BizFront Limited and the GDPR
BizFront Limited have been working to ensure that we process Personal Data in accordance with Data Protection Law, namely the Maltese Data Protection Act (Chapter 440 of the Laws of Malta) as amended and, as of 25 May 2018, the General Data Protection Regulation (GDPR), the Regulation (EU) 2016/679 of the European Parliament and of the Council of the 27th of April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, the legislation that is designed to strengthen and unify data protection laws for all individuals within the European Union.
This regulation has strengthened the rationale behind some of our existing procedures and processes, required us to strengthen others and has ensured that we place data privacy right at the forefront of our operations.
In preparation for the introduction of GDPR, we have made an assessment of our position and taken action to ensure compliance. We have audited the data that we hold, both data about our clients, prospects, suppliers and others, but also any retention of data from our clients.
We have trained all our staff about the objectives of GDPR, the obligations and responsibilities imposed by the law and the updated policies and procedures related to all things related to data protection.
We have a number of clients, some of whom use our software products on their own premises but others use our BizPos Pro which is hosted at their premises but managed online. Others utilize our services for managing their networking and assisting them in their IT infrastructure. All of these have different implications for everything from data processing responsibilities, data storage, data storage location obligations and data retention.
BizFront Limited is fully aware of the philosophy of GDPR to protect the privacy of data subjects and we subscribe to this philosophy. We will continue to place the privacy of our clients at the forefront of our activities.
Whether you are our customer or not, we understand the importance of your personal data and of your right to privacy. The purpose of this document is to reassure you that we are committed to continuing to do our utmost to keeping your personal data as safe as possible. We invite you to read on and learn about the types of personal data we collect, when we collect it, why we do so, what we do with it – including who we may have to share it with and why – and how long we keep it for and why.
Whether you are a new or existing customer and whichever of our services you make use of, you should read this policy in full and get to know how we work better but, if you choose not to, these are the key points we would like for you to take away:
- Your information is controlled by BizFront Limited. If you have any questions or concerns about how your information is handled, please do not hesitate to contact us by email on email@example.com or by calling (+356) 2149 0791.
- BizFront Limited processes all personal data lawfully and in a proportionate, fair and justified manner and in a manner which recognises, respects and protects your rights. These rights include your right to access, rectify and port out your personal data. Where circumstances allow this, you can also erase the data we hold on you or suspend, withdraw your consent or object to how we collect, use and save your personal information.
- The main reasons we process your information is for us to deliver and maintain the services we offer, for the payment of our services, to improve and develop our products and services and, if you have consented to it, for marketing purposes.
- Unless you misuse our products or services or do not abide by your obligations in our Terms and Conditions, none of the ways in which we process your personal information will have any legal effects on you.
- BizFront Limited never sells personal data and we commit to process personal data strictly in compliance with the EU General Data Protection Regulation (“GDPR”) as well as the Laws of Malta (together the “Applicable Law”).
What Information do we collect?
You may choose to contact BizFront Limited for pre-sales or post-sales services, support or other type of enquiries either via telephone, messaging services or email.
These types of contact may result in us asking you for certain information to allow us to respond and provide you with our services including your name, address, phone number, email address. We will retain and process this personal data in our systems to allow us to service your request and the ongoing relationship with you whether you are a client, prospective client or supplier. Your rights as data subject, as defined below, will of course be preserved.
We also collect Personal Data such as name, email and physical addresses and even credit card information, where necessary, to support our licensing and billing processes.
We collect information in the following ways:
- Information you give us like your name, email address, telephone number and the company / individual with whom you work.
- Information we get from your use of our services. We collect information about the version numbers of the software that your use, serial numbers, number of users and number of companies.
- In some of the licensing procedures, we maintain a list of companies which are required to enable us to generate software activation keys.
- In the software hosted by us, we maintain log information, and this includes:
- details of how you used our service, such as your browsing pages history.
- Login and logout date and time
- Name and company.
- cookies that may uniquely identify your browser and session information.
- Location information from where you are using our services
- We may collect and store information (including personal information) locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches.
BizFront’s web sites utilises cookies to process user usage and behaviour information in a bid to improve user experience.
If your browser has been enabled by you to allow this, BizFront Limited will store Cookie information onto the device used by you to access these sites. You will be able to use your browser’s capabilities to view and delete these cookies. The functionality of the web site may change based on the ability of BizFront Limited to utilise these cookies.
Should you consent to be contacted by BizFront Limited, we shall use the Personal Data provided by you to communicate with you regarding those services for which you have consented to be contacted. This shall be on an opt-in basis.
If you are a user of our software or services, or an end-user of one of our clients, who is obtaining support or needs to be notified of technical or commercial aspects of the use of our software or services, we shall retain the right to communicate with you as a result of a legitimate business interest provision as defined under GDPR.
Where do we store your data?
Unless with explicit, prior, written consent, BizFront Limited shall only store Personal Data within the European Economic Area (EEA).
How long do we keep your data?
Personal Data will be retained by BizFront Limited in accordance with the Data Retention Policy of BizFront Limited as defined in the table below as it relates to different data types:
|Data Type||Retention Policy|
|Client’s Personal Data shared with Authorised Staff for the purposes of the provision of implementation and support services.||30 days|
|Data managed in BizFront’s On-Premises Software||Managed by the Client|
|Personal Data stored related to contracts, billing, procurement and similar administrative processes to enable the on-going relationship between BizFront and the Client||10 years from termination of the relationship.|
|Personal Data related to correspondence, proposals, actions and opportunities||Up to 6 years after termination of the relationship with Client|
What rights do you have to your data?
GDPR provides a data subject with the following rights:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling.
BizFront Limited of course respects these rights, subject to our obligations to retain and process data under other laws. For instance, while we might receive a request for erasure of data from a Data Subject related to that subject, we may not be able to erase data related to that subject which is necessary for the performance of our legal obligations for record keeping. A simple example is that we could erase non-critical correspondence, but we are obliged to retain details of the purchase orders, invoices etc which relate to that Data Subject for period as required by laws related to accounting and business record keeping.
Should you wish to exercise any of these Data Subject Rights please send a request to firstname.lastname@example.org.
This web site has been produced by and for BizFront Limited and is the copyright of BizFront Limited © 2015 – 2018. All rights are reserved.
Centhur is a trademark of BizFront Limited.
All other trademarks are the property of their respective owners.
Every effort has been made to ensure the accuracy of the information displayed on this web site however no guarantees are made regarding this accuracy or the suitability of the respective products and services for use by the reader.