Who We Are
Our website address is: http://dotsub.com
Dotsub is committed to the privacy and security of our users, content contributors, translators and customers. We ensure that any personal information acquired by the Dotsub website and service during the course of its operations is always secure, never sold or rented to any third party, and never used in any way other than that intended by the owner of the information.
Section 1: YOUR PERSONAL DATA
Information We Collect
We may collect sensitive information about you in order to provide you with required services, access to our website and system, and fulfill contractual obligations. We may collect any of the following: your full name, date of birth, e-mail address, physical address, phone number, and bank account or credit card information. None of this information can be used by third parties without your explicit consent when providing us with this information.
We may collect other limited information about you. This may include information about the type of browser you are using, the Internet Protocol address of your originating Internet Service Provider, and your viewing history. We do not connect this limited information about you with any sensitive information about you that we may have, and it is not possible to locate or identify you using this information. You may opt-out of our collection of this data by refusing to accept cookies when you enter our site.
Tools We Use
“Cookies” are small data files stored on your hard drive that assign a unique identifier to your computer so that Dotsub can “recognize” your computer each time you use it to return to the Dotsub website. These cookies help us gather non-sensitive information about your use of our website and services, that we aggregate with other information to learn more about how our users interact with the Dotsub website and help us improve services for you. They do not, standing alone, identify you as an individual by name or Dotsub account number. While you can set your browser to refuse to accept cookies, you should understand that some of the Dotsub services may not function properly if your browser refuses to accept cookies.
The Dotsub website may contain links to other websites not controlled by Dotsub. Please be aware that Dotsub is not responsible for the privacy practices of these other websites. We encourage you to be aware of when you leave the Dotsub website and to read the privacy policies of other websites you visit.
How We Use Your Information
We use your information to provide the services offered by the Dotsub website and service; to respond to and process your requests for services and information; to notify you of updated or changed information, website features, promotional opportunities, or services that we offer. We will not send you notices, updates, newsletters, or advertising unless you have explicitly agreed (by “opting-in”) to accept such communications. We reserve the right to send you notices necessary for your account with Dotsub to be maintained.
We will never rent or sell your sensitive personal information to any third party. We treat your sensitive personal information as confidential, and have systems, procedures, and policies in place so that our employees also understand the confidential nature of your sensitive personal information. None of your personal information is accessible to anyone who is not explicitly authorized to access it by you when you start using our service. We will only disclose your sensitive personal information to a third party if compelled to do so by law. Unless the law prohibits us from doing so, we will make a good-faith effort to notify you in advance of any such disclosure.
We may allow our advertisers to deliver targeted alerts, advertisements, or messages to the Dotsub website as you are using it. We may provide our advertisers with limited information (non-sensitive information) about your use of the site to facilitate this service.
Your Dotsub Password
Your Dotsub password is unique to your Dotsub account and is designed to protect your account from unauthorized access and use. Dotsub will not be responsible for any lost, stolen, or otherwise disclosed passwords. Your password should be protected and should not be disclosed to anyone.
Changes to Policy
Section 2: PERSONAL DATA CONTAINED WITHIN FILES OR DOCUMENTATION
information We Collect
Any files or documentation (videos, audio recordings, images, spreadsheets, glossaries, text files, subtitle files, transcripts, or any other type of data) which is sent to us as part of the service we provide to you, will be considered your property throughout our process, and as such you will be acting as the primary data controller. As the primary data controller, it is your obligation to ensure that you have consent from the data subject or otherwise lawful grounds for sending us content containing personal data. This is especially true for content containing special categories of personal data.
Dotsub acts as both a data processor and a joint controller of personal data present in files and documentation. This is because, in order to fulfill our contracts with you, we need to engage sub-processors and therefore have responsibility over how your data reaches and is used by them.
How We Collect It
Any files or documentation we receive from you must be uploaded, sent, shared or ingested via secure online platforms, including the Dotsub Uploader, online file-sharing services, encrypted email, API integration or cloud-based file storage.
How We Use Personal Data in Your Files and Documentation
We do not extract, or permit or enable third parties to extract, personal data from any files or documentation processed as part of the service we provide to you outside of the context of the service we provide.
All files and documentation are shared using secure means with approved and compliant third-party vendors and language service suppliers, as part of pre-contractual inquiries and then as part of the contract fulfillment.
Where Your Data is Stored
For the purposes of IT hosting and maintenance, your files are stored on servers within the USA. Under the US-EU Safe Harbor Agreement, the USA is deemed a safe place for the storage of any data arising from any of the EU member states.
Third Country Data Transfers
For the fulfillment of some contracts, we will transfer data to suppliers outside of the United States and the EU and who are not based in countries on the EU’s list of Adequate Countries. This is to ensure we work with the best linguists across the many languages we offer in translation, and because those people are often based in the countries where those languages are spoken – benefiting from full immersion in the language – we will often need to send files to countries outside the EU’s list of Adequate Countries – for example, China, India, Japan or the UAE. Sending work to countries where more linguists reside also means we can offer faster turnaround times on your projects.
If we need to send any files or documentation outside the EU/EEA in order to fulfil your contract (in accordance with Article 49b of the GDPR Regulations), we will inform you. It is up to you to make sure the data subject is also aware of this and gain their explicit consent. If for any reason the data subject does not consent to us sending the data to linguists based in third countries, we will of course look into alternative suppliers based in the EU or adequate countries to carry out the work. This may affect the terms of the project such as costs or turnaround timeframes.
All of our linguists in all countries will be operating under a strict set of rules regarding data privacy and security, and all of our transfers will be carried out with protection measures in place.
Special Categories of Personal Data
If your files or documents contain special categories of personal data belonging to a third-party subject (according to articles 6 and 9 of the GDPR Regulations), it is your obligation to obtain the relevant consent and establish lawful grounds for the processing of that data.
How Long We Keep Your Data
This would depend on the service you are receiving from us. As a minimum we will retain personal information which we process on behalf of our customers for as long as needed to provide services and products to our customers.
We may also have a legal, accounting or reporting obligation to retain your data for a number of years, for example in compliance with state taxation requirements. We make keep a record of your communication when you contact us, in order to help solve any issues that you may be facing.
GDPR Data Subject Access Request (SAR) Policy – Clients and Suppliers
Data Protection Statement
The GDPR requires that personal data is processed fairly and lawfully. Dotsub is committed to protecting the privacy and confidentiality of personal information relating to clients and suppliers.
The Company’s Data Controller is the Chief Operating Officer. Where an individual feels that the rules of data protection have been compromised by Dotsub, they should contact the Chief Operating Officer.
Personal data held by Dotsub will be used for the purposes of fulfilling business contracts and communicating information which is of legitimate interest to clients and suppliers. Disclosure of personal information to a third party will only occur with the expression permission of the individual, unless the Company has a statutory/legal obligation to disclose the information.
The Right to Subject Access
In accordance with the GDPR, you have the right to be informed of the information held about you and to discover to whom it has been disclosed. Should you wish to access the information held by Dotsub, you must make a formal Subject Access Request (SAR) to Dotsub in writing. We will also need to see proof of your identity, to make sure it really is you asking for your personal data, and some details as to what you would like to access.
Under the GDPR you are entitled to access the following:
- the reasons why your data is being processed;
- the description of the personal data;
- anyone who has received or will receive your personal data; and
- details of the origin of your data if it was not collected from you.
How We Handle SARs
Once you have submitted your Subject Access Request, along with proof of your identity, we will respond to you in writing within one month with your data or with an indication of timelines if we cannot provide your data within this time frame. All data requests will be completed within a maximum of three months in accordance with the GDPR. There will be no charge for making a Subject Access Request unless the request is ‘manifestly unfounded or excessive’. We may charge for multiple requests and this will be handled on a case-by-case basis.
If you would like to request access to your data, please include SUBJECT ACCESS REQUEST in the subject line of your email.