Skoach Privacy Policy

Last revised: April 22, 2021

This policy describes how Cultify Lda (“Cultify” / “we” / “our” / “us/”), based in Rua Duarte Barbosa 364 3º D 4150-282 Porto, collects, uses, maintains and discloses personal data (any information relating to an identifiable natural person) collected from users (“you”) through our website, (the “Site”) or through our App on Slack or Microsoft Teams (the “App”) via interaction with our chat bot Skoach (“Skoach”).

This Privacy Policy applies to all products and services offered by us and our Site.

What we do

Skoach is a change management tool, promoting alignment of vision, culture and objectives between companies and their remote and in-office teams.

Skoach starts by diagnosing the company’s strengths and areas for development through a survey answered by every employee. After analyzing the results, and together with people in charge of this initiative within your employer, our team defines an action plan. Skoach then sends every team member under the contract frequent challenges to be applied on the job and thus promote the acquisition of best-practice habits that promote the wanted change. Skoach will send you challenges at the beginning of the week, give you time to apply them on-the-job for some days and later ask you if you completed the challenge. Completed challenges earn points to your team and a graph ranking teams in participation is shared on a recurrent basis to promote challenge completion. Skoach talks to every team member one on one and the whole conversation is confidential. There is only one part of the engagement between you and Skoach that is shared with your employer: which challenges you complete. Every week, your employer will have visibility over who completed each challenge, so that they get a sense of the engagement our product is getting.

Data we collect about you and how we collect it

We will collect and process the following personal data about you:

Information your employer gives us. Your employer may give us information about you:

Information you give us. You may give us information about you:

Information we collect about you. Each time you interact with Skoach via the App, we may automatically collect the following information:

How we use your personal data

Where we have collected, received or generated your personal data, we will process it to:

Lawfulness of processing

We consider the processing of your personal data for these purposes to be necessary:

Where consent is required for our use of your personal data, by ticking the appropriate consent box or otherwise communicating your consent to us (whether by phone, email or other means), you consent to our use of that personal data as set out in this policy.

You have the right to withdraw your consent at any time.

Who we share your personal data with


Except where you are explicitly told otherwise prior to providing your response, your survey answers are anonymized and your Employer will not have access to any personal information you have chosen to provide us.  Only aggregated data will be presented to your Employer, in such a way that no answer should be traced back to an individual.

Only data collected from you and other employees or personnel may be used by us in an aggregated and anonymized form for statistical and benchmarking purposes including enabling comparisons to other organisations.

Challenge completion:
Your individual participation in each challenge will be shared with authorized users at your Employer who have accountabilities and/or responsibilities for managing the initiative internally.


We may share your personal data with selected third parties in accordance with this policy, as identified below:

We only contract with third party service providers that take appropriate and stringent security measures to protect your personal data in line with our policies.

We may also disclose your personal data to other third parties in the following circumstances:

International Data Transfers

For the good functioning of our app, we resort to service providers to process data, whose headquarters are outside the European Economic Area (“EEA”), specifically in the United States. After the invalidation of the Privacy Shield, we decided to either 1) request that your personal data be processed and stored inside of the EEA (like in the case of AWS, in Ireland, since August 9th 2020) or 2) refrain from sending your personal data to these providers: In the latter case, we are referring to our analytics services providers, to whom we only send app activity data linked to an internal ID and no personal data whatsoever, since September 10th 2020.

We also resort to an NLP service provider that is based in the US, however, we only send free text without any identifiers to them.

Please refer to the service providers detail page for more information.

In any case, in the eventuality that we do have to transfer personal data to companies located in the USA or other non-EU countries, we will only do so after ensuring the full legality of such procedures, namely through Data Processing Agreements (DPAs) that include the European Standard Contractual Clauses for data transfers between EU and non-EU countries.

If you require further information about these protective measures, please contact us at

Implemented Security Measures

We maintain appropriate technical and organisational measures to ensure an appropriate level of security in respect of all personal data we process, including:


We may use session and persistent cookies or other technologies, such as Google Analytics, to automatically collect certain information when you visit our Site, such as your browser type, operating system, software version, URL clickstreams and Internet Protocol (“IP”) address. We also may collect information about your use of the Site, including the date and time of access, the areas or pages that you visit, the amount of time you spend using the Site, the number of times you return and other Site usage data. These cookies are only stored on your browser with your explicit consent.

You can find a complete list of the cookies used here.

How long we keep your personal data for

We will retain your personal data for a period of two years or until six months after our relationship with your employer has ended (whichever is sooner). After this period, your personal data will be anonymized or deleted.

We will not store your personal data for longer than is reasonably necessary to use it in accordance with this Privacy Policy or with our legal rights and obligations. For the avoidance of doubt, aggregated and anonymized data and any information other than personal data can be stored indefinitely.

Your rights

You have the below rights in regards to your personal data. Please contact your employer directly if you would like to exercise any of these rights (other than a change to your marketing preferences, which should be notified directly to us).

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is manifestly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

Please note that if you exercise any of the above rights to require us to restrict or cease processing or to delete personal data, and this type of processing is required in order to facilitate your use of the App, you will no longer be able to use the App following the date on which we action your request.  This does not include your right to object to direct marketing which can be exercised at any time without restriction. Please allow at least 5 working days for your request to be actioned.

How do you complain?

If you are not happy with the way your personal data is being handled, or with the response received by us, you have the right to lodge a complaint with your national data protection supervisory authority.

Changes to our Privacy Policy

Any changes we may make to our Privacy Policy will be posted on this page and where appropriate may be notified to you or your Employer by email or advised to you on next interaction with Skoach. Continued use of the App will signify that you agree to any such changes.

How to contact us

To exercise any of these rights or ask us for any clarification, please contact us at Please allow for 15 business days for us to get back to you.

We are committed to resolving any privacy concerns you have. However, if you feel we have not addressed your specific concern, you have the right to make a complaint at any time to the relevant supervisory authority in your country responsible for data protection issues.