Privacy Policy

1. Privacy Policy

At Doodle, we’re serious about the security of the data on our servers and the protection of the privacy of our users.  We employ several security professionals that work exclusively on technical and organizational security during operations and further development of the product. You can meet them on our team page. We continually take steps to protect your information against loss, misuse, unauthorized access, unauthorized disclosure, manipulation, or destruction.    

As a basic principle, the Swiss Federal Data Protection Act (FADP) applies to the processing of your personal data. In certain circumstances, for example if you access our offers from a Member State of the European Union, the European Data Protection Regulation 2016/679 (GDPR) may also apply. If you access our services from the State of California, USA, the California Consumer Privacy Act of 2018 (CCPA) may also apply.

Doodle AG participates in the IAB Transparency and Consent Framework 2.0 (IAB TCF 2.0 or Framework), an industry standard that allows all participants in the digital advertising market (publishers, advertisers, technology service providers, etc.) to transparently inform end users about the processing of your personal data and to give you the opportunity to agree or disagree with it. As a participant in the IAB TCF 2.0, Doodle AG adheres to the technical and legal (guidelines) requirements of the framework and offers you, the end user, the opportunity to manage your privacy settings via a Consent Management Platform (CMP). Doodle AG uses the CMP solutions from OneTrust (Web; CMP ID # 28) and TX Group AG (Mobile Native; CMP ID # 359). This takes you to your personal privacy cockpit, where you can change your privacy settings at any time. These are taken into account and adhered to by all participants in the framework, including Doodle AG. You can also find a link to the privacy settings in the footer of our digital products.

This Privacy Policy describes how the data is handled at Doodle. Please also consult our general data processing terms and your rights and disclosures required by the CCPA.

2. Your data at Doodle

When you use Doodle, you send pieces of data to Doodle; this can be a name, an e-mail address, or information relating to your appointment. Other data is generated implicitly by your use of Doodle, e.g. log data. We use this information for internal analytical purposes to improve the product for you. Furthermore we employ other companies to perform tasks on our behalf and may need to share this information with them to provide services to you. We do not sell your data to third parties.

3. Log data

Doodle records certain requests and transactions in log files. This log data is used for troubleshooting, statistics, analytics, quality assurance, and to monitor system security and can be analyzed to that end. Doodle can publish anonymous statistics under the condition that no personally identifiable information can be derived from such statistics.

Doodle also uses Google Analytics and Google Firebase Analytics (for iOS and Android apps) to compile usage statistics. These services are provided by Space Pencil, Inc. and by Google, Inc., respectively. Their privacy policies can be found at http://www.google.com/privacy and https://firebase.google.com/terms Doodle anonymizes IP addresses before they are sent to Google Analytics.

Doodle also employs NET-Metrix and AGOF to certify its traffic statistics in Switzerland and Germany. Detailed information (in German) on how this certification works and what information is collected can be found here: NET-Metrix and AGOF. An appendix at the end of the German version of this policy also provides further information on how information is collected for web traffic that originates from Germany.

Doodle works with Crashlytics, Inc (“Crashlytics”) and Bit Stadium GmbH (“HockeyApp”) to report any bug affecting our iOS and Android Apps. HockeyApp’s software is built into our iOS App and Crashlytics’ software is built into our Android App. If either app crashes during normal use, the app will send certain information about the incident to Crashlytics or HockeyApp as applicable. This information consists of the device type, OS version and certain hardware information about your mobile device, and the time of the crash, the state of the application at the time of the crash, and stack traces. The information does not include your IP address or any other information that could be used to identify you or your mobile device individually, and does not include any other information from your mobile device. Click here to review Crashlytics’ privacy policy, and here for HockeyApp’s privacy policy.

This website is using Tidio, a chat platform that connects users with Doodle’s customer support. It will only collect email addresses, names and phone numbers with the consent of users, in order to start a chat. The messages and data exchanged are stored within the Tidio application. For more information, please refer to their Privacy Policy.

Doodle is not using these messages or data other than to follow up on users’ registered issues or inquiries. Your personal data will be processed and transmitted in accordance with the General Data Protection Regulations (GDPR).

4. Cookies

When you use Doodle, the service can store cookies on your computer. Cookies are little pieces of information that can help identify your browser and that can store information for future visits, e.g. your language preferences. Doodle uses cookies to track usage, to improve ease-of-use and the overall user experience, and to manage advertising inventories.

Most Internet browsers automatically accept cookies. You may however configure your browser at any time in such a manner that no cookies are saved on your computer or that an indication always appears when you receive a new cookie.

Doodle’s services may in principle be used without accepting cookies, although individual functions may thereby be limited.

You can choose to disable cookies but this may limit your ability to use Doodle’s service.

5. Social Login

Doodle employs third party tools to provide you with the convenience you are used to from elsewhere on the internet to sign in to Doodle with one click (so called “social login”). Some of these tools can track your actions when you interact with them. At Doodle you can sign in with Google, Microsoft, Facebook or your email/password. Please refer to the terms of the respective providers for further guidance:

6. Advertising

Advertising is one of Doodle’s revenue streams. Therefore, Doodle displays advertisements on some of the services, e.g. on certain web pages or in e-mails. These advertisements can be targeted based on the information that is available to Doodle, e.g. language, IP address, poll content, etc. This targeting is always an automated process; none of the information used for targeting is analyzed manually or made available to advertising customers. In some cases, Doodle displays advertisements from Google’s AdSense or AdExchange network. These advertisements can be targeted based on the poll content. Google does not disclose that information and only uses it for the intended purpose. You can review Google’s Ads Privacy Policy here: http://www.google.com/policies/privacy/ads/. Furthermore, you can use Google’s Ads Preferences Manager to configure the right ads settings for you. We also use other third-party advertising companies to serve ads when you visit our Web site. If you would like more information about this practice and to know your choices about not having this information used by these companies, please see: http://www.networkadvertising.org/managing/opt_out.asp.

This Site is affiliated with Publisher First, Inc. dba Freestar ("Freestar") for the purposes of placing certain advertising on the Site, and Freestar will collect and use certain data for advertising purposes. To learn more about Freestar’s data usage, click here.

Doodle’s paid services (Premium Doodle) are ads-free.

When you use our website and enter your email address on our website (either to log in, or to sign up for a newsletter, or similar), we may share with LiveRamp and its group companies information that we collect from you, such as your email (in hashed, pseudonymous form), IP address, or information about your browser or operating system, with any of the following, acting as “joint controllers” (as applicable and defined in the GDPR).

LiveRamp uses this information to create an online identification code that we may store in our first-party cookie for our use in online, in-app, and cross-channel advertising. This may be shared with advertising companies to enable interest-based and targeted advertising. LiveRamp uses this information to create an online identification code for the purpose of recognising you on your devices. This code does not contain any of your directly identifiable personal data and will not be used by LiveRamp to re-identify you.

Detailed information on LiveRamp’s data processing activities is available in LiveRamp’s privacy policy https://liveramp.com/privacy/. You have the right to withdraw your consent or opt-out to the processing of your personal data at any time https://liveramp.com/opt_out/

7. Outdated and completed polls

You can delete outdated or completed (or, in fact, any) polls manually at any time using the admin link. When deleting a poll, that poll’s information will be deleted from the Doodle application databases but may be archived in some other form for internal analytical purposes to improve the product for you. Log data will not be deleted. Furthermore, outdated polls are automatically deleted from time to time, but no earlier than 30 days after the last date in the poll, or 30 days after the last access to a poll without dates. Polls created with premium accounts will not be deleted automatically as long as the subscription remains active. Should the subscription expire, the deletion rules mentioned above apply to all polls associated to the account after 30 days of expiry.

8. Inactive accounts

Doodle can delete user accounts if they remain inactive (i.e. not accessed) for 1 year or longer.

9. Unauthorized access

Doodle implements several mechanisms to prevent unauthorized access to polls, accounts, or other data.

To access a poll, you use the unique link which Doodle provides and which contains a random access code. This link is an important element to prevent unauthorized access to a poll. You should send this link only to authorized people, i.e., the people you wish to participate in your poll. User-accounts are protected by passwords. You should choose a secure password and ensure its confidentiality to prevent unauthorized access to your account.

10. Inviting from Doodle

As an option, you can contact and invite people to participate in a poll from Doodle. In this case, Doodle needs to know the e-mail addresses of the people to be contacted. You can enter these e-mail addresses in the corresponding form. Doodle stores these e-mail addresses in your user-account for your convenience; Doodle will be able to offer you the same contacts again next time you use the service. You can have Doodle delete all stored e-mail addresses any time using the corresponding function in your user-account.

General remark: Like all other personal information, Doodle will not share participants’ e-mail addresses with third parties. Doodle will not send any e-mail communication to participants’ e-mail addresses without a without a lawful ground.

11. Contacts integration

As an alternative (or complement) to the Doodle contacts, you can use your existing Google contacts to gain access to the e-mail addresses of the people to be contacted. In this case, you authorize Doodle to access your Google contacts. Your Google contacts will still be stored at Google. Please note also: The process of accessing your Google contacts is set up (thanks to OAuth) to make sure that Doodle at no time has access to your Google password.

12. Calendar integration

You can connect Doodle with your calendar to make the scheduling process even easier and more efficient. There are two types of calendars: online and offline.

Online calendars like Google calendar are constantly accessible via their respective interfaces. Doodle can store certain calendar data to improve performance (caching) and to personalise scheduling.

In either case, calendar data on Doodle can be deleted at any time.

13. Communication between you and Doodle

If you send Doodle a message, this message can be stored to process it, to compile statistical information, to improve our services and support, or to get in touch with you.

14. For user surveys and market research

We use the data you provide exclusively to improve the user experience and to further develop our products. The results consist solely of aggregated and anonymous data. If you have given your consent, you may also be contacted by other companies of the TX Group for example to participate in other user surveys.

15. Payment processing

Doodle supports the leading payment processing provider, PayPal. You can find their privacy policies here: PayPal. To make payments as easy and user-friendly as possible, Doodle sends your name and e-mail address to Paypal during a payment process. All this information would be requested by the provider anyway. Doodle furthermore employs Stripe for credit card payments. You can find the privacy policy here.

16. Location of data

The listing and locations of subprocessors authorized to process data on Doodle’s behalf can be found here.

17. Transfer of Personal Data abroad

We are entitled to transfer your Personal Data abroad, including to third party companies (designated service providers) insofar as this is expedient for the Data Processing described in this Privacy Statement. The recipients will be obliged to protect Your Data to the same extent as ourselves. If the level of data protection in a particular country is lower than that applicable in Switzerland, we will ensure under contract that the level of protection for your Personal Data is equivalent to that applicable in Switzerland. We shall ensure this through one or more of the following measures:

18. Sharing personal information

Doodle uses personal information according to the Terms of Service and this Privacy Policy.

Doodle may share personal information with other companies or individuals only in the following limited circumstances: (i) Doodle has your consent; (ii) Doodle has good faith that there is a legal obligation to share the data; (iii) Doodle needs to access or share the data to protect the security of the service or of others users’ data; (iv) Doodle needs to access or share the data to protect Doodle’s rights and property or to enforce the Terms of Service.

19. Data retention

We shall only retain your data for as long as is legally necessary or in accordance with the purpose for which they were processed. If we carry out analyses, we shall store your data until the analysis has been concluded. If we store your data on the basis of a contractual relationship with you, these data will remain stored for at least the duration of the contractual relationship and at most for the duration of the limitation periods within which any claims may be brought by or against us, or for the duration of statutory or contractual duties of retention.

We shall only process your Personal Data in accordance with principles of data protection and if there is a legal basis to do so. If in furtherance of the establishment or implementation of our contract, it shall serve as the legal basis. Otherwise, we have an interest in continuously improving our Offers, adjusting our Offers in line with your needs and showing you advertising that may be of interest to you. This is necessary in order to develop our Offers further, as well as to be able to finance and guarantee the security of our Offers. We act on the presumption that our interests are predominant. If you have consented to data Processing, this consent will apply.

21. Right of erasure

In accordance with applicable European legislation you can delete your account and the events you own from the system in the account section of Sites. It is however possible that another user invites, or informs, you about an event again in the future. If you don’t want this either we can block your email address.

22. Your rights

You have the right to exercise your data protection rights at any time and to request information as to whether and which Personal Data relating to you has been processed by us. You may also arrange for your Personal Data to be corrected, blocked or cancelled at any time in writing, enclosing appropriate proof of your identity, by email.

We reserve the right to exchange correspondence with you in this regard.

Please note that we may be required to retain your Personal Data in part even after a request for blocking or cancellation under the terms of our statutory or contractual retention requirements (such as for accounting purposes) and in such an eventuality will only block your Personal Data insofar as necessary for this purpose. In addition, the cancellation of your Personal Data may have the effect that you are no longer able to acquire or use the services registered by you. Under certain circumstances, you have the right to require us to provide you or a third party specified by you with your personal data in a commonly used format.

In addition, you have the right to make a complaint concerning the data processing in question with the competent supervisory authority. You can do this with the supervisory authority at your place of residence, at your place of work or at the place of the alleged data breach. Your personal privacy cockpit offers you further information on the various systems and providers that we use, as well as the option to change your privacy settings at any time.

23. Contact person

If you have questions regarding data protection, need information or want your data to be deleted please contact our data protection office via email.

The contact details for our Data Protection Officer are as follows:

Doodle AG Data Protection Officer Werdstrasse 21

8004 Zürich Switzerland

For requests from the EU area, you can contact our representative (art. 27 GDPR):

ePrivacy GmbH Große Bleichen 21 20354 Hamburg Germany

https://www.eprivacy.eu  

24. Changes

Doodle reserves the right to update this Privacy Policy at any time. The most current version of this policy is available at https://doodle.com/en/privacy-policy/.