September 1st 2021
Where is your data stored and how we ensure that it is secureWe store your data in a secure data center of a leading Cloud service provider. In most cases we endeavor to host this in Singapore or the USA. Joye’s technology is EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) compliant, to protect your privacy at the highest level. More Details We have architected the design and the processes to ensure that all transmissions are secure using technical and physical security measures.
Contact informationWe are an email away. Please contact us at firstname.lastname@example.org
In case of any further doubts and clarifications, you can reach out to us at email@example.com and we will endeavor to address your concern at the earliest.
Information we collect from you and how we use
Sign up and Sign in
You will use your Microsoft Teams login credentials to gain access to Joye. Once the access is granted through Microsoft’s Active Directory authentication services (in some cases pre-approved by your organization), we only collect your unique system identity, example, organization identity, your Microsoft Teams ID, your email. We do not need your personal details – no name, no picture.
When you speak or write to express your feelings, our AI algorithm will process this to understand your context and will respond appropriately to recommend tips and nudges to enhance your mental wellbeing.
By using our in-app Journal text entry service (not the ‘how are you feeling today’ text input, only the journal text input), you grant Joye consent to store your text recording in its secure database to enable you to revisit it within the app. Users may request and obtain removal of such posted content by contacting us at firstname.lastname@example.org and specifically identifying the content to be removed. Please be advised that despite our best efforts, this may take time as we will only have your encrypted identity in our records and the process may be manual. In addition any such removal may not ensure complete or comprehensive removal of all traces of the content posted.
In the matters of mental wellbeing, it is mostly about the timing of the care. In addition to our in-app context-sensing AI algorithm we endeavor to sense your calendar and chat activity and usage patterns inside of Microsoft Teams to try to assist your mental wellbeing needs at the appropriate time. We may track some basic usage patterns in your free/busy time and frequency of chat services. We encourage users to keep notifications on to get the right care at the right time. In doing so, we do not access any content in your calendar or chat or any other place in your personal systems.
Joye does not collect or process credit or debit cards or any other payment-related information.
Just like any other application, we may also have access to the operating system version on your device, the device type and system performance information. This will enable us to understand your broad, non-specific geographic location to help us identify groups of users by general geographic market (such as state or country).
We use analytics software to allow us to better understand the functionality of our software. This software may record information such as how often you engage with the Products, the events that occur within the Products, aggregated usage and performance data, and where the Applications were downloaded from. We may link the information we store within the analytics software to other information available to us.
We gather certain information automatically and store it in log files. This information may include Internet Protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. Details of your visits to and interactions with the Products including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.
Legal basis for processing your personal data
In respect of each of the purposes for which we use your Personal Data, we ensure that we have a ‘legal basis’ for that use. Most commonly, we will rely on one of the following legal bases:
Where we need to perform a contract we are about to enter into or have entered into with you (ContractualNecessity).
Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests (Legitimate Interests).
Where we need to comply with a legal or regulatory obligation (Compliance with Law).
Where we have your specific consent to carry out the processing for the Purpose in question (Consent).
Your rights related to your Personal Data
The right to access your Personal Data
This right enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
The right to rectification of errors
In the event that any information that we hold about you is incomplete, partially incorrect or incorrect in its entirety, this right enables you to have any such data corrected.
The right to removal of data
This right enables you to ask us for deletion or removal of your Personal data where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).
The right to object to processing of your Personal Data
This right exists where we are relying on a legitimate interest as the legal basis for our processing and there is something about your particular situation, which makes you want to object to processing on this ground.
The right to data portability
We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
The right to withdraw consent
This right only exists where we are relying on consent to process your Personal Data (“Consent Withdrawal”). If you withdraw your consent, we may not be able to provide you with access to the certain specific functionalities of our Products. We will advise you if this is the case at the time you withdraw your consent.
Please note that whenever you request any of the above, we will take necessary steps to verify your identity in accordance with the applicable law. This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. Further, except in relation to Consent Withdrawal, we may charge a reasonable fee if your request is manifestly unfounded, repetitive or excessive, or, we may refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within 30 days. Occasionally it may take us longer if your request is particularly complex or you have made a number of requests.
Disclosure of your information to third parties
When you speak or write, we immediately anonymize your expression and no one can ever know what you spoke. Not only this, Joye’s technology is EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) compliant, to protect your privacy at the highest level. More Details
Joye’s data is independently managed by Joye Pte Ltd Singapore, and your organization will not be able to see your private information. They will only see a high-level overview of the organization’s wellbeing. This will enable your organization to make more empathetic and responsive policy decisions to better serve the emotional needs of your organization. Individual-level information will not be visible to your organization.
We may disclose your information, to third parties as follows:
In some circumstances, based on your specific requests, we may need to disclose your personal information to a third party so that they can provide a service you have requested from such a party, or fulfill a request for information from such a party.
In the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets.
If Joye or substantially all of our assets are acquired by a third party, in which case personal information held by us about our customers will be one of the transferred assets.
If we are under a duty to disclose or share your personal information in order to comply with any legal obligation such as to comply with a subpoena, bankruptcy proceedings, similar legal process, or in order to enforce or apply our agreements with you; or to protect the rights, property, or safety Joye, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection or similar scenarios.
Minors using Joye
Where your data is stored and how we ensure it's security
All information you provide to us through the Products is stored on our cloud service provider’s secure servers, at most times located in Singapore or USA. On request and mutual agreement with the organization, we could also consider storing your data in a mutually agreed country.
Any payment transactions, if any, will be encrypted using SSL technology; all payment information is stored with our payment processor and is never stored on Joye’s servers.
Just like it can be said of any other application or any form of the web, the transmission of information via the Internet is never completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to the Products; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
Joye operates and uses appropriate technical and physical security measures to protect your personal data. We have partnered with leading cloud service providers to protect your personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. Access is only granted on a need-to-know basis to those people whose roles require them to process your personal data. All your personal data by which you can be identified, we will destroy, as per our policies, after you have requested to deactivate your Joye account.
You are also responsible for helping to protect the security of your personal data. Furthermore, you are responsible for maintaining the security of any device on which you utilize the Services. Unfortunately, no system is 100% secure, and we cannot ensure or warrant the security of any personal data you provide to us. To the fullest extent permitted by applicable law, we do not accept liability for unintentional disclosure.
Please contact Joye’s Data Protection Officer at: