Hello! We are Arigato Machine, Inc. (known to humans as Manifold). This document lays out how we protect your data and respect your privacy.
If you are a registered Manifold user, customer, provider, or a visitor to our website we act as the data controller of your personal data. This means we determine how and why your data is processed.
Your name, email address, social usernames, employment information
Credit/debit card details
Your IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version
Your URL paths (the path you take through our site), services viewed, page response times, usage errors, how long you stay on our pages, what you do on those pages, how often, and other actions
We don’t collect any “sensitive data” about you (like racial or ethnic origin, political opinions, religious/philosophical beliefs, trade union membership, genetic data, biometric data, health data, data about your sexual life or orientation, and offences or alleged offences) except when we have your specific consent, or when we have to in order comply with applicable laws.
Manifold is a business-to-business service directed to and intended for use only by those who are 18 years of age or over. We do not target Manifold at children, and we do not knowingly collect any personal data from any person under 16 years of age. However, we do not explicitly ask for the age of our users, so it is possible someone under the age of consent has accepted our standard data collection.
From the first moment you interact with Manifold, we are collecting data. Sometimes you provide us with data, sometimes data about you is collected automatically.
Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:
Managing your requests (like inviting teammates, provisioning a resource, connecting your Manifold account to other services, using our integrations), login and authentication, remembering your settings, processing payments, hosting and back-end infrastructure.
Legal basis: provisioned resource, legitimate interests
Testing features, interacting with feedback platforms and questionnaires, managing landing pages, heat mapping our site, traffic optimization, data analysis and research, including profiling and the use of machine learning and other techniques over your data and in some cases using third parties to do this.
Legal basis: provisioned resource, legitimate interests
Notifying you of any changes to our service, solving issues via live chat support, phone or email including any bug fixing.
Legal basis: legitimate interest, provisioned resource
Sending you emails and messages about new features, products and services, and content.
Legal basis: consent
You have given clear consent to us to process your personal data for a specific purpose.
If you have previously given consent to our processing your data you can freely withdraw that consent at any time.
You can do this by emailing us at email@example.com.
If you do withdraw your consent, and if we do not have another legal basis for processing your information, then we will stop processing your personal data. If we do have another legal basis for processing your information, then we may continue to do so subject to your legal rights.
Withdrawing consent will limit your ability to use Manifold because our product requires the ability to process data to function.
Processing your data is necessary for a provisioned resource you have with us, or because we have asked you to take specific steps before entering into that provisioning that resource.
Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:
In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests.
If you choose to do this, you can continue to use the website and browse its pages, but we will not be able to process transactions without personal data.
We will inform you (before collecting your data) if we intend to use your data for marketing and if third parties are involved. You can opt out from marketing by emailing us at firstname.lastname@example.org.
You can exercise your rights by sending us an email at email@example.com.
This includes the right to ask us supplementary information about:
We will provide you with the information within 30 days of your request, unless doing so would adversely affect the rights and freedoms of others (e.g. another person’s confidentiality or intellectual property rights). We’ll tell you if we can’t meet your request for that reason.
This applies to information we hold and that third parties hold.
We may use your data to determine whether we should let you know information that might be relevant to you (for example, tailoring emails to you based on your behaviour). Otherwise, the only circumstances in which we will do this is to provide the Manifold service to you.
We will give you a copy of your data in CSV or JSON so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the data to the other service for you. We will not do so to the extent that this involves disclosing data about any other individual.
You can do this by asking us to erase any personal data we hold about you, if it is no longer necessary for us to hold the data for purposes of your use of Manifold.
Our database is by default encrypted at rest, but this does not mean it is safe against SQLI. This is where our service called Boxer comes in. It replaces the plaintext values of secure information with an encrypted version before being stored in the database and it decrypts the encrypted information when fetched from the database.
Boxer is implemented in such a way that allows only a single object owner to decrypt information from objects it owns. This is accomplished by storing a secret that is encrypted with KMS on each database object. Then, when we query our database - the secret is decrypted with our master key and we use this decrypted secret to encrypt/decrypt the sensitive information.
Personal data is stored in the United States by us and may be by our third party data storage and hosting provider. All information you provide to us is stored on our secure servers or those of our third party data storage providers.
We may store personal data processed when you sign up for Manifold or for any other reason (such as where you have contacted us with a question in connection with the Manifold) for as long as you have an account with Manifold. If you terminate your account, or your account becomes inactive (we deem accounts that have seen no activity for a period of longer than 12 consecutive months as inactive), we will store personal data processed when you sign up for the Manifold or for any other reason for a period of 2 years from the date your account was either terminated, or became inactive.
Software companies often use third parties to help them host their application, communicate with customers, power their emails etc. We partner with third parties who we believe are the best in their field at what they do.
Here are the details of our main third-party service providers, and what data they collect or we share with them, where they store the data and why they need it:
|Service provider||Key cookies||Purpose|
To opt out of being tracked by Google Analytics across all websites click here.
You may refuse the transmission of your information by opting out (contact them direct for more information), however please note that you will delete the opt out cookie when you delete your cookies in your browser settings
Last Updated: May 22 2018