Data Processing Record
Heartcount provides a web‐based software-as-a-service Platform that helps businesses identify what motivates employees with real-time data.
1. Name and contact details
Heartcount is a software company incorporated and domiciled in Novi Sad, Serbia.
Legal name: Heartcount d.o.o.
Address: Milutina Milankovića 1i/4, Belgrade (Serbia)
Contact email: contact@heartcount.com
2. Transfers of personal information to a third country or an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1) GDPR, the documentation of suitable safeguards.
Heartcount is fully compliant with GDPR, ensuring an adequate level of personal data protection.
Heartcounts’s internal database is hosted in Amazon Web Services data centers and managed by Amazon Web Services (AWS RDS). Amazon Web Services, Inc. is located in the United States and is bound by Standard Contractual Clauses entered into with Heartcount.
Heartcount’s email delivery service provider is ActiveCampaign, LLC (“Postmark”). ActiveCampaign, LLC is located in the United States and is bound by Standard Contractual Clauses entered into with Heartcount.
Heartcount’s SMS delivery service provider is Infobip Ltd (“Infobip”). Infobip Ltd is located in the United Kingdom and is bound by Standard Contractual Clauses entered into with Heartcount.
Heartcount’s product discovery and re-engagement tool provider is Intercom R&D Unlimited Company (“Intercom”). Intercom is located in the United States and is also bound by Standard Contractual Clauses entered into with Heartcount.
Personal information collected by Heartcount
| Categories of personal information collected by Heartcount | Categories of data subjects for which such personal information is collected | Categories of processing activities in connection with such information |
| Heartcount user credentials User credentials permit the users to access the Heartcount Platform and include emails, phone numbers and password hashes. | Company managers and group managers which use the answers and comments provided by the survey respondents to improve their leadership skills Employees answering the surveys and providing comments | Provide, maintain and improve the Heartcount Platform Prevent or address service, security, support or technical issues with the Heartcount Platform Facilitate product discovery and communications throughout the user journey |
| Employee profiles The account administrator creates a profile for each of their employees, which contains the first name, last name, language, gender and email or phone number of the employee. Each employee has access to their employee profile and can update their information. Managers can assign to one or more teams. | Company managers and group managers which use the answers and comments provided by the survey respondents to improve their leadership skills Employees answering the surveys and providing comments | Provide, maintain and improve the Heartcount Platform Prevent or address service, security, support or technical issues with the Heartcount Platform |
| Answers to surveys Employees answer surveys such as “How did you feel at work this week?” and “What has your relationship with your colleagues been like this week?” Employees can also choose to leave a comment on a survey. Heartcount’s internal database includes the identity of the survey respondents. | Employees answering the surveys, which may include company managers and group managers | Provide, maintain and improve the Heartcount Platform Prevent or address service, security, support or technical issues with the Heartcount Platform Provide insight into employee happiness to Company and group managers. Create statistics based on the aggregated personal data for benchmarking and marketing purposes. |
| Employee notes Company and group managers can leave notes on employee profiles that can serve as conversations about the specific employee between multiple managers. | Company and group managers | Provide, maintain and improve the Heartcount Platform Prevent or address service, security, support or technical issues with the Heartcount Platform |
General description of the technical and organisational security measures in place
| Pseudonymisation and encryption of personal information | |
| Pseudonymisation | Heartcount cannot pseudonymize the “survey answers” data in the database, otherwise it would not be able to reveal the identity of an employee in the confidential (identified) version of Heartcount. Heartcount cannot pseudonymize the “user profile” data in the database, otherwise the managers could not view, add or modify user properties related to their employees. |
| Encryption | The data is encrypted in transit with HTTP over TLS. Certificates are 2048 bits and private keys are stored in a specific secret vault. Data is encrypted at rest using AES-256. |
| Ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services | |
| Confidentiality | Heartcount has measures in place to ensure that no person is allowed to access personal information without authorization. Such measures include, without limitation: Heartcount manages accesses to personal information based on the role‐based access control (RBAC) permissions model on a need to access basis and least privileged basis. Heartcount has a secure authentication process in place with mandatory MFA. Heartcounts’s internal database is located at a Amazon Web Services data center. Amazon Web Services Inc. conforms to global security standards such as ISO 27001, ISO 9001, FedRAMP, SOC 1 and SOC 2. Heartcount has measures in place to control physical security at its office (inc. security guard at building entrance, alarm system, visitor registration). All Heartcount’s suppliers that have access to personal data (being AWS, Postmark, and Infobip) and all Heartcount’s employees have signed a non‐disclosure agreement. The data is encrypted in transit with HTTP over TLS. Certificates are 2048 bits and private keys are stored in a specific secret vault. The data is encrypted at rest using AES-256. Encryption keys are managed with limited number of employees and secured in a vault with regular rotations. Regular updates concerning current security attacks are sent to Heartcount’s employees to raise awareness. All employees receive regular security specific training which is reviewed for completion and testing. |
| Integrity | Heartcount has measures in place to ensure that the data integrity is maintained. Such measures include, without limitation: The right to modify or delete any customer data (which includes personal information) is restricted to a limited group of people on a need basis. Employees in the customer success team and in the technical support team are granted the right to modify and delete customer data in Heartcount’s database. Any modification or deletion by such employees is cataloged in an audit log. A group of four key employees have unlimited access to Heartcount’s database. A policy restricting possible modifications and deletions within Heartcount’s database is in place. Heartcount maintains backups of its database in accordance with its retention policy. |
| Availability | Heartcount has measures in place to ensure that personal information is available and is used properly in the intended process. Such measures include, without limitation: Heartcount maintains backups of its database in accordance with its retention policy. Heartcount’s infrastructure and database schema are built from scripts that are kept in its source control system. Therefore, Heartcount can deploy the whole infrastructure dynamically within hours. |
| Resilience | Heartcount has measures in place to ensure that the Heartcount Platform is resilient. Such measures include: Heartcount’s infrastructure can scale automatically depending on the load. Heartcount’s infrastructure is redundant in the same data center. Heartcount’s database server is redundant in two data centers. |
| Ability to restore the availability and access to personal information in a timely manner in the event of a physical or technical incident | |
| If causes of outage are within Heartcount’s control, its recovery time objective (RTO) is about 12 hours or less. See measures described above with respect to “availability”. |
