Privacy Policy

Effective on: January 23, 2018

Disco Privacy Policy Overview

We care deeply about your rights as a Disco customer and we will always respect your trust. We've done our best to clearly lay out our policies here. If you see an opportunity for improvement, please let us know by emailing support@justdisco.com We’re providing this Privacy Policy to explain our practices regarding the collection, use and disclosure of information that we receive from our Customer and individual Users (who we will refer to as “you,” as applicable) through our Service. This Privacy Policy does not apply to any Third Party Service or other third party websites, services or applications, even if they are accessible through, or integrated with, our Service. Also, please note that, unless we define a term in this Privacy Policy, a capitalized term used in this Privacy Policy has the meaning defined in our Terms of Service. So, please make sure that you have read and understand our Terms of Service.

Modification of this Privacy Policy

We may revise this Privacy Policy from time to time, as new features, technology, or legal requirements arise. You may always determine if this Privacy Policy has changed by checking the Effective Date at the top of this page. If we make a significant change, we’ll notify you and, where required, seek your consent. If we update this Privacy Policy, you are free to decide whether to accept the updated terms or to stop using the Service; your continued use of the Service after the effectiveness of that update will be deemed to represent your consent to the provisions in the updated Privacy Policy.

Collecting information

Personal Information

When we refer to "personal information" in this Privacy Policy, we mean information that can be associated with a specific person and could be used to identify that specific person whether from that data alone or from that data in combination with other information that we have access to. We do not consider personal information to include information that has been made anonymous or aggregated so that it can no longer be used, whether in combination with other information or otherwise, to identify a specific person. The personal information we collect includes, but is not limited to, personal information of the kinds described below:

Content from a Third Party Service

When you deploy the Disco Service within a Third Party Service, you specifically authorize our Service to take certain actions, including collecting Customer Information (to the extent made available by such Third Party Service), and indexing and processing the Customer Data. Your Customer Data is reviewed automatically by our proprietary algorithms to enable you to configure how our Service will operate for you. No humans at Disco will be involved in this process. For example, you may wish to measure employee satisfaction and employee sentiment, or analyze certain workflows, or obtain intelligence on your top performers. You may configure our Service to look for certain keywords and other indicators in the communications in the Third Party Service, which will provide you these insights. Your Administrator(s) may elect to obtain reports detailing these analyses, and share these with others. Our Service only stores Customer Data that are explicitly required to operate our Service, for you.

You may also configure our Service’s algorithms to monitor Customer Data for certain keywords in order to promote the exchange of employee feedback among Users. Our Service can spot communications containing positive feedback, and prompt Users to give “kudos” and other compliments to others. Our Service may also be used as a tool to provide constructive and anonymous feedback. Our Service will process this type of employee feedback data for use by the Customer, so that it may be distributed among Users or limited to Administrator – determined personnel.

Other Automatically Collected Information

We use cookies, tracking pixels and similar technologies in our Service to collect information that helps us provide our Service to you, and to learn how our Service is used.

Using Information

Personal Information

We use your personal information for the following purposes:

Third Party Service Information

We process the information obtained from a Third Party Service in the manner directed by your Administrator(s) in order to provide the Service (e.g., to promote Users feedback, monitor User sentiment and provide insights to the Customer relating to its Users)

Our Service operates on computers owned and/or operated by Disco and located in third-party data centers in the United States and, possibly in other countries in the future. These computers store all Users’ feedback and performance data collected in the manner required to perform according to the Administrator’s configuration of the Service (including any relevant Customer Data obtained from the Third Party Service(s)), all in an encrypted form using industry standard security.

We do not enable our personnel to access Customer Data obtained from a Third Party Service, or disclose such Customer Data to third parties, except in the following limited circumstances:

As part of the Service we may share aggregate, anonymous demographic information, survey results, market trends, and other analysis that we create based on the information we receive from you and other customers. Such information will never identify you, your organization, or your Users. We may also share information via the Service to the Third Party Service(s) you link to the Service. For example, if you use the Service to send a survey to your Users via Slack, we may share the results of that survey to your Users via Slack as well.

We vigilantly protect the privacy of your account and the Customer Data stored in our computer systems and, whenever we determine it appropriate, we provide you with notice if we believe we are compelled to comply with a third party’s request for information about your account.

Retaining Information

We retain Customer Information, Customer Data and the communications and analytics generated by use of our Service (collectively, the “Service Output”), as long as we believe it is necessary and relevant for the operation of our Service. Service Output is retained at a company and employee level. A Customer Administrator may request that Customer Information and/or Customer Data be deleted from our systems after the termination of a Customer’s subscription. (However, Customers should understand that Users may elect to export and retain their own feedback data.) Under certain circumstances we may retain Customer Information from terminated subscriptions. We do this to ensure that the Service is not interrupted and none of the Service Output is lost due to interrupted Service subscriptions or other unanticipated events. We may also retain Customer Information after a Customer subscription term ends to prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, enforce our Terms of Service, comply with applicable legal data retention obligations and take other actions permitted by law.

Information Choices and Access

Personal Information

The Administrator and Users choose what personal information we obtain, by providing us the Customer Information and establishing their personal user profiles in a Third Party Service, and each of them may choose to modify or limit such information. It is the Administrator’s responsibility to ensure the Customer Information is correct, and we may rely upon that information being current. You and each User consents to our using the then-current Customer Information and User address(es) to deliver notices and important messages.

Users may also elect to publish and share certain Service Output, such as accomplishments or achievements as part of their Disco profile, among other Users of the Service, or more broadly. Disco is not responsible for the actions of Users who choose to share this Service Output publicly or on their social networks.

Communication Preferences

We do not sell or rent your Customer Information to third parties for their marketing purposes without your explicit consent. We may contact you via email or within the Service with Service-related announcements that we think may be beneficial to you, and special offers. We also may contact you with information about products and services from our business partners. You may opt out of such communications at any time by following the opt-out instructions provided in such messages. You may not opt out of receiving what we consider to be essential Service-related messages, customer service responses or other communications relating to inappropriate use of the Service or requests from third-parties to access information in your account. We may deliver those messages using any of the Customer Information in our records. Please note that if you have agreed to receive marketing communications from any Third Party Service with which you are using Disco, you must change your communication preferences with them directly.

We will honor any statutory right you might have to access, modify or erase your personal information. You can contact Disco customer support at support@justdisco.com to request access. Where you have a legal right to request access or request the modification or erasure of information, we can still withhold that access or decline to correct information in some cases in accordance with applicable law, but will give you reasons if we do so.

Disclosing Information

We exist to provide a valuable service to you, and not to obtain Customer or User information to sell or rent to third parties. In addition to actions you elect to take to enable us to share your credentials with a Third Party Service to integrate Disco with such Third Party Service, the circumstances in which we disclose information are limited to the following:

Some third parties’ embedded content or plugins on the Service, such as Facebook “Like” buttons, may allow their operators to learn that you have visited our website, and they may combine this information with other, identifiable information they have collected about your visits to other websites or online services.

In each of these circumstances, we try to minimize the amount of personal information we share to what is directly relevant and necessary to accomplish the specified purpose. As stated above, we do not disclose your Customer Information to third parties for their marketing purposes without your explicit consent.

While we use contractual and other measures to ensure protection of personal information, the laws and regulations relating to privacy and personal information protection in other legal jurisdictions may not be the same as, or similar to, your local privacy laws. The governments, courts, law enforcement or regulatory agencies in these other jurisdictions may be able to request disclosure of personal information through the laws of these countries. In an effort to respect your privacy, we will not otherwise disclose your personal information to law enforcement, other government officials, or other third parties without a subpoena, court order or substantially similar legal procedure, except when we believe in good faith that the disclosure of information is necessary to prevent imminent physical harm, financial loss or to report potentially illegal or fraudulent activity.

Securing Your Information

We are committed to protecting the security of your information and take reasonable precautions to protect it. We use industry standard encryption to protect your data in transit and while it is stored on our servers. This is commonly referred to as transport layer security (TLS) or secure socket layer (SSL) technology. However, internet data transmissions cannot be guaranteed to be 100% secure, and we cannot ensure the security of information during its transmission between you and us. Accordingly, you acknowledge that when you transport such information, you do so at your own risk.

We protect your information in our systems using technical and administrative security measures designed to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centers, and information access authorization controls.

If we learn of a system breach, we may attempt to notify you and provide information on protective steps, if available, using the Customer Information that you have provided to us or by posting a notice on our web site and/or via our Service and other communication platforms. Depending on where you live, you may have a legal right to receive such notices in writing.

Service-Related Details

We also wish to share the following important privacy information related to your use of our Service:

Information from Children

We do not knowingly collect personal information from children without parental consent. If we learn that we have inadvertently obtained information in violation of applicable laws prohibiting collection of information from children without such consent, we will promptly delete it.

Third Party Privacy Practices

This Privacy Policy addresses only the use and disclosure of information we collect from you and in operating our Service. If you disclose your information to others using a Third Party Service, their privacy policy and practices will apply. For example, when you communicate with Disco through Slack, Slack’s Privacy Policy governs those communications. We cannot guarantee the privacy or security of your information once you provide it to a third party and we encourage you to evaluate the privacy and security policies of any third party before entering into a transaction and choosing to share your information.

Scope of Policy

This Privacy Policy describes your privacy rights when you elect to use our Service, and by using our Service or engaging with us, you accept the substance and application of these terms and policies, and consent to our collection, use, disclosure and retention of your personal information as described in this Privacy Policy. Should you ever disagree with this Privacy Policy, you may provide us with your feedback at support@justdisco.com, but such feedback will not vary or supersede these terms. The terms of this Privacy Policy are incorporated by reference in the Terms of Service that you accept when you register to use our Service. Discotheque Inc. is the data controller for our Service, and we may store and process your personal information on our computers in the US and elsewhere in the world where our data centers are located.

Questions or Concerns

If you have questions or concerns about this Privacy Policy or information handling processes, you may contact us at the following addresses:

Discotheque Inc.
1266 Harrison St.
San Francisco, CA 94103

Attn: Jeremy Vandehey

support@justdisco.com