Privacy Policy

2.1 Data Controller

2.2 EU Representation

For data protection inquiries, please contact us at privacy@moodwhisper.com.

2.3 Data Protection Officer

For data protection matters, please contact us at privacy@moodwhisper.com.

3.1 Account and Profile Information

• Name, email address, and encrypted password
• Job title, department, team assignment
• Work arrangement type (remote, hybrid, on-site)
• Organization location and timezone
• User role and permissions within your organization
• Profile preferences and notification settings

3.2 Organization Information

• Company name, size, and industry
• Organizational structure (departments, teams, hierarchy)
• Business hours and timezone settings
• Multiple location information if applicable
• Integration settings (Slack, Microsoft Teams)
• Subscription and billing information

3.3 Survey Data

• Survey responses and ratings
• Survey participation history
• Response timestamps and completion status
• Survey progress and saved drafts
• Anonymous vs. identified response preferences
• Survey invitation and reminder interactions

3.4 Usage and Analytics Data

• Pages visited and features used
• Time spent on platform and session duration
• Click patterns and navigation behavior
• Device information (browser, OS, screen resolution)
• IP address and approximate location
• Performance metrics and error logs

3.5 Communication Data

• Email communications and preferences
• Support ticket conversations
• Notification delivery status
• Integration messages (Slack, Teams)
• Webhook delivery logs

3.6 Payment and Billing Information

• Billing address and contact information
• VAT numbers for EU customers
• Payment method information (processed by Stripe)
• Subscription history and changes
• Invoice and payment records

3.7 Information from Third Parties

• Authentication data from AWS Cognito
• Payment processing data from Stripe
• Integration data from Slack and Microsoft Teams
• Email delivery status from email service providers
• Analytics data from Google Analytics (if consent provided)

4.1 AI Systems We Use

Our platform uses artificial intelligence systems powered by Azure OpenAI to enhance your experience:

• AI Survey Generator: Creates customized survey questions based on organizational needs and industry best practices
• AI Insights Chat: Provides interactive analysis and explanations of survey data and trends
• Survey Analytics AI: Analyzes response patterns to identify engagement trends and potential issues
• Predictive Analytics: Forecasts engagement trends based on historical data and patterns
• AI Narrator: Generates narrative insights and recommendations from survey results

4.2 AI Data Processing

When using AI features:

• Survey data is processed in aggregated and anonymized form where possible
• AI processing occurs through Azure OpenAI services with enterprise-grade security
• Individual responses are not used to train AI models
• AI-generated content is clearly labeled as AI-generated
• Human oversight is maintained for all AI recommendations

4.3 Automated Decision-Making

We do not use AI for automated decision-making that significantly affects individuals. All AI outputs are advisory and require human interpretation and action. You can request human review of any AI-generated insights or recommendations.

6.1 Core Platform Services

• Creating and managing user accounts and profiles
• Administering surveys and collecting responses
• Generating analytics, insights, and reports
• Managing organizational structure and user permissions
• Facilitating team and department management
• Processing location-based survey targeting

6.2 AI and Analytics

• Processing survey responses with AI systems for insights
• Generating predictive analytics and trend forecasting
• Creating AI-powered survey recommendations
• Providing interactive data analysis through AI chat
• Developing engagement scoring and benchmarking

6.3 Communications and Notifications

• Sending survey invitations and reminders
• Delivering system notifications and alerts
• Processing webhook deliveries to integrated systems
• Sending reports and analytics summaries
• Providing customer support communications

6.4 Business Operations

• Processing payments and managing subscriptions
• Managing trial periods and feature access
• Handling billing, invoicing, and VAT compliance
• Monitoring system performance and security
• Conducting business analytics and reporting

6.5 Platform Improvement

• Analyzing usage patterns to improve features
• Testing new functionality and user experiences
• Enhancing AI model performance and accuracy
• Developing new survey templates and methodologies
• Ensuring platform security and preventing fraud

7.1 Within Your Organization

Survey responses are shared with organization administrators according to your survey settings:

• Anonymous surveys: Responses are aggregated and cannot be traced to individuals
• Confidential surveys: Individual responses are visible to designated administrators
• Department/team targeting: Results may be filtered by organizational structure
• Location-based surveys: Results may be segmented by office location

7.2 Service Providers and Infrastructure

• AWS: Cloud hosting, authentication (Cognito), and infrastructure services
• Azure OpenAI: AI processing and natural language understanding
• Stripe: Payment processing and subscription management
• Email Service Providers: Transactional and notification emails
• Google Analytics: Website usage analytics (with consent)
• Customer Support Tools: Help desk and support ticket management

7.3 Integrations (When Enabled)

If your organization enables integrations, we may share relevant data with:

• Slack: Survey notifications, results summaries, and alerts
• Microsoft Teams: Survey notifications and engagement updates
• Webhook Endpoints: Real-time data updates to your specified systems
• Calendar Services: Survey scheduling and reminder integration

7.4 Legal and Compliance

We may disclose information when required by:

• Legal process, court orders, or government requests
• Law enforcement investigations
• Protection of our rights, property, or safety
• Prevention of fraud or security threats
• Compliance with applicable laws and regulations

7.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction, subject to the same privacy protections.

9.1 Account Data

• Active accounts: For the duration of your subscription
• Deleted accounts: 30 days for recovery, then permanently deleted
• Backup systems: Up to 90 days for disaster recovery

9.2 Survey Data

• Survey responses: According to organization settings (default: 24 months)
• Survey templates: Retained while account is active
• Analytics data: Aggregated data may be retained longer for trend analysis

9.3 Business Records

• Payment records: 7 years for tax and accounting purposes
• Support communications: 3 years
• Security logs: 12 months
• Usage analytics: 24 months

9.4 AI Training Data

We do not use individual survey responses to train AI models. Aggregated and anonymized insights may be retained to improve AI system performance, with all personal identifiers removed.

10.1 Access and Portability

• Right to Access: Request a copy of your personal data
• Data Portability: Receive your data in a structured, machine-readable format
• Account Dashboard: View and manage your data through your account settings

10.2 Correction and Deletion

• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Account Deletion: Delete your account and associated data

10.3 Processing Control

• Right to Restrict: Limit how we process your data
• Right to Object: Object to processing based on legitimate interests
• Consent Withdrawal: Withdraw previously given consent
• Marketing Opt-out: Unsubscribe from marketing communications

10.4 AI-Related Rights

• Human Review: Request human review of AI-generated insights
• AI Opt-out: Disable AI processing for your data where technically feasible
• Explanation Rights: Understand how AI systems process your data

10.5 Exercising Your Rights

To exercise these rights:

• Contact us at privacy@moodwhisper.com
• Use the account settings in your dashboard
• Submit a request through our support system
• Contact your organization administrator for survey-related data

We will respond to your request within 30 days and may require identity verification for security purposes.

11.1 Technical Safeguards

• Encryption of data in transit (TLS 1.3) and at rest (AES-256)
• Multi-factor authentication for administrative access
• Regular security assessments and penetration testing
• Automated security monitoring and threat detection
• Secure API endpoints with rate limiting and authentication

11.2 Organizational Measures

• Employee training on data protection and security
• Access controls based on principle of least privilege
• Regular security audits and compliance reviews
• Incident response procedures and breach notification protocols
• Vendor security assessments and contractual safeguards

11.3 Infrastructure Security

• AWS and Azure enterprise-grade security infrastructure
• Regular backups with encryption and access controls
• Network segmentation and firewall protection
• Continuous monitoring and logging of system activities
• Disaster recovery and business continuity planning

12.1 Types of Cookies

• Essential Cookies: Required for platform functionality and security
• Analytics Cookies: Help us understand how you use our platform (with consent)
• Preference Cookies: Remember your settings and preferences
• Integration Cookies: Enable third-party integrations like Slack and Teams

12.2 Cookie Management

You can manage your cookie preferences through our consent banner or by adjusting your browser settings. Note that disabling certain cookies may affect platform functionality.