Overview of the Platform
The Dynamic Signal service is a cloud-based Employee Communication and Engagement platform hosted and operated by DySi (the “Platform”) that enables a company or other organization (“Organization”) to communicate with you, other employees and/or individuals authorized (collectively, “Users”) by the Organization to use the Platform.
How it works? An Organization (e.g. your employer) contractually engages DySi to establish a unique instance on our Platform. The Organization’s Platform instance is accessible through a website and a mobile app where Users may view and comment on Organization-related content such as information about products, services, events and other content chosen and posted onto the Platform by the Organization (“Organization content”), and where Users may view such content and potentially share it with other Users or outside the Platform. The Organization can enable the Platform to connect your social media sites with your User account, but only with your express consent, which you may withdraw at any time.
The Organization (e.g. your employer) controls the Platform content and other information collected from you when your account is created and during use of the Service. To that end, we have signed an agreement with your Organization that defines how this information should be used and, we only will use information according to this agreement (the “customer agreement”).
Your Organization also defines the scope of the community in its unique instance of our Platform (a “Community”), and some Organizations opt to include a larger Community beyond their own employees (for example, business partners or alumni). You may request more information on what subgroups are a part of your Community from the Organization you are associated with. Only those in your Community can view other User profiles and feeds on the Organization’s instance of the Platform.
We collect different types of personal data from our Platform. Users and Organizations may provide personal data to us through the Platform in a number of different ways, from registration to communications, or when uploading content within and outside the Platform.
Account registration: Basic account information that you or your Organization provide to us when setting up a user account, consist of your name and corporate email address. Other information includes your language, subscription or notification preferences, privileges assigned in the platform, your role or job title within your organization and dates such as your work anniversary or birthday. Depending on how the Community is configured by the Organization, some of this information may be optional, collected or added at a later date by our organization, or not collected at all.
Other optional information: You may, optionally, choose to provide your mobile phone number (if you desire to enable SMS notifications) and add other information about yourself, such as a photo or birthday, to your profile.
Platform content: You can post, upload and share content through the Platform, comment on others’ posts, and provide other information such as when you fill out a form, respond to a survey, or use the Platform to send emails or other communications. In addition, your Organization can create communications campaigns and share content with you through the Platform. Your Organization may make your contact information available to other Users of your instance of the Platform, through a company phone directory, messaging, or other similar services.
Metrics, maintenance and analytics: When you access or use the Platform, we may collect certain information automatically about your device and your use of the Platform. This will include IP addresses, browser types, log files, and other information regarding your system and connection. We collect information about how you access and use the Platform, such as what pages are viewed, when the profile was registered and what portions of the Platform are used. We also collect metrics related to comments, total posts that you viewed, shared, and submitted, and other activities you conduct through the Platform. This information is collected automatically through the use of various commonly used information-gathering technologies, including cookies and web beacons. Some of these cookies and web beacons can be turned off through your website browser; however, on a mobile device, including our mobile apps, you may not be able to turn them off. For additional information see our Cookie section below.
Information collected from Social Networking Sites (“SNS”): Some Organizations using our Platform provide their Users with the option to link some of the Users’ SNS (e.g. Facebook, Twitter, LinkedIn, etc.) to our Platform. As a User, you will then have the option to link your SNS to our Platform. Once connected, the SNS will send us your user profile (including profile photo, handle name) and analytics information about the posts you share on their platform, such as how many people potentially see a post, the number of responses generated by your content, and information about the activity related to your post (such as the number of likes and shares, but we will not have access to the actual responses or identity of individuals who interact with such content). This information may then be viewable by the Organization. Your SNS profile photo and handle name may also be viewable by other Users in your Community. We do not collect passwords to your SNS, as that information is confirmed by the SNS separate from our Platform. Certain SNS permit sharing without linking to our platform. In these cases, the information collected may be a subset of the above.
Use of Information
The Organization (e.g. your employer) controls the Platform content and other information we collect when providing you access to the Platform. Our agreement with your Organization defines how this information should be used and, we only will use it according to that agreement.
In general, DySi is the processor and your Organization is the controller, which means that our use of your personal data is based upon your Organization’s instructions or as defined in our customer agreement with the Organization. Some examples of these uses, as part of our legitimate interests to provide, operate and maintain the Platform on behalf of the Organization, include:
- To manage the Platform, system administration, and account management. The Platform’s administrative tools allow DySi’s employees involved in the support and maintenance of the Platform to view content in a network in order to troubleshoot specific issues, maintain and improve the Platform or perform other Platform-related functions, or as may be required by law. We also use third party analytics services for our web and mobile applications. We use these services for quality assurance, product interaction analysis, product improvement, and trouble-shooting.
- To process and complete transactions, including billing to a designated contact at an Organization;
- To handle Organization and Users’ inquiries and support requests, and to provide information and access to resources or services that they have requested from us;
- To compile aggregated data about the operation and use of the Platform and to better understand the preferences of Organizations and Users;
- To Conduct Quality-Assurance, and to carry out research and development to improve our products and services;
- To send Organizations and Users communications including technical alerts, reports, updates, security notifications and other service-related communications – according to their notifications preferences;
- To our relevant business contacts at your Organization, such as the Platform systems administrator or designated contact person (but not to general Users), which may also include marketing messages related to new product features, promotions or other information about our products or services; however you can opt-out of receiving these communications at any time;
- To investigate and prevent fraud, unauthorized access or use of the Platform, breaches of terms and policies, and other wrongful behavior;
- To enforce our agreements, and as required by applicable law.
Information We Share
We will only share and disclose your information according to the Organization’s (e.g. your employer’s) instructions or in furtherance of your request, for instance when you decide to share information within or outside the Platform. Examples include:
- With your Organization (e.g. your employer) and according to their instructions. We will share information collected with your Organization (e.g. your employer) or other entities, according to their instructions, and the customer agreement signed with us. In most instances this will include information you choose to actively provide (such as a comment to a posted article) and certain general broad-based usage analytics, if requested by your Organization. If you choose to link your SNS to our Platform your Organization will have access to your profile information and analytics related to your shares and posts.
- With other Users within and outside the Platform: if you choose to submit comments, post or upload content, you will share this content with others within your Community. You can also decide to share this information outside the Platform with a wider audience, for instance when you share this information through your Social Networking Site (SNS) – e.g. Facebook, Linkedin, Twitter, etc. When you choose to link your SNS to our Platform some information from your SNS (e.g. profile photo and handle name) will also be viewable by other Users within your Community.
- Within the DySi group of companies, for the purposes outlined in this Policy. For clarity, DySi is based in California, USA and has one wholly-owned subsidiary in the U.K, but may include other offices that may be established in the future.
- To vendors and other third-party service providers who may have access to your personal data to assist in the provision of the Platform service and other business-related functions such as cloud storage, mobile phone push data, email provisioning and usage analytics.
- To law enforcement authorities, government agencies, or judicial courts. We may be required to disclose personal data that we handle in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, in connection with the sale, transfer, merger, bankruptcy, restructuring or other reorganization of our business; to protect or defend our rights, interests or property, or that of third parties; to investigate any wrongdoing in connection with the Website, our Platform or our services; in connection with a subpoena, warrant, discovery or other legal order; or to protect the vital interests of an individual.
With your consent. We may share other information with third parties when we have your consent to do so.
Third Party Websites and Services
Our Platform may contain links to other websites and services that are outside our control and are not covered by this Policy.
We are committed to process your data in a secure manner, by putting in place specific technical and organizational measures to prevent the personal data we hold being accidentally or deliberately compromised.
We conduct information risk assessments and we ensure that our staff understands the importance of protecting personal data. We include both physical security and IT security in our overall data security approach. We are diligent in selecting vendors that process personal data on our behalf so that they also ensure appropriate technical and organizational measures to protect the data. We also integrate privacy in the design of our projects that involve the use of personal data to secure the information and implement the aforementioned principles.
We will provide support to Organizations in their duty to notify Users and regulatory authorities, as required by law, when personal data has been stolen, disclosed, altered or infringed by an unauthorized person. If you have questions or concerns regarding this policy or if you are aware of a potential breach, please contact us.
Information About International Transfers
When using the platform your personal data may be stored and processed by us in the United States. To provide appropriate safeguards for personal data we receive from the European Economic Area (EEA), United Kingdom (UK), and Switzerland, we are certified under the Privacy Shield framework.
Currently our primary production data center is located in the United States. We also currently operate a data center in the Netherlands for those customers that specifically chose the use of that location. Our staff that oversee, manage, and support those data centers (including having access to the data) are located primarily in the United States.
For personal data we receive from the EEA, UK and/or Switzerland, DySi has self-certified with the U.S. Department of Commerce under the U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.
If you are one of our customers and the use of our Platform requires DySi to process personal data falling within the scope of the EU General Data Protection Regulation (GDPR), DySi’s Data Processing Addendum is available for review here.
If you are located in the EEA, UK, or Switzerland you have certain privacy rights recognized under the General Data Protection Regulation (GDPR), for instance the right to request access to information, rectification, or erasure.
This section explains how DySi assists your Organization (e.g. your employer) in fulfilling your privacy rights established under the General Data Protection Regulation (GDPR). We only complete the actions below when they are approved by your Organization.
Right to access and correct your personal data: You and your Organization (e.g. your employer) may access, or correct, information you have uploaded to the Platform by using the tools within the Platform. If you do not see the tools within the Platform, you should contact your Organization directly. Changes on the Platform take immediate effect on your specific network, but data will be retained by us in our backup systems for a commercially reasonable amount of time, typically 90 days.
- Account closure and delete identifiable information: In general, account closure means that your name and other identifiable information (including your photo, if provided) will be deleted and not available to us, your Organization or other Users of the platform – your name will be changed to an “anonymous user”. Your comments and posts will not be deleted, but those will no longer be linked to you.
- Deletion of content: Please note that content you create and share is owned by your Organization and may remain on the Platform and be accessible even if your Organization deactivates or terminates your account. In this way, content you provide on the service is similar to other types of content (such as presentations or memos) that you may generate in the course of your work. Note that we cannot manage or delete posts or comments that you or other Users shared or published outside the Platform, using Social Network Sites.
Information viewable by Users within the Platform will be deleted within 30 days upon receiving your request, in any case complete removal of data stored on our backup systems, will happen in a commercially reasonable period of time, typically 90 days.
Right of objection and restriction: You have the opportunity to elect whether you would like to receive certain correspondences from us or opt out of DySi’s promotional emails. Please understand that if you opt out of receiving promotional correspondence from us, we may still contact you in connection with your relationship, transactions, and communications related to the Platform, unless your account is deleted.
Dispute Resolution Procedure
In compliance with the Privacy Shield Principles, Dynamic Signal, Inc. commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Dynamic Signal at email@example.com
We will retain information collected according to the Organization’s (e.g. your employer’s) instructions, and as required by applicable law.
Upon termination of our contractual relationship with your Organization, we will delete all personal data stored in our servers and backups within 90 days. If you stop working for or with the Organization, the Organization may suspend your User account and/or delete any information associated with your User account, in accordance with such Organization’s own data retention policy. See Account closure and right of erasure for more information.
California Privacy Rights
The California Consumer Privacy Act, (Cal. Civ. Code § 1789.100 et seq., “CCPA”) gives California residents certain data rights, with regard to how their personal information is collected and used. Dynamic Signal upholds the requirements of the CCPA for California residents including (and in addition to the descriptions of how we handle your data described elsewhere in this Policy) the following:
- We do not sell personal data to third parties as contemplated by the CCPA. As such, we do not provide an opt-out mechanism.
- We do not distinguish different levels of service or cost based on an individual’s exercise of their right to opt-out or delete data.
- We generally collect, use, and disclose personal information at the instruction of either the Organization or the individual themselves. All other exceptional collection, use, and disclosure is pursuant to what is permitted under the law.
- We provide you with access to and right to delete your personal information as described under Your Choices.
We are committed to collecting and processing personal data responsibly and in compliance with the applicable data protection laws in all countries in which we do business. Our goal is to apply data protection standards established on the basis of internationally accepted data protection principles supporting an effective protection of personal data we process. In addition to upholding your rights set forth under the GDPR and CCPA, we will consider other applicable data privacy laws and comply where necessary. We reserve the right to evaluate any request against the governing data privacy law.
The Platform is not directed at children under the age of 18. We do not knowingly solicit or collect personal data from children under the age of 18.
The Platform uses technologies such as cookies in order to properly function and for analytical purposes.
Cookies are small data files that are placed on your computer or mobile device when you visit a website or use online services. Cookies are widely used by website owners to make their websites and services work, or to work more efficiently, as well as to provide reporting information.
Cookies set by the website owner (in this case, DySi) are called “first party cookies”. Cookies set by parties other than the website owner are called “third party cookies”. Third party cookies enable third party features or functionality to be provided on or through the website (e.g. like advertising, interactive content, and analytics). The parties that set these third-party cookies can recognize your computer both when it visits the website in question and also when it visits certain other websites.
We use first party and third-party cookies for several reasons. Some cookies are required for technical reasons for our Platform to operate, and we refer to these as “essential” or “strictly necessary” cookies. Other cookies enable us to enhance the experience on our Platform. Third parties serve cookies through our Platform for analytics, performance and functionality. The specific types of first and third-party cookies and the purposes they perform are described in the table below:
|Cookies: DySi Platform||Who Serves These Cookies||How to Refuse|
|Essential cookiesThese cookies are strictly necessary to provide you with services available through our Website and Service and to use some of their features, such as the ability to sign in and access to secure areas.||DySi Platform||These cookies are strictly necessary to deliver the Website and Service so you cannot refuse them.|
|Performance and functionality cookiesThese cookies are used to enhance the performance and functionality of our Service but are non-essential to their use (e.g. collecting performance and error data, enabling customer support for users, enabling localized times/dates).||Google Analytics||To refuse these cookies, please follow the instructions below this chart.For more information please click on the relevant link of each provider: |
|Analytics cookiesThese cookies collect information that is used either in aggregate form to help us understand how our Website and Service are being used or how effective our marketing campaigns are, or to help us improve user experience.||AdRoll|
Adobe Marketo Engage
|To refuse these cookies, please follow the instructions below this chart.For more information please click on the relevant link of each provider: |
Google Doubleclick: https://policies.google.com/privacy?hl=en-US
Adobe Marketo Engage: https://www.adobe.com/privacy/policy.html
SAP Jam: https://cloudplatform.sap.com/content/sapjam/website/sap-jam-privacy-statement.html
|Social networking cookiesThese cookies are used to enable you to share pages and content that you find interesting on our Website through third party social networking and other websites. The choices of which social networks to use are solely decided by our customers. However, Facebook, Twitter, and LinkedIn are the most popular choices.||Blogger|
Based on the options of a customer
|To refuse these cookies, please follow the instructions below this chart.For more information please click on the relevant link of each provider:|
In addition, you can exercise advertising cookie choices by visiting any of:
You have the right to decide whether to accept or reject cookies. You can exercise your cookie preferences by clicking on the appropriate opt-out links provided in the cookie table above. You can set or amend your web browser controls to accept or refuse first-party and/or third-party cookies. If you choose to reject cookies, you may still use our Platform though your access to some functionality and areas of our site may be restricted.
- Microsoft Internet Explorer: http://www.microsoft.com/info/cookies.htm
- Google Chrome: https://support.google.com/accounts/answer/61416
- Mozilla Firefox: http://www.mozilla.org/projects/security/pki/psm/help_21/using_priv_help.html
- Apple Safari: Blocks cookies by default and accepts cookies only from your current domain. To change, click Safari, Preferences, Security, and choose your preference.
We gather certain information automatically to analyze trends in the aggregate and administer the Platform. This information may include your Internet Protocol (IP) address, device identification, your browser header (browser type, operating system and related information), and other items that correlates to your IP address, including but not limited to location, Internet service provider, and mobile carrier. We use this information to record the pages and files you view and the actions you take on the Platform. We also use this information to analyze overall usage trends and to improve the Platform.
Web Storage (aka local storage, DOM storage, Flash Cookies, website data) may be used on our website in a similar manner to cookies (for example, to enhance your experience by and storing your user preferences and settings). You can manage these settings via your browser’s settings, similar to cookies.
To communicate with our Data Protection Officer, please email firstname.lastname@example.org.