FinWorksERP Privacy Policy Last revised: January 01, 2019

The Privacy Policy applies to our Services available under the domain FinWorksERP.com (hereinafter referred to as the “Website”). When you use FinWorksERP web-based and mobile mobile application and FinWorksERP website you agree to this Privacy Policy and other policies. If you do not agree please do not use or access the website.Types of Personal Information

FinWorksERP collects personal information in support of its mission to help people see and understand their data. This personal information is collected through a variety of ways as part of our normal operation of Services. For example, we collect personal information through the registration and use of our software and mobile apps, whether downloaded or accessed through a cloud-based service. We also collect personal information when you use or visit FinWorksERP website or participate in a FinWorksERP community. We may receive your personal information if you are a FinWorksERP supplier or partner. We may also receive your information from third party partners. If you have other agreements with FinWorksERP, then those agreements control with regard to the subject matter they cover.

The type of information we collect will depend on your interactions with FinWorksERP. It may include:

Account and product registration and administration of your account
The FinWorksERP Services that you use
Requests or questions you submit to us via forms or email (e.g., support forms, sales forms, user research participation forms)
Your communications and dealings with us
Payment Information. Credit card number, banking information and billing address.
Usage and Geographic Data. FinWorksERP collects personal information related to your use of our products, services and websites so that we can analyse and improve.
Uploads or posts to the Services
Requests for customer support and technical assistance

Content

In using the Services, you may upload or input various types of content, including but not limited to: resource details, attachments, orders and customers details, driver names, coordinates, GPS tracking files and conversations (together, the “Content”). If you are using the Services in connection with an account created by an FinWorksERP Customer (e.g., employer, organization, or an individual), we collect and process the Content you submit on behalf of the Customer. As described more throughout this Policy, our Customers, and not FinWorksERP, determine their own policies regarding storage, access, modification, deletion, sharing, and retention of Content which may apply to your use of the Services. For example, a Customer may provide or remove access to the Services, enable or disable third party integrations, manage users and permissions, retention and export settings, transfer or assign drivers, or share content. Please check with the Customer about the policies and settings that they have instituted with respect the Content that you provide when using the Services.
We receive information from partners to help us find potential customers and enhance our Services with useful information. For example, information provided by our partners allows us to provide route optimization services, such as when we receive mapping and location information or spatial data analytics from Google Maps, Open Street Maps or Mapbox.

Ways we Use Personal Information

Client customers – We may receive personal data about you from one of our Client’s customers. We will only use this information for the purpose of providing our Services. For example, a recipient of a delivery may provide personal information about you when submitting a support ticket.

Development, improvement & testing
As a software developer we need to be able to continuously develop, improve, maintain and test our software products which we regard our own legitimate interest.

This typically includes:

Removal of bugs and other software faults or errors;
Development of new application updates, versions or functionalities (features);
General analysis of application;
Analysis of user trends within the application including general user profiling based on that;
Accuracy analysis GPS (location, speed, direction or other values);
Customer polls focused on improvement of the Services;
Customer feedback on design and user experience;

Testing on the production copies of partially anonymized data.

Your Rights

FinWorksERP acknowledges you have the right to access and change the Personal Information we collect and process. If you wish to access or to correct, amend, or delete Personal Information, please send us an email to: [email protected] and we will respond within a reasonable time frame, but in any event no later than permitted by applicable law.

Note to our Users in the EU:

We hereby inform you of the following rights (by virtue of EU law), in respect of your Personal Information:
• Right to access: you may have the right to request a review of your Personal Information held by FinWorksERP.
• Right to rectification: if the Personal Information processed by FinWorksERP is incorrect, incomplete or not processed in compliance with applicable law or this Privacy and Cookie Policy, you may have the right to have your Personal Information rectified.
• Right to erasure: under certain conditions, you may be entitled to require that FinWorksERP will delete or “block” your Personal Information (e.g. if the continued processing of those data is not justified).
• Right to Portability: you may have the right to transfer your Personal Information between data controllers (i.e. to transfer your Personal Information to another entity).
• Right to object to or withdraw consent: where that lawful basis for processing your Personal Information is either “public interest” or “legitimate interests”, those lawful bases are not absolute, and you may have a right to object to such processing. If the processing of your Personal Information is based on your consent, you have the right to withdraw your consent to such processing at any time.
• The right to restrict processing – under certain circumstances, you may have the right to object to the processing of your Personal Information due to your particular situation.
• Right to lodge a complaint: you have the right to lodge a complaint before the relevant data protection authority or supervisory authority.
To exercise these rights, where applicable, please contact us by sending an email to: [email protected]

Cookies and Web Beacon

Our websites may use various software technologies including “cookies,” “web beacons” and “pixel tags.” “Cookies” are small text files that we and others may place in visitors’ computer browsers to store their preferences. “Web beacons” or “Pixel tags” are small pieces of code placed on a web page or within the body of an email to monitor the behavior and collect data about the visitors viewing a web page or viewing or opening an email. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page. We may use web beacons on our websites from time to time for this and advertising purposes.

We partner with third parties who may place cookies on your browser when you visit our websites, may send their own cookies to your cookie file, and may use those cookies to track and collect information about you and your online activities over time and across different websites, devices, and applications and to provide targeted advertising based on your interests and previous browsing history.

Third party ad networks may automatically collect information about your visits to our websites and other websites, such as your IP address, your Internet service provider, and the browser you use to visit our websites. They do this using cookies, web beacons or other technologies. You can learn more about practices of many of these third parties by visiting the Digital Advertising Alliance (http://www.aboutads.info/choices/) in the USA or the European Digital Advertising Alliance (http://www.youronlinechoices.eu/) in Europe. This Privacy Policy does not apply to, and we are not responsible for, cookies or web beacons and other technologies in third party advertising. We encourage you to check the privacy policies of third party advertisers and/or ad services to learn about their use of cookies, web beacons and other technology.

GDPR

FinWorksERP’s Commitment to GDPR Compliance

The General Data Protection Regulation (“GDPR”) is a European law establishing protections for the personal data of EU residents that came into force on May 25, 2018. Under the GDPR, organizations that collect, maintain, use, or otherwise process EU residents’ personal data (regardless of the organization’s location) must implement certain privacy and security safeguards for that data. FinWorksERP has established a comprehensive GDPR compliance program and is committed to partnering with its customers and vendors on GDPR compliance efforts.

Some significant steps FinWorksERP has taken to align its practices with the GDPR include:

Revisions to our policies and contracts with our partners, vendors, and users Enhancements to our security practices and procedures
Closely reviewing and mapping the data we collect, use, and share
Creating more robust internal privacy and security documentation
Training employees on GDPR requirements and privacy/security best practices generally
Carefully evaluating and building a data subject rights’ policy and response process

Below, we provide additional details about the core areas of FinWorksERP’s GDPR compliance program and how customers can use FinWorksERP to support their own GDPR compliance initiatives.

Data Processing Agreements
Under the GDPR, “data controllers” (i.e. entities that determine the purposes and means of processing data) are required to enter into agreements with other entities that process data on their behalf (called “data processors”). FinWorksERP offers its customers who are controllers of EU personal data the option to enter into a robust data processing agreement under which FinWorksERP commits to process and safeguard personal data in accordance with GDPR requirements. This includes FinWorksERP’s commitment to process personal data consistent with the instructions of the data controller.

International Data Transfers
As with prior EU data protection laws, the GDPR requires organizations to use a recognized legal mechanism to transfer data from the EU to other countries that do not have a similar data protection framework, including the United States.

Data Access, Management, and Portability Tools
The GDPR gives individual data subjects in certain circumstances the rights to, among other things, access, delete, and make corrections to their data. FinWorksERP is committed to facilitating data subject requests consistent with the GDPR, as further described in our Privacy Policy.

Privacy Documentation
At its core, the GDPR is focused on transparency, fairness, and accountability. Accordingly, the law requires organizations to maintain documentation about their privacy practices and their decisions about how they handle individuals’ personal data. FinWorksERP shares the GDPR’s commitment to these principles, and has included within its ongoing GDPR compliance program documentation about its data collection and processing activities, and the various policies and guidelines it follows pursuant to the GDPR. You can learn more about how FinWorksERP collects, uses, and discloses personal data by visiting FinWorksERP’s Privacy Policy.

Data Security
The GDPR requires organizations to use appropriate technical and organizational measures to protect the security, confidentiality, and integrity of personal data. Security continues to be a priority for FinWorksERP: we implemented a variety of safeguards to protect the security of our platform, including encrypting web connections to protect data transmissions, replicating our databases to support reliability of the platform, and controlling access to our facilities and office network. FinWorksERP also offers customers the ability to use additional security controls to further enhance the security of their teams’ data.

Ongoing Compliance and Communication
The GDPR’s requirements are comprehensive, but the law and regulatory guidance will evolve. As data protection authorities in Europe interpret the GDPR’s requirements and issue guidance, we will continue to follow these developments closely and evaluate our program for any changes or enhancements as needed. We value communication with our customers. If you have any questions about our GDPR compliance efforts, or if you are a data controller customer with questions about how we can help support your own GDPR compliance efforts, please contact us at [email protected].

Read full text about GDPR here https://gdpr-info.eu/