Terms & Conditions
Data Collected and Received by Picnic
Personal Identification Information
We may collect personally identification information from Users in a variety of ways, including, but not limited to, when Users visit our Sites, register on the Sites, and in connection with other activities, Services, features or resources we make available on our Sites. Users may be asked for, as appropriate, name, email address, billing information. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Sites related activities. We will never sell your personal information to third parties and we won’t use your name or company name in any marketing statements without obtaining your permission in writing.
Non Personal Identification Information
We may collect non-personal identification information about Users whenever they interact with our Sites. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Sites, such as the operating system and the Internet service providers utilized and other similar information.
Services Metadata – when Users interact with our Services, metadata is generated to help provide additional context regarding how Users interact with our Sites.
Log Data – Our services will automatically collect information when Users access or use our Sites or Services and records it in log files. Log data may include IP address, previously visited web page addresses, browser type and settings, time and date when Services were used, browser configurations and plugins, language and cookie data.
Device Information – Picnic collect information about your computer, phone, tablet, or other devices you use to access our Services. This device information includes your connection type and settings when you install, access, update or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience. How much of this information we collect depends on the type and settings of the device you use to access the Services.
Location information - Picnic will receive this information from Users during our Account Registration as well as from our vendor partners to approximate your location.
Project information – Picnic is a work collaboration tool, therefore any User-generated data by use of our Services will be collected and stored by Picnic, and vendor partners. Collected data includes, but not limited to, data that Users post, send, receive or share. These include any files or links that User upload to our Services. Project data will only be accessible through authorized accounts or Users designated account and can only be viewed, or altered, by Users assigned to such projects. Picnic will never share, sell, or exploit any Project information unless requested by Project Admins. In addition, we may also inadvertently receive information about such Users from same project members. For example, a specific User may be mentioned by one of their project members when using our Services.
Web Browser Cookies
How Picnic Use Collected Data
Users are the primary Controllers of User Data. Picnic is a processor of User Data and Controller of other certain data. Users who resume the role of Project Admins will have the rights to grant or remove access to Project Data to any other Users. Picnic will never remove Users from any Projects unless specifically instructed by Project Admins or Users failed to provide payment for Picnic’s services (see Terms of Service for additional information).
Picnic collects and uses Users personal information for the following purposes:
To personalize User experience
We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
To improve our Site
We continually strive to improve our website offerings based on the information and feedback we receive from you.
To improve customer service
Your information helps us to more effectively respond to your customer service requests and support needs.
To administer a content, promotion, survey or other Site feature
To send Users information they agreed to receive about topics we think will be of interest to them.
The email address Users provide will only be used to respond to their inquiries, and/or other requests or questions. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email.
As required by applicable law, legal process or regulation
For Billing, account management and other administrative matters
For investigative and preventive measures against Site abuse
We use information about Users when granted consent for a specific purpose not listed above. For example, we may publish testimonials or feature customer stories to promote our Services. We will always ask for consent prior to posting any information for promotional purposes.
Sharing and Disclosure of Information
Picnic will only disclose or share User information for the following purposes:
User’s Request: Picnic will share all User Data based on User’s request and instructions.
Project Collaboration: Users can create content, which may contain information about themselves or other Users, and grant permission to others to see, share, edit, copy and download that content. Some of the collaboration features of the Services display some or all of your profile information to other Service Users when you share or interact with specific content. Similarly, when Users join a project, your name, profile picture and contact information and will be displayed in a list for other project members so they can find and interact with you.
Legal Compliance: If requested by legal Authority, Picnic may disclose User information that we determine to be in accordance or required by any applicable law.
Enforcement: Picnic also reserves the right to disclose User information to investigate, prevent, or take action against illegal activities, suspected fraud, or situations involving physical threat to any such persons.
Consent: Picnic may share User information with other 3rd parties in instances when we have Users’ consent to do so.
Third Party Service Providers and Partners: Picnic works with third-party service providers and partners to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for Picnic, which may require them to access or use User information. If a service provider needs to access information about Users to perform services on Picnic’s behalf, they do so under instruction from Picnic, including abiding by policies and procedures designed to protect User information. To Picnic’s knowledge, our 3rd party Service Providers and Partners are in compliance with GDPR. Please email us for additional information.
Operational Partners: Picnic works with 3rd parties who provide billing, support technical services to deliver and implement solutions to our Users. Picnic may share User information with these 3rd parties in connection with their services, such as to assist with billing cycles, to provide localized support, and to provide customizations work. Picnic may also share information with these 3rd parties where Users have granted Consent to share any information, for example, technical support services.
Links to 3rd Party Sites: Picnic’s Services may include links that direct you to other websites or services whose privacy practices may differ from ours. What you submit to these 3rd party sites are governed under their Privacy Policies and is not covered by Picnic’s Privacy Policies.
The operations of Picnic does require our employees to have access to systems which store and process User Data. This primarily serves the purpose of problem diagnostic or troubleshooting. For example, in order to diagnose a problem Users may have with Picnic services, our Employees may need access to your User Data. All employees are prohibited from viewing User Data for any reasons unless absolutely necessary to do so.
When Users delete their account(s) there are different scenarios how data deletion will be treated as described below:
If you were not invited to any other projects owned by other Picnic User then your data can no longer be accessed by you or any other Users that you invited to Picnic. Complete data deletion will occur post 90 days. Please see “Data Retention” below for additional details regarding 90-days data retention.
If User does not own projects and was only invited to other Picnic User’s projects then your specific contribution in other the projects will remain, but your personal information will be deleted. Picnic will make every effort to mask any personal information remaining, for example, your contribution to someone else’s project will be listed as “First Name, Last Initial” with no connection to your deleted personal information such as email, phone numbers, etc.
If you own projects and were participating in other Users’ projects, then Picnic’s Data Deletion and Data Retention will apply to each category described in section (1) and (2) above.
Users, at any time, may request a deletion of their personal data. If such request is made, data are deleted based on points 1, 2, or 3 as noted above and will remain in backups and life-cycle we maintain to ensures we do not store data inside backups more than 90 days. Users may email email@example.com to request data deletion.
However, if Users requires deletion of their data, we strongly suggest Users delete their account as this will help initiate the process as stated in points 1, 2 and 3 above.
If Picnic deletes an account due to inactivity, the above scenarios will apply.
Information storage and security
Picnic uses data hosting service providers in the United States to host collected information, and we use technical measures to secure all data. Despite the thorough security measures and safeguards that Picnic implements to protect data, no security system is impenetrable and due to the inherent nature of the Internet, Picnic cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. Picnic has policies in place in case of such situation and will respond to requests about this within a reasonable timeframe.
How long we keep information
How long we keep the information we collect about you depends on the type of information, as described in further detail below. After such time, we will make every effort to delete your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.
User Account information: We retain User information until User delete their account(s), which then we will continue retaining the data for up to 90 days after account deletion. Picnic maintains this practice due to the following reason:
In the event that User’s account has been compromised and purposely deleted. Picnic will help maintain and restore data once the situation is rectified
An account was mistakenly deleted by Users. In such an event, Picnic will be able to restore data for Users.
Various data storage systems and backups have different lifecycle policies which are held for a maximum of 90 days. For example, our database backups are encrypted, incremental and full re-cycle in 30 days. It is impossible to erase User data inside up to 1 minute precision encrypted incremental backups.
If User initially cancelled their account and requested but later change their mind. A user will be able to have all data restored if an account is reactivated within 90 days after initial account cancellation.
Picnic may also retain some of the User data as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies any specific Users, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about any Users.
The information you share on the Services: If User’s account is deactivated or disabled, some of the User information and the content that Users have provided will remain in order to allow other Project members or other Users to make full use of the Services. For example, we continue to display comments and content you provided to boards or cards. Picnic will hold User data up to 90 days after account cancellation in case Users will renew again within that time frame.
Marketing and Promotional information: If Users have elected and provided consent to receive marketing and promotional emails from Picnic, we retain information about Users' marketing preferences unless asked specifically to delete such information. Picnic retains information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
We take the security of your data very seriously at Picnic. As transparency is one of the principles on which our company is built, we aim to be as clear and open as we can about the way we handle security.
Picnic does not allow the use of our Services or Sites to anyone younger than 16 years old unless Consent is provided in writing by a legal guardian. Picnic will make the utmost effort to prohibit the use of our Site by anyone not over the legal age. Should Picnic learn that anyone under 16 has unlawfully provided us with personal data, Picnic will take the necessary steps to delete such information.
Picnic has further committed to refer any unresolved privacy complaints for our EU Users to an independent dispute resolution mechanism, JAMS Privacy Shield Program. Please note that if complaints cannot be resolved through the channels listed here, a binding arbitration option may be available before a Privacy Shield Panel.
Data Protection Officer
EU Users have certain statutory rights in relation to their personal data. Users may have the right to request or delete any personal information stored on Picnic. Please contact Picnic's Data Protection Officer for assistance. firstname.lastname@example.org
Picnic will provide Users an option to receive a copy of their data. Picnic does not include this option within the site. Users who require their data will be sent an export of their data in XLS format whenever possible. Please email email@example.com for assistance.