EU Data Protection

Stencil Data Protection

Please read the details outlined in this document to better understand how your data is used. This document was initially prepared in order to be compliant with the General Data Protection Regulation (GDPR) rules.

What data does Stencil collect about our users?

The following information may be collected about our users:

• First and last name
• Email address
• IP addresses where using Stencil from
• Facebook account and page details
• Twitter account details
• Mobile telephone number

The following information may be collected by third parties, however not stored by Stencil:

• Credit card information
• Stencil usage statistics

What do we use this data for?

This data is primarily used for contacting our users, ascertaining their location to ensure compliance with local laws and regulations, and providing essential functionality.

When we ask for information, we do so at the time that it's required. We do not ask for, store or collect information that we do not need.

Who is allowed to access this data?

The following is a list of third party services that may access your data at various times:

• Amazon AWS
• Bitly
• Campaign Monitor
• ChartMogul
• Cloudflare
• Cloudinary
• Facebook
• GitHub
• Google Analytics
• Google Cloud
• Google Fonts
• Gumroad
• Headway
• Help Scout
• Icons8
• Log Rocket
• Mailgun
• Mixpanel
• Namecheap
• PayPal
• Pexels
• Pixabay
• Postmark
• Segment
• Sentry
• Stripe
• Sumo
• Tapfiliate
• The Noun Project
• Transloadit
• Twilio
• Twitter
• Unsplash
• Zenlogin

How is data secured and stored?

Your data is securely stored in industry-leading data centers. These include servers protected by PGP encryption protocols, SSL certificates, and password and API keys that are regularly cycled.

In addition to this, the following precautions have been made:

• Database access is strictly limited to those requiring it
• Server access is strictly limited to those requiring it
• Administrator roles are designed such that those performing routine administrative tasks do not gain access to data that is not relevant to their role

How will we handle a potential data breach?

In the unlikely case of a data breach, the following steps will be followed:

• Site, server and database access will temporarily be disabled
• All of our passwords and security certificates will be changed
• Our users will be emailed and notified of the breach
• An internal investigation will be started to ascertain as much as we can about the breach
• The Stencil site, server and databases will be re-enabled once they've been proven to be secure
• Changes will be made, and documented, to prevent a similar breach in the future
• A follow up an email will be sent to all of our users, detailing what we learned from the investigation, along with the steps to prevent future breaches

How can I delete my data?

Please contact us to request your account, and it's associated data, to be deleted from the Stencil, and associated, servers.

How can I export my data?

Please contact us to request your account, and it's associated data, to be exported from Stencil.

Who is the Data Protection Officer?

Data Protection Officer:
Oliver Nassar
oliver@getstencil.com

Address:
PO Box 20077
Southbrook PO
Maple, Ontario
L6A 4M4
Canada

Contact Us

If you have any other questions that were not adressed here, please feel free to contact us at:
security@getstencil.com