Privacy Statement Effective as of May 25, 2018 ERPAG is a (Software As A Service) SAAS company. We are developers and distributors of easy-to-use bussines, accounting and bookkeeping software for small businesses and self employed professionals named ERPAG. Using the cloud accounting model, ERPAG allows clients to access their accounting records over the internet. Accountants and Book keepers can also access client financial records through a secure access system over the internet. ERPAG (or the 'Company') is committed to protecting the privacy of your information. This Privacy Statement describes Erpag's information practices. If you have any questions about this Privacy Statement, please contact ERPAGat [email protected].

We understand that the privacy of your information is important to you, and we are committed to being transparent about how we use, share, and protect your information. To help further our commitment, we have developed this Privacy Statement to help you better understand the types of information we collect, why we collect it, how we will use it, and the various options you have to manage the privacy of your personal information.

Scope of this Privacy Statement

This Privacy Statement describes our privacy practices for information we collect from or about individuals who are located in the European Economic Area (•EEA•) through our services, sites, products, mobile applications, desktop applications, software that are directed to the EEA (collectively, •Services•) and other initiatives directed to the EEA such as marketing and product trainings.


In addition, please note that this Privacy Statement only applies where we process personal information about you as a data controller. It does not apply to Services where we process personal information as a data processor on behalf of a controller. When we are a processor, the privacy statement of the relevant controller on whose behalf we process will apply.


When we process your personal information as a data controller, ERPAG Inc. (referred to in this Privacy Statement as •ERPAG,• •us,• •we,• •our•) is the controller of your personal information and contact details are provided below under the heading "How to Contact US".


This Privacy Statement includes some important information, please take the time to read the entire Privacy Statement. Of course, if you have any questions please reach out to us.



1. What Information We Collect.


Information You Give Us.

         Creating an Account. When you create an account we collect information that allows us to set up or open your account, such as your name, shipping address, billing address, email address, phone number, user ID, and password.

         Using our Services. We receive information from you when you use our Services, such as information about your business, invoices, and financial statements. We may also collect additional information from you when you sign-in or otherwise use our Services. For example, you may choose to sync your account with other third-party accounts such as your financial institutions. To sync your financial account information, we must access your financial account data. You can learn more about syncing, linking, and connecting to your financial institution by visiting our Terms of Service.

         Customer Support, Product Research, Trainings, and Feedback. When you reach out to us for support give us feedback, participate in optional surveys, product research or trainings, we may also collect information that you choose to share.


Information We Get When You Use the Service.

         Device information. We may collect device information such as Internet Protocol (•IP•) addresses, log information, error messages, device type, and unique device identifiers. For example, we may collect IP addresses from you when you log into the Services as part of our log-in and security features.

         Usage Information. We may collect usage information such as the pages you viewed, the features you use, your browser type, error reports, and any links you click on to leave or interact with our Services. We may also gather information about other applications you use on your device for analytics and advertising reasons.

         Location Information. Certain Service features may collect your precise location data, device motion data, or both, if you grant permission to do so in your device settings.

         Content. We may also collect content that you provide through the Services, such as information about your business such as your invoices, expenditures or customer details; content you post on our community pages; content you provide to our customer care agents; and feedback you provide about the Services.

         Camera and Contacts. Certain Service features may have access to your camera and contacts if you grant permission in your device setting.

         Information from Cookie and other Technologies. ERPAG and our service providers may use commonly-used tools such as cookies, web beacons, pixels, local shared objects, and similar technologies (collectively, "Cookies") to provide the Service you requested, recognize your visit, track your interactions with our Services, and improve your and other customers' experience. You have control over some of the data we collect from Cookies and how we use it.


Information We Get From Third Parties

We may also get information about you from other third parties where permitted by applicable law. For example, we receive information from:

         third parties with whom you have an account or receive a service when you: choose to sync that third-party account/service with your ERPAG account, or integrate your data from that third party into the Service we provide to you.

         third-party service providers who help us to supplement the information you have provided and to ensure the accuracy of your information. For example, we use third party service providers to validate your mailing address.

         third parties who provide us with information about you or your interaction with our Services. For example, we may obtain service and support information or technical issues you have raised with these third parties.


Required Information

Some of the functionalities in our Service may require you to provide information in order for you to use the Service. If you do not wish to provide the required information, you may not be able to use certain features or the Service. We will try to let you know what information is required and what information is optional. We may also combine information that you provided us with information about you that we get from other sources, in accordance with applicable law.



2. How Do We Use Your Information. We use your information in various ways, including to:


         Provide, Improve, Protect, and Deliver the Services. To provide you with the Services that you have accessed or requested; to personalize your experience; to provide technical support; to protect the security and safety of the Services, our customers, ERPAG, and others; or to otherwise operate our business.

         Communicate with You. From time to time we may communicate with you, including to:

o    provide you with important information about the Services or your accounts, such as subscription related information.

o    send you information about ERPAG, other ERPAG products and services, special offers, and new product releases.

         Protect ERPAG and Others. To protect ERPAG, our customers, and others such as for the purpose of combatting fraud.

         Analyze Your Information. We may use both manual and automated systems, such as machine learning and artificial intelligence, to: analyze your information to improve our Services; personalize your experience; automate certain aspects of the Service; provide you certain features; and protect the safety and security of ERPAG, our Services, our customers and others.


In general, we will use the personal information we collect from you only for the purposes described in this Privacy Statement or for purposes we provide at the time we collect your personal information. However, we may also use your personal information for other purposes that are not incompatible with the purposes if and where this is permitted by applicable law. We will provide you with further information on any such additional processing when this happens, in accordance with applicable data protection laws.



3. How We Share Your Information. From time to time, we may need to share your information, but we will only share your personal information for the following reasons:

         With your consent. We may share your personal information with your consent.

         With third parties: We may share your personal information with third parties, but only for the following reasons:

o     With your consent.

o     To provide functions and services on our behalf. We may share your information with third parties who provide various functions on our behalf and enable us to provide our Services and operate our business, such as service providers and business partners.

o     For Research. We may share your information with third-parties for research purposes or to publish academic or policy-related materials. We only share combined, unidentifiable customer data, but only in a way that would not allow the customer or any person to be identified.

o     For Joint Sales, Promotions, and Events. We may share your information with third-parties who are jointly providing sales initiatives, promotions or events with us.

o     For legal reasons. We may share your information with third-parties for legal reasons, including:

  when we reasonably believe disclosure is required or permitted in order to comply with a subpoena, court order, or other applicable law, regulation or legal process;

  to protect the rights, property, or safety of ERPAG, our Services, our customers, or others;

  to protect against or defend our Services against attacks;

  to enforce, remedy, or apply our Terms of Service and other agreements; or

  to prevent fraud and for debt collection.

         With our Affiliates and Subsidiaries. We may share your information with and among our affiliates and subsidiaries and associated company Code System, Serbia.

         With Other ERPAG Customers. Some of our Services allow you to share information (including personal information) with other ERPAG customers or the general public. Please remember that if you set up an administrator/support account, your personal information may be accessible by people other than you and ERPAG and they may have the ability to access, change, copy, or delete your personal information.

         With Social Media Platforms. Some of our Services enable you to share information on third-party social media platforms, like Facebook and Twitter. Any information you choose to share on social media may potentially be visible to a global audience and will be subject to the third-party social media provider's privacy policies (not this Privacy Statement). You should take care only to share information on social media that you are comfortable sharing.

         For Mergers and Acquisitions. If we are involved with a merger, asset sale, financing, liquidation, bankruptcy, or the acquisition of all or part of our business to another company, we may share your information with that company and its advisors before and after the transaction date.



4. Processing Personal Information


Our legal basis for collecting and using the personal information described in this Privacy Statement will depend on the type of personal information and the specific context in which we collect it. However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you, including details of any legitimate interest we rely on to process your personal information.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the •How To Contact Us• heading below.



5. What You Can Do To Manage Your Privacy. You have choices when it comes to managing the privacy of your personal information.


         Update Your Privacy Setting. You may update your privacy settings directly through the Services by visiting your account settings or by visiting our Privacy/GDPR Admin.

         Manage Marketing Communications From Us. We honor your choices when it comes to receiving marketing communications from us. To update your preferences (including to opt-in or opt-out of marketing communications) you can go to the marketing preference center or visit our Privacy/GDPR Admin. You may also click unsubscribe at the bottom of the marketing emails or respond with STOP to SMS messages.

         Cookies and Other Tracking Technologies. You can find information on changing your browser settings to opt-out of Cookies in your browser settings or make changes to your Cookies settings by visiting our GDPR Centre. If you disable some or all of the Cookies the Service, or parts of the Service may not work.


6. Data Retention.


Unless you specifically ask us to delete your personal information as explained in Section 7 •Your Rights•, we retain your information as long as is necessary to maintain your ERPAG account or to provide you with our Services. Once you have terminated your account or otherwise cease using our Services (including if we determine your account has gone inactive), we will no longer retain your information except to the extent necessary:


         to send you marketing communications in accordance with your marketing preferences (which you can change at any time • see Section 5);

         for our legal or regulatory compliance (e.g. maintaining records of transactions you have made with us), to exercise, establish or defend legal claims, and to protect against fraudulent or abusive activity on our Service; or

         for general product improvement purposes in accordance with this Privacy Statement, provided that any data retained for this purpose will be used only for a limited period and handled securely and in confidence.


If we no longer need your information for the above purposes, we will generally delete or de-identify it in accordance with our standard data retention practices. However, there may be occasions where we are unable to fully delete or de-identify your information due to technical or other operational reasons, for example where your information has been archived onto back-up systems. Where this is the case, we will take reasonable measures to securely isolate your information from any further processing until such time as we are able to delete or de-identify it.



7. Your Rights. You have certain rights with respect to your personal information that we collect and process. We respond to all requests we receive from individuals in the EEA that are using a Service directed to the EEA wishing to exercise their data protection rights in accordance with applicable data protection laws. To file a request or take action on one of your rights, please visit Privacy/GDPR Admin or contact us at the contact details provided under Section 10, •How to Contact Us•.


         Access, Correction or Deletion. You may request access to, correction of, or deletion of your personal information. You can often go directly into the Service under Account Settings to take these actions.


Please note that even if you request for your personal information to be deleted, certain aspects may be retained for us to: meet our legal or regulatory compliance (e.g. maintaining records of transactions you have made with us); exercise, establish or defend legal claims; and to protect against fraudulent or abusive activity on our Service. Data retained for these purposes will be handled as described in Section 6 •Data Retention•, above.

         Objection and Restriction. You may object to our processing of your personal information or ask us to restrict processing of your personal information.

         Portability. You may request portability of your personal information.

         Withdraw Consent. If we have collected and processed your personal information with your consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.

         File a complaint. You have the right to file a complaint with a supervisory authority about our collection and processing of your personal information.



8. Third-Party Services, Links and Integrations.


         Third-Party Services. Third-party products, services and applications may use or integrate with our Services, or otherwise be offered through our Services (•Third-Party Services•). If you choose to use Third-Party Services or link or sync any of these Third-Party Services with your ERAG account you are permitting us to provide your information and any information associated with your account, including personal information, to the third party. Your interactions with these Third-Party Services are governed by the privacy statement of the company providing the relevant Third-Party Service.


9. Security of Your Information. We understand that the security of your information is important to you. We provide appropriate technical and organizational security controls to protect your information. But, even with our best efforts, we cannot ensure or warrant the security of your information. You can find out more about how we protect your information and the steps you can take to help protect your information here.



10. International Data Transfers. We may transfer your personal information to and process and store your information in other countries in compliance with applicable law. Some of these countries may have data protection laws that are different from the laws of your country (and, in some cases, may not be as protective). However, we have taken appropriate safeguards to require that your personal information remain protected. When ERPAG transfers your personal information from the EEA or Switzerland to a non-EAA country, we rely on one or more of the following legal mechanisms: E.U.-U.S. Privacy Shield and Swiss-U.S. Privacy Shield.



11. How to Contact Us. If you have questions or comments about this Privacy Statement or our practices, please contact us:


         Email. [email protected]


12. Changes to Our Privacy Statements. From time to time we may change or update our Privacy Statement. We reserve the right to make changes or updates at any time. If we make material changes to the way we process your personal information, we will provide you notice via our Service or by other communication channels, such as by email or community post and if required by applicable data protection laws seek your consent to those material changes.


You can see when this Privacy Statement was last updated by checking the •last updated• date displayed at the top of this Privacy Statement. Please review any changes carefully.



13. Collection and Use of Children•s Personal Information. Our Services are intended for and directed to individuals 18 or over and we do not knowingly collect personal information from minors.