Why do we collect Information and Personal Data?
In general, we collect your information and personal data in order to provide our products and services in the most consistent, efficient and user-friendly way possible. We also collect it to provide appropriate customer support and for purposes of research and development.
We may, in particular, collect information and personal data to:
- fulfill our contractual obligations with you
- fulfill our obligations regarding our products and services
- send renewal and billing reminders for subscriptions
- respond to your e-mails and other requests
- process job applications
- improve the usability of our products and services
- improve and optimize the operation and performance of our products and services
- diagnose problems, errors and security risks in products and services
- prevent fraud and other abuse of our products, services, systems, website and web-app
- comply with the applicable laws and regulations
When using our products and services you generally have choices regarding the information and personal data you wish to share with us. When we ask for such data you can always decline to provide it. Many of our products and services however require a certain amount of your personal data in order to perform properly and to provide you with their features. If you decline to provide that personal data, we won’t be able to deliver the full services to you.
What type of Personal Data might we request?
In general, we may request the following personal data:
- Email address
- SIP address
- IP Address
- Company name and Business address
- Telephone number
- Billing and payment information where you subscribe to services online
- Educational background and employment experience for job applications
When you visit our websites or web-apps we also collect information about your browser type and access times.
When and how do we collect your Information and Personal Data?
In general, we may ask for information and personal data when you:
- use our websites and web-apps
- use our services or products
- request quotes, services, support, downloads, upgrades, trials or general information
- place orders for products or subscribe to services and make payments
- register for events
- subscribe to newsletters, programs, promotional emails or other materials
- apply for a job or submit your CV
- contact us in general
For example, when using the RTC Launcher on the Luware website, we collect information you enter in the window provided as well as the chat messages, duration of the session and the user modalities. Before you can enter anything into the window provided, you are asked to consent to us collecting this data and you are made aware that you do not have to enter your real name or email address in order to use the services.
How do we keep your Personal Data safe?
We take all reasonable steps to protect your information and personal data from misuse, interference and loss, as well as unauthorized access, modification or disclosure. The ways we do this include:
- encryption when collecting or transferring sensitive personal data
- limitation of physical access to our premises and devices
- limitation of access to the information we collect about you
- limitation of access on a strict need-to-know basis
- installation of appropriate security safeguards
- deletion or de-identification of personal data where required by law or by you (where permitted by the applicable law)
- signature of strict confidentiality agreements with all employees, partners and third parties we may disclose your personal data to
- encryption, wherever possible, if personal data is transferred across boarder
This list is not exhaustive. If you wish to receive more information about the data security measures at Luware please contact firstname.lastname@example.org.
Luware is also in the process of obtaining the ISO 27001 certification in order to show compliance with necessary data security requirements according to the applicable laws and regulations. The certification is planned to be in place at the beginning of 2020.
How do we use your Information and Personal Data?
In general, we use information and Personal data to:
- provide our products and services to you properly by means of updating, securing and troubleshooting
- offer hosting and support services
- send communications about services and products for example regarding hosting services, product information or order status and confirmation
- send billing reminders and take payments for subscription renewals and other services we offer • facilitate communication between you and us or between you and our certified partners
- customize, analyze, improve and develop our products, services, technologies, communications and our relationship with you
- prevent fraud and other illegal activities or to comply with the applicable laws in general
- protect the security and integrity of our business, websites, web-apps, products and services
- otherwise, as agreed between you and us at the point of collection of your personal data
We also use some of your information and personal data internally to operate our business, which includes analyzing our performance over a period of time, meeting legal obligations, developing and improving performance of employees and for research purposes.
Who may we disclose your Personal Data to?
We may disclose your personal Data to:
- Luware Affiliates and Luware employees
- Luware certified Partners
- Authorities where required by the applicable laws or where responding to a legal process
- Third parties where this is necessary to take payment for products or subscriptions (this is clearly indicated before payment is taken and before information is transferred to that third party)
Affiliates. Luware AG and all its Affiliates may share the personal data between each other. This relationship and the handling of personal data is governed by the intracompany agreement which addresses and ensures compliance with the legal requirements of the General Data Protection Regulation (GDPR) (EU) 2016/679 (https://gdpr-info.eu) and other applicable laws and regulations.
Employees and Partners. All Luware employees and other contractual partners of Luware are bound to strict confidentiality agreements. We keep all your personal data securely, adhering to strict organizational and technical safety procedures in accordance with the applicable data protection laws.
Where do we keep your Personal Data?
Generally. The data is generally stored at the head office in Zurich (Switzerland). Switzerland has been approved by the EU Commission as a country outside of the EU and the EEA which guarantees sufficient safeguards with respect to the protection of your personal data.
Cross border transfer. Luware may transfer personal data across a country border, including outside the European Economic Area (EEA). In such a case, Luware will, wherever possible, anonymize that personal data so it is no longer classified as personal data according to the applicable data protection laws. Should such an anonymization not be possible, the parties or their relevant affiliates will enter into separate standard unmodified EU Model Clause agreements in their corresponding roles pursuant to EC Decision 2010/87/EU (as amended or replaced, from time to time) with optional clauses removed.
How long do we keep your Personal Data for?
We will keep your personal data for the period necessary to provide you with the services and products. We also keep it for the time necessary to comply with the applicable laws and regulations. Where there are specific contracts in place, we will delete or return to you your personal data within a reasonable timeframe after termination of the contract, unless prohibited by the applicable laws or as agreed otherwise between you and us. All personal data will be deleted when it is no longer needed for the original purpose (unless prohibited by law).
What are your rights?
You have the right, at any time, to request information about the personal data we keep of you. You have the right to request such information in electronic form and, where necessary, request rectification should your personal data not be up to date or inaccurate. Where personal data is not strictly necessary for the performance of the services or contractual obligations, you may also request for such personal data to be permanently and securely deleted.
We want to help you keep your personal data accurate. If you wish to receive information of your personal data, we keep or if you would like to have your personal data deleted, please send an email to email@example.com. Your request will be dealt with in due course and in any case within one month of receipt of such a request.