Privacy policy

Privacy at DayCape

  • OUR PHILOSOPHY
  • WHAT WE DO WITH YOUR (ANONYMOUS) INFORMATION
  • CODE OF CONDUCT
  • CREDIT CARD INFORMATION
  • SECURITY

OUR PHILOSOPHY

Protecting the safety and well-being of children is a duty that lies at the heart of every-thing that we do at DayCape. Your use of DayCape’s planning software creates a trail of information that, when needed, is almost always retrieved without the names of account holders or children. We vigorously protect the privacy of the children and parents (includ-ing guardians, teachers, and anyone invited to view, edit or otherwise engage with a child’s scheduling content) using DayCape products and services. At the same time, we hope you can accept that accessing different aspects of your child’s scheduling infor-mation in specific circumstances is crucial to maintaining the operational consistency of our software, and essential to generating research insights that lead to new and improved features.
-We will never sell your scheduling information. We charge usage fees so we don’t need to sell your information to maintain financial viability.
-We will sometimes access samples of anonymized scheduling statistics. We do this to help maintain our site, and for research purposes.
– We will handle your data in accordance with the General data protection regulation, (GDPR EU 2016/679).

WHAT WE DO WITH YOUR INFORMATION

Processing of Personal Data

DayCape registers and stores personal data about you. For details on the data that is stored, please see the chart below. When registering for DayCape, you agree that Day-Cape may process your personal data in accordance with the information provided in this policy and for the purposes set forth herein. If you are under 16 years old, your guardian must agree to the processing of your personal data.  DayCape is the data controller for the personal data collected.

DayCape
C/o Gaddr Cowork
Gustavslundsvägen 139 floor 5,
167 51 Bromma
Sweden

Info@daycape.com

Organisation number 556972-0682

Your personal data is only used to provide you with the service and to produce anony-mized statistics, as set forth below. You have the right to, once a year and free of charge, request a transcript of the personal data that DayCape stores about you (and your child). Such requests must be made in writing, be duly signed by you and sent to the address stated above. If you are of the opinion that the registered data is inaccurate, incomplete or misleading, you can request that it be corrected. DayCape must obey such requests.

Statistics To Maintain Our Site

If there are system problems, we will occasionally access various features of the accounts (not including your ID number or password). And while these interventions may happen from time to time, your privacy and the privacy of your child/children will be our highest priority when completing such tasks. If, for example, a customer is experiencing usage problems and notifies DayCape, that customer’s individual account will be reviewed (within the narrowest parameters necessary) as a step toward resolution.

Statistics For Research

We will sometimes study scheduling activities in non-personal, aggregate forms.  Your information may be bundled and analyzed along with many other users’ information, but without your name or the names of other content creators, or users.  This will help us to answer performance-related questions such as: “For what sorts of activities are our prod-ucts being used?”; “In which parts of the world are we receiving the most scheduling ac-tivity, and why?”; and “How many ‘parents’, on average, are connected to each child, and why?”. This kind of information will help us to better engineer, promote, and otherwise understand the impact our product is having.  But again, your name and the names of your children will never be retrieved or associated with anything we do for research pur-poses.

For more information about what we collect, please see the table below.

CODE OF CONDUCT

Every DayCape employee and contractor signs our Code of Conduct, which details our company values, especially our expectations for each employee with regard to privacy issues. Code of Conduct

CREDIT CARD INFORMATION

Your credit card information is handled by our partner Braintree, which adheres to indus-try standard practices.  Information about how it manages your credit card information can be found at:

https://www.braintreepayments.com/legal/payment-services-agreement-eu#updated-payment-services-agreement

https://www.braintreepayments.com/assets/Braintree-PSA-Model-Clauses.pdf

SECURITY

We only use your password for initial verification. The bulk of communication is done using secure one time tokens. The passwords themselves are stored by industry standard salting and hashing, which means that we cannot access them at all. This also means that in the case of a security breach, your credentials are protected against a typical ad-versary.
Things you can do to help protect your information:
– Change your password on a regular basis.
– Take care with regard to the people you share account access with.
– In the event of the loss or theft of a device, change the child’s name and/or your pass-word.
– In the event of the loss or theft of a device, contact compliance@daycape.com.
Your personal data will mainly be stored within the EU/EEA. We do not generally transfer personal data to a country outside the EU/EEA. However, a subcontractor in a country outside the EU/EEA that provides, for example, operation and hosting of IT systems or payment services may be contracted, and the transfer of personal data to a country out-side the EU/EEA may be necessary. To ensure a high level of protection for your personal information, we enter into agreements with such suppliers that govern the transfer of per-sonal data and the supplier’s handling of personal data. We will continue to be responsi-ble for your personal data, and the supplier may only process the data in accordance with the agreement and instructions from us.

WHAT WE COLLECT (Some of the information listed we can see in case of customer support. This is not the case for images.)

 

Explanation
Child
Name of child Obligatory. Used to display a more colourful list of children. Collected at the user’s discretion, only used as a way for users to contact each other within the app.
Phone number Non-obligatory. Only used as a way for users to contact each other within the app.
Date of birth Non-obligatory. Used to anonymously show statistics of our users’ ages.
 

Activites

Activity feedback rate Non-obligatory. Used to communicate success rate to parents, and used by us to anonymously create statistics of improvement.
 

Parent

E-mail adress Can be used for newsletters and customer support. Again, we don’t hand out user information to any third parties.
Role (Parent or teacher) Non-obligatory. Used to distinguish between parents and teachers.
Date of birth Non-obligatory. Used to anonymously show statistics of our users’ ages.
Phone number Non-obligatory. Only used as a way for users to contact each other within the app.
Name of activities Collected for the purpose of presenting the schedule, but only examined during debugging.
Times Collected for the purpose of presenting the schedule, but only examined during debugging.
Dates Collected for the purpose of presenting the schedule, but only examined during debugging.
Pictures Collected for the purpose of presenting the schedule, but only examined during debugging. In this case, an encrypted, non-visual version is examined.
notes
Collected for the purpose of presenting the schedule, but only examined during debugging.
 

Other

Mail and chat conversations from customer support These are collected by a third party. (We know what page you are on and will delete any records of the conversation once the issue has been resolved.
 

Statistics

User rate (How frequent users uses the app) Used to anonymously for statistical presentation.
In dept usage (How users interact with app and website) Used to anonymously for statistical presentation.

 

SECURITY

We only use your password for initial verification. The bulk of communication is done us-ing secure one time tokens. The passwords themselves are stored by industry standard salting and hashing, which means that we cannot access them at all. This also means that in the case of a security breach, your credentials are protected against a typical ad-versary.

Things you can do to help protect your information

  • Change your password on a regular basis
  • Take care with regard to the people you share account access with
  • In the event of the loss of theft of a device, change the child’s name and/ or your password.
  • In the event of the loss of theft of a device, contact compliance@daycape.com

Your personal data will mainly be stored within the EU/EEA. We do not generally transfer personal data to a country outside the EU/EEA. However, a subcontractor in a country outside the EU/EEA that provides, for example, operation and hosting of IT systems or payment services may be contracted and the transfer of personal data to a country outside the EU/EEA may be necessary. To ensure a high level of protection for your personal in-formation, we enter into agreements with such suppliers that govern the transfer of per-sonal data and the supplier’s handling of personal data. We will continue to be responsi-ble for your personal data, and the supplier may only process the data in accordance with the agreement and instructions from us.

 

GDPR and your rights

According to GDPR, you have as registered certain statutory rights:
  • Right to information – You are entitled to know about and how your personal information is processed. This right is guaranteed by this privacy policy. If you would like further information or wonder something, feel free to contact us at info@daycape.com.
  • Right of access – You have the right to access your personal information, which means that you have the right to confirm whether your personal data is processed and, if so, also have access to your personal information and some additional information about the treatment.
  • Data Portability Right – You are entitled to data portability, which means that you may, under certain circumstances, have the right to obtain such personal information about you as you provided to us in order for you to transfer personal data to another personally responsible person.
  • Right to rectification, deletion or restriction – You are entitled to rectification, deletion and limitation of processing of your personal data and the right to object to the treatment.
  • Right to complain to the authority – You are entitled to complain to the National Data Protection Authority (in Sweden, Data Inspection) regarding the processing of your personal data does not meet the requirements of the GDPR.
  • Right to revoke consent – If we base our treatment upon your consent, you are entitled to revoke this consent at any time without giving reasons.
  • Right to object – You have the right to object to receiving your personal information if you wish.