Privacy Policy

This Policy was last updated on November 30, 2018.

Stroofy Limited, a company incorporated in Ireland (“Stroofy“) offers tools and services commercialized as “Stroofy” which provide the means to measure focus, productivity, work-life balance and employee engagement.

Stroofy provides personalized insights to employees based on behavioural science and data analytics that measures focus, wellness and work life balance. Additionally, it provides an opportunity for employees to provide feedback to their organization via an anonymous survey. Stroofy does not share any individual employee’s responses or individual performance data with their organization and insights shared by Stroofy with an organization are aggregated, with appropriate structures in place to ensure that anonymity is preserved.

Stroofy understands the importance of protecting personal information and our product is built with this in mind. For this reason, Stroofy strives to have business procedures and security safeguards in place to protect personal information under its control.

  1. Application and Scope

    This Privacy Policy (“Policy“) is intended to establish responsible and transparent practices for the management of personal information and to satisfy the relevant and applicable legal requirements. This Policy sets out the standards, responsibilities and obligations of Stroofy in respect of any personal information collected, accessed or processed by Stroofy in the course of its business operations and specifies the obligations of Stroofy that arise from Stroofy Terms of Service (available at terms of services ) (the “Terms” ) entered into between Stroofy and its corporate customers (each, a “Customer” ), whereby Stroofy might handle or have access to personal information.

  2. International Compliance

    Stroofy complies with: (I) data protection laws applicable to Stroofy; and (II) applicable industry standards concerning data protection, confidentiality or information security. Stroofy has operations across Europe and therefore, in some cases, information managed by Stroofy may be transferred, processed and stored to other countries, although at all times, Stroofy will ensure that personal information is protected by confidentiality and security procedures and protections that are, at a minimum, equivalent to those employed by Stroofy itself. Stroofy complies with this Policy as well as the General Data Protection Regulation (Regulation (EU) 2016/679). Where applicable, our commitment to such regulation may be found in our Data Processing Addendum.

  3. Definition of Personal Infomation

    Personal data, or personal information, means any information about an individual from which that person can be identified. This may include, for example, email addresses and contact details and any similar information provided to Stroofy in the course of its business operations, or which Stroofy may receive from business inquiries. It does not include data where the identity has been removed (anonymous data). Personal information that is aggregated and cannot be associated with an identifiable individual is not considered to be personal information.

  4. Collection and Use of Personal Information through the Stroofy Services

    When providing our Services, Stroofy only processes personal information in accordance with the Terms and applicable laws. Stroofy generally uses personal information from or about its Customers and Users (as defined in the Terms), (hereinafter referred to as “Customer Personal Information”) for the following purposes:

    1. to create, establish and administer a Customer’s and User’s account, to respond to Customer’s inquiries related to its account and to contact Customer about the Services or account-related matters;
    2. to provide the Services, including to provide Customer and its Users with access and use of the Services and customer support;
    3. to measure and analyze User behavior in order to, among others, monitor, maintain and improve the Services or features and to create new services or features;
    4. to personalise or customise the experience when using the Services;
    5. to meet legal and regulatory requirements and to allow Stroofy to meet contractual requirements relating to the Services provided to Customer;
    6. to conduct surveys on the quality of the Services or to collect feedback on the Services; and
    7. for the purpose of its algorithms, coaching nudges and focus insights we use information about the current active process name or websites on a User’s computer. We process the following information: active process name, web site URL, window title, start time of use, end time of use and for distinguishing devices: device login name (your system user name), device name, device state (on/off/idle), device operating system version, and sometimes the manufacturer. For some inputs, we process the public internet address being used.

    Stroofy may also use information provided by Customers and Users to create de-identified data aggregated for benchmarking or marketing purposes. Unless required or authorized by law, Stroofy will not use Customer Personal Information for any other or new purpose without obtaining prior consent.

  5. Collection and Use of Personal Information through the Website

    Stroofy generally collects and uses personal information from or about its website users as follows:

    1. Information provided by users. In many cases, Stroofy collects personal information directly from users when they visit or use the website. For instance, Stroofy may collect the following types of information:
      1. Inquiries and Requests for a Trial or Service. Stroofy may collect users’ name, contact information, e-mail address and any other information provided when users make an inquiry or contact Stroofy through the website or when users submit a request or an order for a Stroofy trial or service. Stroofy will only use this information to process and answer users’ request or to manage Stroofy’s everyday business needs in connection with such request. Stroofy uses HubSpot to manage such information.
      2. Personalization of Website. When users visit the website, they may, from time to time, be invited to provide information, such as user’s title, to help Stroofy personalize or customize the users experience when using the website.
    2. Technical information. When users visit the website, Stroofy may collect, using electronic means such as cookies, technical information. This information may include information about visits to the website, including the IP address of the users’ computer, the browser used to view the website, the users’ operating system, resolution of screen, location, language settings in browsers, the site the user came from, keywords searched (if arriving from a search engine), the number of page views, information entered, advertisements seen, etc. This data is used to measure and improve the effectiveness of the website or enhance the experience for users. While most of the time this information is depersonalized, if this information relates to an identifiable individual, Stroofy will treat this information as personal information. Stroofy may also, without limitations, collect and use the following type of information when users visit and/or interact with Stroofy on the website:
      1. Google Analytics: Stroofy uses Google Analytics which allows it to see information on user website activities including, but not limited to, page views, source and time spent on our website. This information is depersonalized and is displayed as numbers, meaning that it cannot be tracked back to individuals. Users may opt-out of Stroofy’s use of Google Analytics by visiting the Google Analytics opt-out page.
      2. Google AdWords: Stroofy may in the future use Google AdWords Remarketing to advertise Stroofy across the Internet and to advertise on third party websites (including Google) to previous visitors to the website. AdWords Remarketing may display ads to users based on what parts of the Stroofy website they have viewed by placing a cookie on the users’ web browser. It could mean that Stroofy advertises to previous visitors who haven’t completed a task on the site or this could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. This cookie does not in any way identify the user or give access to the users’ computer or mobile device. The cookie is only used to indicate to other websites that the user has visited a particular page on the website, so that they may show the user ads relating to that page. If users do not wish to participate in Google AdWords Remarketing, they can opt out by visiting Google’s Ads Preferences Manager.
    3. Choice with Cookies. Users can block the use of cookies by activating the settings in their browser. The “Help” feature on most browsers will tell users how to prevent their browser from accepting new cookies, how to have the browser notify the users when they receive a new cookie, or how to disable cookies altogether. If users choose to withhold consent, or subsequently block cookies, they may not be able to access all or part of the content of the website. Additionally, users can disable or delete similar data used by browser add-ons, by changing the add-on’s settings or visiting the website of its manufacturer.
    4. Privacy Policies of other Websites. This Policy only addresses the use and disclosure of information by Stroofy. Other websites that may be accessible through the website have their own privacy policies and data collection, use and disclosure practices.
    5. Personal Information from other Sources. Stroofy may obtain from third parties additional personal information about a website user if such user gave permission to those third parties to share its information.
  6. Change of Purpose

    Stroofy will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

    If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

  7. Sharing of Personal Information

    Stroofy will not sell, rent or trade personal information to any third party. However, Stroofy may share personal information when authorized and/or required by law or as follows:

    1. As permitted or required by law. Stroofy may disclose personal information as required by applicable law or by proper legal or governmental authority. Stroofy may also disclose information to its accountants, auditors, agents and lawyers in connection with the enforcement or protection of its legal rights. Stroofy may also release certain personal information when it has reasonable grounds to believe that such release is reasonably necessary to protect the rights, property and safety of others and itself, in accordance with or as authorized by law. In the event Stroofy receives a governmental or other regulatory request for any Customer Personal Information, it agrees to immediately notify Customer in order that Customer shall have the option to defend such action. Stroofy shall reasonably cooperate with Customer in such defense.
    2. Business transaction. Stroofy may disclose personal information to a third party in connection with a sale or transfer of business or assets, an amalgamation, re-organization or financing of parts of our business. However, in the event the transaction is completed, personal information will remain protected by applicable data protection laws. In the event the transaction is not completed, Stroofy will require the other party not to use or disclose the personal information received in any manner whatsoever and to delete such information.
    3. Service providers. Stroofy may grant access to personal information to third party service providers in connection with the performance or the improvement of the Services. Before sharing any personal information with any of its third party service providers, Stroofy will ensure that the third party maintains reasonable data management practices for maintaining the confidentiality and security of personal information and preventing unauthorized access
  8. Retention and Security of Personal Information

    Stroofy will store and process the personal information in a manner consistent with industry security standards, and as long as necessary for the purposes described in this Policy, unless a longer retention is required by law. We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

    Stroofy has implemented technical, organizational and administrative systems, policies, and procedures to help ensure the security, integrity and confidentiality of personal information and to mitigate the risk of unauthorized access to or use of personal information, including (I) appropriate administrative, technical and physical safeguards and other security measures designed to ensure the security and confidentiality of the personal information it manages; (II) a security design intended to prevent any compromise of its own information systems, computer networks or data files by unauthorized users, viruses or malicious computer programs; (III) appropriate internal practices including, but not limited to, encryption of data in transit; using appropriate firewall and antivirus software; maintaining these countermeasures, operating systems and other applications with up-to-date virus definitions and security patches so as to avoid any adverse impact to the personal information that it manages; appropriate logging and alerts to monitor access controls and to assure data integrity and confidentiality; permitting only authorized users access to systems and applications; and (IV) all persons with authorized access to personal information must have a genuine business need-to-know prior to access ( “Security Program” ).

  9. Training and Supervision

    Stroofy maintains adequate training programs to ensure that its employees and any others acting on its behalf are aware of and adhere to its Security Program. Stroofy shall exercise necessary and appropriate supervision over its relevant employees to maintain appropriate confidentiality and security of the personal information it manages.

  10. Data Incidents involving Customer Personal Information

    Stroofy shall immediately notify Customer of any reasonably suspected or actual loss of data or breach or compromise of its Security Program which has or may result in the loss or unauthorized access, disclosure, use or acquisition of Customer Personal Information or otherwise presents a potential threat to such information (“Data Incident”). While the initial notice may be in summary form, a comprehensive written notice shall be given within 48 hours to Customer. The notice shall summarize in reasonable detail the nature and scope of the Data Incident (including each data element type) and the corrective action already taken or to be taken by Stroofy. Stroofy shall promptly take all necessary and advisable corrective actions and shall cooperate fully with Customer and the Office of Data Protection in Ireland in all reasonable efforts to mitigate the adverse effects of Data Incident and to prevent its recurrence.

  11. How to Contact Us

    Any questions or complaints regarding this Policy or Stroofy handling of personal information can be addressed by sending an email to: legal@stroofy.com.

    You will not have to pay a fee to access your personal information (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

  12. Change of Privacy Policy

    Stroofy will review and update its policies and procedures as required to keep current with rules and regulations, new technologies, standards and customer concerns. This Policy may therefore change from time to time.