AppHelp Privacy Notice (Business)

Effective as of May 25, 2018

At AppDirect, we are committed to protecting our customers’ personal information. We have created this document to help our customers understand how we collect, manage and use their and their users’ personal information as part of our AppHelp technology support services (the “Services”).

In essence, we (AppDirect Canada Inc.; together with our affiliates, licensors, partners and contractors, including their respective successors and assigns, referred to as “AppDirect”, “we”, “us” or “our”) need to collect certain personal information about each customer (either you as a self-employed individual, or the legal entity that you represent and have the full power and authority to bind contractually, as applicable; the “Customer”) in order to be able to provide such Customer and/or its employees or other authorized users acting on its behalf (each a “User”) with our Services. We promise to work hard to preserve the integrity and the security of the Customer’s (including its Users’) information. We will only use the Customer’s data in a manner consistent with this Privacy Notice, and will not share it with anyone for any other purpose. Such data may be stored and processed anywhere in the world.

Quick Links

While the above highlights certain aspects of our Privacy Notice, we recommend that you read this Privacy Notice in full to ensure you are fully informed. However, if you only want to access a particular section of this Privacy Notice, then you can click on the relevant link below to jump to that section.

1) Why we need to collect personal information
2) What kind of personal information may be concerned
General
Chat sessions
Live call sessions
Remote control
Assistance with Third Party Solutions
3) Legal basis for processing personal information (EEA customers and users only)
4) Who may have access to personal information
5) How we protect personal information
6) Where personal information may be processed
7) Keeping personal information accurate and up-to-date
8) Choices and rights
9) Retention of personal information
10) Legal disclosure
11) Consent
12) Contact, openness and accountability
13) Updates to this Privacy Notice

THE CUSTOMER’S (INCLUDING ITS USERS’) USE OF OUR SERVICES WILL MEAN THAT THE CUSTOMER HAS ACCEPTED THE TERMS AND CONDITIONS DESCRIBED HEREIN, AND CONSENTED TO OUR COLLECTION, STORAGE, USE AND DISCLOSURE OF ITS (INCLUDING ITS USERS’) PERSONAL INFORMATION IN ACCORDANCE WITH THESE TERMS.

We provide choices that allow Customer’s (including its Users’) to opt-out or control how we use and share data.

For the purposes of this document, the expression “personal information” means the information that either uniquely identifies a physical person or enables us to do so, as further explained below. Such information may include the person’s name, address, contact information (such as telephone numbers or email addresses), age, gender.

1) Why we need to collect personal information

Certain Customer personal information is necessary for us to be able to better understand the Customer’s needs and preferences, and to provide our Services to the Customer. Additionally, we may rely on such personal information to contact the Customer regarding its account, upcoming changes, improvements, software updates and upgrades, new offers and promotions, as well as to improve the effectiveness of our offerings, to conduct research, analysis and other business-related activities. In any event, the personal information will not be used, made available or otherwise disclosed for purposes other than those specified herein, unless we obtain the Customer’s prior consent or are required by law to do so.

2) What kind of personal information may be concerned

AppDirect provides various software and services, any combination of which could be made available to the Customer and its Users, depending on the type of Services it purchases. We will access and collect personal information only to the extent necessary to ensure that the Customer is able to access and use our Services. We may also collect and store personal information that the Customer (including its Users) chooses to provide to us, at its sole discretion, without us requiring it to do so.

In this section, we explain in which events Customer’s (including its Users’) personal information may be accessed, collected, used and processed, including the types of personal information that may be required, depending on Customer’s (including its Users’) access and use of our software and services.

General

In order to be able to identify and associate the Customer with its account, we need to collect information specific to the Customer. This includes the Customer’s name, contact information, including mailing address, email addresses of certain Users entitled to access and use the Services for or on behalf of the Customer, as well as other unique identifiers attributed to the Customer (including its Users) by us or by other service provider, as the case may be. Also, when the Customer contacts us, whether by phone, chat, email, through our websites or otherwise, we may keep a record of such communications to help solve issues that the Customer might be facing, but also for training, quality assurance and statistical purposes, as well as to improve our products and services. Please note that we may use personal information to aggregate various performance, analytical and statistical data, as well as to develop new products and services. When we do so, we ensure that the Customer’s (and its Users’) personal information is anonymized.

Chat sessions: When the Customer (including any of its Users) requests live chat assistance from our technical support agents, chat sessions will be recorded for quality assurance and training purposes, as well as to improve our products and services. As a result, all information exchanged during such chat sessions may be collected and used by us as part of our internal processes.

Live call sessions: Similarly, when the Customer requests live assistance from our technical support agents by telephone, conversations may be recorded for quality assurance and training purposes, as well as to improve our products and services. As a result, all information exchanged during such recorded calls may be collected and used by us as part of our internal processes.

Remote control: If the Customer requests live support from our technical support agents, the agent may need to take remote control of the Customer’s device in order to resolve the issues that the Customer is experiencing. However, the agents will not access the device without the Customer’s express authorization. Additionally, if an agent takes remote control over the Customer’s device, the agent may have access to any information stored on such device. However, our technical support agents are trained not to access more information than absolutely necessary to resolve the issues for which the Customer is requesting the agents’ support. While support agents do not access unnecessary information, it is the Customer’s responsibility to remain in front of its device screen to observe the actions of the agent while the latter performs the services. The Customer will have the opportunity to end the live support session at any time by clicking on the appropriate button. In any case, it is the Customer’s responsibility to ensure that all of its files, especially those containing the Customer’s (including any of its Users’) personal information, are secure to prevent any type of data loss or corruption.

Assistance with Third Party Solutions: When the Customer requests assistance with regards to its accounts held with third party solution providers (such as, without limitation, Microsoft Office 365), the Customer may be required to provide its login credentials and other relevant information for such third-party solution, as may be requested by the technical support agent during service delivery in order to enable the latter to deliver the requested services. The foregoing may enable our support agents to access personal information stored by such third-party solution providers as part of the Customer’s account with them. We will treat such login credentials and other provided information as the Customer’s personal information. However, the Customer is fully responsible for managing and updating, as needed, its (including its Users’) login credentials and other information with any and all third-party service providers as the Customer sees fit.

3) Legal basis for processing personal information (EEA customers and users only)

If Customer (including its Users) is a resident from the European Economic Area, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from Customer (including its Users) only where we have its consent to do so, where we need the personal information to perform a contract with Customer or where the processing is in our legitimate interests and not overridden by Customer’s (including its Users’) data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from Customer (including its Users).

If we ask Customer (including its Users) to provide personal information to comply with a legal requirement or to perform a contract with Customer (including its Users), we will make this clear at the relevant time and advise Customer (including its Users) whether the provision of its personal information is mandatory or not (as well as of the possible consequences if Customer (including its Users) do not provide its personal information).

Similarly, if we collect and use Customer (including its Users) personal information in reliance on our legitimate interests (or those of any third party), we will make clear to Customer (including its Users) at the relevant time what those legitimate interests are.

If Customer (including its Users) has questions about or need further information concerning the legal basis on which we collect and use its personal information, please contact us using the contact details provided under the “Contact, openness and accountability" heading below.

4) Who may have access to personal information

At AppDirect, we recognise and respect the importance of protecting the Customer’s (and its Users’) personal information. Keeping its personal information in strict confidence is an integral part of our commitment to service excellence. We do not sell or rent any personal information to any third party. However, in order to provide the Customer with our Services, we may share its personal information with our affiliated companies, parent entities and subsidiaries, for internal business purposes, as well as with our partners acting on our behalf. As many other service providers, we use third party partners’ assistance in some aspects of our business operations, which, in some cases, involves processing or handling of the Customer’s personal information. However, before we do so, we take appropriate measures to ensure that such personal information remains safe and secure, and is used only in a way that is consistent with our Privacy Notice. We protect the Customer’s personal information even within our organisation. It may be accessible only by those employees, agents, representatives and contractors of AppDirect who need to know such information as part of their duties. We also ensure that our employees, agents, representatives and contractors perform their duties in a way compatible with the terms and conditions described in this document.

5) How we protect personal information

We work diligently to maintain appropriate physical, technical and procedural safeguards that comply with industry best practices to guard the integrity and security of Customer’s (including its Users) personal information against unauthorized access or use. All personal information is stored in secure data centers, access to which is restricted to authorised personnel only. We employ industry-leading technologies to store sensitive information and protect it while in transit over the internet. Additionally, our websites use industry standard Secure Socket Layer (SSL) technology to protect the Customer’s information using both server authentication and data encryption. We cannot, however, ensure or warrant the security of any information Customer (including its Users) transmit to AppHelp, and Customer does so at its own risk. Once we receive Customer’s transmission of information, AppHelp endeavors to secure our systems, but please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by system malfunction or circumvention of our safeguards.

6) Where personal information may be processed

AppDirect is a Canada-based company which, together with its partners and affiliated companies, operates in many countries. As a result, we may store, or process the Customer’s personal information in many places around the world, including outside the State, province or country where the Customer is located. Those countries may not have the same data protection laws as the country in which Customer initially provided the information. When we transfer Customer (including its Users) information to other countries, we will protect that information as described in this Privacy Notice. Specifically, we have implemented the European Commission’s Standard Contractual Clauses for transfers of personal information between our group companies, which require all group companies to protect personal information they process from the EEA in accordance with European Union data protection law.

7) Keeping personal information accurate and up-to-date

In the provision of our services, we want to ensure that we provide the Customer with the best experience possible. To do so, we rely heavily on the personal information that the Customer submits to us. If the Customer notices that the information that we have on in our files is inaccurate, or the Customer’s information changes, we strongly encourage the Customer to reach out to us and provide us with its most current information. Not doing so may, in some cases, affect our capacity to deliver to our Services. Note that before updating the Customer’s personal information, we may ask the Customer to verify its identity before we can act on the request.

8) Choices and rights

Subject to applicable law, Customer (including its Users) may have the right to: obtain confirmation that we hold information about Customer (including its Users), request access to information we maintain about Customer (including its Users), request portability of Customer (including its Users) personal information, ask us to restrict processing of its personal information receive copies of the information we maintain about Customer (including its Users), update and correct inaccuracies in its information, object to the processing of its information, and have the information blocked, anonymized or deleted, as appropriate. Customer (including its Users) may also have the right to withdraw any consent it previously provided to us. These rights may be limited in some circumstances by local law requirements.

Customer (including its Users) have the right to complain to a data protection authority about our collection and use of its personal information. For more information, Customer (including its Users) can contact its local data protection authority. Contact details for data protection authorities in the European Economic Area are available here.

9) Retention of personal information

We retain personal information we collect from Customer (including its Users) where we have an ongoing legitimate business need to do so (for example, to provide Customer (including its Users) with a service Customer (including its Users) has requested or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process Customer (including its Users) personal information, we will either delete or anonymise it or, if this is not possible (for example, because the personal information has been stored in backup archives), then we will securely store Customer (including its Users) personal information and isolate it from any further processing until deletion is possible.

10) Legal disclosure

We may be required to disclose any and all information that we have on the Customer (including on its Users) to legal authorities. Such disclosure may be required by law, a court order, or by other legal obligations that we may have in any jurisdiction. Additionally, we may disclose such information to competent law enforcement agencies or other appropriate entities if we have reasonable grounds to believe that the Customer (including any of its Users) is using our Services in violation or in a manner that violates applicable laws or regulations, or otherwise to protect or defend the property rights that we and/or our partners may have under the applicable law.

11) Consent

The Customer (including its Users) may give us its consent for the collection, use and disclosure of its personal information in several ways. It can be express (for example, by phone, chat, email, by accepting the terms of our Terms of Service, or other similar means) or implied (for example, when it provides us with its (including its User’s) personal information necessary for the performance of specific Services). When the Customer provides us with personal information, we assume that the Customer consents to our collection, use and disclosure of such personal information for the purposes identified or described in this Privacy Notice. Occasionally, we may also request the Customer’s consent to access or collect additional personal information which may be necessary to enable us to render our services to the Customer, even if not specifically identified in this document. We will treat such personal information in accordance with the terms of this Privacy Notice and the applicable laws. It is the Customer’s right to direct us to stop collecting, using or sharing its personal information at any time, subject to contractual and legal restrictions and reasonable advance written notice. However, if the Customer withdraws its consent, we may no longer be able to provide it with our Services, in whole or in part. If the Customer still desires to withdraw its consent, the Customer must contact us at the address written below.

12) Contact, openness and accountability

Within AppDirect, our Security Officer is responsible for our security and privacy-related matters, including the application of this Privacy Notice. He and his team oversee training of our staff to ensure security compliance and to raise privacy awareness.

Transparency and integrity are among the key values at AppDirect. We will gladly answer any questions or concerns that the Customer or its Users may have regarding their privacy or the security of their personal information, or if they wish to request a correction of their respective personal information in our custody or control. Don’t hesitate to reach us by visiting the “contact us” section of our website.

If for any reason the Customer considers our response to be unsatisfactory or incomplete, please don’t hesitate to contact our Director of Security by email at apphelp.privacy@appdirect.com, or by mail at the following address:

Security Officer
AppHelp
2050 de Bleury Street, Suite 300
Montreal, QC, H3A 2J5, Canada

The Customer or its Users should also contact our Security Officer if they wish to request access to their respective personal information within our possession or control. Note however that in some cases it could impossible for us to provide them access to their respective personal information. This may occur when providing such access would be likely to impact the privacy or the security of a third party, reveal confidential information of AppDirect or cannot be disclosed for other valid reasons. In these events we will advise the Customer or the concerned User in writing of the grounds of our decision.

Lastly, if we are unable to resolve an issue to the Customer’s satisfaction, it may choose to request assistance from the privacy authorities, such as the Privacy Commissioner of Canada, who may be contacted at 1-800-282-1376, or by visiting www.priv.gc.ca.

13) Updates to this Privacy Notice

Please revisit this page periodically to stay aware of any changes to this Privacy Notice, which maybe revised from time to time at AppHelp’s sole discretion in order to implement new technologies and improve our processes, software and Services. If we modify the Privacy Notice, we will make it available through our website and indicate the date of the latest revision. The most current version of this Privacy Notice is available at www.appdirect.com/products/apphelp/privacy-business. However, in the event that the modifications materially alter Customer (including its Users) rights or obligations hereunder we will notify Customer (including its Users) by email as may be required by law.

Our amended Privacy Notice will automatically take effect 30 days after it is made available through the Services, except that (i) we will not, without Customer’s (including its Users’) consent, use Customer’s (including its Users’) previously collected personal information in a manner inconsistent with the Privacy Notice in effect when we received that information, and (ii) if Customer (including its Users) do not agree with any changes to the Privacy Notice, Customer (including its Users) may terminate its account ceasing use of the our services.
Where applicable, we will also provide the Customer with instructions on how to opt in to or opt out from our new services or communications. Note that some aspects of our Services may not be available to the Customer if the Customer chooses to opt out.

This Privacy Notice has been last updated on May 25, 2018.

© 2018 AppDirect Canada Inc., doing business as AppHelp. All Rights Reserved.
AppDirect™, AppHelp™ and their respective logos are trademarks or registered trademarks of AppDirect, Inc. in Canada, the United States and/or other countries. Microsoft, Office, Office 365 and their respective logos are trademarks or registered trademarks of Microsoft Corporation in Canada, the United States and/or other countries.