Meeting Magpie platform terms
Meeting Magpie is an online meeting analytics platforms. You provide access to data about your employees' meeting habits by granting us access to their calendars, and we provide you and your employees with analytical information about those meetings.
This document sets out the terms which apply when you and your employees use Meeting Magpie.
"You" are the organisation which has entered into a contract for the provision of the Meeting Magpie Service.
"We" are Meeting Magpie Limited, a company incorporated in England and Wales with company number 11631860.
- We help you have better meetings
- Meeting Magpie is an analytics service, designed to give you information about your employees' meetings, so that you can make decisions about how best to run your business.
- Meeting Magpie is not a consultancy or advisory service, and we do not provide specific guidance on how to improve your meeting habits, but we may be able to recommend people who can help you — please just ask.
- Integrate with Meeting Magpie to get started
- Before we can analyse your meetings, you need to give us access to your employees' calendars. You do this by synchronising employee and calendar data held in your calendaring system with the Meeting Magpie platform.
- We currently support the following calendaring systems:
- Exchange Online, via Microsoft Office 365.
- We will set up an initial user for you on the Meeting Magpie platform. You must log into this account, and set up the integration. You do this by authorising our access to your calendaring system. We cannot start to analyse your data until you have done this.
- Supported browsers
- We aim to make the web interface to Meeting Magpie available from all modern standards-compliant web browsers. We test it with the current versions of Chrome, Firefox, and Safari.
- What data we collect, how we use it, and where we keep it
- When you integrate with Meeting Magpie and authorise access to your calendaring system, you are instructing us to synchronise the following categories of data with the Meeting Magpie platform:
- a list of your employees.
- your employees' calendar information. The calendar information we collect includes private appointments (since they are still part of that employee's calendar), and we retain the flag that shows they are private. Each employee can see only their own meetings, and administrators cannot see employee meetings.
- We use this information to:
- set up calendar synchronisation;
- enable single sign-on so that your employees can access their personalised meeting dashboard; and
- carry out analysis of your employees' meetings to provide the Meeting Magpie analytics services to you and to generate anonymous, aggregated analytics.
- The Meeting Magpie platform is continuously synchronised with your calendaring system. This is a near real-time synchronization, which means that any changes you or your employees make are synchronised with Meeting Magpie. This includes new calendar events, as well as changes to existing events (such as deletions or modifications). It also includes changes to the list of employees: if you add a new employees, they will be added automatically to Meeting Magpie, and if you delete an existing employee and their data ceases to exist in your calendaring system, it will be removed automatically from Meeting Magpie.
- We have implemented appropriate technical and organisation measures to ensure a level of security appropriate to the risk posed by our service. If you have specific questions, please contact us.
- The Meeting Magpie platform is hosted by Amazon Web Services. Information about AWS's security, including its ISO certifications, is available here.
- We use third party systems or services to help us deliver Meeting Magpie. Their privacy policies can be found below:
- Amazon (infrastructure and backups): here
- Google (website analytics): here
- Hubspot (CRM): here
- Your own your data
- You own all rights, including intellectual property rights, in the data which you synchronise with the Meeting Magpie platform.
- You grant us:
- a non-exclusive, royalty-free licence to provide the Meeting Magpie analytics services to you and to generate anonymous, aggregated analytics output (such as the total number of meetings which took place in the last year); and
- the right to sub-licence these rights to our hosting, connectivity and telecoms service providers, as reasonably required for the performance of our obligations and the exercise of our rights under these terms.
- We will not use your data for any other reason, unless we are required by law to do so.
- You warrant that you have the rights to synchronise your employees' data with the Meeting Magpie platform, and to grant us the licence set out in clause 5.2.
- We own all rights, including intellectual property rights, in the anonymous, aggregated analytics output which we generate. These outputs do not contain personal data, and we will never use them in a way which identifies you without your permission.
- We're always happy to get your feedback on what we can do to improve, or suggestions for new features, and we want to make sure we can (if we choose) implement your feedback. To that end, you agree that, when you give us this feedback, you automatically transfer all rights, including any intellectual property rights, in your feedback to us, and will do all things necessary to give effect to that.
- You are in control of your data
- We will continue to receive and analyse the data you synchronise with the Meeting Magpie platform until you cancel the service and disable the integration. This means that, even if you do not pay our bills, we will continue to have access to your data, and we will continue to carry out the analytics activity.
- If you disable the integration between your calendaring system and Meeting Magpie without cancelling the service, this will prevent us from receiving new data or changes to existing data, but it does not trigger deletion of data which has already been synchronised. If you want us to delete historic data, you must cancel the service.
- Once we receive an instruction from you to cancel the service, we will delete your data within 30 days. We will not delete the anonymous, aggregated analytics outputs, which we own.
- Annex 1 contains specific obligations relating to the processing of personal data.
- If you do not pay your bills, we will suspend your access to the Meeting Magpie platform
- If you do not pay your bills on time, we will suspend your access to the Meeting Magpie platform. This means that you, and your employees, will not be able to see their meeting history or access analytical information about your meetings.
- As set out in clause 6.1, the synchronisation of your calendaring system and the Meeting Magpie platform will continue, and so we will continue to receive updates to your list of employees and their meetings. We will continue to perform analytics on these data.
- We will restore your access to the Meeting Magpie platform after you have paid your bills. Because we have carried on with our analytics activity, you will still have access to the analytics relating to the period during which your access was suspended.
- Technical support
- Provided that you are up to date with all payments to us, we will provide you with reasonable technical support, during our normal working hours.
- Beta features and early previews
- We are always improving Meeting Magpie, and we know that some people like to get on board early with potential new features. If we make available to you "beta" features or "early preview" of new functionality, they will be clearly labelled, and it is up to you if you want to use them.
- If you use these features, you do so on the understanding that:
- they may not work properly or as you expect them;
- we might remove them or change them at any point; and
- there is no guarantee that they will make it into the main platform, so do not get too reliant on them — but if you do really like them, please tell us, so we know.
- Access to Meeting Magpie, suspension, and maintenance
- While we will use our reasonable efforts to maintain and operate the services, we make no promises that they will always be available or functioning, nor that they will be fault-free.
- Meeting Magpie is not intended to be a "mission-critical" platform, but we will use reasonable efforts to remedy things which go wrong.
- We may restrict or suspend all or part of the services if, in our reasonable opinion, you fail to comply with these terms, or if we consider it is necessary to do so:
- to stop or mitigate any security or integrity incident, threat or vulnerability, or problem or attack affecting our network, equipment, or services;
- to deal with behaviour which, in our reasonable opinion, amounts to misuse of the services or breaches clause 11; or
- to comply with a legal obligation.
- We will try to make available to you notice of planned maintenance activity, and we will do this by email, or within the Meeting Magpie platform.
- Acceptable use
- You must not, and must procure that your employees do not:
- attempt to disrupt or damage the Meeting Magpie platform or services;
- use the Meeting Magpie platform or services in any way that is unlawful, illegal, fraudulent or harmful; or
- synchronise to the Meeting Magpie platform anything which is unlawful, illegal, fraudulent or harmful, or connected with such a purpose or activity.
- You warrant that any data synchronised by you or your employees to the Meeting Magpie platform will not infringe the intellectual property rights or other legal rights of any person, and will not breach the provisions of any law, statute or regulation, in any jurisdiction and under any applicable law.
- General
- A person who is not a party to this agreement has no rights under this agreement. This includes any users you may have.
- If a party fails to exercise a right or remedy, this failure shall not prevent that party from exercising that right or remedy subsequently for that or any other incident. A waiver of any breach or provision of this agreement shall only be effective if made by email or in other writing.
- We may vary these terms from time to time. If we do, we will give notice (e.g. by email, or within the Meeting Magpie platform) to the people with "administrator" roles in Meeting Magpie. Variations are effective immediately when we send or upload the notice.
- If any part of this agreement is found to be invalid or unenforceable by any court, this shall not affect the other provisions of this agreement and those provisions shall remain in full force and effect.
- The terms are for the benefit of you and us only, and is not intended to benefit any third party or be enforceable by any third party.
- The construction, validity and performance of these terms and any dispute or collateral matter relating to them (including non-contractual disputes or claims) is governed by and construed in accordance with the laws of England, and any claim or dispute shall be subject to the exclusive jurisdiction of the courts of England.
Annex 1: data processing agreement
- Interpretation
- References in this Annex 1 to a Regulation are to regulation 2016/679/EC.
- References to an Article are to an Article of the Regulation.
- Capitalised terms in this clause have the meaning defined by the Regulation unless otherwise defined in the Agreement.
- "Standard Contractual Clauses" means such contractual terms as are currently approved by the European Commission for the transfer of Personal Data to processors established in third countries which do not ensure an adequate level of data protection, currently available at here.
- Your obligations
- You are responsible for establishing and maintaining the lawful basis for the Processing of Personal Data by us to provide the Meeting Magpie service to you, including where applicable the obtaining of all necessary consents from Data Subjects.
- You must notify us in writing on request of the applicable lawful basis for this Processing promptly following our request.
- Our obligations
- When we Process your employees' Personal Data to provide you with the Meeting Magpie service, we act as your Processor, and the terms of this Annex 1 apply.
- As your Processor, we will:
- Process Personal Data in accordance with all applicable data protection laws and regulations
- Process the Personal Data only on your documented instructions (as set out in clause 4), including with regard to transfers of Personal Data to a third country or an international organisation;
- unless prohibited by law, notify you:
- before Processing the Personal Data, if we are required by any law of the European Union or the law of one of the Member States of the European Union to act other than in accordance with your; or
- immediately, if, in our opinion, any of your instructions infringes the Regulation or other Union or Member State data protection provisions;
- have your general authorisation to engages other Processors (each a "Sub-processor") and we shall respect the conditions referred to in paragraphs 2 and 4 of Article 28 for any such engagement. We will be liable for the acts and omissions of our Sub-processors, and we will ensure that the Sub-processor contract (as it relates to the Processing of Personal Data) is on terms which are substantially the same as, and in any case no less onerous than, the terms set out in this Annex 1;
- ensure that all our staff and Sub-processors authorised to Process the Personal Data have committed themselves to confidentiality;
- take all measures required pursuant to Article 32;
- taking into account the nature of the Processing, assist you by appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of your obligation to respond to requests for exercising the Data Subject's rights laid down in Chapter III of the Regulation;
- provide reasonable assistance to you following your written request in ensuring compliance with your obligations pursuant to Articles 32 to 36, taking into account the nature of Processing and the information available to us;
- when you cancel the service and disable the integration, promptly delete your Personal Data, and delete existing copies unless Union or Member State law requires storage of the Personal Data;
- make available to you all information necessary to demonstrate compliance with the obligations laid down in Article 28, and allow for and contribute to audits conducted by you or another auditor mandated by you. The following requirements apply to any audit: (i) you must give us a minimum thirty (30) days' notice of your intention to audit (or such shorter period of notice as you yourself if an audit is mandated by your regulator); (ii) you may exercise the right to audit no more than once in any calendar year; (iii) commencement of the audit shall be subject to agreement with us of a scope of work for the audit at least ten (10) days in advance; (iv) we may restrict access to certain parts of our facilities and certain records where such restriction is necessary for commercial and/or client confidentiality; (v) the audit shall not include penetration testing, vulnerability scanning, or other security tests; (vi) the right to audit includes the right to inspect but not copy or otherwise remove any records, other than those that relate specifically and exclusively to you; and (vii) any independent auditor will be required to sign such non-disclosure agreement as is reasonably required by us prior to the audit.
- in the event of a Personal Data Breach:
- notify you without undue delay after we become aware of it;
- provide reasonable and timely cooperation with your investigation into the Personal Data Breach; and
- unless required by law, or under a subpoena, court order or similar legal document issued by a court or regulatory authority, not disclose the Personal Data Breach to anyone other than you without first obtaining your prior written consent.
- only transfer the personal data outside of the European Union (including outside of the UK if it ceases to be a member of the European Union) if we have fulfilled each of the following conditions: (i) we have provided appropriate safeguards in relation to the transfer; (ii) Data Subjects continue to have enforceable rights and effective legal remedies following the transfer; (iii) we provide an adequate level of protection to any Personal Data that is transferred; and (iv) we comply with reasonable instructions notified us by you with respect to the transfer.
- Unless otherwise agreed, you agree to pay our reasonable costs in providing you with any assistance requested by you under this paragraph 3.
- Brexit
- If you are established in the European Union, and if the United Kingdom is or becomes a "third country" for the purpose of Chapter V of Regulation 2016/679, unless and until such time as the European Commission has decided that the United Kingdom ensures an adequate level of protection for the purposes of Chapter V of Regulation 2016/679, we and you will, in respect of any transfer of Personal Data subject to Chapter V of Regulation 2016/679 which is not subject to any of the permitted derogations set out in that Chapter V, enter into the Standard Contractual Clauses. For the purposes of those clauses, we will be the "data importer" and you will be the "data exporter".