registers the log- in information	1 day	Mopad
OptanonConsent	Stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category	1 year	Mailchimp
Performance
_ga	Analytics	2 years	Google
_hjSessionUser_{site_id}	Persists the User ID which is unique to that site Ensures data from subsequent visits to the same site are attributed to the same user ID	365 days	Hotjar
_gcl_au	Analytics, advertising	90 days	Google
Targeting
_cs_id	Advertising	13 months	ContentSquare
_hjIncludedInSessionSample_{site_id}	Determine if a user is included in the data sampling defined by your site's daily session limit	2 minutes, extended every 30 seconds.	Hotjar
Ajs_user_id	This cookie helps track visitor usage, events, target marketing, and can also measure application performance and stability	1 year	Segment.com
ajs_anonymous_id	To store last visit	1 year	Segment.com
Functionality
lang	Used to remember the user's language settings.	session	Telemetr.io
_BEAMER_FIRST_VISIT_	This cookie stores the date of the user's first visit to the site so it can display recent updates.	300 days	Beamer
_BEAMER_USER_ID_	Stores an internal ID for this user.	300 days	Beamer
NEXT_LOCALE	This cookie helps us with remembering your preffered language and contains only the ISO code of the language.	365 days	Telemetr.io
_hjSessionUser_{site_id}	Ensures data from subsequent visits to the same site are attributed to the same user ID.	365 days	Hotjar
_cs_c	To store cookie consent preferences.	13 months	ContentSquare
Unclassified
Utm_params	Pending	session	Telemetr.io
In case of disagreement between this Cookie Notice and the cookie banner regarding the classification, number, description and properties of cookies, the cookie banner takes precedence.

Advertisement
Direct marketing. We will send the User emails, SMS, push messages and another type of electronic messages and make a phone call if you give your consent or ask us to do so.
Advertisement on the Software. Telemetr.io will display advertisements on our Software based on a legitimate interest to promote our services and earn money on our business, or if the User gives consent to another physical or legal entity to use your personal data through, for example, Google AdSense or Facebook Network Audience.
Targeting Marketing. We will use targeting marketing via Co-controllers services based on User’s consent given to our Co-controller (for example, social networks, search engines, websites, mobile applications, and other Internet platforms).
Data for Targeting Marketing. Telemetr.io may use the next type of personal data for targeting the User:
- Full name.
- Sex, gender, marital status, and age.
- Registration and residence address.
- Phone number links to social networks, and instant messengers.
- Information about friends and contacts.
- Physical and email address.
- Place of work.
- Search terms and preferences.
- Reactions.
- Information from accounts.
- Any other information.
Basis of targeting marketing. Telemetr.io processes this personal data based on joining to the Terms of Use and under the Privacy Notices of our Co-controllers, on the grounds and for the purposes specified in the documents of the respective platforms.
Right exercise on targeted marketing. To exercise Users’ rights, they need to check the settings of the respective platforms and/or contact their support services.
Other Processing
Minors. We don’t process the personal data of people who are under 16 years.
Profiling. We don’t use profiling on the User.
Selling Personal Data. We will not sell User’s personal data at all, without their consent.
Data processing in corporate changing. During a corporate change of our legal entity, User’s personal data may be given to a new Controller, Co-controller, and/or processor.

Processors

Software:	Co-controller:	Goal of use:	Privacy Notice:
Google Workspace	Google LLC	Creating e-mail with the company’s domain name, document workflow, creating forms etc.	Link
Telegram	Telegram Messenger Inc	Communication, marketing and service provision	Link
Jira	Atlassian, Inc.	Track issues, manage projects	Link
Confluence	Atlassian, Inc.	Information management, documentation workflow	Link
Sentry	Functional Software, Inc. d/b/a Sentry	Application monitoring solution	Link
Miro	RealtimeBoard, Inc. dba Miro	Mind map and wireframe creation	Link
Figma	Figma, Inc	Design and mind map creation	Link
GitLab	GitLab B.V. and GitLab, Inc	Software Development, hosting and versions control	Link
Peopleforce	PEOPLEFORCE LTD	HR and recruiting automatization	Link
Hetzner	Hetzner Online GmbH	Hosting for Website, Chatbots, etc.	Link
Freehost	ПП «Фріхост»	Hosting for Website, Chatbots, etc.	Link
Cloudflare	Clouldflare Inc.	Software protection	Link
We may share User’s personal data with any processors when it is necessary to provide services to you or for our business.

Co-controllers

Software:	Co-controller:	Goal:	Privacy Notice:
Telegram	Telegram Messenger Inc.	Communication, marketing and service provision	Link
Google	Google LLC	Search engine and advertisement	Link
Facebook	Meta Platforms, Inc.	Advertisement	Link
Instagram	Meta Platforms, Inc.	Advertisement	Link
Google Analytics	Google LLC	Analytics, advertising	Link
Hotjar	Hotjar Ltd	To persist the User ID, to ensure data from subsequent visits	Link
Beamer	Joincube Inc	Software development, hosting, and versions control	Link
Segment	Twilio Ireland Limited	Analytics, marketing	Link
ContentSquare	Content Square SAS	Analytics	Link
Mopud	AppLovin Corporation	Analytics	Link
Mailchimp	Intuit Inc	Stores information about the categories of cookies the site uses and whether visitors have given or withdrawn consent for the use of each category.	Link
-	User and owners of groups and channels in Telegram	Analytics of groups and channels in Telegram	-
We may share User’s personal data with any processors when it is necessary to provide services to you or for our business.

Personal Data Protection
Protection in general. Telemetr.io protects personal data through technical and organizational measures.
Measures of protection. These measures include:
- HTTP connection with SSL and TLS certificates.
- Training employees in cyber security and data privacy via onboarding;
- Employees distribute access to personal data;
- Distribute storing in different databases;
- Safe servers for web hosting and data storage;
- Integration with Third Party’s software through official APIs;
- Strong password requirements.
HTTP connection with SSL and TLS certificates. An HTTP connection with SSL (Secure Sockets Layer) and TLS (Transport Layer Security) certificates is a secure method of establishing a connection between a client and server over the internet, encrypting the data transmitted between them to prevent eavesdropping, tampering or forgery.
You should visit only websites with an HTTP connection with SSL and TLS certificates.
Training employees in cyber security and data privacy via onboarding. This type of training covers topics such as password security, phishing awareness, social engineering attacks, data classification and handling, incident reporting, and other related topics to ensure that employees are aware of their role in maintaining the security of the organization's information assets and are equipped with the knowledge and skills to identify and mitigate security risks
You visit our training in cyber security and data privacy.
Distribute access to personal data. Employees' distribution access to personal data refers to the practice of granting access to personal data on a need-to-know basis, where employees are only given access to the personal data that is necessary for them to perform their job responsibilities.
You must not attempt to gain unauthorized access to personal data to which you should not have access and report any known to you such access by another employee or contractor.
Distribute storing in different databases. This approach ensures that the data is not stored in a single point of failure and can be accessed even if one of the databases or data centers is offline or unavailable. By distributing data storage in this way, Telemetr.io can improve its overall data resilience and reduce the impact of any potential data breaches or disasters that could affect the availability or integrity of data.
You must not attempt to gain unauthorized access to personal data in different databases to which you should not have access and report any known to you such access by another employee or contractor.
Safe servers for web hosting and data storage. This includes implementing security measures such as firewalls, intrusion detection systems, access controls, data encryption, backups, and disaster recovery plans. Safe servers also provide physical security measures, such as access controls, environmental controls, and power backups to ensure that servers remain operational even during power outages or other disruptions.
You must not attempt or interfere with the operation of these systems and report any incident of infringement.
Integration with Third Party’s software through official APIs. By using official APIs, organizations can securely exchange data and information with third-party services while minimizing the risk of security breaches or other issues that can arise from unauthorized integration. Official APIs provide a standardized, secure, and controlled way for applications to interact with each other, ensuring that data is transmitted and received in a secure and reliable manner.
When integrating with third-party software, employees and contractors must use only official APIs provided by the third-party service. The use of unauthorized integration methods or non-standardized APIs is strictly prohibited.
Strong password requirements. Include a combination of length, complexity, and uniqueness:
- The password length must be at least 12 characters;
- Use at least one uppercase letter, one lowercase letter, one number, and one symbol from the set of @#$%^&+=!?;
- Avoid using simple words and phrases, as well as personal information such as names, dates of birth, etc;
- Passwords must be unique and not reused for different accounts;
- It is recommended to change the password every 90 days. It is recommended to use two-factor authentication for additional account protection.
Personal Data Deletion
Consent. If Telemetr.io processes personal data based on the User’s consent and the User revoked this consent, we shall delete this personal data within 12 months after the revocation.
Contract. If Telemetr.io processes personal data based on the contract between us and the User or to conclude such contract and this contract was terminated or the conclusion of such contract was declined, we shall delete this personal data within 12 months after the termination or rejection.
Legal obligation. If Telemetr.io processes personal data based on our legal obligation, we shall delete this personal data within 12 months after the cancellation of this legal obligation.
Vital interest. If Telemetr.io processes personal data based on the User’s vital interest, we shall delete this personal data within 12 months after the termination of such vital interest.
Legitimate interest. If Telemetr.io processes personal data based on our legitimate interest and the User objects to our legitimate interest, we shall delete this personal data within 12 months after the objection.
Exceptions. The above-mentioned rules have the following exceptions:
- Business needs.Timeframes can be prolongated, but no longer than up to 24 months, in the case that the data deletion will interrupt our ongoing business;
- Legal requirements.The retention period can be prolongated if it is required by laws or ordered by a government body. In this case, the period will be prolongated according to such requirements;
- Technical impossibility.Some information is technically impossible or disproportionally difficult to delete. For e.g. deletion of the information may lead to a system integrity violation, or it is impossible to delete the information from the backup copies. In such cases, the information can be further stored;
- Anonymization.The User’s data can be further processed for our own purposes (e.g. marketing) if we fully anonymize these data after the retention period is expired. This means that all personal identifiers and connections to them will be deleted from the data.
Data Breach Notification
Response Team. If a Data Breach is detected, a team consisting of specialists, including external specialists, and the management of Telemetr.io must be established. The team should deal with eliminating Data Breach and/or minimizing its consequences. One of the authorized members of the group shall alert the DPA about Data Breach. And, if necessary, also the data subject. Each Data Breach must be recorded and described.
Notifying the DPA. We shall notify the respective DPA within 72 hours after we become aware of the data breach and report the following information:
- Describe the nature of the data breach.
- Contain the name and contact details of the responsible person from whom more can be obtained more information.
- Describe the possible consequences of the data breach.
- Describe the measures taken or proposed by us to address the data breach.
Notifying the User. If a data breach may lead to a violation of the User’s rights and freedoms or has a high risk of this, we shall immediately inform you of the fact of the data breach and report the following information:
- Describe in clear and simple language the nature of the data breach.
- Contain the name and contact details of the responsible person from whom more can be obtained more information.
- Describe the possible consequences of breaching the security of personal data.
- Describe the measures taken or proposed by us to address the data breach.
- Provide you with useful tips and know-how that can help you in reducing the risks of a data breach.
Contact Information
Contact Telemetr.io. The User can ask us any question about his personal data or make a complaint through the following e-mail: [email protected]. We will give you an answer as soon as possible, but no more than 30 calendar days
Contact our Processors and Co-controllers. The User can make inquiries or complaints to our Processors and Co-controllers via any available means of contact on their websites. The timing and procedure for responding depend on the internal policies of our Processors and Co-controllers
Contact DPA. The User can ask DPA any question about his personal data or make a complaint through the following link:https://edpb.europa.eu/about-edpb/about-edpb/members_en The timing and procedure for responding depend on the internal policies of DPA.
Miscellaneous
Effective date. This version of the Company Privacy Policy is valid from the Effective date
Employees Consent. Employees grant their consent to obey the Company Privacy Policy by signing labor contracts and/or service agreements with reference to the Company Privacy Policy. Employees oblige to obey the Company Privacy Policy during the duration of their contracts with Telemetr.io (if another not stated in the respective contracts)
Changes. Telemetr.io may make changes from time to time to the Company Privacy Policy. The new version will be valid from the time of the changes of the Effective date.
Governing law and Dispute resolution. This Company Privacy Policy is construed in accordance with Estonian legislation.
Languages. This Company Privacy Policy is available in English. If there are any differences between the English and any other translated versions, the English version will be the correct one.
Legal Information

Company Name: TELEMETRIO OÜ
Company Number: 16802664	VAT Number: Not applicable
Business Address: Harju maakond, Tallinn, Kesklinna linnaosa, Narva mnt 5, 10117
Email: [email protected]

Company Privacy Policy