Last updated: 29 August 2019
To offer PackAware services to you, we will need to collect and process your personal information. By using PackAware, you confirm the collection and processing of your personal information as described in this document.
Collection of personal information
Controller of the collected personal information
ARNON Solutions Oy (0810902-7)
Yrittäjänkatu 17, 65380 Vaasa, Finland
Yrittäjänkatu 17, 65380 Vaasa, Finland
email@example.com, +358 400 352 547
What personal information is collected
We will collect your Microsoft work account identifier, your organization identifier, and email address when you register an account to PackAware. We collect this information to identify your use of our services and to contact you about important topics related to your use of our services.
Additional personal information related to your account may be stored in your profile as necessary to provide service. Some profile information may be optional, and some information may be mandatory.
PackAware receives and records information automatically from your browser or device when you visit PackAware or use the applications, such as your Internet Protocol (IP) address, location, browser information, device identifier and other information related to use of the service. This information may be stored in logs and databases automatically. We use this information to keep the service secure, analyze and understand how the service is used, optimize the usage, to personalize your experience, to detect and fix errors, and to improve the service. This information is collected automatically even if you’ve not registered an account to the service.
We will record your membership if you choose to join an organization. Other members of the organization may be able to see some of your personal information such as your email address.
Any content, such as packages or attachments, you choose to post to PackAware as a member of an organization, is controlled by the organization (PackAware’s customer) and not by ARNON Solutions. The organization may choose to share or make public any content. You should be careful about posting any personal information (yours or anyone else’s).
The Contact support and Contact sales online forms require your name and email address to process and respond to your inquiries.
Sources of personal information
Most of the personal information is collected from you either by automated collection or by your choice to provide us data through forms and views of our services.
Some information is collected from third-party vendors that we use to provide our services. As an example, Microsoft’s services are used to identify users.
Your choice and control of the information we collect on you
Some of the personal data we collect is voluntary.
You may change or correct your personal information in your settings https://packaware.com/Settings.
You may request deletion of personal information stored on you. Some data, such as automatically collected data or data in backups, may be excluded from deletion.
You may request a copy of your personal information stored on you. Some data, such as automatically collected data or data in backups, may be excluded from the copy.
We will respond to your requests within 28 days to confirm our action.
Some messages we send are required and related to our legal obligations or mandatory part of our service. Other messages are voluntary. You may choose which messages you would like to receive in your settings https://packaware.com/Settings.
Personal information in Backup data
For purposes of ensuring redundancy and data integrity, we make backups of data (including personal information) automatically. Our database system encrypts the backup data to protect any personal information contained in the backup files. These backups are not editable or readable outside the database system, so any personal data within a backup cannot be retrieved or deleted with any reasonable technical effort. A backup is retained for 35 days before it is automatically deleted.
Personal information in automatically collected data
Automatically collected data is retained up to 730 days, and it may contain personal information. The personal information in this data cannot be retrieved, modified or deleted with any reasonable technical effort.
Use of personal information
We use the personal information to the extent required in response to support request or when required for security, maintenance, marketing or purpose of providing the service.
We may use the personal information to enable third parties to provide us services. We will only share your personal information to the extent necessary. Third party processors are required to meet the requirements of the GDPR.
We use Arnon Oy (parent company of ARNON Solutions) to provide support and marketing services.
We use Microsoft to authenticate users and for other application services.
We use Mailgun Technologies to provide email delivery services.
We use Stripe to process payments and generate invoices and receipts.
We use Yepzon to provide support for Yepzon Coco tracking device products.
Processing data for customer organization
For organization’s data such as orders, packages and attachments ARNON Solutions is the processor of the data and customer organization is the controller. In this document, we have outlined how we handle personal data. It is up to the customer to ensure a lawful basis for processing exists.
The customer should carefully consider what data is stored in the organization and pay attention to potential personal information included in the data.
Commitment to data security
ARNON Solutions uses appropriate technical and organizational measures to protect your personal information when processing, transferring or storing personal data. This includes the use of encryption technologies during the transfer of information (TLS) and at rest (database data encryption and storage encryption).
You too have an important role in helping us protect your personal information. You should use an account password in accordance with best practices. Do not share your password with anyone you don’t trust. Make sure your computer and browser are up to date and secure. Sign out after you have finished your activity.
Location of data
We store data in Microsoft’s data center in Dublin, Ireland. For redundancy and backup purposes data may be stored in other locations, primarily in Microsoft’s data center in Amsterdam, Netherlands.
We retain personal information we collect from you as necessary to provide you service or to comply with applicable legal, tax or accounting requirements.
When we don’t have a legitimate business need to process your personal information, we will either delete or anonymize it.
International data transfers
Your data can be transferred outside EEA because some third parties we use to provide us services may operate in the USA or other countries. We take steps to ensure adequate safeguards are in place to protect your data as explained in this document. Adequate safeguards that our partners may use include standard contractual clauses approved by EU Commission and the Privacy Shield certification in case of transfers to the USA.
If you have questions or complaints about how we process your personal data, we encourage you to contact us via email at firstname.lastname@example.org.