PRIVACY NOTICE
Last updated January 01 , 2022
Thank you for choosing to be part of our ConnXio Integration Service at Communicate Norge AS. We are committed to protecting personal information and your right to privacy.
The Data Controller for the Personal Data we process is Communicate Norge AS c/o the General Manager/CEO. The contact information for Communicate is:
Address: Torget 5, 1767 Halden, Norway E-mail: info@communicate.no Phone: +47 90 21 18 00 Company Registration No.: 980 719 766
For any questions you may have regarding our processing of your Personal Data, please contact us by e-mail: privacy@communicate.no switchboard: +47 90 21 18 00.
When you or your company use ConnXio Integration Service, we appreciate that you are trusting us with your personal information. We take your and your customers privacy very seriously. In this privacy notice, we seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy notice that you do not agree with, please discontinue use of our Services immediately.
This privacy notice applies to all information collected through our ConnXio Integration Service (which, as described above, includes our ), as well as, any related services, sales, marketing or events.
Please read this privacy notice carefully as it will help you understand what we do with the information that we collect.
Table of Contents
- PRIVACY NOTICE
- Table of Contents
- 1. WHAT INFORMATION DO WE COLLECT?
- 2. WHY DO WE COLLECT PERSONAL DATA, AND WHAT DATA DO WE COLLECT?
- 3. DISCLOSURE OF PERSONAL DATA TO OTHERS
- 4. HOW LONG DO WE KEEP YOUR INFORMATION (RETENTION TIME)?
- 6. WHAT ARE YOUR PRIVACY RIGHTS?
- 7. DO WE MAKE UPDATES TO THIS NOTICE?
- 8. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU OR YOUR COMPANY?
1. WHAT INFORMATION DO WE COLLECT?
*In Short: ConnXio integration-service collects personal information that you provide to us*
ConnXio Integration Service collects personal information that you and your systems voluntarily provide to us when signing up for our integration service. The collected information is purely used for transactional handling and support purposes. Information will not be distributed to external systems or parties than the agreed upon. Each new integration in our services is verified by a customer-approved specification. ConnXio does not verify the content of the distributed data and therefore the transactions might include personal information such as:
Personal Information Provided: Names; phone numbers; email addresses; mailing addresses; usernames; job titles; passwords; contact preferences; contact or authentication data; billing addresses; and other similar information. All in-transaction personal information that is provided through the in-production service will not be modified by any personnel.
2. WHY DO WE COLLECT PERSONAL DATA, AND WHAT DATA DO WE COLLECT?
*In Short: The integration service process information for purposes based on legitimate business interests, the fulfillment of our contract with you, compliance with our legal obligations, and/or your consent.*
As an Integration partner our ConnXio Integration Service will collect different kind of data. Personal information might be collected by ConnXio for the following business purposes described below. We process personal information for these purposes in reliance on our legitimate business interests, in order do deliver a contract with you, with your consent, and/or for compliance with our legal obligations. We indicate the specific processing grounds we rely on next to each purpose listed below.
Information we collect or receive:
▪ Fulfill and manage customer SLA. We may use your information to fulfill and manage the
customer SLA regarding orders, payments, returns, and or other exchanges made in the
context of the Integration Service. This includes data required to guarantee monthly payments according to the customer agreement.
▪ Answer any inquiries we may receive. Name, phone number, e-mail address and any
Personal Data that may result from the inquiry. The processing of Personal Data is based
on a weighing of interest. We have found that this is often necessary for us to deliver and fulfill our commitments related to the service.
▪ Fulfill and deliver the requirements for ConnXio according to the agreed upon SLA.
As the integration service collects, transforms, and delivers data according to the
specifications. Person sensitive data might be handled by the service to fulfill the
integration specifications and the customer SLA. The information that the service
handles is limited to be distributed between parties in the specified data-contract and
integration protocols. The integration service will store information temporarily to fulfill
our commitments. The temporary storage of data shall not exceed the agreed-upon Retention time. (Ref. chapter 4)
▪ Administer and support the Integration Service. The Communicate Support department
may use information about customer and parties to administer and support the
integration service. Data will be temporarily stored for providing customer support. We
may use your information to respond to your inquiries and solve any potential issues regarding our services.
3. DISCLOSURE OF PERSONAL DATA TO OTHERS
*In Short: We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.*
We do not disclose your Personal Data to others unless there is a legal basis for such disclosure. Examples of such a basis will typically be an agreement with you or any legal basis that instructs us to disclose such information. Communicate uses Data Processors to collect, temporarily store, and otherwise process Personal Data on our behalf. In such cases, we have entered into agreements to ensure information security at all stages of the processing. Presently, we use the following Data Processors:
- Microsoft Azure
- ConnXio Integration Service
- Apache Cassandra
- Data Storage
All our processing of Personal Data takes place within the EU/EEA area. We may process or share your data that we hold based on the following legal basis:
▪ Consent: We may process your data if you have given us specific consent to use your
personal information for a specific purpose.
▪ Legitimate Interests: We may process your data when it is reasonably necessary to
achieve our legitimate business interests.
▪ Performance of a Contract: Where we have entered a contract with you, we may
process your personal information to fulfill the terms of our contract.
▪ Legal Obligations: We may disclose your information where we are legally required to do
so to comply with applicable law, governmental requests, a judicial proceeding, court
order, or legal process, such as in response to a court order or a subpoena (including in
response to public authorities to meet national security or law enforcement
requirements).
▪ Vital Interests: We may disclose your information where we believe it is necessary to
investigate, prevent, or act regarding potential violations of our policies, suspected fraud,
situations involving potential threats to the safety of any person and illegal activities, or
as evidence in litigation in which we are involved.
4. HOW LONG DO WE KEEP YOUR INFORMATION (RETENTION TIME)?
*In Short: We keep your information for as long as necessary to fulfill the service and customer requirements for the purposes outlined in this privacy notice.*
ConnXio temporarily store data with the potential of being personal data to fulfill our service requirements. Data the service processes will continuously be deleted within the service retention time. The standard Retention Time for our service is 3 months. The service can also archive information longer than the retention time when archiving is required for fulfilling requirements regarding customer support.
For the purpose for which the Personal Data was collected. This means, for example, that Personal Data we process on the basis of your consent will be deleted if you withdraw your consent. Personal Data we process to fulfil an agreement with you will be deleted when the agreement is fulfilled and all obligations arising from the agreement are fulfilled. When we have no ongoing legitimate business need to process your data with personal information, we will delete such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
5. HOW DO WE KEEP YOUR INFORMATION SAFE?
*In Short: _We aim to protect your personal information through a system of organizational and technical security measures.*
We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cyber-criminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, transmission of personal information to and from our is at your own risk.
As a standard ConnXio supports the “Best of Breed” protocols for securely transferring and obtaining data. The integration team will at all time advice customers to use secure protocols for integrations and transactions. However, it is the customers responsibility to have systems that supports these protocols for communication. If a customer despite our advices chooses other protocols for interaction the responsibility is fully handled by the customer.
6. WHAT ARE YOUR PRIVACY RIGHTS?
*In Short: In some regions, such as the European Economic Area, you have rights that allow you greater access to and control over your personal information. You may ask for review, or terminate your subscription that holds your data at any time.*
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
In some regions (like the European Economic Area), you have certain rights under applicable data protection laws. These includes the right to:
- Request access and obtain a copy of your personal information
- Request rectification or erasure of data.
- Restrict the processing of your personal information
- If applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. To make such a request, please contact privacy@communicate.no. We will consider and act upon any request in accordance with applicable data protection laws.
If you are a resident in the European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
7. DO WE MAKE UPDATES TO THIS NOTICE?
*In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.*
We may update this privacy notice from time to time. The updated version will be indicated by an updated "Revised" date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.
8. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU OR YOUR COMPANY?
Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances. To request to review, update, or delete your personal information, please contact privacy@communicate.no. We will respond to your request within 30 days.