This privacy policy is effective as of February 1, 2024.
‍
‍At Compass, we deeply value the trust you place in us, and we are committed to ensuring that your privacy and confidentiality are our top priorities. This Privacy Policy serves to outline our commitment to maintaining transparency and providing you with control over how your information is collected, used, and shared. If you have any questions, please send us an email to privacy@compassapp.ai and we will make sure to respond back as soon as possible.

Introduction

In the course of business, Compass needs to collect and process certain data about individuals and therefore it is considered a data controller.

The purpose of this Policy is to ensure that Compass provides all information necessary in connection with the personal data of individuals whose personal data it processes.

This Policy applies to all personal data processed by Compass in relation to any person, irrespective of whether or not such a person is or becomes an employee, customer, supplier, or contact of Compass. This Policy does not apply to anonymous data. Anonymous data is data altered in such a way that it cannot be associated with a particular person or cannot be exchanged without disproportionate effort, so it is not considered personal data within the meaning of the applicable legislation.

This Policy was developed for the purpose of improving the services Compass provides to its customers, to protect customers with respect to the confidentiality of their personal data in the process of providing Compass’s services, to prevent any damage to Compass and its customers as data subjects, and to ensure that the processing of personal data by Compass is carried out fully in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (GDPR) and other applicable laws. The personal data processed by Compass in the course of its business are not shared with unauthorized persons, offered, sold or transferred outside the European Economic Area.

Terms and Definitions

‍Personal data means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that individual.

Personal data processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Data We Collect

You as a Visitor

‍A "Visitor" is anyone who accesses our public marketing pages at www.compassapp.ai. When you visit our pages, you are informed about our use of cookies. If you want to know more, feel free to take a look at our Cookie Policy.

‍You as a User

‍A "User" is anyone who registers to use the Compass websites and apps. Only registered users may use the platform and services provided by Compass.
When registering as a company, we ask you to provide your full name, company email, company tax ID, company address, and company name. You are personally responsible for the data being entered into Compass as a platform.Compass is by individuals on behalf of the business.

Processing Your Data

‍Compass primarily collects, records, stores, and structures personal data for the purpose of providing the data subject with services as part of its business, or for the purpose of complying with legal obligations. The legal grounds for personal data processing are the contractual relationship between Compass and the data subject. Compass treats such personal data adequately and in compliance with the relevant regulations, irrespective of how such personal data is collected, recorded, stored, and used – on paper, on a computer, or on any other medium. Compass processes personal data it receives from data subjects and third parties subject to informing them or as instructed by them. Compass does not forward such data to third countries or to any charities.

For the purposes of conducting its business processes, Compass may outsource certain data processing services to processors, but only those that implement the technical, logical, and organizational personal data protection measures implemented by Compass. The current data processors are:
1. Ars Futura d.o.o., Croatia, Zagreb;
2. Amazon Web Services, Inc., Germany, Frankfurt;

Compass stores such personal data collected in an appropriate manner and ensures that they remain confidential. Compass will not forward such collected data to third parties without data subject’s consent, except where this is necessary to comply with its legal obligations or its obligations under a contract to which the data subject is a party, where this is necessary to perform duties being performed in public interest, or where the data subject discloses such data themselves, as well as in all other cases defined by the applicable regulations.

Your Rights

Right to be Informed

‍The data subject has the right to request from Compass at any time to inform them of whether their personal data is being processed and for what purpose, who the controller is, the contact details of the data protection officer, the categories of personal data being processed, the period for which the personal data will be processed/stored, the source from which such personal data originates and the recipients of such personal data, as well as the right to be informed of their other rights specified in this Policy.

‍Accessing Data

‍The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning them is being processed, and, where that is the case, access to the personal data and the following information:
• the purposes of the processing;
• the categories of personal data concerned;
• the recipients or categories of recipient to whom the personal data have been or will be disclosed;
• where possible, the envisaged period for which the personal data will be stored or the criteria used to determine that period;
• the right to request from Compass rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
• the right to lodge a complaint with a supervisory authority;
• where the personal data are not collected from the data subject, any available information as to their source;
• the existence of automated decision-making, including profiling, as well as the consequences.

‍Updating Data

‍The data subject shall have the right to obtain from Compass without undue delay the rectification of inaccurate personal data concerning them specifically. The data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

‍Deleting Data

‍The data subject shall have the right to obtain from Compass the deletion of personal data concerning them without undue delay if the personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed, the data subject withdraws consent on which the processing is based and where there is no other legal ground for the processing, the data subject objects to the processing, the personal data have been unlawfully processed, the personal data have to be erased for compliance with a legal obligation in European Union or Member State law to which Compass is subject, the personal data have been collected in relation to the offer of information society services to a child.

The foregoing shall not apply to the extent that processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation which requires processing by European Union or Member State law to which Compass is subject or for the performance of a task carried out in the public interest or in the exercise of official authority, for reasons of public interest in the area of public health, for archiving purposes in the public interest, scientific or historical research purposes, or for the establishment, exercise or defense of legal claims.

‍Complaints

‍The data subject shall have the right to object, on grounds relating to their particular situation, at any time to processing of personal data concerning them including profiling. Compass shall no longer process the personal data unless Compass demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.Where personal data are processed for direct marketing purposes, the data subject shall have the right to object at any time to processing of personal data concerning them for such marketing, which includes profiling to the extent that it is related to such direct marketing.

‍Data Portability

‍The data subject shall have the right to receive the personal data concerning them, which they have provided to Compass, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on their consent and the processing is carried out by automated means.The data subject shall have the right to have the personal data transmitted directly from Compass to another controller, where technically feasible and such right shall not adversely affect the rights and freedoms of others.

‍Withdrawing Consent

‍Data subject’s consent is one of the legitimate grounds for processing data relating to the data subject. The data subject may at any time withdraw the consent given by them. Such withdrawal of consent shall not affect the lawfulness of data processing performed before the consent was withdrawn.

Data Protection Officer
‍Compass has appointed a personal data protection officer and each data subject may contact them in connection with the protection of their personal data at privacy@compassapp.ai.

‍Privacy of Children
‍We do not knowingly collect, maintain, or use Personal Information from people under the 18 years of age, and no part of our website or apps is directed to people under the age of 18.If anyone under the age of 18 has provided Compass with their personal data, Compass will delete such information immediately after being alerted to it.

‍Cookies
‍To ensure the optimal functionality of our websites and apps, and to enhance your user experience, we utilize small data files known as "cookies." Our Cookie Policy provides comprehensive details on the nature of cookies and the manner in which we utilize them.

‍Updates to the Policy
‍Compass may update this Privacy Policy from time to time in response to legal, technical, or business developments. When we update this Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. When required by law, we will make sure to obtain your consent. You can see the date this policy was last updated at the top of this page.