Legal/Privacy Policy

Accordo Privacy Statement

Last Updated: June 2019

Accordo Group USA Inc (collectively with its parent, Accordo Group Limited, “Accordo”) created this Privacy Policy to demonstrate our firm commitment to the privacy of our clients, partners and end users.

This privacy statement explains what personal data Accordo collects from you, through our interactions with you and through our products, and how we use that data.

Personal data is information about an identifiable individual (a natural person), and includes personal information, personally identifiable information and equivalent information under applicable privacy and data protection laws.

References to Accordo products in this statement include Accordo services, websites, apps, and software.

This policy does not limit or exclude any of your rights under the applicable privacy or data protection laws.

This policy was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal information. We are happy to provide any additional information or explanation needed. If you would like further information please contact us via
https://www.accordo.com/contacts/.

When does this Policy Apply

This privacy policy applies to personal information we collect from visitors to our website, our customers and other persons with whom we deal directly.

Users of our SaaS services, apps and software (Users) may collect personal information from individuals (e.g. their employees and customers) and upload, store or process that information to or in that service (User Data).

Our Users determine what and how they collect, use, disclose and transfer User Data. This means that our Users’ collection and use of User Data is governed by their privacy policy and practices, not ours. For the purposes of the General Data Protection Regulation of the European Union (GDPR), our Users are the data controller when storing or otherwise processing User Data and we are the data processor.

We only process User Data as authorised by our Users in our terms of use and/or other agreements with our Users that govern the processing of User Data (as applicable). Unless required otherwise under applicable law, if we receive any request or enquiry relating to User Data, we will forward this request to our relevant User.

The remainder of this privacy policy does not apply to User Data.

Personal Data That We Collect

Accordo collects data to operate effectively and provide you the best experiences with our products and services. You provide some of this data directly, such as when you create an Accordo account, administer your organization’s account, upload documents to applications, sign up for services or contact us for support. We get some of it by recording how you interact with our products by, for example, using technologies like cookies, and receiving error reports or usage data from software running on your device.

We also obtain data from third parties following your approval of the Terms of Use and data access during registration. We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of the data. These third-party sources vary over time, but have included:

  • Software product and service providers;
  • Service providers that help us determine a location based on your IP address to customize to your location;
  • Partners with which we offer services, and
  • Publicly-available sources such as open government databases or other data in the public domain.

We may combine the personal data about you that we receive from third parties with the personal data we collect from you directly, or through your interactions with our products.

You have choices about the data we collect. When you are asked to provide personal data, you may decline. But if you choose not to provide data that is necessary to provide a product or feature, you may not be able to use that product or feature. The data we collect broadly falls into the following categories:

Customer Account and Registration Data: This includes information you provide to create your account with us or register for events, webinars, surveys, etc. and may include, first and last name, billing information, a password, email address, company name, occupation, location, and phone number (for example, if you are using two-factor authentication).

Service Data (including Session and Usage data): When you use our services, we receive information generated through the use of the Service, either entered by you, or others who use the Services with you (for example, cloud consumption data, company information including user email addresses from client organization). We may also collect usage and log data about how the services are accessed and used, including IP addresses, location information, language settings, what operating system you are using, unique identifiers and other diagnostic data to help us support the Services.

Third Party Data: We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify new prospects for marketing, and provide products and services that may be of interest to you.

Location Information: We collect your location-based information for the purpose of providing and supporting the service and for fraud prevention and security monitoring. If you wish to opt-out of the collection and use of your collection information, you may do so by turning it off on your device settings.

Device Information: When you use our Services, we automatically collect information on the type of device you use, operating system version, and the device identifier (or “UDID”).

How We Use Personal Data

Accordo may access (which may include, with your consent, limited viewing or analysis) and use the data we collect as necessary (a) to provide and maintain the Services; (b) to address and respond to service, security, and customer support issues; (c) to detect, prevent, or otherwise address fraud, security, unlawful, or technical issues; (d) as required by law; (e) to fulfill our contracts; (f) to improve and enhance the Services; (g) to provide analysis or valuable information back to our Customers and users.

Some specific examples of how we use the information:

  • Create and administer your account
  • Send you an order confirmation
  • Facilitate and improve the usage of the services you have ordered
  • Assess the needs of your business to determine suitable products
  • Send you product updates, marketing communication, and service information
  • Respond to customer inquiries and support requests
  • Conduct research and analysis
  • Analyze data, including through automated systems and machine learning to improve our services and/or your experience
  • Generate recommendations about your use of the services, benchmarks for your organization, insights and potential optimizations for your organization

Accordo will retain your information as long as your account with us is active, to comply with our legal obligations, to resolve disputes, and enforce our agreements.

If you wish to cancel your account or for us to stop providing you services, or if we hold personal information about you and you want it to be removed from our database or inactivated, please contact us at privacy@accordo.com.

Reasons We Share Personal Data

We may disclose your personal information to:

  • another company within our group
  • any business that supports our website, products and services, including any person that hosts or maintains any underlying IT system or data centre that we use to provide our website, products or services or that we use to process payments
  • a credit reference agency for the purpose of credit checking you
  • third parties (for anonymised statistical information)
  • professional advisers e.g. accountants, lawyers or auditors
  • a person who can require us to supply your personal information (e.g. a law enforcement agency or regulatory authority)
  • any other person with your consent
  • any other company in the case of a sale, merger, consolidation, liquidation, reorganisation or acquisition
  • any other person authorised by applicable law.

How to Access & Control Your Personal Data

You can view, edit or delete your personal data online for Accordo products. You can also make choices about Accordo’s collection and use of your data. How you can access or control your personal data will depend on which products you use. If you cannot access certain personal data collected online, you can always contact privacy@accordo.com. We will endeavour to respond to requests to access or delete your personal data within 7 days.

Before taking action, we may ask for evidence to confirm that you are the individual to whom the personal data relates.

In addition to the rights to access, correct and delete your personal data, if you are based in the European Union, you have the additional rights set out in the GDPR Additional Terms section of this privacy policy below.

Protecting Your Personal Data

As required by applicable law, we will take steps to keep your personal data safe from loss, unauthorised activity, or other misuse. We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks inherent in processing personal data.

You play an important role in keeping your personal data secure by maintaining the confidentiality of any password and accounts used in relation to our products and services. You should not disclose your password to third parties. Please notify us immediately if there is any unauthorised use of your account or any other breach of security.

Cookies & Similar Technologies

Accordo uses cookies (small text files placed on your device) and similar technologies to provide our websites and online services and to help collect data. Cookies allow us, among other things, to store your preferences and settings; enable you to sign-in; provide interest-based advertising; combat fraud; and analyse how our websites and online services are performing.

We also use web beacons to help deliver cookies and gather usage and performance data. Our websites may include web beacons and cookies from third-party service providers.

You have a variety of tools to control cookies, web beacons and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons and similar technologies. Your browser and other choices may impact your experiences with our products.

We use Google Analytics to collect information about visitors to our website. Google Analytics collects information related to your device, browser, IP address, network location, and website activities to measure and report statistics about your interactions on our website. We use this information to help us manage the performance and design of our website and to improve our website.

For further information on how Google uses your personal information when you use our website and how to opt out of Google’s use of cookies, see https://policies.google.com/?hl=en.

EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield

Accordo complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Accordo has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/

Pursuant to the Privacy Shield, the following points apply:

  • Accordo is subject to the jurisdiction and enforcement authority of the US Federal Trade Commission (FTC).
  • EU and Swiss individuals have the right to access their personal data that is transferred from the EU and/or Switzerland into the United States. Individuals wishing to exercise this right may do so by following the instructions in the “How to Access & Control Your Personal Data” section in the main part of this policy.
  • Accordo may be required to share personal data in response to lawful requests by public authorities including to meet law enforcement and national security requirements.
  • Accordo remains liable for the onward transfer of personal data to agent third parties unless we can prove we were not a party to the events giving rise to the damages.

In compliance with the Privacy Shield Principles, Accordo commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Accordo at privacy@accordo.com

Accordo has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction

Notice to End Users

Accordo is not responsible for the privacy and security practices of our customers, which may differ from those set forth in this privacy statement.

If you use an email address provided by an organisation you are affiliated with, such as an employer or school, to access Accordo online services, the owner of the domain (e.g. your employer) associated with your email address may: (i) control and administer your Accordo online services account and (ii) access and process your data, including the contents of your communications and files.

Changes to This Privacy Statement

We will update this privacy statement when necessary to reflect customer feedback and changes in our products or services. When we post changes to this statement, we will revise the “last updated” date at the top of the statement. If there are material changes to the statement or in how Accordo will use your personal data, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how Accordo is protecting your information.

How to Contact Us

If you have a technical, privacy, or support question, please email us at privacy@accordo.com to learn more about Accordo Support offerings.

We will endeavour to respond to questions or concerns within 7 days.

GDPR ADDITIONAL TERMS

Lawful Basis for Processing Personal Data

Our lawful basis for processing (as that term is defined in the GDPR) personal data that we collect, use and disclose depends on the personal data collected and the context in which we collect it.

Generally, we collect personal data from you where we have your consent, where processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, or where processing is necessary for the purposes of our legitimate interests (except where such interests are overridden by your interests or fundamental rights and freedoms).

Where we process personal data based on your consent, you may withdraw your consent at any time.

Despite the above, we may process your personal data where such processing is necessary for compliance with applicable laws.

If you have any question about the legal basis on which we process personal data or need further information, please contact us at support@accordo.com.

Your Rights Under the GDPR

If you are located in the European Union, your rights in relation to your personal data include:

  • right of access – if you ask us, we will confirm whether we are processing your personal data and provide you with a copy of that personal data
  • right to rectification – if the personal data we hold about you is inaccurate or incomplete, you have the right to have it rectified or completed. We will take reasonable steps to ensure inaccurate personal data is rectified. If we have shared your personal data with any third party, we will tell them about the rectification where possible
  • right to erasure – when your personal data is no longer needed for the purposes for which you provided it, we will delete it. You may request that we delete your personal data and we will do so if deletion does not contravene any applicable law. If we have shared your personal data with any third party, we will take reasonable steps to inform those third parties that they must delete your personal data
  • right to withdraw consent – if the basis of our processing of your personal data is consent, you can withdraw that consent at any time
  • right to restrict processing – you may request that we restrict or block the processing of your personal data in certain circumstances. If we have shared your personal data with any third party, we will tell them about this request where possible
  • right to object to processing – you may request that we stop processing your personal data at any time and we will do so to the extent required by the GDPR
  • rights related to automated decision-making, including profiling – you have the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where such automated decision-making is necessary for entering into, or the performance of, a contract with you, is authorised by applicable laws or is based on your explicit consent. We do not undertake automated individual decision-making
  • right to data portability – you may obtain your personal data from us that you have consented to give us or that is necessary to perform a contract with you. We will provide this personal data in a commonly used, machine-readable and interoperable format to enable data portability to another data controller. Where technically feasible, and at your request, we will transmit your personal data directly to another data controller
  • the right to complain to a supervisory authority – you can report any concern you have about our privacy practices to your local data protection authority.

Where personal data is processed for the purposes of direct marketing, you have the right to object to such processing, including profiling related to direct marketing.

If you would like to exercise any of your above rights, please contact us via https://www.accordo.com/contacts/. If you are not satisfied by the way we deal with your query, you may refer your query to your local data protection authority.