1. When you visit SameSystem’s website (www.samesystem.com) while browsing the internet (during and after which you are known as a “Website User”), although you may not have necessarily procured or plan to procure an account of any kind with SameSystem. SameSystem collects a limited amount of data (which means we are a “data controller,” according to data protection laws) from Website Users primarily to improve our users’ experiences with the site.
2. You call or email SameSystem’s customer service or sales team (during and after which you are known as a “Contact User”). SameSystem may store your call or email for our own purposes, which means we are a “data controller,” according to data protection laws. When we do so, it is primarily to improve our users’ experiences with our customer service team.
SameSystem reserves the right to update or amend this policy in the future.
2. Types of Personal Data
In order to help us improve users’ experiences with our website, we collect a limited amount of your personal data. Such data may include some or all of the following:
- Log data, including your Devices’ Internet Protocol (IP) addresses; type of browser; the website you visited before entering SameSystem’s site; information you search for within SameSystem’s site; identification data associated with your Devices; mobile carrier information; dates and timestamps associated with transactions; system configurations; and other data related with your perusal of SameSystem’s website.
In order to improve users’ experiences with our customer service, we collect a limited amount of your personal data when you place a call or send an email to our service and sales teams. We will notify you if the call is being recorded. Some of the data we will collect include:
- Contact information (phone number(s), email addresses, physical addresses, etc.)
3. Manner of Collection
We collect a limited amount of data automatically when users visit our website. We collect some of these data via cookies, according to the cookie settings you have set in your browser. To find out more about cookies, please see section 11.
We collect a limited amount of data when users place a call to us or email us by storing information.
4. What Does SameSystem Do with Your Personal Data?
Our primary purpose in collecting and making use of your data is to improve users’ experiences with SameSystem’s website. When we do so, we act as a “data controller,” according to data protection laws. This data is, however, collected in an aggregate and can’t be personalized.
Our primary purpose in collecting and making use of your data is to improve users’ experiences with SameSystem’s customer service. When we do so, we act as a “data controller,” according to data protection laws.
5. How Long Does SameSystem Keep Your Data?
SameSystem will only retain your data for the amount of time stipulated in the terms of your company or organization’s user agreement. The only exceptions to this rule involve regulations and legal circumstances that require us to keep your data (e.g., tax laws).
When we are no longer permitted to retain your data according to the stipulations in the terms of your company or organization’s user agreement, or when it is no longer legally necessary for us to keep your data, we will anonymise your personal data from our systems. When we delete your data, we attempt to do so on a permanent basis, but some information may remain in our systems for the purpose of providing the service or for legal reasons. We do not have access to that information, nor can we make use of it.
Stored emails are retained up to five years.
6. Data Sharing & Disclosure
In accordance with relevant privacy and data protection regulations, we (as “data processors”) may share your data in the following manners:
- Your use: SameSystem displays your personal data on your user profile page, and this information may be viewable by other users in your company or organization, depending on their access level. Furthermore, if you use any of the public or group features, such as the newsfeed, be aware that any data you share may be collected, stored, or used by other SameSystem Application users who have access to them. Your posts may remain visible even after you close your account.
- Service providers, business partners, and third parties: SameSystem may employ trusted third party companies, individuals, and third party service providers (including consultants and telecommunication service providers) that require access to your personal data in order to provide their services to SameSystem. Such companies, individuals, and providers will not be permitted to use your information for any other purposes.
- Third-Party Applications: We may share data through third-party applications that your company elect to use. We maintain no responsibility for what third-party applications do with your personal data. In order to ensure that your data is in good hands, please read relevant privacy policies and proceed only if you agree with their terms of service.
- Compliance with Laws and Law Enforcement Requests: We may disclose your personal information to parties outside of SameSystem, including files stored in SameSystem’s Application when we believe in good faith that such a disclosure is reasonably necessary to comply with a law, regulation, or mandatory legal request, or to protect SameSystem’s intellectual property rights.
- Non-Private or Non-Personal Data: We may disclose your non-private, non-personal data (e.g., usage statistics of the SameSystem Application).
7. Keeping Your Data Safe
SameSystem will take reasonable, pertinent steps to protect any personal data that we collect and store from unauthorized access, misuse, loss, and destruction. We do so by implementing a number of measures.
8. Your Rights with Regard to Your Personal Data
You have a number of rights related to the personal data of yours that we collect and store. To learn more about these rights, please contact us directly or your company or organization.
If you are an Application User and would like to make a request relating to our use of your personal data in the context of the Service we provide to your company or organization and for which we are a data processor, please contact your company or organization initially. If you contact us initially, we will refer you to your company or organization.
If you are an Application User and would like to make a request relating to our use of your personal data in a context outside of the Service we provide to your company or organization, or if you are a Former Application User or Website User, please contact us directly with your request.
Data protection laws outline the following rights for individuals in relation to their personal data:
- Right to object: You have the right to object to our processing your personal data.
- Right to withdraw consent: In instances in which you have consented to our processing your personal data, you may withdraw your consent at any time. We will then cease to undertake any activity or practice that you previously consented to, unless we have a legal basis or justification for the continued processing of your personal data. In that event, we will inform you of those circumstances.
- Data Subject Access Request (DSAR): You have the right to ask us to confirm the personal data we hold about you and to request that we amend, delete, or update that information. You have the right to request a copy of the information we hold about you.
- Right to erasure: You have the right to request that we delete (or “anonymise”) your personal data under certain circumstances. Although we may endeavor to delete your data permanently, there is a chance that some of it may continue to exist within our systems. In this event, we consider the data put beyond use, which means that your data may exist in our systems, but SameSystem employees will no longer be able to access or use it. However, SameSystem may retain and use your personal data if there is a legal basis for us to do so (i.e., if any laws or agreements require us to preserve your data). If you are an Application User who is part of a company or organization, we will not delete or amend your personal data without the consent of your company or organization.
- Right to restrict processing: You have the right to ask us to restrict our processing of your personal data under certain circumstances (e.g., if you find the information we hold to be inaccurate). In the event that we have shared your personal data with third parties, we will notify them of your request for restrictions on processing, unless it is impossible to do so or it requires unreasonably great effort. We will notify you before lifting restrictions in place on processing your data.
- Right to rectification: You have the right to ask us to rectify inaccurate or incomplete personal data that we hold about you. In the event that we have shared your personal data with third parties, we will notify them of your request for rectification, unless it is impossible to do so or it requires unreasonably great effort. You may request information related to these third parties. In the event that we do not comply with your request, we will offer our reasons for not doing so.
- Right of data portability: You have the right to request that we transfer your personal data to another third party, although this right only applies to certain types of personal data. We may transfer the data for you, or, if you prefer, we will provide you with your personal data so that you can transfer it yourself.
- Right to lodge complaints with a supervisory authority: You have the right to submit a complaint to the relevant supervisory authorities in your jurisdiction.
9. International Data Storage, Transfer, and Processing
In order for SameSystem to provide users with the Service, we or our third-party providers may process your personal data outside of the European Economic Area (EEA), the United States, and other territories. We aim to make sure that any international transfer of your data is conducted in a secure fashion. If you are based in the EU, SameSystem will not process or transfer data outside of the EEA.
SameSystem uses “cookies,” or small data files stored on your computer and which we have access to. We do so to gather information and improve our services. Furthermore, SameSystem may use “persistent cookies” to allow users to save their user IDs and passwords for ease of future logins. SameSystem may use “session ID cookies” to enable features of the Service, gain an understanding of how users interact with the Service, and to monitor usage and web traffic on the Service. You may program your browser to stop accepting cookies or to prompt you to opt in to cookies from websites you frequent. When you do not accept cookies, you may limit the usability of the Service.
We may track usage patterns on our website via internal and external analytic platforms (“online tracking”). We do so in order to improve the design and functionality of our Service and site.
11. Legal Bases for Processing Your Personal Data
Where we process your personal data on behalf of your company or organization, your company or organization is responsible for ensuring the legality of the data processing.
Where we process your personal data as a data controller (outside of your company or organization), it is our duty to ensure that we have a legal basis or justification for doing so. There are several possible legal bases for SameSystem to process your personal data, including the following:
- In the event that processing your personal data is required for SameSystem to carry out its obligations under the terms of any contracts between you and us. In other words, we process your personal data when it is required “for the performance of a contract to which [you] are a party.”
- In the event that processing your personal data falls within our legitimate interests. In other words, we process your personal data when it “is necessary for the purposes of the legitimate interests pursued by [us] or by a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of [you] which require protection of personal data.”
- We may process your personal data for the purposes of our legitimate interests to enforce the terms of our website and to analyze log data/usage statistics in order to improve the SameSystem Application. You have the right to object to our processing your personal data on this basis (see section 9).
- In the event that you give us consent to process your personal data.
Where we seek out your consent prior to engaging in personal data processing, you must give us your consent freely, without our pressuring you to do so. You must be asked to give your consent to one processing act at a time and you have to know what you are consenting to, so we must provide you with relevant information. You must take positive, affirmative action in consenting to our processing of your personal data (e.g., by checking a box). We will obtain your consent before sharing your personal data with third party applications or undertaking certain marketing activities.
You have the right to withdraw your consent to personal data processing activities. See section 8, “Your Rights with Regard to Your Personal Data.”
Under certain circumstances, you have the right to object to our processing of your personal data. See section 8, “Your Rights with Regard to Your Personal Data.”
12. Further Information