1. Introduction
At SKOR, we are committed to protecting your privacy and being transparent about how we collect, use, and protect your information. This Privacy Policy explains our practices regarding the collection and use of information through our uNPS scoring platform.
2. Information We Collect
2.1 Data Collected Through Widgets
When users interact with our widgets on your website, we collect:
| Data Category | Examples | Purpose |
|---|---|---|
| Score Data | User satisfaction scores (0-10) | Provide uNPS insights and analytics |
| Device Information | Device type, screen resolution, browser type, OS | Analytics and service optimization |
| Network Data | Connection type, IP address, location data | Security and fraud prevention |
| Behavioral Data | Page URL, referrer, session duration | Service improvement and analytics |
| Technical Data | User agent, timestamp, session ID | Security and service maintenance |
2.2 Data Collected from Website Owners
When you use our dashboard or API services, we collect:
- Account Information: Project ID, name, email address
- Usage Data: Dashboard access patterns, API usage
- Configuration Data: Widget settings and preferences
3. How We Use Your Information
3.1 Primary Uses
We use collected information to:
- Provide Services: Generate uNPS reports and analytics
- Improve Services: Enhance widget functionality and user experience
- Ensure Security: Detect and prevent fraud, abuse, and security threats
- Comply with Law: Meet legal obligations and respond to lawful requests
- Support Users: Provide customer support and technical assistance
3.2 Analytics and Insights
We use analytics data to:
- Generate comprehensive reports for website owners
- Identify trends and patterns in user satisfaction
- Improve our widget performance and reliability
- Develop new features and capabilities
4. Data Sharing and Disclosure
4.1 What We Don't Share
We are committed to protecting your privacy and do not:
- Sell your personal information to third parties
- Share individual user data with advertisers
- Use your data for purposes unrelated to our services
- Share data without proper legal authorization
4.2 Limited Sharing
We may share information only in these limited circumstances:
- Service Providers: With trusted third-party services that help us operate our platform (hosting, analytics, security)
- Legal Requirements: When required by law or to protect our rights and safety
- Business Transfers: In connection with a merger, acquisition, or sale of assets
- Consent: When you explicitly consent to sharing
5. Data Security
5.1 Security Measures
We implement comprehensive security measures to protect your data:
- Encryption: All data is encrypted in transit and at rest
- Access Controls: Strict access controls and authentication
- Regular Audits: Security assessments and vulnerability testing
- Incident Response: Procedures for handling security incidents
- Employee Training: Regular security training for our team
5.2 Widget Security
Our widget implementation includes security features:
- Secure JavaScript execution with Content Security Policy
- Input validation and sanitization
- Rate limiting and abuse prevention
- Secure API communication
6. Your Rights and Choices
6.1 Data Subject Rights (GDPR/CCPA)
Depending on your location, you may have the following rights:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your personal data
- Portability: Receive your data in a structured format
- Objection: Object to processing of your data
- Restriction: Limit how we process your data
6.2 How to Exercise Your Rights
To exercise your rights, contact us at privacy@skor.nomadis.com. We will respond within 30 days and may request additional information to verify your identity.
6.3 Opt-Out Options
You can:
- Disable cookies in your browser settings
- Use browser privacy extensions
- Contact us to request data deletion
- Unsubscribe from marketing communications
7. Data Retention
We retain your data only as long as necessary:
- Score Data: Retained for the duration of your account plus 30 days
- Analytics Data: Retained for 2 years for trend analysis
- Account Data: Retained until account deletion
- Log Data: Retained for 90 days for security purposes
You can request deletion of your data at any time, and we will process your request within 30 days.
8. International Data Transfers
Your data may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:
- Standard Contractual Clauses (SCCs) for EU data transfers
- Adequacy decisions where applicable
- Additional security measures for international transfers
9. Children's Privacy
Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.
10. Third-Party Services
Our service may integrate with third-party services. We are not responsible for the privacy practices of these services. We recommend reviewing their privacy policies:
- Hosting providers and cloud services
- Analytics and monitoring tools
- Customer support platforms
- Security and fraud prevention services
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by:
- Posting a notice on our website
- Sending email notifications to registered users
- Updating the "Last updated" date
Your continued use of our services after changes constitutes acceptance of the updated policy.
12. Contact Information
If you have questions about this Privacy Policy or our data practices, contact us:
- Email: privacy@skor.nomadis.com
- Data Protection Officer: dpo@skor.nomadis.com
- Website: https://skor.nomadis.com
- Address: [Your Business Address]
For EU residents, you also have the right to lodge a complaint with your local data protection authority.