main logo

Privacy policy

Last updated: 2024.04.09

INTRODUCTION

MayBee LLC (“we”, “us”, “our”, “MayBee“) is committed to protecting your privacy. On this page, we would like to inform you what information about you we collect during your interactions with MayBee and how we handle it further. In this Privacy Policy, you will learn:

    1. what categories of personal data we collect;
    1. why we collect your personal data;
    1. how we process and store your personal data;
    1. which rights relating to your personal data you have and how you can exercise them;
    1. how we share and disclose your personal data.

You may provide MayBee with your data when you access our website https://maybee.systems/ (“Website”), use MayBee web application and mobile application (“Application”), when you contact us via our social media resources such as Facebook, Instagram, LinkedIn, email us at contact@maybee.systems or otherwise interact with MayBee and provide us with information about yourself. This Privacy Policy does not extend to any information you might directly provide to third parties, including via integrated services.

Depending on the essence of your interaction with MayBee, you can be considered a website visitor or a client:

  • You are a Website Visitor when you merely browse the Website and provide us with your data via cookies or other tracking technologies, when you contact us via email or contact forms available on the Website, our social media, request a demo, subscribe to newsletters, or contact us via other available means of communication, without registering with MayBee;
  • You are a Client when you register an account on the MayBee Platform, use our services via the web application or mobile application on a trial or subscription basis, and contact us via available means of communication for assistance or customer support. If the Client is a legal entity, the information provided to us may still be considered personal data (e.g., information about the Client’s representatives).

MayBee acts as a data controller when processing your personal data. We may act as a data processor regarding the personal data of individuals (e.g., job applicants and employees) that the Client provides when using the Platform. In our capacity as a data processor, we only act on the Client’s behalf. Please keep reading to find out more.

DEFINITIONS

We use the following definitions in this Privacy Policy:

“Platform” means the Website and Application.

“data subject” means any individual whose personal data we collect.

“personal data” means any information relating to you and helping identify you (directly or indirectly), such as a name, email address, etc.

“data controller” means a natural or legal person who (either alone or jointly with others) determines the purposes and means of personal data processing.

“data processor” means a natural or legal person who processes personal data on behalf of the data controller.

“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

“GDPR” means the European Union’s General Data Protection Regulation.

“services” means access and/or use of the functionalities of the Platform described in the Terms of Use.

DATA COLLECTION

We collect your personal data when you:

  • visit our Website;
  • request a demo by filling in the “Get Demo” form;
  • contact us via email, contact form, phone/video call, and our social media;
  • attend a personal meeting with us;
  • subscribe to our newsletters;
  • set up an account with us;
  • use the Platform through your account;
  • make a payment to subscribe to our Platform;
  • voluntarily provide your data by other means, e.g. when you contact us and provide additional details.

Some information about you, such as cookies information and other automatically collected information, is collected with the assistance of analytics service providers (e.g., information on how you interact with our Website). While automatically collected information mostly does not identify you directly, we treat this information as “personal data” as required by the GDPR and other applicable laws.

When the Website Visitor reaches out to us for more information on MayBee services, we may collect additional publicly available information (e.g., contact person’s email address, job title, social media account link, etc.) to contact them in a convenient way, provide our services offerings and promote our product.

We collect two basic types of information about you in connection with our Platform services: website visitor data, and client data, which relate to Website Visitors and Clients, respectively. In particular, we collect:

Cookies Information. We may use cookies and other tracking technologies on our Website to ensure its correct and smooth functioning, for analytics, marketing activities, remembering your preferences, and other purposes. Such use may involve the transmission of information from us to you and from you to a third-party website or us.

Cookies Information that we get when you visit the Website can include usage information (pages you have visited on the Website, click path, language preferences, and other information regarding your use of the Website) for analytics purposes. We also use necessary, preferences and marketing cookies. To learn more about our use of cookies, please see our Cookies Policy.

Automatically Collected Information. When you access the Website as a Website Visitor and create an account as the Client, we automatically collect certain information about you and your device. This information may include IP address, browser type, browser language, operating system, and information about your activity on the Platform (the pages you visit, the time and date of your visit).

Contact Information. When you contact MayBee as a Website Visitor or Client through available contact options, specifically the Website forms, social media, email, phone/video call, personal meeting, or subscribe to newsletters, we collect the personal data you submit. Such data include first name, last name, email, phone number, company name, job title, and other details you may provide (e.g., in the message or during the meeting). When you contact us through our social media, we may have access to your profile information, such as nickname, links to your social media account.

As stated above, we may collect additional contact information for contacting you and sending our offerings, which may include the contact person’s email address, job title, link to social media account, etc.

Registration Information. When the Client (the Client’s representative) creates an account on the Platform, we collect the following information: first name, last name, email address, phone number, company name, and job title.

Integrations API Information. If you choose to integrate your MayBee account with a third-party service, we collect Clients’ API tokens or API keys, which are necessary to integrate your MayBee account (giving our Platform access to a third-party platform API) with other third-party services such as social networks, messengers, email marketing, calendars, etc.

Transactions and Payment Information. When subscribing to our services, you'll be asked to provide payment details that may include personal information. On our side, we collect your first name, last name, email address, company name and transaction status to confirm receipt of payment. To complete the payment, you'll be directed to a separate payment processor, who will collect your payment information and process your payment. Before proceeding with payment, we advise reviewing the privacy policy of the payment processor, as they collect, process and store your payment information. We do not directly access or retain your payment or banking information.

Client’s Information. When you use our Platform, you can provide us with the personal data of third parties that we process on your behalf as part of our services. Such personal data may include information about the Client’s job applicants, candidates, employees, contractors, and team members. Once you subscribe to our services, you will also be able to add other users to your MayBee workspace and grant them access to certain functions and personal data of third parties.

MayBee processes such data solely under instructions provided by the respective Client, who acts as a data controller.

When MayBee acts as a data controller:

  1. 1. We DO NOT collect or process your sensitive data. The Client may choose to collect sensitive data about its job applicants, candidates, employees, contractors, in which case MayBee processes such data solely as a data processor and under instructions of the Client who is responsible for collecting such data in compliance with the GDPR.
  2. 2. We DO NOT use automated decision-making, including profiling, which produces legal effects concerning a data subject or similarly significantly affects a data subject.

We use the personal data we collected and the personal data you provided us with or requested us to collect only for the purposes listed in this Policy. We may share your personal data with third parties solely for the purposes listed herein.

LEGAL BASES FOR PROCESSING

We collect and process your personal data in accordance with the GDPR and other applicable data protection laws. We rely on the GDPR as a compliance standard to the extent it does not violate the applicable data protection law.

The GDPR provides an exhaustive list of lawful bases for processing. We rely only on four of them, specifically:

Article 6.1(a): consent

We process the personal data you choose to provide us with on the basis of your consent. You have the right to withdraw your consent for the processing of your personal data at any time. Please note that withdrawing your consent does NOT automatically deem the processing before withdrawal as unlawful. You can withdraw your consent by emailing us at contact@maybee.systems or by reaching out to us through any other convenient means.

Article 6.1(f): legitimate interest

We process your personal data to protect our legitimate interests, such as:

  • preventing fraud;
  • ensuring the security and functionality of our Platform;
  • providing you with a seamless user experience;
  • improving our Platform;
  • contacting you to promote our services if you have a potential interest in our services or new offerings related to the Platform.

We only collect and use the data necessary to achieve these purposes and do not override your fundamental rights and freedoms.

Article 6.1(b): performance of a contract

When you provide us with personal data during the registration of the account on the Platform and when purchasing our services, this can be considered as an indication of your intent to enter into a contract or perform a contract between you and us. However, we may ask you for clear consent in case of doubt.

Article 6.1(c): legal obligation

We process your personal data to meet our legal obligations, including complying with tax or regulatory requirements.

In case you submit a request to exercise your rights, we may request you to provide certain personal data we already possess to verify your identity and ensure compliance with the applicable law.

USE OF YOUR PERSONAL DATA

In our capacity as a data controller, we process your personal data for the purposes outlined in the table below. We specify the types of personal data processed, the legal bases for processing, and potential third parties with whom we may share your personal data, along with information regarding the source of such data.

Purpose of processingType of personal dataLegal groundsThird parties recipientsSource
Creating an accountRegistration Information Automatically Collected InformationRegistration Information Integrations API Information Automatically Collected InformationHostPro, Contractors, ReplayClient
Maintenance of the accountRegistration Information Automatically Collected InformationPerformance of a contract (Article 6(1)(b))HostPro, ContractorsClient
Providing services: providing you with core features of the PlatformRegistration Information Integrations API InformationPerformance of a contract (Article 6(1)(b))HostPro, ContractorsClient
Providing services: customer supportRegistration Information Contact InformationPerformance of a contract (Article 6(1)(b))HostPro, Contractors, OmniMind.aiClient
Providing services: enabling notifications on milestones, status changes etc. if the Client enables this optionRegistration Information Contact Information Integrations API InformationPerformance of a contract (Article 6(1)(b))HostPro, Contractors, Telegram, WhatsApp, Discord, SlackClient
Communication with Website Visitors and Clients (e.g. responding to queries and requests, customer support, assistance with the service setup, providing demo, investigating complaints and assisting with service selection)Registration Information Contact Information Integrations API InformationPerformance of a contract (Article 6(1)(b))HostPro, Contractors, Notion, Trello, Google Workspace (Gmail), OmniMind.ai, Social Media Platforms, Messengers, ReplayClient, Website Visitor, publicly available information collected by us
Marketing activities, including marketing email campaigns and promoting our services to potential clientsContact Information Registration Information Cookies Information Automatically Collected InformationYour consent (Article 6(1)(a)) Our legitimate interest (Article 6(1)(f))HostPro, Contractors, [insert marketing partners e.g. Meta, Google Ads], Google Workspace, ReplayClient, Website Visitor, publicly available information collected by us
Processing of payments, bookkeeping and invoicingRegistration Information Transactions and Payment InformationPerformance of a contract (Article 6(1)(b)) Legal obligation (Article 6(1)(c))Stripe, ContractorsClient, Stripe
Analytics and development (for optimising and improving our Platform)Contact Information Registration Information Cookies Information Automatically Collected InformationYour consent (Article 6(1)(a)) Our legitimate interest (Article 6(1)(f))Google Analytics, ContractorsClient, Website Visitor
Security and fraud preventionCookies Information Automatically Collected Information Registration Information Transactions and Payment InformationOur legitimate interest (Article 6(1)(f))Stripe, ContractorsClient, Website Visitor, Stripe
Complying with the law or legal processCookies Information Automatically Collected Information Registration Information Integrations API Information Contact Information Transactions and Payment InformationLegal obligation (Article 6(1)(c))HostPro, Contractors, Notion, Trello, Social Media Platforms, Replay, [insert marketing partners e.g. Meta, Google Ads], Stripe, Google Analytics, Google Workspace, Telegram, WhatsApp, Discord, Slack, OmniMind.ai.Client, Website Visitor, Stripe

Please note that when processing payments via a payment processor's services, such payment processor may collect certain personal data deemed necessary for service provision. Such collection of personal data is regulated under the rules and policies of the respective payment processors. We recommend carefully reviewing the payment processors’ websites and always checking their policies and rules regarding the collection of your personal data. You can review Stripe’s Privacy Policy here, detailing its commitment to protecting your personal information.

We also process certain personal data as a data processor, at the request and pursuant to the instructions given by the respective Client when using our Platform. In such a scenario, the Client acts as a data controller. We outline several possible scenarios where we can act as a data processor in the table below:

Purpose of processingType of personal dataLegal groundsThird parties recipientsSource
Providing services to Clients (specifically to operate, store, and group information about Clients’ job applicants, candidates, employees, contractors, team members)Client’s Information (mainly, personal data related to job applicants, candidates, employees, contractors and team members of our Clients)Determined by the ClientHostPro, ContractorsClient
Providing services to Clients (specifically enabling adding team members and assigning them certain accesses and obligations)Client’s Information (information on other users (team members) in the Client’s workspace)Determined by the ClientHostPro, ContractorsClient

USE OF COOKIES

We use cookies and other tracking technologies on our Website for various purposes, which may include enabling its functionality, enhancing user experience, analysing your online behaviour, and delivering relevant interest-based advertising to you on third-party websites.

We do not use cookies to identify you directly. We may use cookies only for the following purposes:

Necessary: these cookies and other tracking technologies are essential for your use of the Website and our compliance with applicable data protection laws. We can use them for certain purposes, such as checking if your browser supports cookies and determining whether you have accepted the cookie consent box.

Analytics: these cookies help us to understand how you interact with our Website (e.g., page visits and page load speed) by collecting information anonymously to avoid your identification. Their sole purpose is to enhance Website functionality.

Marketing: these cookies and other tracking technologies deliver relevant online advertising on other websites. These cookies can be placed by us and selected third parties and enable the presentation of ads to you on third-party websites.

Preferential: these cookies are used to remember your preferences and settings (such as language preferences) and allow the Website to remember specific choices you've made and apply them to your future visits, providing a personalised browsing experience.

We kindly invite you to review our Cookies Policy for further information on the cookies we currently employ on the Website.

DATA RETENTION, SECURITY AND INTEGRITY

As a data controller, we store and process your personal data until it is no longer necessary for any of the purposes outlined in this Privacy Policy.

As a general rule, we retain your personal data for the duration of our cooperation (while your MayBee account is actively used) and/or communication, and for a period of 5 years following our last interaction or your last activity on the Platform, unless a longer retention period is required or expressly permitted by law. Upon the expiration of the retention period, we will completely delete (erase) your personal data from our systems and backups. We may not delete or anonymise your data if we are required to retain it to comply with the law or legal process.

Certain categories of data may have shorter storage periods; for instance, cookies expire within a few days, weeks, or months as per their programmed settings (or sooner if you clear your browser's cache). Cookies Information retention periods are specified in our Cookies Policy.

To exercise your right to erasure, you may contact us at contact@maybee.systems or in any other convenient way.

As a data processor, we store information the Client provides us with through its account when using the services (Client’s Information) for the period established by the Client in the data controller’s instructions, taking into account the terms of Terms of Use regarding the storage period of the Clients’ data in accordance with physical capacities.

We have implemented appropriate organisational, technical, administrative, and physical security measures aimed at safeguarding your personal data against unauthorised access, disclosure, use, and modification. Our security procedures and policies are subject to regular review to incorporate appropriate new technology and methods.

In particular, we conduct regular backups, adhere to best practices in data security during the development phase and throughout the project lifecycle, and implement security measures to mitigate threats such as DDoS attacks, SQL injections, and other risks to the stability and integrity of our systems and data. Also, we have implemented differentiated access levels and a strict password policy. We conduct regular assessments of source code while ensuring compliance with security protocols.

SOCIAL MEDIA ACCOUNTS

We manage our official pages on different social media, particularly Facebook, Instagram, and LinkedIn. As stated above, we collect information for marketing purposes or further communication purposes when you interact with us through our social media resources, e.g., by following, commenting, reacting to our content, or contacting us with inquiries, for assistance or leaving feedback.

Please note that we are not responsible for social media and messengers' data practices. Operators of these platforms may conduct additional processing operations. We advise checking their privacy policies regarding the collection of your personal data on their side.

DATA SHARING AND DISCLOSURE

In our capacity as a data controller, we may share your personal data with data processors who operate on our behalf in accordance with our instructions, primarily to manage risks, seek professional advice, and deliver services effectively.

To ensure the functionality of our Platform and provide you with our services, we rely on the support of third-party service providers for certain essential features. In certain cases, we may grant some service providers access to your personal data, in whole or in part, to facilitate the provision of necessary services. Consequently, we may share and disclose your personal data with other data processors, specifically:

HostPro (HOSTPRO LAB LLC, Netherlands): for web hosting purposes; to provide secure storage of personal data on the servers. You may read its privacy policy here. here.

Google Analytics (Google LLC, USA): to analyse statistical data on how the visitor uses the Platform in order to improve our Platform’s functionality, prevent fraud and improve advertisement campaigns. You may read its privacy policy here.

Google Workspace (Google LLC, USA): to use Google services such as Gmail, Calendar, Meet, Drive, Docs, Sheets, Slides, and Forms for collecting, storing, structuring, and using your personal data, and contacting you. You may read its privacy policy here.

Notion (Notion Labs, Inc., USA); Trello (Trello, Inc, USA): CRM systems for storing and organising information about our Clients and Website Visitors, as well as potential clients, e.g., about our interactions and communication outcomes. You may read privacy policies here and here respectfully.

Google Ads (Google LLC, USA): for advertising. You may read its privacy policy here. here.

Reply.io (Reply App Inc., USA): for email newsletter campaigns. You may read its privacy policy here. here.

Stripe (Stripe, Inc., USA): for payment processing and enabling Clients to purchase the subscription for MayBee services. You may read terms of use and privacy policy of these service providers here.

OmniMind.ai (Procoders OÜ, Estonia): to provide technical support to Clients and Website Visitors via chatbot. You may read its privacy policy here.

Slack (Slack Technologies Limited, Ireland (for users outside the USA and Canada),Slack Technologies LLC, USA (for users from the USA and Canada)); WhatsApp (WhatsApp LLC, USA (for users outside the EEA),WhatsApp Ireland Limited, Ireland (for users from the EEA));Telegram (Telegram Messenger Inc, British Virgin Islands); Discord (Discord Netherlands BV, Netherlands (for users from the EEA), Discord Inc., USA (for users outside the EEA)): to send notifications from the Platform, if the Client has enabled this function. You may read their privacy policies here, here, [here](https://telegram.org/privacy/eu#:~:text=Telegram has two fundamental principles,and feature-rich messaging service.), and here respectfully.

Contractors

As part of our business operations and in order to ensure smooth functioning of our Platform, we may engage different specialists who may receive your personal data, including technical, sales, legal, accounting and marketing specialists, to provide you with better client service and ensure the accuracy and transparency of our business. The abovementioned specialists are collectively referred to as Contractors.

DATA TRANSFER TO THIRD COUNTRIES

We may transfer your personal data to countries outside the European Union (EU) and the European Economic Area (EEA) that do not offer an adequate level of data protection as defined in Article 45 of the GDPR (adequacy decision). We may transfer your personal data to third countries outside the EU and the EEA, including the onward transfers of personal data from third countries to other third countries.

For such transfers, we will ensure that appropriate safeguards are in place in accordance with the GDPR to protect your personal data, in particular, the standard contractual clauses adopted by the European Commission. Where possible and necessary, we always enter into Data Processing Agreements (DPAs) and Non-Disclosure Agreements (NDAs) with these third parties to ensure the adequate protection of your personal data.

YOUR RIGHTS UNDER THE GDPR

You may exercise the following rights by submitting a data subject request at contact@maybee.systems.

Please be aware that in order to proceed with your requests to exercise your rights under the GDPR, we may require confirmation of your identity. Consequently, we may not be able to satisfy your request if you do not provide us with sufficient detail to allow us to verify your identity and respond to your request.

Rights under the GDPR

  • right to be informed means that you have the right to know about the collection and use of your personal data. All information about our collection and use of your personal data is described in this Privacy Policy and our Cookies Policy.
  • right of access means that you have the right to confirm whether your personal data is being processed by us, and ask us to send you a copy of your personal data collected together with specific information.
  • right to rectification means that you may ask us to update and correct the false data, or missing or incomplete personal data.
  • right to erasure (“right to be forgotten”) means that you may ask us to delete your personal data collected, except insofar it is prohibited by appropriate laws, where one of the following grounds:
  1. 1. the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  2. 2. you withdraw consent to consent-based processing and there is no other legal ground for the processing;
  3. 3. you object to the processing under certain rules of applicable data protection law;
  4. 4. the personal data have been unlawfully processed;
  5. 5. the personal data have to be erased for compliance with a legal obligation in the European Union or an EU Member State law;
  6. 6. the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) (the offer of information society services directly to a child).
  • right to restriction of processing means that you may ask us to restrict processing where one of the following:
  1. 1. you contest the accuracy of the personal data;
  2. 2. the processing is unlawful, but you oppose erasure and ask for restriction;
  3. 3. we no longer need the personal data for the purposes of our processing, but you require personal data to establish, exercise or defend legal claims;
  4. 4. you have objected to processing, and we are verifying your objection request.

Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it:

  1. 1. with your consent;
  2. 2. for the establishment, exercise or defence of legal claims;
  3. 3. for the protection of the rights of another natural or legal person;
  4. 4. for reasons of important public interest of the Union or of a Member State.
  • right to data portability means that you have the right to receive your personal data you provided us with in a structured, commonly used and machine-readable format and have the right to request transmission of those data to another controller, where we process your personal data based on your consent or performance of a contract, and the processing is carried out by automated means.
  • right to object to the processing means that you may raise objections of your personal data at any time to the extent that the processing is based on our legitimate interest or is necessary for the performance of a task carried out in the public interest, including profiling based on those provisions. Also, you have the right to object to our processing of your personal data for direct marketing purposes (including profiling).
  • right to withdraw the consent for data processing means that you have the right to withdraw your consent at any time when your personal data is processed on the basis of your consent. The withdrawal of consent does not automatically mean that processing before its withdrawal is considered unlawful.
  • right not to be subject to a decision based solely on automated processing, including profiling, restricts us from making solely automated decisions, including those based on profiling, that produce legal or other significant effects for data subjects. We DO NOT use automated decision-making and profiling.
  • right to lodge a complaint with the supervisory data protection authority pertaining to the processing of your personal data. You have the right to lodge a complaint to the supervisory authority of your place of residence within the EU or to the data protection authority stated in this Privacy Policy, if you consider that the processing of your personal data infringes the GDPR.
  • right to compensation means that any person who has suffered material or moral damage as a result of a violation of the GDPR requirements has the right to receive compensation from the controller or processor for the caused damage. Court proceedings for exercising the right to receive compensation shall be brought before the courts competent under the law of the EU Member State referred to in Article 79(2) of the GDPR.

DATA PROTECTION AUTHORITY UNDER THE GDPR

We invite you to initially communicate any concerns or complaints you may have regarding the processing of your personal data with us. Please feel free to reach out to us to address your concerns at contact@maybee.systems.

In some cases, you have the right to lodge a complaint about our use of your personal data with a data protection authority. For further details, please reach out to your national data protection authority. We commit to cooperating with the appropriate governmental authorities to address any privacy-related complaints that cannot be amicably resolved between you and us. You can access a comprehensive list of EU supervisory authorities via this link.

DATA SUBJECT AGE

MayBee Platform is designed for a general audience of businesses (B2B) and is not directed to individuals under the age of 18. Therefore, we do not knowingly collect personal data from individuals under 18. By registering with MayBee and providing us with your personal data, you confirm that you are at least 18 years old and, under the laws of your country of residence, possess all rights to provide us with your personal data for processing.

If you have any reason to believe that a child under 18 has provided their personal data to us, please contact us at contact@maybee.systems.

Please consider applicable laws and regulations regarding the protection of children’s personal data if you transmit their personal data to us via the Platform in your capacity as a data controller.

CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect to reflect updates to our business processes new technologies, legal requirements, or for other reasons. Such changes will be effective immediately upon posting a revised version of Privacy Policy. We encourage you to review this Privacy Policy regularly to stay updated on our data processing practices. Your continued use of our Platform will constitute that you acknowledge and accept such changes.

We will make reasonable efforts to notify you in prior if these changes are significant and materially alter your rights or obligations hereunder. Where required by applicable laws, we will obtain your consent for the subsequent processing. We may notify you by email, via notice published on the Platform and/or by other means consistent with applicable law.

HOW TO CONTACT US

For questions regarding the processing of your personal data, this Privacy Policy, or your data subject rights, please contact us:

Our offices:

  • Ukraine: 24a Matrosova str., 14, Kharkiv, 61035;
  • Cyprus: 8 Alyos Street, ONLY Tower, 801, Limassol, 4046;

Our phone numbers:

  • Ukraine: +380 673 001 500;
  • Cyprus: +357 9996 1321;

Our email: contact@maybee.systems