Mapperoni
Login

Compliance

Privacy Policy

This Privacy Policy explains how Mapperoni ("we," "us," or "our") collects, uses, and protects your information when you use our platform and services.

1. Who We Are

Mapperoni is a feedback collection platform operated by Canvis Software LLC. For data protection purposes, we act as:

  • Data Controller for account holders and website visitors
  • Data Processor for response data collected through our customers' projects

Contact: privacy@mapperoni.com

2. Information We Collect

Information You Provide

  • Account information: Name, email address, password
  • Team information: Organization name, team member details
  • Project content: Forms, questions, and configurations you create
  • Response data: Information submitted through projects (processed on behalf of project owners)
  • Communications: Support requests and correspondence

Information Collected Automatically

  • Usage data: Pages visited, features used, timestamps
  • Device information: Browser type, operating system, IP address
  • Cookies: Session management and preferences (see Section 8)

3. How We Use Your Information

PurposeLegal Basis (GDPR)
Provide and maintain servicesContract performance
Process transactionsContract performance
Send service communicationsContract performance
Respond to support requestsContract performance
Improve our platformLegitimate interests
Ensure security and prevent fraudLegitimate interests
Comply with legal obligationsLegal obligation
Send marketing (with consent)Consent

4. How We Share Your Information

We never sell your personal information or share your data unless legally required to, or unless necessary to deliver a service.

5. Data Retention

  • Account data: Retained while your account is active, deleted immediately upon account closure.
  • Response data: Retained according to project owner settings; deleted when project is deleted.
  • Legal holds: Data may be retained longer if required by law.
  • Database backups: Data may persist in encrypted database backups for up to 1 year. This data is inaccessible to employees or users.

6. Your Privacy Rights

All Users

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and data
  • Export your data

European Economic Area (GDPR)

You have the right to:

  • Access, rectify, or erase your data
  • Restrict or object to processing
  • Data portability
  • Withdraw consent at any time
  • Lodge a complaint with your supervisory authority

We process data under the legal bases described in Section 3. International transfers are protected by Standard Contractual Clauses.

California Residents (CCPA/CPRA)

Your Rights:

  • Right to Know: Request the categories and specific pieces of personal information we collected
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate information
  • Right to Opt-Out: We do not sell or share personal information for cross-context behavioral advertising
  • Non-Discrimination: We will not discriminate against you for exercising these rights

Categories of Personal Information Collected:

  • Identifiers (name, email, IP address)
  • Commercial information (transaction history)
  • Internet activity (usage data)
  • Professional information (organization name)

Sources: Directly from you, automatically through the platform

Business Purposes: As described in Section 3

To exercise your rights, contact privacy@mapperoni.com or use account settings.

7. International Data Transfers

We store our database and database backups in Germany. For transfers outside the EEA, we use:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions where applicable

8. Cookies

We use essential cookies for platform functionality. We do not track users with analytics cookies.

Manage preferences in your browser settings.

9. Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS) and at rest
  • Access controls and authentication
  • Regular security assessments
  • Incident response procedures

10. Children's Privacy

Our services are not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us data, contact us immediately.

11. Changes to This Policy

We may update this policy periodically. We will notify you of material changes via email or platform notice. Continued use after changes constitutes acceptance.

12. Contact Us

Privacy Inquiries, DPO & representatives: privacy@mapperoni.com

For Project Owners

When you collect responses through Mapperoni, you are the Data Controller for that response data. You are responsible for:

  • Providing appropriate privacy notices to respondents
  • Ensuring lawful basis for collection
  • Responding to data subject requests
  • Configuring appropriate data retention

We act as your Data Processor and process response data according to our Data Processing Agreement.

Previous
Acceptable use policy
Next
Terms of service