Privacy Policy
This policy covers how Oathello handles both personal and non-personal information that Oathello collects and receives. Oathello will never release any information that can identify you as an individual. Any information collected, via means of submitted data or server logs, is safely and securely stored.
Data protection and GDPR
Oathello is based in Ireland & the UK. The information you provide to us will be transferred to and stored on our servers which may be in or outside the European Economic Area, and may be accessed by or given to our staff working outside Ireland and third parties including companies within the Oathello group of companies (which means our subsidiaries and affiliates, our ultimate holding company and its subsidiaries and affiliates) who act for us for the purposes set out in this policy or for other purposes notified to you. Countries outside the European Economic Area do not always have strong data protection laws. However, we will always take steps to ensure that your information is treated in accordance with this policy. We fully comply with GDPR as below.
Oathello is a data processor with our customers being a data controller. Oathello will also act as a data controller but only for our direct customer’s data. The end user, the person actually using Oathello, is the data subject and has a direct relationship with the data controller.
Use of 3rd party processors
Oathello is committed to notifying controllers when, or if, a change in 3rd party data processors are made. For example, if Oathello was to use a different file storage provider (we currently use AWS), notification of this change would be made with the right to object. We maintain a strict control over the types of 3rd party processors that we use and we keep this to an absolute minimum, where required.
Right of data erasure
When a data controller deletes something from their Oathello account, it will be deleted on our systems, as well as on any 3rd party systems that we use.
Right of data portability
Oathello provides tools which allow a data controller to download a full export of their account, which can be used by the data controller to fulfil their obligations to the end user (or data subject).
Co-operation with Information Commissions Officer
Oathello is fully registered with the ICO and is committed to complying with the ICO on any data security matter.
Notice of breach
Oathello is committed to notifying its customers of any breach in data, within 72 hours of discovering it. This will be communicated via email, via the main email address on your account.
Third Party information
Oathello will not sell any personal identifying information to any Third Party, but may provide non personal identifying data to Third Parties. Oathello may contain links to websites outside of our control and as such cannot be held responsible for any data collection methods they employ or data distribution methods.
Collected information
Oathello monitors and analyses its website logs, to ensure that the website is performing to the best of its ability and to ascertain demographic information. Data collected includes IP addresses, dates & times, URL’s visited and actions performed.
Cookies
Oathello makes use of “session cookies” to log registered users into the Oathello system and “persistent cookies” to retain data over a series of sessions (e.g. promotion tracking). Cookies set by Oathello shall never contain personal identifying information.
Opting out of emails from Oathello
At the bottom of every email that is sent to either you, as a Oathello customer will be a link which you can click which will unsubscribe from all emails from Oathello. Please be aware that if you choose to do this you won’t receive any emails from Oathello. This includes billing notifications, request for signature emails and important information about your account.
END OF POLICY