🇪🇺

GDPR

📌
Last updated on August 11, 2023 with the full list of sub-processors and data processing agreements.

MeetButter ApS is a Danish company and we care and compete on data privacy when delivering our services. This means that we are continuously striving to fulfill the GDPR and have taken all necessary technical and contractual measures to ensure that personal data is processed securely.

This document describes the overall content of our GDPR compliance programme but if you have any additional questions related to privacy or security, please feel free to reach out at friends@butter.us.

Services

We provide two services:

  1. A free use of the platform by any personal user. For this, we have a Privacy Policy, where we explain our use of data as a data controller.
  2. A paid service to enterprises or other organisations who wish to use our services as an integrated professional tool. For this, we have a Data Processor Agreement, which outlines how we process personal information as a data processor on behalf of a customer.

Data Processing Agreement (DPA)

Data Processing Agreement (DPA) MeetButter Aps.pdf271.6KB

Our DPA relies on the EU Commission Standard Contractual Clauses. One of the reasons we use this agreement as a standard is that the SCC is well known and approved by the European Data Protection Board. Another reason is that we use some sub-processors outside of the EU and that such transfers are based on the SCC as well given the fact EU/US Privacy Shield arrangement was deemed invalid by the European Court of Justice in the summer 2020.

As of November 2020, we have carried out individual risk assessment of all our data processors and entered into Data Processing Agreements that relies on SCCs for the transfers that goes outside of the EU. You can read more about sub-processors below.

Sub-Processors

With the EU / US Privacy Shield invalidation, we have attempted to move the storage of personal data back onto EU soil wherever we could without compromising our ability to deliver best-in-class online meetings. Our core infrastructure is therefore now located at AWS data centers in France and the usage analytics processing is carried out with Mixpanel in the Netherlands.

Unfortunately, there is simply a lack of infrastructure providers for video conferencing and customer communication with data centers outside of the US, and we therefore rely on the Standard Contractual Clauses issued by the European Commission to transfer personal data to data processors in the US that we consider absolutely necessary to deliver Butter.

SubprocessorLocationDPAPurposeData
Agora
USA

Download

Video Call Infrastructure

In-app behavior, Videostreams

Amazon Web Services
France

Download

Hosting and storage

Email, Name

Customer.io
Belgium

Download

Sending emails

Email, name, in-app behavior and usage that help send emails at the right time

Deepgram
USA

Review

Transcriptions

Anonymized session recordings

Firebase
Germany

Download

Database infrastructure

Email

Google Analytics
USA

On request

Traffic analytics on marketing site(s)

Location, in-app behaviour (but pseudonymized)

Gsuite
USA

On request

Back office operations

Email

Intercom
USA

Download

Customer service communication

The information included by the individual reaching out to Butter

Mixpanel
Netherlands

Download

Platform usage analytics

Email, Name, In-app behaviour

OpenAI
USA

Download

Autogenerated-summaries and agenda

Anonymized session recordings

Segment
USA

Download — SCC

Platform tracking infrastructure

Email, Name, In-app behaviour

Slack
USA

Download

Internal communication

Email, name

Typeform
Spain

On request

Sending surveys

Email, survey response content

Zapier
USA

Download

Automate processes in communication systems

Email, name, in-app behavior

Data protection by design

At Butter, we're all about integrating data protection and privacy measures into our business and processing activities upfront. We expect our vendors to have similar technical and organisational measures in place so that, at the end of the day, we can protect the rights of our users and customers, and deliver delightful online meetings.

In essence, we do this by following a certain set of principles:

User data is the users' data

  • As by recommendation from the General Data Protection Board we have also implemented some supplementary technical measures to make it a breeze for customers to exercise their right to access their personal data, correct it, or delete it entirely under account settings in Butter.
  • Technically speaking, if you delete your account, we will make all content of the account inaccessible on deletion, but make sure that only after 30 days will it be deleted from our servers and no longer be recoverable.
  • Additionally, you can reach out at friends@butter.us if you need a hand with any of the above.

Only collect data that is necessary to deliver delightful online video conferencing

  • To improve our website, services, user experience, as well as assisting users with support inquiries, we collect and process personal information that helps us understand how it's being used, why it's being used in that way, and where errors occurs.
  • We limit the amount of data we collect to what is strictly neccesary to do the above and for the categories of data that require your consent, we will actively ask you for consent before we collect and store any of your personal data.
  • For a full overview of our privacy measures, head over to our Privacy Policy.

Store data on EU territory wherever possible

  • In light of the recent invalidation of the EU / US Privacy Shield that ensured appropriate safeguards for transferring personal data to the US, we have attempted to move the storage of personal data back onto EU soil wherever we could without compromising our ability to deliver best-in-class online meetings. Our core infrastructure is now located at AWS data centers in Paris and the usage analytics processing is carried out with Mixpanel in the Netherlands.
  • See the list of Sub-Processors above for a detailed overview.