Effective Date: December 28, 2019
CalemEAM's mission is to provide a top customer-satisfactory
CMMS/EAM solution. The mission is realized through our commitments to innovative
and quality products, and personalized customer care.
to provide our customers, their employees, and any affected data subjects
important information about the personal data we collect, receive, transfer,
and process in the course of providing our services as a cloud and on-premise Application
contact us in order to exercise your rights, in accordance with applicable law,
to: (1) access, correct, restrict, or delete your personal data; (2) object to
the processing of certain aspects of your personal data; and (3) ask any
questions you may have about our privacy practices. Please take note as well of those practices
and/or integral, to the performance of our Application Services. Where specifically noted below, exercising
your rights as described herein may affect our ability to continue performing Application
Services as requested.
reflect changes in our data processing practices and/or policies. We will post notices of all such changes on
our applicable websites and/or materials and the “Effective Date” noted above
Effective Date noted without any other notice or approval by you. In certain jurisdiction, applicable law may
require additional processes and procedures, in which case, revisions to this Data
Data Controller; Data Processor
purposes of the European Union General Data Protection Regulation (the “GDPR”),
CalemEAM Inc. is the data controller (the “Data
Controller”) for the processing of all Personal Data, except for “Website
Information”, as set forth herein. With
respect to personal data included in Website Information, our customer, the
website operator, is the “data controller” and we process Website Information
solely as the data processor on behalf of such website operator.
may contact us as follows:
States of America
Personal Data & Special Categories of Data
the purpose of providing Application Services, we collect the types of personal
information described below about you (as further detailed below, “Personal
Information – We
collect personal contact information about Account Owner and, where relevant,
alternate contacts for Technical and Billing contacts (as described below),
including without limitation name, organizational affiliation (for Professional
Accounts), mailing address, phone numbers, and email addresses.
and Billing Information
– We process payment information through a third-party service provider called
a secure payment processor. Anytime you
are asked to provide payment card information for payment to CalemEAM, you are actually entering your payment card information
directly to our payment processor’s systems.
We do not collect, store or otherwise process your payment card
information on our systems except for the limited, redacted information
described below. As of the Effective
Date first noted above, our secure payment processor is Modular Merchant. You should review information about Modular
Merchant’s data handling policies and terms of service, available from their
Information – We
collect certain account information about our Account Owners and other users
with whom we may interact, including without limitation: user name, password,
domain, Application Services subscriptions under a given account, the email address,
and history of correspondence between you and CalemEAM.
Information – We are in
the business of providing application services for our customers’ websites
(“Customer Websites”). Our customers are
the website operators and data controllers with respect to the respective
Customer Websites they choose to host with us, and with respect to such
Customer Websites and the data our customers and their website users transmit,
collect, store, and otherwise process through such Customer Websites, including
without limitation any personal data (“Website Information”), CalemEAM uses cloud services providers to host our
application services. Cloud service providers act as data processors for our
website operator/customers, processing such Website Information solely as necessary
to provide application services for Customer Websites. Cloud service providres
do not access or process Website Information for their own purposes or on
behalf of CalemEAM, other than to provide such application
services, and cloud service providers and CalemEAM do
not control, nor are we responsible or liable for, any act or omission by our
customers for Website Information processed through Customer Websites. Users should refer specifically to data
how the respective website operators of such Customer Websites process Website
Information, including personal data, and comply with applicable law.
is a cloud service
provider for CalemEAM. You should review information
about Linode’s data handling policies and terms of
service, available from their website (https://www.linode.com/privacy/).
Cloud is a cloud
service provider for CalemEAM for customers located
in China. You should review information about Alibaba Cloud’s data handling policies and terms of service,
available from their website (https://www.alibabacloud.com/trust-center).
Categories of Data – We
do not collect or otherwise process any special categories of data as defined
under the GDPR in a personally identifiable way. If any special categories of data are
collected or processed by our customers through Customer Websites, we do not
control, nor are we responsible or liable for, any act or omission by our
customers for any special category of data processed through Customer
Websites. Users of Customer Websites
Customer Websites for information about how the respective website operators of
such Customer Websites process any special categories of data, and comply with
How We Obtain Personal Data
– We collect Personal Data from data subjects or from Account Owners through CalemEAM websites, and other information you provide
directly to us, including by email or in conversation with our staff.
Personal Data Processing and Data Retention – We use Personal Data that we collect
hereunder as necessary to provide Application Services. Subject always to your rights as set
forth in Section 9 below:
Accounts – In order for
you to use CalemEAM Application Services, we require
you to provide Owner Account through CalemEAM
websites, or emails. During the
signup process, you will be required to provide personal contact information as
follows: User name and password (for online store registration), Name,
Organization, Physical Address, Phone Number and Email Address (“Account
Information”). Your login
information is necessary to protect your vital interests as it enables you to
secure your own Owner Account and establish your identity with CalemEAM for purposes of transactions in the course of using
our Application Services. Your
Account Information is necessary for the performance of Application Services as
we use Account Information to contact you regarding your Owner Account, contact
you regarding Application Services, issue notices and alerts about the status
of the Application Services, billing, invoices, collections, etc.
and Billing – As
noted above, your payment card information is actually collected, stored and
processed primarily by our secure payment processor, subject to the terms and
for our own administrative, accounting, and business needs including billing,
invoicing, internal accounting and record-keeping requirements as well as other
related administrative and business purposes.
Certain processing is undertaken as necessary to complete a contract for
services (collecting payments, making payments for authorized transactions,
payment for services rendered, etc.). In other instances, our processing of
Personal Data as described in this paragraph is required for us to fulfill
legal obligations to which we are subject (e.g., record keeping mandated by
Notices – We send
service-related notices, alerts and other messages to the email address(es)
indicated in your Owner Account regarding account registration, account set up,
billing and other service related communications. We use your Personal Data to send you
such service-related messages as a necessary, and integral, part of our Applicatiton Services.
and Customer Service –
When you contact us for technical support or customer service, we will process
Personal Data that you provide at such time to associate you with the Application
Services that is the subject of your request and the Owner Account that is
associated with such Application Service.
Such Personal Data includes email address, and name. You may contact us and provide
Personal Data for such technical support and/or customer service by email,
phone call, self-serve online support portals through websites operated by, or
on behalf of, CalemEAM. We use such Personal Data as
necessary to respond to your request and/or provide the requested technical
support and/or customer service, including without limitation communicating
with you, internal communications, maintaining a history of correspondence,
service tickets, outcomes, outstanding issues, etc. Our processing of Personal Data as
described in this Section is also in furtherance of legitimate interests,
including without limitation management reporting, quality assurance, reviewing
historical support issues and requests for support or customer service, and to
verify identity. We will process
Personal Data in furtherance of this legitimate interest only when that is not
overridden by your data protection rights under applicable law.
Helpdesk – We use a ticketing system hosted
at Linode (linode.com) to manage customer requests
and customer service communications and send customer support and customer
service messages to the email address(es) indicated in your Owner Account.
Security and Data Privacy Protection
– We monitor information on user activity within our system in order to protect
the security of our systems and the privacy of our customers, for example, blocking
unauthorized access of certain web site directories. Such information includes information
reported by your browser, Account Information when you login, and IP addresses
to better assist with service delivery and/or security. We process this data because it is
necessary to protect the vital interests of our customers, audience, users and
other visitors to our websites. Additionally,
we process this information to protect our legitimate interests of process
improvement, system security and protecting our customers, audience, users and
other visitors to our website in a manner that, given the limited nature of the
data processed as described above, is not overridden by the interests or
fundamental rights and freedoms of the data subjects.
7) Compliance with Legal Obligations – In addition to processing Personal
Data for the purposes of providing Application Services, we process Personal
Data collected hereunder and Website Information to comply with our own legal
and regulatory obligations. For example, we may process personal information to
comply with: applicable international sanctions, record keeping requirements,
and other legal and/or regulatory requirements.
Interests – We may also
use Personal Data collected hereunder in circumstances other than as expressly
described above in connection with the services we provide; provided, however
that any such additional processing may only occur when there is a legitimate
interest to do so that is not overridden by your data protection rights as
required by applicable law. The
types of processing/uses contemplated hereunder may include, without
limitation, for our own administrative and business needs (tracking time,
billing, invoicing, collection), and applicable workplace policies, and for
information technology purposes including without limitation trouble shooting,
business continuity, disaster recover, data backup and recovery.
Retention – We retain
Personal Data for a period of seven (7) years after account closure due to an
automated suspension process for nonpayment but credit card information is not
retained by our third-party processor after account closure. We may also retain
Personal Data for longer periods where there is a reasonable basis for
retaining such data, including without limitation in connection with the
establishment, exercise or defense of legal claims. We retain Application Services
information for a period of six (6) months after account closure.
5. Optional Data
Processing. In addition to processing Personal
Data in the ways set forth above for purposes related to the provision of Application
Services, you may also choose to allow us to use certain Personal Data as
detailed below. The types of
data processing described in this Section 6 are not necessary or integral to
the performance of Application Services and we will not use Personal Data for
such optional purposes except as expressly set forth in this Section 5;
1) Information Requested – If you request information about our
company, our respective products and services, or sign up for a free trial of CalemEAM, you may elect to provide personal contact
information such as your name, your email address, your phone number, your
company affiliation, and/or your mailing address. We may use your information to
respond to your request.
6. Onward Transfers –
Data We Share With Others.
We will not sell, share, transfer, disclose, rent, use, or distribute
Personal Data hereunder for purposes other than as set forth in this Privacy
Policy, unless required by law or as expressly authorized by a data controller
as described above.
– We provision your
email addresses and company information in QuickBooks Online to send invoices
for your subscription of CalemEAM Application
Services. You should review information
about Intuit’s data handling policies
and terms of service, available from their website (https://security.intuit.com/index.php/privacy).
Circumstances – In
addition to the disclosures set forth above, we will disclose Personal Data
about you: (1) if we are required to do so by law or legal process, (2) to law
enforcement authorities, judiciary or other government officials, (3) when we
believe disclosure is necessary or appropriate to prevent physical harm or
financial loss in connection with an investigation of suspected or actual
illegal activity; or (4) if necessary to protect the vital interests of any
7. Your Rights and
Options – If we receive
a demand from you with respect to your rights of access or rectification, we
will refer your demand to the applicable Data Controllers and assist such Data
Controllers, to provide you, where appropriate, with access to your Personal
Data and, as applicable, with the ability to review and correct inaccuracies,
delete Personal Data that is no longer necessary or relevant, receive a copy of
your Personal Data in a structured machine-readable format, and otherwise
fulfill your demands on the Data Controller(s) to the extent based on the
exercise of rights held by you under the GDPR.
If we receive a demand from
you with respect to your rights of erasure, restriction of processing and/or
right to object to processing, access or rectification, we will refer your
demand to the applicable Data Controllers and assist such Data Controllers to
respect your requests, where appropriate.
In the event that you inform us in writing that you wish to opt-out of
future processing of your Personal Data we will work with the applicable
Data Controllers to respect your request. Where we rely solely on your consent,
you may withdraw it at any time; subject to the limitations and disclosures set
forth above regard the effect such demands or withdrawals may have on our
ability to continue providing the Application
Services in the manner for which we have been engaged.
You may also object to
processing that is described above as being based on our legitimate interests
alone. In such instances, our business interests must be found to be compelling
and to not jeopardize your individual rights before further processing may continue.
In order to meet our obligations under applicable law, we may take reasonable steps to verify your identity before responding to demands as set forth in this Section 7.
8. Complaints, Concerns, Recourse
– If you have unresolved concerns about the processing of your Personal Data,
you may have the right to complain to a data protection authority where you
reside, where you work or where you believe there has been an infringement of
data protection laws, all in accordance with, and subject to, applicable local
Mechanism to Address Complaints
– In the event you believe CalemEAM has failed to
protect your privacy please immediately submit your concerns to our Privacy
Compliance team at: email@example.com Please provide details
regarding your concerns and include full contact information so we can respond
as quickly and completely as possible. If you are dissatisfied with the speed
or scope of our response you can seek further in-house review by following the
appeal procedures that will be provided to you. If, despite the appeal process,
you are still dissatisfied, then you may proceed through the Independent
Recourse Mechanism described below.
Recourse Mechanism – CalemEAM commits to resolve complaints about your privacy
and our collection or use of your personal information. European Union and
should first contact CalemEAM at: firstname.lastname@example.org.
9. Tracking and Traffic Data.
In addition to Personal Data
that we collect hereunder, we may, through our website, collect data generated
automatically by traffic our website (“Traffic Data”). Traffic Data may include, without
limitation, internet protocol address(es), operating system(s) and browser
specifics of your device, device characteristics, geographic (geo-location)
information, user ID(s), clickstream data, and specifics regarding your
interactions with (i.e., the path you take through) the website. Traffic Data may also include your
mobile device information (e.g., device model, operating system version, device
date and time, unique device identifiers, mobile network information) and how
you use the website. These types
of information do not generally identify or relate to you as an individual; however we may associate these types of information with you
as an individual.
website may require you to accept session “cookies” to provide customer
experience and efficiencies such as enabling you to login, personalizing your
experience, and/or automatically filling in standard information on return
visits. “Cookies” are small pieces of information that are stored locally on
your device by your browser and passed back to the server whenever a request
for a new page on the site is made. The session cookie is never saved or
written to disk. It is discarded when the browser exits, when you log out of
the website, or when you have not visited a page on the website for a given
period of time, for example 60 minutes.
Most web browsers automatically accept session cookies, but most
browsers also allow you to configure your web browser to refuse them or to
notify you before a cookie is set. You
also can manually view (and delete) any cookies stored on your computer. If you do not allow session cookies
to be set, you may not be able to use our website, access the full content
otherwise available through our website and/or use the full features and
functionality of our website.
website may use a web analytics service provided by Visitor Analytics (https://www.visitor-analytics.io), or another vendor that is GDPR
device type and screen size, approximate location, browser, OS, IPs, page
visits, bounce rate, conversions and popular content on the website. All this
data is pseudonymized and Visitor Analytics will never use the collected data
to identify individual users or to match it with additional information on an
individual user. Each visitor has control over the placement of cookies. More
information on the cookies are available from Visitor Analytics at https://www.visitor-analytics.io/en/support/legal-data-privacy-certificates/standard-integration/what-to-include-in-your-privacy-policy/about-cookies-controlling-and-deleting-cookies.
HOW TO CONTACT US
In order to exercise your
and/or our processing of Personal Data, you may contact us in accordance with
the information set forth in Section 1 above.