This privacy policy describes the ways we collect, store, use, and manage the information you provide to us while using our apps and websites.

1. Definitions

“Policy” means this Privacy policy of Philipp Eckelmann.

“We”, “our” or “us” means a private entrepreneur, Philipp Eckelmann, an Atlassian Vendor and his team.

“You”, “your” means you as a user of our app or website.

“App” means a Server software extension developed by us and distributed through the Atlassian Marketplace.

“Website” means the website accessible at http://confluence-crm-contact-list.com/?page_id=50, including its subdomains.

“Atlassian” means Atlassian Pty Ltd, the owner and provider of Atlassian Marketplace and certain products (Jira, Confluence, etc.) or other product or service, with which the apps are used.

“Personal data” means information that can be used to identify you as an individual, like your first and last names, email address, username or its equivalent, usage data and so on. personal data does not include information that has been already anonymized so that it does not allow your identification as a specific person. If you cannot be identified (e.g., when personal data has been aggregated and anonymized), then this policy does not apply.

2. When we act as processor

Our apps and website are designed to be used by organizations and businesses. When we provide an app to an organization (e.g., to your employer or a client of your employer) that organization controls the information processed with the use of the app or by the app. This organization operates as the controller of the information, including your personal data, and is responsible for the accounts used to access the app, including your Atlassian account.

If this is the case:

• this policy does not apply to our interactions with you, since in this context we act solely as a processor of your data on behalf of controller (e.g. organization or company you work with/for);
• we am not responsible for the privacy or security practices of a controller’s organization, which may be different than this policy; and
• please address all your data privacy questions and requests to your organization, as your use of the app is subject to that organization’s policies.

3. Third parties processing your personal data

This policy does not cover the cases of collection, processing, storage, or use of your personal data, by Atlassian or any other third party or company. We do not control when or how third parties collect, process, store or use your personal data. Please, refer to privacy policies of these third parties in order to learn and understand how and when they can use your information.

For example, the Atlassian privacy policy defines collection and use of your information by Atlassian.

4. When we act as controller

There might occur cases when you use our apps not as an employee, contractor or representative of an organization, or when we, not your organization, determine the objectives and means of the processing, including collection, of your personal data. This policy applies to such cases which will be described further in more details.

5. What data we collect and how we do that

When you visit our website, use our app or contact us directly we collect and process your personal data. The ways we collect it can fall into the following cases:

5.1. Information you provide to us directly

When you use our apps and websites we might ask you to provide personal data to us. For example, we may ask for your contact information when you request some feature, contact us with questions or request support.

5.2. Information we collect automatically

We collect some information about you automatically when you visit our websites, like your region, type of device you use, type of browser you use, language of your browser. Some of this information is collected using cookies, similar tracking technologies and third-party tools like Google Analytics.

Please note that, by using the websites and/or apps, you agree to our use of cookies as described in this policy. Most browsers allow some control of most cookies through the browser settings. You may be able to reset your browser to refuse all cookies or to indicate when a cookie is being sent. If you do not want us to use cookies, please be sure to block or disable them in your browser.

We also use session cookies that allow us to link your actions during a browser session. A browser session starts when you open the browser window and finishes when you close it. Session cookies are created temporarily and are deleted once the browser window is closed.

We use our own cookies (first party cookies):

• to remember your choice about cookies on the websites and for the apps;
• to recognize you when you visit the website and apps;
• to remember your preferences.

In addition, we work with reputable service providers who can use their cookies when you use the website and apps (third party cookies). First of all, we use Google Analytics which plants a permanent cookie on the web browser you use to identify you as a unique user, the cookie cannot be used by anyone but Google. Google’s ability to use and share information collected by Google Analytics is restricted by the Google Analytics Terms of Service and the Google Privacy Policy.

Web browsers will enable you to see what cookies you have got, allow you to delete them all or on an individual basis, and enable you block or allow cookies for all websites or individually selected websites. You can also normally turn off third party cookies separately (e.g., to opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout).

5.3. Information we get from third parties

We might receive and collect personal data about you from third parties, like Atlassian or your organization or company (from your employer or from other users of the app). For example, Atlassian provides us with billing and technical contacts details (name, address, email and phone number) upon your installation of the app.

6. Legal grounds to process personal data

If you are an individual in the European Economic Area (EEA) the following statements of this section apply to you.

Where we collect personal data, we will only process it when we have the legal basis for the processing set out in applicable data protection laws. Such legal bases are:

• The performance of a contract. We may process your personal data where we need to take steps at your request prior to entering into a contract or where it is necessary for the fulfilment of a contract.
• The legitimate interests. Your personal data may be processed when we or third parties (e.g., your employer) have a business or commercial reason to process your personal data.
• A legal obligation. Various laws and regulations may impose certain obligations on us. To comply with them we have to process your personal data.
• Your consent. In certain limited cases we process your personal data based on your consent, for example, when it is needed for direct marketing purposes and you are not an employee, contractor or representative of an organization or company that has been interested in or has used our apps.

7. How we use personal data

My processing of your personal data is necessary for us to provide you with the websites and apps. If we do not process your personal data, we may be unable to provide you with all or some features of the apps.

We use your personal data for a number of purposes, which may include the following:

Use of your personal data	Legal basis (for EEA)
To operate our apps and websites, ensure they work as intended and deliver services you have requested	Performance of a contract Legitimate interest
To support you, including assisting with the resolution of technical or other issues relating to the apps and websites	Performance of a contract
To enhance our apps and websites (including testing, implementation of new features, running user research analysis, and user experience analysis). So that we can use your personal data to address issues in the app and introduce new functions.	Legitimate interest
To manage our relationships and communicate with you. This may include: ·         survey requests, feedback collection and follow-up communication after the app’s license has expired or has been terminated; ·         operational and transactional communications upon installation of the app, like changes to our apps, information about new features, security updates, assistance with using our apps, or requests for feedback; ·         providing you with the information you have requested from us or information we are required to send to you. These communications are an essential part of the services we provide you through the apps and in most cases, you will not be able to opt out of them. If an opt-out is available, you will find that option within the communication message itself or in your account settings.	Performance of a contract Legitimate interest
To send marketing communications that may be of specific interest to you. These communications are designed to drive engagement and maximize your revenue from using our apps. This includes information about new apps, newsletters, product offerings, and promotions we think may be of interest to you. You may opt out of receiving marketing communications from us by using the unsubscribe link within each email, updating your email preferences within your account settings, or by contacting us at http://confluence-crm-contact-list.com/?page_id=50 to have your contact information removed from our promotional email campaigns.	Legitimate interest Your consent
To prevent, detect and report crime, protect you, other users and us, for example, by ensuring network and information security, mitigating security risks, detecting and preventing any fraudulent or malicious activity, and make sure that everyone is using our apps and websites fairly and in accordance with the EULA.	Legal obligation Legitimate interest Performance of a contract
To perform legal duties, responsibilities, and obligations; and to comply with any laws and regulations that apply to us.	Legal obligation

8. How we can share your personal data

There may be situations when we may need to share your personal data with third parties. We may disclose your personal data to:

• Other users of the app;
• Atlassian;
• Regulators, law enforcement agencies, government bodies, courts, fraud prevention agencies, or other third parties, where we think it is necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights (where possible and appropriate, we will notify you of this type of disclosure);
• An actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business; and/or
• Other persons when we have your consent.

9. International data transfers

When we process and share data, it may be transferred to, and processed in, countries other than your country. Where personal data are processed in another country, we apply safeguards in place to ensure your personal data remains protected.

For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. When your personal data is transferred outside the EEA, it will be transferred to countries where we have compliant transfer mechanisms in place to protect your personal data, in particular, by implementing the European Commission’s Standard Contractual Clauses to the contracts with the entities the data is transferred to or by using other appropriate legal mechanisms to safeguard the transfer.

10. Security

We are committed to protecting your personal data and have appropriate technical and organizational measures in place to protect data from loss, misuse and unauthorized access, disclosure, alteration and destruction. We process all personal data using industry-standard techniques.

Personal data we collect is processed solely by us, no other third parties have access to it.

11. Data retention

Some data is controlled by your organization, some data you can delete whenever you like, some data is deleted automatically, and some data we retain for longer periods of time when necessary.

11.1. Information retained until controller removes it

When the app is made available to you through an organization (e.g., your employer), we retain your information as long as required by the controller (your organization).

11.2. Information for marketing communications

If you have not opted-out or have consented (as the case may be) to receive marketing communications from us, we retain information about your marketing preferences for a reasonable period of time from the date you last used or expressed interest in our apps.

11.3. Information retained for extended time periods for limited purposes

Sometimes business and legal requirements oblige us to retain certain information, for specific purposes, for an extended period of time. Reasons we might retain some data for longer periods of time include:

• To ensure that the apps and websites are available to you and other users.
• To protect you, other persons, and us from fraud, abuse, illegal activity and unauthorized access, for example, when we suspect someone is committing fraud.
• To meet any comply with applicable law, regulation, legal process or enforceable governmental request, or when we are required to enforce the EULA, including investigation of potential violations.
• If you have directly communicated with us, for example, feedback provision, request for support, or bug report.
• To comply with tax, anti-money laundering and other financial regulations or to carry out accounting.
• To facilitate dispute resolution.

12. Your rights

You have the following rights with respect to your personal data that we process as the controller:

1. Right to access. You have the right to access (and obtain a copy of, if required) your personal data.
2. Right to rectification. You have the right to update your personal data or to correct any inaccuracies.
3. Right to erasure. You may have the right to request that we delete your personal data in certain circumstances, such as when it is no longer necessary for the purpose for which it was originally collected.
4. Right to restrict processing. You may have the right to request to restrict the use of your personal data in certain circumstances, such as when you have objected to our use of your personal data but we need to verify whether we have overriding legitimate grounds to use it.
5. Right to data portability. You have the right to transfer your personal data to a third party in a structured, commonly used and machine-readable format, in circumstances where the personal data is processed with your consent or by automated means.
6. Right to object. You may have the right to object to the use of your personal data in certain circumstances, such as the use of your personal data for direct marketing.
7. Right to complain. If you are not happy with how we are processing your personal data, please let us know by sending an email tosupport@confluence-crm-contact-list.com. We will review and evaluate your complaint, and try to get back to you within a reasonable time frame. You have the right to complain to your local data protection authority. This right may not be available to you if there is no authority dealing with data protection in your country.

Please note that we will be able to assist you in exercising your rights only when we are the controller of your personal data (e.g., when we use your information for marketing communications or when you have contacted us not as an employee or representative of an organization). You can exercise your rights at any time by sending an email to support@confluence-crm-contact-list.com. In all other cases, please direct your data privacy questions and requests to your organization.

13. Modifications

We reserve the right, at our sole discretion to put into effect, modify or revise this policy at any time by posting the policy or revised policy on this page. The policy or any changes will become effective upon posting of the revised policy. Depending on the significance of the changes to this policy, we will use reasonable efforts to inform you by email, by posting a notice on the website, or by using other ways to notify you about the changes.

Effective date: 31 January, 2019