Privacy policy

Dear Evalato user,

We appreciate your trust in us! Our main priority as a service provider is protecting your personal data and privacy rights, as well as that of your customers.

This Privacy Policy (“Privacy Policy”) accompanies the Evalato Terms of Service, available at, and is part of an agreement (“Agreement”) between you (“The User”) and Weemss Ltd, provider of Evalato software-as-a-service (“The Service”). Capitalized terms used in this Privacy Policy have the meanings given to them in the Terms of Service.

By using Evalato you consent to our Terms of Service, Privacy Policy, and Data Processing Agreement.

Data collection and processing

Evalato is a Software-as-a-Service owned, maintained, and operated by Weemss Ltd. In order to deliver the best possible service for you and your customers we collect, store, and process data. This processing of data is a compulsory part of the service we provide to you and cannot be avoided.

  1. Data is stored on our secure servers hosted by cloud computing company DigitalOcean, Inc. We chose to work with this company as they have all necessary security certifications and offer industry-leading services.
  2. As part of the service we provide to you, your customers supply Evalato with a name, email address, and any other field that you add to your registration form for a program. We process this data only for the purpose of helping you manage a program, like compiling analytics data, or facilitating the sending of automatic emails (through our sub-processor Sendgrid) to your customers for example.
  3. You, the Evalato user running a program through the service we provide, are the sole owner of all data collected through the platform. We do not sell, share details, or market to your customers!
  4. Data you’ve collected through Evalato is stored by us, available only to members of your organization to be exported and used externally from Evalato. You can choose to delete a program from the service at any time, which also activates the wiping of all data associated with it.

Security you can trust

Evalato uses the same technology that major banks do for their online banking services. We employ security practices and systems, both electronic and physical, to ensure the privacy and safety of your data.

  1. The platform uses the latest Secure Sockets Layer (SSL) security protocol with 128-bit encryption to protect all data. Your browser bar indicates the transmission of encrypted data with a closed padlock symbol visible in the status bar.
  2. Data can only be accessed by a few members of the Evalato support team who have level 3 access, which allows us to provide you with outstanding customer support. Additionally, all members of our support team are carefully selected, after passing a thorough background check.
  3. Evalato doesn’t store the payment data of your customers or process any payments. No amount of money goes through the platform, your customers pay you directly and the money goes in your merchant account with the payment processor you are using. All payment processors integrated in Evalato are cherry-picked for being market leaders and for maintaining the highest security standards.

Your personal data

Evalato uses your name and email for identification purposes to provide you access to the platform, and to bring you customer support and personalized messages about platform changes.

  1. You can view and edit your personal data at any time in the “My profile” section of the platform.
  2. Your name and email is shared with our sub-processors, Segment for customer data infrastructure, customer feedback platform Wootric, and customer messaging platform Intercom, for the sole purpose of providing you with outstanding customer support.
  3. You can ask us to remove your personal data and delete your account at any time. Please, keep in mind an account cannot be deleted when there are pending service fee payments for that account.
  4. We use personal information to send you occasional newsletters, update briefings and important product information. You may opt out from receiving such emails by unsubscribing from our mailing list. Additionally we may showcase you and/or your company as a Evalato user to improve our marketing efforts.
  5. We will not disclose any personal details, account information or personal correspondence between us and you to third parties, unless we are required by law and Law Enforcement Authorities. Additionally, if we have reasonable grounds to believe fraud has occurred or may occur, we may disclose personal information in order to protect our company.
  6. Non-personal information is used to collect grouped data only for statistical purposes.

Use of cookies

Cookies provide limited information about a website visitor. By agreeing to use our Service, you declare that you have been informed about the use of cookies and you explicitly consent to accepting cookies.

  1. If you prefer not to receive cookies, you have the right to refuse to it by setting your browser to warn you before it accepts cookies or refuse the cookie when your browser alerts you to its presence.
  2. You can also refuse all cookies by turning them off in your browser. Such files do not provide personally identifiable information, they are only used for the efficient work of the website.
  3. You can freely and easily disable the storage of cookies on your computer through the settings on your browser.
  4. Cookies are used on the Evalato website for the sole purpose of maintaining user preferences.

Changes to the privacy policy

Our Privacy Policy can be updated at any time. We will inform you of such changes via email and in-app message, please make sure you have read the latest update. It is your sole responsibility to ensure familiarity with the Privacy Policy. If you have any concerns, please, feel free to contact us at [email protected]

Keep in mind, given today’s nature of communications and information processing technology, Evalato cannot 100% guarantee that transmitting data or storing it on our systems is absolutely safe from intrusion by others. Should such data breach occur, we are required by EU law to notify everyone whose data may have been breached.

Last update: 20 May 2018