Inidox OÜ (hereafter Inidox, we, our) considers the privacy of clients, vendors, and all other people we get in contact with, to be important, and that private information belong to the individual, and should be protected against unwanted distribution. We are committed to treat such information with care, not disclosing it to anyone who is not a relevant and agreed receiver of it.
If you provide us with any information, including personal information, you agree that we can register it and process it as needed, relative to the purpose for which it was given to us. This also counts for information that you make available publicly or through common forums, such as the Internet, social media, organisations, clubs, etc., where there is no specific rule or agreement against registering the information.
We may collect and store information from and about clients and potential clients in various situations:
- Receiving emails from clients
- Making a note about clients when found on the Internet or on social media
- Creating or receiving contracts and other agreements
- Receiving leads or other contact requests through web forms on inidox.com or other websites
- Receiving information from organisations or business networks about an organisation
- Receiving material from clients to be used as input or reference for agreed work
- Etc. – this list is not exhaustive, as information exists in many places and is distributed in many ways, and this is an ever developing phenomenon
When information is received, this may contain personal information such as names, telephone numbers, and email addresses. Inidox will keep this personal information along with non-personal information for as long as it is needed to deliver the agreed service or process a request, plus some time after that, according to the nature of the information and the form in which it was delivered:
- Emails are generally kept forever in the email system used at any time, and potentially transferred, when we change to a new such system
- Information about a task or potential task is being kept in our task/project management system, at times supplemented with another, separate project management system for specific projects
- Information about tasks and potential tasks may additionally be kept in a Customer Relations System (CMS) for the main purpose of assisting with the process and insurance of related information to be available together when needed
- A project archive, usually file base, containing all relevant files received, created, and sent during a project period
- Special project files for translation software, graphics software, or other specialised software for doing the project work
All project archives are backed up regularly, on internal backup devices plus cloud based services.
The systems we use for keeping and processing information, as well as for backup and file storage, are a mix of internally run systems and services provided through the Internet (cloud services). All information can, hence, be stored internally or by third parties. Some of the third parties or their servers, on which they keep the information, may be in Europe, i.e., the EU, others in the USA, or they could be elsewhere in the world.
It should be understood that by giving us information, we will usually not be able to guarantee the storage of it in any particular country. Any need of this kind must be agreed specifically, and we should agree on exactly how it is to be done. We are open to discuss such wishes, for instance in regard to specific projects.
As the nature of the Internet is an internationally interconnected varying amount of servers and other network equipment, with data packages being sent along arbitrary routes, all data communication, including emails, video meetings, etc., may be routed through additional countries, other than just the countries of the sender and receiver. This is typically out of our the control, but various mechanisms, such as Virtual Private Networks (VPN), exist that can either control the routings or encrypt the communication. If you have any specific needs for such things, it must be agreed specifically before sending information or requesting us to do so.
All project archives and their backups are kept forever, or until a specific reason exists for deleting them. This is in order to be able to continue the work later or make corrections or additions to it, which is often a need in the areas of writing, translation, and IT, in which we are active. Backups will though, as a general rule, be overwritten by new backups after a while, in order to limit the amount of disk space needed for the purpose.
Marketing-oriented information such as address lists or other company information, including contact persons and their phone numbers, email addresses and similar contact information, will in general be kept for as long as it can have a relevance for our marketing-related activities.
Information provided to us as part of a project, will, hence, also be kept for future reference, unless there is a specific set of rules for how it should be handled, given back, or deleted after the end of the project. When relevant laws require us to keep information, this will have precedence over specific clauses in contracts, but it should be strived for to ensure that contracts are in accordance with all relevant laws.
Inidox will not collect any personal information that is not needed for an activity towards a client or potential client, alternatively activities towards other collaborators such as vendors, resellers, partners, etc., but as this kind of information may be present in such as emails, without itself being needed but still part of the full message, we cannot guarantee that there will not exist such information in our archives. It will, however, not be processed and will not be shared with others than those with whom the information has originally been exchanged, such as the senders of the emails.
We will in general urge all clients and others who send us information to not include personal information of any kind, unless this is directly needed, which will rarely be the case for anything else than names and contact information on people with whom we need to communicate in order to arrange or deliver a project or its administration.
When we ask for personal information for a specific purpose, you will be asked to give your explicit consent for us to use the data for that purpose. When you provide personal information without being asked for it, or in a context where is is implicitly or explicitly connected to an agreement between you and us, for instance when signing a contract for a project, such a consent is assumed, but we may seek to get a confirmation from you in cases where we could be in doubt.
All information in our possession may be used to make statistics, and when this is done, any personal information will be made anonymous or removed completely from the statistics, as relevant and possible.
As relevant laws require, you can request from us to check which personal information we have about you, and you can request us to delete such information. Other laws may require us to keep the information, for instance because it is needed for documentation towards authorities, but if nothing prevents us from following your request to delete it, we will do so. We will, however, not delete such as emails or other documents, if they in their entirety are needed as documentation for a process or an agreement, even if these emails or other documents should happen to contain information that in itself is not needed for this.
All requests will be processed when possible, and as it can be time demanding and at times require the access to a system that is not available all the time, we cannot guarantee any particular processing time.
All contact regarding such requests can be made through our usual communication channels, preferably the contact form on our website. We will register such requests and keep the registration for as long as it may seem relevant for documentation purposes.
A set of special cases exist for personal information given as part of subscribing to services we provide through third parties, which currently include blogs, newsletters, and social media public or private messages. These cases also cover general communication through social media and similar platforms, even if these may be for subscribers only or otherwise not public.
In such cases, your sign-in information and related personal information is typically not disclosed to Inidox, and will be subject to the privacy policies of these platforms. In some of these cases, Inidox will have access to some of the information, which will be used only in the context for which it was provided, and only for as long as needed. An example is the newsletters hosted by Substack, where we have access to the email address of a subscriber, but we will not use this email address for anything else than sending out the agreed newsletter. If you want any information about or make changes to your registrations on such third-party platforms, you will most often need to use the mechanisms provided by the platform itself.
If you work with us as a subcontractor or partner of any kind, or as a provider or services to us, and we have not made a specific agreement about how to handle personal information in the projects or activities we have together, we expect you to have a privacy policy that respects the above fully, ensuring that you will adhere to our policy and not on our behalf break any element of it. You will be responsible for your own privacy policy, but we will require that you follow ours for all personal data in our custody that you may get in touch with, for a purpose or accidentally as a result of the services you provide for us.
This policy has latest been updated: 1 December 2024.