The legal stuff
Last updated: June 20, 2022
Just to be clear: making long legal agreements is not at all in our DNA and we have closed some projects just by handshake. However, we are obliged to put all the stuff below to our web site (at least according to our legal advisor) and so we do so.
However, we try to make all our policies as clear, fair and readable as possible. If you still feel that you are reading gibberish, we apologise in advance.
Here are the main parts of our policies:
- Terms of Service (all the terms that you agree to when you access to our Services).
- Use Restrictions policy (It is not okay to use AGILIS products/services for these restricted purposes)
- Subprocessors (the pieces of software we use to operate our Web Site)
Terms of Service
When we say “Company”, “AGILIS”, “we”, “our”, or “us” in this website, we are referring to AGILIS SERVICES SA, based in Fribourg (Switzerland).
When we say “You” or “your”, we are referring to the people or organizations that agree to share their data with us.
When we say “Services”, we mean any product created by AGILIS. That includes any platform, application and document shared in or through this website.
We may update these Terms of Service in the future. Typically, these changes have been to clarify some of these terms by linking to an expanded related policy. Whenever we make a significant change to our policies, we will also announce them on our website.
When you use our Services, now or in the future, you are agreeing to the latest Terms of Service. That's true for any of our existing and future products and all features that we add to our Services over time. There may be times where we do not exercise or enforce any right or provision of the Terms of Service; in doing so, we are not waiving that right or provision. These terms do contain a limitation of our liability.
If you violate any of the terms, we may terminate your account. That's a broad statement and it means you need to place a lot of trust in us. We do our best to deserve that trust by being open about who we are, how we work, and keeping an open door to your feedback (hello@AGILIS.services).
Acces and Utilization Terms
- You may not use the Services for any purpose outlined in our Use Restrictions policy.
- You must be a human. Emails registered by “bots” or other automated methods are not permitted.
- Whether you have given us your email address or not, we do not sell your data.
- At any time, you may request the removal of your email address from our database. This automatically includes removal of your access to our Services. An email or phone request to remove your email address is not automatically considered removal. If you need help removing your email address, you can always contact us on hello@AGILIS.service.
- We have the right to suspend or terminate your access to our Services and refuse any and all current or future use of our Services for any reason at any time.
- We also reserve the right to refuse the use of the Services to anyone for any reason at any time. We have this clause because statistically speaking, out of the hundreds of thousands of accesses on our Services, there is at least one doing something nefarious. There are some things we staunchly stand against and this clause is how we exercise that stance. For more details, see our Use Restrictions policy further down.
- Verbal, physical, written or other abuse (including threats of abuse or retribution) of Company, employee or officer will result in immediate access termination to our Services.
- We make a promise to our customers to support our Services until the end of the Internet. That means when it comes to security, privacy, and customer support, we will continue to maintain any legacy Services. Sometimes it becomes technically impossible to continue a feature or we redesign a part of our Services because we think it could be better or we decide to close new signups of a product. We reserve the right at any time to modify or discontinue, temporarily or permanently, any part of our Services with or without notice.
Uptime, Security, and Privacy
- Your use of the Services is at your sole risk. We provide these Services on an “as is” and “as available” basis. We do not offer service-level agreements, nevertheless we always strive to give the best of ourselves to satisfy our clients.
- We take many measures to protect and secure your data through backups, redundancies, and encryption. We enforce encryption for data transmission from the public Internet. There are some edge cases where we may send your data through our network unencrypted. Please refer to our Security Overview section for full details for more information.
- We use third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Services. You can see a list of all subprocessors here.
Copyright and Content Ownership
- You agree not to reproduce, duplicate, copy, sell, resell or exploit any portion of the Services, use of the Services, or access to the Services without the express written permission by the Company.
- You must not modify another website so as to falsely imply that it is associated with the Services or the Company.
Features and Bugs
We design our Services with care, based on our own experience and the experiences of customers who share their time and feedback. However, there is no such thing as a service that pleases everybody. We make no guarantees that our Services will meet your specific requirements or expectations.
We also test all of our features extensively before shipping them. As with any software, our Services inevitably have some bugs. We track the bugs reported to us and work through priority ones, especially any related to security or privacy. Not all reported bugs will get fixed and we don't guarantee completely error-free Services.
We mention liability throughout these Terms but to put it all in one section:
You expressly understand and agree that the Company shall not be liable, in law or in equity, to you or to any third party for any direct, indirect, incidental, lost profits, special, consequential, punitive or exemplary damages, including, but not limited to, damages for loss of profits, goodwill, use, data or other intangible losses (even if the Company has been advised of the possibility of such damages), resulting from: (i) the use or the inability to use the Services; (ii) the cost of procurement of substitute goods and services resulting from any goods, data, information or services purchased or obtained or messages received or transactions entered into through or from the Services; (iii) unauthorized access to or alteration of your transmissions or data; (iv) statements or conduct of any third party on the service; (v) or any other matter relating to this Terms of Service or the Services, whether as a breach of contract, tort (including negligence whether active or passive), or any other theory of liability.
In other words: choosing to use our Services does mean you are making a bet on us. If the bet does not work out, that's on you, not us. We do our darnedest to be as safe a bet as possible through careful management of the business; investments in security, infrastructure, and talent; and in general giving a damn. If you choose to use our Services, thank you for betting on us.
If you have a question about any of the Terms of Service, please contact our Support team (hello@AGILIS.services).
In this policy, we lay out: what data we collect and why; how your data is handled; and your rights to your data. We promise we never sell your data: never have, never will.
This policy applies to all products/services built and managed by AGILIS.
What we collect and why
Our guiding principle is to collect only what we need. Here’s what that means in practice:
Identity & access
When you sign up for an AGILIS product, we typically ask for identifying information such as your name, email address, and maybe a company name. That’s just so you can personalize your new account, and we can send you essential information. We’ll never sell your personal info to third parties, and we won’t use your name or company in marketing statements without your permission either.
We log full IP addresses used to sign up for a product. We keep this record forever for all our apps. Web analytics data — described further in the Website Interactions section — are also tied temporarily to IP addresses to assist with troubleshooting cases. We blind all web analytics data after 30 days.
When you browse our marketing pages or applications, your browser automatically shares certain information such as which operating system and browser version you are using. We track that information, along with the pages you are visiting, page load timing, and which website referred you for statistical purposes like conversion rates and to test new designs. We sometimes track specific link clicks to help inform some design decisions. These web analytics data are tied to your IP address if applicable and you are signed into our Services. We blind all of these individual identifiers after 30 days.
When you write AGILIS with a question or to ask for help, we keep that correspondence, including the email address, so that we have a history of past correspondences to reference if you reach out in the future.
We also store any information you volunteer like surveys. Sometimes when we do customer interviews, we may ask for your permission to record the conversation for future reference or use. We only do so if you give your express consent.
Information we do not collect
We don’t collect any characteristics of protected classifications including age, race, gender, religion, sexual orientation, gender identity, gender expression, or physical and mental abilities or disabilities. You may provide these data voluntarily, such as if you include a pronoun preference in your email signature when writing into our Support team.
When we access or share your information
Our default practice is to not access your information. The only times we’ll ever access or share your info are:
To provide products or services you’ve requested: We do use some third-party services to run our programs and only to the extent necessary process some or all of your personal information via these third parties. You can view the list of third-party services we use in the subprocessors section. Having subprocessors means we are using technology to access your data. No AGILIS human looks at your data for these purposes unless an error occurs that stops an automated process from working and requires manual intervention to fix. These are rare cases and when they happen, we look for root cause solutions as much as possible to avoid them from reoccurring.
When required under applicable law: AGILIS SERVICES SA is a Swiss company and all data infrastructure are located in the cloud. If law enforcement authorities have the necessary warrant, criminal subpoena, or court order requiring we share data, we have to comply. Otherwise, we flat-out reject requests from local and federal law enforcement when they seek data. And unless we’re legally prevented from it, we’ll always inform you when such requests are made. In the event a government authority outside the Switzerland approaches AGILIS with a request, our default stance is to refuse unless the Swiss government compels us to comply through procedures outlined in a mutual legal assistance treaty or agreement. In these situations, we notify affected customers as soon as possible unless we are legally prohibited from doing so.
Furthermore, unless we receive a proper warrant, court order, or subpoena before the required preservation period expires, we destroy any preserved copies we made of customer data once the preservation period lapses.
If we get an informal request from any person, organization, or entity, we do not assist.
Your rights with respect to your information
At AGILIS, we apply the same data rights to all customers, regardless of their location. Currently one of the most privacy-forward regulation in place is the European Union’s General Data Protection Regulation (“GDPR”). AGILIS recognizes all of the rights granted in this regulation, except as limited by applicable law. These rights include:
- Right of Access. This includes your right to access the personal information we gather about you, and your right to obtain information about the sharing, storage, security and processing of that information.
- Right to Correction. You have the right to request correction of your personal information.
- Right to Erasure / “To be Forgotten”. This is your right to request, subject to certain limitations under applicable law, that your personal information be erased from our possession and, by extension, all of our service providers. Fulfillment of some data deletion requests may prevent you from using AGILIS Services because our resources may then no longer be accessible. In such cases, a data deletion request may result in closing your access.
- Right to Complain. You have the right to make a complaint regarding our handling of your personal information with the appropriate supervisory authority. To identify your specific authority or find out more about this right, EU individuals should go to https://edpb.europa.eu/about-edpb/board/members_en.
- Right to Restrict Processing. This is your right to request restriction of how and why your personal information is used or processed, including opting out of sale of personal information. (Again: we never have and never will sell your personal data.)
- Right to Object. You have the right, in certain situations, to object to how or why your personal information is processed.
- Right to Portability. You have the right to receive the personal information we have about you and the right to transmit it to another party.
- Right to not be subject to Automated Decision-Making. You have the right to object and prevent any decision that could have a legal, or similarly significant, effect on you from being made solely based on automated processes. This right is limited, however, if the decision is necessary for performance of any contract between you and us, is allowed by applicable law, or is based on your explicit consent.
- Right to Non-Discrimination. We do not and will not charge you a different amount to use our products, offer you different discounts, or give you a lower level of customer service because you have exercised your data privacy rights. However, the exercise of certain rights (such as the right “to be forgotten”) may, by virtue of your exercising those rights, prevent you from using our Services.
If you have questions about exercising these rights or need assistance, please contact us at hello@AGILIS.services or at AGILIS SERVICES SA, Place de la Gare 5, 1700 Fribourg, Switzerland. For requests to delete personal information or know what personal information has been collected, we will first verify your identity using a combination of at least two pieces of information already collected including your email address. If an authorized agent is corresponding on your behalf, we will first need written consent with a signature from the account holder before proceeding.
If you are in the EU, you can identify your specific authority to file a complaint or find out more about GDPR, at https://edpb.europa.eu/about-edpb/board/members_en.
How we secure your data
All data is encrypted via SSL/TLS when transmitted from our servers to your browser. The database backups are also encrypted. For more information about how we keep your information secure, please review our security overview.
Location of site and data
Our products and other web properties are operated in the cloud. By using our Site, participating in any of our services and/or providing us with your information, you consent to this.
Changes & questions
We may update this policy as needed to comply with relevant regulations and reflect any new practices. Whenever we make a significant change to our policies, we will also announce them on our website.
Use Restrictions policy
This policy and process applies to any product/service created and owned by AGILIS. We recognize that however good the maker’s intentions, technology can amplify the ability to cause great harm. That’s why we’ve established this policy. We feel an ethical obligation to counter such harm: both in terms of dealing with instances where AGILIS Services are used (and abused) to further such harm, and to state unequivocally that the Services we offer are not safe havens for people who wish to commit such harm. If you have an account with any of our products/services, you can’t use them for any of the restricted purposes listed below. If we find out you are, we will take action.
- Violence, or threats thereof: If an activity qualifies as violent crime in Switzerland or where you live, you may not use AGILIS products/services to plan, perpetrate, or threaten that activity.
- Child exploitation, sexualization, or abuse: We don’t tolerate any activities that create, disseminate, or otherwise cause child abuse. Keep away and stop. Just stop.
- Hate speech: You cannot use our products to advocate for the extermination, domination, or oppression of people.
- Harassment: Intimidating or targeting people or groups through repeated communication, including using racial slurs or dehumanizing language, is not welcome at AGILIS.
- Doxing: If you are using AGILIS products/services to share other peoples’ private personal information for the purposes of harassment, we don’t want anything to do with you.
- Malware or spyware: Code for good, not evil. If you are using our products/services to make or distribute anything that qualifies as malware or spyware — including remote user surveillance — begone.
- Phishing or otherwise attempting fraud: It is not okay to lie about who you are or who you affiliate with to steal from, extort, or otherwise harm others.
- Spamming: No one wants unsolicited commercial emails. We don’t tolerate folks (including their bots) using AGILIS products/services for spamming purposes. If your emails don’t pass muster with CAN-SPAM or any other anti-spam law, it’s not allowed.
- Cybersquatting: We don’t like username extortionists. If you acquire one of our products in someone else’s name and then try to sell that account to them, you are cybersquatting. Cybersquatting results to an immediate access cancelation.
- Infringing on intellectual property: You can’t use Basecamp products to make or disseminate work that uses the intellectual property of others beyond the bounds of fair use.
While our use restrictions are comprehensive, they can’t be exhaustive — it’s possible an offense could defy categorization, present for the first time, or illuminate a moral quandary we hadn’t yet considered. That said, we hope the overarching spirit is clear: AGILIS is not to be harnessed for harm, whether mental, physical, personal or civic. Different points of view — philosophical, religious, and political — are welcome, but ideologies like white nationalism, or hate-fueled movements anchored by oppression, violence, abuse, extermination, or domination of one group over another, will not be accepted here.
How to report abuse
For cases of suspected malware, spyware, phishing, spamming, and cybersquatting, please alert us at hello@AGILIS.services.
For all other cases, please let us know by emailing hello@AGILIS.services. If you’re not 100% sure if something rises to the level of our use restrictions policy, report it anyway.
Please share as much as you are comfortable with about the account, the content or behavior you are reporting, and how you found it. Sending us a URL or screenshots is super helpful. If you need a secure file transfer, let us know and we will send you a link. We will not disclose your identity to anyone associated with the reported account. For copyright cases, we've outlined extra instructions on how to notify us about infringement claims.
Adapted from the Basecamp open-source policies / CC BY 4.0