Features
Use Cases
Contacts
Sign in
Try for free
Sign in
Try for free
Version 1.0.
Effective as of January 1, 2020.

Data Protection Policy (Europe)

Since the CJEU invalidated EU-US Data Protection Shield, we supplement the Policy with Standard Contractual Clauses which you join after you give consent.

1.5

We process personal data after you provide us with your consent. You are free to refuse your consent at any time. You will see consent options when you visit the Website for first time.

1.4

The Policy is applied to European Economic Area and European Union citizens only and is made up in order to comply with GDPR.

1.3

The Policy is applied when the user (“you”) uses our website (www.contract.one, the “Website”) or our software (Contract.one platform, the “Software”).

1.2

This policy (the “Policy”) of Contract.one, Inc (the “Company”, “we”) describes how we process personal data.

1.1

Purpose and scope

1

You may object to us using your personal data for our marketing purposes by contacting us in writing or by unsubscribing from our emailing list
(Clause 9.2).

(5)

the right to withdraw.
You can request to erase and stop processing your personal data. Your consent withdrawal means immediate termination of our relationship.

(4)

the right to rectification.
In case if there are some inaccuracies in your data, you have the right to rectify it (Clause 9.5.2).

(3)

the right of access.
You have the right to request (I) a copy of your personal data, (II) the purposes of processing, (III) an information on the third parties or categories of third parties that receives your data.

(2)

the right to be informed.
You have the right to request an information on how we process your personal data and with whom we share it (Sections 5 and 6).

(1)

Before giving a consent to process your personal data, we must provide you with information on rights with regards to data processing:

Your rights

2

Integrity and confidentiality: we always process personal data securely.

(6)

Storage limitation: we don't store personal data for longer than we need to;

(5)

Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data is kept up to date.

The Company shall take reasonable steps to ensure personal data is accurate.

Accuracy: we make sure that any personal data we hold is adequate and accurate.

(4)

The Company shall ensure that personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

Data minimization: we don't process any more data than we need.

(3)

Purpose limitation: we only process personal data for the specific reason we collected it and nothing else;

(2)

Lawfulness, fairness, and transparency: we obey the law; only process personal data in a way that people would reasonably expect; always are open about our data protection practices;

(1)

The Company complies with the following principles:

Our Principles

3

Data Processor

4.2

Data Controller

4.1

Amazon Web Services, Inc.
410 Terry Avenue North,
Seattle, WA 98109-5210

Contract.one, Inc.
2035 Sunset Lake Road,
Suite B-2
Newark, DE 19702

Description and comments

Information

Data Controller and Data Processor

4

Personal data from third parties

5.5

Cookies, pixel tags and other similar technologies data

5.4

Data from your device and log files

5.3

Content

5.2

Account information

5.1

We may receive personal data about how you use the Website from third parties (for example, from providers of online marketing services). Such Information can be statistics of using the Website, the ways, how you get to the Website etc.

(2)

Another user may provide us with your email to invite you to use the Software.

(1)

Pixel tags are small pieces of code, which we may embed on the Website and to emails. They allow us to understand, for example, when you opened our email and if you are actually notified about personal data that is important to you.

(2)

You can set up your browser not to accept cookies, but this may limit your ability to use the Software or break it.

cookies are small files, which identify you as a unique user by storing certain information about you, for example, login information or your preferences.

(1)

the device and the browser you use, IP address, internet provider, the time you visited the Website, which pages you visited on the Website, which Software features you used etc.

documents, messages, comments etc., which you upload.

personal data, which you give us when register or manage the account — for example, your name, email, photo, payment information (if applicable).

Details

Information Type

Data we process

5

any member of our group (subsidiaries, corporate affiliates, if any).

(7)

any third party, which is involved into change of our business (merger, acquisition etc.);

(6)

any third party, which is specified by other Software user who has lawful access to your personal data, for example when another Software user has access to the same project as you do, and has enough rights to invite a new user to that project;

(5)

protect our rights;

(iii)

prevent a fraud against users or us;

(ii)

to comply with the law;

(i)

any third party if we reasonably consider the disclosure necessary —

(4)

The Policy is not applied to any third parties’ software (if any). Please, study such third parties’ privacy policy;

The Software feature may be available, which on demand allows to integrate the Software with third parties’ software. We may share personal data with such third parties if you or other Software user ask for such integration.

integrated services providers.

(3)

When you use the Website, such software may collect personal data about your online activities on other websites and over time;

trusted services providers — for example, providers of the analytical software, which allows to search vulnerabilities.

(2)

It is necessary to arrange communication between the users. For example, your name and photo are automatically displayed when you comment a contract;

with other users.

(1)

We may share personal data:

With whom we may share information

6

However, any data transmission via the Internet is not 100 % secure. So, we do not warrant the security of personal data you transmit to or from the Software, and you do it at your own risk.

7.2

Appropriate back-up and disaster recovery solutions shall be in place.

(4)

When personal data is deleted this should be done safely such that the data is irrecoverable.

(3)

Access to personal data is limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.

(2)

We make sure that personal data is stored securely using modern technology that is kept-up-to-date.

(1)

Security of personal data is important for us. We do our best to protect Information from unauthorized access, destruction, use, modification or disclosure.

7.1

Security

7

The Company shall also report on data breach to the relevant supervisory authority within 72 hours after breach detection.

8.2

In case of determination of the breach of security, the Company shall provide notice of any breach of security to all the Software users that were affected by such breach. We will send the notice to the users’ email addresses that saved in the Software within 72 hours after we determine the breach.

8.1

Breach

8

Please contact our Data Protection Officer at security@contract.one if you feel something is not addressed in the Policy or have further questions. Or contact us at global@contract.one.

Contact

9.8

You may provide us with feedback about the Software. You grant us a perpetual, irrevocable, worldwide, royalty-free license to use such feedback in any manner.

Feedback

9.7

We will delete your personal data after 36 months after your last logout from the Software. We may delete it earlier.

9.6.2

comply with our obligations, resolve disputes, enforce our agreements.

(ii)

to provide you with the Software; or

(i)

we need personal data —

(2)

your account is active; or

(1)

We will retain personal data for as long as:

9.6.1

Retention

9.6

Your account Information
(Clause 5.1)

9.5.2

Your comments to the documents (Clause 5.2)

9.5.1

please, log in to your account and go to the settings page.

just click the comment and change the text. Some changes may be limited to keep transparency and honesty of communication between the users.

How to update

Personal data you can update

Updating Information

9.5

Storage, processing and transmission of personal data are governed by the law of the State of Delaware.

Governing Law

9.4

You may set up do not track feature for your browser, which allows to avoid tracking your interactions with third parties’ websites over time. However, the Website currently does not respond do not track signals from browsers.

Do Not Track

9.3

We may from time to time send you emails, for example, about new Software features. You can opt out at any time by clicking the unsubscribe link in any email.

Opt Out from Commercial Emails

9.2

If you do not accept the changes to the Policy, please, stop using the Software. If you use the Software subject to invitation from the Customer, please, instruct the Customer to ask us to remove personal data it controls.

9.1.2

We may change the Policy and in that case will make the changes available to you.

9.1.1

Changes to Policy

9.1

Other provisions

9
Anton Vashkevich,
President and CEO