Privacy Policy & Data Protection Guidelines

Our Commitment to GDPR Compliance

At Contai, we are fully committed to complying with the General Data Protection Regulation (GDPR). We believe in transparency and accountability in how we collect, process, and store personal data. We pledge to uphold the rights of our users, including:

  • The Right to Object to Processing
  • The Right to Be Forgotten
  • The Right to Data Portability
  • The Right to Withdraw Consent

We ensure that all personal data is handled with the highest level of security and care. In the event of a data breach, we commit to notifying authorities and affected individuals within 72 hours.

We conduct regular reviews of our data processing practices to ensure we maintain full GDPR compliance, including performing impact assessments where necessary.

Contai also guarantees that any third-party services we work with, such as our payment processor, Stripe, and Google, comply with GDPR requirements to protect your data.

What Data Do We Collect?

  • Name
  • Contact information such as Email Address
  • Billing Address
  • Website Urls

At Contai.io, we collect minimal data to ensure the smooth functioning of our platform. Specifically, we collect your name, email address, wordpress sites, billing address through registration forms when you sign up for our services. Unlike many other platforms, we do not automatically gather data through cookies or other tracking technologies. Additionally, we do not collect any personal data indirectly; all information is provided directly by you during the registration process.

Our Strategic Values and Responsibilities for Data Protection

At Contai, we take our role as a keeper of your personal data very seriously. Our key responsibilities include:

  • Demonstrating full responsibility and respect for customer, client, and employee data
  • Maintaining transparency in all data processing, storage, and usage across our platform
  • Ensuring all data processing activities are legally compliant and conducted for clear purposes
  • Regularly reviewing our practices to close any gaps in compliance
  • Upholding data subjects' rights by providing easy access to data requests, rectifications, and deletions
  • Documenting all data operations, including collection, processing, and storage, in a comprehensive data processing inventory
  • Clearly communicating the purpose and legal grounds for any transfer of personal data, including transfers outside of the European Union (although Contai does not currently transfer data outside the UK or EU)

Data Security Policy

At Contai, we collect, process, and store personal data for a range of business purposes. This policy outlines how we protect and safeguard all personal data and raise awareness among our staff about how GDPR affects the use of personal data.

This policy applies to all data processing activities involving Contai, including both internal business operations and any third-party agreements.

Data Security Policy Definitions

  • Personal Data: This includes any information that relates to an identifiable individual, such as contact details, financial information, and job titles.
  • Sensitive Personal Data: As defined by GDPR, this includes racial or ethnic origin, political opinions, religious beliefs, genetic data, health-related information, and more.

Purposes of Personal Data

We use personal data for various purposes, including financial, administrative, human resources, compliance, and business development. We ensure all data is processed lawfully and fairly.

Our Roles and Responsibilities

At Contai, we take data protection seriously, and all employees are responsible for upholding this policy. Personal non-compliance could lead to disciplinary action.

Key Roles:

  • Data Protection Officer (DPO): Responsible for organizing data security training, reviewing protocols, responding to queries about data protection, and managing third-party agreements.
  • IT Manager: Ensures that all IT systems meet security standards and oversees security audits and checks.
  • Marketing Manager: Oversees data protection for marketing activities and ensures that all marketing processes comply with relevant laws.

Our Data Security Policies

  1. Data Storage Policy: All data is securely stored and protected for a predefined retention period. Staff are forbidden from storing sensitive information on personal devices without approval.
  2. Data Retention Policy: We retain personal data only as long as necessary. Retention periods are determined on a case-by-case basis, aligned with GDPR requirements.
  3. International Data Transfer Policy: Personal data is not transferred outside of the UK without explicit permission from the Data Protection Officer.
  4. Data Encryption and Anonymization Policy: We use encryption to secure data stored on devices and during transmission. Anonymization is used as necessary to protect individual rights.

Prohibited Activities:

  • Unauthorized access or sharing of company data
  • Replication of copyrighted materials without permission
  • Breach of data security rules

Reporting Security Issues

If any data security issues are encountered, they must be reported immediately to company management, who will take necessary action and, if needed, notify regulators and individuals affected by any data breach.

General Data Protection Notice

Contai collects, processes, and stores the information and personal data you submit to our website in relation to providing content creation services. All processing activities are carried out in accordance with your individual rights as defined by the European Union’s General Data Protection Regulation (GDPR).

By submitting information about yourself through our website, you agree for Contai to process and store that data. This data will only be stored for the duration necessary for the previously outlined purpose of collection. We never store or process your data longer than needed, and we do not use your data for any purpose other than those you have agreed to.

The data you submit to our website will never be shared with or transferred to a third-party organization, except for the following partners who assist Contai in processing your personal data and delivering its services:

  • Stripe (for payment processing)
  • Google (for account authentication)

You have the right to request that Contai updates your personal data at any time. You can also request information about your personal data, withdraw your consent for us to process your information, or request a transfer or deletion of your data.

For more information about Contai and how we protect and secure your data, consult our Privacy Policy.

Yes, I agree to Contai’s Privacy Policy

Data Classification Policy

1. Policy Introduction

Here at Contai, we are committed to data security, the privacy of the individual, and upholding all our compliance obligations under GDPR. We take our responsibilities seriously and recognize that the use of information assets and data forms a crucial aspect of our business activity. That is why we’ve devised the following Data Classification Policy to outline the way in which we classify and use data.

Our Data Classification Policy is designed to ensure that:

  • Contai adheres to all necessary legal obligations.
  • We implement controls to maximize return on investment.
  • Contai maintains availability, confidentiality, and integrity where necessary for all data.
  • Our company has the ability to chart data protection levels that protect both Contai and the individuals whose personal data we must collect, process, or store.
  • We are able to avoid threats of disclosure and/or unauthorized access to data.

2. Policy Values

Data classification is a vital process our company must carry out to ensure the individuals who claim a legitimate right to access information we hold are able to do so. Our data classification process must also ensure our data and any other piece of information we hold is protected from any and all individuals or organizations that should not have access to that information.

Contai’s Data Classification Policy identifies and elaborates upon the correct handling and classification processes our company must use, as per the regulatory requirements that we:

  • Make data available to all those individuals who have a legitimate reason to access it.
  • Manage all data in line with its corresponding classification.
  • Maintain the integrity of all data.
  • Ensure all data our company holds is accurate, complete, and consistent.

3. Policy Objectives

Contai’s Data Classification Policy has been developed to meet the following objectives:

  • To outline the duties and responsibilities of Contai employees that ensure data is kept safe and secure.
  • To establish a robust data classification process that is consistent and compliant with UK regulatory requirements.
  • To ensure data is sufficiently protected and encrypted so that unwarranted actions will not be taken against Contai in the event data is lost, damaged, or accessed illegally.
  • To avoid and minimize reputational or operational damage to Contai, our stakeholders, clients, customers, or partners associated with compromised data.

4. Policy Implementation

To make sure our Data Classification Policy is effective, Contai will implement the following procedures:

  • All users of data will be identified and provided access to data in which they have a legitimate need to access.
  • All data will be classified, managed, and controlled in relation to its correct categorization, as per the processes and requirements outlined within this policy.
  • Contai must ensure control mechanisms are created and implemented to protect data we collect, process, or store.
  • All control mechanisms and classification protocols must be reviewed and amended as required by law on a regular basis.
  • Data users and data controllers must implement and maintain adequate levels of physical security as required, in relation to computer facilities or access terminals from which data can be viewed or accessed.
  • Contai must ensure that all data and relevant equipment is safely disposed of, as and when required.

5. Obligations under GDPR (2018) and Data Protection Act 2018 (DPA)

Contai is committed to meeting its regulatory obligations under GDPR and DPA. That is why we are committed to ensuring that adequate and appropriate measures are taken to prevent the unauthorized access or illegal processing or storage of data. We are required to do everything we can, within reason, to protect the data we use and hold against destruction, accidental loss, or damage.

6. Data Classifications

Data that is sensitive in nature must be adequately protected at all times. To properly assign safeguards, all data that our company collects, processes, or stores must be assigned one of the following classification categories:

  • Public
  • Open
  • Confidential
  • Strictly Confidential
  • Secret

A vast amount of the data Contai uses will most likely be classed as either ‘Public’ or ‘Open’ data. Any information relating to an individual or organization that could identify them or is personal or private in nature must be assigned a category of either ‘Confidential’ or ‘Strictly Confidential’.

This is to ensure Contai upholds its regulatory commitment to the rights of individuals as outlined under GDPR.

7. Data Classification Types and Handling Procedures

  • Public Data: Information accessible by any external individual or organization.
  • Open Data: Information accessible by anyone. This includes authorized communications like blogs, news articles, and company policies.
  • Confidential Data: Restricted to authorized individuals. This includes personal details, contracts, and financial information.
  • Strictly Confidential Data: Restricted to a minimal number of authorized individuals. This includes bank details, passwords, and sensitive medical records.
  • Secret Data: Governed by specific UK Government requirements and the Official Secrets Act.

8. Data Classification Markings

Data classification markings need to be clearly visible at all times and must match the classification category assigned to the data.

9. Reclassifying Data

Data may need to be reclassified based on changes in content or usage. A firm and justifiable rationale must be established before reclassification.

10. Sensitive Data

Sensitive personal data, such as race, religion, or health information, must be given a higher level of protection. Access should be limited, and sensitive data should be handled with extra care.

11. Data Storage and Backup

It is everyone’s responsibility at Contai to ensure that sensitive data is being collected, processed, backed up, stored, and secured in line with company policy.

12. Data Anonymization

Before sharing, transferring, or disclosing data, Contai must take all necessary steps to ensure anonymity, including redacting personal identifiers where necessary.

13. Secure Data Disposal

Sensitive data that is no longer needed must be disposed of securely (e.g., shredding paper documents).

14. Data Security Response

If data is damaged or lost, it must be reported immediately to the relevant manager and Contai’s Data Protection Officer, and logged as an incident requiring urgent response.

Data Retention and Erasure Policy

1. Introduction to Data Retention

At Contai, we are committed to protecting, maintaining, and storing data in compliance with GDPR. This policy outlines our approach to data retention and erasure, ensuring that any data no longer in use is securely disposed of.

Personal data must never be kept longer than necessary, and employees should refer to our retention schedule for guidance. Any data that is no longer necessary should be deleted according to our data erasure schedule.

2. Data Retention Schedule Administration

This schedule documents the guidelines for the retention and disposal of any records held by Contai. There may be circumstances, such as legal proceedings or investigations, where data needs to be retained beyond the normal retention period.

Privacy Notice

Date: 30/08/2024

Softechnologies LTD takes your privacy seriously. We will only use your personal information to provide you with the products and services you have requested and to administer your account. We will not sell or share your information with third parties unless you grant us explicit permission to do so, and we will never use your personal data for any reason other than the purposes described within this policy.

About Our Privacy Policy

Our privacy policy outlines your relationship with Softechnologies LTD and explains in detail how we use the information you provide us.

About Softechnologies LTD

Softechnologies LTD is a company registered in the UK, operating the Contai platform, which offers innovative SaaS solutions for content creation and automation. Our platform helps users automate content generation and management across various niches, including integrations with tools such as ChatGPT-4 for text generation and MidJourney for images.

We provide a comprehensive solution that supports users in generating content for platforms like Facebook and WordPress, optimizing content for SEO, and managing bulk operations.

You can reach us by:

  • Post: 71-75 Shelton Street, Covent Garden, London, UK
  • Email: [email protected]
  • Website: www.contai.io

Changing Your Preferences

If you’d like to change your web, contact, or marketing preferences, you can do so at any time by contacting us at [email protected].

How We Do Business

Softechnologies LTD operates the Contai platform in full compliance with the General Data Protection Regulation (GDPR). We ensure that your data is only used for the services you have requested. You have the right to change or withdraw your consent at any time. If you have concerns, we provide guidance on how to make formal complaints to relevant authorities, such as the Information Commissioner’s Office (ICO).

Sensitive Data

Softechnologies LTD does not collect any sensitive personal data, such as race, ethnic origin, religious beliefs, or health information.

Who This Policy Applies To

This privacy policy applies to all users of the Contai platform. Whether you are a customer, administrator, or simply interacting with our services, we collect and process data to provide content creation, automation, and management services.

Contai serves a diverse community of bloggers, content creators, and marketers across multiple countries, offering time-saving features and workflow optimization tools.

What Information This Policy Applies To

This policy applies to the personal information you provide us during your use of Contai, including:

  • Registration information: Information provided when you sign up for our services, such as your name, email, and any relevant website data.
  • Campaign data: Information provided when using Contai to create content or campaigns for various platforms.
  • Usage data: Information related to how you interact with the Contai platform and the performance of your content.

We also collect data necessary for completing transactions and purchases, such as billing and account information.

Consent

By submitting your personal data on our website, you give Softechnologies LTD explicit consent to use your data as outlined in our privacy policy. This includes consent to use your data for improving services, content recommendations, and personalized marketing, where applicable.

Opting-Out

You can withdraw your consent at any time. To opt out or revoke consent, simply contact us by emailing [email protected].

Data Processing and Storage

Softechnologies LTD stores your personal data in the UK. We retain your data for 12 months after your last login, unless otherwise required by law.

We use Amazon S3 to store your data securely, and Stripe handles payment processing. All data related to transactions, payments, and orders is retained for up to seven years to comply with legal and regulatory obligations.

We ensure that our partners and service providers, such as Stripe and Google, are GDPR-compliant.

Marketing and Communications

You may receive marketing communications from Softechnologies LTD if you have opted in to receive updates or promotions about the Contai platform. You can manage your marketing preferences or opt out at any time by contacting us.

Our Obligations

As the data controller, Softechnologies LTD is responsible for ensuring your personal data is used fairly and lawfully. We pledge to:

  • Use your data only for the purposes described in this policy.
  • Take appropriate measures to protect your data from unauthorized access or loss.
  • Comply with all GDPR requirements regarding data subject rights, including access, rectification, and deletion.

Third Parties

Softechnologies LTD does not share your personal data with third parties unless explicitly mentioned in this privacy statement. We work with third-party processors, such as Stripe for payments and Google for authentication, ensuring they comply with GDPR standards.

Information Security

We implement strict security measures to protect your data from unauthorized access or disclosure. Data is stored securely using encryption and protected during transmission through industry-standard security protocols.

Only authorized personnel within Softechnologies LTD have access to your data, and they are bound by confidentiality agreements.

Legitimate Interests

In line with GDPR, Softechnologies LTD may process your data for legitimate business interests, such as fraud prevention or improving the performance of the Contai platform. We ensure that our legitimate interests do not override your rights and freedoms.

Contact Us

If you have any questions or concerns about this privacy policy or if you wish to exercise your rights related to your personal data, please contact Softechnologies LTD:

  • Post: 71-75 Shelton Street, Covent Garden, London, UK
  • Email: [email protected]
  • Website: www.contai.io

We process all requests within 20 days. Subject Access Requests are generally free of charge, but we may charge for excessive or unreasonable requests.

Complaints

If you are not satisfied with how your personal data has been handled, you may contact Softechnologies LTD using the details provided above. If your concerns are not resolved, you have the right to apply to the Information Commissioner’s Office (ICO).

Information Commissioner’s Office Contact Details:

  • Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
  • Website: www.ico.org.uk