As a provider of software to professionals - including banks, consultancies and other businesses that routinely work with sensitive and private data we take data protection very seriously. We only transfer the minimum amount of data we need in order to diagnose and resolve problems and improve our software. We are strongly committed to enforcing a data policy that, without exception, removes sensitive data from messages that are sent to our servers.
When collecting data, we look at what actions you perform, never what you are working on. As important as the information we do gather, is the information we do not gather. In particular, we do not gather information that could reveal to us the information or data inside your presentations and spreadsheets, including file names, file paths, text, numbers, data, external data sources etc. To the extent that any information about what you are doing is gathered through our usage tracking systems, it is strictly limited to which actions you perform and how often you do so. As an example, if you connect to an Excel workbook, we may be informed that such an action has been performed, but we will not be told the name of the workbook, the path to it, nor its contents.
See the full data policy for further details.
When you use Grunt, we need to send a minimum amount of data to validate your license. We do so by sending a fingerprint to identify your computer, and we correlate that with the email address you're using as a license key.
Our metrics tracking system is concerned with actions you perform. This system is necessary to inform us of which features our users utilize. When you perform an action, a message with an identifier associated with that action is sent to our servers. Not all actions will trigger such an event. The identifier is global, in the sense that it is the same for all users. In fact, the identifier is the only thing sent to our servers during metrics tracking in regard to the action you performed. No other data regarding the action is sent. Metrics tracking occurs in the background, and you will not be notified.
From time to time we are notified about unexpected errors. Such unexpected errors are how bugs often will present themselves in software. You may not notice it when it happens, but when such an error occurs, an associated message may be sent to us for purposes of diagnosis and improvement. Such messages are sanitized before leaving your computer, i.e. any raw strings that are present will be removed. Such removed strings might include data, file paths, file names. In other words, sensitive data will not be forwarded to our servers as part of the error message.
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. Personal data that has been de-identified, encrypted or pseudonymized but can be used to re-identify a person remains personal data and falls within the scope of the law.
Examples of data considered personal data:
Examples of data not considered personal data:
When you interact with Grunt AS through our website ("Site") to purchase an Grunt AS product, download our software, register for or participate in a demo or training session, participate in an online forum or survey, or for any other reason, we may collects a variety of information such as your name and surname, email address, mailing address, phone number, company, job position, country, social profiles and online activities, contact preferences, and credit card information.
When you use Grunt AS software, we may collect your email address and device identifiers such as your computer name and Windows username that may contain personal information or, when combined with other information, may be used to identify you.
When you invite others to participate in Grunt products or services, we may collect information you provide about those people such as names, email addresses, mailing addresses, and phone numbers.
We keep track of the email addresses and personal information provided to us by users who download or purchase Grunt AS products.
When purchasing our software, we require your credit card information, address, billing address, etc. The credit card information is stored with our payment provider and not with Grunt. This information will only be used to complete your purchase and never given to any party outside Grunt or for any other purpose other than the purchase you agreed to.
We collect a variety of data in a form that, on its own, does not permit identification of a specific individual. We may collect, use, transfer and disclose non-personal information for any purpose. The following are examples of non-personal information - except where such information is considered personal by local law - that we collect and how we may use it:
If personal and non-personal information are combined, all data will be treated as personal. If the User utilizes the Site to publish or otherwise share Personal Data with third parties, he or she assumes full responsibility: The User states possession of the right to communicate or disclose personal data to third parties, and that they have received prior information thereto, thus relieving the Site of all responsibility for their improper use following disclosure or dissemination.
The Data Controller processes the Data of the Interested Parties and Users in a lawful and proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of the Data. Processing is carried out using computers and/or telematic means, with organizational methods and logics strictly related to the stated purposes. In addition to the owner, in some cases, access to the Data may be available to personnel involved in the organization of the Site (administrative, commercial, marketing, legal, system administrators) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Managers by the Owner of the Processing procedure. The updated list of Managers can be requested from the Owner by contacting the below email address at any time.
The Data are processed at the headquarters of the Data Controller. Any processing of Data outside one of the EU Member States may require the consent of the User or the Interested Party. The Data are kept for the time necessary to perform the service requested by the User, and the User can always ask for removal from the servers of the Site for legitimate reasons.
Grunt AS takes careful measures to keep your personal information safe against loss, theft, unauthorized access, alteration, and disclosure. Any information transferred to Grunt from our purchasing website is secured using SSL Certificate. Information exchanged with any address beginning with https is encrypted and transmitted using TLS.
Those persons to whom the Data refer, have the right, at any time, to obtain confirmation of the existence or otherwise of information by consulting the Data Controller, to learn about their contents and origin, to verify their accuracy or to ask for their integration, cancellation, update or correction, their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. Requests should be sent to the Data Processor at the address cited in the “Data Controller” section.
We communicate our standards of privacy to each of the Grunt AS team members to make sure our security guidelines are enforced and your privacy stays secure.