Thanks for using IABAKO !
Below you will find our commitments in terms of privacy, security and protection of personal data that you provide us (your own personal data as well as your customers’ and suppliers’ personal data). With the GDPR (General Data Protection Regulation) your data is even more protected.
I. General aspects
Security and data protection
We work every day to offer you the best quality in terms of security, availability, privacy and access to our service. We understand that the information you provide us is extremely confidential. For this reason, we do not share any of your information with third parties for advertising purposes and we are committed to guaranteeing you exclusive access to all your information. No one, other than yourself (or anyone else designated by your company), has access to the information you provide us.
All your data is protected by the most advanced encryption methods. The use of our service is private and secure thanks to the SSL protocol. When you access our service, you will notice that it is a “https” session, like those used for secure payments on the internet. Therefore, nobody can access to the information you provide us.
In addition, your data is stored in secured servers. We have redundant systems and procedures in order to guarantee a 24h/24h online service, thus to minimize the risk of a possible data loss.
You are the only one to know your password. It is stored encrypted in our databases, through a “hash type” irreversible function. Therefore we do not know your password. If you forget it, you must choose a new password, after checking a security code sent by email.
IABAKO ask you to select a relatively complex password (8 alphanumeric characters, as well as some symbols) to protect your account from cyberattacks. Be sure to keep your password confidential. We will not be responsible for unauthorized access to your account (people having obtained your password, regardless of the means).
II. General Data Protection Regulation (GDPR)
Starting on May 25 2018, all companies (regardless of their size) having an activity within the European Union, must comply with the GDPR regulation. This regulation aims to strengthen the protection of your personal data, those of your customers, prospects and suppliers, with clear and harmonized rules. IABAKO, as software providers have two roles:
Regarding the personal data we collect about our customers and prospects for the purpose of our contract management and business development.
In this sense, we are committed to respecting the obligations imposed by the GDPR in order to guarantee a transparent process of your data and provide you a full control of the information you provide us as our customer.
Regarding all personal data we host about your customers and suppliers, for the purpose of providing our online billing and management services.
We are committed to protecting your data and being transparent about the way we process it according to GDPR standards. Also, we are committed to providing you the required features so that you, as data controller can be as well compliant with GDPR rules.
Our role: Data Controller
As part of our activities (contract management and business development), we collect and process the following personal information (about you): name, first name, email, address and phone, as well as anonymous information (IP address, date and time of access, pages viewed, browser used, etc.). The access to this information is restricted to our Marketing team (for prospection and communication), Customer support team (for support tasks) and business team (for invoicing).
Concerning the nature and the precise purpose of these personal data, we distinguish three different cases:
1.If you visit our website, we consider you a visitor. In this case, anonymous information is collected through of web analysis tools to improve our prospection. You will find more information about process of this data in the Cookies section.
2. If you register and start a free trial period of our service, we will consider you a prospect. In this case, we keep you personal data up to three years.
3. If, after the trial period, you subscribe to one of our packages, we will consider you a customer. In this case, after the end of our customer-supplier relationship, according to European laws, we keep all your information for a period of six years.
In the last two cases (prospect / customer) you can, at any time ask us to delete all your personal information:
- Through your IABAKO account (users menu).
- By email: firstname.lastname@example.org
– You have full control on the personal data you provide us. You can access your data at any time, rectify it, delete it or request its extraction.
– In order to offer you an adequate experience when you access our service (exemple : the choice of the language).
Mailing and Newsletters
If you subscribe to our service (as customer or prospect), you will receive emails from us:
– To notify you or remind you about certain actions done out in your IABAKO account.
In any case, you can choose to not to receive these emails:
- Using the “unsubscribe” option located in the emails and newsletters.
- Through the notifications menu located in your IABAKO (for notification, alerts, and reminder emails).
- By sending your request to: email@example.com.
Please note that a Paypal account is not mandatory to make your payment. You can also make the payment without creating an account. In this case, just the information of your credit card will be requested.
Our Record of processing activities
According to the GDPR guidelines, we have a record of our processing activities containing the activities carried out by IABAKO which have an impact on your personal data.We describe what is the nature of the data collected, their goals and process.
If you want to see this document you can send us your request to: firstname.lastname@example.org.
Our role: Data processor
If you use IABAKO for your business activities, you will use our software to enter and process the personal data of your customers, prospects and suppliers. In this sense, you are the Data Controller and we are Data Processors.
As the Data Controller, you are the only one who decides what kind of personal information you are using in our software. Whether it is general information (last name, first name, date of birth), contact information (address, telephone), or even more specific information (personalized fields of customers), you are the only person responsible for the use you make of it and the precise objectives of these data.
As a Data Processor, we respect the following obligations:
– All actions you perform with IABAKO are secure and confidential (see Security and Data Protection section, above). No one but yourself (or anyone else designated by you) has access to the the data entered in our software (personal data of your customers, prospects and suppliers).
– You can count on us to support you with the implementation and the respect of the instructions of the GDPR with our software. For any question or requests on the subject, feel free to contact us: email@example.com
– Even if we are not responsible of the kind of personal data you enter in our software, we will be vigilant and we must alert you in case of violation of one of the GDPR guidelines.
– We handle a Record of Processing Activities, describing the set of activities having and impact on personal data of your customers, prospects and suppliers. If you wish to consult this document, you can send us your request to: firstname.lastname@example.org
In addition, please note that we do not have any third-party data processors to handle personal data of your customers, prospects and suppliers.
With IABAKO, you are GDPR compliant
If you use IABAKO as a your business management tool, you are following the guidelines stated on the GDPR:
– You centralize the personal data of your customers, prospects and suppliers in a secure software. Nobody beside you, will access this data.
– You are able to respect your obligations in terms of deletion, update, correction and extraction of personal data of your customers, prospects and suppliers.
– You will be able to manage and restrict the access and authorizations concerning the personal data of your customers, prospects and supplier within the different departments of your company. You will have the control to decide who and how to accesses to your information.
Your Record of Processing Activities
As a Data Controller, you too must have a personal record of processing activities. Do not forget to mention us as Data Processor 🙂 for activities such as CRM (quotations, billing), stock management, follow-up of delivery /purchase orders etc. If you have any questions about this document, feel free to contact us: email@example.com.
Last update : 01/05/2018