Apostle has been concerned about customer and user privacy for almost 9 years, long before it became fashionable, politically correct or legally binding to take such a stance. We ask for as little information as possible and only collect what we feel is necessary to conduct business, or for the specific transaction in question. We let our customers know what information we have about them and give them the option to cancel certain commitments. Yet, by far our biggest commitment is that we do not make a single dollar from advertising revenue - never have, never will - not even from the free editions of our products. This means we avoid the fundamental conflict of interest between collecting customer information and fuelling advertising revenue, and the inevitable compromises in customer privacy that this entails. The purpose of this policy is to make explicit what information we collect about our customers and users, how we will use it and how we will not. This policy is unfortunately longer than we would like, but we need to be unambiguous on all relevant issues. We will try to keep the language as simple and direct as possible.
This section deals with the way Apostle collects and uses information about visitors to the website, potential customers, users of products and services of Apostle, and others who contact Apostle through forms or email addresses published on or linked to our websites.
This section deals with how Apostle handles data that you entrust to Apostle when you use our products and services, or when you share personal or confidential information with us when requesting customer support.
We only collect information about you if we need it for a legitimate purpose. Apostle will only have information about you if (a) you have provided the information yourself, (b) Apostle has collected the information automatically, or (c) Apostle has obtained the information from a third party. Below, we describe the different scenarios that fall under each of these three categories and the information that is collected in each category.
In addition to the purposes listed above, we may use your information for the following purposes:
In addition to the purposes mentioned above, we may use your information for the following purposes:
Legal processing bases applicable to Apostle: When we process your personal data, we have a basis for doing so. Most of our information collection and processing activities are usually based on (i) contractual necessity, (ii) one or more legitimate interests of Apostle or a third party that do not outweigh your data protection interests, or (iii) your consent. Sometimes, we are required by law to collect your data, or we need your personal data to protect your vital interests or those of another person.
Withdrawal of consent: Where we rely on your consent as the legal basis, you have the right to withdraw your consent at any time, but this does not affect processing that has already taken place.
Notification of legitimate interests: When we invoke legitimate interests as a legal basis and these legitimate interests are not specified above, we will clearly explain to you what these legitimate interests are at the time we collect your information.
Opt out of non-essential electronic communications: You may opt-out of receiving newsletters and other non-essential communications by using the 'unsubscribe' function included in all such communications. You will, however, continue to receive notices and essential transaction emails.
Disable cookies: You can disable browser cookies before visiting our websites. However, if you do so, you may not be able to use certain features of the websites properly.
Optional information: You may choose not to provide optional profile information, such as your photograph. You may also remove or change your optional profile information. You can always choose not to complete non mandatory fields when filling out a form linked to our Sites.
Third-party service providers: We may need to share your personal information and aggregated or identified information with external service providers that we engage with, such as marketing and advertising partners, event organisers, web analytics providers, and payment processors.
These service providers are authorized to use your personal information only as necessary to provide these services to us.
Resale partners: We may share your personal data with our authorised resale partners in your region for the sole purpose of contacting you about products you have downloaded or services you have signed up for. We will give you an option to opt-out of further co-operation with that partner.
Other cases : Other scenarios in which we may share the same information covered in Parts I and II are described in Part III.
If you are located in the European Economic Area (EEA), you have the following rights with regard to the information Apostle stores about you. Apostle undertakes to provide you with the same rights, regardless of where you live.
Right to access: You have the right to access (and, if necessary, obtain a copy) of the categories of personal information we store about you, including the source of the information, the purpose and period of processing, and the persons to whom the information is disclosed.
Right to rectification: You have the right to update the information we hold about you or to correct any inaccuracies. Based on the purpose for which we use your information, you may instruct us to include additional information about you in our database.
Right to erasure: You have the right to request that we delete your personal information in certain circumstances, such as when it is no longer needed for the purpose for which it was originally collected.
Right to restrict processing: You may also have the right to request that we restrict the use of your data in certain circumstances, for example, if you have objected to our use of your data but we need to verify whether we have compelling legitimate grounds to use it.
Right to data portability: You have the right to transfer your data to a third party in a structured, commonly used and machine-readable format in circumstances where the data is processed with your consent or by automated means.
Right to object: You have the right to object in certain circumstances to the use of your information, such as the use of your personal information for direct marketing.
Right to lodge a complaint: You have the right to lodge a complaint with the appropriate supervisory authority if you have a grievance against the way we collect, use or share your information. In the Netherlands, you can lodge a complaint with the Dutch Data Protection Authority.
If you have contacted us, we will keep the information for as long as is necessary for this contact or for up to 6 months after we last had contact with you, because we want to be sure that we have dealt with your question or complaint properly.
If you have subscribed to our newsletter, we will keep your data until you unsubscribe from the newsletter.
In the context of the services we provide, we store your personal data for up to 2 years after the service has ended. We store some data longer, based on the statutory retention period.
We will store information relating to application processes for up to 4 weeks after the position has been filled. If you give us permission to do so, we will save your application data for another year.
Sometimes we may store your information longer, as permitted or required by law, such as to maintain suppression lists, prevent abuse, if required in connection with a legal claim or proceeding, to enforce our agreements, for tax, accounting, or to comply with other legal obligations. When we no longer have a legitimate reason to process your information, we will delete or anonymise your information from our active databases. We will also store the information securely and isolate it from further processing on backup drives until deletion is possible.
Information provided in connection with services: You may entrust information that you or your organisation ("you") manage to Apostle, in connection with the use of our services or the request fortechnical support for our products. This includes information about your customers and your employees (if you are a data controller) or data that you store and use on behalf of another person for a specific purpose, such as a customer to whom you provide services (if you are a processor). The data may either be stored on our servers when you use our services, or transferred or shared with us as part of a request for technical support or other services.
Data from mobile devices: If you choose to allow this, our mobile application will have access to the camera and photo library of your mobile device. Our application needs this access to provide its services. You can disable the access of the mobile application to this information at any time by changing the settings on your mobile device. (All information entrusted to Apostle is collectively referred to as "Service Data").
We recognise that you are the owner of your Service Data. We offer you full control of your Service Data by allowing you to (i) access your Service Data, (ii) share your Service Data through supported third party integrations, and (iii) request the export or deletion of your Service Data.
We process your service data when you give us instructions via the various modules of our services. For example, when you send inputs via Apostle, we need access to your photo library or camera (for a snapshot) in order to complete the request.
If you have enabled notifications on our mobile application, we will push notifications through a push notification provider, such as Apple Push Notification Service and Google Cloud Messaging. You can manage your preferences for push notifications or disable these notifications by turning notifications off in the application or device settings.
Apostle and third-party sub-processors: In order to provide services and technical support for our product, the contracting entity engages with other entities and third parties within Apostle
Employees and independent contractors: We may grant access to your service data to our employees and individuals who are involved in providing the services as independent contractors of the Apostle (collectively, our "employees") so that they can identify, analyse and resolve errors. We ensure that the access of our employees to your service data is limited to specific individuals. Our employees also have access to data you intentionally share with us for technical support or to import data into our products or services. We communicate our privacy and security guidelines to our employees and strictly enforce privacy safeguards within Apostle.
Collaborators and other users: Some of our products or services allow you to collaborate with other users or third parties. Entering into a cooperation can enable other employees to view all or part of your profile data.
Other cases: Other scenarios in which we may share information that is common to information covered in Parts I and II are described in Part III.
We retain the data in your account for as long as you choose to use the Apostle services. When you terminate your Apostle user account, your data will eventually be deleted from the active database during the next clean-up that takes place once every 6 months. The data deleted from the active database will be deleted from the backups after 3 months.
If you believe that we are storing, using or processing your data on behalf of one of our customers, please contact the customer to access, correct, delete, limit or object to the processing of your personal data, or to export it. We will support our customer to comply with your request within a reasonable time.
We do not direct our products and services at persons under the age of 18. Apostle does not intentionally collect personal information from children under the age of 18. If we hear that a child under 18 has provided us with personal information, we will take steps to delete such information. If you believe that a child under 18 has provided us with personal information, please write to email@example.com with the details, and we will take the necessary steps to delete the information we have about that child.
We share your personal information and service data within the Apostle. By accessing or using our products and services or otherwise providing us with personal information or service data, you consent to the processing, transfer and storage of your personal information or service data within the European Economic Area (EEA).
In order to provide its services, Apostle may provide your personal data to parties established outside the European Economic Area (EEA). Apostle will only do this if there is an adequate level of protection for the processing of personal data. This means, for example, that we use a model agreement of the European Commission or that we make agreements regarding the handling of personal data.
To enable you to comply with the data protection obligations under the General Data Protection Regulation, we are prepared to sign a Data Protection Agreement (DPA) based on standard contractual clauses. You can request a DPA from Apostle at firstname.lastname@example.org. Once we have received your request, we will send you the DPA so you can sign it.
We may be required by law to retain or disclose your personal information and service data to comply with applicable laws, regulations, legal processes, or governmental requests, including meetingnational security requirements.
We may disclose personal information and service data to a third party when we believe such disclosure is necessary to prevent fraud, investigate suspected illegal activities, enforce our agreements or policies, or protect the safety of our users.
We do not intend to sell our business. However, in the unlikely event that we sell our business or are acquired or merged, we will ensure that the acquiring entity is legally bound to fulfil our obligations to you. We will notify you of any change in ownership or use of your personal information and service details by email or by prominent notice on our website. We will also notify you of any choices you may have regarding your Personal Information and Service Data.