Created/Last Updated: 14th November 2024

This Privacy Policy (“Privacy Policy”) governs how ImpactCraft Technologies Private Limited (collectively “ImpactCraft” or “we” or “us” or “our”) use/process, collect/access and store the Personal Data that we receive or collect/access from or about you (“Clients”, “Users”, “you”)

Your privacy is important to us. Please read this Privacy Policy carefully, to ensure you fully understand our practices in relation to Personal Data.When you access or use our Platform / Application, Services or Website you acknowledge that you have read this Privacy Policy and understand its content.

ABOUT US

ImpactCraft’s Customer Success Digital Workbench (“Platform / Application”) is a generative AI-first Platform that analyzes internal data, external data, as well as communication data to deliver insights to SaaS companies / enterprises (“Clients / Users”) and their Customer Success Manager/s (“CSM/s”) leading to improved CSM efficiency and effectiveness. The Platform / Application, or our consultancy & advisory services, other offerings are hereinafter referred to as our services (“Services”).

 

PERSONAL DATA WE RECEIVE / COLLECT, HOW IT IS STORED AND HOW IT IS PROTECTED: –

ImpactCraft collects data through fundamentally 2 sources: –

  1. On-App Data: Data with respect to our Clients / Users which is collected through the Customer Success Digital Workbench / Software Application / Program developed by us.
  2. Off-App Data: Data which is collected through the Website of ImpactCraft and through the arrangements for consulting and advisory between our Clients / User and ImpactCraft.

ON – APP DATA: –

The On-App Data collected by ImpactCraft has 3 important elements.

  • Internal Data: Internal Data means and includes the operating data such as business adoption data, financial data, survey data, conversation transcripts, error / bug databases / messages, tickets data etc. collected by us from within the Platform / Application being used by the Clients / Users.
  • External Data: External Data means and includes the data collected by us through subscriptions to multiple Third-Party API services to gather certain public domain information like news, social media, press releases, website scans, investor reports etc.
  • Communication Data: Communication Data means and includes the data collected by us through the conversations, correspondence, and communications between our Clients / Users and their Customers.

 

1. Internal Data:

On the Platform / Application, we receive certain operating data from Clients / Users. For example, on our platform, Clients / Users may enter / record information about their customers and their personnel (collectively “Stakeholders”) like Email addresses, phone number(s), date of birth etc. For example, you may share business adoption data, financial data, survey data, conversation transcripts, error / bug databases / messages, tickets data, any other data you decide to input / provide / supply us with etc. ImpactCraft is committed to maintaining the security, confidentiality and privacy of this data and we use commercially acceptable means to secure the same. We create a separate dedicated database for each of our Clients / Users (SaaS entity), to maintain security and privacy of their and their customer’s data.

  • In case the Platform / Application / database is hosted on ImpactCraft systems, the data is securely stored in the database / drives hosted in commercial cloud environment (Microsoft / Amazon Web Services / Google / Pinecone etc.) dedicated for the particular Client / User in the ImpactCraft systems, with restricted access provided on ‘need to know basis’, with individuals at ImpactCraft who are bound by confidentiality and non-disclosure obligations under contracts. ImpactCraft does not use this data or share this data with third parties, affiliates or anyone outside ImpactCraft, except for availing / using API of third-party entities (for example, Large Language Model (LLM) providers such as OpenAI) for providing services to the Clients / Users. To maintain security of the databases, ImpactCraft uses technology like Docker or other similar technology, and the database port access is controlled and is accessible only to the application using it. ImpactCraft personnel do not have access to this data except system administrator who is bound by confidentiality and non-disclosure obligations under contracts.
  • In case the Platform / Application / database is hosted on the Client’s systems / cloud servers / premises, where security and access to the database is controlled by the Client / User, the Client shall have complete responsibility and control for security of the database / Application. The security of the database / Application shall be as per Client’s systems, technology, and privacy policy. ImpactCraft will have a specific / restricted access to manage the Application / database and shall maintain the privacy and confidentiality of data through restricted access provided on ‘need to know basis’, to individuals at ImpactCraft who are bound by confidentiality and non-disclosure obligations under contracts. ImpactCraft does not share this data with third parties, affiliates or anyone outside ImpactCraft.

 

2. External Data:

We subscribe to multiple Third-Party API services to gather certain public domain information like news, social media, press releases, website scans, investor reports We protect data obtained from third parties according to the same security practices used for Internal Data described in this Policy, plus any additional restrictions imposed by the source of the data. We use Large Language Model (LLM) hosted services like OpenAI, or for Vector databases, third-party solutions like Pinecone are used.

 

3.Communication Data:

We use communication data from Client’s / User’s conversations with their customers, which is collected through the specific / restricted access granted to ImpactCraft by the Client / For example, email communication data. We are integrated with Microsoft and Google email along with Single Sign On (SSO), and we will also integrate with direct messaging platforms, call transcripts or similar platforms / technology, as may be required and authorized. In addition, to security practices used for Internal Data described in this Policy above, ImpactCraft also uses encryption technology to safeguard this data in storage. ImpactCraft understands that confidentiality and security of all communication data including any Personally Identifiable information is extremely critical. Therefore, only ImpactCraft can read this data through its software / program to provide insights to the Clients / Users, but no ImpactCraft personnel except the system administrator can read or access this data, and he is bound by the confidentiality obligations under contracts. Impact Craft provides two levels of security for such data: –

  1. Databases are secure and access is provided only to administrators using the protocols outlined herein above.
  2. All communication data including any PII information in the communication is encrypted and before being stored in the database. ImpactCraft administrators or any other human cannot read or interpret this data.
  3. Our Platform / Application does not use any data obtained through Google Workspace APIs or Microsoft Office365 APIs for developing, improving, or training generalized AI or ML models. The data accessed through the APIs is used strictly for its intended purpose, such as Single Sign-On (SSO) authentication and analysing email messages as part of our core functionality to help our users to perform their job effectively.

Although we have implemented adequate technical, organizational, and security measures designed to reduce the risk of unauthorized disclosure or access, accidental destruction or loss of personal data/information, we cannot guarantee that the information will not be exposed as a result of unforeseeable unauthorized access / penetration of our systems / servers. While ImpactCraft takes all necessary and reasonable measures to protect the data provided by the Clients / Users and makes required arrangements for prevention of any breach of security, we also recommend our Clients / Users should be aware of potential risks and decide what data to share.

OFF – APP DATA: –

(i) Leads generated on our Website: We collect leads from the visitors, potential customers, clients, users from our website www.impactcraft.ai (“Website”). All information received through leads will be securely stored on ImpactCraft systems through Microsoft technology stack and will be used solely for explaining ImpactCraft propositions, and this data will not be shared with third parties.
(ii)    Data is collected through consulting and advisory arrangements with the Clients
/ Users. For example, certain operations data, tracking information on practices, business metric data is collected by ImpactCraft.
(iii)   All Off-App Data collected is securely stored using Microsoft technology stack on ImpactCraft systems.

WHY IS THE DATA COLLECTED AND FOR WHAT PURPOSES?

•   To provide you our Platform / Application, products / offerings and services; to perform obligations under our contract / applicable service agreement; to communicate with our clients for contract-services, Platform / Application related matters.
•   To analyze your use of the Platform; to help us serve you better by refining the user experience and other capabilities of our platform.

LEGAL BASIS (THE DIGITAL PERSONAL DATA PROTECTION ACT, 2023 and GDPR)

•   Processing is necessary for legitimate interest e.g. to allow you to create an account, to respond to an inquiry sent by you, perform the contract, to provide you with the services, send contract-related communications, essential cookies, to contact with you to set up a demo, to register you for our webinar, to process your review, send you more information about us in certain B2B situations, or replying to your requests / questions.
•   Processing is necessary for the performance of a contract to which the data subject is party or to which our client is a party or in order to take steps at the request of the data subject prior to entering into a contract.
•   Processing is necessary for pre-contractual discussions.
•   Processing is necessary for compliance with legal obligations (e.g. tax laws, bookkeeping laws, etc.).

WHAT IF YOU CHOOSE NOT TO PROVIDE THE DATA?

The lack of access to data shall incapacitate us from providing the Services and/or hinder proper utilization of our Platform / Application and renders it impossible to perform our contract / agreement with the Clients / Users.

CHILDREN’S PERSONAL INFORMATION

We do not offer our Services or the Platform / Application for use by children under 18 years of age. If you are under 18, you shall not use our Website or provide any information to the Website without involvement of a parent or a guardian. Please do not submit any personal data of stakeholders / end users under the age of 18 through our Platform / Application, services.

DATA RETENTION

ImpactCraft may retain the In-App and/or Off-App Data for as long as necessary to provide our Platform / Application and/or Services to our Clients / Users and fulfill
and/or comply with our contractual obligations, fulfill the transactions you have requested, or for other legitimate purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. The retention period may also depend on our contractual, legal or similar obligation to retain or delete your data. Your Data will be stored until we no longer need the information, or until we receive a valid deletion request from you.

CHANGES TO THIS PRIVACY STATEMENT

We update this Policy when necessary to provide greater transparency or in response to:
•   Feedback from clients, regulators, industry, or other
•   Changes in our data use, collection, processing activities or
•   Changes in applicable laws
When we post changes to this Policy, we will revise the “last updated” date at the top of the Policy. If required, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this Policy to learn how ImpactCraft is protecting your information.

COOKIES

Like many other websites, our Site and our Platform / Application uses cookies, to collect anonymized user data and statistical data about your browsing actions and patterns. Using cookies helps us to improve our Site and deliver a better, more personalized experience / service. This assists us analyse data about webpage traffic and improve our Site and our Platform / Application in order to tailor it to the needs of Clients / Users.

HOW TO CONTACT US

If you have a privacy concern, complaint, or question, please contact us by emailing us at contact-us@impactcraft.ai. We will respond to questions or concerns as required by law and within a period of 30 days.

Web Design Company - Graphinet

To top