Privacy Statement Effective as of May 25, 2018 ERPAG is a (Software As A Service) SAAS company. We are developers and distributors of easy-to-use bussines, accounting and bookkeeping software for small businesses and self employed professionals named ERPAG. Using the cloud accounting model, ERPAG allows clients to access their accounting records over the internet. Accountants and Book keepers can also access client financial records through a secure access system over the internet. ERPAG (or the 'Company') is committed to protecting the privacy of your information. This Privacy Statement describes Erpag's information practices. If you have any questions about this Privacy Statement, please contact ERPAGat [email protected].
We understand that the privacy of your information is important to you, and we are committed to being transparent about how we use, share, and protect your information. To help further our commitment, we have developed this Privacy Statement to help you better understand the types of information we collect, why we collect it, how we will use it, and the various options you have to manage the privacy of your personal information.
Scope of this Privacy Statement
This Privacy Statement describes our privacy practices for
information we collect from or about individuals who are located in the
European Economic Area (•EEA•) through our services, sites, products, mobile
applications, desktop applications, software that are directed to the EEA
(collectively, •Services•) and other initiatives directed to the EEA such as
marketing and product trainings. In addition, please note that this Privacy Statement only
applies where we process personal information about you as a data controller.
It does not apply to Services where we process personal information as a data
processor on behalf of a controller. When we are a processor, the privacy
statement of the relevant controller on whose behalf we process will apply. When we process your personal information as a data controller, ERPAG
Inc. (referred to in this Privacy Statement as •ERPAG,• •us,• •we,• •our•) is
the controller of your personal information and contact details are provided
below under the heading "How to Contact US". This Privacy Statement includes some important information,
please take the time to read the entire Privacy Statement. Of course, if you
have any questions please reach out to us. 1. What Information We Collect. Information You Give Us. • Creating an Account. When you create an account we collect
information that allows us to set up or open your account, such as your name,
shipping address, billing address, email address, phone number, user ID, and
password. • Using our Services. We receive information from you
when you use our Services, such as information about your business, invoices,
and financial statements. We may also collect additional information from you
when you sign-in or otherwise use our Services. For example, you may choose to
sync your account with other third-party accounts such as your financial
institutions. To sync your financial account information, we must access your
financial account data. You can learn more about syncing, linking, and
connecting to your financial institution by visiting our Terms of Service. • Customer Support, Product Research, Trainings, and Feedback. When
you reach out to us for support give us feedback, participate in optional
surveys, product research or trainings, we may also collect information that
you choose to share. Information We Get When You Use the Service. • Device information. We may collect device
information such as Internet Protocol (•IP•) addresses, log information, error
messages, device type, and unique device identifiers. For example, we may
collect IP addresses from you when you log into the Services as part of our
log-in and security features. • Usage Information. We may collect usage
information such as the pages you viewed, the features you use, your browser
type, error reports, and any links you click on to leave or interact with our
Services. We may also gather information about other applications you use on
your device for analytics and advertising reasons. • Location Information. Certain Service features may
collect your precise location data, device motion data, or both, if you grant
permission to do so in your device settings. • Content. We may also collect content that you
provide through the Services, such as information about your business such as
your invoices, expenditures or customer details; content you post on our
community pages; content you provide to our customer care agents; and feedback
you provide about the Services. • Camera and Contacts. Certain Service features may
have access to your camera and contacts if you grant permission in your device
setting. • Information from Cookie and other Technologies. ERPAG
and our service providers may use commonly-used tools such as cookies, web
beacons, pixels, local shared objects, and similar technologies (collectively,
"Cookies") to provide the Service you requested, recognize your visit,
track your interactions with our Services, and improve your and other
customers' experience. You have control over some of the data we collect from
Cookies and how we use it. Information We Get From Third Parties We may also get information about you from other third parties
where permitted by applicable law. For example, we receive information from: • third parties with whom you have an account or receive a service
when you: choose to sync that third-party account/service with your ERPAG
account, or integrate your data from that third party into the Service we
provide to you. • third-party service providers who help us to supplement the
information you have provided and to ensure the accuracy of your information.
For example, we use third party service providers to validate your mailing
address. • third parties who provide us with information about you or your
interaction with our Services. For example, we may obtain service and support
information or technical issues you have raised with these third parties. Required Information Some of the functionalities in our Service may require you to
provide information in order for you to use the Service. If you do not wish to
provide the required information, you may not be able to use certain features
or the Service. We will try to let you know what information is required and
what information is optional. We may also combine information that you provided
us with information about you that we get from other sources, in accordance
with applicable law. 2. How Do We Use Your Information. We
use your information in various ways, including to: • Provide, Improve, Protect, and Deliver the Services. To
provide you with the Services that you have accessed or requested; to
personalize your experience; to provide technical support; to protect the
security and safety of the Services, our customers, ERPAG, and others; or to
otherwise operate our business. • Communicate with You. From time to time we may
communicate with you, including to: o ⁃ provide
you with important information about the Services or your accounts, such as
subscription related information. o ⁃ send you
information about ERPAG, other ERPAG products and services, special offers, and
new product releases. • Protect ERPAG and Others. To protect ERPAG, our
customers, and others such as for the purpose of combatting fraud. • Analyze Your Information. We may use both manual and
automated systems, such as machine learning and artificial intelligence, to:
analyze your information to improve our Services; personalize your experience;
automate certain aspects of the Service; provide you certain features; and
protect the safety and security of ERPAG, our Services, our customers and
others. In general, we will use the personal information we collect from
you only for the purposes described in this Privacy Statement or for purposes
we provide at the time we collect your personal information. However, we may
also use your personal information for other purposes that are not incompatible
with the purposes if and where this is permitted by applicable law. We will
provide you with further information on any such additional processing when
this happens, in accordance with applicable data protection laws. 3. How We Share Your Information. From
time to time, we may need to share your information, but we will only share
your personal information for the following reasons: • With your consent. We may share your personal
information with your consent. • With third parties: We may share your personal
information with third parties, but only for the following reasons: o ⁃ With
your consent. o ⁃ To
provide functions and services on our behalf. We may share your
information with third parties who provide various functions on our behalf and
enable us to provide our Services and operate our business, such as service
providers and business partners. o ⁃ For
Research. We may share your information with third-parties for
research purposes or to publish academic or policy-related materials. We only
share combined, unidentifiable customer data, but only in a way that would not
allow the customer or any person to be identified. o ⁃ For
Joint Sales, Promotions, and Events. We may share your information
with third-parties who are jointly providing sales initiatives, promotions or
events with us. o ⁃ For
legal reasons. We may share your information with third-parties for
legal reasons, including: • ⁃ when we
reasonably believe disclosure is required or permitted in order to comply with
a subpoena, court order, or other applicable law, regulation or legal process; • ⁃ to
protect the rights, property, or safety of ERPAG, our Services, our customers,
or others; • ⁃ to
protect against or defend our Services against attacks; • ⁃ to
enforce, remedy, or apply our Terms of Service and other agreements; or • ⁃ to
prevent fraud and for debt collection. • With our Affiliates and Subsidiaries. We may
share your information with and among our affiliates and subsidiaries and associated
company Code System, Serbia. • With Other ERPAG Customers. Some of our Services
allow you to share information (including personal information) with other ERPAG
customers or the general public. Please remember that if you set up an administrator/support
account, your personal information may be accessible by people other than you
and ERPAG and they may have the ability to access, change, copy, or delete your
personal information. • With Social Media Platforms. Some of our Services
enable you to share information on third-party social media platforms, like
Facebook and Twitter. Any information you choose to share on social media may
potentially be visible to a global audience and will be subject to the
third-party social media provider's privacy policies (not this Privacy
Statement). You should take care only to share information on social media that
you are comfortable sharing. • For Mergers and Acquisitions. If we are involved with
a merger, asset sale, financing, liquidation, bankruptcy, or the acquisition of
all or part of our business to another company, we may share your information
with that company and its advisors before and after the transaction date. 4. Processing Personal Information Our legal basis for collecting and using the personal
information described in this Privacy Statement will depend on the type of
personal information and the specific context in which we collect it. However,
we will normally collect personal information from you only where we have your
consent to do so, where we need the personal information to perform a contract
with you, or where the processing is in our legitimate interests and not
overridden by your data protection interests or fundamental rights and
freedoms. In some cases, we may also have a legal obligation to collect
personal information from you, including details of any legitimate interest we
rely on to process your personal information. If you have questions about or need further information
concerning the legal basis on which we collect and use your personal
information, please contact us using the contact details provided under the
•How To Contact Us• heading below. 5. What You Can Do To Manage Your Privacy. You
have choices when it comes to managing the privacy of your personal information. • Update Your Privacy Setting. You may update your privacy
settings directly through the Services by visiting your account settings or by
visiting our Privacy/GDPR Admin. • Manage Marketing Communications From Us. We honor your choices
when it comes to receiving marketing communications from us. To update your
preferences (including to opt-in or opt-out of marketing communications) you
can go to the marketing preference center or visit our Privacy/GDPR Admin.
You may also click unsubscribe at the bottom of the marketing emails or respond
with STOP to SMS messages. • Cookies and Other Tracking Technologies. You can find
information on changing your browser settings to opt-out of Cookies in your
browser settings or make changes to your Cookies settings by visiting our GDPR
Centre. If you disable some or all of the Cookies the Service, or parts of the
Service may not work. 6. Data Retention. Unless you specifically ask us to delete your personal
information as explained in Section 7 •Your Rights•, we retain your information
as long as is necessary to maintain your ERPAG account or to provide you with
our Services. Once you have terminated your account or otherwise cease using
our Services (including if we determine your account has gone inactive), we
will no longer retain your information except to the extent necessary: • to send you marketing communications in accordance with your
marketing preferences (which you can change at any time • see Section 5); • for our legal or regulatory compliance (e.g. maintaining records
of transactions you have made with us), to exercise, establish or defend legal
claims, and to protect against fraudulent or abusive activity on our Service;
or • for general product improvement purposes in accordance with this
Privacy Statement, provided that any data retained for this purpose will be
used only for a limited period and handled securely and in confidence. If we no longer need your information for the above purposes, we
will generally delete or de-identify it in accordance with our standard data
retention practices. However, there may be occasions where we are unable to
fully delete or de-identify your information due to technical or other
operational reasons, for example where your information has been archived onto
back-up systems. Where this is the case, we will take reasonable measures to
securely isolate your information from any further processing until such time
as we are able to delete or de-identify it. 7. Your Rights. You have certain rights
with respect to your personal information that we collect and process. We
respond to all requests we receive from individuals in the EEA that are using a
Service directed to the EEA wishing to exercise their data protection rights in
accordance with applicable data protection laws. To file a request or take
action on one of your rights, please visit Privacy/GDPR Admin or contact
us at the contact details provided under Section 10, •How to Contact Us•. • Access, Correction or Deletion. You may request access
to, correction of, or deletion of your personal information. You can often go
directly into the Service under Account Settings to take these actions. Please
note that even if you request for your personal information to be deleted,
certain aspects may be retained for us to: meet our legal or regulatory
compliance (e.g. maintaining records of transactions you have made with us);
exercise, establish or defend legal claims; and to protect against fraudulent
or abusive activity on our Service. Data retained for these purposes will be
handled as described in Section 6 •Data Retention•, above. • Objection and Restriction. You may object to our
processing of your personal information or ask us to restrict processing of
your personal information. • Portability. You may request portability of your personal
information. • Withdraw Consent. If we have collected and
processed your personal information with your consent, you can withdraw your
consent at any time. Withdrawing your consent will not affect the lawfulness of
any processing we conducted prior to your withdrawal, nor will it affect
processing of your personal information conducted in reliance on lawful
processing grounds other than consent. • File a complaint. You have the right to file a
complaint with a supervisory authority about our collection and processing of
your personal information. 8. Third-Party Services, Links and Integrations. • Third-Party Services. Third-party products, services
and applications may use or integrate with our Services, or otherwise be
offered through our Services (•Third-Party Services•). If you choose to use
Third-Party Services or link or sync any of these Third-Party Services with
your ERAG account you are permitting us to provide your information and any
information associated with your account, including personal information, to
the third party. Your interactions with these Third-Party Services are governed
by the privacy statement of the company providing the relevant Third-Party
Service. 9. Security of Your Information. We
understand that the security of your information is important to you. We
provide appropriate technical and organizational security controls to protect
your information. But, even with our best efforts, we cannot ensure or warrant
the security of your information. You can find out more about how we protect
your information and the steps you can take to help protect your information
here. 10. International Data Transfers. We
may transfer your personal information to and process and store your
information in other countries in compliance with applicable law. Some of these
countries may have data protection laws that are different from the laws of
your country (and, in some cases, may not be as protective). However, we have
taken appropriate safeguards to require that your personal information remain
protected. When ERPAG transfers your personal information from the EEA or
Switzerland to a non-EAA country, we rely on one or more of the following legal
mechanisms: E.U.-U.S. Privacy Shield and Swiss-U.S. Privacy Shield. 11. How to Contact Us. If you have questions or
comments about this Privacy Statement or our practices, please contact us: • Email. [email protected] 12. Changes to Our Privacy Statements. From
time to time we may change or update our Privacy Statement. We reserve the
right to make changes or updates at any time. If we make material changes to
the way we process your personal information, we will provide you notice via
our Service or by other communication channels, such as by email or community
post and if required by applicable data protection laws seek your consent to
those material changes. You can see when this Privacy Statement was last updated by
checking the •last updated• date displayed at the top of this Privacy
Statement. Please review any changes carefully. 13. Collection and Use of Children•s Personal Information. Our
Services are intended for and directed to individuals 18 or over and we do not
knowingly collect personal information from minors.