Privacy Policy
Last updated: 2024-09-01
Version number: 1.0.0
We will NEVER sell Your Personal Data to Third Parties.
Choiceform will only share or disclose Personal Data as described in this Privacy Policy.
This Privacy Policy applies to Personal Data processed by Choiceform Ltd. (“Choiceform”, “We”, “Us” and “Our”) when You visit www.choiceform.app in addition to any sub-pages that are integrated within it (the “Site”); and/or make use of Choiceform’s Platform.
This Privacy Policy explains what Personal Data We collect through Our Site and Platform, how and why We collect it, how We use and disclose the Personal Data We collect and information on how to exercise privacy rights over this Personal Data.
We have also included a section on the processing of Personal Data sent to Choiceform from visitors to a Choiceform Enabled Site.
We may revise this Privacy Policy from time to time but We will never do so in a manner that compromises Our commitment to respect the privacy of individuals. The most current version of this Privacy Policy governs Our practices for collecting, processing and disclosing Personal Data. We will provide notice via email to Our Customers and on this page of any material modifications to this Privacy Policy. Continued use of Our Site and/or Platform following the effective date of any modifications will constitute acceptance of the modified Agreement (this includes Our Terms of Service, Data Processing Agreement, Acceptable Use Policy and this Privacy Policy).
All capitalized terms in this Privacy Policy shall have the same meaning as defined in the Terms of Service and in the Applicable Law.
Information about Choiceform
Choiceform is a company headquartered in Hong Kong that provides Software as a Service (SaaS). Choiceform is a comprehensive digital experience insights platform that offers advanced survey design, real-time feedback, and in-depth data analysis, all in one place. Our platform enables businesses to gain valuable insights into user behavior and preferences through visual behavior tracking and 1:1 interviews, helping to drive informed decision-making and enhance customer experiences.
Personal Data Collected by Choiceform
The Personal Data we collect depends on whether the individual is:
- A visitor to the Choiceform Site
- A Customer or user (the "User") of the Choiceform Platform
- A respondent who participates in surveys on the Choiceform Platform without needing to register
Personal Data collected from a visitor of the Choiceform Site
This section applies to Personal Data Choiceform collects from visitors to the Choiceform Site (choiceform.app) or any of Our sub-sites or sub-domains (e.g. https://help.choiceform.app, etc.).
Any Personal Data provided by a visitor to Our Site will be used only as described in this Privacy Policy and Choiceform’s Acceptable Use Policy.
Usage Data
When someone visits the Choiceform Site, We may temporarily store the name of their internet service provider, IP address, the website they visited Us from, the parts of Our Site they visit, the date and duration of the visit, and information from the device (e.g. device type, operating system, screen resolution, language, country you are located in, and web browser type) used during their visit or other similar information that helps Us understand your behaviour on our Site. We process this usage data to facilitate access to Our Site (e.g. to adjust Our Site to the devices that are used). We may use this data to analyze, develop, improve, secure or optimize the use, function and performance of Our Sites, or to make sure We are reaching out to the right audience. Wherever possible, we will use usage data in an aggregated and/or anonymized form. Depending on the context, the legal basis for this data processing is Article 6(1)(a) and Article 6(1)(f) GDPR.
Cookies
Cookies are small data files transferred onto computers or devices. Choiceform uses cookies to process information including standard internet log information and details of the visitor’s behavioral patterns upon visiting Our Site. This is done to:
- operate Our Site;
- provide visitors to Our Site with a better experience by providing Us with insights on how visitors use Our Site; and
- for marketing purposes, as detailed below.
For more info about the cookies We make use of, please visit Our Cookie Information page.
Contacting Us
Visitors to Our Site have the opportunity to contact Us to ask Us questions, for example via a contact form, where We ask for contact information (e.g. name, email address etc.). We use this data solely in connection with answering the queries We receive.
If a visitor to Our Site receives emails from Us, We may use certain analytics tools, to capture data such as when the email is opened or when any links or banners in the email have been clicked. This data helps Us understand the effectiveness of Our communications and marketing campaigns.
The legal basis for this processing is Article 6(1)(f) GDPR.
Personal Data collected from Choiceform’s Customers, Users, and Respondents
This section applies to Personal Data Choiceform collects from its Customers, Users, and Respondents when using Choiceform’s Platform.
When someone signs up for an account with Choiceform, contacts our customer support for assistance, or subscribes to our content or special offers, we may ask for additional Personal Data such as their name, email address, and additional details about them or the organization they represent.
We will solely process this Personal Data to provide our Platform in accordance with Article 6(1)(b) GDPR. If you are a User of our Platform on behalf of a Choiceform Customer that has concluded this Agreement with Choiceform, the legal basis for Choiceform to process your Personal Data is Article 6(1)(f) GDPR. Please refer to our Terms of Service for further details on signing up and using our Platform.
We temporarily store IP addresses of Customers, Users, and Respondents of our Platform for associated performance metrics (i.e., data related to how well our Platform performs) and to monitor and track application errors. We will never access these IP addresses without any operational or security need. We automatically delete these IP addresses within thirty (30) calendar days. The legal basis for this data processing is Article 6(1)(f) GDPR. We may use technical data (such as keypresses, timestamps, etc.) collected through the Platform to analyze, develop, improve, or optimize the use, function, and performance of our Site, or to make sure we are reaching out to the right audience. Wherever possible, we will use usage data in an aggregated or anonymized form.
A Customer may delete their Choiceform account at any time. Users may delete their respective accounts through their account settings. After account deletion, we may retain Personal Data (in part or in whole) associated with the Customer, User, or Respondent to meet any regulatory and reporting requirements for the timeframes stipulated by law and to be able to address customer service issues. Any other Personal Data we were processing relating to our Customer, Respondent, and/or Users of that Choiceform account will be deleted permanently within thirty (30) calendar days. This does not apply to any Personal Data collected as part of Customer research within the Choiceform Survey & Choiceform TX Product. To maintain the quality of the research data, any research-related Personal Data may need to be kept for a reasonably required time.
We may use Personal Data and other Data about our Customers, Users, and/or Respondents (including but not limited to demographic information, location information, information about the computer or device from which they access our Platform) to create, wherever possible, anonymized and aggregated information and analytics. The legal basis for this data processing is Article 6(1)(f) GDPR.
The information we collect from our Customers, Users, and/or Respondents is disclosed only in accordance with the Agreement and the Applicable Law.
Choiceform’s use of Personal Data
Access and Disclosure to Third Parties
We use a select number of trusted external service providers for certain technical data analysis, processing and/or storage offerings (e.g., IT and related services). These Third Party service providers are carefully selected and meet high data protection and security standards. We only share data with them that is required for the services offered and We contractually bind them to keep any information We share with them as confidential and to process Personal Data only according to Our instructions. The legal basis for such processing would be Article 6(1)(f) GDPR.
In addition to services providers, other categories of Third Parties may include:
- Vendors/public institutions. To the extent that this is necessary in order to make use of certain services requiring special expertise (such as legal, accounting or auditing services) We may share Personal Data with vendors of such services or public institutions that offer them (e.g. courts). The legal basis of this data processing is Article 6(1)(f) GDPR.
- Disclosure in the Event of Merger, Sale, or Other Asset Transfers. If We are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then Data may be sold or transferred as part of such a transaction, as permitted by law and/or contract. The legal basis for such processing would be Article 6(1)(f) GDPR.
Other than the cases mentioned above, We will only transfer Personal Data to Third Parties without express consent in accordance with Article 6(1)(a) GDPR or if We are obliged to do so by statutory law or by instruction from a public authority or court as outlined in Our Terms of Service.
Communication Purposes
We may occasionally send notification emails about updates to Our product, legal documents, customer support or for marketing purposes. To the extent required by Applicable Law, We will only send such messages if We have obtained consent in accordance with Article 6(1)(a) GDPR. In all other cases, the legal basis of this data processing is Article 6(1)(f) GDPR.
Except for cases where We are required to do so by law (e.g. notification of a data breach, providing you with important information about your account, updating our legal documents, etc.), recipients of Our communication shall have the opportunity to unsubscribe from receiving these messages free of charge. We process requests to be placed on do-not-contact lists as required by Applicable Law.
Marketing Purposes
We use Personal Data given to Us by Choiceform’s Customers, Users, Respondents and/or visitors to Our Site to target advertisements to:
- Choiceform’s Customers, Users, Respondents and/or visitors to Our Site to keep them informed about Choiceform and any product changes we make; and
- Potential new Customers or Respondents that appear to have shared interests or similar demographics.
The legal basis of this data processing is Article 6(1)(f) GDPR.
We do this by sharing Personal Data with Third Party marketing platforms that have high privacy and confidentiality standards and which have gone through a legal and security review by Choiceform. This ensures that these Third Parties cannot do anything with the Personal Data We provide them other than use it for the express purpose of providing Us with the marketing services We contract them for.
This Personal Data is only shared with these Third Parties through secure and encrypted means. If you wish to opt out of this processing activity, please contact Us at support@choiceform.app with the subject line “Opt-Out of Marketing”.
Compliance and Protection
We may use Personal Data to (legal basis for the respective processing in parentheses):
- protect Our, Our Customers’/Users’, Respondents’, visitors’ to Our Site or Third Parties’ rights, privacy, safety or property including by making and defending legal claims (Article 6(1)(b), (c) or (f) GDPR);
- audit Our internal processes for compliance with legal and contractual requirements and internal policies (Article 6(1)(f) GDPR);
- enforce Our Terms of Service (Article 6(1)(b) or (f) GDPR);
- protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft (Article 6(1)(f) GDPR); and
- comply with the Applicable Law, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities (Article 6(1)(c) or (f) GDPR).
Benchmarking
Choiceform reserves the right to use and retain Data in a de-identified and/or aggregated form to improve Our Site and/or Platform and for statistical and benchmarking purposes, including enabling comparisons within the same industry to enhance the insights collected through Our Site and Platform. Benchmarks look at all collected metrics and compare them to others of the same nature. These de-identified and/or aggregated benchmarks may be published and shared publicly within Our Platform or in the form of other content We publish which may show a summary of results for a certain category or question type.
No Data which can individually identify Our Customers, or their end-users, Our Users or Our Respondents will ever be shown in this statistical or benchmark data.
The legal basis for aggregating/anonymizing this Personal Data is Article 6(1)(f) GDPR.
Intra-group Sharing of User and Visitor Data
Choiceform is a company that offers various data products. In the course of our normal operations, Choiceform may share data (e.g., name and contact details, etc.) of users of Choiceform Choiceform Survey & Choiceform TX accounts, respondents, and visitors of our site (choiceform.app) with other products within our group.
The purpose of sharing this data is to enhance synergies in sales and marketing, which aligns with the legitimate commercial interests of Choiceform and its affiliated products. The legal basis for this data processing is Article 6(1)(f) GDPR. Choiceform and its affiliated products are jointly responsible for these processing activities (so-called joint controllership). If you would like more information in this regard or wish to exercise your rights as described in this Privacy Policy, please contact us at support@choiceform.app.
Other Purposes with Your Consent
In some cases, We may ask you for consent to collect, use or share Personal Data for other purposes. For example, We may ask you for consent to send marketing emails where required by law or to post testimonials or endorsements. In such cases, there will always be the ability to deny or revoke consent if desired. The legal basis for the data processing is under Article 6(1)(a) GDPR.
Duration of Processing
Unless a different timeframe has been specifically stated in this Privacy Policy or in Our Pricing Page, Personal Data will be retained for as long as is necessary for the purpose(s) for which We originally collected it or to provide Our Platform, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, and enforce Our Agreement. We may also retain information as required by Applicable Law.
International Transfers of Personal Data
In most cases, Personal Data we collect is stored in {{COUNTRY}}. However, in some limited cases, customer information may be accessed from, or other Personal Data (e.g., email, etc.) may be transferred outside of {{COUNTRY}}. These countries may have different data protection laws. Choiceform endeavors to ensure appropriate safeguards are in place to ensure that Personal Data remains protected. Choiceform has concluded Standard Contractual Clauses with entities with whom we share Personal Data outside of {{COUNTRY}}. Further details about this can be found in our article on Data Storage.
Children’s Information
Choiceform’s Platform is not directed to children under 13 (or other age as required by local law), and We do not knowingly collect Personal Data from children. If you learn that your child has provided Us with Personal Data without your consent, you may contact Us at support@choiceform.app. If We learn that We have collected a child’s Personal Data in violation of Applicable Law, We will promptly take steps to investigate this, delete such information and, if applicable, terminate the child’s account. We will also make sure to have preventive measures in place for this not to happen again in the future.
Rights over Personal Data
If you are a visitor to Our Site or a Customer, User and/or Respondent of Our Platform and We have collected Personal Data about you, you have a right to access and to be informed about what Personal Data is processed by Choiceform, a right to rectification/correction, erasure/anonymization and restriction of processing (subject to certain exceptions and other requirements prescribed by law). You also have the right to receive from Choiceform a structured, common and machine-readable format of Personal Data you provided Us.
When you have provided consent, you may withdraw it at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing it. Whenever you withdraw consent, you acknowledge and accept that this may have a negative influence on the quality of Our Site and/or Platform. Please be aware that when you withdraw consent, We may delete the Personal Data previously processed on the basis of your consent and will not be allowed to keep it further which will mean that it cannot be accessed, downloaded or otherwise secured by you.
In addition, you have the right to lodge a complaint with your respective data protection authority.
To protect your privacy, We take steps to verify your identity before fulfilling your request. We can only identify you via your email address and we can only adhere to your request and provide information if We have Personal Data about you through you having made contact with Us directly and/or you are using Our Site and/or Platform.
To protect your privacy, We will take steps to verify your identity before fulfilling any consumer request under the Applicable Law. When you make a request, We will ask you to provide sufficient information that allows Us to reasonably verify you are the person We collected Personal Data about or an authorized representative, which may include your email address.
If You are located in Singapore…
This section only applies to Our processing of Personal Data as a “business” under the Personal Data Protection Act 2012 (PDPA).
The PDPA provides Singapore residents with the right to know what Categories of Personal Data Choiceform has collected about them and whether Choiceform disclosed that Personal Data for a business purpose (e.g. to a service provider) in the preceding twelve (12) months.
If you are a Singapore resident and would like to exercise any of your rights under the PDPA, please contact Us at support@choiceform.app. We will process your request in accordance with the Applicable Laws.
Sales of Personal Information Under the PDPA. For purposes of the PDPA, Choiceform does not “sell” Personal Data, nor do We have actual knowledge of any “sale” of Personal Data of minors under 16 years of age.
Non-Discrimination. Singapore residents will have the right to exercise the rights conferred to them by the PDPA.
Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request under the PDPA. If applicable, you may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact Us at support@choiceform.app.
If You are located in Hong Kong…
This section only applies to Our processing of Personal Data as a “business” under the Personal Data (Privacy) Ordinance (PDPO).
The PDPO provides Hong Kong residents with the right to know what Categories of Personal Data Choiceform has collected about them and whether Choiceform disclosed that Personal Data for a business purpose (e.g. to a service provider) in the preceding twelve (12) months.
If you are a Hong Kong resident and would like to exercise any of your rights under the PDPO, please contact Us at support@choiceform.app. We will process your request in accordance with the Applicable Laws.
Sales of Personal Information Under the PDPO. For purposes of the PDPO, Choiceform does not “sell” Personal Data, nor do We have actual knowledge of any “sale” of Personal Data of minors under 16 years of age.
Non-Discrimination. Hong Kong residents will have the right to exercise the rights conferred to them by the PDPO.
Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request under the PDPO. If applicable, you may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact Us at support@choiceform.app.
Personal Data collected from a visitor of a Choiceform Enabled Site
This section applies to Personal Data sent to Choiceform from Our Customers about visitors to their site using Our Platform (i.e. a Choiceform Enabled Site).
When an end-user visits a Choiceform Enabled Site, the Choiceform Enabled Site’s privacy policy will apply to the Personal Data collected and not this Privacy Policy.
This section should always be read in conjunction with the specific privacy policy of the Choiceform Enabled Site which will contain further details regarding the processing of your Personal Data by the Choiceform Enabled Site.
When making use of Our Platform, Our Customers are bound by Our Privacy Policy, Our Terms of Service, and Our Acceptable Use Policy. You can get more information about Choiceform by visiting Our Site.
If you are a visitor to a Choiceform Enabled Site, Choiceform may temporarily process your IP address so that We can ensure Our service is running smoothly and improve the quality of Our Platform. Any IP addresses We process are used exclusively for associated performance metrics (i.e. data related to how well Our Platform performs on the Choiceform Enable Site) and to monitor and track application errors. For this purpose, We may temporarily store your IP address with Choiceform’s Sub-Processors which are subject to strict obligations of confidentiality and will process it only according to Our instructions. We will never access these IP addresses without any operational or security need. We automatically delete any IP addresses We process or store within thirty (30) calendar days. The legal basis for this data processing is Article 6(1)(f) GDPR.
Some Choiceform Customers may have the ability to integrate Data they have collected through Our Platform with other end-user data they have in their possession (e.g. their customer information).
Depending on the web browser you use, it might be possible for you to disallow Choiceform from collecting Data when visiting a Choiceform Enabled Site. To discover if your web browser offers this functionality visit Our Do Not Track page.
Please note that We cannot respond to any requests from end-users of Choiceform Enabled Sites related to their Personal Data, including requests to provide, rectify or delete any end-user Personal Data. Any requests from end users of Choiceform Enabled Sites related to Customer Personal Data should be sent to the relevant Choiceform Customer.