BugJail Website Privacy Policy
Scope of Policy
This Privacy Policy applies to BugJail Ltd's ("we", "us", "our") website ("Website").
Our contact details
BugJail Ltd Suite 1 Lower Ground Floor One George Yard London EC3V 9DF United Kingdom privacy@bugjail.com
The type of data we collect
The data we collect is related to our Website performance and usage, and we collect the minimum possible amount of personal data needed.
We collect data that can be identified only in the sense of distinguishing or "singling out" Website visitors from other visitors, which is required to count unique and repeat visitors. We use only generated random identifiers to achieve this.
We do not collect any Personally Identifiable Information or Personal Data that can be attributed to a Data Subject in the sense that we could link back to the real world identity of a natural person, either directly based on the data we collect, or indirectly when combined with additional information. Specifically, we do not collect names, physical addresses, email addresses, other online identifiers, IP-addresses, "User-Agent" strings, physical device IDs, mobile carrier information, or geolocation coordinates.
The data we collect includes visitor's coarse geographic data (country, region, and city), technical data (operating system, web browser, and window dimensions), referral data (where/how the visitor came to our Website), and timestamped actions performed on our Website (for example, loaded web pages and downloaded files).
How we get the data and why we have it
The data we process is collected automatically when you use our Website. The data we collect is not combined with any other data from any 3rd parties and not even with other 1st party data that we collect elsewhere or for other purposes.
The purpose of the data collection and processing is to understand the performance and the usage of our Website. Specifically, the purpose of the data collection and processing is not to build profiles of individuals.
The data we collect is not shared with any 3rd parties in the sense of giving them ownership or access to use the data for their purposes, but we do use 3rd party services to process the data in a way that is controlled by us (for example, to produce reports and graphs of the data). We reserve the right to add 3rd parties that we use to process the data. Currently the 3rd parties that process the data are:
- Amplitude Inc, using a processing environment provided by Amazon Web Services Inc in the US-West region. Amplitude’s Data Processing Agreements (DPAs) rely on the EU Standard Contractual Clauses (SCCs) as the transfer mechanism for Personal Data from the United Kingdom, EU and EEA.
The processing of the data has no effect on individuals directly (only indirectly via general improvements to our Website). Specifically, the data is not used at individual, device or web browser level for marketing, advertising or personalization.
Under the General Data Protection Regulation (GDPR), the lawful bases we rely on for processing this information are: We have a legitimate interest (monitoring and improving our own Website, while causing no direct effect on individuals, and to the best of our knowledge no possible way or risk of being able to link the collected data back to natural persons).
How we store the data
We do not store any Personally Identifiable Information or Personal Data that can be attributed to a data subject.
The Website performance and usage data is securely stored on our behalf at internet servers operated by 3rd parties. We reserve the right to switch or add 3rd parties that we use to store the data. Currently the 3rd parties that store the data are:
- Amplitude Inc, using a storage environment provided by Amazon Web Services Inc in the US-West region. Amplitude’s Data Processing Agreements (DPAs) rely on the EU Standard Contractual Clauses (SCCs) as the transfer mechanism for Personal Data from the United Kingdom, EU and EEA.
We keep the Website performance and usage data indefinitely, as there is no way this data can be linked back to natural persons, even if combined with any additional information.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
If you wish to make a request, please contact us using the details mentioned at the beginning of this document.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us using the details mentioned at the beginning of this document.
You can also complain to the ICO if you are unhappy with how we have used your data. The ICO’s address:
Information Commissioner’s Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF Helpline number: 0303 123 1113 ICO website: https://www.ico.org.uk