Privacy Policy
Websites and Operators of the Websites
1.1. The Meta Education Consultancy S.R.L. (hereinafter named “theCord”) company operates a mobile application (“theCordApp”) available in Romania and other countries within the European Union, providing instant access to professional accredited coaches to get insights and support in a timely manner, as follows:
theCoRD.ai owned by Meta Education Consultancy, duly registered according to the Romanian legislation, 44j Drumul Bisericii street, C3 Building, Voluntari, Ilfov county, having the Trade Registry Number J23/2074/2019 and the VAT number (Fiscal Unique Code) 41089537;
In this document, the term “App” shall mean and refer the up-mentioned mobile application and includes the social platforms company pages and the web version of the App, for example, a Web based application.
1.2. Your legal relationship is with theCord entity which operates the App you are using and/or through which you conclude an online transaction, unless specifically stated otherwise elsewhere.
1.3. TheCord reserves the right to assign in the future the operation of the App (or the Web based App, if the case) to any other future registered company. Such change of operator will be reflected in our Terms of Service.
1.4. Meta Education Consultancy S.R.L., and if the case, any of its affiliates, are individually and collectively referred to as “theCord”. In case of doubt, the term “theCord” or “we” refers to the operator of the mobile App you are using.
1.5. Meta Education Consultancy S.R.L. is responsible (Data Controller) for the processing activities that involve your personal data according to the contractual relationship enclosed by you and theCord.
Subject and Acceptance of Privacy Policy
2.1. This privacy policy, as amended from time to time (“Privacy Policy”) and our Terms of Service, all referenced below, sets out the basis on which any data, including personal data, we collect from you or which you provide to us, will be processed by us. Please read this Privacy Policy carefully. If you do not agree with it, please do not continue to use the App and do not provide us personal data. By using the App, you are deemed to have accepted our Terms of Service and Privacy Policy. Prior to providing us personal data (including e-mail address) through our App you will be specifically asked to accept our Privacy Policy and confirm your age. By accepting our Privacy Policy, you agree that we collect and process your data as described herein.
2.2. The Privacy Policy is applicable to both legal and natural persons (legal entities and consumers).
2.3. We reserve the right to make changes at any time to our Privacy Policy by posting the changed terms on our App or on the Website without any other notice, unless our changes significantly affects your legal status in relation to us (delivery of an order, reimbursement of any amount, return status or other such cases). Significant changes will additionally be communicated in an adequate manner. Please ensure that you review the Privacy Policy regularly as by your access or use of the App or Web based App after any changed Privacy Policy has been posted you will be deemed to have accepted the Privacy Policy in the version published on our App or Web based App at the time of your respective visit.
Cookies
3.1. The services of theCord App are possible based on similar technologies to cookies and are used as further indicated.
3.2. Information about Cookies, web analysis and social media
3.2.1. Use of cookies
Cookies are small text files or codes that contain information units. These text files are stored on your hard drive or in the memory of your browser when you visit one of our websites. Thanks to cookies, the content of our websites can be more easily built up and those devices can be recognized through which our websites were previously visited. We use cookies to gain a better understanding of how applications and websites work and to analyze and optimize the user experience when using our websites online and mobile.
3.2.2. Cookie Categories
We primarily use cookies from the following categories on our websites:
3.2.3. Business-necessary cookies
These cookies are necessary so that you can use our website as intended and all functions are available to you. Without these cookies, the requested services cannot be provided. These cookies do not collect any information about you and do not store internet locations. Absolutely necessary cookies cannot be deactivated via our website. However, they can be deactivated at any time via the browser you are using.
3.2.4. Functional cookies
These cookies are necessary for certain applications or functions of the website so that they can work properly. These can be cookies, for example, which save the settings made, such as the language setting of a visitor, or - with your prior consent - pre-filled forms.
Storage duration: In the case of a session cookie, for the duration of the session or, in the case of your prior consent, for the duration of your consent.
3.2.5. Analytical cookies
These cookies collect information about the usage behavior of visitors on our App or websites. For example, it records which section of the App are visited the most and which links are clicked. All recorded data is saved anonymously together with the information of other visitors. With the help of the data obtained by these cookies, we can use them to create analytical evaluations about our website and thus continuously improve the user experience.
Storage duration: In the case of a session cookie, for the duration of the session, in all other cases, a maximum of three years.
3.2.6. How long are cookies stored on my device?
The length of time a cookie remains on your device depends on whether it is a persistent cookie or a session cookie. Session cookies only remain on your device until your browser session is ended. Persistent cookies remain stored on your end device, even after you have ended a browser session, until the pre-set duration of the cookie has expired or it is deleted.
3.3. Social media
3.3.1. Social media plugins
We have embedded content from external providers such as LinkedIn, Facebook, Instagram and YouTube in our App or on individual websites or we link you to the websites of the our external providers. At the time we connected the App to the external providers, no legal violations were recognizable to us. If we become aware of such an infringement, we will remove the link immediately. In order to be able to recommend and share content in social networks such as LinkedIn, Facebook, Instagram and YouTube, appropriate links are integrated into the App.
These links only transfer data to external providers or other third parties when you, as a user, press the corresponding button. We have prevented the immediate transfer of data to external providers or other third parties when you simply visit our website. It is therefore entirely up to you to activate the transmission in individual cases.
3.3.2. Contests on social media
Insofar as personal data is collected from participants in the context of a contest or promotion campaign on social media, this is collected, processed and used exclusively for the purpose of carrying out the contest, unless you have given us your express consent to the use of your personal data for other purposes or in individual cases, the use of data is required for legal or other predominant reasons (for example in the event of a judicial or other official request or in the case of judicial or official disputes)
We will delete or anonymise collected and processed data after the statutory limitation period (ie usually after three years has elapsed. This also applies to messages in social media. For the correctness, topicality and completeness of the data you have provided about yourself) we do not assume any responsibility. Therefore, in your own interest, please ensure that the information you provide is accurate, up-to-date and complete.
Terms of Service
You find the Terms of Service referred to above under the following link: https://thecord.ai/terms.
General provisions
5.1. We undertake that the data we receive and/or collect from you is processed in accordance with applicable law (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation hereinafter named “GDPR”) and only for the purposes stated in this Privacy Policy. Moreover, national (local) legislation may complete or clarify the GDPR provisions as the case may be applicable to each of the countries theCord App is available.
Also, we undertake that significant national law may be applicable to each of the countries in which we operate, and we comply with such applicable legislations, as the case may be.
5.2. Provision of personal data is voluntary. However, without providing us certain data you may not be able to receive the full range of our services.
5.3. When you provide us personal data and/or contact information you allow us to contact you for the purpose for which you have provided us such personal data and contact information and as further described in this Privacy Policy. We will contact you mainly by e-mail and we may include short messages (SMS) via phone, push notifications, telephone and/or other means of communication we may agree upon from time to time.
5.4. We do not entrust, sell, rent, license, transfer etc. our database containing personal data of our customers or users, except as set out in this Privacy Policy.
Your data which we may collect or process
6.1. We may collect and process the following general data about you, subject to your right to revoke your consent or request deregistration, as further set out in the respective section of this Privacy Policy:
Data which you provide when you register to one of our services or to have access to restricted areas of our mobile App:
For legal entities: name and surname of the user, company name, company e-mail, company phone number;
For natural persons: name and surname, e-mail address, phone number, date of birth;
For natural persons, in relation to the purchase process or our services: bank information available on our account statements in relation to your payment. For legal entities, payment of our services involves the selection of a package or option made available for legal persons specifically.
Details of transactions you carry out through our App (or if the case, through our Web based App) and details of the fulfilment of your orders. TheCord uses the services of a payment processor, thus, no credit or debit card information is stored or otherwise processed by us.
Information which you provide when you participate in a competition or promotion sponsored or organised by us or one of our affiliates;
Information which you provide by filling in existing forms on our App or by posting any content on our social media pages;
Attending to the online coaching sessions or other related online based services available on our App, your personal online information like IP address, device tokens, user ID, is being transferred to other legal entities we enclosed a contractual partnership with like Amazon, Twilio, Stripe. Such transfers are only possible in certain conditions, as further explained in the present Policy.
Other marketing related data like contact or other information which you give or allow us and our third parties to use for ncommercial communication (like newsletters) or other marketing purposes;
Information which you provide when you contact us by any means of communication available in the App;
Information which you provide if you decide to participate in and complete surveys;
Considering that the services will be carried out via live online video conferences, data regarding sound and biometric information like image and voice are being processed. TheCord App provides access to additional services and functions like recording of the live session and textual transcript of the session. Legal entities may opt to access the additional services that are part of the service options or packages selected and payed. Legal entities bare responsibility to comply with the applicable privacy regulations like GDPR or other court rulings or directives in force. Natural persons can only opt for the recording service of the session or the textual transcript of the session based on the consent expressed for such processing activities.
Information collected by cookies and similar technologies - Cookies are small data files stored on your hard drive or in the memory of your device. Cookies help us improve and keep our services secure and offer information about your experience using the App. Through the use of cookies, we may automatically collect information about your activity on our App, such as the App sections you visit, the links you click, and the searches you conduct. For more information on cookies or similar technologies, see section "Cookies and other similar technologies" below;
Information collected by analytics software - we use analytics based software for user engagement tracking, such as Facebook and Google Analytics. We use analytics software to optimize the Service and the user experience;
Other profile data like your username, service purchase history, regarding our services and your communications with us.
6.2. As part of the purchasing process or a refund procedure, you may provide data relating to your bank account, your debit card or credit card information to a third-party payment services provider. Such data is used to carry out your payment to us or our reimbursement to you. In such case, you provide the payment data directly to the third-party payment services provider and not to us and you are subject to the privacy policy of such third-party payment service provider. We recommend that you review those terms prior to selecting the respective method of payment. We do neither receive, save or process such payment data.
6.2.1. Only if you provide your payment data directly to us, we collect and process such data and only for the scope you specifically indicate. This may be the case for example if you provide us your bank account details for a reimbursement in case of a product return.
6.2.2. Please note that we may have to disclose certain of your data to third party payment service providers as further set out in the section “Disclosure of your data” of this Privacy Policy.
Purpose of processing your data and legal basis for processing
7.1. Data Processing & Privacy
We collect personal information from you such as registration information and information received from third parties (such as your username, social login) in order to set up an account for you to use our services
We use your audio recordings together with metadata such as device information, meeting agendas, email headers and contents, in order to provide our services to you. We use audio recordings from your online meetings to generate near real-time text transcripts from your meetings. We do not store the audio recordings after the transcript is generated (within minutes after a meeting).
We store derivative data, such as meeting transcripts and results from AI algorithms applied to the meeting data in association with your account for as long as you maintain your account current. We do not share your data with others.
We use only proprietary deep learning models to analyze your transcripts and generate meeting insights. We do not share or upload any transcripts of your meetings with third parties. Only the results from proprietary AI algorithms applied to the meeting data are used to create AI-gen coaching recommendations (i.e. medium facilitation level with 5 interventions with a 30min meeting, low decision velocity with 2 decision drive behaviors within 1h meeting, etc)
We train our proprietary AI algorithms on anonymized transcripts in order to provide more accurate services, but never without explicit consent. For example, if you decide to participate in research projects, or to provide data in exchange for free services, or discounts we may ask for your permission to access your transcripts for training and product improvement purposes. Only if you agree to share your data we will anonymize it (remove any identifiable information) and incorporate the transcripts, or parts of the transcripts into our training data.
You have full control over your personal data:
if you wish to request a copy of your personal data that we store in our systems, you may do so by writing to us at: data@thecord.ai
if you with to delete your personal data, you may close your account; If you close your account, all data associated with your account will be deleted within 30 days (we allow for 30 days in order to be able to restore your account in case of accidental deletion)
7.2. We may use data held about you for the following purposes:
Facilitate the interaction between our specialists (coaches) and users (natural persons or personnel of legal entities);
Sending invoices after providing our services or upon your payment to us;
Complying with our legal obligations like privacy, confidentiality and security of any data processing activity we develop, invoice retention, resolving disputes and enforcing agreements concluded with our clients or service partners;
General use of our App when you sign up by creating an account or paying for our services, we store the logging data, device used (type, model), operating system of your device and version of the operation system, as well as any other information needed to protect our internal systems and your personal data against cyber-attacks;
For execution of our signed contracts in relation with legal entities and for providing our services to the personnel of our legal entities;
Ensuring access to third-party platforms and tools in order for theCord App services to properly function;
For statistical studies and internal company risk analyzes in order to improve our services or systems, whereby the results of these studies do not allow any conclusions to be drawn about your person.
Carry out our obligations arising from any transaction entered into between you and us;
Protecting our rights and interests according to the enclosed agreements;
Ensure that content of our App is presented to you in the most effective manner;
If you voluntarily take part in pilot projects, usability tests, competitions and other campaigns or other customer loyalty measures.
Provide you with information, products or services that you request from us;
To participate in customer surveys or customer forums;
Send you notifications, including regarding changes to our set of terms and policies.
7.3. Legal basis
7.3.1. We rely our data protection process considering he above-mentioned purposes and scope, based on three legal grounds:
7.3.1.1. Your consent, according to article 6 align. 1, letter a) from the GDPR. Consent will be requested from the end-user (natural person) within the App, whenever certain processing activities of his/her personal data cannot be processed based on other legal grounds and consent is mandatory according to the law. If you are an employee or member of the staff of our client legal entity, information and consent for any processing activity realised by your employer falls under its specific obligation. theCord will make available information regarding only its processing activities.
7.3.1.2. Legal requirement, according to article 6 align. 1, letter b) from the GDPR, when the processing activity is necessary for a legal obligation and other statutory provisions, such as an information security, public accounting, financial reporting or for the purpose of auditing.
7.3.1.3. Performance of a contract, according to article 6 align. 1 letter b) from the GDPR, if the processing is necessary for the conclusion or the execution of a contract to which the data subject (end–user) is part of or to enter into or perform a contract with the data subject.
7.3.1.4. Legitimate interest of theCord, according to article 6 align 1, letter f) from the GDPR, if the processing is necessary to protect the legitimate interest of our company according with the services rendered but only if the processing activity is mandatory for the function of our company and if the processing activity does not outweigh any risks to the rights and freedoms of our users.
Newsletters, messages and alerts
8.1. When you provide us personal data and/or contact information through our Website, especially when you insert your e-mail address, you agree (subject to your right to refuse or revoke your consent according to the next section), that we may send you newsletters, messages and other alerts mainly by e-mail, short messages (SMS), push notifications, phone or in specific cases, by regular mail. Such communications are being sent, among others, with or without human interference for purpose of direct marketing or advertising similar products or services offered by theCord.
8.2. You can refuse or revoke your consent to receive newsletters, messages or alerts at any time
by using the special link provided in a newsletter, message and/or alert, or
by using the option available to restrict, refuse or revoke your consent in the specific section of your profile on our App, or
in case of push notifications, by using the respective settings on your device, or
by contacting our Customer Service at the contact details provided on our App.
8.3. We reserve the right to choose whom to send newsletters, messages and/or alerts and to remove from our databases of clients or prospective clients anyone who has given his consent to receive newsletters, messages and/or alerts without any further commitment on behalf of theCord or of further notice. Removal from our App or related websites is an action we are force to take in certain conditions like the case where your behaviour prejudiced theCord, other users or clients, our specialists or any of theCord partners (ex: if you place false session orders, or if we see a pattern of nonattendance to the sessions– it means that several consecutive transactions are made without expressing a valid interest for our services and also, if you are willingly and in any way, part of a cyber-threat that involves our company). In such cases we will notify you as soon as possible offering the reasons of our decisions.
Location of data storage and processing
9.1. The data that we collect from you may be processed in, transferred to, and/or stored at a location inside the European Economic Area ("EEA"), respectively in Frankfurt, Germany.
9.2. The data that we collect from you, may also be processed to, and stored at, a location outside the EEA, subject to us having taken all required steps by the applicable law of the EU, the EEA member states relating to the transfer of personal data abroad. Such steps may include but are not limited to compliance with the Standard Contractual Clauses for transfers in the United States if such agreements can be enforced into all agreements relevant for or relating to the transfer of data outside the EEA. Disclosure of your data in relation to various partners located outside the EEA may be necessary in order for us to make our products and services available to you, whenever we work for example with companies located in the United States of America according with the Standard Contractual Clauses, although, most of these companies have operational headquarters registered at European Union level in Ireland. The retention period of these personal data is established in relation to the duration of the partnership we have with our partners or by our partners according to the Privacy Policy available on their website.
A link to the Privacy Policy of our partners is made available in the section “Third party services list” https://thecord.ai/privacy.
If you restrict by request or oppose to such processing activity, we will act according to GDPR on each case basis.
9.3. The data that we collect from you may be processed by staff who works for us, by our affiliates, or one of our affiliates’ third-party service providers. Such staff may be engaged in, among other things, the operation of the App, the fulfilment of a contract, the processing of your payment details or the provision of support services.
9.4. We may disclose and/or transfer your personal data to any of our affiliates, which means any member of theCord as well our direct, indirect and ultimate holding company and their subsidiaries (i) in the event we reorganise the way in which we provide services to our users and such data transfer or disclosure is required to provide or continue to provide services to our users and / or (ii) in case we assign the operation of the App or all or parts of the rights and obligations relating to a transaction or to our contractual relation, for example if you don’t pay for our services.
9.5. We may disclose your data to third party service providers (i) to implement our obligations which we have to you, including but not limited to organize and deliver the online coaching services, sending e-mail schedules of the sessions or other related information, SMS or push notifications, or (ii) which provide services to us or to our affiliates, such as data analysis, marketing assistance, advertising services, translation, payment processing, logistic or customer support services, consulting, audit or legal services, or generally in relation with the purposes as described in the section “purpose of processing your data”. Such disclosure is permitted provided that such third parties need access to the data to perform their services but may not use them for other purposes, in particular not for their own internal business purposes.
9.6. If you provide any payment data directly to us (including bank account in case of a product return), we will disclose it to third party payment service providers to the extent required to provide refund or payment to you.
9.7. Your bank, credit card or debit card issuer and a third-party payment service provider may have access or view any data or documents related to your order or purchase contract.
9.8. We may further disclose your data to third parties and subject to the provisions of applicable law:
in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
if the assets of our company are acquired by a third party, case in which the personal data we hold you will be one of the transferred assets and we will inform you about such case prior to the actual transfer;
if we are under a duty to disclose or share your personal data in order to comply with any legal, regulatory or court obligation;
in order to enforce or apply our Terms of Service and other agreements or to protect the rights, property or safety of us, our customers, or others; or
as otherwise provided in this Privacy Policy.
Links to or from other websites
Our Website may, from time to time, contain links to and from the websites of third parties, for example third party manufacturers, distributors, advertisers, payment service providers or social media platforms such as, for example, LinkedIn, Facebook, Instagram or YouTube. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility for privacy policies of or practices implemented by such third parties. Please check those policies before you submit any data to those websites and access our “Third party services list” https://thecord.ai/privacy as it may be updated from time to time.
Registration through a third-party website
We may provide you the possibility to register through a third-party website, in particular through a social media platform such as Facebook. In such case, you can click on the button “register with (Facebook)” in the registration form and log into the third-party website. By doing so, you give your consent that your personal data (in particular name, surname, date of birth, gender and e-mail address) is retrieved from such social media platform and sent to us or to our partners. If you register through such third-party websites, please note that such websites have their own privacy policies and that we do not accept any responsibility or liability for privacy policies of or practices implemented by third parties. Please check those policies before you register to our App through such third-party website.
12. Access to information and other rights you may have
12.1. Where you want to make use of such rights, please address your request in writing (e-mail or signed and dated letter) to the Customer Service at the address indicated on our Website, before you address to the competent Supervisory Authorities as we will try to solve any issue with undue delay.
12.2. Applicable laws provide you rights with regard to your data. Such rights include, but are not limited to:
right to access your personal data or to see a copy of the personal data that we hold about you;
right to request a confirmation from us whether your personal data is or is not being processed;
right to request information about the status of processing of your personal data;
right to request information about the source from which we obtained your personal data for processing;
right to request rectification, updating or completion of your data;
right to restrict certain data processing activities, which means we store your personal data but do not use it for any other purpose. If you have obtained processing restriction, you will be informed before lifting the data processing restriction, if applicable;
right to reject the use of your personal data for marketing purposes;
right to revoke your consent to this Privacy Policy, and/or request deregistration and deletion from our App as further described in the next section on revocation of consent and deregistration;
right of portability (transfer) of the data you provided to us in relation to the specific purpose for which you provided us with this data; however, the portability of your personal data has to be possible according to art. 20 of the GDPR, or the portability will be denied by us as we cannot risk the unsafety of your personal data;
right not to be subject to an automated decision making, having the opportunity to oppose an automatic decision process according to art. 22 from GDPR;
right to be forgotten (deletion) of your personal data. We will evaluate your deletion request from the point of view of our internal laws and procedures, taking into account, if applicable, the existence of any existing instructions in place from our contractual partners and we will provide you with a written response within the legal term, which will not exceed one month (30 days term) from the receival date of the deletion request.
right to have your data removed from the system as further described in the next section on revocation of consent and deregistration.
right to address the relevant Data Supervisory Authority from the country you access theCord App, you can access mediation services in order to settle any dispute, or at a competent court, if you believe that your rights regarding the processing of personal data have been breached.
The National Supervisory Authority for each country where theCord App operates is available below:
Romania:
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (A.N.S.P.D.C.P.)
28 – 30 General Gheorghe Magheru Boulevard
010336, Bucharest
Tel. +40.318.059.211
Email: anspdcp@dataprotection.ro
13. Revocation of your consent; deregistration; data retention
13.1. You may revoke your consent to this Privacy Policy and/or request deregistration and deletion from our Website at any time and at no charge to you by contacting our Customer Service in writing (e-mail sufficient) at the contact details provided on our Website. Such revocation of consent will not apply to existing transactions between us and also to any previous commercial relation we had.
13.2. We may in any case keep the data for as long as we are required by applicable law or by our internal retention terms, including company law or tax law or otherwise, to keep transaction related information. We may hold on to some of your personal data for longer (typically for a period from six years to 10 years) if reasonably needed for legal, regulatory or tax reasons, deal with disputes, prevent fraud or abuse and/or enforce our Terms of Service. We will keep your information which we use only for newsletters or other marketing according to our internal Data Retention Policy, but mainly until you tell us to stop sending you such messages or your account is closed or, applicable to personal data of our partners, until our contract with you has otherwise ended.
13.3. In general, personal data is only stored by us to the extent that is absolutely necessary and generally after expiry of the statutory limitation period of three years under civil law (e.g. customer correspondence) or, in the case of invoice-relevant data, after seven to ten years depending on the jurisdiction (e.g. after payment for a coaching session or offering a promotional discount voucher) in accordance with the national applicable legislation. A longer retention period only takes place in justified individual cases, for example because of an ongoing civil or administrative dispute or a cybersecurity incident that involves your account information or personal data.
13.4. In case no transaction has occurred between you and us prior to your revocation or request for deregistration, we will remove or anonymize your data from the system such that it cannot be accessed anymore.
13.5. In case you want to exercise your rights according to art. 12.2 above, please contact us by e-mail at dataprotection@thecord.app.
14. Our quality measures
If you contact us by e-mail with requests, suggestions or criticism, we would like to ensure that we have fulfilled our service to your satisfaction. Therefore, after your request has been answered, we will ask you how satisfied you were with our service.
This is an internal quality assurance measure. For reasons of objectivity and automated processing, we use a processor who carries out this automated request for us. We only leave your email address and your customer number to the processor. We do not give this processor the opportunity to inspect your data, use your data for other purposes or pass it on to third parties.
Before using the processor, we convinced ourselves that it offers a sufficient guarantee for the lawful and secure use of data.
15. This is how we protect your data
15.1. We understand information security as:
Data confidentiality
Data integrity and
Data availability.
15.2. To ensure information security, we have established organizational framework conditions and protective measures that correspond to the state of the art.
15.3. These include:
Load distribution,
Firewalls,
Encryption,
Security tests,
System checks and
ongoing monitoring.
15.4. Our employees and/or collaborators are only granted role-specific access rights to the extent that is absolutely necessary. The use of these access authorizations is logged. Your data is protected by a secure online connection (TLS) between your PC and our servers with at least 128 bits, depending on the browser configuration.
16. Use of contract processors
16.1. We understand contract processors to mean our contractual partners who process personal data on our behalf (example: maintenance of our databases).
We currently use contract processors for the following activities, among others:
for shipping other printed matter
to carry out quality measures and customer surveys
for the operation and maintenance of our customer databases and
the use in individual cases.
16.2. We only use contract processors for data processing that we have legally carried out. We always convince ourselves in advance that the individual processor is suitable for the provision of services, in particular that he offers sufficient guarantee for lawful and secure data use.The processors selected by us receive personal data from us only to the extent that is absolutely necessary.
17. Choice of Law and Jurisdiction (including regarding data protection authorities)
This Privacy Policy and all matters arising or relating to these terms and the purchase contract shall be governed by the law of the country where theCord App is mainly operate, according to our Terms of Service. If you are a Consumer, you will benefit from any mandatory provisions of the law of the country in which you are resident. The courts, mediation and data protection authorities of that same country shall have exclusive jurisdiction to settle any disputes which may arise out of or in connection with these Privacy Policy.
Version: October / 2023
Privacy Policy
Websites and Operators of the Websites
1.1. The Meta Education Consultancy S.R.L. (hereinafter named “theCord”) company operates a mobile application (“theCordApp”) available in Romania and other countries within the European Union, providing instant access to professional accredited coaches to get insights and support in a timely manner, as follows:
theCoRD.ai owned by Meta Education Consultancy, duly registered according to the Romanian legislation, 44j Drumul Bisericii street, C3 Building, Voluntari, Ilfov county, having the Trade Registry Number J23/2074/2019 and the VAT number (Fiscal Unique Code) 41089537;
In this document, the term “App” shall mean and refer the up-mentioned mobile application and includes the social platforms company pages and the web version of the App, for example, a Web based application.
1.2. Your legal relationship is with theCord entity which operates the App you are using and/or through which you conclude an online transaction, unless specifically stated otherwise elsewhere.
1.3. TheCord reserves the right to assign in the future the operation of the App (or the Web based App, if the case) to any other future registered company. Such change of operator will be reflected in our Terms of Service.
1.4. Meta Education Consultancy S.R.L., and if the case, any of its affiliates, are individually and collectively referred to as “theCord”. In case of doubt, the term “theCord” or “we” refers to the operator of the mobile App you are using.
1.5. Meta Education Consultancy S.R.L. is responsible (Data Controller) for the processing activities that involve your personal data according to the contractual relationship enclosed by you and theCord.
Subject and Acceptance of Privacy Policy
2.1. This privacy policy, as amended from time to time (“Privacy Policy”) and our Terms of Service, all referenced below, sets out the basis on which any data, including personal data, we collect from you or which you provide to us, will be processed by us. Please read this Privacy Policy carefully. If you do not agree with it, please do not continue to use the App and do not provide us personal data. By using the App, you are deemed to have accepted our Terms of Service and Privacy Policy. Prior to providing us personal data (including e-mail address) through our App you will be specifically asked to accept our Privacy Policy and confirm your age. By accepting our Privacy Policy, you agree that we collect and process your data as described herein.
2.2. The Privacy Policy is applicable to both legal and natural persons (legal entities and consumers).
2.3. We reserve the right to make changes at any time to our Privacy Policy by posting the changed terms on our App or on the Website without any other notice, unless our changes significantly affects your legal status in relation to us (delivery of an order, reimbursement of any amount, return status or other such cases). Significant changes will additionally be communicated in an adequate manner. Please ensure that you review the Privacy Policy regularly as by your access or use of the App or Web based App after any changed Privacy Policy has been posted you will be deemed to have accepted the Privacy Policy in the version published on our App or Web based App at the time of your respective visit.
Cookies
3.1. The services of theCord App are possible based on similar technologies to cookies and are used as further indicated.
3.2. Information about Cookies, web analysis and social media
3.2.1. Use of cookies
Cookies are small text files or codes that contain information units. These text files are stored on your hard drive or in the memory of your browser when you visit one of our websites. Thanks to cookies, the content of our websites can be more easily built up and those devices can be recognized through which our websites were previously visited. We use cookies to gain a better understanding of how applications and websites work and to analyze and optimize the user experience when using our websites online and mobile.
3.2.2. Cookie Categories
We primarily use cookies from the following categories on our websites:
3.2.3. Business-necessary cookies
These cookies are necessary so that you can use our website as intended and all functions are available to you. Without these cookies, the requested services cannot be provided. These cookies do not collect any information about you and do not store internet locations. Absolutely necessary cookies cannot be deactivated via our website. However, they can be deactivated at any time via the browser you are using.
3.2.4. Functional cookies
These cookies are necessary for certain applications or functions of the website so that they can work properly. These can be cookies, for example, which save the settings made, such as the language setting of a visitor, or - with your prior consent - pre-filled forms.
Storage duration: In the case of a session cookie, for the duration of the session or, in the case of your prior consent, for the duration of your consent.
3.2.5. Analytical cookies
These cookies collect information about the usage behavior of visitors on our App or websites. For example, it records which section of the App are visited the most and which links are clicked. All recorded data is saved anonymously together with the information of other visitors. With the help of the data obtained by these cookies, we can use them to create analytical evaluations about our website and thus continuously improve the user experience.
Storage duration: In the case of a session cookie, for the duration of the session, in all other cases, a maximum of three years.
3.2.6. How long are cookies stored on my device?
The length of time a cookie remains on your device depends on whether it is a persistent cookie or a session cookie. Session cookies only remain on your device until your browser session is ended. Persistent cookies remain stored on your end device, even after you have ended a browser session, until the pre-set duration of the cookie has expired or it is deleted.
3.3. Social media
3.3.1. Social media plugins
We have embedded content from external providers such as LinkedIn, Facebook, Instagram and YouTube in our App or on individual websites or we link you to the websites of the our external providers. At the time we connected the App to the external providers, no legal violations were recognizable to us. If we become aware of such an infringement, we will remove the link immediately. In order to be able to recommend and share content in social networks such as LinkedIn, Facebook, Instagram and YouTube, appropriate links are integrated into the App.
These links only transfer data to external providers or other third parties when you, as a user, press the corresponding button. We have prevented the immediate transfer of data to external providers or other third parties when you simply visit our website. It is therefore entirely up to you to activate the transmission in individual cases.
3.3.2. Contests on social media
Insofar as personal data is collected from participants in the context of a contest or promotion campaign on social media, this is collected, processed and used exclusively for the purpose of carrying out the contest, unless you have given us your express consent to the use of your personal data for other purposes or in individual cases, the use of data is required for legal or other predominant reasons (for example in the event of a judicial or other official request or in the case of judicial or official disputes)
We will delete or anonymise collected and processed data after the statutory limitation period (ie usually after three years has elapsed. This also applies to messages in social media. For the correctness, topicality and completeness of the data you have provided about yourself) we do not assume any responsibility. Therefore, in your own interest, please ensure that the information you provide is accurate, up-to-date and complete.
Terms of Service
You find the Terms of Service referred to above under the following link: https://thecord.ai/terms.
General provisions
5.1. We undertake that the data we receive and/or collect from you is processed in accordance with applicable law (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation hereinafter named “GDPR”) and only for the purposes stated in this Privacy Policy. Moreover, national (local) legislation may complete or clarify the GDPR provisions as the case may be applicable to each of the countries theCord App is available.
Also, we undertake that significant national law may be applicable to each of the countries in which we operate, and we comply with such applicable legislations, as the case may be.
5.2. Provision of personal data is voluntary. However, without providing us certain data you may not be able to receive the full range of our services.
5.3. When you provide us personal data and/or contact information you allow us to contact you for the purpose for which you have provided us such personal data and contact information and as further described in this Privacy Policy. We will contact you mainly by e-mail and we may include short messages (SMS) via phone, push notifications, telephone and/or other means of communication we may agree upon from time to time.
5.4. We do not entrust, sell, rent, license, transfer etc. our database containing personal data of our customers or users, except as set out in this Privacy Policy.
Your data which we may collect or process
6.1. We may collect and process the following general data about you, subject to your right to revoke your consent or request deregistration, as further set out in the respective section of this Privacy Policy:
Data which you provide when you register to one of our services or to have access to restricted areas of our mobile App:
For legal entities: name and surname of the user, company name, company e-mail, company phone number;
For natural persons: name and surname, e-mail address, phone number, date of birth;
For natural persons, in relation to the purchase process or our services: bank information available on our account statements in relation to your payment. For legal entities, payment of our services involves the selection of a package or option made available for legal persons specifically.
Details of transactions you carry out through our App (or if the case, through our Web based App) and details of the fulfilment of your orders. TheCord uses the services of a payment processor, thus, no credit or debit card information is stored or otherwise processed by us.
Information which you provide when you participate in a competition or promotion sponsored or organised by us or one of our affiliates;
Information which you provide by filling in existing forms on our App or by posting any content on our social media pages;
Attending to the online coaching sessions or other related online based services available on our App, your personal online information like IP address, device tokens, user ID, is being transferred to other legal entities we enclosed a contractual partnership with like Amazon, Twilio, Stripe. Such transfers are only possible in certain conditions, as further explained in the present Policy.
Other marketing related data like contact or other information which you give or allow us and our third parties to use for ncommercial communication (like newsletters) or other marketing purposes;
Information which you provide when you contact us by any means of communication available in the App;
Information which you provide if you decide to participate in and complete surveys;
Considering that the services will be carried out via live online video conferences, data regarding sound and biometric information like image and voice are being processed. TheCord App provides access to additional services and functions like recording of the live session and textual transcript of the session. Legal entities may opt to access the additional services that are part of the service options or packages selected and payed. Legal entities bare responsibility to comply with the applicable privacy regulations like GDPR or other court rulings or directives in force. Natural persons can only opt for the recording service of the session or the textual transcript of the session based on the consent expressed for such processing activities.
Information collected by cookies and similar technologies - Cookies are small data files stored on your hard drive or in the memory of your device. Cookies help us improve and keep our services secure and offer information about your experience using the App. Through the use of cookies, we may automatically collect information about your activity on our App, such as the App sections you visit, the links you click, and the searches you conduct. For more information on cookies or similar technologies, see section "Cookies and other similar technologies" below;
Information collected by analytics software - we use analytics based software for user engagement tracking, such as Facebook and Google Analytics. We use analytics software to optimize the Service and the user experience;
Other profile data like your username, service purchase history, regarding our services and your communications with us.
6.2. As part of the purchasing process or a refund procedure, you may provide data relating to your bank account, your debit card or credit card information to a third-party payment services provider. Such data is used to carry out your payment to us or our reimbursement to you. In such case, you provide the payment data directly to the third-party payment services provider and not to us and you are subject to the privacy policy of such third-party payment service provider. We recommend that you review those terms prior to selecting the respective method of payment. We do neither receive, save or process such payment data.
6.2.1. Only if you provide your payment data directly to us, we collect and process such data and only for the scope you specifically indicate. This may be the case for example if you provide us your bank account details for a reimbursement in case of a product return.
6.2.2. Please note that we may have to disclose certain of your data to third party payment service providers as further set out in the section “Disclosure of your data” of this Privacy Policy.
Purpose of processing your data and legal basis for processing
7.1. Data Processing & Privacy
We collect personal information from you such as registration information and information received from third parties (such as your username, social login) in order to set up an account for you to use our services
We use your audio recordings together with metadata such as device information, meeting agendas, email headers and contents, in order to provide our services to you. We use audio recordings from your online meetings to generate near real-time text transcripts from your meetings. We do not store the audio recordings after the transcript is generated (within minutes after a meeting).
We store derivative data, such as meeting transcripts and results from AI algorithms applied to the meeting data in association with your account for as long as you maintain your account current. We do not share your data with others.
We use only proprietary deep learning models to analyze your transcripts and generate meeting insights. We do not share or upload any transcripts of your meetings with third parties. Only the results from proprietary AI algorithms applied to the meeting data are used to create AI-gen coaching recommendations (i.e. medium facilitation level with 5 interventions with a 30min meeting, low decision velocity with 2 decision drive behaviors within 1h meeting, etc)
We train our proprietary AI algorithms on anonymized transcripts in order to provide more accurate services, but never without explicit consent. For example, if you decide to participate in research projects, or to provide data in exchange for free services, or discounts we may ask for your permission to access your transcripts for training and product improvement purposes. Only if you agree to share your data we will anonymize it (remove any identifiable information) and incorporate the transcripts, or parts of the transcripts into our training data.
You have full control over your personal data:
if you wish to request a copy of your personal data that we store in our systems, you may do so by writing to us at: data@thecord.ai
if you with to delete your personal data, you may close your account; If you close your account, all data associated with your account will be deleted within 30 days (we allow for 30 days in order to be able to restore your account in case of accidental deletion)
7.2. We may use data held about you for the following purposes:
Facilitate the interaction between our specialists (coaches) and users (natural persons or personnel of legal entities);
Sending invoices after providing our services or upon your payment to us;
Complying with our legal obligations like privacy, confidentiality and security of any data processing activity we develop, invoice retention, resolving disputes and enforcing agreements concluded with our clients or service partners;
General use of our App when you sign up by creating an account or paying for our services, we store the logging data, device used (type, model), operating system of your device and version of the operation system, as well as any other information needed to protect our internal systems and your personal data against cyber-attacks;
For execution of our signed contracts in relation with legal entities and for providing our services to the personnel of our legal entities;
Ensuring access to third-party platforms and tools in order for theCord App services to properly function;
For statistical studies and internal company risk analyzes in order to improve our services or systems, whereby the results of these studies do not allow any conclusions to be drawn about your person.
Carry out our obligations arising from any transaction entered into between you and us;
Protecting our rights and interests according to the enclosed agreements;
Ensure that content of our App is presented to you in the most effective manner;
If you voluntarily take part in pilot projects, usability tests, competitions and other campaigns or other customer loyalty measures.
Provide you with information, products or services that you request from us;
To participate in customer surveys or customer forums;
Send you notifications, including regarding changes to our set of terms and policies.
7.3. Legal basis
7.3.1. We rely our data protection process considering he above-mentioned purposes and scope, based on three legal grounds:
7.3.1.1. Your consent, according to article 6 align. 1, letter a) from the GDPR. Consent will be requested from the end-user (natural person) within the App, whenever certain processing activities of his/her personal data cannot be processed based on other legal grounds and consent is mandatory according to the law. If you are an employee or member of the staff of our client legal entity, information and consent for any processing activity realised by your employer falls under its specific obligation. theCord will make available information regarding only its processing activities.
7.3.1.2. Legal requirement, according to article 6 align. 1, letter b) from the GDPR, when the processing activity is necessary for a legal obligation and other statutory provisions, such as an information security, public accounting, financial reporting or for the purpose of auditing.
7.3.1.3. Performance of a contract, according to article 6 align. 1 letter b) from the GDPR, if the processing is necessary for the conclusion or the execution of a contract to which the data subject (end–user) is part of or to enter into or perform a contract with the data subject.
7.3.1.4. Legitimate interest of theCord, according to article 6 align 1, letter f) from the GDPR, if the processing is necessary to protect the legitimate interest of our company according with the services rendered but only if the processing activity is mandatory for the function of our company and if the processing activity does not outweigh any risks to the rights and freedoms of our users.
Newsletters, messages and alerts
8.1. When you provide us personal data and/or contact information through our Website, especially when you insert your e-mail address, you agree (subject to your right to refuse or revoke your consent according to the next section), that we may send you newsletters, messages and other alerts mainly by e-mail, short messages (SMS), push notifications, phone or in specific cases, by regular mail. Such communications are being sent, among others, with or without human interference for purpose of direct marketing or advertising similar products or services offered by theCord.
8.2. You can refuse or revoke your consent to receive newsletters, messages or alerts at any time
by using the special link provided in a newsletter, message and/or alert, or
by using the option available to restrict, refuse or revoke your consent in the specific section of your profile on our App, or
in case of push notifications, by using the respective settings on your device, or
by contacting our Customer Service at the contact details provided on our App.
8.3. We reserve the right to choose whom to send newsletters, messages and/or alerts and to remove from our databases of clients or prospective clients anyone who has given his consent to receive newsletters, messages and/or alerts without any further commitment on behalf of theCord or of further notice. Removal from our App or related websites is an action we are force to take in certain conditions like the case where your behaviour prejudiced theCord, other users or clients, our specialists or any of theCord partners (ex: if you place false session orders, or if we see a pattern of nonattendance to the sessions– it means that several consecutive transactions are made without expressing a valid interest for our services and also, if you are willingly and in any way, part of a cyber-threat that involves our company). In such cases we will notify you as soon as possible offering the reasons of our decisions.
Location of data storage and processing
9.1. The data that we collect from you may be processed in, transferred to, and/or stored at a location inside the European Economic Area ("EEA"), respectively in Frankfurt, Germany.
9.2. The data that we collect from you, may also be processed to, and stored at, a location outside the EEA, subject to us having taken all required steps by the applicable law of the EU, the EEA member states relating to the transfer of personal data abroad. Such steps may include but are not limited to compliance with the Standard Contractual Clauses for transfers in the United States if such agreements can be enforced into all agreements relevant for or relating to the transfer of data outside the EEA. Disclosure of your data in relation to various partners located outside the EEA may be necessary in order for us to make our products and services available to you, whenever we work for example with companies located in the United States of America according with the Standard Contractual Clauses, although, most of these companies have operational headquarters registered at European Union level in Ireland. The retention period of these personal data is established in relation to the duration of the partnership we have with our partners or by our partners according to the Privacy Policy available on their website.
A link to the Privacy Policy of our partners is made available in the section “Third party services list” https://thecord.ai/privacy.
If you restrict by request or oppose to such processing activity, we will act according to GDPR on each case basis.
9.3. The data that we collect from you may be processed by staff who works for us, by our affiliates, or one of our affiliates’ third-party service providers. Such staff may be engaged in, among other things, the operation of the App, the fulfilment of a contract, the processing of your payment details or the provision of support services.
9.4. We may disclose and/or transfer your personal data to any of our affiliates, which means any member of theCord as well our direct, indirect and ultimate holding company and their subsidiaries (i) in the event we reorganise the way in which we provide services to our users and such data transfer or disclosure is required to provide or continue to provide services to our users and / or (ii) in case we assign the operation of the App or all or parts of the rights and obligations relating to a transaction or to our contractual relation, for example if you don’t pay for our services.
9.5. We may disclose your data to third party service providers (i) to implement our obligations which we have to you, including but not limited to organize and deliver the online coaching services, sending e-mail schedules of the sessions or other related information, SMS or push notifications, or (ii) which provide services to us or to our affiliates, such as data analysis, marketing assistance, advertising services, translation, payment processing, logistic or customer support services, consulting, audit or legal services, or generally in relation with the purposes as described in the section “purpose of processing your data”. Such disclosure is permitted provided that such third parties need access to the data to perform their services but may not use them for other purposes, in particular not for their own internal business purposes.
9.6. If you provide any payment data directly to us (including bank account in case of a product return), we will disclose it to third party payment service providers to the extent required to provide refund or payment to you.
9.7. Your bank, credit card or debit card issuer and a third-party payment service provider may have access or view any data or documents related to your order or purchase contract.
9.8. We may further disclose your data to third parties and subject to the provisions of applicable law:
in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
if the assets of our company are acquired by a third party, case in which the personal data we hold you will be one of the transferred assets and we will inform you about such case prior to the actual transfer;
if we are under a duty to disclose or share your personal data in order to comply with any legal, regulatory or court obligation;
in order to enforce or apply our Terms of Service and other agreements or to protect the rights, property or safety of us, our customers, or others; or
as otherwise provided in this Privacy Policy.
Links to or from other websites
Our Website may, from time to time, contain links to and from the websites of third parties, for example third party manufacturers, distributors, advertisers, payment service providers or social media platforms such as, for example, LinkedIn, Facebook, Instagram or YouTube. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility for privacy policies of or practices implemented by such third parties. Please check those policies before you submit any data to those websites and access our “Third party services list” https://thecord.ai/privacy as it may be updated from time to time.
Registration through a third-party website
We may provide you the possibility to register through a third-party website, in particular through a social media platform such as Facebook. In such case, you can click on the button “register with (Facebook)” in the registration form and log into the third-party website. By doing so, you give your consent that your personal data (in particular name, surname, date of birth, gender and e-mail address) is retrieved from such social media platform and sent to us or to our partners. If you register through such third-party websites, please note that such websites have their own privacy policies and that we do not accept any responsibility or liability for privacy policies of or practices implemented by third parties. Please check those policies before you register to our App through such third-party website.
12. Access to information and other rights you may have
12.1. Where you want to make use of such rights, please address your request in writing (e-mail or signed and dated letter) to the Customer Service at the address indicated on our Website, before you address to the competent Supervisory Authorities as we will try to solve any issue with undue delay.
12.2. Applicable laws provide you rights with regard to your data. Such rights include, but are not limited to:
right to access your personal data or to see a copy of the personal data that we hold about you;
right to request a confirmation from us whether your personal data is or is not being processed;
right to request information about the status of processing of your personal data;
right to request information about the source from which we obtained your personal data for processing;
right to request rectification, updating or completion of your data;
right to restrict certain data processing activities, which means we store your personal data but do not use it for any other purpose. If you have obtained processing restriction, you will be informed before lifting the data processing restriction, if applicable;
right to reject the use of your personal data for marketing purposes;
right to revoke your consent to this Privacy Policy, and/or request deregistration and deletion from our App as further described in the next section on revocation of consent and deregistration;
right of portability (transfer) of the data you provided to us in relation to the specific purpose for which you provided us with this data; however, the portability of your personal data has to be possible according to art. 20 of the GDPR, or the portability will be denied by us as we cannot risk the unsafety of your personal data;
right not to be subject to an automated decision making, having the opportunity to oppose an automatic decision process according to art. 22 from GDPR;
right to be forgotten (deletion) of your personal data. We will evaluate your deletion request from the point of view of our internal laws and procedures, taking into account, if applicable, the existence of any existing instructions in place from our contractual partners and we will provide you with a written response within the legal term, which will not exceed one month (30 days term) from the receival date of the deletion request.
right to have your data removed from the system as further described in the next section on revocation of consent and deregistration.
right to address the relevant Data Supervisory Authority from the country you access theCord App, you can access mediation services in order to settle any dispute, or at a competent court, if you believe that your rights regarding the processing of personal data have been breached.
The National Supervisory Authority for each country where theCord App operates is available below:
Romania:
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (A.N.S.P.D.C.P.)
28 – 30 General Gheorghe Magheru Boulevard
010336, Bucharest
Tel. +40.318.059.211
Email: anspdcp@dataprotection.ro
13. Revocation of your consent; deregistration; data retention
13.1. You may revoke your consent to this Privacy Policy and/or request deregistration and deletion from our Website at any time and at no charge to you by contacting our Customer Service in writing (e-mail sufficient) at the contact details provided on our Website. Such revocation of consent will not apply to existing transactions between us and also to any previous commercial relation we had.
13.2. We may in any case keep the data for as long as we are required by applicable law or by our internal retention terms, including company law or tax law or otherwise, to keep transaction related information. We may hold on to some of your personal data for longer (typically for a period from six years to 10 years) if reasonably needed for legal, regulatory or tax reasons, deal with disputes, prevent fraud or abuse and/or enforce our Terms of Service. We will keep your information which we use only for newsletters or other marketing according to our internal Data Retention Policy, but mainly until you tell us to stop sending you such messages or your account is closed or, applicable to personal data of our partners, until our contract with you has otherwise ended.
13.3. In general, personal data is only stored by us to the extent that is absolutely necessary and generally after expiry of the statutory limitation period of three years under civil law (e.g. customer correspondence) or, in the case of invoice-relevant data, after seven to ten years depending on the jurisdiction (e.g. after payment for a coaching session or offering a promotional discount voucher) in accordance with the national applicable legislation. A longer retention period only takes place in justified individual cases, for example because of an ongoing civil or administrative dispute or a cybersecurity incident that involves your account information or personal data.
13.4. In case no transaction has occurred between you and us prior to your revocation or request for deregistration, we will remove or anonymize your data from the system such that it cannot be accessed anymore.
13.5. In case you want to exercise your rights according to art. 12.2 above, please contact us by e-mail at dataprotection@thecord.app.
14. Our quality measures
If you contact us by e-mail with requests, suggestions or criticism, we would like to ensure that we have fulfilled our service to your satisfaction. Therefore, after your request has been answered, we will ask you how satisfied you were with our service.
This is an internal quality assurance measure. For reasons of objectivity and automated processing, we use a processor who carries out this automated request for us. We only leave your email address and your customer number to the processor. We do not give this processor the opportunity to inspect your data, use your data for other purposes or pass it on to third parties.
Before using the processor, we convinced ourselves that it offers a sufficient guarantee for the lawful and secure use of data.
15. This is how we protect your data
15.1. We understand information security as:
Data confidentiality
Data integrity and
Data availability.
15.2. To ensure information security, we have established organizational framework conditions and protective measures that correspond to the state of the art.
15.3. These include:
Load distribution,
Firewalls,
Encryption,
Security tests,
System checks and
ongoing monitoring.
15.4. Our employees and/or collaborators are only granted role-specific access rights to the extent that is absolutely necessary. The use of these access authorizations is logged. Your data is protected by a secure online connection (TLS) between your PC and our servers with at least 128 bits, depending on the browser configuration.
16. Use of contract processors
16.1. We understand contract processors to mean our contractual partners who process personal data on our behalf (example: maintenance of our databases).
We currently use contract processors for the following activities, among others:
for shipping other printed matter
to carry out quality measures and customer surveys
for the operation and maintenance of our customer databases and
the use in individual cases.
16.2. We only use contract processors for data processing that we have legally carried out. We always convince ourselves in advance that the individual processor is suitable for the provision of services, in particular that he offers sufficient guarantee for lawful and secure data use.The processors selected by us receive personal data from us only to the extent that is absolutely necessary.
17. Choice of Law and Jurisdiction (including regarding data protection authorities)
This Privacy Policy and all matters arising or relating to these terms and the purchase contract shall be governed by the law of the country where theCord App is mainly operate, according to our Terms of Service. If you are a Consumer, you will benefit from any mandatory provisions of the law of the country in which you are resident. The courts, mediation and data protection authorities of that same country shall have exclusive jurisdiction to settle any disputes which may arise out of or in connection with these Privacy Policy.
Version: October / 2023
Privacy Policy
Websites and Operators of the Websites
1.1. The Meta Education Consultancy S.R.L. (hereinafter named “theCord”) company operates a mobile application (“theCordApp”) available in Romania and other countries within the European Union, providing instant access to professional accredited coaches to get insights and support in a timely manner, as follows:
theCoRD.ai owned by Meta Education Consultancy, duly registered according to the Romanian legislation, 44j Drumul Bisericii street, C3 Building, Voluntari, Ilfov county, having the Trade Registry Number J23/2074/2019 and the VAT number (Fiscal Unique Code) 41089537;
In this document, the term “App” shall mean and refer the up-mentioned mobile application and includes the social platforms company pages and the web version of the App, for example, a Web based application.
1.2. Your legal relationship is with theCord entity which operates the App you are using and/or through which you conclude an online transaction, unless specifically stated otherwise elsewhere.
1.3. TheCord reserves the right to assign in the future the operation of the App (or the Web based App, if the case) to any other future registered company. Such change of operator will be reflected in our Terms of Service.
1.4. Meta Education Consultancy S.R.L., and if the case, any of its affiliates, are individually and collectively referred to as “theCord”. In case of doubt, the term “theCord” or “we” refers to the operator of the mobile App you are using.
1.5. Meta Education Consultancy S.R.L. is responsible (Data Controller) for the processing activities that involve your personal data according to the contractual relationship enclosed by you and theCord.
Subject and Acceptance of Privacy Policy
2.1. This privacy policy, as amended from time to time (“Privacy Policy”) and our Terms of Service, all referenced below, sets out the basis on which any data, including personal data, we collect from you or which you provide to us, will be processed by us. Please read this Privacy Policy carefully. If you do not agree with it, please do not continue to use the App and do not provide us personal data. By using the App, you are deemed to have accepted our Terms of Service and Privacy Policy. Prior to providing us personal data (including e-mail address) through our App you will be specifically asked to accept our Privacy Policy and confirm your age. By accepting our Privacy Policy, you agree that we collect and process your data as described herein.
2.2. The Privacy Policy is applicable to both legal and natural persons (legal entities and consumers).
2.3. We reserve the right to make changes at any time to our Privacy Policy by posting the changed terms on our App or on the Website without any other notice, unless our changes significantly affects your legal status in relation to us (delivery of an order, reimbursement of any amount, return status or other such cases). Significant changes will additionally be communicated in an adequate manner. Please ensure that you review the Privacy Policy regularly as by your access or use of the App or Web based App after any changed Privacy Policy has been posted you will be deemed to have accepted the Privacy Policy in the version published on our App or Web based App at the time of your respective visit.
Cookies
3.1. The services of theCord App are possible based on similar technologies to cookies and are used as further indicated.
3.2. Information about Cookies, web analysis and social media
3.2.1. Use of cookies
Cookies are small text files or codes that contain information units. These text files are stored on your hard drive or in the memory of your browser when you visit one of our websites. Thanks to cookies, the content of our websites can be more easily built up and those devices can be recognized through which our websites were previously visited. We use cookies to gain a better understanding of how applications and websites work and to analyze and optimize the user experience when using our websites online and mobile.
3.2.2. Cookie Categories
We primarily use cookies from the following categories on our websites:
3.2.3. Business-necessary cookies
These cookies are necessary so that you can use our website as intended and all functions are available to you. Without these cookies, the requested services cannot be provided. These cookies do not collect any information about you and do not store internet locations. Absolutely necessary cookies cannot be deactivated via our website. However, they can be deactivated at any time via the browser you are using.
3.2.4. Functional cookies
These cookies are necessary for certain applications or functions of the website so that they can work properly. These can be cookies, for example, which save the settings made, such as the language setting of a visitor, or - with your prior consent - pre-filled forms.
Storage duration: In the case of a session cookie, for the duration of the session or, in the case of your prior consent, for the duration of your consent.
3.2.5. Analytical cookies
These cookies collect information about the usage behavior of visitors on our App or websites. For example, it records which section of the App are visited the most and which links are clicked. All recorded data is saved anonymously together with the information of other visitors. With the help of the data obtained by these cookies, we can use them to create analytical evaluations about our website and thus continuously improve the user experience.
Storage duration: In the case of a session cookie, for the duration of the session, in all other cases, a maximum of three years.
3.2.6. How long are cookies stored on my device?
The length of time a cookie remains on your device depends on whether it is a persistent cookie or a session cookie. Session cookies only remain on your device until your browser session is ended. Persistent cookies remain stored on your end device, even after you have ended a browser session, until the pre-set duration of the cookie has expired or it is deleted.
3.3. Social media
3.3.1. Social media plugins
We have embedded content from external providers such as LinkedIn, Facebook, Instagram and YouTube in our App or on individual websites or we link you to the websites of the our external providers. At the time we connected the App to the external providers, no legal violations were recognizable to us. If we become aware of such an infringement, we will remove the link immediately. In order to be able to recommend and share content in social networks such as LinkedIn, Facebook, Instagram and YouTube, appropriate links are integrated into the App.
These links only transfer data to external providers or other third parties when you, as a user, press the corresponding button. We have prevented the immediate transfer of data to external providers or other third parties when you simply visit our website. It is therefore entirely up to you to activate the transmission in individual cases.
3.3.2. Contests on social media
Insofar as personal data is collected from participants in the context of a contest or promotion campaign on social media, this is collected, processed and used exclusively for the purpose of carrying out the contest, unless you have given us your express consent to the use of your personal data for other purposes or in individual cases, the use of data is required for legal or other predominant reasons (for example in the event of a judicial or other official request or in the case of judicial or official disputes)
We will delete or anonymise collected and processed data after the statutory limitation period (ie usually after three years has elapsed. This also applies to messages in social media. For the correctness, topicality and completeness of the data you have provided about yourself) we do not assume any responsibility. Therefore, in your own interest, please ensure that the information you provide is accurate, up-to-date and complete.
Terms of Service
You find the Terms of Service referred to above under the following link: https://thecord.ai/terms.
General provisions
5.1. We undertake that the data we receive and/or collect from you is processed in accordance with applicable law (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation hereinafter named “GDPR”) and only for the purposes stated in this Privacy Policy. Moreover, national (local) legislation may complete or clarify the GDPR provisions as the case may be applicable to each of the countries theCord App is available.
Also, we undertake that significant national law may be applicable to each of the countries in which we operate, and we comply with such applicable legislations, as the case may be.
5.2. Provision of personal data is voluntary. However, without providing us certain data you may not be able to receive the full range of our services.
5.3. When you provide us personal data and/or contact information you allow us to contact you for the purpose for which you have provided us such personal data and contact information and as further described in this Privacy Policy. We will contact you mainly by e-mail and we may include short messages (SMS) via phone, push notifications, telephone and/or other means of communication we may agree upon from time to time.
5.4. We do not entrust, sell, rent, license, transfer etc. our database containing personal data of our customers or users, except as set out in this Privacy Policy.
Your data which we may collect or process
6.1. We may collect and process the following general data about you, subject to your right to revoke your consent or request deregistration, as further set out in the respective section of this Privacy Policy:
Data which you provide when you register to one of our services or to have access to restricted areas of our mobile App:
For legal entities: name and surname of the user, company name, company e-mail, company phone number;
For natural persons: name and surname, e-mail address, phone number, date of birth;
For natural persons, in relation to the purchase process or our services: bank information available on our account statements in relation to your payment. For legal entities, payment of our services involves the selection of a package or option made available for legal persons specifically.
Details of transactions you carry out through our App (or if the case, through our Web based App) and details of the fulfilment of your orders. TheCord uses the services of a payment processor, thus, no credit or debit card information is stored or otherwise processed by us.
Information which you provide when you participate in a competition or promotion sponsored or organised by us or one of our affiliates;
Information which you provide by filling in existing forms on our App or by posting any content on our social media pages;
Attending to the online coaching sessions or other related online based services available on our App, your personal online information like IP address, device tokens, user ID, is being transferred to other legal entities we enclosed a contractual partnership with like Amazon, Twilio, Stripe. Such transfers are only possible in certain conditions, as further explained in the present Policy.
Other marketing related data like contact or other information which you give or allow us and our third parties to use for ncommercial communication (like newsletters) or other marketing purposes;
Information which you provide when you contact us by any means of communication available in the App;
Information which you provide if you decide to participate in and complete surveys;
Considering that the services will be carried out via live online video conferences, data regarding sound and biometric information like image and voice are being processed. TheCord App provides access to additional services and functions like recording of the live session and textual transcript of the session. Legal entities may opt to access the additional services that are part of the service options or packages selected and payed. Legal entities bare responsibility to comply with the applicable privacy regulations like GDPR or other court rulings or directives in force. Natural persons can only opt for the recording service of the session or the textual transcript of the session based on the consent expressed for such processing activities.
Information collected by cookies and similar technologies - Cookies are small data files stored on your hard drive or in the memory of your device. Cookies help us improve and keep our services secure and offer information about your experience using the App. Through the use of cookies, we may automatically collect information about your activity on our App, such as the App sections you visit, the links you click, and the searches you conduct. For more information on cookies or similar technologies, see section "Cookies and other similar technologies" below;
Information collected by analytics software - we use analytics based software for user engagement tracking, such as Facebook and Google Analytics. We use analytics software to optimize the Service and the user experience;
Other profile data like your username, service purchase history, regarding our services and your communications with us.
6.2. As part of the purchasing process or a refund procedure, you may provide data relating to your bank account, your debit card or credit card information to a third-party payment services provider. Such data is used to carry out your payment to us or our reimbursement to you. In such case, you provide the payment data directly to the third-party payment services provider and not to us and you are subject to the privacy policy of such third-party payment service provider. We recommend that you review those terms prior to selecting the respective method of payment. We do neither receive, save or process such payment data.
6.2.1. Only if you provide your payment data directly to us, we collect and process such data and only for the scope you specifically indicate. This may be the case for example if you provide us your bank account details for a reimbursement in case of a product return.
6.2.2. Please note that we may have to disclose certain of your data to third party payment service providers as further set out in the section “Disclosure of your data” of this Privacy Policy.
Purpose of processing your data and legal basis for processing
7.1. Data Processing & Privacy
We collect personal information from you such as registration information and information received from third parties (such as your username, social login) in order to set up an account for you to use our services
We use your audio recordings together with metadata such as device information, meeting agendas, email headers and contents, in order to provide our services to you. We use audio recordings from your online meetings to generate near real-time text transcripts from your meetings. We do not store the audio recordings after the transcript is generated (within minutes after a meeting).
We store derivative data, such as meeting transcripts and results from AI algorithms applied to the meeting data in association with your account for as long as you maintain your account current. We do not share your data with others.
We use only proprietary deep learning models to analyze your transcripts and generate meeting insights. We do not share or upload any transcripts of your meetings with third parties. Only the results from proprietary AI algorithms applied to the meeting data are used to create AI-gen coaching recommendations (i.e. medium facilitation level with 5 interventions with a 30min meeting, low decision velocity with 2 decision drive behaviors within 1h meeting, etc)
We train our proprietary AI algorithms on anonymized transcripts in order to provide more accurate services, but never without explicit consent. For example, if you decide to participate in research projects, or to provide data in exchange for free services, or discounts we may ask for your permission to access your transcripts for training and product improvement purposes. Only if you agree to share your data we will anonymize it (remove any identifiable information) and incorporate the transcripts, or parts of the transcripts into our training data.
You have full control over your personal data:
if you wish to request a copy of your personal data that we store in our systems, you may do so by writing to us at: data@thecord.ai
if you with to delete your personal data, you may close your account; If you close your account, all data associated with your account will be deleted within 30 days (we allow for 30 days in order to be able to restore your account in case of accidental deletion)
7.2. We may use data held about you for the following purposes:
Facilitate the interaction between our specialists (coaches) and users (natural persons or personnel of legal entities);
Sending invoices after providing our services or upon your payment to us;
Complying with our legal obligations like privacy, confidentiality and security of any data processing activity we develop, invoice retention, resolving disputes and enforcing agreements concluded with our clients or service partners;
General use of our App when you sign up by creating an account or paying for our services, we store the logging data, device used (type, model), operating system of your device and version of the operation system, as well as any other information needed to protect our internal systems and your personal data against cyber-attacks;
For execution of our signed contracts in relation with legal entities and for providing our services to the personnel of our legal entities;
Ensuring access to third-party platforms and tools in order for theCord App services to properly function;
For statistical studies and internal company risk analyzes in order to improve our services or systems, whereby the results of these studies do not allow any conclusions to be drawn about your person.
Carry out our obligations arising from any transaction entered into between you and us;
Protecting our rights and interests according to the enclosed agreements;
Ensure that content of our App is presented to you in the most effective manner;
If you voluntarily take part in pilot projects, usability tests, competitions and other campaigns or other customer loyalty measures.
Provide you with information, products or services that you request from us;
To participate in customer surveys or customer forums;
Send you notifications, including regarding changes to our set of terms and policies.
7.3. Legal basis
7.3.1. We rely our data protection process considering he above-mentioned purposes and scope, based on three legal grounds:
7.3.1.1. Your consent, according to article 6 align. 1, letter a) from the GDPR. Consent will be requested from the end-user (natural person) within the App, whenever certain processing activities of his/her personal data cannot be processed based on other legal grounds and consent is mandatory according to the law. If you are an employee or member of the staff of our client legal entity, information and consent for any processing activity realised by your employer falls under its specific obligation. theCord will make available information regarding only its processing activities.
7.3.1.2. Legal requirement, according to article 6 align. 1, letter b) from the GDPR, when the processing activity is necessary for a legal obligation and other statutory provisions, such as an information security, public accounting, financial reporting or for the purpose of auditing.
7.3.1.3. Performance of a contract, according to article 6 align. 1 letter b) from the GDPR, if the processing is necessary for the conclusion or the execution of a contract to which the data subject (end–user) is part of or to enter into or perform a contract with the data subject.
7.3.1.4. Legitimate interest of theCord, according to article 6 align 1, letter f) from the GDPR, if the processing is necessary to protect the legitimate interest of our company according with the services rendered but only if the processing activity is mandatory for the function of our company and if the processing activity does not outweigh any risks to the rights and freedoms of our users.
Newsletters, messages and alerts
8.1. When you provide us personal data and/or contact information through our Website, especially when you insert your e-mail address, you agree (subject to your right to refuse or revoke your consent according to the next section), that we may send you newsletters, messages and other alerts mainly by e-mail, short messages (SMS), push notifications, phone or in specific cases, by regular mail. Such communications are being sent, among others, with or without human interference for purpose of direct marketing or advertising similar products or services offered by theCord.
8.2. You can refuse or revoke your consent to receive newsletters, messages or alerts at any time
by using the special link provided in a newsletter, message and/or alert, or
by using the option available to restrict, refuse or revoke your consent in the specific section of your profile on our App, or
in case of push notifications, by using the respective settings on your device, or
by contacting our Customer Service at the contact details provided on our App.
8.3. We reserve the right to choose whom to send newsletters, messages and/or alerts and to remove from our databases of clients or prospective clients anyone who has given his consent to receive newsletters, messages and/or alerts without any further commitment on behalf of theCord or of further notice. Removal from our App or related websites is an action we are force to take in certain conditions like the case where your behaviour prejudiced theCord, other users or clients, our specialists or any of theCord partners (ex: if you place false session orders, or if we see a pattern of nonattendance to the sessions– it means that several consecutive transactions are made without expressing a valid interest for our services and also, if you are willingly and in any way, part of a cyber-threat that involves our company). In such cases we will notify you as soon as possible offering the reasons of our decisions.
Location of data storage and processing
9.1. The data that we collect from you may be processed in, transferred to, and/or stored at a location inside the European Economic Area ("EEA"), respectively in Frankfurt, Germany.
9.2. The data that we collect from you, may also be processed to, and stored at, a location outside the EEA, subject to us having taken all required steps by the applicable law of the EU, the EEA member states relating to the transfer of personal data abroad. Such steps may include but are not limited to compliance with the Standard Contractual Clauses for transfers in the United States if such agreements can be enforced into all agreements relevant for or relating to the transfer of data outside the EEA. Disclosure of your data in relation to various partners located outside the EEA may be necessary in order for us to make our products and services available to you, whenever we work for example with companies located in the United States of America according with the Standard Contractual Clauses, although, most of these companies have operational headquarters registered at European Union level in Ireland. The retention period of these personal data is established in relation to the duration of the partnership we have with our partners or by our partners according to the Privacy Policy available on their website.
A link to the Privacy Policy of our partners is made available in the section “Third party services list” https://thecord.ai/privacy.
If you restrict by request or oppose to such processing activity, we will act according to GDPR on each case basis.
9.3. The data that we collect from you may be processed by staff who works for us, by our affiliates, or one of our affiliates’ third-party service providers. Such staff may be engaged in, among other things, the operation of the App, the fulfilment of a contract, the processing of your payment details or the provision of support services.
9.4. We may disclose and/or transfer your personal data to any of our affiliates, which means any member of theCord as well our direct, indirect and ultimate holding company and their subsidiaries (i) in the event we reorganise the way in which we provide services to our users and such data transfer or disclosure is required to provide or continue to provide services to our users and / or (ii) in case we assign the operation of the App or all or parts of the rights and obligations relating to a transaction or to our contractual relation, for example if you don’t pay for our services.
9.5. We may disclose your data to third party service providers (i) to implement our obligations which we have to you, including but not limited to organize and deliver the online coaching services, sending e-mail schedules of the sessions or other related information, SMS or push notifications, or (ii) which provide services to us or to our affiliates, such as data analysis, marketing assistance, advertising services, translation, payment processing, logistic or customer support services, consulting, audit or legal services, or generally in relation with the purposes as described in the section “purpose of processing your data”. Such disclosure is permitted provided that such third parties need access to the data to perform their services but may not use them for other purposes, in particular not for their own internal business purposes.
9.6. If you provide any payment data directly to us (including bank account in case of a product return), we will disclose it to third party payment service providers to the extent required to provide refund or payment to you.
9.7. Your bank, credit card or debit card issuer and a third-party payment service provider may have access or view any data or documents related to your order or purchase contract.
9.8. We may further disclose your data to third parties and subject to the provisions of applicable law:
in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
if the assets of our company are acquired by a third party, case in which the personal data we hold you will be one of the transferred assets and we will inform you about such case prior to the actual transfer;
if we are under a duty to disclose or share your personal data in order to comply with any legal, regulatory or court obligation;
in order to enforce or apply our Terms of Service and other agreements or to protect the rights, property or safety of us, our customers, or others; or
as otherwise provided in this Privacy Policy.
Links to or from other websites
Our Website may, from time to time, contain links to and from the websites of third parties, for example third party manufacturers, distributors, advertisers, payment service providers or social media platforms such as, for example, LinkedIn, Facebook, Instagram or YouTube. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility for privacy policies of or practices implemented by such third parties. Please check those policies before you submit any data to those websites and access our “Third party services list” https://thecord.ai/privacy as it may be updated from time to time.
Registration through a third-party website
We may provide you the possibility to register through a third-party website, in particular through a social media platform such as Facebook. In such case, you can click on the button “register with (Facebook)” in the registration form and log into the third-party website. By doing so, you give your consent that your personal data (in particular name, surname, date of birth, gender and e-mail address) is retrieved from such social media platform and sent to us or to our partners. If you register through such third-party websites, please note that such websites have their own privacy policies and that we do not accept any responsibility or liability for privacy policies of or practices implemented by third parties. Please check those policies before you register to our App through such third-party website.
12. Access to information and other rights you may have
12.1. Where you want to make use of such rights, please address your request in writing (e-mail or signed and dated letter) to the Customer Service at the address indicated on our Website, before you address to the competent Supervisory Authorities as we will try to solve any issue with undue delay.
12.2. Applicable laws provide you rights with regard to your data. Such rights include, but are not limited to:
right to access your personal data or to see a copy of the personal data that we hold about you;
right to request a confirmation from us whether your personal data is or is not being processed;
right to request information about the status of processing of your personal data;
right to request information about the source from which we obtained your personal data for processing;
right to request rectification, updating or completion of your data;
right to restrict certain data processing activities, which means we store your personal data but do not use it for any other purpose. If you have obtained processing restriction, you will be informed before lifting the data processing restriction, if applicable;
right to reject the use of your personal data for marketing purposes;
right to revoke your consent to this Privacy Policy, and/or request deregistration and deletion from our App as further described in the next section on revocation of consent and deregistration;
right of portability (transfer) of the data you provided to us in relation to the specific purpose for which you provided us with this data; however, the portability of your personal data has to be possible according to art. 20 of the GDPR, or the portability will be denied by us as we cannot risk the unsafety of your personal data;
right not to be subject to an automated decision making, having the opportunity to oppose an automatic decision process according to art. 22 from GDPR;
right to be forgotten (deletion) of your personal data. We will evaluate your deletion request from the point of view of our internal laws and procedures, taking into account, if applicable, the existence of any existing instructions in place from our contractual partners and we will provide you with a written response within the legal term, which will not exceed one month (30 days term) from the receival date of the deletion request.
right to have your data removed from the system as further described in the next section on revocation of consent and deregistration.
right to address the relevant Data Supervisory Authority from the country you access theCord App, you can access mediation services in order to settle any dispute, or at a competent court, if you believe that your rights regarding the processing of personal data have been breached.
The National Supervisory Authority for each country where theCord App operates is available below:
Romania:
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (A.N.S.P.D.C.P.)
28 – 30 General Gheorghe Magheru Boulevard
010336, Bucharest
Tel. +40.318.059.211
Email: anspdcp@dataprotection.ro
13. Revocation of your consent; deregistration; data retention
13.1. You may revoke your consent to this Privacy Policy and/or request deregistration and deletion from our Website at any time and at no charge to you by contacting our Customer Service in writing (e-mail sufficient) at the contact details provided on our Website. Such revocation of consent will not apply to existing transactions between us and also to any previous commercial relation we had.
13.2. We may in any case keep the data for as long as we are required by applicable law or by our internal retention terms, including company law or tax law or otherwise, to keep transaction related information. We may hold on to some of your personal data for longer (typically for a period from six years to 10 years) if reasonably needed for legal, regulatory or tax reasons, deal with disputes, prevent fraud or abuse and/or enforce our Terms of Service. We will keep your information which we use only for newsletters or other marketing according to our internal Data Retention Policy, but mainly until you tell us to stop sending you such messages or your account is closed or, applicable to personal data of our partners, until our contract with you has otherwise ended.
13.3. In general, personal data is only stored by us to the extent that is absolutely necessary and generally after expiry of the statutory limitation period of three years under civil law (e.g. customer correspondence) or, in the case of invoice-relevant data, after seven to ten years depending on the jurisdiction (e.g. after payment for a coaching session or offering a promotional discount voucher) in accordance with the national applicable legislation. A longer retention period only takes place in justified individual cases, for example because of an ongoing civil or administrative dispute or a cybersecurity incident that involves your account information or personal data.
13.4. In case no transaction has occurred between you and us prior to your revocation or request for deregistration, we will remove or anonymize your data from the system such that it cannot be accessed anymore.
13.5. In case you want to exercise your rights according to art. 12.2 above, please contact us by e-mail at dataprotection@thecord.app.
14. Our quality measures
If you contact us by e-mail with requests, suggestions or criticism, we would like to ensure that we have fulfilled our service to your satisfaction. Therefore, after your request has been answered, we will ask you how satisfied you were with our service.
This is an internal quality assurance measure. For reasons of objectivity and automated processing, we use a processor who carries out this automated request for us. We only leave your email address and your customer number to the processor. We do not give this processor the opportunity to inspect your data, use your data for other purposes or pass it on to third parties.
Before using the processor, we convinced ourselves that it offers a sufficient guarantee for the lawful and secure use of data.
15. This is how we protect your data
15.1. We understand information security as:
Data confidentiality
Data integrity and
Data availability.
15.2. To ensure information security, we have established organizational framework conditions and protective measures that correspond to the state of the art.
15.3. These include:
Load distribution,
Firewalls,
Encryption,
Security tests,
System checks and
ongoing monitoring.
15.4. Our employees and/or collaborators are only granted role-specific access rights to the extent that is absolutely necessary. The use of these access authorizations is logged. Your data is protected by a secure online connection (TLS) between your PC and our servers with at least 128 bits, depending on the browser configuration.
16. Use of contract processors
16.1. We understand contract processors to mean our contractual partners who process personal data on our behalf (example: maintenance of our databases).
We currently use contract processors for the following activities, among others:
for shipping other printed matter
to carry out quality measures and customer surveys
for the operation and maintenance of our customer databases and
the use in individual cases.
16.2. We only use contract processors for data processing that we have legally carried out. We always convince ourselves in advance that the individual processor is suitable for the provision of services, in particular that he offers sufficient guarantee for lawful and secure data use.The processors selected by us receive personal data from us only to the extent that is absolutely necessary.
17. Choice of Law and Jurisdiction (including regarding data protection authorities)
This Privacy Policy and all matters arising or relating to these terms and the purchase contract shall be governed by the law of the country where theCord App is mainly operate, according to our Terms of Service. If you are a Consumer, you will benefit from any mandatory provisions of the law of the country in which you are resident. The courts, mediation and data protection authorities of that same country shall have exclusive jurisdiction to settle any disputes which may arise out of or in connection with these Privacy Policy.
Version: October / 2023
Privacy Policy
Websites and Operators of the Websites
1.1. The Meta Education Consultancy S.R.L. (hereinafter named “theCord”) company operates a mobile application (“theCordApp”) available in Romania and other countries within the European Union, providing instant access to professional accredited coaches to get insights and support in a timely manner, as follows:
theCoRD.ai owned by Meta Education Consultancy, duly registered according to the Romanian legislation, 44j Drumul Bisericii street, C3 Building, Voluntari, Ilfov county, having the Trade Registry Number J23/2074/2019 and the VAT number (Fiscal Unique Code) 41089537;
In this document, the term “App” shall mean and refer the up-mentioned mobile application and includes the social platforms company pages and the web version of the App, for example, a Web based application.
1.2. Your legal relationship is with theCord entity which operates the App you are using and/or through which you conclude an online transaction, unless specifically stated otherwise elsewhere.
1.3. TheCord reserves the right to assign in the future the operation of the App (or the Web based App, if the case) to any other future registered company. Such change of operator will be reflected in our Terms of Service.
1.4. Meta Education Consultancy S.R.L., and if the case, any of its affiliates, are individually and collectively referred to as “theCord”. In case of doubt, the term “theCord” or “we” refers to the operator of the mobile App you are using.
1.5. Meta Education Consultancy S.R.L. is responsible (Data Controller) for the processing activities that involve your personal data according to the contractual relationship enclosed by you and theCord.
Subject and Acceptance of Privacy Policy
2.1. This privacy policy, as amended from time to time (“Privacy Policy”) and our Terms of Service, all referenced below, sets out the basis on which any data, including personal data, we collect from you or which you provide to us, will be processed by us. Please read this Privacy Policy carefully. If you do not agree with it, please do not continue to use the App and do not provide us personal data. By using the App, you are deemed to have accepted our Terms of Service and Privacy Policy. Prior to providing us personal data (including e-mail address) through our App you will be specifically asked to accept our Privacy Policy and confirm your age. By accepting our Privacy Policy, you agree that we collect and process your data as described herein.
2.2. The Privacy Policy is applicable to both legal and natural persons (legal entities and consumers).
2.3. We reserve the right to make changes at any time to our Privacy Policy by posting the changed terms on our App or on the Website without any other notice, unless our changes significantly affects your legal status in relation to us (delivery of an order, reimbursement of any amount, return status or other such cases). Significant changes will additionally be communicated in an adequate manner. Please ensure that you review the Privacy Policy regularly as by your access or use of the App or Web based App after any changed Privacy Policy has been posted you will be deemed to have accepted the Privacy Policy in the version published on our App or Web based App at the time of your respective visit.
Cookies
3.1. The services of theCord App are possible based on similar technologies to cookies and are used as further indicated.
3.2. Information about Cookies, web analysis and social media
3.2.1. Use of cookies
Cookies are small text files or codes that contain information units. These text files are stored on your hard drive or in the memory of your browser when you visit one of our websites. Thanks to cookies, the content of our websites can be more easily built up and those devices can be recognized through which our websites were previously visited. We use cookies to gain a better understanding of how applications and websites work and to analyze and optimize the user experience when using our websites online and mobile.
3.2.2. Cookie Categories
We primarily use cookies from the following categories on our websites:
3.2.3. Business-necessary cookies
These cookies are necessary so that you can use our website as intended and all functions are available to you. Without these cookies, the requested services cannot be provided. These cookies do not collect any information about you and do not store internet locations. Absolutely necessary cookies cannot be deactivated via our website. However, they can be deactivated at any time via the browser you are using.
3.2.4. Functional cookies
These cookies are necessary for certain applications or functions of the website so that they can work properly. These can be cookies, for example, which save the settings made, such as the language setting of a visitor, or - with your prior consent - pre-filled forms.
Storage duration: In the case of a session cookie, for the duration of the session or, in the case of your prior consent, for the duration of your consent.
3.2.5. Analytical cookies
These cookies collect information about the usage behavior of visitors on our App or websites. For example, it records which section of the App are visited the most and which links are clicked. All recorded data is saved anonymously together with the information of other visitors. With the help of the data obtained by these cookies, we can use them to create analytical evaluations about our website and thus continuously improve the user experience.
Storage duration: In the case of a session cookie, for the duration of the session, in all other cases, a maximum of three years.
3.2.6. How long are cookies stored on my device?
The length of time a cookie remains on your device depends on whether it is a persistent cookie or a session cookie. Session cookies only remain on your device until your browser session is ended. Persistent cookies remain stored on your end device, even after you have ended a browser session, until the pre-set duration of the cookie has expired or it is deleted.
3.3. Social media
3.3.1. Social media plugins
We have embedded content from external providers such as LinkedIn, Facebook, Instagram and YouTube in our App or on individual websites or we link you to the websites of the our external providers. At the time we connected the App to the external providers, no legal violations were recognizable to us. If we become aware of such an infringement, we will remove the link immediately. In order to be able to recommend and share content in social networks such as LinkedIn, Facebook, Instagram and YouTube, appropriate links are integrated into the App.
These links only transfer data to external providers or other third parties when you, as a user, press the corresponding button. We have prevented the immediate transfer of data to external providers or other third parties when you simply visit our website. It is therefore entirely up to you to activate the transmission in individual cases.
3.3.2. Contests on social media
Insofar as personal data is collected from participants in the context of a contest or promotion campaign on social media, this is collected, processed and used exclusively for the purpose of carrying out the contest, unless you have given us your express consent to the use of your personal data for other purposes or in individual cases, the use of data is required for legal or other predominant reasons (for example in the event of a judicial or other official request or in the case of judicial or official disputes)
We will delete or anonymise collected and processed data after the statutory limitation period (ie usually after three years has elapsed. This also applies to messages in social media. For the correctness, topicality and completeness of the data you have provided about yourself) we do not assume any responsibility. Therefore, in your own interest, please ensure that the information you provide is accurate, up-to-date and complete.
Terms of Service
You find the Terms of Service referred to above under the following link: https://thecord.ai/terms.
General provisions
5.1. We undertake that the data we receive and/or collect from you is processed in accordance with applicable law (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation hereinafter named “GDPR”) and only for the purposes stated in this Privacy Policy. Moreover, national (local) legislation may complete or clarify the GDPR provisions as the case may be applicable to each of the countries theCord App is available.
Also, we undertake that significant national law may be applicable to each of the countries in which we operate, and we comply with such applicable legislations, as the case may be.
5.2. Provision of personal data is voluntary. However, without providing us certain data you may not be able to receive the full range of our services.
5.3. When you provide us personal data and/or contact information you allow us to contact you for the purpose for which you have provided us such personal data and contact information and as further described in this Privacy Policy. We will contact you mainly by e-mail and we may include short messages (SMS) via phone, push notifications, telephone and/or other means of communication we may agree upon from time to time.
5.4. We do not entrust, sell, rent, license, transfer etc. our database containing personal data of our customers or users, except as set out in this Privacy Policy.
Your data which we may collect or process
6.1. We may collect and process the following general data about you, subject to your right to revoke your consent or request deregistration, as further set out in the respective section of this Privacy Policy:
Data which you provide when you register to one of our services or to have access to restricted areas of our mobile App:
For legal entities: name and surname of the user, company name, company e-mail, company phone number;
For natural persons: name and surname, e-mail address, phone number, date of birth;
For natural persons, in relation to the purchase process or our services: bank information available on our account statements in relation to your payment. For legal entities, payment of our services involves the selection of a package or option made available for legal persons specifically.
Details of transactions you carry out through our App (or if the case, through our Web based App) and details of the fulfilment of your orders. TheCord uses the services of a payment processor, thus, no credit or debit card information is stored or otherwise processed by us.
Information which you provide when you participate in a competition or promotion sponsored or organised by us or one of our affiliates;
Information which you provide by filling in existing forms on our App or by posting any content on our social media pages;
Attending to the online coaching sessions or other related online based services available on our App, your personal online information like IP address, device tokens, user ID, is being transferred to other legal entities we enclosed a contractual partnership with like Amazon, Twilio, Stripe. Such transfers are only possible in certain conditions, as further explained in the present Policy.
Other marketing related data like contact or other information which you give or allow us and our third parties to use for ncommercial communication (like newsletters) or other marketing purposes;
Information which you provide when you contact us by any means of communication available in the App;
Information which you provide if you decide to participate in and complete surveys;
Considering that the services will be carried out via live online video conferences, data regarding sound and biometric information like image and voice are being processed. TheCord App provides access to additional services and functions like recording of the live session and textual transcript of the session. Legal entities may opt to access the additional services that are part of the service options or packages selected and payed. Legal entities bare responsibility to comply with the applicable privacy regulations like GDPR or other court rulings or directives in force. Natural persons can only opt for the recording service of the session or the textual transcript of the session based on the consent expressed for such processing activities.
Information collected by cookies and similar technologies - Cookies are small data files stored on your hard drive or in the memory of your device. Cookies help us improve and keep our services secure and offer information about your experience using the App. Through the use of cookies, we may automatically collect information about your activity on our App, such as the App sections you visit, the links you click, and the searches you conduct. For more information on cookies or similar technologies, see section "Cookies and other similar technologies" below;
Information collected by analytics software - we use analytics based software for user engagement tracking, such as Facebook and Google Analytics. We use analytics software to optimize the Service and the user experience;
Other profile data like your username, service purchase history, regarding our services and your communications with us.
6.2. As part of the purchasing process or a refund procedure, you may provide data relating to your bank account, your debit card or credit card information to a third-party payment services provider. Such data is used to carry out your payment to us or our reimbursement to you. In such case, you provide the payment data directly to the third-party payment services provider and not to us and you are subject to the privacy policy of such third-party payment service provider. We recommend that you review those terms prior to selecting the respective method of payment. We do neither receive, save or process such payment data.
6.2.1. Only if you provide your payment data directly to us, we collect and process such data and only for the scope you specifically indicate. This may be the case for example if you provide us your bank account details for a reimbursement in case of a product return.
6.2.2. Please note that we may have to disclose certain of your data to third party payment service providers as further set out in the section “Disclosure of your data” of this Privacy Policy.
Purpose of processing your data and legal basis for processing
7.1. Data Processing & Privacy
We collect personal information from you such as registration information and information received from third parties (such as your username, social login) in order to set up an account for you to use our services
We use your audio recordings together with metadata such as device information, meeting agendas, email headers and contents, in order to provide our services to you. We use audio recordings from your online meetings to generate near real-time text transcripts from your meetings. We do not store the audio recordings after the transcript is generated (within minutes after a meeting).
We store derivative data, such as meeting transcripts and results from AI algorithms applied to the meeting data in association with your account for as long as you maintain your account current. We do not share your data with others.
We use only proprietary deep learning models to analyze your transcripts and generate meeting insights. We do not share or upload any transcripts of your meetings with third parties. Only the results from proprietary AI algorithms applied to the meeting data are used to create AI-gen coaching recommendations (i.e. medium facilitation level with 5 interventions with a 30min meeting, low decision velocity with 2 decision drive behaviors within 1h meeting, etc)
We train our proprietary AI algorithms on anonymized transcripts in order to provide more accurate services, but never without explicit consent. For example, if you decide to participate in research projects, or to provide data in exchange for free services, or discounts we may ask for your permission to access your transcripts for training and product improvement purposes. Only if you agree to share your data we will anonymize it (remove any identifiable information) and incorporate the transcripts, or parts of the transcripts into our training data.
You have full control over your personal data:
if you wish to request a copy of your personal data that we store in our systems, you may do so by writing to us at: data@thecord.ai
if you with to delete your personal data, you may close your account; If you close your account, all data associated with your account will be deleted within 30 days (we allow for 30 days in order to be able to restore your account in case of accidental deletion)
7.2. We may use data held about you for the following purposes:
Facilitate the interaction between our specialists (coaches) and users (natural persons or personnel of legal entities);
Sending invoices after providing our services or upon your payment to us;
Complying with our legal obligations like privacy, confidentiality and security of any data processing activity we develop, invoice retention, resolving disputes and enforcing agreements concluded with our clients or service partners;
General use of our App when you sign up by creating an account or paying for our services, we store the logging data, device used (type, model), operating system of your device and version of the operation system, as well as any other information needed to protect our internal systems and your personal data against cyber-attacks;
For execution of our signed contracts in relation with legal entities and for providing our services to the personnel of our legal entities;
Ensuring access to third-party platforms and tools in order for theCord App services to properly function;
For statistical studies and internal company risk analyzes in order to improve our services or systems, whereby the results of these studies do not allow any conclusions to be drawn about your person.
Carry out our obligations arising from any transaction entered into between you and us;
Protecting our rights and interests according to the enclosed agreements;
Ensure that content of our App is presented to you in the most effective manner;
If you voluntarily take part in pilot projects, usability tests, competitions and other campaigns or other customer loyalty measures.
Provide you with information, products or services that you request from us;
To participate in customer surveys or customer forums;
Send you notifications, including regarding changes to our set of terms and policies.
7.3. Legal basis
7.3.1. We rely our data protection process considering he above-mentioned purposes and scope, based on three legal grounds:
7.3.1.1. Your consent, according to article 6 align. 1, letter a) from the GDPR. Consent will be requested from the end-user (natural person) within the App, whenever certain processing activities of his/her personal data cannot be processed based on other legal grounds and consent is mandatory according to the law. If you are an employee or member of the staff of our client legal entity, information and consent for any processing activity realised by your employer falls under its specific obligation. theCord will make available information regarding only its processing activities.
7.3.1.2. Legal requirement, according to article 6 align. 1, letter b) from the GDPR, when the processing activity is necessary for a legal obligation and other statutory provisions, such as an information security, public accounting, financial reporting or for the purpose of auditing.
7.3.1.3. Performance of a contract, according to article 6 align. 1 letter b) from the GDPR, if the processing is necessary for the conclusion or the execution of a contract to which the data subject (end–user) is part of or to enter into or perform a contract with the data subject.
7.3.1.4. Legitimate interest of theCord, according to article 6 align 1, letter f) from the GDPR, if the processing is necessary to protect the legitimate interest of our company according with the services rendered but only if the processing activity is mandatory for the function of our company and if the processing activity does not outweigh any risks to the rights and freedoms of our users.
Newsletters, messages and alerts
8.1. When you provide us personal data and/or contact information through our Website, especially when you insert your e-mail address, you agree (subject to your right to refuse or revoke your consent according to the next section), that we may send you newsletters, messages and other alerts mainly by e-mail, short messages (SMS), push notifications, phone or in specific cases, by regular mail. Such communications are being sent, among others, with or without human interference for purpose of direct marketing or advertising similar products or services offered by theCord.
8.2. You can refuse or revoke your consent to receive newsletters, messages or alerts at any time
by using the special link provided in a newsletter, message and/or alert, or
by using the option available to restrict, refuse or revoke your consent in the specific section of your profile on our App, or
in case of push notifications, by using the respective settings on your device, or
by contacting our Customer Service at the contact details provided on our App.
8.3. We reserve the right to choose whom to send newsletters, messages and/or alerts and to remove from our databases of clients or prospective clients anyone who has given his consent to receive newsletters, messages and/or alerts without any further commitment on behalf of theCord or of further notice. Removal from our App or related websites is an action we are force to take in certain conditions like the case where your behaviour prejudiced theCord, other users or clients, our specialists or any of theCord partners (ex: if you place false session orders, or if we see a pattern of nonattendance to the sessions– it means that several consecutive transactions are made without expressing a valid interest for our services and also, if you are willingly and in any way, part of a cyber-threat that involves our company). In such cases we will notify you as soon as possible offering the reasons of our decisions.
Location of data storage and processing
9.1. The data that we collect from you may be processed in, transferred to, and/or stored at a location inside the European Economic Area ("EEA"), respectively in Frankfurt, Germany.
9.2. The data that we collect from you, may also be processed to, and stored at, a location outside the EEA, subject to us having taken all required steps by the applicable law of the EU, the EEA member states relating to the transfer of personal data abroad. Such steps may include but are not limited to compliance with the Standard Contractual Clauses for transfers in the United States if such agreements can be enforced into all agreements relevant for or relating to the transfer of data outside the EEA. Disclosure of your data in relation to various partners located outside the EEA may be necessary in order for us to make our products and services available to you, whenever we work for example with companies located in the United States of America according with the Standard Contractual Clauses, although, most of these companies have operational headquarters registered at European Union level in Ireland. The retention period of these personal data is established in relation to the duration of the partnership we have with our partners or by our partners according to the Privacy Policy available on their website.
A link to the Privacy Policy of our partners is made available in the section “Third party services list” https://thecord.ai/privacy.
If you restrict by request or oppose to such processing activity, we will act according to GDPR on each case basis.
9.3. The data that we collect from you may be processed by staff who works for us, by our affiliates, or one of our affiliates’ third-party service providers. Such staff may be engaged in, among other things, the operation of the App, the fulfilment of a contract, the processing of your payment details or the provision of support services.
9.4. We may disclose and/or transfer your personal data to any of our affiliates, which means any member of theCord as well our direct, indirect and ultimate holding company and their subsidiaries (i) in the event we reorganise the way in which we provide services to our users and such data transfer or disclosure is required to provide or continue to provide services to our users and / or (ii) in case we assign the operation of the App or all or parts of the rights and obligations relating to a transaction or to our contractual relation, for example if you don’t pay for our services.
9.5. We may disclose your data to third party service providers (i) to implement our obligations which we have to you, including but not limited to organize and deliver the online coaching services, sending e-mail schedules of the sessions or other related information, SMS or push notifications, or (ii) which provide services to us or to our affiliates, such as data analysis, marketing assistance, advertising services, translation, payment processing, logistic or customer support services, consulting, audit or legal services, or generally in relation with the purposes as described in the section “purpose of processing your data”. Such disclosure is permitted provided that such third parties need access to the data to perform their services but may not use them for other purposes, in particular not for their own internal business purposes.
9.6. If you provide any payment data directly to us (including bank account in case of a product return), we will disclose it to third party payment service providers to the extent required to provide refund or payment to you.
9.7. Your bank, credit card or debit card issuer and a third-party payment service provider may have access or view any data or documents related to your order or purchase contract.
9.8. We may further disclose your data to third parties and subject to the provisions of applicable law:
in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
if the assets of our company are acquired by a third party, case in which the personal data we hold you will be one of the transferred assets and we will inform you about such case prior to the actual transfer;
if we are under a duty to disclose or share your personal data in order to comply with any legal, regulatory or court obligation;
in order to enforce or apply our Terms of Service and other agreements or to protect the rights, property or safety of us, our customers, or others; or
as otherwise provided in this Privacy Policy.
Links to or from other websites
Our Website may, from time to time, contain links to and from the websites of third parties, for example third party manufacturers, distributors, advertisers, payment service providers or social media platforms such as, for example, LinkedIn, Facebook, Instagram or YouTube. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility for privacy policies of or practices implemented by such third parties. Please check those policies before you submit any data to those websites and access our “Third party services list” https://thecord.ai/privacy as it may be updated from time to time.
Registration through a third-party website
We may provide you the possibility to register through a third-party website, in particular through a social media platform such as Facebook. In such case, you can click on the button “register with (Facebook)” in the registration form and log into the third-party website. By doing so, you give your consent that your personal data (in particular name, surname, date of birth, gender and e-mail address) is retrieved from such social media platform and sent to us or to our partners. If you register through such third-party websites, please note that such websites have their own privacy policies and that we do not accept any responsibility or liability for privacy policies of or practices implemented by third parties. Please check those policies before you register to our App through such third-party website.
12. Access to information and other rights you may have
12.1. Where you want to make use of such rights, please address your request in writing (e-mail or signed and dated letter) to the Customer Service at the address indicated on our Website, before you address to the competent Supervisory Authorities as we will try to solve any issue with undue delay.
12.2. Applicable laws provide you rights with regard to your data. Such rights include, but are not limited to:
right to access your personal data or to see a copy of the personal data that we hold about you;
right to request a confirmation from us whether your personal data is or is not being processed;
right to request information about the status of processing of your personal data;
right to request information about the source from which we obtained your personal data for processing;
right to request rectification, updating or completion of your data;
right to restrict certain data processing activities, which means we store your personal data but do not use it for any other purpose. If you have obtained processing restriction, you will be informed before lifting the data processing restriction, if applicable;
right to reject the use of your personal data for marketing purposes;
right to revoke your consent to this Privacy Policy, and/or request deregistration and deletion from our App as further described in the next section on revocation of consent and deregistration;
right of portability (transfer) of the data you provided to us in relation to the specific purpose for which you provided us with this data; however, the portability of your personal data has to be possible according to art. 20 of the GDPR, or the portability will be denied by us as we cannot risk the unsafety of your personal data;
right not to be subject to an automated decision making, having the opportunity to oppose an automatic decision process according to art. 22 from GDPR;
right to be forgotten (deletion) of your personal data. We will evaluate your deletion request from the point of view of our internal laws and procedures, taking into account, if applicable, the existence of any existing instructions in place from our contractual partners and we will provide you with a written response within the legal term, which will not exceed one month (30 days term) from the receival date of the deletion request.
right to have your data removed from the system as further described in the next section on revocation of consent and deregistration.
right to address the relevant Data Supervisory Authority from the country you access theCord App, you can access mediation services in order to settle any dispute, or at a competent court, if you believe that your rights regarding the processing of personal data have been breached.
The National Supervisory Authority for each country where theCord App operates is available below:
Romania:
Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (A.N.S.P.D.C.P.)
28 – 30 General Gheorghe Magheru Boulevard
010336, Bucharest
Tel. +40.318.059.211
Email: anspdcp@dataprotection.ro
13. Revocation of your consent; deregistration; data retention
13.1. You may revoke your consent to this Privacy Policy and/or request deregistration and deletion from our Website at any time and at no charge to you by contacting our Customer Service in writing (e-mail sufficient) at the contact details provided on our Website. Such revocation of consent will not apply to existing transactions between us and also to any previous commercial relation we had.
13.2. We may in any case keep the data for as long as we are required by applicable law or by our internal retention terms, including company law or tax law or otherwise, to keep transaction related information. We may hold on to some of your personal data for longer (typically for a period from six years to 10 years) if reasonably needed for legal, regulatory or tax reasons, deal with disputes, prevent fraud or abuse and/or enforce our Terms of Service. We will keep your information which we use only for newsletters or other marketing according to our internal Data Retention Policy, but mainly until you tell us to stop sending you such messages or your account is closed or, applicable to personal data of our partners, until our contract with you has otherwise ended.
13.3. In general, personal data is only stored by us to the extent that is absolutely necessary and generally after expiry of the statutory limitation period of three years under civil law (e.g. customer correspondence) or, in the case of invoice-relevant data, after seven to ten years depending on the jurisdiction (e.g. after payment for a coaching session or offering a promotional discount voucher) in accordance with the national applicable legislation. A longer retention period only takes place in justified individual cases, for example because of an ongoing civil or administrative dispute or a cybersecurity incident that involves your account information or personal data.
13.4. In case no transaction has occurred between you and us prior to your revocation or request for deregistration, we will remove or anonymize your data from the system such that it cannot be accessed anymore.
13.5. In case you want to exercise your rights according to art. 12.2 above, please contact us by e-mail at dataprotection@thecord.app.
14. Our quality measures
If you contact us by e-mail with requests, suggestions or criticism, we would like to ensure that we have fulfilled our service to your satisfaction. Therefore, after your request has been answered, we will ask you how satisfied you were with our service.
This is an internal quality assurance measure. For reasons of objectivity and automated processing, we use a processor who carries out this automated request for us. We only leave your email address and your customer number to the processor. We do not give this processor the opportunity to inspect your data, use your data for other purposes or pass it on to third parties.
Before using the processor, we convinced ourselves that it offers a sufficient guarantee for the lawful and secure use of data.
15. This is how we protect your data
15.1. We understand information security as:
Data confidentiality
Data integrity and
Data availability.
15.2. To ensure information security, we have established organizational framework conditions and protective measures that correspond to the state of the art.
15.3. These include:
Load distribution,
Firewalls,
Encryption,
Security tests,
System checks and
ongoing monitoring.
15.4. Our employees and/or collaborators are only granted role-specific access rights to the extent that is absolutely necessary. The use of these access authorizations is logged. Your data is protected by a secure online connection (TLS) between your PC and our servers with at least 128 bits, depending on the browser configuration.
16. Use of contract processors
16.1. We understand contract processors to mean our contractual partners who process personal data on our behalf (example: maintenance of our databases).
We currently use contract processors for the following activities, among others:
for shipping other printed matter
to carry out quality measures and customer surveys
for the operation and maintenance of our customer databases and
the use in individual cases.
16.2. We only use contract processors for data processing that we have legally carried out. We always convince ourselves in advance that the individual processor is suitable for the provision of services, in particular that he offers sufficient guarantee for lawful and secure data use.The processors selected by us receive personal data from us only to the extent that is absolutely necessary.
17. Choice of Law and Jurisdiction (including regarding data protection authorities)
This Privacy Policy and all matters arising or relating to these terms and the purchase contract shall be governed by the law of the country where theCord App is mainly operate, according to our Terms of Service. If you are a Consumer, you will benefit from any mandatory provisions of the law of the country in which you are resident. The courts, mediation and data protection authorities of that same country shall have exclusive jurisdiction to settle any disputes which may arise out of or in connection with these Privacy Policy.
Version: October / 2023
Join our newsletter
Be part of a community of high-performance teams
Join our newsletter
Be part of a community of high-performance teams
Join our newsletter
Be part of a community of high-performance teams
Join our newsletter
Be part of a community of high-performance teams