Privacy Policy

Last Updated: October 03, 2022

Welcome, and thank you for your interest in Mindomo, owned by Expert Software Applications srl (“Mindomo” or “We” or “Us”), which operates the website located at https://www.mindomo.com and related application programming interfaces (API’s), any associated mobile and desktop applications (“Mindomo Apps”) or products and services that Mindomo may provide now or in the future (collectively, the “Service” or “Mindomo Service”).

The following Privacy Policy describes what information we gather from our members and others who visit and use our Service, how we use that information, and what we do to protect it. Visitors and users of the Service are referred to individually as “User” or “You” and collectively as “Users”. By visiting or using our Service, you consent to the information handling practices described in this Privacy Policy.

Here at Mindomo, we are committed to the following Privacy Principles:

1. We are constantly working to create a safe and secure online environment for all our users.

2. We do not collect more personal data than necessary.

3. We’ll only ever access users' accounts to help them with a problem or fix a software bug.

4. We’ll never access any of the users' mind maps and documents unless they ask us to.

5. We log all access to all accounts by IP address, so we can always verify that no unauthorized access has happened for as long as the logs are kept.

6. We do not provide or otherwise disclose any personal data of the user to any third party without authorization.

7. We strive to provide our users with access to and control over the information they give us, and we take the protection of their information very seriously.

8. We take extra precautions for our younger users.

9. We do not advertise on Mindomo. We use users’ information to provide them with better customer experience, not to sell them products.

With regard to collecting user information, Mindomo aims to help users set up their accounts and provide them with a customized experience and high level of technical support.

INFORMATION WE COLLECT

Mindomo collects the following information about you and your use of our Service:

Personally Identifiable Information

Personally Identifiable Information from Integrated Services

If the user decides to register through or otherwise grant access to a third-party social networking or integrated service, Mindomo will collect the following personal information that is already associated with the user’s integrated service account:

Facebook: id, email, first name, last name

Yahoo: id, email, first name, last name

Windows Live: id, email, first name, last name

Office 365: id, email, first name, last name

Clever: id, email, first name, last name, account type

Google: id, email, first name, last name and any personal info you've made publicly available

Saml: email, last name, first name

LTI: email, last name, first name

If the user chooses to provide such information, during registration or otherwise, the user is giving Mindomo the permission to use, share, and store it in a manner consistent with this Privacy Policy.

Information Collected at Purchase

Purchases are made through the Stripe and PayPal online payment providers. When a user purchases one of our products, we ask for the standard and necessary information required for user identification and processing of the transaction.

At present, the information collected during the purchase process includes user's account information (full name, email, password) and billing information (name, country, VAT ID where applicable, address, city, ZIP code, state/province, telephone number) and sufficient credit card information (number, expiry date, name on card, CVC) to authorize the transaction with the card provider.

When a user purchases one of our products, we automatically add their invoice, along with all the above information, to our database for future communication about the purchased product (updates, fixes, enhancements), and, according to the law, tax preparation, tracking expenditures and overall business budgeting. Invoices will be kept during the entire statute of limitations for when the tax records can be changed or reviewed.

At no time will the user's personal information nor purchase information (including credit card information) be sold, rented, or revealed in any way to a third party. We will not use the information provided for any purpose other than record-keeping purposes and communicating about the purchased products in the most efficient way possible.

Location Information

We collect the IP address you use to connect to the Service and — if you choose to share it — your location information from a mobile device but we don’t collect the precise geolocation of you or your device. You may be able to change the settings on your computer or mobile device to prevent it from providing us with any location information.

Google Fonts

To ensure that fonts used on this website are uniform, this website uses so-called Web Fonts provided by Google. When you access a page on our website, your browser will load the required web fonts into your browser cache to correctly display text and fonts. To do this, the browser you use will have to establish a connection with Google’s servers. As a result, Google will learn that your IP address was used to access this website. The use of Google Web Fonts is based on Art. 6, para. 1, lit. f EU-GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator’s website. If appropriate consent has been obtained, the processing is carried out exclusively on the basis of Art. 6, para. 1, lit. a EU-GDPR, insofar the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting). This consent can be revoked at any time. If your browser should not support Web Fonts, a standard font installed on your computer will be used. For more information on Google Web Fonts, please follow this link: https://developers.google.com/fonts/faq and consult Google’s Data Privacy Declaration under: https://policies.google.com/privacy.

Integration with optional third party Services

YouTube

By using the integrated YouTube search functionality and embedding YouTube videos to your Mindomo documents (mind maps, concept maps, Gantt charts, outlines, etc.) through the YouTube API Services, you also acknowledge and agree to the connected use of the Google Privacy Policy https://www.google.com/policies/privacy and the YouTube terms of service https://www.youtube.com/t/terms

Vimeo

By using the integrated Vimeo search functionality and embedding Vimeo videos to your Mindomo documents (mind maps, concept maps, Gantt charts, outlines, etc.), you also acknowledge and agree to the connected use of the Vimeo privacy policy https://vimeo.com/privacy and the Vimeo terms of service https://vimeo.com/terms

Bing

Mindomo’s integrated image search functionality is powered by Bing. By choosing to use the integrated image search functionality and embed images to your Mindomo documents (mind maps, concept maps, Gantt charts, outlines, etc.), you also acknowledge and agree to the Microsoft Services Agreement https://www.microsoft.com/en/servicesagreement/ and the Microsoft Privacy Statement https://privacy.microsoft.com/en-us/privacystatement

By choosing to add attachments to your Mindomo documents from a cloud storage account or to use our options of backup to these accounts, you also acknowledge and agree to these services’ terms of service: Dropbox, Google Drive, OneDrive.

By using the option to add notes to your Mindomo documents through our Evernote integration you also acknowledge and agree to the Evernote Terms of service https://evernote.com/legal/terms-of-service and Evernote Privacy Policy https://evernote.com/privacy/policy

HOW WE USE THE INFORMATION WE COLLECT

The information users submit to us is primarily used for their account creation and generally used for carrying out user requests, processing orders, responding to inquiries, better serving users or in other ways naturally associated with the circumstances in which the users provided the information.

When a user is using our Service and is asked for personal information, the user is sharing that information exclusively with us, unless it is specifically stated otherwise. From time to time, we may use information collected to provide the user with feedback or to communicate about the Service’s latest improvements and updates.

HOW WE SHARE THE INFORMATION WE COLLECT

Some of our users choose to connect their Mindomo accounts with social networks. This functionality is entirely optional. If the user has explicitly agreed that we may do so, Mindomo may disclose the part of the collected user’s personal information (first and last name) through a social network or similar service (like Facebook or Google).

Mindomo may also disclose user information if required to do so by law, or if we have a good-faith belief that such action is necessary to comply with local, state, federal, international, or other applicable laws or respond to a court order, judicial or other government subpoenas, or warrant, or administrative request. In some cases, we may make such disclosures without first providing notice to users.

Mindomo will not disclose any of the user’s personally identifiable information to third parties except when we have the user’s permission or under specific circumstances, such as when we believe in good faith that the law requires it. The following describes some of the circumstances under which your information may be disclosed.

Mindomo is using the services of two data centers, both of which are ISO/IEC 27001 certified (The ISO 27001 certificate, an internationally recognized standard for information security). The main data center is Hetzner Online GmbH, located in Germany. The second data center is Amazon, located in Frankfurt, Germany, where Mindomo does regular backups.

As we continue to develop our business, we may sell or purchase assets. If Mindomo becomes involved in a merger, acquisition, or any form of sale of some or all of its assets, the user’s personal information may be transferred to the purchaser. If another entity acquires us or all (or substantially all) of our assets, the personally identifiable information and non-personal information we have about the user will be transferred to and used by this acquiring entity, provided the successor entity is subject to the same commitments for the previously collected user information. No personal information will be transferred in the event of a merger or sale unless the recipient has committed to our Privacy Policy. In such an event, Mindomo will always notify the user before the information is transferred.

Mindomo may disclose information that we believe, in good faith, is appropriate or necessary to take precautions against liability; to protect Mindomo from fraudulent, abusive, or unlawful uses; to investigate and defend ourselves against any third-party claims or allegations; to assist government enforcement agencies; to protect the security or integrity of our properties; or to protect the rights, property, or personal safety of Mindomo, our users, or others.

HOW WE COLLECT AND USE NON-PERSONAL INFORMATION

Like most websites and online services, Mindomo automatically collects usage information when a user visits our website or otherwise engages with us. This information is typically collected through a variety of tracking technologies, including cookies, log files, and similar technology (collectively, “tracking technologies”). These tracking technologies collect information about the user’s visit to the website (e.g., viewed pages, links clicked) and online usage patterns (e.g., Internet Protocol (“IP”) address, browser type, browser language, referring/exit pages and URLs, pages viewed, whether the user opened an email, links clicked).
We may collect analytics data to help us measure traffic and usage trends for the website and to understand more about the demographics of our users.
We do not permit third parties to collect information from our website for the purpose of sending targeted advertisements on our site or on other websites.

We use or may use the data collected through tracking technologies to better display our website, to save our users’ time, to provide better technical support, and to track website usage.
Most browsers are initially set up to accept cookies, but users can reset their browsers to refuse all cookies or to indicate when a cookie is being sent.

USERS’ RIGHTS WITH RESPECT TO THEIR INFORMATION

The right not to provide us with Personal Information

Users may decline to share their Personal Information with Mindomo. Registration is not required to access the Service’s public gallery. If users decline to register, however, Mindomo will not be able to provide them with certain features and functionalities found on our Service. Users may later enable or access those features by providing Mindomo with the necessary Personal Information.

The right to access, edit or delete Personal Information from our records

We want users to have access to their information so that they can help keep it as accurate as possible. If they register and provide Mindomo with Personal Information, they may update, correct, or delete their account and information at any time by reviewing their profile information and preferences on their account settings page. Users also have the right to obtain information about the sharing, storage, security, and processing of that information. If users experience any difficulties in this process, they should contact us at support@mindomo.com.

At the user’s request, Mindomo will delete and/or return all the personal data to the user after the end of the provision of services relating to processing. Mindomo will also delete any existing copies unless Union or Member State law requires the storage of personal data.

For any matter relating to personal data processing, please contact the Data Protection Officer (DPO) of Mindomo via the following contact details: DPO: Silvana Carpineanu email: support@mindomo.com

The right to restrict processing of information

Users have the right to request a restriction on how and why their user-generated content is being used or processed. If users experience any difficulties in this process, they should contact us at support@mindomo.com.

The right to disconnect from Integrated Services

A user may revoke Mindomo’s access to their account on any Integrated Service at any time by updating the appropriate settings in the account preferences of the respective Integrated Service. The user should check its privacy settings on each Integrated Service to understand and change the information sent to Mindomo through each Integrated Service. Users should review each Integrated Service’s terms of use and privacy policies carefully before using their services and connecting to our Service.

The right to Object

Users have the right, in certain situations, to object to how or why their personal information is being processed.

The right to Portability

Users have the right to receive the personal information we store about them and the right to transmit it to another party.

The right to not be subject to Automated Decision-Making

A user has the right to object and prevent any decision that could have a legal, or similarly significant, effect on them from being made solely based on automated processes. This right is limited, however, if the decision is necessary for the performance of any contract between the user and us, is allowed by applicable European law, or is based on their explicit consent. Many of these rights can be exercised by signing in and directly updating their account information. If users have questions about exercising these rights or need assistance, they should contact us at support@mindomo.com.

HOW WE PROTECT CHILDREN’S PRIVACY

Protecting the privacy of young children is especially important to us. For that reason, we created certain features designed to help protect personal information relating to children who are less than 13 (United States) and 16 (European Union) years of age. Mindomo does not knowingly permit child users to register directly for its services. If Mindomo learns that personal information of a child user has been collected without parental consent, then Mindomo will take appropriate steps to delete this information. If you are a parent or legal guardian and discover that your child, who still hasn’t met the minimum age requirements in the country he/she resides, has a registered account with us without your consent, please alert Mindomo at support@mindomo.com and request that we delete that child’s personal information from our systems.

Consistent with the requirements of COPPA and GDPR, child users that didn’t meet the minimum age requirements cannot register for a Mindomo account themselves. If a child user under 13 or 16 of age (depending on the country of residence) attempts to create an account, Mindomo will request the email address of that child user’s parent/legal guardian in order to seek consent for the collection, use, and disclosure of personal information about the child. No information about child users is retained during their registration attempt, except the parent/legal guardian’s email address for purposes of seeking consent.

In order to obtain the parent/legal guardian’s consent, we will send an email to explain what information we are collecting, how we plan to use it, and the parent/legal guardian’s rights over the collected information.
If the parent/legal guardian provides us with the consent, the child’s account will be activated on the email address/username and password that the child initially provided when signing up.
If we do not receive parental consent within a reasonable time, we will delete the parent contact information and any other information collected from the child in connection with the sign-up activity.

Alternatively, a child user can be registered to use Mindomo through his or her school. The school’s ability to consent to the collection, use, or disclosure of personal information is limited to the educational context where an operator, such as Mindomo, collects personal information from students for the use and benefit of the school, and no other commercial purpose.

PARENT RIGHTS

At any time, parents/legal guardians can request an overview of the information that was collected from their child and/or to have access to the child’s login credentials.

Parents/legal guardians have the right to review and request that Mindomo deletes any personal information collected and retained about their child. If a parent/legal guardian would like to request that Mindomo deletes any personal information we may have about their child, or to request that we stop the further collection or use the child's personal information, they should contact us at support@mindomo.com. If the child is using the website through a Teacher or School account, we may refer the parent/legal guardian’s request to the teacher or school admin.

Mindomo enables teacher-users to grade student-users’ activity. Parents/legal guardians can always request for an overview of these grades. The grades are kept private (only the teacher and the graded student have direct access to them) and we will never disclose them to any third parties or publish them on the Service’s website or on other sites. Nevertheless, each teacher-user can download the grades from an assignment into a grading report. We advise all teacher-users to take into consideration all COPPA, FERPA and GDPR privacy regulations when disclosing such a grading report created with Mindomo.

SECURITY

This website takes every precaution to protect our users’ information. When users submit sensitive information via the website, the information is protected both online and offline. When our registration/order form asks users to enter sensitive information (such as credit card number), that information is encrypted and is protected with the best available encryption software in the industry - SSL. While on a secure page, such as our order form, the lock icon on the bottom of Web browsers such as Firefox, Chrome, Safari and Microsoft Internet Explorer becomes locked, as opposed to unlocked, or open, when you are just surfing. While we use SSL encryption to protect sensitive information online, we also do everything in our power to protect user-information offline.
All of our user information, not just the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, our billing clerk or a customer service representative) are granted access to personally identifiable information.

PROCESSORS WE USE

As part of the services we provide, and only to the extent necessary, we may use certain third-party processors to process some or all of your personal information: Amazon and Hetzner (cloud service providers), Stripe and PayPal (payment processing services).

COOKIES

Like most websites, whether or not you are a registered member, we may send one or more cookies – small text files containing a string of alphanumeric characters – to your computer.
Cookies remember information about your activities on a website and enable us to provide you with a more personalized experience. Mindomo may use both session cookies and persistent cookies. A session cookie disappears automatically after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Service. You can, however, remove a persistent cookie at any time.
Please review your web browser “Help” file to learn the proper way to modify your cookie settings. However, without cookies, you will not have access to certain services and features on the Service.

When Mindomo uses third-party service providers, they might place and read their own cookies, web beacons, and similar technologies to collect information. This information is collected directly and automatically by these third parties, and Mindomo does not participate in these data transmissions.

Mindomo also uses Local Storage Objects (LSOs) such as HTML5 to store content information and preferences. Third parties with whom we partner to provide certain features on our site may use LSOs such as HTML5 to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs. Please consult your browser’s “Help” function to learn more.

LINKS TO THIRD PARTY SITES

Some links on Mindomo’s website will let you leave Mindomo’s site. The linked sites are not under Mindomo’s control and Mindomo is not responsible for the contents of any linked site or any link contained in a linked site, or any changes or updates to such sites. Mindomo is not responsible for webcasting or any other form of transmission received from any linked site.
Mindomo is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Mindomo of the site.

CONCLUDING PROVISIONS

Mindomo reserves the right to amend these contract terms at any time without stipulating reasons, unless, this is not reasonable for you. We shall inform you of any amendments to these contract terms in good time. In the absence of any objection from you to the validity of the new contract terms within 14 days of notice of amendment, the amended contract terms shall be deemed to have been accepted by you. We shall remind you in the notice of amendment of your right of objection and the significance of the objection deadline. In the absence of any agreement to the contrary, you shall be entitled to make all declarations vis-a-vis Mindomo by e-mail, using the relevant contact information from our website, or by standard post. Mindomo shall be entitled to make declarations vis-a-vis yourself by e-mail or by standard post to the addresses which you have indicated as current contact information in your user account. This contract shall be governed exclusively by the laws of Romania. The provisions of the UN Convention on contracts for the international sale of goods shall not apply. If you are a consumer and at the time of concluding this contract have your ordinary place of residence in another country, the application of mandatory legal provisions in this country shall remain unaffected by the choice of law. In all other cases, the relevant statutory provisions shall apply for local and international jurisdiction.