This Policy only covers our privacy practices with respect to the collection, use, and disclosure of information obtained through the ProcessUnity website at www.processunity.com and in connection with the use of our hosted software applications (the “Subscription Service”) and related support services (“Support Services”), as well as professional services, training and certification (the “Professional Services”) that we provide to Customers. In this Policy, the Subscription Service, Support Services and the Professional Services are collectively referred to as the “Service.”
For the purposes of this Policy:
“Customer” means any entity that purchases the Service.
“Customer Data” means the electronic data uploaded into the Subscription Service by or for Customer or its authorized users.
“Visitor” means a visitor of the Website.
3.1. How We Obtain Information
As further described below, we collect several types of information from and about our Visitors. Some of the information that we collect constitutes “personal information” under data privacy laws, including, without limitation, the European Union’s General Data Protection Regulation (GDPR).
3.1.1. Information You Provide to Us
- When filling out forms on our Website we collect personal information, including without limitation, name, mailing address, email address and telephone number.
- When you post material to our Website, participate in bulletin boards, chat rooms, blogs, comment threads, forums or other interactive features of our Website, register, or request further information or services from us.
- When you enter a contest or promotion we sponsor.
- When you report a problem with our Website
- When you contact us.
- When you complete our surveys.
- Other information you may submit to us related to your use of our Website.
3.1.2. Information From Third Parties
ProcessUnity may collect and use information we receive from third parties in connection with your use of the Website. For instance, ProcessUnity uses a third party for reporting and analytics to measure the effectiveness of our Website and marketing efforts, and to identify areas for improvement.
3.1.3. Information We Collect as You Navigate Through the Website
As you navigate through the Website, we may also collect details about your visits to our Website including, but not limited to, your IP address, usage patterns, traffic data, location data, logs and other communication data and the resources that you access, as well as information about your computer and internet connection, including your operating system and browser type.
3.1.4. Cookies and Other Forms of Automated Collection
- Estimate our audience size and usage patterns.
- Store information about your preferences, allowing us to customize our Website.
- Speed up your searches.
- Authenticate your access to various areas of our Website.
- Recognize you when you return to our Website.
- Track when you respond to surveys.
3.2. How We Use Information Collected
We may use information that we collect about Visitors for the following purposes:
- To present our Website and their contents in a suitable and effective manner for you and for your computer.
- To diagnose and resolve technical problems with our Website.
- To improve our Website.
- To provide you with information, products or services that you request from us.
- To notify you about changes to our Website or obtain any required consent.
- To allow you to participate in interactive features of our Website, when you choose to do so.
- For industry analysis, benchmarking, analytics, marketing, and other business purposes.
- To track your browsing behavior, such as the pages you visited over time.
If you ask us to contact you about goods and services that may be of interest to you, we may use your personal information or permit selected third parties to use your personal information to provide you with such services. Visitors may withdraw consent at a later time by clicking on the “unsubscribe” link located in the emails sent by ProcessUnity. For more information, see Communication Preferences and Choices below.
3.3. Our Legal Basis For Collecting Personal Information
Whenever we collect personal information from you, we may do so on the following legal bases:
- Your consent to such collection and use;
- Out of necessity for the performance of an agreement between us and you, such as your agreement to use our solutions;
- Our legitimate business interest, including but not limited to the following circumstances where collecting or using personal information is necessary for:
- Intra-organization transfers of data for administrative purposes;
- Product development and enhancement, where the processing enables us to enhance, modify, personalize, or otherwise improve our services and communications for the benefit of our users, and to better understand how people interact with our Website;
- Communications and marketing, including processing data for direct marketing purposes, and subject to your opt-in for these purposes, and to determine the effectiveness of our promotional campaigns and advertising;
- Fraud detection and prevention;
- Enhancement of our cybersecurity, including improving the security of our network and information systems; and
- General business operations and diligence.
In each circumstance, however, we will weigh the necessity of our processing for the purpose against your privacy and confidentiality interests, including taking into account your reasonable expectations, the impact of processing, and any safeguards which are or could be put in place. In all circumstances, we will limit such processing for our legitimate business interest to what is necessary for its purposes.
3.4. Our Retention Of Your Personal Information
We may retain your personal information for a period of time consistent with the original purpose for collection. For example, we keep your personal information for no longer than reasonably necessary for your use of our products and services and for a reasonable period of time afterward. We also may retain your personal information during the period of time needed for us to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.
3.5. European Users’ Rights With Regard To Personal Information
Some data protection laws, including the GDPR, provide you with certain rights in connection with personal information you have shared with us. If you are resident in the European Economic Area, you may have the following rights:
- The right of access. You have the right to request a copy of your personal information which we hold about you.
- The right of correction: You have the right to request correction or changes of your personal information if it is found to be inaccurate or out of date.
- The right to be forgotten: You have the right to request us, at any time, to delete your personal information from our servers and to erase your personal information when it is no longer necessary for us to retain such data. Note, however, that deletion of your personal information will likely impact your ability to use our services.
- The right to object (opt-out): You have the right to opt-out of certain uses of your personal information, such as direct marketing, at any time.
- The right to data portability: You have the right to a “portable” copy of your personal information that you have submitted to us. Generally, this means your right to request that we move, copy or transmit your personal information stored on our servers / IT environment to another service provider’s servers / IT environment.
- The right to refuse to be subjected to automated decision making, including profiling: You have the right not to be subject to a decision and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
- The right to lodge a complaint with a supervisory authority.
3.6. How We Share Information Collected
We may disclose personal information that you provide to us via this Website, to the following third parties:
- Our subsidiaries and affiliates.
- Contractors, business partners and service providers we use to support our business or who provide services on our behalf.
- In the event of merger, acquisition, or any form of sale or transfer of some or all of our assets (including in the event of a reorganization, dissolution or liquidation), in which case personal information held by us about our Visitors will be among the assets transferred to the buyer or acquirer.
We may also disclose your personal information to third parties to:
- Comply with any court order or other legal obligation.
- Respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
- Protect the rights, property, or safety of ProcessUnity or others.
We do not sell, rent or trade information collected through the Website with third parties for their promotional purposes. We require a contract when personal data received under the Privacy Shield is transferred either to a third party acting as a controller or to a third party acting as an agent.
3.7. International Transfer Of Data
ProcessUnity may store and process any information collected in connection with the Website in any country where we have facilities or in which we engage service providers. By using our Website, you consent to the collection, storage, transfer and processing of information outside of your country of residence, including in the United States.
3.8. Communication Preferences And Choices
We provide certain choices regarding the information Visitors provide to us. We have created mechanisms to provide you with the following control over your information when using our Website. If you do not wish to have your e-mail address used for promotional purposes by ProcessUnity, you may withdraw consent at a later time by clicking on the “unsubscribe” link located in the emails sent by ProcessUnity.
3.8.2. Do Not Track
While ProcessUnity attempts to honor do not track (“DNT”) instructions we receive from a Visitor’s browser, we cannot guarantee that ProcessUnity will always respond to such signals, in part, because of the lack of common industry standard for DNT technology. We continue to monitor developments in DNT technology and stay apprised of DNT industry standards as they evolve.
You should review this Policy carefully, because if you do not agree with our practices, your ultimate choice is not to use the Website. Remember, by using any part of our Website, you accept and agree to our privacy practices.
3.9. Accessing And Correcting Your Personal Information
You may send us an e-mail at [email protected] to request access to, correct or delete any personal information that you have provided to us in connection with the Website. We will use reasonable efforts to respond to such requests for correction or updates to personal information.
4.1. How We Obtain Information
As described below, we collect several types of information from about our Customers, including:
- General information, including a Customer’s company name and address and the Customer’s representative’s contact information (“General Information”) for billing and contracting purposes.
- Information and correspondence you submit to us in connection with Professional Services or other requests related to our Service.
- Information we receive from our business partners in connection with your use of the Service or in connection with services provided by our business partners on your behalf, including configuration of the Subscription Service.
- Quantitative data derived from your use of the Subscription Service, for example and without limitation, the number of active roles within a Customer’s instance. All data collected, used, and disclosed will be in aggregate form only and will not identify Customer or its users.
- Server logs in support of the Subscription Service.
- Track session state in the Subscription Service.
- Authenticate your access to the Subscription Service.
- Recognize you when you return to the Subscription Service.
4.2. How We Share Information Collected
We do not share, sell, rent or trade information collected through the Service with third parties for their promotional purposes.
We may also disclose your personal information to third parties to:
- Comply with any court order or other legal obligation.
- Enforce or apply the terms of the definitive agreement between Customer and ProcessUnity pursuant to which the Customer purchased access to the Subscription Service (the “Customer Agreement”).
- Protect the rights, property, or safety of ProcessUnity, our Customers, or others.
ProcessUnity is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. ProcessUnity complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
In the event of merger, acquisition, or any form of sale or transfer of some or all of our assets (including in the event of a reorganization, dissolution or liquidation), in which case personal information held by us about our Customers will be among the assets transferred to the buyer or acquirer.
4.3. Customer Data
We may use Customer Data to provide the Service, including updating and maintaining the Subscription Service and providing Support and Professional Services. Notwithstanding anything else to the contrary in this Policy, we will not use, disclose, review, share, distribute, transfer or reference any Customer Data except as permitted in the Customer Agreement or as required by law.
4.4. Human Resources (HR) Data
ProcessUnity collects human resources data such as name, address, email address and tax/identity numbers from job applicants and employees of ProcessUnity for, among other things, legitimate human resource business reasons such as payroll administration, filling employment positions, maintaining accurate benefits records, meeting governmental reporting requirements, security, health and safety management, performance management, company network access and authentication. ProcessUnity also may collect information considered human resources data from users of our Subscription Service. ProcessUnity commits to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and comply with the advice given by such authorities with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.
5.1. Compliance with Privacy Shield Framework
5.2. Security Statement
We maintain administrative, organizational, technical and physical safeguards designed to protect the personal information obtained through the Website and in connection with the Service against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use. Please read our Data Privacy and Security Statement.
5.3. Third Party Websites And Applications
This Website may link to websites that are not owned or controlled by ProcessUnity. As such, this Policy does not apply to information collected on any third-party site or by any third-party application that may link to or be accessible from the Website. In addition, Customers and other third parties, including consultants, may develop applications or provide services to you or other third parties using our Service. This Policy does not apply to information collected by Customers, third parties or third-party applications or services, even if this information is collected using our Website or Service. This Policy also does not cover the use or disclosure of any information stored in the Subscription Service when hosted by the Customer.
ProcessUnity reserves the right to update or change this Policy from time to time. If we make material changes to this Policy, we will notify you through an appropriate online notice (and obtain your consent where required by applicable law). Your continued use of the Website or Service is deemed to be acceptance of any updates or changes we make to this Policy and as such, we ask that you review the Policy periodically for any updates or changes that we may have made.
6. Contact Information
To ask questions or comment about this Policy and our privacy practices or if you need to update, change or remove your information, contact us at: [email protected] or:
Attn: Privacy Officer
33 Bradford Street
Concord, MA 01742
All other feedback, comments, requests for technical support and other communications relating to the Website should be directed to: [email protected].
This website is operated by ProcessUnity, Inc., a Delaware corporation located at 33 Bradford Street Concord, MA 01742.
7. Complaint Resolution
In compliance with the Privacy Shield Principles, ProcessUnity commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact ProcessUnity at the contact information listed above.
ProcessUnity has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
It is possible, under certain conditions, for you to invoke binding arbitration.
Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.
ProcessUnity is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).