Privacy for Humans

Hello there!

‍At Wired2Perform®, your privacy is our priority. By now, you’ve learned our passion for data, people, and connecting. Be it a product feature or infrastructure change—your data privacy plays a major role during the decision making process. We possess an extremely robust platform that helps people understand their unique personal insights – strengths, challenges, interests, and aspirations through the power of behavioral science and data analytics. As information is passed through our platform, we don't take our responsibility lightly to protect it from misuse or undesired access. Below you will find the specific ways your data is used and the importance we place on protecting your information

Where does my data go within Wired2Perform®?

Data is the new god. Each behavioral trait you have, each quality you possess, we convert those into data. Collectively that data defines who you are now and what you can become. We help you with that. Ensuring the privacy of this data is our utmost priority. It's YOUR data, and we are just acting as your data custodian.

Text-based Data

Your text-based data consists of your name, encrypted passwords, emails, skills, interests, talents, aspirations, and other information about and you. Information related to linked accounts like Google, Linkedin, office, zoom, GitHub and Slack is also stored as text data.

We host the majority of our data servers in Amazon’s AWS in the USA as of now. We will geographically expand to other data centers worldwide as necessary to increase user experience. All the data servers are behind a specific Virtual Private Cloud (VPC) that only privileged servers have access to (such as our backend application servers). At various levels either the data itself or the storage where the data is stored is encrypted at rest and in-transit within the server infrastructure. Our caching layer (which is used to provide faster application response to the user) resides in the same VPC.

Data in Elastic NV is encrypted at rest, as well as encrypted at transit.Additionally all elastic traffic is restricted to Wired2Perform® servers.

Images

This is your avatars, logos and thumbnails. These files are stored on our S3 buckets, which can only be accessed by designated engineers and application servers within our organization. To speed up delivery of your data to your computer, we utilize AWS cloudfront.

Let's consider a few user actions and how we have isolated the information exposure

Who has access to which parts of my information when I join an organization in Wired2Perform®?

Specific users of the organization like Administrators, HR or Team Leads or members of the teams you are part of will have access to your information.

All the employees of the organization will NOT have access to your information. You will need to provide them access individually to share your information with them and vice-versa.

What is the scope of visibility if a user is given access to join an organization?

If the user is given the Admin, HR, or Team Lead roles, he/she is able to see all profiles of employees in the organization.

If the user is given the Employee role, he/she is able to see public profiles of employees in the organization.

Who has access to what data when I share my profile as part of network connections?

In order to give you control of what information you want to share with your network connections, we have created 3 categories: Buddy, Friend, or Acquaintance. Each of these has varying levels of details that get shared. Note: These are unidirectional shares, meaning, you can say someone is a buddy and share a lot of your information with them but they can say you are an acquaintance or vice-versa.

Buddy: If you are a paid user and when the connection type is Buddy, your network connection can see all aspects of your profile: profile page, behavior page, workplace page, factors report page, career report page, and communication page.

Friend: If you are a paid user and when the connection type is Friend, your network connection can see the entire profile page, entire behavior page, and entire communication page of your profile.

Acquaintance: If you are a paid user and when the connection type is Acquaintance, your network connection can see the entire profile page, certain attributes of the behavior page, and the entire communication page of your profile.

If you are a free user, then irrespective of the connection type your network connection can only see available insights in the behavior and communication pages of your profile.

Who has access to what data because they added me as an attendee in their meeting?

If someone added you as an attendee to a meeting, the other participants can see your email address, communication style, behavior style, behavior factors, content design, information requirement, length of the content, and other behavioral insights based on your style which is made available to make the meetings/interactions productive.

Who has access to what data because I am part of their slack channel with a Wired2Perform® interface?

All slack workspace users can see the information such as, your name, behavioral style, top factors, strengths, struggles, performance keys, communication style, overall financial approach, risk management approach, content design, information requirement, show appreciation for their business, length of content, what you want from teammates, your fears, your decision-making style, what alienates you, and other behavioral insights based on your style which is made available to make the meetings/interactions productive

What will Wired2Perform® do with my contacts/address book when I connect it to use my calendar?

Your contact’s email addresses are only used to auto-populate the attendees' list while you are adding invitees to the meeting/events in the calendar.

All your contacts are stored in an encrypted database and Wired2Perform® will NOT use this info for any purpose or send any information to them without your specific interaction. We will show you how many of your contacts are on the Wired2Perform® platform already and ask you if you would like to connect with them on the platform or invite the contacts who are not on the platform to Wired2Perform® so you can know about each other and improve your Interpersonal relationships with them

Where does my data go outside of Wired2Perform®?

Some of your data does leave our system to our trusted third-party systems as part of our technology stack or business model. We think it's important you understand what these systems are and why we send your data to these systems. If you don't agree with or understand our reasoning, please email our CEO at raghu@wired2perform.com and he will personally attend to your concerns.

For folks coming to figure out GDPR compliance, all of the following third parties act as data processors for us. If any kind of personal information (email, name, persona) is sent to the following third parties, a ⭐ is left next to the provider name.

👤 Clearbit ⭐

What: Clearbit is a marketing data engine for customer interaction. This takes an email address and scrapes through the online web profiles and personalizes the individual.

Why: We use clearbit to make the user signup and onboarding flow as smooth as possible while capturing publicly available data about a user that we can utilize to provide better analytics. We pre-populate data in the onboarding flow but allow users to remove or modify this data before saving it into their profiles.

How to be forgotten: Clearbit has controls here for you to be forgotten from their systems. In order for the data Clearbit returns to us to be forgotten, you must delete your Wired2Perform® account.

DNA Behavior

What: DNAB is a behavior technology platform that provides human behavior solutions to their customers.

Why: DNAB’s behavior technology platform has been in operation for about 20 years. And their personality tests identify behavioral traits at a 91% reliability level.

💭 Intercom ⭐

What: Intercom is a messaging and marketing platform that allows us to do customer success better. This is where you're able to chat with us from that little bubble in the bottom-right of our web pages

Why: Intercom has drastically increased our ability to address bugs and handle requests from our users (that's you!) over when we used to primarily use email. As a part of being able to maintain your relationship with us on this platform, we have to know who you are. We only know this once you've signed up and given us consent, but we use this information for various debugging purposes and to send you product updates and announcements.

How to be forgotten: If you would like to unsubscribe from Intercom announcements, you can hit the unsubscribe link we provide at the bottom of all of these emails

📊 Google Analytics

What: Google Analytics is an analytics platform that more uniquely gives us certain nice-to-have "vanity" analytics and serves as a good place for understanding where on the web our users are coming from

Why: It's good to know where our users are finding us so we can promote our product more with those partners and channels or figure out whether there are tangential products that should be introduced to our platform.

How to be forgotten: Because of how we use Google Analytics, all data sent to it is anonymous. We send no emails, no names, and we even anonymize IP addresses. Your identity is completely safe here.

📪 Aweber ⭐

What: Aweber is used for our campaign and promotion email service. These are notification email updates about Wired2Perform® newly added features, promotions, and newsletters.

Why: User email address and full name will be collected

How to be forgotten: User can unsubscribe by clicking on the unsubscribe option.

💳 Chargify⭐

What: Chargify Chargify is used as our billing/subscription system. Chargify allows us to charge your credit card for paid Wired2Perform® services without having to store your credit card on our end or handle PCI compliance.

Why: In order for Wired2Perform® to be able to continue to exist, we think it's important we provide service users find enough value, which they feel comfortable paying us. Handling online payments is complicated, and the privacy and security risk is high. Although using Chargify (the industry leader in online payments processing) means they take a cut of our revenue, we think this is ultimately better for user privacy, safety, and our ability to focus on what we do best, which is not handling/owning the legal intricacies of payments processing.

How to be forgotten: We send your email to Chargify if you are a new paid subscriber (individual paid subscription or if you have paid for your team/organization), and they collect your billing information directly. No billing/PCI information is handled/stored in our systems. When you remove your credit card entry, your credit card and other sensitive billing information are removed from Chargify. When you delete your account, all historical information (including past invoices) is removed from Chargify.

📪 Microsoft Teams ⭐

What: Microsoft Teams facilitates us to display your profile and behavior analytics within Microsoft Teams application itself.

Why: We use Microsoft Teams to display your profile and behavior analytics within Microsoft Teams app itself. Microsoft Teams does not store anything at their side. It merely act as a platform to display our application data.

How to be forgotten: You can remove the wired2perform app from Microsoft Teams anytime. However, this does not clear your data stored from wired2perform databases.

Who has access to what within Wired2Perform®?

Our customer-facing teams have the access to Intercom, which allows them to interact with the users.

The technical team can get access to production servers and data servers based on their individual roles. This is given to facilitate the debugging process when it is absolutely necessary.

📪 Zoom API⭐

What: Zoom API allows third parties to handle Zoom Communication’s functionalities. Customers can use this API to build private services or public applications on the Zoom App marketplace.

Why: You can authorize Wired2Perform® to create conferences for calendar events on-behalf of you. Also, Wired2Perform® will retrieve the links to your meeting recordings if recordings are available for meetings that were hosted by you on Zoom. Through Zoom, the data we collect includes OAuth tokens and refresh tokens, as well as your email address and Zoom-id. We DO NOT download or store the recordings. We are only going to let you (the host) share the recordings with the meeting attendees in our Meetings Notes tab of the meeting. For heightened security, we keep track of the user, their IP address, and other pertinent information as part of your audit trail, so you can see who viewed the recording, from where and when. ‍

What Data: ‍How to be forgotten: You have to uninstall the integration by logging out of the Zoom integration in the Wired2Perform® calendar app or uninstalling it through Zoom Marketplace's (https://marketplace.zoom.us) installed apps section.

📪 Google API⭐

What: Google API allows communication with google services. Applications can use Google API for sign-in / sign-up processes for Wired2Perform® and Wired2Perform® calendar.

Why: We use Google API to do the sign-in/sign-up process for Wired2Perform® and Wired2Perform® calendar. With your permission, Wired2Perform® collects your name as mentioned on google, your profile image, contacts, and primary calendar events. Also, we use Google API for Wired2Perform® G Suite Add-on. With your permission, G Suite Add-on collects the sender, recipients (including carbon copy list) of the Gmail message that you view. Also, it collects calendar event guests and the calendar event start time that you view. We do not store any data, and we merely pass these data as parameters for Wired2Perform®APIs.

📪 Office 365 API⭐

What: Office 365 API allows communication with Office 365 services such as Outlook, OneNote, Excel, OneDrive, and Microsoft Teams. This is a unified API that allows users to access data across Office 365 services.

Why: Wired2Perform® uses Office 365 API for sign-in / sign-up processes for Wired2Perform® and Wired2Perform® calendar. Wired2Perform® collects your name as mentioned in Office 365, your profile image, contacts, and calendar events.

📪 Getstream ⭐

What: Getstream is an API for building social networks, activity feeds, activity streams and chat applications without worrying about underline storage technology. This is an end-to-end encrypted service, so leakage of sensitive information is not expected.

Why: We use Getstream to power some of our core features in our application like activity feeds, chat service etc. While doing so, we send following data to Getstream
Chat: message texts, reactions, attachments, uploaded graphics, videos and other files.
Feed: User activities, name, behavior style, top two behavior factors, image uri.
Meeting Notes: Note content, name, behavior style, top two behavior factors, image uri

Who has access to what within Wired2Perform®?

Our customer-facing teams have access to Intercom, which allows them to interact with the users.

The technical team can get access to production servers and data servers based on their individual roles. This is given to facilitate the debugging process when it is absolutely necessary.

Useful Vocabulary

🔒 Encrypted: encryption is a process where data is scrambled with a specific secret that only a select few have. If this data is stolen, it cannot be understood unless the stealer has the proper secret. All of your personally-identifiable data (videos, images, and text) are encrypted at-rest and in-transit across all systems.

🏃🏾‍♂️ In-transit: your data is being sent from one location to another (usually one server/computer to another)

🛌🏾 At-rest: your data is physically being stored on a device (usually a server)

🕳️ S3 Bucket: this is where we store larger (usually media) files such as images and videos

⚡ Cache Layer: a group of servers that uses faster storage for the purpose of being able to retrieve it faster

🤝 Database: this is a server that stores data that relates to one another. In other words, this is where we can query to answer questions like: "what is a user?", "does a user own one or many videos?", "could you get me a list of all of this user's comments?"

🔥 VPC: a firewall that blocks access to a server or group of servers only to users/robots that have the proper permissions

🌐 CDN: a CDN (Content Delivery Network) is a network of computers around the world whose purpose is to store data as close as possible to the downloader to speed up delivery of media.

🤖 AWS: short for Amazon Web Services. This is the cloud provider we use at Wired2Perform® that allows us to rent storage and compute capacity from their data centers.

Elastic NV: The company who develops the famous elasticsearch nosql database.

If you have any questions on this terminology, we are here to help. Please email us at raghu@wired2perform.com

Copyright - 2019 Wired2Perform®