Privacy Policy

Scope of this Privacy Policy:

This Privacy Policy governs the usage of Layer’s online collaboration tools and platform, along with the associated mobile and desktop applications (collectively referred to as the “Services”). It also applies to interactions on Layer.cafe, other Layer websites (“Websites”), and other engagements such as customer support and participation in the Layer Community. The policy encompasses the processing of various forms of content, including messages, files, video or audio recordings, prompts, and any other material submitted through our Services (“Customer Content”). It’s essential to note that this Privacy Policy does not extend to any third-party applications or software integrated with our Services (“Third-Party Services”) or other third-party products, services, or businesses. Our focus remains solely on the protection and handling of personal data within the context of Layer’s own Services and interactions.

The entity or person (referred to as “Customer”) who has agreed to the Terms of Service, along with any product-specific terms (collectively, the “Customer Agreement”), has full control over their instance of the Services, known as their “Organization,” and all the associated Customer Content. Authorized Users, individuals granted access to the Organization by the Customer, frequently submit Customer Content to Layer while using the Services. Should you have any inquiries about specific Organization settings and privacy practices, please reach out to the Customer whose Organization you are utilizing. In case you have received an invitation to join an Organization but have not yet created an account, don’t hesitate to seek assistance from the Customer who extended the invitation. They will be able to provide the necessary guidance and support for your account creation process.

Identification of the Data Controller and Processor:

In compliance with data protection laws in specific jurisdictions, a clear distinction is made between the roles of “controller” and “processor” concerning personal data. In this context, the Customer assumes the role of the controller, while Layer acts as the processor for Customer Content. As the controller for Customer Content, the Customer holds the authority to utilize the Services to grant or revoke access to an Organization, assign roles, configure settings, access, modify, export, share, remove Customer Content, and apply its policies to the Services. In its capacity as the processor for Customer Content, Layer processes such data solely based on the Customer’s requests and in accordance with the Customer’s written instructions, including the relevant terms outlined in the Customer Agreement, the Customer’s use of the Services, and any requirements set forth by applicable laws. For detailed information regarding the processing of Customer Content (including the processing of personal data, the purpose and legal basis of such processing, and data subject rights), we direct you to review the relevant Customer’s privacy notice. Layer also assumes the role of the controller for certain other categories of data, as described in paragraph 3 below. Should you have any inquiries, complaints, or wish to exercise your rights regarding your personal data, please do not hesitate to contact us at [email protected].

The types of personal data we collect:

Your personal data is acquired through various means when you use our Services. Layer collects and receives Customer Content and other personal data, referred to as “Other Data,” in the following ways:

Customer Content:

Customers and Authorized Users routinely submit Customer Content while using our Services.

Organization and account information:

To create or update an Organization account, you or the relevant Customer (e.g., your employer) provide us with details such as email address, phone number, password, domain, and similar account information. Customers purchasing a paid version of the Services may also supply billing details like credit card information, banking details, and billing address.

Usage data:

This includes metadata generated when an Authorized User interacts with the Services, providing additional context about their usage. For instance, logs of viewed or interacted Organizations, boards, people, features, content, links, and shared files, along with Third-Party Services used.

Log data:

Our servers automatically collect information when you access our Websites or Services, including IP addresses, the web page visited before using our Services, browser type and settings, date and time of usage, browser configuration, plugins, and language preferences. Device data: We gather information about devices accessing our Services, such as device type, operating system, device settings, application IDs, unique device identifiers, and crash data.

Location data:

We may receive location information, approximating your location from information provided by you, your employer, or other third parties with your consent.

Third-party data:

We may receive relevant data about organizations, industries, customer lists, Website visitors, marketing campaigns, and other matters from parent corporations, affiliates, subsidiaries, partners, or third parties, which we may combine and use in aggregate-level data.

Cookie data:

Our Websites and Services use various cookies and similar technologies to collect Other Data. For more information on how we use these technologies, including opt-out options, please refer to our Cookie Notice.

Email performance data:

We utilize ‘clear image’ (gif) tracking in email communications to gauge engagement and performance metrics, though much of this data is aggregated and does not contain personal data. You can disable this tracking by turning off images in the email itself.

Data from Third-Party Services: A Customer has the option to use Third-Party Services. If a Customer enables these services, Layer may access and exchange Customer Content and Other Data with the Third-Party on behalf of the Customer, as per our agreement with the Third-Party Services and any permissions granted by the Customer (including its Authorized User(s)).

Contact Data:

With the consent provided by your device or third-party API, we process contact information that an Authorized User chooses to import while using the Services.

Community Data:

Other Data is also received when submitted to our Websites or in other ways, such as participation in the Layer Community, Layer Academy, or Layer. This data is either submitted directly to the Services or collected during Forums, Programs, contests, activities, events, or educational programs hosted by Layer (or a vendor).

Call Data:

For training and quality assurance purposes, our Customer Success team may record video or telephone calls with Customers. You will be informed when a recording is made, and you can request that Layer does not record these calls.

Additional Data Provided to Layer:

We also receive Other Data when submitted to our Websites or through other means, such as when you request support, interact with our social media accounts, or communicate with Layer.

Business Data:

Layer may receive information about individuals from organizations, industries, Customers, (potential) partners, parent corporations, affiliates, and subsidiaries, and our partners for cooperation and communication purposes.

Typically, there is no legal or contractual requirement for anyone to provide any Customer Content or Other Data (collectively referred to as “Personal Data”). However, certain Personal Data may be collected automatically, and in the case of essential information like Organization setup details, failure to provide such data may result in an inability to provide the Services.

How we use personal data

Customer Content will be utilized by Layer in accordance with Customer’s instructions, as outlined in the Customer Agreement and the Customer’s use of our Services, while also adhering to applicable laws. Layer utilizes Other Data to serve the legitimate interests of operating our Services, Websites, and overall business. Specifically, we employ Other Data for the following purposes:
— Supporting the delivery of our Services under a Customer Agreement, which includes creating or updating an Organization, addressing service errors, technical issues, and analyzing usage patterns and trends.
— Operating and maintaining the Layer Community, enabling collaboration and interaction among Users.
— Complying with applicable legal requirements, legal processes, or regulations. — Engaging with you to respond to your inquiries, comments, and questions, using Other Data for communication purposes.
— Developing, testing, and enhancing search, learning, productivity tools, and additional features, making Services suggestions based on historical use and predictive models, and creating new features and products.
— Conducting market and user research to improve our Services and troubleshoot new features.
— Sending relevant emails and communications to our users, including service-related notices and promotional messages. Users have the option to opt-out of promotional communications.
— Managing billing, account administration, and other administrative matters, including contacting users regarding their involvement in the Layer Community. — Investigating and preventing security issues and abuse.

If data is aggregated or de-identified to the extent that it can no longer reasonably be associated with an identified or identifiable natural person, Layer may use it for any legitimate business purpose. However, if information remains associated with an identified or identifiable individual and qualifies as personal data under relevant data protection laws, it is considered “Personal Data” under this Privacy Policy.

Third-Party Links Disclaimer:

Our Services may include links to websites and services operated by third parties. It’s important to be aware that once you leave our platform and access these external websites, their own privacy policies and terms of service will apply. We do not have control over the data collection practices or content of these third-party websites, and thus, we cannot be held responsible for the protection and privacy of any information you provide while using them.  Before interacting with or submitting any personal information on these third-party websites or services, we strongly advise you to review their respective privacy notices and terms and conditions. Understanding how they handle your data will help you make informed decisions about sharing information on those platforms. We encourage you to exercise caution and ensure that you are comfortable with the privacy practices of any external website you visit through our Services.