The European Union (EU) General Data Protection Regulation (GDPR), enforceable as of May 25, 2018, imposes additional requirements upon companies to enhance the protection of personal data of EU residents. Intricare Technologies has a dedicated, core-functional team overseeing Intricare Technologies’ GDPR readiness. We discuss our commitment to GDPR below.
Intricare Technologies’ Commitment to General Data Protection Regulation:
GDPR regulates the governance of personal data for European Union citizens with prominence on Data security and Data privacy. The GDPR not only applies to companies that operate in the European Union (EU) but it will also impact companies operating outside of the EU if they process any personal data of any of its customers in the EU.
Intricare Technologies has established its Information security and data privacy principles to protect the privacy and information rights of its Customers. We are strenuously committed to GDPR compliance.
Personal data is the information relating to an individual who can be directly or indirectly identified from that data. Identification of personal data can be through reference to the information itself, or in conjunction with any other information in our possession or is likely to come into such possession. The processing of personal data in the EU is governed by the General Data Protection Regulation.
The purpose of this Privacy Notice is to outline how we have established measures to protect your privacy rights.
We may receive, store or process certain information including personal information on behalf of our customers. Under the EU-GDPR such information is controlled and owned by the Customers, referred to as Data Controllers with respect to such information.
This Customer Data may include information from devices or other systems that the Customer manages and monitors using our services or products. It could also include end-user data related to an individual’s activities on the Customer’s network and systems including but not limited to an Email address, IP address, device information, CPU usage, and any other data related to address support or a service request. Under GDPR we are primarily a data processor for Customer Data.
We collect some information to conduct our regular business operations and the administration that may include some personal information such as Company name, email address, and contact details. We outline this below as:
Data collected from website users:
When you visit our website or seek to conduct business with us you may be prompted to provide certain personal information such as name, email address, mobile number, organization name, and geographic location, etc. This information is used by us in the following ways:
Generally, the personal information you provide to us is necessary to provide information you have requested, resolve a complaint or address a query.
We may also collect billing and transactional details of the Customer during their purchase of our products or services. We work with industry-standard payment providers to collect payment.
Our servers automatically collect certain information when you visit our website. This information does not necessarily reveal your identity directly but it may include information about the specific device used, such as the hardware model, operating system version, web-browser software (such as Firefox, Safari, or Internet Explorer), and the Internet Protocol (IP) address/MAC address/device identifier. In some countries, including the European Economic Area, this information may be considered personal information under applicable General Data Protection Regulation. We do not use this information to identify you and do not process this information actively. The collection is a by-product of using the website.
Data Collected through the use of our Products and Services:
Usage Data: Where our customers subscribe to our products and services we collect certain technical information obtained from software, systems hosting the services or products, and device accessing these products and services which do not directly identify the end-user herein referred to as Usage Data. We collect this information for business analytics to identify how our products and services are used by our Customers. The extent of this collection is configurable by our customers, but as an indication, our collection of technical information that constitutes personal data includes (but is not limited to):
We do not collect usage details about Customers’ end users, except as necessary for support or to provide the Services requested by Customers (in which case we are a data processor of such data). The information is only processed to provide the service requested by the Customer.
The personal data we collect is used for the following purposes:
Data collected through the use of our products and services
For Customers in the European Union, our processing (use) of your personal information is justified on the following legal basis:
The personal data we collect is used for the following purpose:
For Customers in the European Union, our processing (i.e. use) of your personal information is justified on the following legal basis:
The personal data we collect is used for the following purpose:
We engage third parties to support the services we deliver to you. These third parties assist us in providing information, products, or services to you, in conducting and managing our business, or in managing and improving our products/Services or our websites.
We share your personal data with these third parties to render services for which they have been engaged by us to perform on our behalf, subject to appropriate contractual restrictions and security measures, or if we believe it is reasonably necessary to prevent harm or loss, or it believes that the disclosure will further an investigation of suspected or actual illegal activities.
The third parties may include:
We do not share, sell, rent, or trade any of your personal information to third parties, other than as necessary to deliver the services we provide you or to administer our business.
Personal information collected by us including any and all the personal information of the EU Customers may therefore be processed by our service providers in the United States.
We will protect the personal information in accordance with this Privacy Notice. We take appropriate contractual or other measures to protect the personal information in accordance with the applicable laws pertaining to Data Protection.
Where processing takes place in the United States we ensure that the service providers have subscribed to the EU-US Privacy Shield Framework. Further details can be found at https://aws.amazon.com/compliance/gdpr-center/
The nature of our services is such that we share a responsibility with our Customers for the security of data.
We aim to safeguard and protect your personal data from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction or accidental loss, and have adopted reasonable technical and organizational security measures to ensure that this is the case, in line with established commercial good practice.
It is nevertheless important that our Customers recognize their responsibility in maintaining effective security in the use of our services.
Retention of Personal Data:
We retain your personal data for as long as required to fulfill the purposes for which it was collected. A summary of our approach to retention is outlined below:
In some circumstances, we may retain personal data for other periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required.
In specific circumstances, we may also retain your personal data for longer periods of time corresponding to a statute of limitation, so that we have an accurate record of your dealings with us in the event of any complaints or challenges.
For Customers in the European Union, your rights under the GDPR are outlined below. For Customers outside the European Union, you may have some or all of the following rights available to you in respect of your personal data, depending on the reason for processing this data:
We recognize that you may have questions on how we process your data, or you may want to change either the data we hold or how we communicate with you in the future.
If you have given consent for processing, you are free to withdraw the consent. In this case you may write us at [email protected]
You can request deletion of your personal information at any time and we will consider your request in accordance with applicable laws. Please contact us at [email protected].
If you have questions in respect to this Privacy Notice, or would like to exercise your right please write to us at [email protected].
Where you are a European Customer and you are unhappy towards your response to a query or you have a further complaint, the Information Commissioner’s Office can be contacted on [email protected].
Updates to this Policy: