Definition. "Confidential Information" means any information or data disclosed by one Party ("Disclosing Party") to the other ("Receiving Party") that is marked as confidential or that should be reasonably understood to be confidential given the nature of the Information and the circumstances surrounding disclosure (e.g., Order Forms, Customer Data, pricing). Confidential Information does not include any information which is:
(a) Publicly available; or
(b) Rightfully known by Receiving Party before disclosure by Disclosing Party; or
(c) Lawfully disclosed to Receiving Party by another party that is not under any obligation or breach of confidentiality; or
(d) Independently developed by or for Receiving Party without use of or reference to the Disclosing Party's Confidential Information.
Use and Disclosure. Unless agreed to in writing, the Receiving Party will not:
(a) Use any Confidential Information of Disclosing Party for any purpose other than
fulfilling Receiving Party's rights and obligations under the Agreement; or
(b) Disclose Confidential Information to any third party except for "Representative Entities" (e.g., Affiliates, contractors, legal counsel) who have a "need to know" for Receiving Party to fulfill its rights and obligations under these Terms. These "Representative Entities" are bound to protect Confidential Information under the same terms of confidentiality as the Receiving Party, and Receiving Party is responsible for any breach by the "Representative Entities" of those obligations.
Compelled Disclosure. Receiving Party may disclose Confidential Information of Disclosing Party to the extent compelled by regulation, law, subpoena, court order provided:
(a) Receiving Party gives Disclosing Party immediate and prior notice of the
compelled disclosure to the extent legally permitted; and
(b) Receiving Party discloses only the Confidential Information legally required; and
(c) Receiving Party provides reasonable assistance, at Disclosing Party's sole expense if Disclosing Party wishes to contest the disclosure.
PERSONAL IDENTIFIABLE DATA
Your compliance. You are solely responsible for:
(a) Ensuring that you comply with the Data Protection Legislation as applicable to
your own controlling and processing of Personal Identifiable Data concerning your
use of our Services. You guarantee that all processing activities are lawful, have a
specific purpose, and any required notices and consents or other appropriate legal
basis are in place to enable the lawful transfer of the Personal Identifiable Data.
(b) Making an independent assessment of whether the technical and organizational measures of our Services meet your requirements
(c) Implementing and maintaining privacy and security measures for components that you provide or control (including but not limited to passwords and devices used with our Services).
Collection of Personal Identifiable Data. We may collect and process personal data, including, but not limited to, customer account and potential customer information, like Full name, Address, Email address, Financial Information, Account ID, Gender, Job title, IP address, Location-related Information, customer support call recording, pages, and modules visited, browser and device information. We collect this Information only to the extent required for our business. These reasons include, but are not be limited to: Sharing relevant Information about our products and services, creating an account that's connected to your person and company, Verifying your identity, Finance, and billing, Provision of the services, Analyzing the usage of our products and services, providing customer support to potential or existing customers, Detecting and combating fraudulent or unlawful activity, Training and quality improvement, Expanding business through our marketing and sales channels, Fulfil financial obligations such as paying taxes and ensuring invoices are paid, keeping your account secure.
3rd party data. We may receive Personal Identifiable Information from third parties to complement a customer's profile.
Processing of Personal Identifiable Data. You acknowledge that we process Personal Identifiable Data as an independent data controller to the extent necessary for our legitimate business purposes. We process Personal Identifiable Data only to the extent necessary to provide the Services, including ensuring the security of the services, providing technical and delivery reports, providing support and developing and implementing improvements and updates, billing, account management, financial and internal reporting, combatting and preventing security threats, cyber attacks, and cybercrime that may affect us or our services, business modeling (e.g. forecasting, capacity and revenue planning, product strategy), fraud, and abuse prevention and detection, product improvement, and to comply with our legal obligations.
Confidentiality of Personal Identifiable Data. We do not sell or share any Personal Identifiable Data. We ensure that any person or Party whom we authorize to process Personal Identifiable Data (including our staff, agents, and subprocessors) are informed of the confidential nature of such Personal Identifiable Data and are under an appropriate obligation of confidentiality (whether a contractual or statutory duty) that survives termination of their engagement. We restrict access to Personal Identifiable Data by sub-processors to what is strictly necessary to provide our Services to you.
Cross Border Transfers of Personal Identifiable Data. We may transfer Personal Identifiable Data if all appropriate safeguards required by Data Protection Legislation are in place. These safeguards can include a prior data transfer impact assessment, the adoption, monitoring, and evaluation of supplementary technical, organizational and legal measures, enforceable data subject rights, and ensuring that effective legal remedies for data subjects are available.
Retention of personal data. We keep Personal Identifiable Data only for as long is allowed and required to fulfill contractual or legal obligations, which may vary depending on the geographical location you are residing in, the Service is procured, or the communications services are terminated. After the required retention period expires, we might keep data in a non-identifiable form for archival, statistical, or other legitimate purposes.
Disclosure requests. We will notify you as soon as reasonably possible if we receive a request from a governmental or regulatory body to disclose Personal Identifiable Data unless such notice is prohibited by law.
Data Breach response and notification. Upon becoming aware of a Personal Identifiable Data Breach, we will, without undue delay:
(a) Notify you; and
(b) Investigate the Personal Data Breach; and
(c) Provide timely Information relating to the Personal Data Breach as it becomes known or as you reasonably request it; and
(d) Take commercially reasonable steps to mitigate the effects and prevent the recurrence of the Personal Data Breach.
Deletion and Return of Personal Identifiable Data. Upon termination or expiration of the Agreement, we delete all Personal Identifiable Data (including copies) in our possession or control, in as far as we are not required by law to retain the Personal Identifiable Data.