BARS

    Data Request Policy

    Last Updated: February 21, 2025

    Geekbot has established a structured procedure to handle data disclosure requests from users, governmental authorities, and third parties. This Data Request Policy outlines Geekbot’s legal obligations, guiding principles, and procedures for responding to such requests while ensuring compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant legislation. This Data Request Policy outlines Geekbot’s policies and procedures for responding to such requests for Customer Data. Any capitalized terms used in this Data Request Policy that are not defined will have the meaning set forth in the Customer Terms of Service. In the event of any inconsistency between the provisions of this Data Request Policy and the Customer Terms of Service or written agreement with Customer, as the case may be, the Customer Terms of Service or written agreement will control.

    Requests for Customer Data by Individuals

    Geekbot does not disclose Customer Data to third parties without explicit Customer authorization, except as required by law. Any third party requesting access to Customer Data must directly contact the Customer, as the Customer retains full control over its data and associated permissions. Geekbot does not mediate such requests unless legally compelled.

    Requests for Customer Data by Legal Authority

    Except as expressly permitted by the Contract or in cases of emergency to avoid death or physical harm to individuals, Geekbot will only disclose Customer Data in response to valid and binding compulsory legal process. Geekbot requires a valid, legally binding court order, subpoena, or warrant issued by a court of competent jurisdiction before disclosing Customer Data. Requests must be specific, legally justified, and compliant with relevant laws.

    Geekbot does not provide direct access to its systems, databases, or logs to any government entity. All disclosures are evaluated based on applicable legal frameworks, including GDPR and CCPA, and reviewed for proportionality and necessity.

    For any legal or data disclosure requests, please contact Geekbot’s Legal Compliance Team at hey@geekbot.com .  Requests must be submitted in writing and comply with the requirements outlined in this policy, and include the following information: (a) the requesting party, (b) the relevant criminal or civil matter, and (c) a description of the specific Customer Data being requested, including the relevant Customer’s name and relevant Authorized User’s name (if applicable), Slack and/or MS Teams team url, and type of data sought.

    Requests should be prepared and served in accordance with applicable law. All legal requests must be precise, proportionate, and limited to the specific Customer Data required. Broad, vague, or speculative requests will not be processed. If the request requires substantial resources to fulfill, Geekbot reserves the right to seek cost reimbursement from the requesting entity or Customer, where legally permissible.

    Geekbot is committed to the importance of trust and transparency for the benefit of our Customers and does not voluntarily provide governments with access to any data about users for surveillance purposes.

    Customer Notice

    Geekbot follows a notification-first policy when handling data disclosure requests. Unless prohibited by law or where an imminent risk of harm to individuals or property exists, Geekbot will notify the affected Customer before fulfilling any request. If a legal order includes a non-disclosure requirement, Geekbot will seek judicial review to determine if notification can be provided once the restriction expires. If Geekbot is legally prohibited from notifying Customer prior to disclosure, Geekbot will take reasonable steps to notify Customer of the demand after the nondisclosure requirement expires. 

    Domestication and International Requests

    Geekbot only accepts legal process or data requests that are lawfully served within its jurisdiction of incorporation or through a recognized Mutual Legal Assistance Treaty (MLAT) process. Requests from foreign law enforcement agencies must be directed through Cyprus authorities via appropriate diplomatic or legal channels. Unilateral requests from non-Cypriot authorities will be rejected unless accompanied by a valid international cooperation framework. Geekbot does not accept legal process or requests directly from law enforcement entities outside the Republic of Cyprus. Foreign law enforcement agencies should proceed through a Mutual Legal Assistance Treaty or other diplomatic or legal means to obtain data through a Cyprus court or authority, where Geekbot is located.

    Data Integrity and Security Measures

    Geekbot maintains stringent security controls to protect Customer Data. All legal disclosures are subject to internal legal review to ensure compliance with applicable data protection laws. Geekbot applies encryption, access controls, and logging mechanisms to track and safeguard any data disclosures. Unauthorized access attempts or fraudulent requests will be reported to relevant legal authorities.