Privacy Policy for Spark

Last Updated: 23-Feb-2024

This Privacy Policy covers the practices of Spark ("we", "us", or "our") concerning the collection, use, and disclosure of your personal information when you use our services and the choices you have regarding your information. We are committed to protecting your privacy and ensuring the security of your personal information.

By using Spark and its services, you agree to the collection and use of your information as described in this Privacy Policy. If you have any questions or concerns about our policy or practices, please contact us at dpo@sparkit.ai

Table of Contents

  1. Information We Collect
  1. How We Use Your Information
  1. Legal Basis for Processing
  1. Sharing Your Information
  1. Data Retention
  1. Data Security
  1. International Data Transfers
  1. Your Rights and Choices
  1. Third-Party Links
  1. EU Representative Contact
  1. Changes to This Privacy Policy
  1. Contact Us

1. Information We Collect

We collect personal information from you when you interact with our services, such as when you:

  • Create an account
  • Contact our support team
  • Participate in surveys, promotions, or events

The information we collect may include:

1.1. Personal Information

  • Contact information, such as your name, email address, and phone number
  • Account information, such as your username, password, and preferences
  • Billing information, such as your credit card details and billing address

We shall keep all Personal Information confidential and shall only process Personal Information on behalf of and in accordance with your instructions. For the avoidance of doubt, we will only comply with such instructions that are not in contravention with the applicable laws, including but not limited to privacy and/or data protection laws enforceable at the time.

To avoid confusion, rest assured that any Non-personal Information combined with Personal Information shall be regarded as Personal information.

1.2. Usage Information

  • Events you create, content you generate, and your interactions with our platform
  • Information about your device, browser, and operating system
  • Your IP address, browsing history, and other usage data

1.3. Information from Third Parties

  • We may receive information about you from third parties, such as social media platforms, if you choose to connect your Spark account to these services

1.4. Cookies and Similar Technologies

We use cookies and similar tracking technologies to collect and store information about your interaction with our platform. Cookies are small text files that are stored on your device by your web browser. We use both session and persistent cookies, as well as first-party and third-party cookies, for various purposes, such as:

  • Remembering your login information and preferences
  • Analyzing platform usage and trends to improve our services
  • Delivering personalized content and advertising

You can manage your cookie preferences or opt-out of cookies through your browser settings. However, please note that disabling cookies may affect your experience and the functionality of our platform.

2. How We Use Your Information

We use the personal data we collect for various purposes, including:

  • To provide and maintain our Service
  • To notify you about changes to our Service
  • To enable your participation in interactive features of our Service, when you choose to do so
  • To offer customer support
  • To gather insights and valuable information for improving our Service
  • To monitor the usage of our Service and ensure its proper functioning
  • To fulfill the purposes for which you provided the information
  • To carry out our obligations and enforce our rights arising from contracts between you and us, including billing and collection
  • To send you notices about your account and/or subscription, such as expiration and renewal notices or email instructions
  • To provide you with news, special offers, and general information about other goods, services, or events we offer that are similar to those you have already purchased or inquired about, unless you have opted not to receive such information
  • To process your personal data for any other purpose, with your consent

3. Legal Basis for Processing

We process your personal information based on one or more of the following legal grounds:

  • Your consent
  • The performance of a contract or to take steps at your request before entering into a contract
  • Compliance with a legal obligation
  • Our legitimate business interests, such as improving our services and providing a secure platform

4. Sharing Your Information

We ensure that our third-party service providers maintain an adequate level of data protection and privacy by including contractual agreements and requiring adherence to specific data protection frameworks, such as the GDPR compliance.

4.1. Service Providers

  • We engage third-party service providers to help us operate and maintain our platform, such as hosting, payment processing, analytics, and customer support services

4.2. Legal Requirements and Business Transfers

  • We may disclose your personal information to law enforcement or government agencies when required by law or to protect our users and services
  • In connection with a merger, acquisition, or sale of our assets, we may transfer your personal information to the relevant parties.

5. Data Retention

We will retain your information for as long as your account is active or as needed to provide you Services. If you wish to cancel your account or request that we no longer use your information to provide you services, you may delete your account by sending a request to delete your account to “dpo@sparkit.ai” or by requesting that your Organization owner remove you.

5.1. Sub processors

Spark makes use of third parties Sub-processors to provide specific functions with in the Services. The Sub-providers and their purposes are listed as below. In order to provide the relevant functionality these Sub-processors access Service Data only for the use of the indicated services.

Entity Name Function Country
Amazon Web Services Infrastructure US
Imperva WAF & CDN US
Microsoft Corporation LLM US
Squeaky Analytics Netherland
Chargebee Subscription Management Eu, US

6. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it from unauthorized access, disclosure, alteration, or destruction. Our security measures include:

  • Secure Sockets Layer (SSL) encryption to protect the transmission of your sensitive information
  • Secure server infrastructure with firewalls and intrusion detection/prevention systems
  • Regular security reviews and vulnerability assessments to ensure the ongoing protection of our systems
  • Limiting access to your personal information to employees, contractors, and service providers who need the information to perform their job duties and who are subject to strict contractual confidentiality obligations
  • Employee training and awareness programs to promote a culture of security and privacy

However, no method of transmission or storage is 100% secure, and we cannot guarantee the absolute security of your information.

6.1. Data Breach Notification Process

In the event of a data breach, we will promptly investigate and take appropriate steps to mitigate the impact of the breach. We will notify affected users and relevant authorities, as required by applicable laws, within a reasonable timeframe. Our notification will include information about the nature of the breach, the steps we have taken in response, and any recommended actions for users to protect their personal information.

7. International Data Transfers

As a global company, we may transfer, process, and store your personal information in countries outside of your country of residence. By using our services, you consent to the transfer of your information to these countries. We will take steps to ensure that your information receives an adequate level of protection in accordance with this Privacy Policy and applicable data protection laws.

8. Your Rights and Choices

You have certain rights regarding your personal information, subject to local data protection laws. These may include:

  • The right to access, update, or delete your personal information
  • The right to restrict or object to the processing of your personal information
  • The right to withdraw your consent, where applicable
  • The right to lodge a complaint with a supervisory authority

8.1. California Consumer Privacy Act (CCPA) Rights

If you are a California resident, you have specific rights under the CCPA, including the right to:

  • Know what personal information we collect, use, disclose, and sell
  • Access and obtain a copy of your personal information
  • Request the deletion of your personal information
  • Opt-out of the sale of your personal information (if applicable)
  • Not be discriminated against for exercising your CCPA rights

To exercise your CCPA rights or learn more about your privacy options, please contact us at dpo@sparkit.ai

8.2. General Data Protection Regulation (GDPR) Rights

If you are a resident of the European Union, you have specific rights under the GDPR, including the right to:

  • Access, correct, update, or request deletion of your personal information
  • Object to the processing of your personal information
  • Restrict the processing of your personal information
  • Request the transfer of your personal information to another service provider (data portability)
  • Withdraw your consent at any time (if we rely on your consent to process your personal information)

To exercise your GDPR rights or learn more about your privacy options, please contact dpo@sparkit.ai

9. Third-Party Links

Our services may contain links to third-party websites and services that are not operated by us. This Privacy Policy does not apply to these third-party websites, and we are not responsible for their content, privacy practices, or security. We encourage you to review the privacy policies of any third-party websites you visit.

10. EU Representative Contact

Pursuant to Article 27 of Europe’s General Data Protection Regulation (GDPR), GlobalSign.In Pte Ltd in has appointed European Data Protection Office (EDPO) as its GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR by sending an email to privacy@edpo.brussels, using EDPO’s online request form, or writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other factors. We will notify you of any significant changes by posting a notice on our website or by contacting you directly. We encourage you to review this Privacy Policy periodically to stay informed about our practices.

12. Contact Us

If you have any questions or concerns about our Privacy Policy or practices, please contact us at dpo@sparkit.ai

Your privacy is important to us, and we are committed to addressing any concerns you may have.