+353 1 905 9010 Request Free Demo

Privacy Statement for this website

This statement was last updated on 16th May 2018.

Introduction

We have created this data protection notice as the controller of personal data for visitors to this website, for prospects, clients and former clients. This notice aims to demonstrate our firm commitment to privacy and to inform people dealing with us about the information we collect and process in connection with such interaction.

This notice sets out an explanation of what personal data about you we process, why we process your personal data, with whom your personal data is shared and a description of your rights with respect to your personal data.

Who we are?

Wandsoft Limited is a provider of Software As a Service (Saas) solutions in the field of GDPR compliance and Customer Relationship management.

Wandsoft Limited is incorporated in Ireland since 2001, number 343136. Registered Address: Unit 3, Grange Road Retail Park - Grange Road - Rathfarnham - Dublin 16

Wandsoft is registered as a data-processor with the Data Protection Commissioner in Ireland, reference 12631/A  

What information do we process?

We need to keep and process certain information about you to manage our business, for management purposes, to comply with our legal obligations and, where necessary, to protect our legitimate business interests. We will collect and process information from you during your visit on this website, during our contractual relationship and following the termination of our contractual relationship.

Personal data is normally obtained directly from you. In certain circumstances, it will, however, be necessary to obtain data from third parties, e.g. credit check references.

The categories of personal data we process and the lawful basis for doing so are set out in more detail below.

How do we use your information?

The information we hold and process will be used for management and administrative purposes. We keep it and use it to enable us to run our business, manage our contractual relationship with you effectively, lawfully and appropriately and protect your rights and interests. This includes using your information to enable us to manage contracts, comply with legal obligations, pursue our legitimate interests and protect our legal position in the event of legal proceedings against the company.

The uses we make of each category of your personal data, together with the lawful basis we rely on for those uses are set out in more details below.

Where there is a need to process your data for a purpose other than those set out in the appendix or otherwise outlined to you, we will inform you of this.

How is your information shared?

Your personal data may be disclosed to third parties where we are legally obliged to do so or where our contract requires or permits us to do so. For example, we pass on certain information to our accountant to fulfil our legal obligations.

More detailed information on how we share your personal data is set out below

Will your information be transferred abroad?

Our data-centres are located in Ireland, so generally, your personal data will not be transferred abroad.

We may transfer your personal data within the EEA for purposes connected with the management of our business.

In limited and necessary circumstances, your personal data may be transferred outside of the EEA (website statistics). Appropriate safeguards are in place to ensure the security of your personal data where it is transferred outside of the EEA,

How long do we keep your information?

Any personal data processed about you is retained in accordance to our record retention policy. 

What happens if you do not provide us with your information?

In some cases, you may decline to provide us with your personal data. If we believe that we require relevant information to effectively and properly manage our contractual relationship, we may not be able to continue our relationship with you.

Will you be subject to profiling or automated decision making?

You will not be subject to automated decision making or profiling.

What are your rights under the data protection law?

You have the following rights under data protection law, although your ability to exercise these rights may be subject to certain conditions:

  • the right to receive a copy of and/or access the personal data that we hold about you, together with other information about our processing of that personal data;
  • the right to request that any inaccurate data that is held about you is corrected, or if we have incomplete information you may request that we update the information such that it is complete;
  • the right, in certain circumstances, to request that we erase your personal data;
  • the right, in certain circumstances, to request that we no longer process your personal data for particular purposes, or object to our use of your personal data or the way in which we process it;
  • the right, in certain circumstances, to transfer your personal data to another organisation;
  • the right to object to automated decision making and/or profiling; and
  • the right to complain to the Data Protection Commissioner.

Further information

If you have any queries in relation to this data protection notice, or if you have any concerns as to how your data is processed, please contact Claude Saulnier using the following form:

Review

This data protection notice will be reviewed from time to time to take into account changes in the law and the experience of the notice in practice.

Appendix

The data-centres that hosts our websites, CRM and backups are ISO27001 certified and located in Ireland:

As a visitor to the website

When you browse this website, we passively collect the following personal data: 

  • For for security reasons (legitimate interest Article 6-1-f )
    • Your IP address,
    • The page viewed
    • The time the page was viewed
    • The browser you used to view the page.
    • We do not cross reference the log with the enquiry, but we reserve the right to do so should we be concerned about the security of our operations.
    • The web server logs are normally kept for 6 months or less.
    • The personal data is stored in Ireland.
    • The transfer of the website content between your browser and our server is secured through TLS 1.2 encryption. You can verify by clicking the padlock on your browser.
  • For statistics (legitimate interest Article 6-1-f )
    • Page viewed
    • The time the page was viewed
    • The browser you used to view the page
    • Social media referers
    • We use Google Analytics to provide management reports on the visits on the website. Check Google analytics' privacy policy   for further details.

When you open a link to a 3rd party website from our website, we passively collect the following personal data: 

  • To help our marketing team gauge the popularity of material we would refer to (legitimate interest Article 6-1-f )
    • your country (we do not store the IP address),
    • the time,
    • the link you clicked
    • your browser type. 

When you make an enquiry via a form on this website

We use our own product, Wandsoft CRM to handle your requests and manage our business.

  • We collect (legitimate interest Article 6-1-f & contract Article 6-1-b)
    • the time of the enquiry, so we can measure our response time dealing with your enquiry;
    • your name, email address, phone, so we can contact you;
    • comments supplied in the form. so our team can easily refer to your query;
    • country, to measure our marketing efforts; 
  • The personal data is stored in Ireland.
  • We do not send your data to anyone but our staff, so you can be reassured your data stays in the EU;
  • The transfer of the form content between your browser and our server is secured through TLS 1.2 encryption. You can verify by clicking the padlock on your browser.
  • Our servers use encryption at rest.
  • You will not be added to a mailing list.

When you become a Wandsoft client, we will store:

As a data controller:

  • Data required by law to provide a paid service (contract Article 6-1-b & legal obligations Article 6-1-c)
    • Invoice address
    • Service purchased
    • We keep these for a period specified by the Irish Revenue services (6 years + current financial year)
    • We will transfer the information to our appointed accountants (Guardian Management - Link) so they can perform our mandatory accounts return.
    • If required, we may need to transfer some of the personal data to the Revenue Commissioners, legal advisors.
  • If you pay by credit card:
    • Credit card details
      • We use the services of Stripe (link) that may send data outside the EEA;
    • To avoid data to be sent outside the EEA due to credit card processing, you can pay by bank transfer.
    • Our bank
  • If you pay by cheque or bank transfer:
    • Our bank

If -sadly- you don't become a Wandsoft client, we will anonymise your personal data.

As a data-processor (client of Wandsoft-Bizoneo):

We will store your data in a GDPR compliant environment and will provide you with a data-processor agreement.

You will be able to view all access we might require to maintain and keep your Bizoneo or Wandsoft system up to date.

We will not interact with your data unless instructed otherwise.