The General Data Protection Regulation (GDPR) came into effect on May 25, 2018. It is one of the most comprehensive changes made to data privacy regulations in the last two decades. The GDPR provides the citizens of the EU greater control over their personal data, and unifies a number of existing privacy and security laws under one umbrella law.
GDPR applies to all organizations that handle personal data of individuals from the EU region, irrespective of where they are located.
At Ally, we are committed to ensuring your data is secure with us. We only collect information that is absolutely necessary to support your organization’s OKR process, and deliver a good user experience. The data we collect and store is:
At Ally, fulfilling our privacy and data security commitments is important to us. We’ve built a robust security framework, and we regularly review our internal access design to ensure the right people have access to the right level of customer data. We have also:
Since we cater to organizations and process data on their behalf, any requests to remove or export an individual’s data has to be routed through the admins of the organization. Individuals can amend their own data.
To permanently delete an individual’s data, admins can email us [email protected]
Note: It is possible that in some cases, due to legal or contractual obligations, we would not be able to delete your data immediately, but rest assured, Ally will remove data as soon as it is technically and legally possible
To export an individual’s data, admins can email us at [email protected]
To rectify inaccurate personal information, an individual can:
Admins can edit their users’ information, including email and manager information by navigating to Admin > Users, and clicking on ‘Edit’ under the Actions dropdown.
For any other questions, requests or issues regarding your data and how it is used, please reach out to us [email protected] we’ll be happy to help.