The Microvist Privacy Policy

Hello. We are Microvist, here’s how we protect your data and respect your privacy.


Where this policy applies

If you're a Microvist user or just visiting this policy applies to you. This Privacy Policy describes how we collect and use your personal data in relation to the Microvist website, applications and services we offer.

In this policy we'll simply refer to the Microvist website, applications and services we offer as "Microvist".


When and how we collect data

From the first moment you interact with Microvist, we are collecting data. Sometimes you provide us with data, sometimes data about you is collected automatically.

Here’s when and how we do this:

Data you give us

Authentication Data (e.g. username, password, email, avatar) when you sign up or update your account information.

Application Data (e.g. challenges start & complete, comments & replies you post, likes on comments you leave, photos you upload, groups you join) when you interact with Microvist.

Email/Administration Data (e.g. support cases you create, feedback you give, data requests you make) when you contact us.

Data we collect automatically

Authentication Data (e.g. if you verified your email, the last time you logged in, your login device info) when you enter your verification code on sign up or when you login.

Application Data (e.g. badges you unlock, points you earned) when you interact with Microvist or Organisations on Microvist you are a member of.

Log Data & Analytics (pages you view, time and date of your interactions, page response times) when you visit pages or interact with Microvist.


Types of data we collect and why

Authentication Data

To allow you to create accounts and authenticate actions you do securely.

Application Data

To allow you to submit your actions to use the fundamental features for the Microvist.

Email/Administration Data

To allow you to perform actions such as reporting issues, give feedback, create data access requests, create data erasure requests etc.

Log Data & Analytics

To debug errors, issues and service usage so that the service can be continually improved.


How and why we use your data

Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:

Keeping Microvist running

Managing your requests (like starting challenges, completing challenges, inviting friends), login and authentication, remembering your settings, hosting and back-end infrastructure.

Legal basis: legitimate interests

Improving Microvist

Testing features, interacting with feedback (like emails you send), analysing logs, usage metrics and other techniques over your data.

Legal basis: legitimate interests

Customer support

Notifying you of any changes to our service, solving issues via email support including any bug fixing.

Legal basis: legitimate interests

What Legitimate interests means

Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:

  • gaining insights from your behaviour on our website or in our app
  • delivering, developing and improving the Microvist service
  • enabling us to enhance, customise or modify our services and comms
  • enhancing data security

In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests.

Read more >

Others who see your data

Microvist is a social platform, things you post, your username, avatar and activity may be publicly visible to others.

If you post a comment on a Microvist challenge others will be able to see:

  • The post you left
  • The time you created the post
  • Your username and avatar

If you're doing a challenge as a group, those who have been invited to the group can see:

  • Any posts you leave within the group
  • The time you created posts within the group
  • Your username and avatar
  • When you complete the group challenge

If you're a member of an organisation within Microvist, the organisation administrator(s) will be able to see:

  • Points you've earned by doing organisation challenges
  • Your username, avatar and email address

Your privacy choices and rights

You can choose not to provide us with personal data

You are free to browse the Microvist challenges without signing up, tracking your challenge progress, joining groups or leaving comments.

Remember though we still collect some data automatically such as user behaviour, page response times and browser/device information to debug errors, issues and service usage so that the service can be continually improved.

Your right to access a copy of your data

You can make a request at any time to get a copy of the data we have collected about you in a portable format. To do this email us at hi@microvist.com, we may need to verify your identity.

Your right to make a correction

You can rectify data in the account settings when logged in to the Microvist.

If you login using a Google account, personal data such as your name or avatar must be rectified in your Google account settings. We update any changes on our end the next time you login to Microvist.

You may also make a correction request by contacting us at hi@microvist.com, we may need to verify your identity.

Your right to erasure

You can make a request at any time to delete the data we hold about you. To do this email us at hi@microvist.com, we may need to verify your identity.

Your right to Restrict Processing

You can make a request at any time to ask us to stop processing your data either for a certain process or entirely. To do this email us at hi@microvist.com, we may need to verify your identity.

We’ll do our best to comply with your request but in some cases it may be necessary to continue to process your data to allow for the core functionality of Microvist or to keep you and other people's data secure. If we cannot comply with your request we’ll let you know.

Your right to make a complaint

Please tell us first, so we have a chance to address your concerns. If we fail in this, you can address any complaint to the UK Information Commissioner’s Office, either by calling their helpline or as directed on their website at www.ico.org.uk.


How long we store your data

We have policies and processes in place so we only store the minimum amount of data about you for the least amount of time within reason. These policies include:

  • Erasing and redact any personal information about you after 1 year of inactivity
  • Erasing users how have started the signup process but not verified their account after 2 weeks
  • Erasing log data of user activities after 2 weeks
  • Erase any email conversations from support cases, feature requests or bug reports after 1 year unless specifically marked as important

Third parties that store your data

Tech businesses often use third parties to help them host their application, communicate with customers, power their emails etc. We partner with third parties who we believe are the best in their field at what they do.

When we do this, sometimes it is necessary for us to share your data with them in order to get these services to work well. Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Policy.

Here are the details of our main third-party service providers, and what data they collect or we share with them, where they store the data and why they need it:

Infrastructure

Service providerData collected or sharedPurposePlace of processing
Amazon Web Services, Inc.
(Privacy policy)
  • Authentication data
  • Log Data & Analytics
This is a web hosting provider: we use it to store authentication data and other log and analytics data you generate by using the service securely in the cloud.EU
MongoDB, Inc.
(Privacy policy)
  • Application data
This is a hosted database provider: we use it to store data generated through your use of Microvist.EU

Comms

Service providerData collected or sharedPurposePlace of processing
Google GSuite, Inc.
(Privacy policy)
  • Email/Administration Data
We use this service for sending, storing and tracking emails from support cases, feedback or data access requests.Global
Read more >

Best policy ever

Well done for getting this far. We put a lot of work into this policy to try and make it as transparent, useful and engaging as possible and we would love to hear your feedback on how we can make it even better - please contact us at hi@microvist.com.

Please don’t make this the last time you read it as we will post any changes on this page - significant changes will of course be notified to you by email.