EN_Privacy Policy

Privacy Policy

Thanks for using IABAKO !

Below you will find our commitments in terms of privacy, security and protection of personal data that you provide us (your own personal data as well as your customers’ and suppliers’ personal data). With the GDPR (General Data Protection Regulation) your data is even more protected.

If you have any questions regarding our privacy policy, as well as the General Data Protection Regulation (GDPR), feel free to contact us: dpo@iabako.com.

I. General aspects

Security and data protection

We work every day to offer you the best quality in terms of security, availability, privacy and access to our service. We understand that the information you provide us is extremely confidential. For this reason, we do not share any of your information with third parties for advertising purposes and we are committed to guaranteeing you exclusive access to all your information. No one, other than yourself (or anyone else designated by your company), has access to the information you provide us.

All your data is protected by the most advanced encryption methods. The use of our service is private and secure thanks to the SSL protocol. When you access our service, you will notice that it is a “https” session, like those used for secure payments on the internet. Therefore, nobody can access to the information you provide us.

In addition, your data is stored in secured servers. We have redundant systems and procedures in order to guarantee a 24h/24h online service, thus to minimize the risk of a possible data loss.

Password

You are the only one to know your password. It is stored encrypted in our databases, through a “hash type” irreversible function. Therefore we do not know your password. If you forget it, you must choose a new password, after checking a security code sent by email.

IABAKO ask you to select a relatively complex password (8 alphanumeric characters, as well as some symbols) to protect your account from cyberattacks. Be sure to keep your password confidential. We will not be responsible for unauthorized access to your account (people having obtained your password, regardless of the means).

II. General Data Protection Regulation (GDPR)

Starting on May 25 2018, all companies (regardless of their size) having an activity within the European Union, must comply with the GDPR regulation. This regulation aims to strengthen the protection of your personal data, those of your customers, prospects and suppliers, with clear and harmonized rules. IABAKO, as software providers have two roles:

Data Controller 

Regarding the personal data we collect about our customers and prospects for the purpose of our contract management and business development.

In this sense, we are committed to respecting the obligations imposed by the GDPR in order to guarantee a transparent process of your data and provide you a full control of the information you provide us as our customer.

Data Processor 

Regarding all personal data we host about your customers and suppliers, for the purpose of providing our online billing and management services.

We are committed to protecting your data and being transparent about the way we process it according to GDPR standards. Also, we are committed to providing you the required features so that you, as data controller can be as well compliant with GDPR rules.

Our role: Data Controller

As part of our activities (contract management and business development), we collect and process the following personal information (about you): name, first name, email, address and phone, as well as anonymous information (IP address, date and time of access, pages viewed, browser used, etc.). The access to this information is restricted to our Marketing team (for prospection and communication), Customer support team (for support tasks) and business team (for invoicing).

Concerning the nature and the precise purpose of these personal data, we distinguish three different cases:

1.If you visit our website, we consider you a visitor. In this case, anonymous information is collected through of web analysis tools to improve our prospection. You will find more information about process of this data in the Cookies section.

2. If you register and start a free trial period of our service, we will consider you a prospect. In this case, we keep you personal data up to three years.

3. If, after the trial period, you subscribe to one of our packages, we will consider you a customer. In this case, after the end of our customer-supplier relationship, according to European laws, we keep all your information for a period of six years.

In the last two cases (prospect / customer) you can, at any time ask us to delete all your personal information:

Moreover :

– You have full control on the personal data you provide us. You can access your data at any time, rectify it, delete it or request its extraction.

– As part of our data security policy, we have secure servers located in Europe and Canada, redundant systems, and we implement security copies of your data to ensure a full protection of your data. See the Privacy policy of OVH, our infrastructure provider (servers, database and storage).

Cookies

The Cookies are a small, harmless files created by your browser. They record anonymous information about the use you make of our service. We use cookies:

– In order to offer you an adequate experience when you access our service (exemple : the choice of the language).

– in order to use web analysis tools, such as Google Analytics (see Privacy Policy). These tools help us analyze visitors to our website, thus improve our communication.

– In order to improve our prospection, specially regarding our advertising strategies. In this sense, we use the services of Google Adwords (see Privacy Policy) and Facebook (see Privacy Policy).

Mailing and Newsletters

If you subscribe to our service (as customer or prospect), you will receive emails from us:

– To guide you in your free trial period and help you use our software. In this sense, we use the services of MailerLite (See Privacy Policy)

– To communicate new features, tips, promotions using “newsletter” emails. In this sense, we use the services of ElasticEmail (see Privacy Policy).

– To notify you or remind you about certain actions done out in your IABAKO account.

In any case, you can choose to not to receive these emails:

  • Using the “unsubscribe” option located in the emails and newsletters.
  • Through the notifications menu located in your IABAKO (for notification, alerts, and reminder emails).
  • By sending your request to: dpo@iabako.com.

Paypal

In case you want to subscribe to one of our packages, the payment is done through Paypal’s online secure payment platform. During this action, we communicate to Paypal your personal information (name, first name, address, email, phone), in order to facilitate your registration, in case you decide to create a Paypal account to make the payment. (See Privacy Policy)

Please note that a Paypal account is not mandatory to make your payment. You can also make the payment without creating an account. In this case, just the information of your credit card will be requested.

Our Record of processing activities

According to the GDPR guidelines, we have a record of our processing activities containing the activities carried out by IABAKO which have an impact on your personal data.We describe what is the nature of the data collected, their goals and process.

If you want to see this document you can send us your request to: dpo@iabako.com.

Our role: Data processor

If you use IABAKO for your business activities, you will use our software to enter and process the personal data of your customers, prospects and suppliers. In this sense, you are the Data Controller and we are Data Processors.

As the Data Controller, you are the only one who decides what kind of personal information you are using in our software. Whether it is general information (last name, first name, date of birth), contact information (address, telephone), or even more specific information (personalized fields of customers), you are the only person responsible for the use you make of it and the precise objectives of these data.

As a Data Processor, we respect the following obligations:

– All actions you perform with IABAKO are secure and confidential (see Security and Data Protection section, above). No one but yourself (or anyone else designated by you) has access to the the data entered in our software (personal data of your customers, prospects and suppliers).

– You can count on us to support you with the implementation and the respect of the instructions of the GDPR with our software. For any question or requests on the subject, feel free to contact us: dpo@iabako.com

– Even if we are not responsible of the kind of personal data you enter in our software, we will be vigilant and we must alert you in case of violation of one of the GDPR guidelines.

– We handle a Record of Processing Activities, describing the set of activities having and impact on personal data of your customers, prospects and suppliers. If you wish to consult this document, you can send us your request to: dpo@iabako.com

– By accepting our Terms and conditions, you also accept our Privacy Policy and Data Processor Contract :Data processor contract

In addition, please note that we do not have any third-party data processors to handle personal data of your customers, prospects and suppliers.

With IABAKO, you are GDPR compliant

If you use IABAKO as a your business management tool, you are following the guidelines stated on the GDPR:

– You centralize the personal data of your customers, prospects and suppliers in a secure software. Nobody beside you, will access this data.

– You are able to respect your obligations in terms of deletion, update, correction and extraction of personal data of your customers, prospects and suppliers.

– You will be able to manage and restrict the access and authorizations concerning the personal data of your customers, prospects and supplier within the different departments of your company. You will have the control to decide who and how to accesses to your information.

Your Record of Processing Activities

As a Data Controller, you too must have a personal record of processing activities. Do not forget to mention us as Data Processor 🙂 for activities such as CRM (quotations, billing), stock management, follow-up of delivery /purchase orders etc. If you have any questions about this document, feel free to contact us: dpo@iabako.com.

Last update : 01/05/2018