DMS Solutions (hereafter "we", "our", or "us") is committed to protecting and respecting Customer privacy and we put our best efforts to safeguard our Customer personal data.
WHAT PERSONAL DATA IS COLLECTED?
We require certain information about our Customer (such as but not limited to: name, contact information, email address, phone number, username, passwords, employer name, job title, payment details for billing purposes, etc.) in order to provide the services. We collect information when the Customer creates account while accessing the hosted Software-as-a-Service, interacts with us through e-mail communication, social media, places the order for Software purchase, signs up to receive electronic newsletters, contacts our support, visits our office, etc.). We may collect or receive business-related information about Customer from public sources and various third-parties for the purpose to better serve our Customer needs.
In order to understand greater our Customer behavior on our website we use third-party analytics tools which collect information that Customer browser sends when Customer visits our web page. The data collected automatically may include but not limited to: IP address, domain, search terms, geographical location, device type, log information, etc. When Customer is visiting our website, we are using cookies, a small software file stored temporarily or placed on the hard drive of the Customer device in order to allow a web server to identify the Customer device and the web browser the Customer uses, in order to recognize the Customer when the Customer is visiting the site again.
HOW DO WE USE THE DATA?
We may process and use the Customer personal data and other related information that we collect for different purposes as required to fulfill contractual obligations and the applicable laws. We may use the Customer data for the following purposes but not limited to: identify the Customer identity to deliver the services; interact with Customer to provide the product overview, services, pricing, support; to inform the Customer about Software new features, capabilities, services, offerings; process payment transactions in accordance with Customer authorization; detect and prevent fraud, intellectual property infringement; analyze and evaluate data to improve the Software and services; perform direct marketing in compliance with the applicable laws; to audit the services in compliance with applicable laws; to provide customer support.
When the Customer makes a purchase using a credit card or any other payment methods on our services, the Customer credit card information is transmitted directly to our third-party payment processors. We do not store the Customer credit card information and the third-party payment processor does not share the Customer credit card information with us.
Customer data uploaded to elDoc Software:
We do not own, control, process, use any Customer data stored and processed through our Software. Only the Customer is entitled to access, retrieve, use, process, modify, control, delete the data uploaded to elDoc Software. The Customer shall use its best efforts to set up appropriate access right control framework in the Software leveraging existing Software functionalities stated in the Software Documentation to prevent unauthorized access to the Customer data. The Customer shall not use the Software to perform money laundering activities or any other illegal activities and / or activities which violate other individual's privacy that may cause harm to DMS Solutions. We do not directly access or control the uploaded and processed data through our Software unless Customer authorized us to perform required support services. The Customer is an ultimate "data controller" under the GDPR (European Union’s General Data Protection Regulation) for the data uploaded and processed through our Software. We are not responsible either for personal data content uploaded and processed through our Software by the Customer or the means by which the Customer collects, processes, uses, discloses any personal related data.
TO WHOM WE MAY DISCLOSE DATA?
We may disclose personal data the Customer provides to us directly with the following third-parties:
- in accordance with the applicable laws: to public authorities, auditors or institutions competent to exercise inspections on DMS Solutions, which may ask us to provide information, based on their legal obligations;
- to service providers who we engage to provide the services to the Customer such as but not limited to: hosting, storage, cloud infrastructure maintenance, payment processing, data analysis. The data will be shared with these third parties only to the extent required to deliver the services the Customer purchased and only pursuant to binding contractual obligations requirements such third parties to adhere privacy of the Customer data;
- as required by law, upon court order, requests from regulatory or tax authorities, or government reporting obligations;
- other third parties with Customer consent.
HOW DO WE PROCESS DATA?
The data collected through the services will be processed using resources and servers located in various countries around the world. We use data centers of Microsoft Azure, Amazon Web Services (AWS), Google Cloud with geographical presence around the world. The storage locations are defined based on the Customer location and with an aim to create redundancies in order to protect the data in the event of an outage or other incident.
HOW DO WE KEEP DATA SECURE?
We put our best efforts to safeguard Customer data. We strive to maintain appropriate administrative, technical, and physical safeguards designed to safeguard Customer data from loss, misuse, and unauthorized access, disclosure by acting according to the applicable laws. We may use data encryption, network channel encryption, firewall, malware and threat protection, access control framework to best safeguard Customer data. Absolute 100% security of data security can not be guaranteed by any information system as well as we can not guarantee full protection of the Customer data from hackers attack thus when Customer chooses to access our Services, the Customer shares data with us at own risk and responsibility. We do not warrant or represent that personal Customer data will be protected against, loss, misuse, or alteration by third parties. The Customer is responsible for restricting access to own Computer, keeping credentials to access the Software in secured and protected mode to best achieve personal data protection and data processed through the Software.
DO WE TRANSFER DATA INTERNATIONALLY?
The Customer data may be transferred, processed and stored outside the country where Customer data was collected. Any data transfer performed by us will respect the legal requirements laid down by applicable law from where and to we transfer data. When we transfer Customer data outside Customer location, we will ensure that Customer data is transferred and processed securely in a manner which provides a degree of protection similar to the Customer original location. DMS Solutions adheres to the principles stated in EU-U.S. and the Swiss – U.S. Privacy Shield Frameworks (Privacy Shield) as set forth by the U.S. Department of Commerce.
FOR HOW LONG DO WE STORE DATA?
We may keep the data for as long as necessary for the purposes to execute contractual obligations and performing post audit, comply with applicable legislations, resolve disputes. We will make sure not to keep excessive or irrelevant data, such as data which is out of date. Once data is no longer needed for the purposes for which it was collected, we will take an appropriate steps to destroy it.
WHAT ARE CUSTOMER RIGHTS?
If Customer resides in certain countries / locations / states / region, the Customer may have the respective rights available to the Customer under data protection laws in relation to Customer personal data: the right to access, update, correct, receive, object, transfer, delete or restrict processing the data. The Customer may exercise its rights at any time.
The services and Software provided by us are not directed to children under the age of 16. If any child has provided us with information without parent consent and this information became available to the parents, please contact us immediately: firstname.lastname@example.org
Last revision date: 15.02.2021