Privacy Policy

Last updated: 5th of December 2024

1. Introduction

This privacy policy for Simon Lejeune, doing business as Slap ("Slap", "we", "our", "us")  outlines what personal data we collect and how we use, disclose, and protect your information when you use our services, visit our websites (www.getslap.co), or engage with us in any other ways.

By using our services, you agree to the terms outlined in this Privacy Policy.

2. Personal data collected

2.1. From whom we collect personal data

We collect data from the following categories of individuals:

  • Website users: Individuals who visit and interact with our website.
  • Marketing prospects: Individuals who have shown interest in our products or services, including those who have contacted us directly or whom we have contacted for marketing purposes.
  • Customers: Organizations or individuals who have purchased our services or products, including their representatives and employees.
  • End-users: Individuals who use our services as part of a customer’s organization.

2.2. What personal data we collect

The types of data we collect vary depending on the relationship we have with you:

  • Website users:
    • Personal information: IP address, browser type, operating system, screen resolution, language preferences, referring urls, country, location.
    • Usage data: pages viewed, time spent on the site and interaction data, information about how and when you use our services.
  • Marketing prospects:
    • Contact information: Name, email address, phone number.
    • Business information: Job title, company name, industry, company country.
    • Communication data: Content of emails, messages, and other communication methods.
  • Customers and end-users:
    • Contact information: Name, email address, phone number, avatar.
    • Business information: Job title, company name, industry, company address.
    • Payment-related information: credit card information, billing and mailing information.
    • Service-related information: username, password, contact or authentication data.
    • Gmail and Notion data: We collect the email addresses of connected Gmail accounts, and the Notion databases names and Notion workspace name, which may contain personal data. This information is used to provide seamless integration between Slap, Gmail, and Notion.
    • Attachments from emails: We collect and store attachments (including inline attachments) from the emails you send or receive via a mailbox connected to Slap. These attachments are stored securely on Google Cloud servers located in Europe and are used to provide seamless integration with Notion. This is necessary because the current Notion's API do not allow us to upload files directly to Notion. Storing these attachments enables us to give you access to them within your Notion account. Attachments are accessible only to authorized users within your Slap organization and are protected by secure login methods.

2.3. How we collect personal data

  • Directly from You:
    • Account creation: When you create an account or sign up for our services.
    • Forms and submissions: When you fill out forms on our website or through other communication channels.
    • Customer support: When you contact us for support, provide feedback, or engage in other communications.
  • Automatically:
    • Cookies and tracking technologies: We use cookies, web beacons, and similar technologies to collect information about your usage of our website and services. A cookie is a small data file stored on your computer or mobile device that retains information, such as your preferences.
    • We use cookies to provide you with a better experience on our website and to collect analytics to understand how our website is used and how to improve it.
    • Some cookies are necessary for our website to function properly. Others are optional, and you can choose whether to allow them during your first visit via a pop-up or at any time through your browser's settings.
    • Service Usage Logs: We automatically collect logs and usage data when you interact with our services, including IP addresses, device information, and activity logs.
  • From third parties:
    • Service providers: We may receive data from third-party service providers that assist us in providing our services, such as authentication providers, payment processors or analytics providers.
    • Publicly available sources: We may collect information from publicly available sources, such as business directories or social media platforms, for prospecting purposes.

3. Use of personal data

We may use the information we collect for the following purposes:

  • To provide and maintain our services: We use your data to operate, administer, and provide our services, including processing transactions, managing accounts, delivering customer support, and handling billing activities. This includes giving you access to your emails attachments within Notion.
  • To enhance user experience: We analyze how users interact with our platform to improve our services, develop new features, and optimize user experience based on feedback and usage patterns.
  • To communicate with you: We use your data to send you service-related communications, including updates, notifications, and other important information about our services. We also communicate with you regarding customer service inquiries, product offers, and marketing materials, where permitted.
  • To ensure security and prevent fraud: We use your data to monitor and enhance the security of our platform, protect against fraudulent activities, and ensure the safety of our services and users.

We collect and process your Personal Data only when we have a legal basis for doing so. This means we collect and use your data under the following conditions:

  • Contractual necessity: We process your data to fulfil our contractual obligations to provide you with our services and customer support.
  • Legitimate interests: We process your data to pursue our legitimate interests, which include improving our services, securing our platform, communicating relevant information to you, and protecting our legal rights. We ensure that these interests do not override your data protection rights.
  • Consent: In cases where we rely on your consent to process your data, we will request your explicit consent for specific purposes, and you have the right to withdraw your consent at any time.
  • Legal compliance: We may process your data to comply with legal obligations, such as regulatory requirements, court orders, or governmental requests.

4. To whom we disclose personal data

We may share your personal data with:

  • Service Providers: Third-party vendors who assist us in providing services (e.g., payment processors, hosting services).
  • We may disclose your personal data to third-party service providers who assist us in providing our services. These providers include, but are not limited to:
    • Cloud Hosting Providers: For data storage and hosting of our platform.
    • Payment Processors: To process transactions and manage billing.
    • Customer Support Providers: To assist with customer service and technical support.
    • Marketing and Analytics Providers: To help us improve our marketing efforts and analyze user interactions.
  • All of our service providers are contractually obligated to handle your personal data securely and only in accordance with our instructions, and they must comply with applicable data protection laws.
  • Business partners: We may share your personal data with our business partners when it is necessary to offer you certain services or integrations. For example:
    • Integration Partners: To enable integration of third-party tools or services with our platform.
    • Resellers and Distributors: To facilitate the sale and distribution of our services.
  • These partners are bound by confidentiality agreements and data protection obligations to ensure the safety and privacy of your data.
  • Legal Compliance: We may disclose your personal data to legal and regulatory authorities when we believe it is necessary to comply with legal obligations.

We do not sell your data to third-parties.

5. Data security

We implement a range of technical and organizational measures to safeguard your personal data from unauthorized access, disclosure, alteration, or destruction. However, please remain aware than no electronic transmission over the internet is 100% secure.

While we strive to protect your data, it’s important that you also take steps to secure your information. This includes using strong, unique passwords, safeguarding your authentication credentials, and maintaining the security of your devices.

If you suspect your personal data has been compromised, please contact us immediately via the details in the Contact Us section. In the event of a security breach, we will notify you and the relevant authorities in accordance with applicable law.

6. International data transfers

Our servers are located in the European Union, but your information may be transferred to, stored, and processed by us or third parties who assist us in providing our services in other countries. If you're a resident of the European Economic Area, United Kingdom, or Switzerland, those countries might have less stringent data protection laws than your own. However, we take all necessary measures to protect your personal information, including using the European Commission's Standard Contractual Clauses (SCCs) to ensure your data remains protected according to GDPR standards during these transfers.

7. Data retention

We retain your personal data only as long as necessary for its original purpose, to comply with legal obligations, resolve disputes, and enforce agreements. When it is no longer needed, we will securely delete or anonymize it from our systems.

Usually, this means your data are kept as long as you have an account with us. In the case of analytics data collected from visitors on our website, they are kept for 26 months.

8. Your rights

If you are a resident of the EEA, UK or Switzerland, you have the following rights regarding your personal data:

  • Right to access: you have the right to request a copy of your personal data that we hold and to obtain information about how we process it.
  • Right to rectification: you can request that we correct or update any inaccurate or incomplete personal data we hold about you.
  • Right to erasure: you may request that we delete your personal data when it is no longer necessary for the purposes for which it was collected or if you withdraw your consent.
  • Right to restriction of processing: You can request that we restrict the processing of your personal data under certain conditions, such as when you contest the accuracy of the data or object to its processing.
  • Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit it to another organization if technically feasible.
  • Right to object: You can object to the processing of your personal data for certain purposes, such as direct marketing or processing based on legitimate interests.
  • Right to object to automated decision-making: You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or significantly affect you.

To exercise any of these rights, please contact us using the details in the Contact Us section. We will respond to your request in accordance with applicable data protection laws.

Residents of certain U.S. states () may have the following rights under applicable state privacy laws:

  1. Right to Know: Request disclosure of categories of personal information we collect, sources, purposes, and third parties we share it with.
  2. Right to Access: Request access to specific pieces of personal information we've collected about you.
  3. Right to Delete: Request deletion of your personal information, with some exceptions.
  4. Right to Opt-Out: Opt-out of the sale or sharing of your personal information with third parties.
  5. Right to Correct: Request correction of inaccurate personal information.
  6. Right to Obtain a Copy: Request your personal information in a portable, usable format.
  7. Right to Non-Discrimination: Exercise your privacy rights without discrimination in service or pricing.

Depending on your state, you may have some additional rights.

To exercise any of these rights, please contact us using the details in the Contact Us section. We will respond to your request in accordance with applicable data protection laws. You can also use, under certain circumstances, a designated agent to acte on your behalf.

If you are not resident of any of the above countries or state, you may still have additional rights. To exercise any of these rights, please contact us using the details in the Contact Us section. We will respond to your request in accordance with applicable data protection laws.

9. Other

9.1.  Additional information about Google User Data

If you provide us access to your Google data (e.g. when you enable the mailbox sync feature with your Gmail account), our use of that data will be subject to the following additional restrictions:

  • We will only use access to read, write, modify or control Gmail message bodies (including attachments), metadata, headers, and settings to provide our services: allowing you to read your emails from Notion and reply to your emails from Notion.
  • We will not transfer this Gmail data to others unless doing so is necessary to provide and improve these features, comply with applicable law, or as part of a merger, acquisition, or sale of assets. Additionally, we will not use this Gmail data for serving advertisements.
  • We will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes or debugging, to comply with applicable law, or for our internal operations (when the data have been aggregated and anonymized)

You can revoke our access to your Google account at any time through your account on Slap or by contacting us (see Contact Us section). We comply with the Google API Services User Data Policy, including the Limited Use requirements.

9.2. Minors privacy

Our Services and Sites are not for users under 18 (minors). We don't knowingly collect data from anyone under 18. If you're under 18, don't register or send us any personal information. If we learn we've collected data from someone under 18 without parental consent, we'll promptly delete it. Parents or guardians of children under 18 who believe their child has provided us personal data should contact us using the information at the end of this Policy.

9.3. Third-party websites

We may link to third-party websites or services that are not affiliated with us. We do not make any guarantee regarding any such third-party, we are not responsible for their content or privacy and security rules.

9.4. Do-not-track features

Some web browsers offer a "Do Not Track" (DNT) feature that allows you to signal your preference regarding tracking and the collection of information about your online activities. When you activate DNT, your browser sends a signal to websites you visit, indicating that you do not wish to be tracked.

At present, there is no uniform industry standard for how websites should respond to DNT signals. As a result, we do not currently respond to DNT signals or similar mechanisms. We continue to monitor developments around DNT and may adopt a standard once one is established.

10. Update of Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new Privacy Policy on our website or by other means. The date of last update will be indicated.

11. Contact us

If you have any questions about this Privacy Policy or our data practices, please contact us at hello@getslap.co.

Simon Lejeune

VAT number: PT306307006

Beco dos Mendes 4

2925-004 Setúbal

Portugal