Privacy Policy

We at Nomadia Consulting Ltd , “we”, “us”, “our” and terms of similar meaning) as an operator of the website hosted at the bukadesk.com domain and all associated subdomains (the “Website”) and services provided by the Website and Slack application (the “Service”) appreciate the confidence you are placing in us when you provide us with your personal data.

We do our best to use your personal data in a fair and transparent manner, and we care about your understanding of how your personal data will be used.

This Privacy Policy explains how the personal data you provide to us will be processed and protected and what your options are in this regard.

This document describes how we treat personal data of individuals while complying with Regulation (EU) 2016/679 of the European Parliament and Council – the General Data Protection Regulation, also known as the GDPR (the “GDPR”).

The Privacy Policy forms an integral part of the Terms of Service and the provisions of the Terms of Service apply to this Privacy Policy. Capitalised terms not defined in this Privacy Policy take the meaning assigned to them in the Terms of Service.

1. Data we collect and process

1.1 Registration and profile data

When you install Service, we obtain from Slack.com platform (after your agreement) following profile data: first name, last name, Slack display name, time zone, avatar URL and information if user is administrator or
owner of Slack workspace.

1.2 Your customer data

When you use Service we store data about users leave as it is principal domain of user of Service.

1.3 Other user data

Even when you browse our Website without signing up and/or logging in, we collect various technical information from visitors that is automatically recorded using a variety of tools, such as weblogs, cookies, etc. Data collected through our Website includes, in particular:

  • the browser you use,
  • the IP address from which you connected to our Website,
  • the operating system of your device (computer, tablet or phone),
  • the unique IP address of the device that you used to access our Website,
  • conversion and retargeting tracking,
  • how you use our Website.

We need this data for technical reasons to be able to display our Website to you, ensure that the Website is stable and secure and adjust the Website’s content to your needs.

2. How we can use the data

2.1 Provision of the Service

We process the data that you provide to us primarily for the purpose of providing the Service on the Website on the basis of Article 6(1)(b) of the GDPR (i.e. steps at the request of the data subject prior to entering into a contract and the subsequent performance of the contract to which the data subject is party), which includes, in particular:

  • allowing the use of the full scope of the Service and the Website,
  • setting up, keeping and administrating your Website account created by us when you sign up.

2.2 Improving the Website and protecting users and us

Since we have a legitimate interest in improving our Website, maintaining our relationship with you and protecting you and other users of the Website, on the basis of Article 6(1)(f) of the GDPR (i.e. legitimate interests pursued by the controller) we also use your personal data for the following purposes:

  • improving the design of the Website and optimizing its content, features and the Service that it provides,
  • informing you about our new products and services,
  • informing you about changes on the Website, the terms of use of the Website, this Privacy Policy and other terms relating to our Website,
    enforcing our terms of use of the Website and detecting violations thereof.

Therefore, we will send to your mailbox news and notifications about features and updates on the Website, as well as notifications related to your use of the Website (e.g. alerts for violations of the Terms of Use etc.).

2.3 Marketing

In addition to the cases referred to above, we use your personal data for marketing purposes only with your express consent on the basis of Article 6(1)(a) of the GDPR (i.e. the data subject’s consent to the processing of personal data) – i.e. if you have subscribed to receive ads, offers and other marketing communication by email; in every such email, you will be given the option to unsubscribe from the newsletter. Further information about how you can withdraw your consent can be found under “Withdrawal of consent” below.

3. How long we retain the data

3.1 Period of retention of registration, profile and other user data

Personal data referred to in 1.1 and 1.3 is retained for the duration of the contract (Terms of Service), i.e. for the duration of your user account. We store an archived copy of your personal data for a period of 60 days after the contract is terminated for the event of a dispute regarding the relationship between you and us related to the Terms of Service or this Privacy Policy.

3.2 Terms of processing your customer data

We process personal data referred to in 1.2 on the basis of the Data Processing Agreement, which represents the legally binding contract on the processing of personal data referred to in Article 28(3) of the GDPR and forms part of this Policy.

You can withdraw the consent you have given for marketing purposes by clicking the appropriate link provided in every email newsletter. If you withdraw your consent, we will immediately cease processing the relevant personal data and delete it, unless there is another legal basis for continued processing thereof. The withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

4. Provision and disclosure of personal data

When providing the Service, we are assisted by the following processors:

  • third-party hosting services for running our servers and databases (Amazon, Cloud 66 Ltd, Rollbar Inc, Scout),
  • third-party managed service providers (Commutatus Pvt Ltd)
  • third-party customer support services (Zendesk, Hubspot, FOMO)
  • third-party billing and payment services (Stripe),
  • third-party web traffic measurement and user tracking services (Google Analytics),
  • third-party conversion tracking and retargeting services (Facebook, Twitter, LinkedIn, AdRoll and Google AdWords).

Your personal data may be transmitted to the United States of America, in particular to third parties referred to in the preceding paragraph, whose operations are consistent with European personal data protection standards since these parties meet the requirements of the EU-U.S. Privacy Shield. The processing of personal data by third parties is governed by their own terms of service.

We do not disclose personal data.

5. Security of personal data

5.1 Security measures

We undertake to keep all personal and other data you have provided to us properly, in compliance with the highest security standards. We will treat all data in accordance with the rules contained in this Privacy Policy and in compliance with applicable legislation, in particular, the GDPR.

Our Website has several levels of security. We have introduced software and hardware security systems, including a firewall and encryption of data intended to protect your personal data from unauthorized access. Nevertheless, despite our efforts, no system provides a full guarantee that your personal data will never be accessed unauthorisedly and your use of this Website means you are willing to take that risk.

5.2 Our responsibility

Protection under this Privacy Policy applies to personal data only to the extent that can reasonably be expected from us.

Our Website may contain links to websites operated by third parties. We are not responsible for information on these websites or for the services or products that they offer. Your use of these websites, including the provision of personal data, is at your own risk. Therefore, we recommend that you review the privacy policies (and, if applicable, other terms) of these websites before you use them for the first time.

6. Your rights and options

Listed below are your rights and options in relation to personal data that we process. If you want to use any of these options, please contact us at hi@bukadesk.com

6.1 Right of access to personal data

You may request that we confirm whether or not we process your personal data and, if we do, you have the right of access to this data (a copy of your personal data) and information about the terms of processing it. We will generally provide this information within one month of the date of your request.

6.2 Right to rectification and completion of the data

You may at any time rectify, complete and update your personal data in your account on your profile page within the admin panel. We recommend you do so every time this data changes. If you have a problem updating your personal data, please contact us.

6.3 Right to erasure

In addition to withdrawal of consent, you may have your personal data erased where one of the following grounds applies:

  • the personal data is no longer necessary for the purposes referred to above,
  • you object to the processing of your personal data carried out on the legal ground of a legitimate interest and there are no overriding legitimate grounds for the processing or you object to the processing of your personal data for direct marketing purposes,
  • the personal data has been unlawfully processed, or
    the personal data has to be erased for compliance with a legal obligation,
  • where the processing is not necessary for compliance with a legal obligation or for the establishment, exercise or defense of legal claims, unless the GDPR grants other exemptions.

6.4 Right to restriction of processing

In addition, you may request restriction of processing of your personal data, if:

  • you contest the accuracy of your personal data, for a period during which its accuracy is being verified,
    personal data has been processed unlawfully (instead of requesting erasure of the data), or
  • we no longer need the personal data for the purposes referred to above, but you need it for the establishment, exercise or defense of legal claims,
    you object to the processing of your personal data carried on the legal grounds of a legitimate interest, for a period during which it is being verified whether legitimate grounds for continued processing thereof exist.

6.5 Right to portability

If technically possible, you have the right to have the personal data which you have provided to us transferred to another organization.

6.6 Right to object

You may object, for reasons relating to your particular situation, to processing of your personal data. In the event of such an objection, we will cease processing your personal data unless compelling legitimate grounds for continued processing or for the establishment, exercise or defense of legal claims are demonstrated.

6.7 Right to lodge a complaint

If you feel that we have violated privacy legislation, you may lodge a complaint with the regulatory authority, which is the Information Commissioner's Office (https://ico.org.uk/).

7. Amendments to the Privacy Policy

We may amend this Privacy Policy from time to time (especially due to legal or technological changes, or after adding new or modifying existing features on the Website). We will notify you of any amendments to this Privacy Policy by sending a notification to your mailbox.

The latest and up-to-date version of the Privacy Policy will always be available on the Website, including information about its effective date. If you use our Website after the effective date of such amendments, you will be deemed by us to have read the amendments to the Privacy Policy and the version of the Privacy Policy effective at the time you use the Website.

8. Contact

Should you have any questions relating to this Privacy Policy, please contact us at hi@bukadesk.com
Last updated on Apr 16, 2021.

Subprocessors

Nomadia Consulting Ltd ("Nomadia”) uses certain third-party subprocessors to assist it in providing its Service and perform various functions as explained in the table below.

A subprocessor is a third party data processor engaged by Nomadia Consulting Ltd, who has or potentially will have access to or process Service Data (which may contain Personal Data).

Prior to engaging any third party subprocessor, Nomadia Consulting Ltd performs due diligence to assess their privacy, security, and confidentiality practices.

If you have questions about our third-party subprocessors, please contact us at hi@bukadesk.com.

Entity Name Entity Type Entity Country
Amazon Web Services, Inc. Cloud Service Provider United States
Slack Technologies Ltd Cloud Service Provider United States
Cloud66 Ltd Cloud Service Provider United States
Rollbar Inc Cloud Service Provider United States
Scout Cloud Service Provider United States
Commutatus Pvt Ltd Managed Services India
Stripe Inc Payments United States
Google Inc Business Analytics Services United States
Hubspot Inc Business Analytics Services United States
FOMO Business Analytics Services United States