Data Privacy Declaration

Effective as of 13th of September 2019.

1. Who We Are

The owner and operator of www.wisnio.com is Teamscope OÜ („Wisnio“); Tatari 64/1, 10134 Tallinn, Estonia; under the registry code 12871817. The email address of Wisnio is wisnio@wisnio.com; the telephone number is +372 53 302 919.

The data controller, in regard to personal data collected on https://www.wisnio.com and its related applications and services („Services“), is Wisnio. In this Privacy Notice, the pronouns “we”, “our”, etc. refer to Wisnio. The pronouns “you”, “your(s)” etc. refer to users of our Services.

2. Scope of Applicability

In this Privacy Notice, we explain how we collect, use and manage the personal data that we receive from users of the Services and under which circumstances we are permitted to pass this personal data to third parties. Personal data means data which can be assigned unambiguously to a particular person, either on its own or in connection with other data.

The Services may contain links to other services. The information practices or the content of such other services is governed by the privacy notices of such other services.

3. How, When and Why We Collect Personal Data

We may collect, store and use the following kinds of personal information:

• Information about your computer and about your visits to and use of Services (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and services navigation paths);

• Information that you provide to us when registering with our Services (including your name and email address);

• Information that you provide to us when using our Services, or that is generated in the course of the use of those Services (including questionnaire answers and comments, and information about the timing, frequency and pattern of service use);

• Personal information gathered through live chat on the Services;

• Any other personal information that you choose to send to us.

The lawful bases we rely on for processing personal data are:

• Contract, in order to process personal data if you register to use our Services;

• Legal obligation to process personal data arising out of law and regulation (Equal Treatment Act § 25);

• Consent, in order to receive our newsletter and to gather personal data through the use of cookies (except for strictly necessary cookies). You may revoke your consent at any time.

4. How We Use the Personal Data Supplied by You

Personal information gathered by us through our Services will be used for the purposes specified in this notice or on the relevant pages of the Services. We may use your personal information to:

• Enable your use of the Services;

• Analyse your questionnaire responses and create reports for you, your team and for your employer-based on those responses;

• Send you non-marketing commercial communications;

• Send you marketing communications relating to our business if you have specifically agreed to this, by email or similar technology;

• Provide third parties with statistical information about our users (those third parties will not be able to identify any individual user from that information);

• Keep our Services secure and prevent fraud;

• Verify compliance with the terms and conditions governing the use of our Services.

We may use anonymized data based on personal information that you provide to us for the purposes of research and analysis.

5. Disclosing personal information

We may disclose your personal information to any of our employees, officers, insurers or professional advisers insofar as reasonably necessary for the purposes set out in this notice. We may share personal data with our contracted service providers in order to have them to provide services on our behalf or to ensure the quality of the information provided. Wisnio does not share, sell, rent or trade any personal data with third parties for their promotional purposes.

If you complete a questionnaire in the course of using our Services, we will not disclose your questionnaire responses to your employer or to any third party. We will only disclose reports based on those responses.

Personal information that we collect is stored on our web servers. We use cloud-based web services provided by Google Cloud Platform.

Our services may be integrated with third-party services. Details of such integrations are set out on our Services from time to time. If you choose to enable the integration of your account on our Services with any third-party service, then that may entail the supply of personal information to the third-party services provider. By enabling any such integration, you agree to the supply of that personal information to the relevant third party. Such third parties will act as data controllers in their own right in respect of any personal data supplied in this way.

We may disclose your personal information:

• To the extent that we are required to do so by law;

• In connection with any ongoing or prospective legal proceedings;

• In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention);

• To the purchaser of any business or asset that we are selling.

6. International data transfers

Information that we collect may be stored and processed in and transferred between any of the EEA countries in which we operate in order to enable us to use the information in accordance with this notice. Our principal web servers are located within the European Economic Area. Some personal data may be sent to third parties located in the United States, but such entities are covered with the Privacy Shield (eg. Intercom).

7. Retaining personal information

Personal information that we process for any purpose or purposes shall not be kept longer than it is necessary for that purpose or those purposes. If you delete your account on our Services, then shortly thereafter we will cease to store your information on our live web servers.

We retain back-ups of our live database for a period of up to 1 year, after which they are permanently erased. We will retain documents (including electronic documents) containing personal data:

• To the extent that we are required to do so by law;

• If we believe that the documents may be relevant to any ongoing or prospective legal proceedings;

• In order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).

If a candidate is not hired, the personal data (including the questionnaires and reports) of such candidate, shall be retained for a year according to the Equal Treatment Act § 25.

If there is a labour dispute arising out of the employment relationship, then the time-limit for retaining personal data (including reports and questionnaires) is four months as of the time the employee became or should have become aware of the violation of his or her rights and requested the deletion of the personal data.

8. Security of personal information

We will take reasonable technical and organizational precautions to prevent the loss, misuse or alteration of your personal information. We will store all the personal information you provide on our secure (password- and firewall-protected) servers. Information sent to our web server from your browser, or from your browser to our web server, will be protected by encryption technology.

You are solely responsible for protecting your passwords and limiting access to your computer.

9. Your Rights

Please contact us using the contact details given under section 1, if you:

• Wish to access, confirm, correct, amend, update, supplement, anonymise, block or restrict the use of or delete your personal data;

• Object to the use of your personal data by us;

• Have questions regarding the processing of your personal data; or

• Wish to permit your personal data to be transferred by us to another person or company.

Not all the data subject rights are fully enforceable, so we shall give you notice as soon as possible of the status of your request. You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond. If the request(s) if unfounded or excessive, we may charge a reasonable fee or refuse to act. In case you want to file a complaint, the supervisory authority is Estonian Data Protection Inspectorate (https://www.aki.ee/en).

10. Automated decision-making

Our automated processing of personal data does not produce legal effects concerning our users. Decision made by the employers are not made solely based on our talent analytics program. Therefore, our Service is not subject to article 22 of the General Data Protection Regulation.

11. Cookies

We use cookies on our Website. You can find out about the type of cookies we use and the reasons we use them in our Cookie Declaration. Our Cookie Declaration should be read in conjunction with this Data Privacy Declaration.

12. How to Get in Touch with Us

If you have any questions in connection with this Privacy Notice, or if you wish to exercise the rights detailed herein, please contact the following email address: wisnio@wisnio.com.

13. Amendments

We may update this Privacy Notice from time to time by publishing a new version on our website.