Privacy Policy
Your privacy is important to us at Sevently. We respect your privacy regarding any information we may collect from you across our website.Document Interpretation
This Privacy Policy (referred to as the "Policy") is designed to provide clarity and transparency regarding the use of personal data for individuals who are concerned about their privacy. Through this Policy, we aim to inform you ("You" or "Your") about your rights and our practices concerning the processing of your personal data. When we use the terms "We," "Us," or "Our" in this Policy, we are referring to SIA "Rox", a limited liability company established under the laws of Latvia. It's important to note that unless specified otherwise, we act as the data controller for your personal data. For the purpose of this Policy, the term "Solution" encompasses (i) the specified version of Sevently's delivery as agreed upon in an order form. This Solution is accessible solely to authorized users. (ii) Sevently's open access web services, such as the Sevently's webpages. We encourage you to read this Policy attentively to gain a comprehensive understanding of how we collect, use, safeguard, and manage Your personal data.Personal data
Personal data refers to information pertaining to an identifiable natural person, whether directly or indirectly, by referencing an identification number or specific factors related to their physical, physiological, mental, economic, cultural, or social identity. It's important to note that this Policy excludes aggregated data, which cannot identify individuals. We reserve the right to utilize aggregated data as we see fit.Data collection
We gather personal data when you express interest in our Solution, sign up for a newsletter, participate in a survey or marketing communication, utilize specific features on our website, complete a form, or provide information through our website.Collection purpose
Analysis: Utilizing aggregated and anonymized personal data for statistical analysis to enhance our Solution's performance.
Identity Confirmation: Verifying your identity and background using your provided contact information.
Dispute Resolution: Handling disputes and offering assistance when needed.
Inquiries: Responding to requests or inquiries about our Solution, such as support requests submitted via our website.
Marketing (if consented): If you've consented to receive newsletters, we may use your personal data to provide information on product updates, offers, and news.
Notifications: Managing surveys related to your use of the Solution and sending service or operational messages like updates, security alerts, and account alerts.
Recruitment: Processing personal data as part of our recruitment efforts.
Sales: Processing personal data to follow up on internal sales leads.
Threat Detection: Identifying and preventing fraud, spam, abuse, technical issues, security incidents, and other harmful activities.
Data processing
We may process various types of personal data about you, which may include, but are not limited to: Communication details, Date of birth, Device information, Email address, Name, Telephone number, Information accessed and requested from us, Information about the use of the Solution, Unique identifiers such as IP addresses and UUID (unique ID associated with the phone number)
Legal Basis for Processing
Unless stated otherwise below, the legal basis for our processing activities is to enter into or fulfill an agreement with you or your employer, as per Article 6(1)(b) of the GDPR. The legal basis for fulfilling our legal obligations is outlined in Article 6(1)(c) of the GDPR. For processing activities related to (a), (c), (h), and (i), our legal basis is our legitimate interestsin enhancing our Solution, protecting our legal rights, conducting sales efforts, and monitoring or improving our website or security posture, in accordance with Article 6(1)(f). We have assessed that any inconvenience caused to you by such processing is minimal and does not outweigh our interests. If you disagree, please inform us by contacting us as described in Clause 14. For processing operations described in Clause 4.1 (b), (d), (e), (g), your consent serves as our legal basis, as per Article 6(1)(a) of the GDPR. We consider any provision of personal data through contact forms or requests/inquiries by email as valid consent unless indicated otherwise. You have the right to withdraw your consent at any time by contacting us as specified in Clause 14.
Subject rights
As a data subject, you possess the following rights:
- Data Portability: You can request to obtain the personal data you've provided to us or have it transferred to a third party in a structured, commonly used, and machine-readable format.
- Erasure: You may demand that we erase all of your personal data, unless we are required by law to retain the data for a certain period.
- Information: You have the entitlement to receive information about the categories of your personal data that we process and how they are processed.
- Objection: You can object to our use of your personal data for direct marketing purposes, including profiling for such purposes. You also have the right to object to being subjected to decisions based solely on automated processing, including profiling, which significantly affects you legally.
- Rectification: You may require your personal data to be rectified or supplemented.
- Restriction: You have the right to request that we restrict the processing of your personal data.
Data retention
We retain your personal data only for the duration necessary for the purposes it was collected or until you choose to delete it yourself. The retention period for personal data varies depending on its category and nature.
Once your personal data is no longer needed for our purposes, we have established procedures to securely destroy, delete, erase, or anonymize it.
Third parties
We may disclose your personal data to various entities, including governmental authorities, entities within our group of companies, and service providers such as business support providers, accounting and translation services, database management, legal or financial advisors.
Additionally, we may share aggregated and anonymized data with third parties, which cannot identify you as an individual but is still considered personal data. We ensure that our service providers use your personal data solely for providing services to us and implement appropriate safeguards for its protection.
You acknowledge that we cooperate with government authorities and law enforcement officials to enforce and comply with applicable laws. Please note that there may be circumstances where the use and/or disclosure of personal data are justified, permitted, or required without your consent.
In cases where personal data may be transferred to another organization as part of a merger, financing, reorganization, or dissolution transaction involving us, we will do so only under an agreement restricting the collection, use, and disclosure of personal data to purposes related to the transaction. If another company acquires us or our business/assets, they will assume the rights and obligations regarding your personal data as outlined in this Policy.
Data security
Ensuring the security of your personal data is our top priority. Therefore, we strive to adhere to industry-standard practices and best practices to safeguard the data you submit to us. We employ and maintain reasonable measures for physical, procedural, and technical security to prevent any loss, misuse, unauthorized access, disclosure, or modification of your data.
Access to production environments and monitoring of your activities are restricted to a limited number of individuals with special access rights to these systems. These individuals are required to maintain the confidentiality of personal data. Our computer systems have limited access and are housed in facilities with physical security measures.
Your personal data is stored behind secured networks, and we utilize SSL encryption to securely encrypt, limit, and restrict access to it. All data at rest is encrypted, and any personal data undergoes double encryption with two keys at both the infrastructure and application levels.
Misuse of personal data by any of our employees is considered a serious offense, which may result in disciplinary action, including termination of employment. Similarly, if any individual or organization misuses personal data provided for the purpose of providing services to or for us, it will be treated as a serious issue, potentially leading to termination of any agreement between us and that individual or organization.
International border
Your Personal Data will only be processed in countries within the European Economic Area.
Contact
If you wish to exercise your rights regarding access, information, rectification, erasure, restriction, data portability, or the right to object to the processing of personal data, or if you have any questions, requests, or complaints regarding this Policy or our processing practices, please contact us at: [email protected].
We will thoroughly investigate all complaints, and if a complaint is found justified, we will take all reasonable steps to resolve the issue. You also have the right to file a complaint with the Data Protection Authority regarding our processing of your personal data. For information on how to contact the Data Authority, please visit their website.
To prevent fraudulent requests, we may require sufficient information to confirm that the individual making the request is authorized to do so.