CodeTwo Terms and Privacy
This is an outdated version of the document - the current version is available here.
We abide by the following principles while processing your data:
- we do not collect more information than it is necessary;
- we do not keep your data if it is no longer needed;
Once you decide to contact us or purchase a license for our software you will be asked to provide your personal details such as your full name, the name and characteristics of the organization that you represent, your contact details or billing details. Depending on the context, we will use this data either to communicate with you and prepare quotations or to provide our services to you and pursue other legitimate goals (e.g. inform you about updates and bug fixes) during the license term. You can find more information about how we process your data once you decide to contact us or become our client in the Contacting us and purchasing software section.
Most of our software solutions require installation in your on-premises IT infrastructure. This means that in majority of cases we will not have access to your organization’s data and this data will not be stored in our infrastructure. Only if you decide to use CodeTwo Email Signatures for Office 365, some of your organization’s data will be processed within our infrastructure (e.g. some Azure AD data including email addresses of your users). We may also temporarily process data which belongs to your organization if you want to use our technical support services and decide to share program and system logs with us. You can find more information about how we process data in the Our software section and in Terms and Conditions of Sales and Services.
You have a right to access your data, a right to have information about you corrected or deleted. If processing of your data is based on consent, you also have a right to withdraw it at any given time. Withdrawal of your consent will not influence the lawfulness of processing based on this consent before its withdrawal. We will not use your data for the purposes of automated decision-making or profiling. You can find more information about your rights in the What are your rights?section.
What information do we collect and when?
Our websites and cookies
- to collect anonymous and aggregated statistical data about users’ visits on our website. We use this data to analyze how our website is used and to improve it using Google Analytics and/or other web traffic analytics tools.
- to advertise our products online. We use tracking and remarketing cookies from Google AdWords, Google Analytics, Facebook Conversion Tracking and Facebook Custom Audiences to advertise our products online. We make use of all targeting features available in Google AdWords including: demographic and location targeting, remarketing, affinity audiences, custom affinity audiences, in-market audiences, similar audiences (learn more about cookies used in ads by Google and about cookies used by Facebook). You can customize Google Display Network advertisements using the Google Ads Settings or block it by installing Google Analytics opt-out browser add-on.
If you decide to post a comment on our blog you will be asked to provide your personal details such as your name and your email. You cannot post a comment without giving away this information about you.
Contacting us and purchasing software
Although you can use our website without giving away information about you, once you decide to contact us you will be asked to provide your personal details such as your name, the name and characteristics of the organization that you represent and your contact details. Depending on the type of your question, we will use this data to communicate with you, prepare quotations for you and answer any other questions that you may have. If you are not our client and decide not to become one, we will delete your data once your matter is solved and information about you is no longer needed.
In order to make a purchase, apart from your personal details and the details of your organization, you may also be asked to provide credit card and other billing information. This data is necessary for us to sell our software to you. Additionally, we will also record your IP address for the purposes of our license control system. We will process this data to perform the agreement concluded with you (i.e. to provide our products and services) and pursue other legitimate goals such as getting your feedback on our products and providing you with vital information about our products and services (e.g. updates, bug fixes, etc.) during the license agreement term. Once the license agreement expires (and you decide not to renew it), we will archive your data and process it solely to protect ourselves against any claims that may arise out of the agreement. We will delete your data after all such claims are time-barred according to relevant provisions of law.
You are not obliged to give us any of the information above, but if you decide not to give it to us or provide us with false or incorrect information we may be unable to respond to your message, to provide our services to you or to process your order.
If you apply for a job with us, we will collect, process and store the information you have sent us for recruitment-related purposes, such as contacting you or making you a job offer (if you make it through the selection process). We will process this data on the basis of provisions of the Polish Labour Code which allow collection and processing of personal data of job applicants. If you give us your consent to do so, we will process your personal data for a period of two years from the date that you submitted your documents to us in order to consider you for a different opportunity. Otherwise, we will delete your data right after the recruitment process ends. You can withdraw your consent at any time, but it will not affect the lawfulness of processing based on this consent before its withdrawal.
Unless you decide to use CodeTwo Email Signatures for Office 365, we will not store any personal data that you or your organization process using our software. In particular, we will not process this data within our infrastructure. This means that you will be the controller of your data and that we will not be the processor of such data. This is because most of our software is not cloud-based and requires installation in your on-premises IT infrastructure. It also means that it is your obligation to make sure that processing of personal data within this software is done in accordance with applicable privacy regulations, such as the GDPR.
Our software does not have any capabilities that would allow us to access your IT infrastructure at any time. If you ask us to do so, we may mutually agree to conduct a remote session using e.g. TeamViewer, Skype or other similar tools. You should make sure that you do not reveal any personal or other sensitive data to us during a remote session.
From time to time, if you request technical support from us, we may ask you to provide our technicians with software log files or system log files. You should make sure that you do not reveal any personal or other sensitive data to us when sharing the log files with us. In case it is impossible for you to remove personal data from the log files, we may get access to a limited scope of personal data that you control and process using our software (e.g. some email addresses of people within your organization) contained in the log files. We will use these log files to render technical support services to you and also to analyze performance of our products and improve them. We will delete the log files once issues that they document are fixed and they are no longer needed.
If you decide to use CodeTwo Email Signatures for Office 365 we will process personal data that you control within our infrastructure at a location of your choice. According to the GDPR, in such case we will be the processor of such data and you will remain the controller of the data. This data will encompass some of your Azure AD data and email addresses of users within your organization. We will process such data in accordance with the Personal Data Processing provisions contained in Terms and Conditions of Sales and Services. These Terms contain all of our representations and obligations as the data processor and – once accepted by you – constitute a Data Processing Agreement, as prescribed by art. 28 of the GDPR. Even in such case, however, our access policies make it impossible for us to physically access your data.
What are your rights?
Access to data
You have the right to access the information that we have on you. You can do this using this form.
We will make sure to provide you with a copy of the data we process about you. In order to comply with your request, we may ask you to give us some additional information that we will use to verify your identity. If you fail to provide such information and the information that you have already given to us is not sufficient to identify you, we may refuse to provide you with information.
We will fulfil your request by sending your copy electronically, unless the request expressly specifies a different method. For any subsequent access request, we may charge you with an administrative fee.
Erasure and rectification of data
If you believe that the information we have about you is incorrect, you are welcome to contact us so we can update it and keep your data accurate.
We will automatically delete information about you after it is no longer needed for the purposes it was collected. If at any point you wish for us to delete information about you, you can do this by contacting us using this form.
Withdrawal of consent
If processing of your data is based on consent, you have the right to withdraw your consent at any time. If you at any point wish to withdraw your consent, you can do this by contacting us using this form. Remember that withdrawal of consent will not affect the lawfulness of processing based on this consent before its withdrawal.
We do not use any information provided by you for the purposes of automated decision-making, including profiling.
Disclosure of your data
We guarantee that all your personal information is protected, and that we will not make this information available to third parties in cases different than those specified below, unless you give us a permission to do so or unless such disclosure is necessary to comply with a legal obligation that is imposed on us.
We will not disclose your data to any entities located in countries outside of the European Economic Area unless appropriate data protection standards are fulfilled.
We may share information that you provided us with while purchasing a license for our software with:
- payment processors, i.e. PayPal and Braintree, in order to be able to process and complete the payment process for your order;
- providers of services necessary to send transaction-related and product-related information via email and SMS to the extent that such disclosure is necessary to automate, simplify and analyze these processes;
- external accounting and bookkeeping services providers to the extent that such disclosure is necessary to have these services provided to us;
- our legal advisors to the extent that such disclosure is necessary to obtain legal advice or protect our rights in legal proceedings;
- governments and law enforcement authorities only if we are required to do so by law. We will always attempt to redirect the law enforcement agency or government to request any data directly from you. If compelled to disclose your data, we will promptly notify you and provide a copy of the demand.
We may share information obtained in connection with your use of CodeTwo Email Signatures for Office 365 only if required to do so by law or if necessary to protect our rights in legal proceedings.
How to contact us and seek additional help?
We hope that we will be able to answer all your questions and settle all disputes amicably. Nonetheless, if you think that your rights were not observed or that your privacy was harmed, you can always lodge a complaint with the Polish Data Protection Authority which supervises our operations.
CodeTwo is a limited partnership (CodeTwo sp. z o.o. sp. k.) established under the laws of the Republic of Poland. You can find our full contact details here.
Effective date: 2018-05-02