Issufy provides a web-based platform (the “Service”) offering an industry standard platform to assist and connect users who have Issufy accounts (“Users”) to share information, such as Feedback, Demand, Notes, Meeting Status, and Documentation (“Content”, “Data”) whilst providing real time analytics on this Content.
Users can access the Service through our website located at https://app.issufy.com, https://issufy.com and https://private.issufy.com (“Website”) on Devices. A “Device” is any computer used to access the Website, including without limitations, a desktop, laptop, mobile phone, and tablet.
- What information we collect about you and why
- How we use the information we collect
- How we share the information we collect
- How we transfer information we collect internationally
- How we store and secure information we collect
- How to access and control your information and privacy
- Other important privacy information
The policy applies to all Users and their Personal Data, Content and other information collected by us through use of the Platform.
Where we provide the Services under contract with an organisation (for example your employer) that organisation controls the information processed by the Services. For more information, please see Notice to End Users below.
WHAT INFORMATION WE COLLECT ABOUT YOU AND WHY
We collect information about you that alone or in combination with other information could begfgf ggfdsy used to identify you (“Personal Data”). You provide this information directly to us, or when use our Services or when other sources provide it to us, as further described below.
A. Information you provide directly to us:
Account and Profile Information: In order to use the Service, we have to collect Personal Data from you when you register as a User. This includes your First Name, Last Name, Email Address, Full Institution Name, Country of Registration, Role and Password. You have the option of adding further information as part of your Profile such as Contact Number, Address, City, Postcode and Other Information. Your First Name, Last Name, Email Address and Contact Number will be considered as your“Contact Information”.
Support channels: We provide customer support to assist you with any problem you may experience with the Service. All our support channels will request you to submit Personal Data such as your Contact Information, a summary of the problem you are experiencing or any possibly any documentation such as screenshots that would be helpful in resolving the issue. If you request a demonstration of the Service as well, we will request you to submit Personal Data.
B. Information provided through use of the Service:
We collect and store Content that you send, receive and save whilst using the Service. Examples of Content we collect and store, but are not limited to, include: deals you have participated in, feedback/demand submitted, allocations received, documentation downloaded, uploaded and shared to the Service.
C. Information we collect from other sources
Administrator: An authorised person within your organisation (“Administrator”) may provide your Personal Data or Contact Information when they designate you as technical/business/legal contact for your company’s account, or when they request for you to be onboarded to the Service.
Other Service Users: We may receive Personal Data about you through other Service Users, from third-party services, and from our business partners. Other Service Users may provide information about you when they submit Content through the Service. For example, we receive your email address, full name, role, the name and country of registration of your institution from other Service Users when they provide it to us in order to invite you to the Service.
D. Information collected automatically when using the Service
Log Data: When you use the Service, we automatically record information from your Devices, its software, and your activity using the Service. Through your device we collect information about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We collect this information in order to run analytics on the types of usage of the Service and form internal statistics to be able to continue improving the Website and Users experience, for example number of views by device.
If you are a User who views Content you receive from another User via the Service, we automatically collect information about your interaction with such Content and our Service.
The information we collect includes:
- Whether or not you have viewed the Content
- Date and time you viewed the Content
- Length of time the Content was viewed – ONLY FOR PDF DOCUMENTS
- Your IP address and location; and
- Which portions of the Content were viewed.
HOW WE USE INFORMATION WE COLLECT ABOUT YOU
We use your Personal Data we collect for specific purposes as outlined below.
A. To provide the Services.
We use information about you to provide the Services to you. This includes the ability to authenticate you when logging in (email address and password), allowing you to engage with other Users of the Service and vice versa, and verifying you have the permissions to process specific requests within the Service. We also process Personal Data relating to Users and your Content on your behalf for the purpose of providing the Service and to provide our Users with reporting and analytics relating to your interaction with your Content and our Service.
B. For Legitimate Business Interests.
We use information relating to your use and interaction with the Service, including information that we receive through cookies and similar technologies, for certain legitimate business interests, which may include:
- support the Service
- to verify Users have the authorisation needed to process their requests
- to conduct analytics on industry trends and usage
- for internal business/technical operations, including troubleshooting, data analysis, testing, and preventing misuses of the Service.
We will use your Contact Information to send you information associated with the transactions/deals you are participating in via email and within the Services. Such communications include emails with your login details, email notifications for when other Users send you Content or interact with you, and email notifications for when you submit Content to other Users or interact with them. We will use your contact information to provide customer support, informing you of any important changes to the Services or Website, and issuing administrative messages. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find that option within the communication itself or in your account settings.
D. Customer Support
In order to fulfil our customer support abilities, we will use your contact information to respond to your requests for assistance and to help resolve technical issues you may encounter.
E. To protect our legitimate business interests and legal rights.
Where required by law or where we believe it is necessary to protect our legal rights and obligations, for example under MiFID II, we use information about you in connection with compliance, regulatory, and audit functions.
F. Legal bases for processing (for European Economic Area Users)
If you are an individual in the European Economic Area, we collect and process Personal Data about you only where we have legal bases for doing so under applicable EU Laws. The legal bases depend on the Personal Data concerned and the specific context in which we collect it.
This means we will only collect and use your Personal Data only where (a) we need it to provide the Service to you, which includes providing customer support and protecting the security and integrity of the Service, (b) to protect our legal rights, (c) ) it satisfies a legitimate interest, (d) to comply with legal obligations, or (e) you have given us consent to do so for a specific purpose.
HOW WE TRANSFER INFORMATION WE COLLECT INTERNATIONALLY
We collect information globally and store that information in Ireland. Whenever we transfer your Personal Data and other information, we take steps to protect it.
A. International Transfers
We are UK based company, therefore all Personal Data we process is protected by European data protection standards. If ever there is a need for us to send Personal Data internationally, we will ensure that it is covered by the same high standards.
We may decide to use the services of third-party service providers based outside the European Economic Area (EEA). This may involve the need for them to access your Personal Data. Whenever your Personal Data is transferred out of the EEA, we ensure a similar degree of protection is afforded to it by implementing at least one of the following safeguards:
- Personal Data will only be transferred to countries that are deemed to provide an adequate level of protection for Personal Data by the European Commission.
- We may make use of standard contractual data protection clauses, which have been approved by the European Commission.
- Where we use service providers based in the US, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protection to Personal Data shared between Europe and the US.
HOW WE STORE AND SECURE INFORMATION WE COLLECT
A. Information storage
We use data hosting service provider Amazon Web Services (“AWS”) in Ireland to host your Personal Data and all information you share and receive on the Service (“Account Information”), such as any content you provided in any deals you participated in the information we collect. We use Amazon’s S3 storage service which we use to store your Personal Data and your Content. You can find more information on Amazon’s data security from the S3 site http://aws.amazon.com/s3/faqs/ and https://aws.amazon.com/security/.
B. Retention Time
We will retain your Account Information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain your Account Information as necessary to comply with our legal or regulatory obligations, to resolve disputes or to enforce our agreements. After a reasonable amount of time, we will archive your account and securely store your Account Information away from any further use until deletion is possible.
Information security is of great important to Issufy limited and to protect your Account Information we have put in place suitable physical, electronic and managerial procedures to safeguard its collection via this Service. Issufy Limited has received internationally recognised security certifications for ISO 27001 (information security management system). However, transmission of Account Information via electronic methods (e.g. Internet) is not impenetrable and hence we cannot absolutely guarantee that, during transmission, it is safe from intrusion by others.
HOW TO ACCESS AND CONTROL YOUR INFORMATION AND PRIVACY
A. Requests, Choices and Data Portability
You have the right to request a copy of your Personal Data that you have consented to give us or that was provided to us as necessary in connection to our contract with you. We will provide this in a structured, electronic format. If you require additional copies of this, we may need to charge a reasonable fee.
Your request and choices in certain cases may be limited e.g. asking to delete Personal Data which we, or your organisation are permitted by law or have compelling legitimate interests to keep; or requesting information that would reveal Personal Data about another User. Some requests where the Services are administered for you by an Administrator, you may need to contact your Administrator first. Where you have asked us to share your Personal Data with third parties, you will need to contact those third parties directly for any requests. For all other requests, you may contact us.
B. Access and Updating your information
If you are a User, you may review, update and edit any of your Personal Data provided in your profile by clicking on your “Profile”.
C. Deactivate Account
If you no longer want to use our Service, you or your Administrator may be able to request us to deactivate your account. Please be aware that deactivating your account does not delete any of your Personal Data. Any information you shared whilst using the service and your Personal Data will remain visible to other Service Users.
D. Deleting Information
Within our services we provide the ability to delete Content you may have shared whilst using the Service. To delete your account or any Personal Data please contact us at email@example.com. We will aim to respond to such requests within a reasonable amount of time. Please note, however, that we may need to retain certain information for record keeping purposes or to comply with our legal and regulatory obligations.
E. Restrict and Object to Processing
You may ask us to restrict the processing of your Personal Data in certain circumstances such as if you contest the accuracy of the information. We will tell you before we lift any restriction on processing. You may also ask us at any time to stop processing your Personal Data unless we demonstrate a compelling legitimate ground for continuing to process it.
F. Withdraw Consent
Wherever you gave us consent to use your Personal Data for a limited purpose, you can contact us to withdraw that consent, however note that this will not affect any processing of that Personal Data that has already taken place.
G. Opt out of communications
In most cases you are unable to opt out of communications as they are part of the Services. If an opt out is available, you will find that option within the communication itself or in your account settings.
H. Turn off Cookie Controls
Relevant browser-based cookie controls are described in our Cookies Policy
You have the right to report any concerns about our privacy practices to the data protection authority that is authorised to hear those concerns.
OTHER IMPORTANT PRIVACY INFORMATION
A. Notice to End Users
Our service is primarily intended for use by organisations. Where the Service is made available to you through an organisation (e.g. your employer), the appointed Administrator of the Service for that organisation is likely to be responsible for your accounts. Please direct your privacy questions to your Administrator in the first instance, as your use of the Service may be subject to that organisations policies. We are not responsible for the privacy or security practices of an Administrator’s organisation, which may be different that this policy.
B. Age Limitations
To the extent prohibited by applicable law, Issufy Limited does not allow use of our Service and Website by anyone younger than 16 years old. If you learn that anyone younger than 16 has unlawfully provided us with Personal Data, please contact us and we will take steps to delete such information.
D. Contact Us
If you have any questions or concerns about how your Personal Data or other information is handled, please write to us at firstname.lastname@example.org or at
88 Wood Street
+44 208 528 1819