Privacy Notice

Effective from 1st August 2022

GDPR KEY DEFINITIONS:

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of NATURAL PERSONS with regard to the processing of PERSONAL DATA and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

  1. Consent:
    CONSENT means a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the website user’s agreement to the processing of personal data relating to him or her, such as by a written statement, including by electronic means, or an oral statement.

  2. Data Controller
    DATA CONTROLLER is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data for which and the manner in which any personal data are, or are to be, processed.

  3. Data Processor
    DATA PROCESSOR is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

  4. General Data Protection Regulation (GDPR)
    Predominant objective of this protection is as follows:

    • The processing of personal data should be designed to serve mankind.
    • Natural persons should have control of their own personal data;
    • The right to the protection of personal data is not an absolute right; it must be considered in relation to its function in society and be balanced against other fundamental rights, in accordance with the principle of proportionality.

  5. Legitimate Interest
    Processing shall be lawful only if and to the extent that at least one of the following applies:

    • the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
    • processing is necessary for the performance of a contract to which the legal/ natural person, whose data has been collected (data subject), is a party, or; in order to take steps at the request of the data subject prior to entering into a contract;
    • processing is necessary for compliance with a legal obligation to which the controller is subject;
    • processing is necessary in order to protect the vital interests of the data subject or of another natural person;
    • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
    • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third-party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
  1. Online Identifier
    Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.

  2. Personal Data
    Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

OTHER DEFINITIONS:

  1. InSync Tech – Fin Solutions Ltd. (INSYNC)
    INSYNC means InSync Tech-Fin Solutions Ltd., a Company incorporated under the Companies Act, 1956 in India and having its registered office at DGK 912, DLF Galleria, Action Area IB, New Town, Kolkata – 700156, West Bengal, India and shall include all its successors, acquirers, administrators and executors etc.

  2. Licensee
    Licensee means a legal / natural person including but not limited to an end customer, or a prospect obtaining trial version of INSYNC product or services, or partners; to whom any license has been granted specifically by INSYNC, to use INSYNC product, services, or Intellectual Properties, or any part thereof, with or without any consideration; for whatsoever purposes. Hereinafter referred to as the “Licensee” and shall include but not limited to all its acquirers, successors, administrators and executors.

  3. Partner
    Means partner of INSYNC for different purposes like development new connectors or adapters for INSYNC SAS product APPSeCONNECT, implementation Partners, referral and reseller partners having different kind of limited right licenses specifically granted for specific purposes to use of INSYNC product, services, Intellectual Properties. Partners are independent contractors and shall not be construed as an agent, or employee or a JV partners unless such relationship has been explicitly, and publicly defined to be of such nature and listed on INSYNC website.

  4. Person
    • Artificial/ Juristic/ Legal Person:
      An entity such as a corporation, created by law and given certain legal rights and duties of a human being; a being real or imaginary, who for the purpose of legal reasoning is treated more or less as a human being, but is not a citizen.
    • Natural Person:
      A human being.

  5. Service Data
    Service Data is any Personal Data shared by a third-party with INSYNC, to avail INSYNC’s services or during the course of availing INSYNC services; pertaining to citizens/ residents of any EU based country, that is collected by any third-party being the Data Controller. In other words, Service Data is data obtained by INSYNC, as a Data Processor, from any third-party and does not have any control over what, why, and how it is being collected or used.

Websites
Shall mean all websites as it may exist from time to time of INSYNC including but not limited to www.insync.co.in and product website www.appseconnect.com.

  1. This Policy is applicable to whosoever visits any of INSYNC websites and any Licensee of INSYNC being a free trial customer, end customer or a partner.

  2. GDPR specific rights can be enforced only for PERSONAL DATA collected of NATURAL PERSONS* (not a company, partnership or any other kind of Legal Entity)

  3. GDPR specific privacy measures and features will be available to all INSYNC licensees or visitors of INSYNC websites. 

    • However, shall not create any legal right for data collected of any LEGAL / ARTIFICIAL PERSON who is not a human being by INSYNC. (Example of such data: name and the form of the legal person and the contact details of the legal person);

    • Nothing contained in this policy shall create any right for citizens or residents outside of EU countries regarding data control features like right to obtain collected Personal Data, Right to be Forgotten, Right to update or modify their Personal Data, Right to give consent for collection ore share of Personal /Service Data and similar rights which are not explicit rights provided under the Information Technology Act, 2000 of India (IT Act). 

    • All Data control and protection rights for subjects of all other countries except for EU countries shall be governed by IT Act and will be subject to reasonable security measures compliant to industry standard practices. 

  4. Applicable for all INSYNC Products, Services and its associated brands like APPSeCONNECT, which has been linked to this Privacy Policy or otherwise does not provide for any specific Privacy Policy thereof. 

  5. This Policy shall be legally binding on you and on INSYNC, on different activities on our websites including but not limited to browsing through our websites, on obtaining different services whether paid or free, raising queries, consultations for whatsoever purposes as a click-wrap contract between you and INSYNC. 
  1. RIGHT TO ACCESS, RECTIFY and/or DELETE PERSONAL DATA

    If you are a Customer / Partner/ an interested party, providing your personal data to INSYNC through its Website, applications or social media connects, blogs, corporate events, etc.; such data being collected for specific purposes mentioned hereunder; you have the right to have access to your personal data provided to INSYNC; and further you have the right to contact support@insync.co.in for rectification or deletion of your personal data, subject to other clauses of this policy; without affecting continuity of INSYNC’s business. 

    Thus, deleting the User does not delete business-specific organization-owned data created and contributed to; by the User including without limitation, knowledgebase articles, notes, forum topics/comments, support calls, surveys, canned responses, ticket templates, contacts, companies, tags, conversations in the tickets, comments or details provided on any third-party platform such as social media etc. 

    Notwithstanding the foregoing, we will retain Service Data that may include your personal data as necessary to comply with our legal obligations, for litigation/defence purposes, maintain accurate financial and other records, resolve disputes, and enforce our agreements.

  2. SHARING PERSONAL DATA

    • You have full control over your personal data provided to INSYNC through various means. We share your personal data with your consent or as necessary to complete any transaction or provide any product/ services you have requested or authorised. We also share data with INSYNC Partners; with vendors working on our behalf with your consent; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of our products; and to protect the rights or property of INSYNC and its brand.

    • In the event INSYNC goes through a business transition, such as a merger or acquisition by another company; or sale of all or a portion of its assets, Customer’s Account, all collected data and Service Data that may include your personal data; will likely be among the assets transferred. A prominent notice will be displayed on our Websites to intimate you of any such change in ownership or control; and Customers will be notified via an e-mail from support@insync.co.in.
  3.  
  1. When you visit our Websites, Browser Applications etc.; or participate in our events, blogs, contribution pages, social networking pages, surveys; INSYNC may collect information, which may include your Personal Data. For the purposes of General Data Protection Regulation (GDPR), INSYNC is the controller for personal data collected through INSYNC owned systems and not for data collected on a platform owned by any third-party.

    Different means through which we may collect your personal data for the following legitimate business purposes:

    1. Enquiry
      When you enquire about any Product or Service(s) or Partnership we may collect your (i) contact information such as name, e-mail address, mailing address, IP address, geographic location, or phone number, software environment etc. or any combination of such information.

      Subject to this Notice and the Terms, we will use such data, including without limitation, (i) send you communication for the Service(s); (ii) assess needs of your business to determine or suggest suitable Service(s); (iii) send you requested information about the Service(s); (iv) respond to customer service requests, questions and concerns.

    2. Sign-up, Billing and Account information.
      When you subscribe and sign-up to any of our Products/ Service(s)/ Trials, we may collect your (i) contact information such as name, e-mail address, mailing address, IP address, geographic location, or phone number, of the Account admin; (ii) billing information, such as credit card number and billing address; (iii) name and e-mail address when Account admin/Agent(s) provide feedback from within the Service(s); and (iv) unique identifiers, such as username, account number or password.

      Subject to this Notice and the Terms, we will use such data, including without limitation, to (i) grant software license and other Service(s); (ii) send you communication from the Service(s); (iii) assess needs of your business to determine or suggest suitable Service(s); (iv) send you requested information about the Service(s); (v) respond to customer service requests, questions and concerns; (vi) administer your Account; (vii) send you promotional and marketing communications (where you have requested us to do so).

    3. Support Interactions
      When a customer/ Prospect interacts with an INSYNC support professional, we collect Device/ System and Usage data or error reports to diagnose and resolve problems.

      When a customer receives communications from INSYNC, we use data to personalise the content of the communication.

      When a customer engages with INSYNC for professional services, we collect the name and contact data of the customer’s designated point of contact and use information provided by the customer to perform the services that the customer has requested and preserve all telephonic and written conversations for future reference, and such data, calls, chats or e-mails may be used for training and development purposes for INSYNC professionals.|

    4. When you attend an event conducted by us, including webinars or seminars, we may collect your contact information such as name, e-mail address, designation and company name.

      Subject to this Notice, we will use such data, including without limitation, to (i) assess needs of your business to determine or suggest suitable Service(s); (ii) send you requested information about the Service(s); (iii) send you promotional and marketing communications (where you have requested us to do so); and (iv) respond to your questions and concerns.

    5. Apart from the aforementioned information collected by us, we automatically receive and record certain Personal Data of yours when You visit our Websites. This includes device model, IP address, the type of browser being used, usage pattern through cookies and browser settings, query logs and product usage logs. We also collect clicks, scrolls, conversion and drop-off on our Websites and Service(s) to render user journey in real-time. Subject to this Notice, we will use such data, including without limitation, to (i) assess needs of your business to determine or suggest suitable Service(s); (ii) send you requested information about the Service(s); (iii) respond to customer service requests, questions and concerns; and (iv) for analytical purposes.

    6. We may post your testimonials/comments/reviews on our Websites which may contain your Personal Data. Prior to posting the testimonial, we will obtain your consent to post your name along with the testimonial. If you want your testimonial removed, please contact us at support@insync.co.in. anonymous

    7. Marketing communications.
      We may use your e-mail address, collected which may fall into the category of Personal Data, to send our newsletters and/or marketing communications about our products and services. Where you have so requested, we will also send you marketing communications about our third-party partners. If you no longer wish to receive these communications, you can opt out by following the instructions contained in the e-mails you receive or by contacting us at support@insync.co.in .

    8. Job Portal/ Partnership Forms
      We may use and store your personal data, required for selection of your candidature for any job opening at our organization and may use the same to contact you for such purposes only as it will be specified at the time of filling up any candidature form.
  1. When you use the INSYNC Service we may store some information on your computer. This information will be in the form of a “cookie” or similar file. Cookies are small pieces of information stored on your hard drive, not on the INSYNC website. We do not use cookies to spy on you or otherwise invade your privacy. They cannot invade your hard drive and steal information. We use cookies to help you navigate the INSYNC website and Service as easily as possible and to remember information about your current session. These are the Session Cookies and they are removed from your system when you close the web browser or turn off the computer. You must enable cookies on your web browser to use the INSYNC Service.

    Various categories of cookies are used in the INSYNC website and Service. These are listed below along with the options to manage them.

    1. Essential Cookies:
      These cookies are essential for the basic functionalities offered by the Service. These class of cookies helps in keeping a user logged in to the Service and remember relevant information when they return to the Service.

    2. Insight Cookies:
      These are used for tracking the user activities within the Service, which in turn helps us in improving your user experience.

    3. Marketing Cookies:
      We also use some marketing cookies provided by third parties to collect and analyse various information about the visitors to the INSYNC website and users of the service. No personal or intrusive information is collected in this process though.You have the choice of accepting or declining the use of cookies through your web browser. For more information on controlling cookie settings in your browser, please refer to the following methods:
    • More information on “Incognito” mode and cookie setting in Google Chrome
    • More information on “InPrivate” and cookie setting in IE
    • More information on “Private Browsing” and cookie setting in FireFox
    • More information on “Private Browsing” and cookies setting in Safari
    Please note that if you wish to turn off the cookies in your web browser, you might not be able to take advantage of many features of our Service.

    Examples of Cookies:

    • Google Analytics – Web Analytics Service to track and generate reports on website traffic
    • Google AdWords Retargeting (using Global Site Tag) – For tracking and remarketing purpose in Google Ads
    • Google AdWords Conversion Tracking – For tracking conversions from Google Ads
    • Facebook Pixel – For Facebook Analytics and conversion tracking
    • Twitter Conversion Tracking – For tracking Twitter conversions from Twitter Ads
    • LinkedIn Insight Tag – For LinkedIn Analytics and generating reports
    • LinkedIn Conversion Tracking (Matched Audience) – For tracking LinkedIn Conversions
    • Email Marketing Cookie – For tracking and generating reports on Emails 
  1. INSYNC does not knowingly collect any Personal Data from children under the age of 16. If you are under the age of 16, please do not submit any Personal Data through our Websites or Service(s). If you have reason to believe that a child under the age of 16 has provided Personal Data to us through our Websites or Service(s), please contact us and we will delete such personal information and terminate the child’s account from our databases.

  1. The INSYNC website and Service has industry standard security measures in place to protect the loss, misuse, and alteration of the information under our control. While there is no such thing as “perfect security” on the Internet, we will take all reasonable steps to ensure the safety of your information. Additionally, you retain all rights of ownership to the data you have stored on the INSYNC Service. We will not sell or share this data with any third parties or use this data to compete with you or advertise to your clients. Your privacy and the privacy of your clients are of utmost importance to us. Some general measures that we have taken for the security of your personal data are as follows:

    • Industry Standard 2048- bit SSL V3 certificate for our product website APPSeCONNECT;
    • Two-factor authentication when you log in to our product portal.
    • Code- Signing Certificate
    • AES – 256 is used to encrypt data at Rest.
    • Storage is secure by role-based access control
    • Client-side encryption over HTTPS or SMB 3.0.
    • Review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.
    • Restricted access to personal information to INSYNC agents/ employees/ partners/ contractors strictly based on the requirement to share your personal data in order to process and complete any transaction, contract, obligations, services while collecting such data; and all INSYNC agents/ employees/ partners/ contractors are subject to strict confidentiality obligations. They may be disciplined or their contract terminated if they fail to meet these obligations.
    • Obtain your specific consent to share your personal data in a different country other than India and your own economic zone for specific purpose of performance of the contract, as it may require from time to time.
  1. You authorize INSYNC and its service providers to perform analytics on such collected data, to (i) improve, enhance, support and operate the Websites; and (ii) compile statistical reports and record insights into usage patterns.

    We collect data of the end users and Partners of our products and/ or services, you being member of a legal entity for specific purpose of entering into legally enforceable contracts and associated enterprise data to provide a comprehensive, smooth user experience and such data does not fall into the domain of Personal Data.

  1. If you are a visitor from the European Economic Area, our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it.

    However, we will normally collect Personal Data from you only where we need the Personal Data to perform a contract with you, or where the processing is in our legitimate interests or rely upon your consent where we are legally required to do so and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.

    If we ask you to provide Personal Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Data is mandatory or not (as well as of the possible consequences if you do not provide your Personal Data).

    Similarly, if we collect and use your Personal Data in reliance on our legitimate interests (or those of any third-party), we will make clear to you at the relevant time what those legitimate interests are.

    If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, please e-mail us at support@insync.co.in .

  1. We only process Service Data as per our End Customer’s instructions. For purposes of the GDPR, we are the processor and not the controller of the Service Data. Service Data, as defined in the Terms, means all electronic data, text, messages or other materials, including Personal Data of Users and End-Users, submitted to the Service(s) by our Customers through Customer’s Account in connection with Customer’s use of the Service(s). Our EU based Customers are the “controllers” of that data and are responsible for compliance with the applicable data protection law. We work with our Customers to help them provide notice to their customers concerning the purpose for which Personal Data is processed by INSYNC.

    If you are our Customer from EU, then in your role as a controller, you are authorizing, on behalf of yourself and your authorized agents, End-Users, and representing that you have the authority to provide such authorization to the processing and transfer of Personal Data in and to India and other countries which may have different privacy laws from your or their country of residence. We will take all steps reasonably necessary to ensure that the Service Data is treated securely and in accordance with this Notice.

    We do not own, control or direct the use of Service Data, and in fact we are largely unaware of what information is being stored on our platform and only access such information as reasonably necessary to provide the Service(s) (including to respond to support requests), as otherwise authorized by Customers or as required by law. Unless we explicitly agree otherwise in writing, you will not process sensitive personal data (such as health data) on our platform.

    As the controller, it shall be your responsibility to inform the End-Users about the processing, and, where required, obtain necessary consent or authorization for any Personal Data that is collected as part of the Service Data through your use of the Service(s). As the processors of Personal Data on behalf of our Customers, we follow Customer’s instructions with respect to the Service Data to the extent consistent with the functionality of our Service(s). In doing so, we implement technical, physical and administrative measures against unauthorized processing of such information and against loss, destruction of, or damage to, Personal Data.

  1. Our Websites contain links to other websites that are not limited to but may be of our end customers, Technology Partners, Sales Partners, Implementation Partners etc. that are not owned or controlled by INSYNC. Please be aware that we are not responsible for the privacy practices of such other websites or third parties. We encourage you to be aware when you leave our Websites and to read the privacy policies of that third-party website to understand their data collection, retention and process policy.

  1. Amendments to this Notice will be directly updated on this page and will be effective as may be notified. If we make any material changes, we will notify you by means of a notice on this Website prior to the change becoming effective and if you are our Licensee/ Partner, via e-mail (specified in your Account). Provided we will not be notifying you if we amend the Notice to make addition, deletions or modifications to the list of cookies from time to time to keep the list of cookies current and accurate. You should frequently visit this Notice to check for amendments. Your continued use of our Websites or the Service(s) following the posting of any amendment, modification, or change to this Notice shall constitute your acceptance of the amendments to this Notice. You can choose to discontinue use of the Websites or Service(s), if you do not accept the terms of this Notice, or any modified version of this Notice.

  1. We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

    1. If you are a citizen of European Union (EU); then you have the right to ask INSYNC for your personal data collected by INSYNC, by contacting the Data Protection Officer, credentials provided hereunder.

    2. You have the right to raise tickets for objection or grievance redressal if there is any collection of data by INSYNC, which is believed to be in nature of Personal data and not serving any justifiable purpose for which you have been requested to provide the same.

    3. You have the right to delete or modify any part or all of your personal data collected by INSYNC.

    4. You have the right to be forgotten, with all your personal data footprints kept with INSYNC in what so ever manner, if so opted by you. However, no data required for enforcement of our legal rights, obligations, legal proceedings, protection of our IP rights or protection against any claims shall be deleted and such purposes of data retention shall be clarified by INSYNC if requested for.

    5. Third-Party Data Processor of INSYNC: INSYNC may share your personal data with third-party organization which has cleared and declared to be GDPR compliant, including but not limited to https://mailchimp.com/ ; twillio.com etc. with your consent.

    These rights are exclusively available for EU country-specific subjects either being a Citizen/ Resident of such countries and not for citizens/ residents of any other country not protected under GDPR guidelines.

    1. If you face any difficulty in availing any of the data control features, want to update or delete your data, and any other related grievances, please write us at support@insync.co.in .

At APPSeCONNECT Corp., (“APPSeCONNECT”, “Company”, “Corporation”, “Us” or “We”), we respect and protect the privacy of visitors to our website, www.APPSeCONNECT.com and the other websites under APPSeCONNECT (collectively, the “Sites”), and our customers who use our application integration platform, tools, mobile applications and related services (together with the Sites, the “Service/s”). This Privacy Notice(“Notice”) explains how we collect, use, disclose, and protect visitors’ and customers’ (“Users”) information as part of the Service. Any discussion of your use of the Service in this Notice is meant to include your visits and other interactions with the Sites and Services, whether or not you are a user of APPSeCONNECT’s application integration platform.

DEFINITIONS

GDPR KEY DEFINITIONS:
REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of NATURAL PERSONS with regard to the processing of PERSONAL DATA and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “GDPR”.

1. Consent
CONSENT means a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the website user’s agreement to the processing of personal data relating to him or her, such as by a written statement, including by electronic means, or an oral statement.
2. Data Controller
A DATA CONTROLLER is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data for which and the manner in which any personal data are, or are to be, processed.
3. Data Processor
DATA PROCESSOR is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
4. General Data Protection Regulation (GDPR)
Predominant objective of this protection is as follows:

  • The processing of personal data should be designed to serve mankind.
  • Natural persons should have control of their own personal data;
  • The right to the protection of personal data is not an absolute right; it must be considered in relation to its function in society and be balanced against other fundamental rights, in accordance with the principle of proportionality.

5. Legitimate Interest

Processing shall be lawful only if and to the extent that at least one of the following applies:

  • the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
  • processing is necessary for the performance of a contract to which the legal/ natural person, whose data has been collected (data subject), is a party, or; in order to take steps at the request of the data subject prior to entering into a contract;
  • processing is necessary for compliance with a legal obligation to which the controller is subject;
  • processing is necessary in order to protect the vital interests of the data subject or of another natural person;
  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third-party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

6. Online Identifier

Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.

7. Personal Data

Personal data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

OTHER DEFINITIONS

8. APPSeCONNECT

For the purposes of this Notice and all matters incidental herefrom and ancillary hereto, “APPSeCONNECT” shall mean APPSeCONNECT Corp., having its physical address at 7876 Buffaloberry Rd, Frisco, Texas, 75035, United States, and shall include all its successors, acquirers, wholly owned subsidiaries, administrators and executors etc.

9. Licensee

Licensee means a legal / natural person including but not limited to an end customer, or a prospect obtaining trial version of APPSECONNECT product or services, or partners; to whom any license has been granted specifically by APPSECONNECT, to use APPSECONNECT product, services, or Intellectual Properties, or any part thereof, with or without any consideration; for whatsoever purposes. Hereinafter referred to as the “Licensee” and shall include but not limited to all its acquirers, successors, administrators and executors.

10. Partner

Means partner of APPSECONNECT for different purposes like development of new connectors or adapters for APPSECONNECT SaaS product APPSeCONNECT, implementation Partners, referral and reseller partners having different kind of limited right licenses specifically granted for specific purposes to use of APPSECONNECT product, services, Intellectual Properties. Partners are independent contractors and shall not be construed as an agent, or employee or a JV partner unless such relationship has been explicitly, and publicly defined to be of such nature and listed on APPSECONNECT website.

11. Person

  • Artificial/ Juristic/ Legal Person:
    An entity such as a corporation, created by law and given certain legal rights and duties of a human being; a being real or imaginary, who for the purpose of legal reasoning is treated more or less as a human being, but is not a citizen.
  • Natural Person:
    A human being.

12. Service Data
Service Data is any Personal Data shared by a third-party with APPSECONNECT, to avail APPSECONNECT’s services or during the course of availing APPSECONNECT services; pertaining to natural persons, that is collected by any third-party being the Data Controller. In other words, Service Data is data obtained by APPSECONNECT, as a Data Processor, from any third-party and does not have any control over what, why, and how it is being collected or used.
Websites
Shall mean all websites as they may exist from time to time, of APPSECONNECT including but not limited to www.appseconnect.com.
___________________________________________________

WHAT IS THE SCOPE OF THIS PRIVACY Notice?

  1. This Notice is applicable to whosoever visits any of APPSeCONNECT websites and any Licensee of APPSeCONNECT being a free trial customer, end customer or a partner.
  2. However, specific legally enforceable rights under the applicable data protection and privacy legislations across jurisdictions, such as GDPR, CCPA, PIPEDA and many more, can only be exercised by the citizens/residents subject to those respective legislations.
  3. GDPR specific rights can be enforced only for PERSONAL DATA collected of NATURAL PERSONS* (not a company, partnership or any other kind of Legal Entity)
  4. This Notice is applicable for all APPSeCONNECT Products, Services and its associated brands like APPSeCONNECT, which has been linked to this Privacy Noticeor otherwise does not provide for any specific Privacy Notice thereof.
  5. This Notice shall be legally binding on you and on APPSeCONNECT, on different activities on our websites including but not limited to browsing through our websites, on obtaining different services whether paid or free, raising queries, consultations for whatsoever purposes, as a click-wrap contract between you and APPSECONNECT.
    ___________________________________________________

HOW DO WE COLLECT INFORMATION?
When you visit our Websites, Browser Applications etc.; or participate in our events, blogs, contribution pages, social networking pages, surveys; APPSECONNECT may collect information, which may include your Personal Data. For the purposes of General Data Protection Regulation (GDPR), APPSECONNECT is the controller for personal data collected through APPSECONNECT owned systems and not for data collected on a platform owned by any third-party.

Different means through which we may collect your personal data for the following legitimate business purposes:

1. Enquiry
When you enquire about any Product or Service(s) or Partnership we may collect your (i) contact information such as name, e-mail address, mailing address, IP address, geographic location, or phone number, software environment etc. or any combination of such information.
Subject to this Notice and the Terms, we will use such data, including without limitation, (i) send you communication for the Service(s); (ii) assess needs of your business to determine or suggest suitable Service(s); (iii) send you requested information about the Service(s); (iv) respond to customer service requests, questions and concerns.
2. Sign-up, Billing and Account information.
When you subscribe and sign-up to any of our Products/ Service(s)/ Trials, we may collect your (i) contact information such as name, e-mail address, mailing address, IP address, geographic location, or phone number, of the Account admin; (ii) billing information, such as credit card number and billing address; (iii) name and email address when Account admin/Agent(s) provide feedback from within the Service(s); and (iv) unique identifiers, such as username, account number or password.
Subject to this Notice and the Terms, we will use such data, including without limitation, to (i) grant software license and other Service(s); (ii) send you communication from the Service(s); (iii) assess needs of your business to determine or suggest suitable Service(s); (iv) send you requested information about the Service(s); (v) respond to customer service requests, questions and concerns; (vi) administer your Account; (vii) send you promotional and marketing communications (where you have requested us to do so).
3. Support Interactions
When a customer/ Prospect interacts with an APPSECONNECT support professional, we collect Device/ System and Usage data or error reports to diagnose and resolve problems.

When a customer receives communications from APPSECONNECT, we use data to personalize the content of the communication.

When a customer engages with APPSECONNECT for professional services, we collect the name and contact data of the customer’s designated point of contact and use information provided by the customer to perform the services that the customer has requested and preserve all telephonic and written conversations for future reference, and such data, calls, chats or e-mails may be used for training and development purposes for APPSECONNECT professionals.
4. When you attend an event conducted by us, including webinars or seminars, we may collect your contact information such as name, e-mail address, designation and company name.
Subject to this Notice, we will use such data, including without limitation, to (i) assess needs of your business to determine or suggest suitable Service(s); (ii) send you requested information about the Service(s); (iii) send you promotional and marketing communications (where you have requested us to do so); and (iv) respond to your questions and concerns.
5. Apart from the aforementioned information collected by us, we automatically receive and record certain Personal Data of yours when you visit our websites. This includes the device model, IP address, the type of browser being used, usage pattern through cookies and browser settings, query logs, and product usage logs. We also collect clicks, scrolls, conversions, and drop-offs on our Websites and Service(s) to render user journeys in real-time. Subject to this Notice, we will use such data, including without limitation, to (i) assess the needs of your business to determine or suggest suitable Service(s); (ii) send you requested information about the Service(s); (iii) respond to customer service requests, questions and concerns; and (iv) for analytical purposes.
6. We may post your testimonials/comments/reviews on our websites which may contain your Personal Data. Prior to posting the testimonial, we will obtain your consent to post your name along with the testimonial. If you want your testimonial removed, please contact us at support@appseconnect.com anonymous.
7. Marketing communications.
We may use your email address, collected which may fall into the category of Personal Data, to send our newsletters and/or marketing communications about our products and services. Where you have so requested, we will also send you marketing communications about our third-party partners. If you no longer wish to receive these communications, you can opt-out by following the instructions contained in the emails you receive or by contacting us at support@appseconnect.com
8. Job Portal/ Partnership Forms
We may use and store your personal data required for the selection of your candidature for any job opening at our organization and may use the same to contact you for such purposes only as it will be specified at the time of filling up any candidature form.
___________________________________________________

DO WE COLLECT CHILDREN’S PERSONAL DATA?
APPSECONNECT does not knowingly collect any Personal Data from children under the age of 16. If you are under the age of 16, please do not submit any Personal Data through our Websites or Service(s). If you have reason to believe that a child under the age of 16 has provided Personal Data to us through our Websites or Service(s), please contact us and we will delete such personal information and terminate the child’s account from our databases.
___________________________________________________

WHAT KIND OF INFORMATION DO WE COLLECT?

A. USE OF COOKIES

When you use the APPSECONNECT Service we may store some information on your computer. This information will be in the form of a “cookie” or similar file. Cookies are small pieces of information stored on your hard drive, not on the APPSECONNECT website. We do not use cookies to spy on you or otherwise invade your privacy. They cannot invade your hard drive and steal information. We use cookies to help you navigate the APPSECONNECT website and Service as easily as possible and to remember information about your current session. These are the Session Cookies and they are removed from your system when you close the web browser or turn off the computer. You must enable cookies on your web browser to use the APPSECONNECT Service.

Various categories of cookies are used in the APPSECONNECT website and Service. These are listed below along with the options to manage them.
1. Essential Cookies:
These cookies are essential for the basic functionalities offered by the Service. This class of cookies helps in keeping a user logged in to the Service and remember relevant information when they return to the Service.
2. Insight Cookies:
These are used for tracking the user activities within the Service, which in turn helps us in improving your user experience.
3. Marketing Cookies:
We also use some marketing cookies provided by third parties to collect and analyze various information about the visitors to the APPSECONNECT website and users of the service. No personal or intrusive information is collected in this process though. You have the choice of accepting or declining the use of cookies through your web browser. For more information on controlling cookie settings in your browser, please refer to the following methods:

Please note that if you wish to turn off the cookies in your web browser, you might not be able to take advantage of many features of our Service.
Examples of Cookies:

  • Google Analytics – Web Analytics Service to track and generate reports on website traffic
  • Google AdWords Retargeting (using Global Site Tag) – For tracking and remarketing purpose in Google Ads
  • Google AdWords Conversion Tracking – For tracking conversions from Google Ads
  • Facebook Pixel – For Facebook Analytics and conversion tracking
  • Twitter Conversion Tracking – For tracking Twitter conversions from Twitter Ads
  • LinkedIn Insight Tag – For LinkedIn Analytics and generating reports
  • LinkedIn Conversion Tracking (Matched Audience) – For tracking LinkedIn Conversions
  • Email Marketing Cookie – For tracking and generating reports on Emails
    For more details on our use of cookies, read our Cookie Policy.

B. DATA WE PROCESS ON BUSINESSES’ BEHALF: SERVICE DATA
As we have a B2B model, most of our customers are other businesses. We only process Service Data as per our Customer’s instructions. For purposes of the GDPR, we are the processor and not the controller of the Service Data. Service Data, as defined in the Terms, means all electronic data, text, messages or other materials, including Personal Data of Users and End-Users, submitted to the Service(s) by our Customers through Customer’s Account in connection with Customer’s use of the Service(s). Our Customers are the “controllers” of that data and are responsible for compliance with the applicable data protection law. We work with our customers to help them provide notice to their customers concerning the purpose for which Personal Data is processed by APPSECONNECT.
If you are our Customer, then in your role as a controller for the purposes of GDPR, you are authorizing, on behalf of yourself and your authorized agents, End-Users, and representing that you have the authority to provide such authorization to the processing and transfer of Personal Data in and to India and other countries which may have different privacy laws from your or their country of residence. We will take all steps reasonably necessary to ensure that the Service Data is treated securely and in accordance with this Notice.
We do not own, control or direct the use of Service Data, and in fact we are largely unaware of what information is being stored on our platform and only access such information as reasonably necessary to provide the Service(s) (including to respond to support requests), as otherwise authorized by Customers or as required by law. Unless we explicitly agree otherwise in writing, you will not process sensitive personal data (such as health data) on our platform.
As the controller, it shall be your responsibility to inform the End-Users about the processing, and, where required, obtain the necessary consent or authorization for any Personal Data that is collected as part of the Service Data through your use of the Service(s).

As the processors of Personal Data on behalf of our customers, we follow the Customer’s instructions with respect to the Service Data to the extent consistent with the functionality of our Service(s). In doing so, we implement technical, physical, and administrative measures against unauthorized processing of such information and against loss, destruction of, or damage to, Personal Data.
___________________________________________________

C. DATA COLLECTED FOR EXECUTION OF ENFORCEABLE CONTRACTS/ GRANT OF SOFTWARE LICENSE AND OTHER LICENSE OF APPSECONNECT INTELLECTUAL PROPERTIES
You authorize APPSeCONNECT and its service providers to perform analytics on such collected data, to (i) improve, enhance, support and operate the Websites; and (ii) compile statistical reports and record insights into usage patterns.
We collect data of the end users and Partners of our products and/ or services, you being a member of a legal entity for the specific purpose of entering into legally enforceable contracts and associated enterprise data to provide a comprehensive, smooth user experience and such data does not fall into the domain of Personal Data.

D. AGGREGATED PERSONAL DATA
In an ongoing effort to better understand and serve the users of the APPSeCONNECT Services, APPSeCONNECT often conducts research on its customer demographics, interests and behavior based on the Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and APPSeCONNECT may share this aggregate data with its affiliates, agents and business partners. This aggregate information does not identify you personally. APPSeCONNECT may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.

E. THIRD-PARTY INTEGRATION
Our Service allows you to integrate and create commands for various online third-party services (“Third-Party Services”). In order to take advantage of this feature, you may need to authenticate, register for or log into Third-Party Services through the Service or on the websites of their respective providers. When you enable linking between or log in to Third-Party Services through the Service, we will collect relevant information necessary to enable the Service to access that Third-Party Service and your data and content contained within that Third-Party Service (“Login Credentials”). We store your Login Credentials long enough to enable linking to the Third-Party Service.

When you enable the Service to link content and data between Third-Party Services, the Third-Party Services will provide us with access to certain information that you may have provided to the Third-Party Services, and we will use, store and disclose such information in accordance with this Privacy Notice and the instructions that you give us while exercising your rights under this Notice and relevant data protection and privacy laws, to govern the linking. In addition, you can use the Service to share content and Personal Data amongst the Third-Party Services you integrate with the Service. Please remember that the manner in which Third-Party Services use, store and disclose your information is governed by the policies of such Third-Party Services, and APPSeCONNECT shall have no liability or responsibility for the privacy practices or other actions of any Third-Party Services that may be enabled within the Service.

We may retain certain personally non-identifiable information related to the data or content linked between Third-Party Services (for example, date sent, link configuration, names of the Third-Party Services), for the purpose of improving our Services and as described above in the “Aggregated Personal Data” section.

___________________________________________________

HOW DO WE USE YOUR PERSONAL DATA AND OTHER INFORMATION

APPSeCONNECT will not sell or rent to any third party any of the personal information or data that you provide to us. APPSeCONNECT uses the Personal Data you provide in a manner that is consistent with this Privacy Notice. If you provide Personal Data for a certain purpose, we may use the Personal Data in connection with the purpose for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. Also, if you provide Personal Data in order to obtain access to the APPSeCONNECT Services, we will use your Personal Data to provide you with access to such services and to monitor your use of such services. APPSeCONNECT and its subsidiaries and affiliates (the “APPSeCONNECT Related Companies”) may also use your Personal Data and other personally non-identifiable information collected through the Services to help us improve the content and functionality of the Services, to better understand our users and to improve the APPSeCONNECT Services. APPSeCONNECT and its affiliates may use this information to contact you in the future to tell you about services we believe will be of interest to you. If we do so, each communication we send you will contain instructions permitting you to “opt-out” of receiving future communications. In addition, if at any time you wish not to receive any future communications or you wish to have your name deleted from our mailing lists, please contact us as indicated in the “GRIEVANCES” section of this Notice.
___________________________________________________

WHEN MAY WE DISCLOSE YOUR PERSONAL DATA AND OTHER INFORMATION?

APPSeCONNECT is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:

Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.
Legal Requirements: APPSeCONNECT may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to

  • comply with a legal obligation;
  • protect and defend the rights or property of APPSeCONNECT;
  • act in urgent circumstances to protect the personal safety of users of the Services or the public; or
  • protect against legal liability.

___________________________________________________

WHAT IS OUR LEGAL BASIS FOR PROCESSING PERSONAL DATA?
If you are a visitor from the European Economic Area, our legal basis for collecting and using the Personal Data described above will depend on the Personal Data concerned and the specific context in which we collect it.

However, we will normally collect Personal Data from you only where we need the Personal Data to perform a contract with you, or where the processing is in our legitimate interests or rely upon your consent where we are legally required to do so and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect Personal Data from you or may otherwise need the Personal Data to protect your vital interests or those of another person.

If we ask you to provide Personal Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Data is mandatory or not (as well as of the possible consequences if you do not provide your Personal Data).

Similarly, if we collect and use your Personal Data in reliance on our legitimate interests (or those of any third-party), we will make clear to you at the relevant time what those legitimate interests are.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal data, please email us at legal@appseconnect.com.
___________________________________________________

HOW DO WE STORE AND SECURE YOUR PERSONAL DATA AND OTHER INFORMATION?
The APPSECONNECT website and Service has industry standard security measures in place to protect the loss, misuse, and alteration of the information under our control. While there is no such thing as “perfect security” on the Internet, we will take all reasonable steps to ensure the safety of your information. Additionally, you retain all rights of ownership to the data you have stored on the APPSECONNECT Service. We will not sell or share this data with any third parties or use this data to compete with you or advertise to your clients. Your privacy and the privacy of your clients are of utmost importance to us. Some general measures that we have taken for the security of your personal data are as follows:

  • Industry Standard 2048- bit SSL V3 certificate for our product website APPSeCONNECT;
  • Two-factor authentication when you log in to our product portal.
  • Code- Signing Certificate
  • AES – 256 is used to encrypt data at Rest.
  • Storage is secure by role-based access control
  • Client-side encryption over HTTPS or SMB 3.0.
  • Review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
  • Restricted access to personal information to APPSECONNECT agents/ employees/ partners/ contractors strictly based on the requirement to share your personal data in order to process and complete any transaction, contract, obligations, services while collecting such data; and all APPSECONNECT agents/ employees/ partners/ contractors are subject to strict confidentiality obligations. They may be disciplined, or their contract terminated if they fail to meet these obligations.
  • Obtain your specific consent to share your personal data in a different country other than India and your own economic zone for the specific purpose of performance of the contract, as it may require from time to time.
    ___________________________________________________

HOW LONG DO WE RETAIN YOUR DATA?
We will retain your information for as long as your account is active or as needed to provide you services, and additionally, 3 months upon the suspension/expiration of your subscription. However, we may retain and use your information as necessary to comply with our legal obligations, resolve disputes, use in legal claims, and enforce our agreements.
___________________________________________________

WHAT RIGHTS DO YOU HAVE?
The following rights correspond to the rights conferred upon data subjects, our visitors and licensees under the GDPR, PIPEDA, CCPA and various other data protection legislations across the world. If you are aware of any other right conferred upon you by your national/territorial legislations, with respect to us processing your data, and you do not see that here, kindly let us know by writing to us on legal@appseconnect.com.

Should you wish to exercise any of these rights herein, you may fill the Data Subject Access Request Form. Please note this section and the rights mentioned herein, only applies to the personal data and personally identifiable data of natural persons.

1. RIGHT TO ACCESS PERSONAL DATA
If you are a Customer / Partner/ an interested party, providing your personal data to APPSECONNECT through its Website, applications or social media connects, blogs, corporate events, etc.; such data being collected for specific purposes mentioned hereunder; you have the right to have access to your personal data provided to APPSECONNECT. Specifically you can make a request the following information about your personal data:

  • A copy of your personal data stored in our systems
  • The purpose for which we have stored and processed or continue to process your personal data
  • The categories of data that we are processing
  • The third parties (our subsidiaries, affiliates, partners etc.) who may receive your personal data
  • The categories of your personal data that is shared with the aforementioned third-parties

You can request the above-mentioned information regarding any collection/processing of your personal data, done by us in the past 12 months through the Data Subject Access Request Form.

2. RIGHT TO RECTIFY
Further, if you feel that any of the personal data stored with us is not accurate, you may raise a request to rectify such personal data, subject to verification of the such rectified data; other clauses of this Notice; without affecting the continuity of APPSECONNECT’s business.
3. RIGHT OF ERASURE/ OF DELETION/ TO BE FORGOTTEN
You have the right to contact us for deletion of your personal data, subject to other clauses of this Notice; without affecting continuity of APPSECONNECT’s business.
Thus, deleting the User does not delete business-specific organization-owned data created and contributed to; by the User including without limitation, knowledgebase articles, notes, forum topics/comments, support calls, surveys, canned responses, ticket templates, contacts, companies, tags, conversations in the tickets, comments or details provided on any third-party platform such as social media etc.
Notwithstanding the foregoing, we will retain Service Data that may include your personal data as necessary to comply with our legal obligations, for litigation/defense purposes, maintain accurate financial and other records, resolve disputes, and enforce our agreements.
4. RIGHT TO RESTRICT PROCESSING
You might want us to stop the processing of your personal data by us without erasing this data altogether, in the following cases:

  • You think your personal data in our records is not accurate and want us to restrict the processing until we verify the accuracy;
  • When the processing is unlawful, but you oppose the deletion of your personal data;
  • We no longer need to process your data, but you require its storage to establish, exercise or defend any legal claim;
  • You exercise your right to object to the processing of your personal data and we are yet to establish if our legitimate grounds for processing override your rights.

5. RIGHT TO OBJECT
If you feel our processing of your personal data is a mistake, you have the right to object to the same, upon which we shall verify whether our processing activity is aligned with the purposes and manner established under this Notice as well as applicable data protection and privacy laws.
When this objection is with respect to the use of your personal data for direct marketing purposes, your objection is absolute, and we shall delete all your personal data which is used for the purposes of direct marketing.
However, in all other matters, we may resume the use and processing of your data once we establish our legitimate interest in doing so.
6. SHARING PERSONAL DATA
You have full control over your personal data provided to APPSeCONNECT through various means. We share your personal data with your consent or as necessary to complete any transaction or provide any product/ services you have requested or authorized. We also share data with APPSeCONNECT Partners; with vendors working on our behalf with your consent; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of our products; and to protect the rights or property of APPSeCONNECT and its brand.
In the event APPSeCONNECT goes through a business transition, such as a merger or acquisition by another company; or sale of all or a portion of its assets, the Customer’s Account, all collected data, and Service Data that may include your personal data; will likely be among the assets transferred. A prominent notice will be displayed on our websites to inform you of any such change in ownership or control, and Customers will be notified via an email from support@appseconnect.com.
7. RIGHT OF PORTABILITY
You have the right to request a copy of your personal data stored on our records, in a usable electronic form. Should you wish to transmit your personal data stored with us, to another entity, you may request us to do so. However, we do not make any warranties regarding the accuracy, seamlessness and efficiency of this transmission or the storage and processing of your personal data by such other entities.
8. RIGHT TO APPEAL*
In case your grievances are not resolved within the stipulated time-frame under this Notice or such extended time-frame, as is intimated to you or you do not receive any intimation regarding the extension, you have the right to appeal to the Attorney General of the State of Virginia.
* This right is only available to the citizens in the State of Virginia, U.S.A
___________________________________________________

AMENDMENTS TO THIS NOTICE
Amendments to this Notice will be directly updated on this page and will be effective as may be notified. If we make any material changes, we will notify you by means of a notice on this Website 30 days prior to the change becoming effective and if you are our Licensee/ Partner, via e-mail (specified in your Account). Provided we will not be notifying you if we amend the Notice to make additions, deletions or modifications to the list of cookies from time to time to keep the list of cookies current and accurate. You should frequently visit this Notice to check for amendments. Your continued use of our Websites or the Service(s) following the posting of any amendment, modification, or change to this Notice shall constitute your acceptance of the amendments to this Notice. You can choose to discontinue use of the Websites or Service(s), if you do not accept the terms of this Notice, or any modified version of this Notice.
___________________________________________________

GRIEVANCES
If you face any difficulty in availing any of the data control features, need assistance with filling the DSAR form, have questions regarding this Notice, or have any other related grievances, you may reach to our
Privacy Grievance Officer:
Debdattaa Das
legal@appseconnect.com
___________________________________________________
This document was last updated on Oct 10th , 2022

we use cookies
We use cookies to personalize your experience. By continuing to visit this website you agree to our use of cookies.