Last Updated: September 2019
This privacy statement explains what personal data Accordo collects from you, through our interactions with you and through our products, and how we use that data.
Third Party Websites
Personal data is information about an identifiable individual (a natural person), and includes personal information, personally identifiable information and equivalent information under applicable privacy and data protection laws.
References to Accordo products in this statement include Accordo services, websites, apps, and software.
This policy does not limit or exclude any of your rights under the applicable privacy or data protection laws.
This policy was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal information. We are happy to provide any additional information or explanation needed. If you would like further information, please contact us at email@example.com.
When Does This Policy Apply
Users of our SaaS services, apps and software (Users) may collect personal information from individuals (e.g. their employees and customers) and upload, store or process that information to or in that service (User Data).
Personal Data That We Collect
Accordo collects data to operate effectively and provide you the best experiences with our products and services. You provide some of this data directly, such as when you create an Accordo account, administer your organization’s account, upload documents to applications, register or attend an event organised or hosted by us, apply for a job with us, subscribe to our newsletter or other forms of marketing communications, respond to a survey or fill out a form created or sent by us, or if you otherwise contact us (together, “Services”).
We get some of it by recording how you interact with our products by, for example, using technologies like cookies, and receiving error reports or usage data from software running on your device.
- Software product and service providers;
- Service providers that help us determine a location based on your IP address to customize to your location;
- Partners with which we offer services, and
- Publicly-available sources such as open government databases or other data in the public domain.
We may combine the personal data about you that we receive from third parties with the personal data we collect from you directly, or through your interactions with our products.
How We Use Personal Data
Accordo may access (which may include, with your consent, limited viewing or analysis) and use the data we collect as necessary (a) to provide and maintain the Services; (b) to address and respond to service, security, and customer support issues; (c) to detect, prevent, or otherwise address fraud, security, unlawful, or technical issues; (d) as required by law; (e) to fulfill our contracts; (f) to improve and enhance the Services; (g) to provide analysis or valuable information back to our Customers and users.
Some specific examples of how we use the information:
- Create and administer your account;
- Send you an order confirmation;
- Facilitate and improve the usage of the services you have ordered;
- Assess the needs of your business to determine suitable products;
- Send you product updates, marketing communication, and service information;
- Respond to customer inquiries and support requests;
- Conduct research and analysis;
- Analyze data, including through automated systems and machine learning to improve our services and/or your experience;
- Generate recommendations about your use of the services, benchmarks for your organization, insights and potential optimizations for your organization.
Accordo will retain your information as long as your account with us is active, to comply with our legal obligations, to resolve disputes, and enforce our agreements.
If you wish to cancel your account or for us to stop providing you services, or if we hold personal information about you and you want it to be removed from our database or inactivated, please contact us at firstname.lastname@example.org.
You Control Who Has Access To Your Data
The data entered, or imported on instruction, by you is stored securely in a database and is only accessible to any person you have authorized to use the service. It is your responsibility to keep your password safe. Accordo and Accordo’s staff do not have access to your password. Accordo support staff does have access to your Accordo account and database – solely for the purpose of providing you with customer service related to your account.
The data we collect broadly falls into the following categories:
Customer Account and Registration Data: This includes information you provide to create your account with us or register for events, webinars, surveys, etc. and may include, first and last name, billing information, a password, email address, company name, occupation, location, and phone number (for example, if you are using two-factor authentication).
Service Data (including Session and Usage data): When you use our services, we receive information generated through the use of the Service, either entered by you, or others who use the Services with you (for example, cloud consumption data, company information including user email addresses from client organization). We may also collect usage and log data about how the services are accessed and used, including IP addresses, location information, language settings, what operating system you are using, unique identifiers and other diagnostic data to help us support the Services.
Third Party Data: We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify new prospects for marketing, and provide products and services that may be of interest to you.
Location Information: Other than information you choose to provide us, we do not collect information about your precise location. Your device’s IP address may help us determine an approximate location to ensure content made available to you through our Services or marketing channels is relevant to the city or country you are using your device in.
Device Information: When you use our Services, we automatically collect information on the type of device you use, operating system version, and the device identifier (or “UDID”).
Reasons We Share Personal Data
We may disclose your personal information to:
- another company within our group;
- any business that supports our website, products and services, including any person that hosts or maintains any underlying IT system or data center that we use to provide our website, products or services or that we use to process payments;
- a credit reference agency for the purpose of credit checking you;
- third parties (for anonymized statistical information);
- professional advisers e.g. accountants, lawyers or auditors;
- a recognized legal or enforcement authority (e.g. a law enforcement agency or regulatory authority);
- an individual with your consent; and
- another controlling company in the case of a sale, merger, consolidation, liquidation, reorganization or acquisition.
How To Access & Control Your Personal Data
We may use personal information to let you know about our products and services that we believe will be of interest to you. We may contact you by email, post, or telephone or through other communication channels that we think you may find helpful. In all cases, we will respect your preferences for how you would like us to manage marketing activity with you.
How you can manage your marketing preferences
To protect privacy rights and to ensure you have control over how we manage marketing with you:
- we will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you;
- you can ask us to stop direct marketing at any time ‑ you can ask us to stop sending email marketing, by following the “unsubscribe” link you will find on all the email marketing messages we send you. Alternatively, you can contact us at email@example.com. Please specify whether you would like us to stop all forms of marketing or just a particular type (e.g. email); and
- you can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser as explained in the section Cookies & Similar Technologies below.
We recommend you routinely review the privacy policies and preference settings that are available to you on any social media platforms as well as your preferences within your account with us.
When and how we undertake profiling and analytics
We use performance cookies like Google Analytics to recognize and count the number of visitors/users of our website and to see how such visitors/users move around our website when they are using it.
For more information about how we use profiling and analytics, please see Cookies & Similar Technologies below.
Protecting Your Personal Data
As required by applicable law, we will take steps to keep your personal data safe from loss, unauthorized activity, or other misuse. We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risks inherent in processing personal data.
You play an important role in keeping your personal data secure by maintaining the confidentiality of any password and accounts used in relation to our products and services. You should not disclose your password to third parties. Please notify us immediately if there is any unauthorized use of your account or any other breach of security.
Transferring Personal Information Globally
We operate on a global basis. Accordingly, your personal information may be transferred and stored in countries outside the EU, including New Zealand and the United States of America, that are subject to different standards of data protection.
We will take appropriate steps ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end:
- we ensure transfers within our group of companies will be covered by an agreement entered into by members of our group of companies (an intra‑group agreement) which contractually obliges each member to ensure that personal information receives an adequate and consistent level of protection wherever it is transferred within our group of companies;
- where we transfer your personal information outside our group of companies or to third parties who help provide our products and services, we obtain contractual commitments from them to protect your personal information. Some of these assurances are well recognized certification schemes like the EU ‑ US Privacy Shield for the protection of personal information transferred from within the EU to the United States; or
- where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information are disclosed.
You have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when this is transferred as mentioned above.
GDPR Additional Terms
Lawful Basis for Processing Personal Data
Our lawful basis for processing (as that term is defined in the GDPR) personal data that we collect, use and disclose depends on the personal data collected and the context in which we collect it.
Generally, we collect personal data from you where we have your consent, where processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, or where processing is necessary for the purposes of our legitimate interests (except where such interests are overridden by your interests or fundamental rights and freedoms).
Where we process personal data based on your consent, you may withdraw your consent at any time.
Despite the above, we may process your personal data where such processing is necessary for compliance with applicable laws.
If you have any question about the legal basis on which we process personal data or need further information, please contact us at firstname.lastname@example.org.
Your Rights Under the GDPR
If you are located in the European Union, your rights in relation to your personal data include:
- right of access – if you ask us, we will confirm whether we are processing your personal data and provide you with a copy of that personal data;
- right to rectification – if the personal data we hold about you is inaccurate or incomplete, you have the right to have it rectified or completed. We will take reasonable steps to ensure inaccurate personal data is rectified. If we have shared your personal data with any third party, we will tell them about the rectification where possible;
- right to erasure – when your personal data is no longer needed for the purposes for which you provided it, we will delete it. You may request that we delete your personal data and we will do so if deletion does not contravene any applicable law. If we have shared your personal data with any third party, we will take reasonable steps to inform those third parties that they must delete your personal data;
- right to withdraw consent – if the basis of our processing of your personal data is consent, you can withdraw that consent at any time;
- right to restrict processing – you may request that we restrict or block the processing of your personal data in certain circumstances. If we have shared your personal data with any third party, we will tell them about this request where possible;
- right to object to processing – you may request that we stop processing your personal data at any time and we will do so to the extent required by the GDPR;
- rights related to automated decision-making, including profiling – you have the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where such automated decision-making is necessary for entering into, or the performance of, a contract with you, is authorized by applicable laws or is based on your explicit consent. We do not undertake automated individual decision-making;
- right to data portability – you may obtain your personal data from us that you have consented to give us or that is necessary to perform a contract with you. We will provide this personal data in a commonly used, machine-readable and interoperable format to enable data portability to another data controller. Where technically feasible, and at your request, we will transmit your personal data directly to another data controller; and
- the right to complain to a supervisory authority – you can report any concern you have about our privacy practices to your local data protection authority.
Where personal data is processed for the purposes of direct marketing, you have the right to object to such processing, including profiling related to direct marketing.
If you would like to exercise any of your above rights, please contact us at email@example.com. If you are not satisfied by the way we deal with your query, you may refer your query to your local data protection authority.
Cookies & Similar Technologies
We also use web beacons to help deliver cookies and gather usage and performance data. Our websites may include web beacons and cookies from third-party service providers.
You have a variety of tools to control cookies, web beacons and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons and similar technologies. Your browser and other choices may impact your experiences with our products.
We use Google Analytics to collect information about visitors to our website. Google Analytics collects information related to your device, browser, IP address, network location, and website activities to measure and report statistics about your interactions on our website. We use this information to help us manage the performance and design of our website and to improve our website.
Notice To End Users
Accordo is not responsible for the privacy and security practices of our customers, which may differ from those set forth in this privacy statement.
If you use an email address provided by an organization you are affiliated with, such as an employer or school, to access Accordo online services, the owner of the domain (e.g. your employer) associated with your email address may:
- control and administer your Accordo online services account; and
- access and process your data, including the contents of your communications and files.
If you have a privacy question, please email us at firstname.lastname@example.org and will endeavor to respond to questions or concerns within 7 days.