During the registration process in Kaiten you specify email and other information about yourself.
Email is your login to the system. Also email allows us to inform you about important events related to the operation of the service.
All the other data that you specify in your profile, comments, cards and other forms for entering inside Kaiten is more necessary to you for communication with colleagues than for us for any actions.
It is also worth mentioning that if you exchange any documents with colleagues by uploading files to Kaiten cards, personal information (yours or other people) can also be stored there.
All the data you enter inside Kaiten is stored in databases that are located in the USA on Amazon servers (https://aws.amazon.com). Starting from March 2018, all your data will be stored on European Amazon servers.
We use several third-party services, where we transfer data from your profile: Intercom (https://intercom.com) and Wootric (https://wootric.com). These are well-known international services, trusted by tens of thousands of companies.
The other third-party services, which are involved in Kaiten, do not receive from us your personal data, but can have access to technical information: IP, browser version, etc., because Your browser interacts directly with them in the process of working with Kayten. These services include: Heroku (https://heroku.com), Google Analytics (http://analytics.google.com), and others.
We use a set of measures to protect not only your personal data, but also the data posted by your company as a whole:
We undertake to notify you of any incidents that we ourselves have discovered, as a result of which your personal data may be removed from our control.
There are several reasons for accessing your personal data:
In case you want to receive more detailed explanations for the storage and operations with your personal data, please write us a request to the email address firstname.lastname@example.org
We undertake to respond to your request within 2 weeks and carry out all necessary procedures described in GDPR (https://www.eugdpr.org).