If you are a Door customer or subscriber, or just visiting our website, this policy applies to you.
This privacy policy explains our standards for protecting your Personal Data in relation to its collection, handling, processing, storage, use, transportation and destruction by us and any third party dealing with your Personal Data on our behalf.
If Door transfers your Personal Data outside of the European Union or the European Economic Area, such as to its business in the Americas, we will ensure that your Personal Data is only accessed by approved Door employees, kept secure and treated like it would be in Europe.
We are registered as a data controller at the UK Information Commissioner’s Office: CSN7608100.
If you are a registered Door customer or a visitor to our website we act as the ‘data controller’ of personal data. This means we determine how and why your data are processed.
From the first moment you interact with Door, we are collecting data. Sometimes you provide us with data, sometimes data about you is collected automatically.
Here’s when and how we do this:
Your name, email address, job title, telephone number, email address…
Your IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version…
Your URL clickstreams (the path you take through our site and application, products and services viewed, page response times, download errors, how long you stay on our pages, what you do on those pages, how often, and other actions…
We don’t collect any “sensitive data” about you, like racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, data about your sexual life or orientation, and offences or alleged offences….
Door is a business-to-business service directed to and intended for use only by working professionals who are generally 18 years of age or over. We do not target Door at children, and we do not knowingly collect any personal data from any person under 16 years of age.
Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:
So we can keep Door running: LEGAL BASIS: CONTRACT AND LEGITIMATE INTERESTS
Managing your requests (like onboarding users, connecting your Door account to other services), login and authentication, remembering your settings, hosting and back-end infrastructure).
Improving Door: LEGAL BASIS: CONTRACT AND LEGITIMATE INTERESTS
Testing features, interacting with feedback platforms and questionnaires, managing landing pages, traffic optimisation and data analysis and research, including profiling and the use of machine learning and other techniques over your data and in some cases using third parties to do this.
Customer support: LEGAL BASIS: CONTRACT
Notifying you of any changes to our service, solving issues via telephone support or email including any bug fixing.
Aggregate usage reports: LEGAL BASIS: LEGITIMATE INTERESTS
We will not distribute or publish reports containing personally identifiable information. However, Door may create, distribute and publish reports containing information derived from aggregated user-driven data or interactions on the Door application.
Marketing purposes (with your consent) LEGAL BASIS: CONSENT
Sending you emails and messages about new features, products and services, and content.
Here are the details about how we collect and use personal information collected on the Door application and marketing website.
| Severity Level | Description | Target Response Time | Status Frequency | Time to correct error |
|---|---|---|---|---|
| Critical | Major application component is down or otherwise unusable via the Door Platform, which impacts ALL Users who are unable to use the Service in Customer’s production environment and there is no workaround. Web services module is down in production and is affecting major functionality within the Service. | Door personnel will begin working the issue within 30 minutes of receipt. | 60 minutes | 4 hours |
| High | Application component is significantly impaired although still operational which impacts an individual User or subset of Users in Customer’s production environment. | Door personnel will begin working the issue within 1 hour of receipt. | 180 minutes | 48 hours |
| Medium | Application component is down or otherwise unusable via the Door Platform and there is a workaround therefore not preventing the User from doing their job. Web services module is working in production; however, there are minor issues. Customer cannot access Door help website to download documentation or view tutorials. Any issues defined as Critical or High in production are considered Medium in test environments (test, UAT, Sandbox, Development, etc.). | Door personnel will begin working the issue within 12 hours of receipt | As appropriate | 3 weeks |
| Low | More functional or cosmetic issues that have no adverse effect on the day-to-day business of the Customer. | Door personnel will begin working the issue within 24 hours of receipt | As appropriate | As appropriate |
You have given clear consent for us to process your personal data for a specific purpose. You can change your mind. If you have previously given consent to our processing your data you can freely withdraw such consent at any time. You can do this by emailing us at support@doorfunds.com. If you do withdraw your consent, and if we do not have another legal basis for processing your information, then we will stop processing your personal data. If we do have another legal basis for processing your information, then we may continue to do so subject to your legal rights.
Processing your data is necessary for a contract you have with us, or because we have asked you to take specific steps before entering into that contract.
Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:
In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests
You can exercise your rights by sending us an email at support@doorfunds.com.
You have the right to access information we hold about you.
This includes the right to ask us supplementary information about:
We will provide you with the information within one month of your request, unless doing so would adversely affect the rights and freedoms of others (e.g. another person’s confidentiality or intellectual property rights). We’ll tell you if we can’t meet your request for that reason.
You have the right to make us correct any inaccurate personal data about you.
You can object to us using your data for profiling you or making automated decisions about you.
We may use your data to determine whether we should let you know information that might be relevant to you (for example, tailoring emails to you based on your behaviour). Otherwise, the only circumstances in which we will do this is to provide the Door service to you.
You have the right to port your data to another service.
We will give you a copy of your data in CSV or JSON so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the data to the other service for you. We will not do so to the extent that this involves disclosing data about any other individual.
You have the right to be ‘forgotten’ by us.
You can do this by asking us to erase any personal data we hold about you, if it is no longer necessary for us to hold the data for purposes of your use of Door.
You have the right to lodge a complaint regarding our use of your data.
Please tell us first, so we have a chance to address your concerns. If we fail in this, you can address any complaint to the UK Information Commissioner’s Office, either by calling their helpline or as directed on their website at www.ico.org.uk.
How secure is the data we collect?
We have physical, electronic, and managerial procedures to safeguard and secure the information we collect. For more information on our efforts to ensure your data is held in a secure manner, please see our information security policy.
And please remember:
The personal data we collect is processed at our offices in London and Liverpool and in any data processing facilities operated by the third parties identified below.
By submitting your personal data, you agree to this transfer, storing or processing by us. If we transfer, process or store your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this Privacy Policy.
We will archive and stop actively using any personal identifiable information about you within 12 months from the last time you used Door. We will delete your personal data from our archives no later than 6 years from the last time you used Door or as agreed with you in a separate contract.
Tech businesses often use third parties to help them host their application, communicate with customers, power their emails, etc. We partner with third parties who we believe are the best in their field at what they do.
When we do this, sometimes it is necessary for us to share your data with them in order to get these services to work well. Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Policy.
Here are the details of our main third-party service providers, and what data they collect or we share with them, where they store the data and why they need it:
| Service Provider | Data collected or shared | Purpose | Place of processing |
|---|---|---|---|
| Amazon Web Services (https://aws.amazon.com/privacy/) | Login credentials, including business email and name Fund information, including key personnel, fund manager biographies. | This is a web hosting provider. We use it to store fund information and other data you generate by using the service securely in the cloud. | EU (Dublin and Frankfurt) |
| HubSpot Inc. (https://legal.hubspot.com/privacy-policy) | Contact details Data in how you use Door Cookies | We use this service for customer communications, hosting landing pages and sending marketing emails to those who have opted in | US |
| QuickBooks | Billing contacts | We use QuickBooks to manage our billing process | US |
We use cookies. Unless you adjust your browser settings to refuse cookies, we (and these third parties) will issue cookies when you interact with Door. These may be ‘session’ cookies, meaning they delete themselves when you leave Door, or ‘persistent’ cookies which do not delete themselves and help us recognise you when you return so we can provide a tailored service.
You can block cookies by activating a setting on your browser allowing you to refuse the setting of cookies. You can also delete cookies through your browser settings. If you use your browser settings to disable, reject, or block cookies (including essential cookies), certain parts of our website will not function fully. In some cases, our website may not be accessible at all. Please note that where third parties use cookies we have no control over how those third parties use those cookies.