Privacy Policy

This Privacy Policy (hereinafter referred to as the «Policy») informs you about the types, scope and purposes of processing of personal information (including personal data), which the Company may process when you use websites collabio.com and xcds.com ("Websites") or install Collabio Mobile and Desktop Applications, including, but not limited to: Collabio Spaces, Collabio Logos, Collabio Mail ("Applications").

Collabio Mobile and Desktop Applications are also referred to as «Applications». Websites and Applications together hereinafter referred to as the "Services".

For the purposes of the paragraph 7 of Article 4 GDPR Company is the data controller, unless otherwise stated.

1.1. Authorised person

Name:
XCDS International Limited ("Company").

Address:
53 Pont Street, Knightsbridge, London, SW1X 0BD.

Contact information:
contact@xcds.com

1.2. Types of Information Collected and Processed

We need to process your personal Information that you provide yourself when you use Applications. This information is necessary to ensure complete functionality of Applications and perform the requested services.
  • Authorization and/or Account Information. When you create an account, we ask you to provide your credentials and contact information.

  • Other Information directly related to how you use the Applications, such as documents you create, upload or share with the Application.
When using the Application, some information about your device and user behavior may be processed automatically. This information is usually not personal, meaning that it does not in itself allow us to establish a direct connection with any particular person, and we only receive it in aggregated form.

We process this information in order to improve our Application and provide our users with the best possible experience. If we do not get access to such data, we will most likely not be able to provide You with the full services and features of the Application.
  • We automatically collect from your device: language settings, IP address, time zone, type and model of a device, device settings, operating system, Internet service provider, mobile carrier, hardware ID, Facebook ID, and some other unique identifiers (such as IDFA and AAID).
  • Applications' crash reports.
For improving the Application we use third-party automatic data processing technologies to analyze certain information sent by your device or our app. We need this data to provide our services, analyze how our customers use the Application.

We can process data using such solutions as Facebook Analytics, Firebase Crashlytics, AppsFlyer. As a result, some of the data is stored and processed on these third parties servers. This allows us to analyze different interactions (how often users make subscriptions, how many users chose a particular area for improvement).

Consequently, we, in particular, better understand in what of our features and content you see the most value and are able to focus on them to enhance your experience and increase the quality of our products.

1.3. Processing of special categories of personal data

We do not collect or process any special categories of personal data (in accordance with article 9 (1) of the GDPR).

1.4. Categories of data subjects
  • users of Applications;
  • Websites visitors;
1.5. Processing objectives
  • to provide stable operation of Applications;
  • to maintain and improve Applications;
  • to develop new functions of Applications;
  • to provide security and reliability of Applications.
  • to serve ads
1.6. Last updated
1 October 2020.
In accordance with Article 13 GDPR, we inform you about the legal basis for the processing of your personal data.

If the legal basis is not mentioned directly, the following applies:
  • the legal basis for obtaining consent is Article 6, section 1, paragraph (a) and Article 7 GDPR;
  • the legal basis for the processing data for the fulfillment of our services and the execution of contractual measures as well as responding to enquiries is Article 6, section 1, paragraph (b) GDPR;
  • the legal basis for processing data in order to fulfill our legal obligations is Article 6, section 1, paragraph (c) GDPR;
  • the legal basis for processing data to protect our legitimate interests is Article 6, section 1, paragraph (f) GDPR;
If vital interests of the data subject or another natural person require a processing of personal data Article 6, section 1, paragraph (d) GDPR applies as the legal basis.
1. Introduction
2. Applicable legal basis
3. Changes and amendments to this Policy
Please read this Policy regularly. The policy will adapt to regulatory changes.
The current version of the Policy is available at https://collabio.com/privacy/ and https://collabio.com/app/privacy

As soon as the changes require your additional consent or obligatory familiarization, you will be informed about this fact.
4. Information Security
We will take appropriate technical and organizational measures to ensure a level of protection appropriate to the risk, in accordance with Article 32 GDPR, taking into account the state of the art, implementation costs and the nature, scope, circumstances and purposes of processing and the different likelihood and severity of the risk to the rights and freedoms of natural persons.

These measures shall include in particular safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as the access, input, transmission, security of availability and its separation.

Furthermore, we have established procedures that guarantee the exercise of rights of the data subjects, deletion of Data and reaction to Data risks. Furthermore, we already consider the protection of personal Data during the development or selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and data protection-friendly presetting (Article 25 GDPR).

The security measures include the encrypted transmission of Data between your browser and our servers (TLS).
5. Data processing
5.1. Websites

When you use the Company's Websites for identification and troubleshooting purposes, log files containing your personal information are kept (section 5.4 of this Policy).

When you use the Company's Websites, the Cookies files are used (section 5.3 of this Policy).

5.2. Applications

When you use the Mobile Applications, for the purposes of analysis and optimization, as well as detection and correction of errors in the Applications the following information is transferred to third parties (see section 6 of this Policy):
  • Device information;
  • Applications usage data;
  • Applications crash reports.
When you use Desktop Аpplications, information and data specified in section 6 of this Рolicy will not be shared or transfered to third parties.

5.3. Cookies

Cookies are small files or other packets of data. Cookies contain information that is transferred from our web server or third-party web servers to the users' web browser, where they are saved for future access.

We use "session cookies", which saved only during user access our Services. A unique, randomly generated identification number is saved to a session cookie (session ID). A cookie also contains information about its source and the storage period. These cookies cannot save any other data. Session cookies are deleted when you have finished using our Services and you have, for example, logged out.

This privacy policy informs the user about the use of cookies to carry out randomized pseudonymized media measurement.

If users do not want to have cookies saved to their device, they will be asked to deactivate the respective option in their browser settings. Saved cookies can be deleted by changing browser settings.

Excluding cookies can limit the functionality of Services.

5.4. Logs

Based on our legitimate interests, pursuant to Article 6, section 1, paragraph (f) GDPR, we save data each time the server on which this service is located (server log files) is accessed.

This access data includes the name of the website accessed, the file, date and time it was accessed, the amount of data transferred, notifications regarding a successful retrieval, browser type and version, the user's operating system, referrer URL (the previously visited site), IP address and the provider through which it was accessed.

For security reasons log file information is saved for a maximum of seven days, after which it is deleted.

Data that must be saved longer for evidentiary purposes are exempt from deletion and are saved until the respective incident has been resolved.
Data transmitted to Facebook Analytics neither stored or transferred to other services or resources, nor associated with other data available to Facebook.

For more information on Facebook's privacy settings, please access Facebook Inc.'s privacy policy and their terms of service:

Explanation

GDPR

Terms

Facebook is certified under the Privacy Shield
    Analytical data transfer can be disabled in the Application settings.

    6.2. Firebase Crashlytics

    We use Firebase Crashlytics — a service offered by Fabric — a company owned by Google Inc. 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

    Firebase Crashlytics provides us information about crashes and malfunctions in Applications.

    In case of malfunction or failure, the following information is transmitted to Firebase Crashlytics:
    • IP-address of the device;
    • information about the device, such as: device ID, model and device type, name and version of the operating system, settings and language of the device;
    • version and functionality of the application;
    • time of failure.
    Data transmitted to Firebase Crashlytics is neither stored or transferred to other services or resources, nor associated with other data available to Google.

    For more information on Firebase Crashlytics privacy settings, please access:

    Crashlytics

    Data processing terms.

    Google privacy policy.

    Google is certified under the Privacy Shield.

    The transfer of information about crashes and malfunctions to the Firebase Crashlytics service can be disabled in the Application settings.

    6.3. AppsFlyer

    We use AppsFlyer — a service offered by AppsFlyer Inc., 100 First Street, Suite 2500, San Francisco, California 94105, USA, for mobile attribution and marketing analytics.

    The following information may be received and processed:
    • Technical Information: browser type, device type and model, CPU, system language, memory, OS version, Wi-Fi status, time stamp and zone, device motion parameters and carrier.
    • Technical Identifiers: unique identifiers of computer, device, browser or Application, such as: IP address (which may also provide general location information), user agent, IDFA (identifier for advertisers), Android ID (in Android devices), Google Advertiser ID and other similar unique identifiers.
    • Engagement Information: user actions, such as: clicks on ads, ad impressions viewed, audiences or segments to which an ad campaign is attributed, the type of ads and the webpage or Application from which such ads were displayed, the webpages list, the URL from the referring website, downloads and installations of Applications, and other interactions, events and actions in Applications or Websites.
    Data transmitted to AppsFlyer is neither stored nor transferred to third parties.

    For more information on AppsFlyer privacy settings, please access:

    Security and privacy
    GDPR-CCPA
    Appsflyer approach to security and privacy

    AppsFlyer privacy policy.
      AppsFlyer is certified under the Privacy Shield:
      Privacy Shield status

      Analytical data transfer can be disabled in the Application settings.
      6. Third parties
      Our Websites and Applications are not intended for children under 16 years of age.

      Thus, we do not collect, at least knowingly, information about persons under 16 years of age, and do not transfer it to third parties.
      7. Restrictions
      Data processed by us are deleted or the processing thereof is restricted pursuant to Articles 17 and 18 GDPR.

      Unless expressly indicated under this Policy, data that we save is deleted as soon as it is no longer required for the intended purpose and the deletion thereof is not contrary to any legal duty to keep and retain these data.
      8. Erasure of data
      You are not obliged to consent to the transfer of your data to us and/or third parties.

      If you refuse to provide your data to us and/or third parties you cannot use the Websites, Applications that require you to provide certain data.

      In case of processing your data in accordance with this Police you have the following rights:
      • the right to demand access to your data, as well as correcting or removing your data or limiting processing, as well as the right to data portability;
      • the right to withdraw consent at any time without affecting the validity of the processing performed prior to such withdrawal of consent;
      • the right to file a complaint with the supervisory authority.
      If you have any questions, requirements or requests related to the processing of your data in accordance with this Policy you can contact us using the contact information in section 1.1. of this Policy.
      9. Rights
      For the purposes of analysis, optimization, and troubleshooting in the Applications, in accordance with the Article 45 GDPR we share your information to third parties that comply with the requirements of the GDPR and have a certificate of compliance with EU-U.S. Privacy Shield and SWISS-U.S. Privacy Shield, such as:
      • Facebook Analytics;
      • Firebase Crashlytics;
      • AppsFlyer.
      6.1. Facebook Analytics

      We use Facebook Analytics – service offered by Facebook, Inc., 1601 Willow Road, Menlo Park, CA 94025, USA to collect and analyze Applications technical and usage data.

      The following information is transmitted to Facebook Analytics:
      • location data, such as: country, region and city, obtained by converting the IP address;
      • device info, such as: device ID, device model and type, name and version of device operation system, device settings and language settings;
      • identifiers and results of operations performed;
      • Application version.
      Facebook Analytics is used in Applications in accordance with the Facebook recommendations:

      Getting started


      App events

      Collabio® Spaces is an all-in-one office suite tool for iOS and macOS, that empowers you to get the most from fully-featured office-format editing, serverless co-authoring, organising documents in convenient spaces and many more!
      Downloads
      Product
      Help
      Company
      Follow us
      FAQ
      If you need support, reach out to us at
      We're always ready to help!
      © XCDS International Ltd., 2013-2021. All rights reserved.