PRIVACY POLICY

Created:  March 19, 2020   |   Last Revised:  March 20, 2020

INTRODUCTION

At Glyphic Software, Inc. we are firmly committed to the privacy of our clients and their data.  This Privacy Policy applies to our clients’ private deployments of Glyphic Software services, which have no public internet addresses.  However, it may be superseded by more restrictive provisions in the client agreements.  This Privacy Policy does not apply to www.glyphicsoftware.com, our public-facing website.

What personal information do we collect?

We may collect, store, and use the following kinds of personal information about individual client organizations and users:

  • Information about the client’s computers and use of their private deployment of a Glyphic Software service. This may include browser type and version, operating system, length of visit, page views, and system navigation.
  • Information that the client provides to us in order to support upgrades to our services.

How we use personal information

We use the information we collect from clients in various ways, such as:

  • to provide, operate, and maintain our services;
  • to improve, personalize, and expand our services;
  • to understand and analyze how our services are used;
  • to develop new products, services, features, and functionalities;
  • to communicate with our clients to provide them with updates and other information relating to our services;
  • to process client transactions;
  • to keep our products secure and prevent fraud;
  • for compliance purposes or as it may be required by applicable laws and regulations, or requested by any judicial process or governmental agencies.

We will not, without a client’s express consent, share their personal information with any third parties for the purpose of direct marketing.

DATA RETENTION

About our clients

We retain the personal information we collect from our clients if we have an ongoing legitimate business need to do so. For example, to provide our clients with a service they have requested or to comply with applicable legal, tax, or accounting requirements.

If and when we have no ongoing legitimate business need to process personal information, we will either delete or anonymize it within 1 month after the legitimate business need has ended.

If this is not possible (e.g. because their personal information has been stored in our backup archives), then we securely store their personal information and isolate it from any further processing until deletion is possible.

How we share information

We may share the information we collect from our clients in various ways, including:

  • Aggregated Information. Where legally permissible, we may use and share information about clients with our partners in an aggregated or de-identified form that cannot reasonably be used to identify a client.
  • Business Transfers. Information may be disclosed and otherwise transferred to any potential acquirer, successor, or assignee as part of any proposed merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.
  • As Required By Law and Similar Disclosures. We may also share information to:

(i) satisfy any applicable law, regulation, legal process, or governmental request;

(ii) enforce this Privacy Policy, including investigation of potential violations hereof;

(iii) detect, prevent, or otherwise address fraud, security, or technical issues;

(iv) respond to a client’s requests; or

(v) protect our rights, property or safety, our clients, and the public

This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.

  • With our Client’s Consent. We may share information with our client’s consent.

Vendors and service providers and sub-processors

All our vendors and service providers are GDPR compliant. While we do not disclose the full list of the vendors online, the sub-processors fall into the following categories:

  • Server hosting providers
  • Application analytics software

A full list of our sub-processors can be requested by email at help@glyphicsoftware.com.

Legal basis for processing personal information

Our legal basis for collecting and using the personal information described above will depend on the personal information shared and the specific context in which we collect it.

However, we normally collect personal information only:

  • when we need the personal information to perform a contract with the client
  • in case the processing is in our legitimate interests and not overridden by the client’s rights or
  • when we have the client’s consent to do so
  • when we have a legitimate interest in operating our services and communicating with the client as necessary to provide these services. For example, when responding to a client’s queries, when asking the client how to improve our platform, or for the purposes of detecting or preventing illegal activities.

Disclosures

We may disclose a client’s personal information to our employees, officers, agents, suppliers, or subcontractors insofar as reasonably necessary for the purposes set out in this Privacy Policy.

In addition, we may disclose a client’s personal information:

  • to the extent that we are required to do so by law
  • in connection with any ongoing or prospective legal proceedings
  • in order to establish, exercise, or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk)
  • to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling

We do not provide our client’s information to third parties, except as designated in this Privacy Policy.

Policy amendments

We may update this Privacy Policy from time to time by posting a new version on our website.