Privacy Policy

Last updated on May 3, 2018
 

This is the Privacy Policy offered by Kilgray Zrt., makers of memoQ. For detailed contact information, visit our Contact Us page.

To contact our Chief Information Security Officer who is also acting as the Data Protection Officer, please write to data-protection@memoq.com.

In short: We will not give your data to third parties to use for their benefit without asking your permission. (We may use external data processing services to process them for the purposes listed below.) We will never sell your data to any third-parties. We will not harvest or buy personal data in bulk and use them without permission from those who the data are about. We will not collect data about your behavior at any other sites than our own. For all the details on what we will do with your data, please read on.

Kilgray needs some of your personal data if you purchase or use our products or services, or when you contact us, register for a webinar or training, or when you access certain services or documents on our website. We also collect personal data when you apply for a job through our website.

If you represent an organization that purchases or uses our products and services, your personal data will be used in connection to this organization.

Kilgray is the data controller and, in most cases, the data processing agent for your personal data.
We control, process, and protect your personal data according to the 2016/679/EC (GDPR) regulation of the European Commission, domestic data protection regulations as well as our audited ISO 27001 information security management system.
 

A. General policies

1. What personal data do we collect?

In general, we collect the following types of data from you:
  • name,
  • e-mail address,
  • organization (company),
  • country,
  • city,
  • phone number, and
  • a profile description. The profile description is a single phrase, describing the user group or the type of organization you belong to (individual/freelancer, translation company, other company, educational institution etc.). You will be asked to choose one from several pre-defined profile descriptions.

If you purchase or subscribe to products or services, we also collect your billing details.

Whenever we collect personal data from you, we assume that you provide your own details, not the details of someone else. If, however, you fill in someone else’s data, please make sure you have the express, written, and voluntary consent of that person – or else a written authorization if you are filling in data on behalf of your employer or a manager at work.

For more specific information on the data we collect and the purposes we use them for, please read on for the sections that apply to you.
 

2. Why do we need your data?

In general, we need your personal data for the following purposes:
  • Checking if you are eligible for certain product licenses, or certain services
  • Contacting you about services or changes to services and service terms
  • Billing you for paid licenses and services you purchase or subscribe to
  • Sending notices about the licenses you are using
  • Sending expiry notices about licenses and services you are using
  • Sending upgrade or promotion offers through mass e-mailing or through social media targeting
  • Inviting you to surveys about our products, services, or plans, for the purpose of quality assurance as well as more accurate planning
  • Market research: Collecting market information through automatic or manual profiling where the personal data collected from you may determine which profile group(s) you belong to. The groups you belong to will determine the types of offers (discounts or product types) we may make to you later on. At the time of writing, we do not employ fully automatic profiling. You may opt out of automatic profiling at any time (see the section about your rights).

Storing and keeping some of your data may be required by law – see the section about how long we keep your data.

Processing your data for some purposes may be required for us to comply with existing contracts. In such cases, opting out from data processing is not possible without terminating the related contract (which may be a licensing agreement or a service agreement).

For more specific information on the data we collect and the purposes we use them for, please read on for the sections that apply to you.
 

3. How we will not use your data

We will not disclose your personal data to unauthorized third-party recipients without your prior express consent.

If you are a citizen of the European Union, we will not transfer your data to external data processing agents that store or process the data in countries that are not approved by the European Commission due to lack of appropriate data protection regulations or infrastructure. Your data will be processed in the European Union or in the United States, by external data protection agents that either offer GDPR compliance or compliance with the EU-US Privacy Shield Framework.

The European Commission has so far recognized the United States (limited to the Privacy Shield Framework) as providing adequate protection.

For more details about the external data processing agents we use, see the next section.
 

4. Who and where will process your data?

For the purposes of mass e-mailing, surveys, market analysis, and recruitment, we are contracting and using the following external data processing agents:
         
  • GotoMeeting: Online meeting and presentation space. Through them, we collect e-mail addresses and survey responses from webinar attendees. This provider is owned by LogMeIn and is headquartered in the US. Their privacy policy is available at https://www.logmeininc.com/legal/privacy.

The above data processing agents are exclusively used for the specific purposes outlined above. For all other purposes, we store and process your data on servers we host or have hosted in Hungary and in Germany. (If you are not a citizen of the European Union, your data may be stored and processed on servers located in Japan or in the United States.)

As of May 24, 2018, we have a data processing agreement with each of the above data processing agents, either by signing the Data Processing Addendum to their Terms of Service, or automatically (if the provider included the data processing clauses in their Terms of Service).
 

5. How long do we keep your data?

Under Hungarian law, we are required to keep your billing details and all documents about your business transactions with Kilgray for 8 years after your last purchase according to the Data Retention Policy.

These documents include offers, quotes, contracts, invoices, banking documents and customer support communication. After this period, your personal data will be irreversibly destroyed.

Any personal data held by us for marketing and service update notifications will be kept by us until such time that you notify us that you no longer wish to receive this information. If you wish to know more about our data retention policy, please contact us at data-protection@memoq.com.
 

6. What are your rights?

Regarding the personal data we collect and use, you have the right to:
  • require us to inform you about the data we are storing and processing about you
  • require us to rectify or erase these data (exceptions may apply if the law or existing contracts require so)
  • restrict or object to the data processing
  • transfer your data without restrictions to another data controller. This is called the right to data portability.
  • withdraw your consent to process your data in general or for specific purposes (opt-out). Our actions to process your data before the time you withdraw your consent will still remain lawful.

More specifically:

If you believe that any personal data we hold on you is incorrect or incomplete, you may request to see this information, and have it corrected or deleted. Please contact us through our Data Subject Access Request Form.

If you wish to complain about how we have handled your personal data, please contact our Chief Information Security Officer at data-protection@memoq.com or in writing at Beke sgt. 14., Gyula, H5700 Hungary. Our CISO will then look into your complaint and work with you to resolve the matter.

If you still feel that your personal data have not been handled appropriately according to the law, you may contact the Hungarian Data Protection Authority (Nemzeti Adatvédelmi és Információszabadság Hatóság, 1125 Budapest, Szilágyi Erzsébet fasor 22c, phone: 06 1 391 1400) and file a complaint with them.
 

7. Exceptions and restrictions

To these rights, the following exceptions and restrictions may apply:
 
  • The above rights may not apply to non-personal data – if the data are about an organization and are not suitable to identify individuals.
 
  • For specific (contractual) purposes, you – as an individual – may have the right to opt out from data processing. However, the organization you represent may not have this right. In this case, you are kindly asked to provide the data of another (consenting) representative to be the contact for your organization.
 

8. What rights do organizations have?

Privacy rights apply to individuals only. Organizations – legal entities – do not have these rights.
The rights of organizations originate from the General Terms of Service, the End-User License Agreement as well as the Civil Code of Hungary, except where an individual agreement specifies otherwise.

 


B. Specific policies by user group or by service

You need to read these sections in order to learn all the specifics about the data we collect from you and the purposes we use them for. Read all sections that apply to you – there can be more than one.
 

1. Are you an individual user of memoQ?

As an individual user of memoQ, you have two agreements with us: an end-user license agreement and a service agreement (see the General Terms of Service here).


We collect the following data from you:

  • Name
  • E-mail address
  • Country
  • Phone number
  • In case of purchase: Billing address


What gives us the right to process these data?

  • Tax regulations: For 8 years after a purchase, we must be able to provide proof of the business transaction to the tax authorities. For this purpose, we must retain the billing details and the related documents.
 
  • Contractual obligations: Both the end-user license agreement and the related service agreement require that you specify valid contact details, so that we can check your eligibility to the product and the related services, and communicate with you concerning the products and services you are using. Such communication includes information about the licenses and services you are using, expiry reminders, update notifications etc. If you ask us to erase your data or restrict this type of data processing, you may only do so if you terminate your agreements with us.
 
  • Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. By entering into a license agreement or service agreement with us, you consent to receive such communication from us. However, you may withdraw your consent at any time, without giving a reason.
 

How do we check your eligibility?

When you download and activate memoQ, you receive a serial number. Licenses and services are tied to this serial number. The serial number itself is not suitable to identify you. Eligibility to licenses or to services is checked by matching the serial number to a central license database that we maintain.


How do we collect usage information?

We may collect information about the ways you use memoQ. We do this exclusively through the user interface of the product. Before we collect usage data, we always ask for your express consent, and you will always be aware that data collection is underway.

We transfer the usage data to our servers anonymously. We store and process aggregated data only, and we have no possibility to track usage data back to individuals.
 

2. Do you represent an organization that uses memoQ or memoQ server?

As a representative of a corporate user of memoQ, your organization has two agreements with us: an end-user license agreement and a service agreement (see the General Terms of Service here).


We collect the following data from you:

  • Name
  • E-mail address
  • Company
  • Country
  • Phone number
  • In case of purchase: Billing address of the organization (which, depending on the circumstances, may or may not be personal information)
 

What gives us the right to process these data?

  • Tax regulations: For 8 years after a purchase, we must be able to provide proof of the business transaction to the tax authorities. For this purpose, we must retain the billing details and the related documents.
 
  • Contractual obligations: Both the end-user license agreement and the related service agreement require that you specify valid contact details, so that we can check your organization’s eligibility to the product and the related services, and communicate with you concerning the products and services you are using. Such communication includes information about the licenses and services you are using, expiry reminders, update notifications, etc.

If you ask us to erase your personal data or restrict this type of data processing, your organization will be required to appoint another contact person, and supply us with their details.
 
  • Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. By entering into a license agreement or service agreement with us, you consent to receive such communication from us. However, you may withdraw your consent at any time, without giving a reason. Your organization may also appoint another contact person who consents to receive such communication.


How do we check your eligibility?

When you download and activate memoQ, you receive a serial number. Licenses and services are tied to this serial number. The serial number itself is not suitable to identify you or any particular individual in your organization. Eligibility to licenses or to services is checked by matching the serial number to a central license database that we maintain.


How do we collect usage information?

We may collect information about the ways you use memoQ. We do this exclusively through the user interface of the product. Before we collect usage data, we always ask for your express consent, and you will always be aware that data collection is underway.

We transfer the usage data to our servers anonymously. We store and process aggregated data only, and we have no possibility to track usage data back to individuals.
 

3. Do you use Language Terminal?

Language Terminal is a portal that provides various services to its users. If you use Language Terminal, the General Terms of Service apply to you.


We collect the following data from you:

  • Name
  • E-mail address
  • Password
  • Type of user: individual or organization (and within that, the type of organization)


What gives us the right to process these data?

  • Contractual obligations: These details are necessary for you to access the services of Language Terminal.  You may withdraw your consent to process your data in this manner by removing your account from Language Terminal. You can do that at any time, without giving a reason.
 
  • Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. By entering into a license agreement or service agreement with us, you consent to receive such communication from us. However, you can withdraw your consent at any time, without giving a reason. Your organization may also appoint another contact person who consents to receive such communication.


How about all the rest of the data in your Language Terminal profile?

You can enter several details in your Language Terminal profile that concern your professional activity, including details that you would include in your resumé, or details related to the projects you are involved in. You may share these details with other Language Terminal users.

However, we do not process or otherwise use these data. Except for the four details above, you are the data controller of the data in your Language Terminal profile, with all rights and responsibilities that follow from this fact. From your perspective, we are an external data processing agent.

In your Language Terminal profile, you can record personal data of third parties (e.g. your clients or representatives of your clients). If you plan to use these data for purposes other than fulfilling your contract, please make sure you have the consent of your clients to be recorded here. With respect to these data, you are the data controller. We will not process or use these data at all.


Data Processing Agreement

For Language Terminal users, we act as a data processing agent. As a Language Terminal user, you are required to enter into a Data Processing Agreement (DPA) with us. To make this easy, as of May 24, 2018, we include all required data processing clauses in our General Terms of Service.


How do we protect the data in your Language Terminal profile?

We protect your data like we protect our own: they fall under our audited ISO 27001 information security management system.


Where are the Language Terminal data?

The Language Terminal servers are located in Germany, with backup locations in Hungary.


How do we collect usage information?

Because Language Terminal is an online service, usage data are available to us at all times. At the time of writing, we do not use these data for purposes other than counting statistics. In the future, we may start using these data for automatic profiling and targeting. Before we do this, we will ask for your express consent to do so.
 

4. Do you or your organization use memoQ cloud server or memoQ Zen?

As a representative of an organization that uses a memoQ cloud server, your organization has a service agreement with us. The general terms of the service agreement are available here. If you are using memoQ Zen, the terms and conditions of memoQ Zen apply to you.


We collect the following personal data from you:

  • Name
  • E-mail address
  • Company
  • Country
  • Phone number
  • Billing address of the organization (which, depending on the circumstances, may or may not be personal information)


What gives us the right to process these data?

  • Tax regulations: For 8 years after a purchase, we must be able to provide proof of the business transaction to the tax authorities. For this purpose, we must retain the billing details and the related documents.
 
  • Contractual obligations: The service agreement require that you specify valid contact details, so that we can check your organization’s eligibility to the product and the related services, and communicate with you concerning the products and services you are using. Such communication includes information about the licenses and services you are using, expiry reminders etc.

If you ask us to erase your data or restrict this type of data processing, you may need to terminate your agreements with us, or your organization will be required to appoint another contact person, and supply us with their details.
 
  • Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. By entering into a license agreement or service agreement with us, you consent to receive such communication from us. However, you may withdraw your consent at any time, without giving a reason. Your organization may also appoint another contact person who consents to receive such communication.
 

How about all the rest of the data on your memoQ cloud server?

You can load a large amount of data on your memoQ cloud server, including projects, documents, linguistic databases – and personal data of the users who may access your memoQ cloud server.
We do not process, access, or otherwise use these data. Except for the details required to enter into contract, you are the data controller as well as the data processor of all the data on your memoQ server, with all rights and responsibilities that follow from this fact. From your perspective, we provide data storage and processing infrastructure only.

Personal data in documents: Since the purpose of this service is not the processing of personal data, you may not be allowed to work with the personal data accidentally in the documents you receive for translation. Your client may be required to enter into a data processing agreement with you, or you – or your client – may need to remove or conceal personally identifiable information from the documents for the time of processing.

If you plan to use the personal data of your users for any purpose other than fulfilling contractual obligations, please make sure you – as the data controller – have their express written consent to do so.
 

Data Processing Agreement

For memoQ cloud server users, we act as a data processing agent. As a memoQ cloud server user, you are required to enter into a Data Processing Agreement (DPA) with us. To make this easy, as of May 24, 2018, we include all required data processing clauses in our General Terms of Service.


How do we protect the data on your memoQ cloud server?

We protect your data like we protect our own: they fall under our audited ISO 27001 information security management system.
 

Where are the memoQ cloud servers?

The servers hosting the memoQ cloud servers are located in Germany, Japan, and in the United States. When you sign up for the memoQ cloud server, you can choose the location. If you expect to process personal data – or documents containing personal data – of EU citizens, please make sure you adhere to the regulations restricting the transfer of personal data outside the EEA.
 

How do we collect usage information?

Because a memoQ cloud server is an online service, usage data are available to us at all times. At the time of writing, we do not access or use these data. In the future, we may start using these data for usage statistics, automatic profiling and targeting. Before we do this, we will ask for your express consent to do so.
 

5. Are we hosting a memoQ server for you?

As a representative of a corporate user of memoQ, your organization has two agreements with us: an end-user license agreement and a service agreement (see the General Terms of Service here)


We collect the following data from you:

  • Name
  • E-mail address
  • Company
  • Country
  • Phone number
  • In case of purchase: Billing address of the organization (which, depending on the circumstances, may or may not be personal information)


What gives us the right to process these data?

  • Tax regulations: For 8 years after a purchase, we must be able to provide proof of the business transaction to the tax authorities. For this purpose, we must retain the billing details and the related documents.
 
  • Contractual obligations: Both the end-user license agreement and the related service agreement require that you specify valid contact details, so that we can check your organization’s eligibility to the product and the related services, and communicate with you concerning the products and services you are using. Such communication includes information about the licenses and services you are using, expiry reminders etc.

If you ask us to erase your data or restrict this type of data processing, your organization will be required to appoint another contact person, and supply us with their details.
 
  • Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. By entering into a license agreement or service agreement with us, you consent to receive such communication from us. However, you can withdraw your consent at any time, without giving a reason. Your organization may also appoint another contact person who consents to receive such communication.


Where are the hosted memoQ servers?

The servers hosting the memoQ servers are located in Germany, Japan, and in the United States. When you sign up for memoQ server hosting, you can choose the location. If you expect to process personal data – or documents containing personal data – of EU citizens, please make sure you adhere to the regulations restricting the transfer of personal data outside the EEA.
 

What happens to the data on the hosted memoQ servers?

You can load a large amount of data on your hosted memoQ server, including projects, documents, linguistic databases – and personal data of the users who may access your memoQ server.
We do not process, access, or otherwise use these data. Except for the details required to enter into contract, you are the data controller as well as the data processor of all the data on your memoQ server, with all rights and responsibilities that follow from this fact. From your perspective, we provide data storage and processing infrastructure only.

If you plan to use the personal data of your users for any purpose other than fulfilling contractual obligations, please make sure you – as the data controller – have their express written consent to do so.
Personal data in documents: Since the purpose of this service is not the processing of personal data, you may not be allowed to work with the personal data accidentally in the documents you receive for translation. Your client may be required to enter into a data processing agreement with you, or you may need to remove or conceal personally identifiable information from the documents for the time of processing.


Data Processing Agreement

For memoQ cloud server users, we act as a data processing agent. As a memoQ cloud server user, you are required to enter into a Data Processing Agreement (DPA) with us. To make this easy, as of May 24, 2018, we include all required data processing clauses in our General Terms of Service.


How do we collect usage information?

Because a hosted memoQ server is technically managed by us, usage data are available to us at all times. At the time of writing, we do not access or use these data. In the future, we may start using these data for usage statistics, automatic profiling and targeting. Before we do this, we will ask for your express consent to do so.
 

6. What happens when you visit our website to access certain services or documents, or to contact us?

When you visit our website, you may need to enter a few details about yourself before you can access certain information.
 

We collect the following details from you:

  • name,
  • e-mail address,
  • organization (company),
  • country,
  • city,
  • phone number, and
  • a profile description. The profile description is a single phrase, describing the user group or the type of organization you belong to (individual/freelancer, translation company, other company, educational institution etc.). You will be asked to choose one from several pre-defined profile descriptions.
 

What gives us the right to process these data?

Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. When you enter your details, you will be asked for your consent to have your data processed by us. In some cases, your consent may be required before you can access a service or a document (a webinar video, for example). However, you can withdraw your consent at any time, without giving a reason. If you represent an organization, it is kindly requested to appoint another contact person who consents to receive such communication.
 

7. What happens when you register for a webinar through our website?

When you register for a webinar, we collect your name and e-mail address.
 

What gives us the right to process these data?

  • Contractual obligation: Your details are required for GotoWebinar to allow you to attend.
 
  • Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. When you enter your details, you will be asked for your consent to have your data processed by us. Your consent may be required before you can access the webinar. However, you can withdraw your consent at any time, without giving a reason. If you represent an organization, it is kindly requested to appoint another contact person who consents to receive such communication.

What is the role of GotoWebinar in processing your personal data?

When you attend the webinar, you will access the GotoWebinar system. To that session, GotoWebinar’s terms of service and privacy policy apply. In those documents, you are a ‘Viewer’. In this setup, we are the data controller for your data, and GotoWebinar is an external data processing agent.

Throughout the webinar, you may be asked to respond to surveys, and you will be able to ask questions.

Your questions and survey responses will be transferred to us. However, the askers or responders are not necessarily identified, and your answers are not automatically matched to your personal data.
 

8. What happens when you register for online training through our website?

E-learning is a free service on our website. When you use e-learning, the general terms of service apply to you.
 

We collect the following personal data:

  • User name
  • E-mail address
  • Password


What gives us the right to process these data?

  • Contractual obligation: The e-learning system must be able to authenticate, track, and communicate with attendees.
 
  • Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. When you enter your details, you will be asked for your consent to have your data processed by us. Your consent may be required before you can access an online training session. However, you can withdraw your consent at any time, without giving a reason. If you represent an organization, it is kindly requested to appoint another contact person who consents to receive such communication.
 

9. What happens if you send a support request through our support form?

You may send a support request if you or your organization have a valid service agreement with us. To that service agreement, the general terms of service apply.
 

We collect the following personal data from you:

  • Full name
  • E-mail address
  • Serial number


What gives us the right to process these data?

  • Contractual obligations: Both the end-user license agreement and the related service agreement require that you specify valid contact details, so that we can check your organization’s eligibility to the product and the related services, and communicate with you concerning the products and services you are using. Such communication includes information about the licenses and services you are using, expiry reminders etc.

If you ask us to erase your data or restring this type of data processing, you may need to terminate your agreements with us, or your organization will be required to appoint another contact person, and supply us with their details.
 
  • Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. By entering into a license agreement or service agreement with us, you consent to receive such communication from us. However, you can withdraw your consent at any time, without giving a reason. If you represent an organization, it is kindly requested to appoint another contact person who consents to receive such communication.
 

10. What happens when you use the Contact us form on our website?

We collect the following data from you:

  • First name, last name,
  • e-mail,
  • company,
  • profile description (see section A.1),
  • country,
  • city,
  • phone number
 

What gives us the right to process these data?

  • Contractual obligation: We need your contact details to be able to respond.
  • Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. By entering into a license agreement or service agreement with us, you consent to receive such communication from us. However, you can withdraw your consent at any time, without giving a reason. Your organization may also appoint another contact person who consents to receive such communication.
 

11. Are you applying for a job through our website?

You will be asked to upload your resumé, and give your consent to process your data. Personal data in the resumé will be processed in by an external data processing agent called VidCruiter.

You may deny or withdraw your consent to process your resumé, but that may make you unable to apply for a position with us.
 

12. Did you sign up for the Referral Program on our website?

In this case, the terms of the Referral Program apply to you.

You need a memoQ account to sign up for the Referral Program.

When participating, we will create a Unique Link for you, which you can share. The Unique link cannot be used to identify you.


13. Did you enroll in the Customer Insights Program or the memoQ Design Lab?

The description of the Customer Insights Program and the memoQ Design Lab are available here.
 

When you sign up for the memoQ Design Lab, we collect the following details from you:

  • first and last name,
  • e-mail address,
  • your position (freelance translator, language service provider, translation department, other)
  • organization (company),
  • your role in your job (select from 6 answers or describe in a few words)
We collect the above data through SurveyMonkey, a designated external data processing agent (see Chapter A.4).


What gives us the right to process these data?

Contractual obligations: We need your data to communicate with you about these programs as promised.
Your consent: We may send you e-mails containing general or targeted offers, invitations to events or surveys concerning quality assurance or market research. When you enter your details, you will be asked for your consent to have your data processed by us. Your consent may be required before you can join the Customer Insights Program or the memoQ Design Lab. However, you can withdraw your consent at any time, without giving a reason. If you represent an organization, it is kindly requested to appoint another contact person who consents to receive such communication.
 

How do we collect usage data?

Under the Customer Insights Program, we collect usage data anonymously, without collecting any personal information. For more details, see the description of the program.