Privacy Policy

At Inkjar, we care deeply about your privacy. For that reason, we make it a commitment to stay as private and transparent as possible.

What data is collected?

When you apply for a position at Inkjar through Google Forms, Google processes your request. From this form, we collect:

If you don't fit a position at Inkjar, this data is deleted shortly after notification to you. If you do get a position (congrats!), we store the following for the length you're with us:

Your first and last name will be sent to email provider Migadu to create your @inkjar.org email address. Your email address with also be shared to allow Migadu to send an email to setup your mailbox without the further need of internal resources.

When you submit a commission request, we use Google Forms to process your request. From this form, we collect:

If we don't accept your commission, this data is deleted shortly after notification to you or your organisation. If we accept your commission, we store all the aforementioned data until the end of that fiscal year.

What data do third-parties have access to?

When you apply for a position at Inkjar or submit a commission request, you submit the data through Google Forms. Google, in theory, has access to all the data submitted through this form and stores the data on servers in the United States.

When you receive or send emails to Inkjar employees, emails are handled via Migadu, our email service provider. Migadu, in theory, has access to all the data submitted through emails and stores the data on servers in France.

Who has access to stored data?

The data is processed and stored by the following parties:

We encourage all to read the privacy policies of all of the organisations with access to stored data and gather an understanding of how their data is used by those organisations.

Your rights and choices

We follow strict moral and ethical codes to ensure you are in control of the data you provide.

Right to know

Upon request, you have the right to have all data stored about you archived and sent to you via email. This archive can be in a format of your reasonable choice.

Right to become unknown/erasure

Upon request, you have the right to have all data stored about you deleted from our records and, to our knowledge, Google's. Due to legal reasons, if a commission is paid for, we have to keep this commission until the end of that fiscal year.

How to make data requests

Write to us at gdpr@inkjar.org with your full name and the email address you've provided to us. Within 72 hours, we will get back to you confirming your request, as well as provide you with when we will be able to complete your request.

Data storage, security, and breaches

All data is encrypted using modern, standardised, and secure methods. Emails are sent to and from our servers use SPF and secure mail servers to protect both our privacy and yours, as well as better validate email authenticity. Our sites use HSTS, only use HTTPS, and have strict CSP policies to prevent any malicious scripts from being run. We sign DPAs and other privacy agreements to ensure data is handled strictly for the purpose of providing our services with other companies we work with to protect your data.

We take appropriate measures to protect the data we store and to configure our servers to prevent data breaches, but no system or configuration is perfect, so we cannot assume responsibility in the event of a misconfiguration, poor setup, or conditions out of our control, cause data loss. In the event of a data breach, we'll notify all of the contact methods we can to disclose this breach within 72 hours of us becoming aware of such breach.

Contact and other notes

You can write to legal@inkjar.org to get help as swiftly as possible on amending and fixing this document, as well as get answers to questions regarding this policy.

You can both see this site's source code and see the history of this policy on GitHub here.