(i) our Clients and their personnel (“Personnel”); and
(ii) the customers of our Clients ("End Customers"), and how we use, process, retain and transfer such Personal Data.
3. Our collection and receipt of Personal Data. We may receive or collect Personal Data in the following ways:
3.1. Client Account Set-Up and Account Use: As part of setting up and maintaining a Client account to use the Cloud Service we may collect certain Personal Data that a Client chooses to provide about its Personnel. Such Personal Data may include a user ID, name, email address, phone number, address, information about a Personnel’s skills and professional experience, and other Personal Data that the Client chooses to make available in connection with its, and its Personnel’s, use of the Cloud Service. In order to access and use the Cloud Service, a separate user name and password will be created for individual Personnel.
3.2. Location Based Services and Personnel: Some of our Cloud Service products (each a “Location Based Service”) are dependent on data related to the geographic location of the mobile device on which the Cloud Service is being used by Personnel. ("Location Data"). We use various technologies to determine location, such as global position system (GPS) signals, Wi-Fi access points, and cell tower ids. If you choose to use these Location Based Services, you consent to our use of Location Data. If you don’t want us to receive your Location Data, you should be able to use the settings on your mobile device to turn off location-sharing features. Please be aware though, that if you choose to turn off device location-sharing features, you may not be able to use our Location Based Service and your (and our Client’s) use of the Cloud Service may be negatively impacted. Please consult with your employer or organization before turning off any device-based location services.
3.3. Personnel Mobile Device Data: In addition to Location Data, we may collect other limited information from the mobile device of Personnel who are using our Cloud Service. Such information may include the Personnel’s user name, mobile device type, mobile device id, the date and time stamps of Cloud Service usage, and browser information.
3.4. End Customers: As part of providing our Cloud Service to a Client, we may collect certain Personal Data that a Client chooses to provide about its End Customers. Such information may include an End Customer’s name, email address, phone number, fax number, and other Personal Data that the Client chooses to make available in connection with its use of the Cloud Service.
3.5. Log Files: Our Cloud Service may make use of log files. The information inside the log files may include internet protocol (IP) addresses, application times taken to process Cloud Service user requests, Cloud Service user action details along with input parameters for debugging, Device IDs, public telephone numbers (PTNs), browser types, date/time stamps, referring/exit pages, clicked pages and any other information that a browser may send to us.
3.6. Cookies: The Cloud Service may utilize session "cookies" for authentication validation purposes. A "cookie" is a small text file that may be used, for example, to authenticate access to the Cloud Service. Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser. Please be aware that if you choose to block a cookie, your login attempt to the Cloud Service may be unsuccessful.
4. The Ways We Use Personal Data.
4.1. Personal Data Used to Administer the Cloud Services: We only use the Personal Data of a Client and its Personnel as necessary to provide the Cloud Service to the Client or to comply with any applicable law, regulation, legal process or governmental request. For example, we use Personal Data of a Client and its Personnel to
(i) contact the Client relating to the Cloud Service,
(ii) administer the Client’s account and settings, and
(iii) to identify and authenticate the Client's and its Personnel’s access to our Cloud Service.
4.2. Personal Data Processed on Behalf of Clients: We process Personal Data collected from the Cloud Service on behalf of our Clients and in accordance with our Clients’ lawful instructions. Although our Clients are responsible for determining the purposes and lawful basis for processing Personal Data through the Cloud Service, we offer a variety of tools to enable our Clients to minimize the impact of the Cloud Service on their Personnel’s and End Customers’ privacy. For example, we enable Client administrators to limit the amount of data (including Personal Data) collected and processed by various modules, including analytics and audit trail modules. As another example, we provide Clients with strict and granular access controls to limits access to Personal Data to only those with a need for such access. We strongly advise you to review notices provided by our Clients to determine how Clients process Personal Data using the Cloud Service.
5. The Ways We Disclose Personal Data.
5.4. Other Disclosures: We may disclose your Personal Data or any information that is submitted to us via the Cloud Service if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to:
(i) comply with any applicable law, regulation, legal process or governmental request;
(ii) enforce our Cloud Service Agreement, including investigations of potential violations thereof;
(iii) detect, prevent, or otherwise address fraud or security issues; or
(iv) protect against harm to the rights, property or safety of ClickSoftware, our users, or the public.
6. Anonymous Information. We may use Anonymous Information (defined below) or disclose it to third party service providers, to provide, improve and develop our Cloud Service, including to analyze trends and gather demographic information. "Anonymous Information" means information which does not enable identification of an individual user, such as aggregated information, about use of the Cloud Service.
7. Push notifications. If you access the Cloud Service while using your mobile device, you may receive push notifications from ClickSoftware or your employer/organization. If you don’t want to receive push notifications, you should be able to use the settings on your mobile device to turn off push notifications for a specific mobile application. Please be aware though, that if you choose to turn off push notifications, your (and our Client’s) use of the Cloud Service may be negatively impacted. Please consult with your employer or organization before turning off push notifications.
8. Your Rights
8.1. Clients. As a controller of the Personal Data of our Clients, we take steps to help ensure that our Clients are able to exercise their rights regarding Personal Data in accordance with applicable law. Our Clients may log into their Cloud Service account and use the Cloud Service tools to access or correct a material inaccuracy in certain Personal Data that we may be storing. If a Client would like to access, amend, delete, export, or object to or restrict the processing of any other Personal Data that we may be storing, the Client may submit a request to firstname.lastname@example.org. The email should include adequate details of the request. We will promptly review all such requests in accordance with applicable laws.
8.2. End Customers and Personnel. We process Personal Data of our Clients’ End Customers and Personnel on behalf of our Clients and in accordance with their instructions. Thus, if End Customers or Personnel would like to exercise their rights concerning Personal Data processed through our Cloud Service, such individuals should reach out to the Client who collected the Personal Data directly. If you need help contacting one of our Clients, please let us know and we are happy to help connect you if we can.
8.3. Right to Contact Supervisory Authority. Depending on where you live, you may have a right to lodge a complaint with a supervisory authority or other regulatory agency if you believe that we, our Clients, or a third party have violated any of the rights concerning Personal Data about you. We encourage you to first reach out to us at email@example.com, so we have an opportunity to address your concerns directly before you do so.
9. Links to Other Sites and Third Party Advertisements. Third party advertisements may appear on some pages of the Cloud Service, for example on the Cloud Service account log-in page. Such third party advertisements, and other parts of the Cloud Service (for example, the Cloud Service account log-in page) may also contain links to third party websites and services that are not owned or controlled by ClickSoftware. We are not responsible for the privacy practices or the content of third party websites, services and advertisements, and you visit them at your own risk.
11. Security. The security of Personal Data is important to us. We follow generally accepted industry standards to protect the Personal Data submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect Personal Data, we cannot guarantee its absolute security. Additional information about our Cloud Service security practices is available at: https://www.clicksoftware.com/cloud-service-security/.
12. Retention: We may retain any Personal Data and other Cloud Service-related data in order to:
(ii) to comply with applicable law. Our specific retention practices vary depending on the type of data. For example, we retain location data only for 30 days, analytics data for three months (unless Clients set a different retention policy), audit trail data for one year, and pseudonymized data, which is used for our predictive field services, for five years in keeping with predictive best practices.
13. Children's Privacy. Our Cloud Service is not structured to attract children under the age of 18. Accordingly, we do not intend to collect Personal Data from anyone we know to be under 18 years of age.
14. How We Respond to Do Not Track Signals. ClickSoftware does not track Cloud Service users over time and across third party websites to provide targeted advertising. Accordingly, we do not currently respond or take any action with respect to web browser "do not track" signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personal information about an individual consumer's online activities over time and across third party web sites or online services.