Our contact details:
Name: Mantis Beyond Innovation
Address: 350 Irakleiou Avenue, 2nd Floor, Office B20, Nea Ionia, 14231, Attica, Greece
Phone number: (+30) 210 010 9065
Date: 30 November 2020
This Privacy Notice applies to how we use your data when you are navigating our website, using our web application and services (the “Services”) or communicating with us through other channels, such as social media or e-mails.
We use the term “user” refer to an authorized user provided with a licence by a customer to access our services, including any applicants provided with guest licences by a customer.
“Customer” includes accelerators and incubators, as well as similar organisations which have executed a subscription agreement with us.
We use the term “website user” to refer to someone who is navigating our website, regardless of whether that person has subscribed to our web application or has access to our web application.
What types of personal data do you process, and for what purposes?
We process personal data of customers and website users for our own purposes, based on either your consent, a contract with us, or our legitimate interests, such as ensuring the security of our Services, or for direct marketing purposes. The personal data we collect and process for our own purposes include:
- contact information, such as first and last name, email address and phone number
- billing information
We use your personal information to:
- communicate with you about your account and provide customer support
- fulfil your account or order
- collect fees for services and products approved for purchase by you
- authenticate your access to our web pages
- send you occasional newsletters, update briefings and important product information. You may opt out from receiving such emails by unsubscribing from our mailing list
- gather analysis to improve our product and services
We process users’ personal data of users on behalf of customers for the purposes of delivering the Services. Customers should have their own privacy notices providing information on how they handle your data. Our Services allow incubators and accelerators and organisations to create forms to score users and your responses will be handled in accordance with their privacy notices.
Do you share my personal data with third parties?
We do not sell your personal data to third parties, such as data brokers.
- Service providers. We use Enartia S.A. to host our website, and a number of other third-party service providers for specific functionalities.
- Auditors and consultants. We may have to share your personal data with auditors and other third parties who work with us to help us comply with laws and improve our services.
- Social Media. We use social media to respond to you when you interact with us. Social media can also be used by website user and user to share content, in which case we may collect electronic data, such as the time and data that you visited the page for sharing.
Where do you store my personal data?
Our website and Services are hosted on Enartia S.A. Our master subscription agreement with our Customer states where personal data will be hosted. Our website is hosted by Enartia S.A., Greece. Service Providers can process and store personal data elsewhere than as stated above.
How long do we store personal data?
We store users’ personal data as long as our agreement with customer is in force, unless your data is deleted by customer (through an admin licence) or by yourself when using the Services. Once our agreement with the customer ends, any personal data associated with the customer will be deleted as per relevant agreement.
We store personal data of our customers and website users for as long as we have a legitimate business or legal need to do so. Our retention periods depend on the type of data and its purpose.
How do we protect the personal data that we are entrusted with?
Data communication is operated via an encrypted secure channel (end-to-end encryption) with a 1024bit security certificate, renewed every 90 days.
Data are hosted in a datacenter in Greece. Our company has an agreement with the data hosting provider guaranteeing that the physical access to the data servers is restricted to only personnel with the related expertise and the appropriate access permission with only purpose to maintain and secure the proper operation of the hosting services. Access to the data is restricted and only under written permission by the client and only when it is necessary in order to fulfill client’s needs. We enforce access controls, meaning that access by our employees to your personal data is only possible on a need-to-know basis. We may use peer review, automated testing and manual testing as part of our secure coding habits when we develop our web application. As part our peer review, we analyze our architecture security and performance.
Our hosting company is designed and managed in full compliance with security best practices and a wide range of IT security standards. We are always on the look out to integrate more security features in our web application. We’ll update this section as part of our continuous improvements.
How can I opt out from newsletters?
All our marketing communications, such as our newsletters, include a link to unsubscribe. You can also contact us directly at firstname.lastname@example.org
Do you respond to Do Not Track signals?
We do not respond to Do Not Track signals at this point in time, but if it changes, we will update this Privacy Notice.
How can I delete my account?
If you are a user, you can reach out to the incubator, accelerator or other organization which provided you with an access to our Services to request that they delete your personal data and revoke your license.
What are my rights regarding my personal data?
Depending on where you are located and on the circumstances of your request, you may have access to different rights, such as:
- The right to access your personal data
- The right to be informed about how your personal data is being processed
- The right to rectify your personal data if they are incorrect, incomplete, invalid or ambiguous
- The right to object to the processing of your personal data
- The right to request the erasure of your personal data
- The right data portability
If you are an end user, we suggest you first contact the incubator, accelerator or any other service provider who provided you with an access to the Services. Users can also consider export and deletion functionalities that are offered as part of our Services.
For website users, just e-mail us and we’ll help you out right away: email@example.com
If you have any concerns about our use of your personal information, you can make a complaint to us at: firstname.lastname@example.org
You can also complain to the Hellenic Data Protection Authority if you are unhappy with how we have used your data: