CPA Global Hosted IP Management Services Privacy Notice
This Privacy Notice sets out the basis on which your personal data will be processed by CPA Global, the data processor of your personal data under the compliance requirements of the Jersey Data Protection Laws (the “Act”). Please also note that this Privacy Notice complies with the provisions of all applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679. Please read the following carefully to understand our views and practices regarding your personal data and how it will be treated by us.
Personal Information CPA Global Processes
In the normal course of using the Service, Customers will input electronic data into the CPA Global’s systems (“Customer Data”). The use of information collected through our service shall be limited to the purpose of providing the service for which the Customer has engaged CPA Global. CPA Global may access Customer Data for the purposes of providing the Service preventing or addressing service or technical problems, responding to support issues, responding to Customer’s instructions or as may be required by law, in accordance with the relevant agreement between Customer and CPA Global.
CPA Global processes Customer Data under the direction of its Customers, and has no direct control or ownership of the personal data it processes. Customers are responsible for complying with any regulations or laws that require providing notice, disclosure and/or obtaining consent prior to transferring the data to CPA Global for processing purposes.
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his or her query to CPA Global’s Customer (the data controller). If the Customer requests CPA Global to remove the personal data to comply with data protection regulations, CPA Global will respond to their request within 30 business days.
CPA Global will refer any request for disclosure of personal data by a law enforcement authority to the Customer. CPA Global may, where it concludes that it is legally obligated to do so, disclose personal data to law enforcement or other government authorities. CPA Global will notify Customer of such request unless prohibited by law.
Accessing the Service
Customers and their authorized users may access the Service directly through a URL unique to their individual tenant, or may elect to use internal launch pages for single sign on or other purposes. Customers input information for processing and storage as they use the Service. Customers may also configure the Service to allow end users to input information directly into the Service.
Uses and Data Retention
The personal information we process ensures you can use our Services. Your information is retained for as long as it is needed to fulfil the purposes mentioned above and helps us to constantly improve our services and provide you with an efficient experience. As part of this objective, we will use your information for the following purposes:
Unless otherwise specified, we retain information as long as it is necessary and relevant for us to achieve the purposes referred to above or to enable us to comply with our legal data protection retention obligations. You consent to our retention of your data for as long as permissible under applicable law – up to one year after you close your account or otherwise withdraw consent
CPA Global retains Customer Data according to the timeframes set forth in the relevant agreement with its Customers.
The security of Customer Data, including personal data, is very important to CPA Global. CPA Global maintains a comprehensive, written information security program that contains industry standard, administrative, technical, and physical safeguards designed to prevent unauthorized access to Customer Data. Where possible, CPA Global designs its applications to allow Customers to achieve differentiated configurations, enforce user access controls, and manage data categories that may be populated and/or made accessible on a country-by-country basis.
EU – U.S. and Swiss – U.S. Privacy Shield Statement
CPA Global complies with both the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States, respectively. CPA Global has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
CPA Global’s nominated representative responsible for overseeing the implementation of the privacy program in the organization is: Ms Lucy Archer, Chief Privacy Officer, email address: firstname.lastname@example.org