Last Updated: 2019-9-03
SYSTEM ARCHITECTURE
CONTENT SECURITY
What personal data does Tiled collect and how is it used?
GDPR REQUIREMENT
TILED COMPLIANCE
HOW THIS HELPS YOU
Appointing a Data Protection Officer (DPO)
(Article 37)
(within compliance)
Tiled has designated an appropriate resource to be the DPO, who can be reached for Subject Access Requests (SARs), questions or concerns.
Via email: support@tiled.co
Via post:
Tiled Attn: Data Protection Officer
11848 Bernardo Plaza Ct. Ste 110 San Diego CA 92128
Should you need or have any requests or concerns regarding how, where, and who has access to your Tiled data, review our Indemnification Insurance, our DPO will provide the necessary information to you within the required timeframe, as designated by GDPR requirements.
International Data Transfers
(Articles 45 & 46)
(within compliance)
Tiled collects a minimal amount of personal data, which is transferred and processed for the purpose of responding to customer support requests, product analytics, development remediation of technical and security issues, and other obligations in fulfilling our service agreement. Tiled’s privacy and security controls extend to third parties involved in processing confidential and restricted data.
In order to communicate, provide support and resolve requests, we collect and store the contact information from our customers who have given us authorization to collect, store and use that data. For example, we store email addresses so we can efficiently communicate and notify our customers about new product feature releases. We, however, never sell or rent any collected data from customers to other parties.
Additionally, Tiled retains personal data for as long as necessary to provide our services, support our product or for other essential purposes such as complying with our legal obligations, and resolving disputes and enforcing agreements. If you have any questions or concerns aboutTiled retaining of your data, please contact our DPO.
Privacy Policy (Article 28(3))
(within compliance)
Privacy Training
(Articles 39 & 47)
(within compliance)
Tiled has updated our Privacy Policy to reflect our duties as Processors of our customers’ data, as it relates to delivering terms of service. Additionally, we will make available a defined process to enable Subject Access Requests (SARs). Due to the accuracy and details of the data mapped, as required by the Privacy Impact Assessment (PIA), we will be able to better facilitate SARs from individuals when requested.
Tiled has created role-based privacy training, which will be required to be completed by employees by the end of Q3 (September) 2020. These trainings will be facilitated through our LMS (Learning Management System) and completion metrics will be tracked as part of corporate compliance.
Personal data collected by Tiled may be stored and processed in your region, in the United States or in any other country where Tiled or its affiliates, subsidiaries or service providers maintain facilities. However, Tiled maintains major data centres in the United States. Please be advised that Tiled may modify or update our Privacy Policy when necessary to reflect customer feedback and changes in our product and service; we encourage you to regularly review our Privacy Policy to learn more how we are using and protecting your information and you continued use of Tiled after any modification will constitute acceptance of the modification and updates.
Breach Notification Changes
(Article 33)
(within compliance)
Tiled will notify impacted customer(s), prior to notifying the appropriate DPA. We take the partnership with our customers as a foundational guide based on trust and open communication; and as such, we will communicate any instances of compromised personal data to our customers prior to other sources.
Tiled will notify impacted customers via existing communication channels, typically via email or a dedicated Customer Success Manager, if applicable.
Right to Erasure
(Article 17)
Once a request for removal of personal data has been made by an individual, Tiled will comply with the request, within the timeframe as stipulated by GDPR regulations. However, please be advised that removal of the personal data will affect your usage of the Tiled product and our ability to service and support your account.
Tiled retains personal data for as long as necessary to provide services, support our product or for other essential purposes such as complying with our legal obligations, and resolving disputes and enforcing our agreements.
To request removal of personal data, please email us at support@tiled.co
Application “cookies”
We may use cookies and similar technologies to remember your preferences, understand how users are using our website or app, and help customize our marketing offerings. By visiting our website or using our app, you agree to the use of cookies and similar technologies for the purposes described in this Statement.
A ‘cookie’ is a small data file containing a string of characters that is sent to your computer when you visit a website that allows that site to recognise your browser when you return. We may use third party or analytics cookies. Third party cookies may be used on our website to provide more relevant advertising and we use analytics cookies, like those offered by Google Analytics, to help us understand things like how long a visitor stays on our website, what pages they find most useful, and how they arrived at tiled.co. To learn more about Google Analytics and your data, visit this Google webpage.
Most web browsers allow you to control cookies through their settings preferences, however, you may impact your overall user experience. Below you can learn about how to control cookie settings on popular web browsers:
Google Chrome // Internet Explorer // Safari // Firefox // Internet Explorer