Looppanel Data Use Policy

Last Updated: September, 2022

Obtan Technologies Inc (“Loop” or “Looppanel”) is committed to building a strong and long-lasting relationship with users based on trust and clarity. Part of this commitment means safeguarding and respecting your data and privacy via our Data Use Policy which applies to all users of the Looppanel product.

Security Program at Looppanel

Looppanel maintains a risk-based assessment security program. The framework for Looppanel's
security program includes organizational, technical, and physical
safeguards reasonably designed to protect the Services and confidentiality, integrity, and
availability of user data.

Looppanel's security program is intended to be appropriate to the nature of the Services. Information security policies and standards are reviewed and approved by management at least annually and are made available to all Looppanel employees for their reference.

Data Looppanel Has Access To

Looppanel receives the following data while carrying out services:

1) Product Usage Data: This consists of user credentials, login details, IP addresses, access times and dates, and other product analytics data that can be used to improve the products and services of Looppanel.
2) User Content: This consists of content users upload onto the Looppanel product, such as project data, transcripts, notes, tags, or any other information voluntarily uploaded by users onto the Looppanel platform.
3) User Feedback: This consists of feedback offered by the user to the Looppanel team in verbal or written communication such as on a phone call, Slack message, email, or as a response to a questionnaire or survey.

How Looppanel Uses Data

1. To Provide Access to Services: Looppanel may use product usage or user content data in the process of providing users access to services.
2. To Improve Looppanelʼs Product & Services: Looppanel may use data to improve the quality of products and services offered to users.
3. For Customer Communication: Looppanel may use user data such as email addresses, phone numbers, or social media accounts to contact users and communicate with them.
4. For Troubleshooting Purposes: Looppanel may use user data to troubleshoot and resolve technical concerns or issues.
5. For Customer Support: Looppanel may access user data to provide appropriate customer support services.
6. For Internal Record Keeping: Looppanel may store user data logs, product analytics data, and user feedback for internal record keeping.

Data Shared by Looppanel

Looppanel may share data with other third parties in order to carry out services for the user. This includes:

1. Storage of Data: Looppanel may use secure third party storage services such as Amazon WebServices or Google Cloud Platform to store user data required for services.
2. Service Providers: Looppanel may use secure third party service providers for providing product functionality like generating transcripts for users.
3. Integrations: In case of product integrations, Looppanel may share user data with other organizations such as Slack, Miro, and Google in order to transfer user data into said tools as required by users.

Data Storage, Transfer, and Encryption

Looppanel is committed to ensuring that user content provided is securely stored and managed. For this reason, Looppanel only uses industry-leading data storage providers such as Amazon WebServices (AWS) and Google Cloud Platform (GCP).

You can find details of the data security policies of AWS and GCP below:
AWS S3
Google Cloud

To ensure data security, Looppanel only uses services which encrypt data using HTTPS when transmitted and Advanced Encryption Standard (AES-256) when at rest.

Physical Security

AWS is strictly controlled both at the perimeter and at building ingress points by
professional security staff utilizing video surveillance, intrusion detection systems, and
other electronic means. Authorized staff must pass two-factor authentication (2FA) aminimum of two (2) times to access data center floors. All visitors and contractors are
required to present identification and are signed in and continually escorted by
authorized staff. These facilities are designed to withstand adverse weather and other
reasonably predictable natural conditions. Each data center has redundant electrical
power systems that are available twenty-four (24) hours a day, seven (7) days a week.
Uninterruptible power supplies and on-site generators are available to provide back-up
power in the event of an electrical failure.

Google Cloud designs and builds their own data centers, which incorporate multiple layers of physical security. Access to these data centers is tightly controlled. Google Cloud use multiple physical security layers to protect their data center floors. They use biometric identification, metal detection, cameras, vehicle barriers, and laser-based intrusion detection systems.

For more information, see Data center security.Google also hosts some servers in third-party data centers. In these data centers, Google ensures that there are Google-controlled physical security measures on top of the security layers that are provided by the data center operator. For example, Google operates biometric identification systems, cameras, and metal detectors that are independent from the security layers that the data center operator provides.

Internal Security Procedures

Looppanel follows security principles when it designs the services and takes measures to ensure that the confidentiality of user data is maintained.

All Looppanel employees are bound be confidentiality agreements that maintain the sanctity of user data and are contractually obligated to comply with these obligations. Where permitted by applicable law, Looppanel may also conduct criminal, credit, immigration, and security checks depending on the nature and scope of a new employee’s role.

Looppanel also uses the Secure Software Development Lifecycle (Secure SDLC) standard to perform numerous security-related activities for the Services across different phases of the product creation lifecycle from requirements gathering and product design all the way through product deployment.

Data Retention Policy

Data deleted from Looppanel (such as recordings, transcripts, tags, notes, etc.) are marked for permanent deletion from our servers within 15 days, during which time they can be restored. After this period, data is permanently deleted from Looppanelʼs systems.

Your Rights

If you have agreed to Looppanel collecting and using your data by using our products or services, you may withdraw consent at any time by contacting us at support@looppanel.com. This may affect your ability to use Looppanelʼs products and services.