1. Introduction
This privacy statement explains the reason for the processing, the way we collect, handle and ensure protection of all personal data provided, how that information is used and what rights you may exercise in relation to your data (the right to access, rectify, block etc.).
ProcessManager is committed to protecting and respecting your privacy.
This privacy statement concerns processing the data necessary for the proper functioning of the ProcessManager Cloud Solution (the System). The System has been created by ProcessManager ApS to offer a visual and easy-to-use cloud based management system for customers aiming for an ISO certification. With the System one can describe all company processes, so that they are accessible to employees and stakeholders, as well as covering the requirements of a selected ISO standard.
2. Why do we process your data?
Purpose of the processing operation:
Operational staff in charge of the practical organisation of the functioning of the System, collects and uses your personal information with the sole purpose to support and contribute to the customers use of the System.
Lawfulness of the processing operation:
The data processing is considered lawful because it is necessary for the performance of tasks carried out according to instructions given to us by you as a customer.
3. Which data do we collect and process?
The System is intended and designed to handle the following personal data of persons who are registered users of the ProcessManager system.
- Names of natural persons,
- Email addresses of natural persons
No other forms of personal data than specified above may be registered.
Personal data registered outside the user management must be found, managed and deleted manually by the data controller, there are no aids for e.g. automatic deletion and updating.
It is the sole responsibility for the customer to handle personal data in the System in an appropriate and legal way.
4. How long do we keep your data?
Data is kept and secured in the System until 90 days after termination of subscription to the System by the customer. After that the customer System data will be permanently deleted.
It is the customers responsibility that personal data (i.e. user accounts) in the system is only kept for the time necessary to fulfil the purpose of collection or further processing. It is also the customers responsibility to react on an explicit request for removal of data from the System.
5. How do we protect your data?
All data in electronic format (the System itself and uploaded documents) are stored on servers within the European Union, and encrypted in transit and at rest.
In case of any sub-processors used they are obliged to handle data on behalf of ProcessManager they have to put in place appropriate technical and organisational measures to ensure the level of security.
6. Who has access to your data and to whom is it disclosed?
Access to your data is provided to authorised staff specified below according to the “need to know” principle. Such staff abide by statutory, and when required, additional confidentiality agreements:
- Management C-level.
- Engineering staff for maintenance.
- Consultants working on the customers behalf on the System in question.
7. What are your rights and how can you exercise them?
According to GDPR, you are entitled to access your personal data and rectify, block or delete it in case the data is inaccurate or incomplete. You can exercise your rights by contacting the data controller i.e. the customer management or its representative.
8. Contact information
If, as an end user, you want your account deleted you should first contact the data controller, i.e. the organization that has added you to their ProcessManager tenant, and ask them to remove your account. If you are not able to contact them, you can contact the data processor, i.e. ProcessManager Aps, by the following contact information:
Our contact page: https://process-manager.dk#kontakt
Our email: info@process-manager.dk
Our address:
ProcessManager ApS
Njalsgade 76, 4
DK-2300 Copenhagen S
Denmark