Loading…

PRIVACY POLICY

Effective date: May 16, 2018

Please read this Privacy Policy (“Privacy policy”) carefully before using our Site located at https://socprime.com/en/ (the “Site”) or using any service (the “Service") operated by SOC Prime Inc. When we use “SOC Prime”, “we”, “our”, or “us”, we are referring to SOC Prime Inc., the company which provides the Services. SOC Prime recognizes the importance of protecting the privacy of your personal information, and we have prepared this Privacy Policy to provide you with important information about our privacy practices. This Privacy Policy governs the manner in which SOC Prime collects, uses, maintains and discloses information collected from users (each, a "User") of the Site.
By accessing or using the Site or the Service in any manner you agree to the terms of this Privacy Policy.

  • Scope
  • SOC Prime demonstrates its commitment to your privacy and this Privacy policy tells you what personal information we collect, how we will collect and use your personal data, with whom we share it, and the choices available to our users regarding our use of the information. We also describe the measures we take to protect the security of the information and how to can contact us about our Privacy policy.
    All data subjects whose personal data is collected, in line with the requirements of the GDPR. By signing up to an account with us or visiting our site, you agree to our Privacy policy. Specifically, you expressly consent to us processing your personal data as described in this Privacy policy.

  • Background to the General Data Protection Regulation (‘GDPR’)
  • The General Data Protection Regulation 2016/679 of the European parliament and of the Council (“GDPR”, “Regulation”) replaces the EU Data Protection Directive of 1995 and supersedes the laws of individual Member States that were developed in compliance with the Data Protection Directive 95/46/EC. Its purpose is to protect the “rights and freedoms” of natural persons (i.e. living individuals) and to ensure that personal data is not processed without their knowledge, and, wherever possible, that it is processed with their consent.
    All data subjects whose personal data is collected, in line with the requirements of the GDPR.

  • Privacy notice.
  • 3.1. Information We Collect. SOC PRIME collects personally-identifying information provided through voluntary registration on our site https://my.socprime.com/en/signup.

    • First name, Last name, Corporate e-mail, Company name, Phone number (optional), Country Place.
    • Other information that you provide to us to receive technical or other Service related assistance during customer service interactions;

    We may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet service providers utilized and other similar information.

    SOC Prime will collect the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary. We do not collect your sensitive personal data.

    3.2. Why does SOC Prime need to collect, process and store personal data? In order for us to provide you with our Services we need to collect personal data to provide and improve them. In any event, we are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy. The personal data we collect includes the following purposes:

    • Providing customer support and help about our Services when you contact us.
    • Contacting you about your account, changes to our Portal Terms and Conditions, this Privacy policy, Cookie policy or other documents, and any other issues regarding our Services.
    • For troubleshooting and testing of our Services to ensure that it is secure, reliable and of high standard and to prohibit illegal activity of using our Services.
    • Maintaining and improving our Services.
    • To respond to legal requests, court orders or lawful requests from government agencies.
    • To subscribe you to a newsletter, send product updates or technical alerts.
    • Analyze IP address data for trends and statistics.

    Our legal basis for the collecting and processing of the personal data. We will only collect and process personal data about you where we have lawful bases. Lawful bases include consent (where you have given consent), contract (where processing is necessary for the performance of a contract with you (e.g. to deliver our Services)) and “legitimate interests”. By signing up to an account you given to us a consent, which express consent to us processing your personal data as described in this Policy. SOC Prime does not collect personal information classified under the Regulation as ‘special categories’.
    If you choose not to provide the information we request, you can still visit our web site, but you may be unable to access certain options, offers, downloads and Services.
    Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object. If you have any questions about the lawful bases upon which we collect and use your personal data, please contact our Data Protection Officer.

    Legitimate interests. The legitimate interests of processing mean that such a processing performed for a task carried out in the public interest or in the exercise of official authority vested in the controller, or on grounds of the legitimate interests of a controller or a third party. SOC Prime may process your personal data for the purposes of our legitimate interests or for the legitimate interests of third parties, provided that such processing shall not outweigh your rights and freedoms. For example, we may process your personal data to:

    • Protect you, us, or others from threats (such as security threats or fraud)
    • Comply with laws that apply to us
    • Enable or administer our business, such as for quality control, consolidated reporting, and customer service
    • Understand and improve our business or customer relationships generally

  • Consent
  • By consenting to this Privacy policy, you are giving us permission to process your personal data specifically for the purposes identified. Specifically, you expressly consent to us processing your personal data as described in this Privacy policy, which provides transparency to our users as how their data is collected and used and serves as a Privacy policy as required by GDPR.
    You may withdraw consent at any time in your Profile Page.
    You are not eligible to register and provide us with personal information if you are 16 and under without parent/guardian's permission. If you learn that a child under 16 has provided us with personal information without consent or if you have any further queries, please contact our DPO by address: dpo@socprime.com

  • How Can You Opt Out of Use and Disclosure of Your Information?
  • SOC Prime will only use your personal data for the purposes described in this Privacy policy or as subsequently authorized by you. You can avoid having your personal data disclosing in the following ways: a) do not provide us with your personal data; b) do not access or request Services; or c) email us at support@socprime.com to request that we deactivate your account and delete your personal information.

    Following the registration process, we also allow Users the option to opt-out of receiving emails from SOC Prime. Users who opt-in may also remove themselves from emailing lists at any time through the edit profile pages or by following the instructions at the end of any email they received from SOC Prime.

  • Disclosure to external suppliers
  • We may pass your personal data on to third-party service providers and partners contracted to SOC Prime in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the Service they provide you on our behalf. When they no longer need your data to fulfil this Service, they will dispose of the details in line with SOC Prime’s procedures.

    SOC Prime selects only suppliers that can provide technical, physical and organizational security that meet our requirements in terms of all the personal data they will process on SOC Prime’s behalf. We will ensure that the all security arrangements are outlined in the contract with the external processor.

    Suppliers from outside the EU will only be selected under the following conditions, in addition to the conditions noted elsewhere in this procedure:

    • if the supplier or the state in which it resides has been positively identified in an adequacy decision by the EU Commission; or
    • where there are organizational and technical safeguards, established between SOC Prime and the supplier to secure the rights and freedoms of data subjects at least equal to those afforded within the EU; or
    • where the arrangement has been approved by the supervisory authority.
    Additional information about the subprocessors we use to support our Service is set forth at SOC Prime Subprocessors.

  • Your account, retention and deletion of the personal data.
  • We may provide you with tools and preference settings that allow you to access, correct, delete, withdraw and modify information associated with your personal data. SOC Prime will retain your personal data for as long as necessary to carry out the Service to you and will store the personal data for 5 years from the moment account is terminated or not used. Then all your personal data collected through the platform will be deleted, as required by applicable law. Alternatively, you at any time may request that we no longer use your information then please contact us at: support@socprime.com

    In some cases, we choose to retain certain information in a depersonalized or aggregated form. We also may retain certain information about you as required by law or for legitimate interests’ purposes as set above after you delete your account.

  • Children's Online Privacy Protection
  • Children are not eligible to use SOC PRIME Services. Minors should not submit any personal information to SOC Prime if they are 16 and under without parent/guardian's permission. SOC Prime does not knowingly collect personal information from persons who are under 16 years of age.

    If you learn that a child under 16 has provided us with personal information without consent please contact our DPO.

  • Your rights as a data subject
  • At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

    • Right of access – you have the right to request a copy of the information that we hold about you.
    • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
    • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
    • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
    • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
    • Right to object – you have the right to object to certain types of processing such as direct marketing.
    • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
    • Right to judicial review: in the event that SOC Prime refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined below.
    As a data subjects you are entitled to exercise all the rights, indicated above through a Subject access request procedure. For this purpose, please, send your request to our Data Protection Officer (DPO) to the e-mail: dpo@socprime.com. In the subject of your letter please indicate the exact title of the right you concerned about (Right of access, Right of rectification, Right to be forgotten, Right to restriction of processing, Right of portability, Right to object, Right to object to automated processing, including profiling, Right to judicial review). It will ensure that you receive the answer to your request from our DPO. DPO provides you the requested information in electronic format within one month from the date of receipt.

  • Complaints
  • In the event that you wish to make a complaint about how your personal data is being processed by SOC Prime or third parties or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and SOC Prime’s Data Protection Officer.

  • Cookies
  • Cookies are small pieces of information that a Web site transfers to an individual's hard drive for record-keeping purposes. Their purpose is to let us know when you visit our site and save preferences you set. Your browser can be set to notify you when you are sent a cookie, giving you the chance to decide whether or not to accept it. To control third party cookies, you can also adjust your browser settings.
    The information we collect and analyze is used to improve our Service to you. Some of the cookies we use are essential for the site to work. We want to be sure you understand that accepting a cookie in no way gives us access to your computer or any personal information about you. The cookies collect information in an anonymous form. The cookie-related information is not used to identify you personally and the pattern data is fully under our control.
    To find out more about cookies, visit our Cookie Policy.

  • People who use our LiveChat service
  • We use a third-party provider Tawk.to to supply and support our LiveChat service, which we use to handle Customer enquiries in real time. If you use this LiveChat service, we will collect your name, email address (optional, if you complete), IP address, User-agent and the contents of your LiveChat session. You can request a transcript of your LiveChat session if you provide your email address. Please, note that Tawk.to will have access to your information as reasonably necessary to perform its tasks on our behalf and are obligated not to disclose or use your personal data for other purposes.

    If you want to know more about the Tawk.to Privacy Police please visit: https://www.tawk.to/privacy-policy/

  • The right to lodge a complaint with a supervisory authority
  • In the event that you wish to make a complaint about how your personal data is being processed by SOC Prime (or third parties), or how your complaint has been handled, you have the right to lodge a complaint directly with the SOC Prime’s Data Protection Officer or our supervisory authority –
    The State Data Protection Inspectorate
    (Valstybinė duomenų apsaugos inspekcija in Lithuanian, website available at http://ada.lt/)

    Address: A. Juozapavičiaus str. 6 LT-09310 Vilnius Lithuania
    T +370 5 279 1445
    F +370 5 261 9494
    ada@ada.lt

  • Links to Third Party Sites
  • We may place links on SOC Prime. When you click on a link to a third-party Site from our Site, your activity and use on the linked Site is governed by that Site’s policies, not by those of SOC Prime. We encourage you to visit their Sites and review their privacy and user policies.

  • Data Protection Officer
  • The Data Protection Officer is responsible for ensuring that this Privacy policy is made available to data subjects prior to SOC Prime collecting/processing their personal data. Our Data Protection Officer can be contacted directly here: Contact Name: Edvinas Pranculis
    12-11 Subačiaus St., LT-01302 Vilnius, Lithuania
    dpo@socprime.com

  • Privacy Shield Framework(s)
  • SOC Prime complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. SOC Prime has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/
    SOC Prime is subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC) for purposes of the Privacy Shield Frameworks.
    We comply with the Privacy Shield Principles for all onward transfers of personal information from the EU and Switzerland, including the onward transfer liability provisions.
    In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

  • Recourse mechanism for Privacy Shield complaints
  • In compliance with the Privacy Shield Principles, SOC Prime Inc. commits to resolve complaints about your privacy and our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy policy should first contact SOC Prime`s Chief Privacy Officer at: cpo@socprime.com (SOC Prime's internal complaints mechanism). In that case you should receive timely acknowledgment of your complaint from us within 45 days.
    SOC Prime has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland. You may direct complaints about personal information to respective DPA.
    For information on how to contact your jurisdiction’s EU DPA visit: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. To contact the Swiss FDPIC visit: https://www.edoeb.admin.ch/edoeb/en/home/the-fdpic/links/data-protection---switzerland.html
    For complaints that cannot be resolved between us and a complainant, we have selected an independent recourse mechanism, the International Dispute Centre of the American Arbitration Association (“ICDR/AAA”), an alternative dispute resolution provider located in the United States to resolve disputes pursuant to the Privacy Shield Principles. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit ICDR/AAA at http://go.adr.org/privacyshield.html for more information or to file a complaint. The services of ICDR/AAA are provided at no cost to you.
    Under certain conditions, if you are not satisfied with the above recourse mechanism, you may be able to invoke binding arbitration.

  • Changes to This Privacy Policy
  • We may change this Policy at any time by updating this page and encourage you to review our Privacy Policy to stay informed. If we plan to change a purpose of collection and processing of personal data, we will provide additional notice via email before starting any new processing. If you do not provide us with a consent to this changes SOC Prime have a right to close your account and discontinue use of our Services and site. If you continue to use our Services after Privacy Policy changes go into effect, you consent to the revised policy.

  • Contacting us
  • If you have questions about this Privacy policy, please feel free to contact us at: legal@socprime.com

  • Definitions (drawn from the GDPR)
  • Data controller – the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
    Data processor - a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller
    Personal data – any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
    Special categories of personal data – personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.
    Data subject – any living individual who is the subject of personal data held by an organisation.
    Processing – any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
    Profiling – is any form of automated processing of personal data intended to evaluate certain personal aspects relating to a natural person, or to analyse or predict that person’s performance at work, economic situation, location, health, personal preferences, reliability, or behavior. This definition is linked to the right of the data subject to object to profiling and a right to be informed about the existence of profiling, of measures based on profiling and the envisaged effects of profiling on the individual.
    Personal data breach – a breach of security leading to the accidental, or unlawful, destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. There is an obligation on the controller to report personal data breaches to the supervisory authority and where the breach is likely to adversely affect the personal data or privacy of the data subject.
    Data subject consent - means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
    Child – the GDPR defines a child as anyone under the age of 16 years old, although this may be lowered to 13 by Member State law. The processing of personal data of a child is only lawful if parental or custodian consent has been obtained. The controller shall make reasonable efforts to verify in such cases that consent is given or authorised by the holder of parental responsibility over the child (Article 8, 1 – first paragraph GDPR).
    Third party – a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.