42Gears Mobility Systems Private Limited and its affiliates and subsidiaries (“We”) respects its users’ (“User”/“You”/”Customer”/”Your”) privacy and appreciates Your concern to protect Your privacy. This Privacy Notice has been adopted by us to inform You of how we handle the information that You share with us. Unless otherwise defined in this Privacy Notice, the terms used in this Privacy Notice have the same meanings as in our Terms and Conditions.
The purpose of this Privacy Notice is to outline how we have established measures to protect Your privacy rights in accordance with the GDPR (EU General Data Protection Regulation), California Consumer Privacy Act as well as the laws of India (together “Applicable Laws”) where 42Gears Mobility Systems Private Limited (the Parent Company) is incorporated.
WHAT DATA WE COLLECT
We collect some information to conduct our regular business operations and administration that may include some personal information such as name, email address and contact details. We outline this below as:
- Data collected from website users;
- Data collected through the use of our products and services; and
- Other data
Personal data is the information relating to an individual who can be directly or indirectly identified from that data. Identification of personal data can be through reference to the information itself, or in conjunction with any other information in our possession or is likely to come into such possession. The processing of personal data in the EU is governed by the General Data Protection Regulation.
We may receive, store or process certain information including personally identifiable information on behalf of our customers. For the purpose of this Privacy Notice, we are a Data Controller of Your Personal Data as and when You directly use/purchase our products and services. Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed. However, in case You entrust any of Your data including Your customers or employees data through any of our structured means such as Resellers, Partners or distributers, we manage such data as a data processor or sub processor (Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller and Processor use another organization is sub processor) whatever the case may be.The data You entrust to us for processing is called Customer Data.
This Customer Data may include information from devices or other systems that the Customer manages and monitors using our services or products. It could also include end user data related to an individual’s activities on Customer’s network and systems including, but not limited to, email address, IP address, device information, CPU usage and any other data related to addressing a support or service request. Under GDPR we are primarily a data processor for Customer Data.
We do not sell or intend to sell or rent any personal data of Yours being collected, processed or stored in our systems in any manner whatsoever.
HOW WE COLLECT DATA
Data collected from website users
When You visit our website or seek to conduct business with us You may be prompted to provide certain personal information such as name, email address, mobile number, and geographic location etc. This information is used by us in the following ways:
- Help us connect with You or to establish communication at Your request.
- Collect Your Email address to subscribe to our newsletters.
- Register for webinars.
- Enquire about our products and services.
- Register or apply to our Partner Program
Generally, the personal information You provide to us is necessary to provide You with the information You have requested for and to resolve a complaint or address Your query.
We may also collect the personal information disclosed by You on our forums, blogs and testimonials or to any platforms to which You are able to post information and materials including third party services (such as social media channels) and through our any other Offerings.
We may also collect billing and transactional details of the Customer during their purchase of our products or services. We work with industry-standard payment providers to collect payment.
Please note that providing personal information to us is voluntary on Your part. If You choose not to provide us certain information, we may not be able to offer You certain products or services , and You may not be able to access certain features provided on our website.
Our servers automatically collect certain information when You visit our website. This information does not necessarily reveal Your identity directly but it may include information about the specific device used, such as the hardware model, operating system version, web-browser software (such as Firefox, Safari, or Internet Explorer) and the Internet Protocol (IP) address/MAC address/device identifier. In some countries, including the European Economic Area, this information may be considered personal information under the GDPR. We do not use this information to identify You, and do not process this information actively. The collection is a by-product of using the website.
Data Collected through the use of our Products and Services
Usage Data: Where our customers subscribe to our products and services we collect certain technical information obtained from software, systems hosting the services or products and devices accessing these products and services which do not directly identify the end user herein referred to as Usage Data. We collect this information for business analytics to identify how our products and services are used by our Customers. The extent of this collection is configurable by our customers, but as an indication, our collection of technical information that constitutes personal data includes (but is not limited to):
IP Address, Email address, Company name, Mobile number, Device Time, Device Model, RAM Information, Storage Information, Bluetooth Information, Data Usage details, Password Strength, Device Notes, Other usage statistics
We do not collect usage details about Customer’s end users, except as necessary for support or to provide the Services requested by Customers (in which case we are a data processor of such data). The information is only processed to provide the service requested by the Customer.
Location Related Information
We give our users more control over how our applications collect location data from their devices.
Whenever You elect to provide access for the location based information while using our SureMDM Nix Agent, we collect such location data for the purposes including, but not limited to location tracking, Geo-Fencing etc etc..
With Your consent, our Products may also collect additional asset related information such as IMEI, IMSI, Phone Number, Serial Number etc only for the purpose necessary for support or to provide the services requested by the user.
In addition, some of the features of our Product may enable us to access Your location in order to customize Your experience with the Service based on Your location (“Location based Services”). In order to use certain Location based Services, You must enable certain features of Your device such as GPS, WiFi, and Bluetooth, which will enable us to identify Your location through a variety of means, including GPS location, IP address, geo-fencing technology, as available. The Location-based Services feature in our Products is powered by Google Maps.
In case the user enables the location services and provides their express consent by way of the device settings while using our Service,our application will collect location data even when the application is running in the background.
The data stored on your mobile device and their location information to which the mobile applications have access will be used in the context of the mobile application, and transferred to and associated with your account in the corresponding services.
Call Logs Related Information
With the explicit prior consent of our users, we may further request access or permission to certain features from Your mobile devices, including but not limited to Your device's Call logs, SMS Logs, Contacts, etc for the purpose of collecting data for inventory management and accessing SIM Card information for IT administrators.
The administrators may configure SureMDM to collect usage information, such as the number of calls, statistics (number of calls made or received, duration of calls, etc).
SMS Related Information
The IT administrator shall with clear and explicit prior consent may configure SureMDM to collect the text messages sent or received. This information may assist the administrator in managing SMS limits on the user cellular plan.
Based on how the administrator has configured SureMDM Agent, the data may include:
- The number of SMS sent or received; and
- Name of sender, name of recipient, date, time, content of the SMS, etc
The aforesaid collection of the Call and SMS logs are limited to the legitimate purpose(s) mentioned herein.
Storage Usage: This is a SureMDM functionality that allows access to a device’s internal and external storage. When enabled, SureMDM may collect the contents of the device storage, including the SD card and locally stored files. Also, based on how the user has configured SureMDM Agent, certain functionality may allow administrators to have read and write access to the device file system.
For further information about SureMDM Agent’s other data collection and purpose(s), kindly have a look at our Security and Compliance Page which talks about the “Required App Permissions”.
Contacts: If You choose to enable the functionality of “Contacts”, the SureMDM Agent will be able to collect Your Contact Information including contact name, phone number, even when the app is running in the background or is not actively being used. This will allow your SureMDM Administrator to blocklist the incoming and outgoing calls, allow listing new contacts, and remotely delete a contact.
Further, Contact list details may be transmitted and stored on our SureMDM secure server for purposes of generating reports for SMS and Call logs . The data stored in the server is never shared with any third party or applications and processed only in accordance with applicable privacy regulations, including Art. 6 Para. 1 (f) GDPR on the basis of our legitimate interest.
SureLock Access: We provide our users the ability to control the types of information they collect about user’s devices:
SureLock will allow us to capture the SMS content, Call Logs, Storage, Location, All Files Access in order to function properly and for the purpose of the administrator to change passwords through received SMS Commands, blocks, or whitelist phone calls, and SMS and others.
Based on how the administrator configured the run-time permissions, the data may include but is not limited to:
SureLock can read only the “Phone Number” to allow/block the incoming and outgoing calls with Call log permission.
SureLock can read “Name of sender”, “content of the SMS” in order to change the Android lock screen PIN with SMS permission.
Contacts: SureLock will be able to read your Contacts data including contact name and phone number, even when the app is running in the background or is not actively being used. This will allow your SureLock to blocklist the incoming and outgoing calls, allowlist new contacts, etc.
Please note that Contacts list details are not transmitted or stored or captured on the server and are available merely on the device side (“ SureLock Application”) until the requisite permission is disabled on the device.
The legitimate purpose to collect the aforementioned data is to ensure that the administrator manages the devices in an appropriate manner.
- Examples of Cookies we use: For analytics and performance: These cookies help us understand how you use our services and use that data to optimize and improve our services. For example we use Google Analytics cookies to understand how visitors arrive at our website, which content they read or spend their time on, identify areas such as website navigation, user experience and marketing campaigns.
Targeting Cookies or Advertising Cookies: These cookies collect information about your browsing habits in order to make advertising relevant to You and Your interests. They remember the websites You have visited and that information is shared with other parties such as advertising technology service providers and advertisers. In addition to our own cookies, We use some third-party cookies to report usage statistics of the service, deliver advertisements on and through the service, and so on. We also use a third party application Crazy Egg for tracking and analysing the activities of our website visitors. To find out Crazy Egg ‘s Privacy Practice and data security, please refer to the link here https://www.crazyegg.com/privacy. However, in case you wish to opt-out of the Crazy Egg’s services click on the link provided: https://www.crazyegg.com/opt-out
- How to opt-out: To opt-out from the cookies, you can configure your browser through appropriate settings. However, you will not be able to opt-out from cookies which are “absolutely necessary” for our services.
Links to third-party cookie providers and their privacy/opt-out pages:
For Customers in the European Union, our processing (use) of Your personal information is justified on the following legal basis:
• The processing is necessary to perform a contract with You or take steps to enter into a contract at Your request; This is the primary basis of our processing.
For Customers in the European Union, our processing (i.e use) of Your personal information is justified on the following legal basis:
- the processing is in our legitimate interests, subject to Your interests and rights, and notably our legitimate interest in using applicable data to conduct and develop our business activities; or
- You have clearly consented to the processing of Your personal data for a specific purpose.
We also use “Intercom”, a live chat platform that connects Users with our customer support team and during this process we collect some personal information such as name, email address and contact number with the express consent of the Users in order to start the conversation. The messages and data exchanged are stored within the Intercom application and Freshdesk. For more information on the privacy practices of Intercom and Freshdesk, please visit https://www.intercom.com/terms-and-policies#privacy and https://www.freshworks.com/privacy/1-jan-2020/ respectively.
We are not making use of these messages or data other than to follow up on Users registered issues or inquiries. Your personal data will be processed and transmitted in accordance with applicable regulation and You can also request us to delete the stored data as provided in this Privacy Notice.
“DO NOT TRACK” SIGNALS UNDER CALIFORNIA ONLINE PROTECTION ACT (CalOPPA)
Some internet browsers have enabled Do Not Track (DNT) features, which sends out a signal (called the DNT signal) to the website that you visit indicating that you don't wish to be tracked. This is different from blocking or deleting cookies, as browsers with a Do Not Track feature enabled may still accept cookies. No industry standard currently exists on how companies should respond to Do Not Track signals, although one may develop in the future. Our website is not currently designed to recognize and respond to Do Not Track signals.
The nature of our services is such that we share a responsibility with our Customers for the security of data.
We aim to safeguard and protect Your personal data from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction or accidental loss, and have adopted reasonable technical and organizational security measures. In line with 42Gears commitment to ensure protection of Your privacy and establish good business practices we have been certified by industry- standards such as ISO 27001:2013.
It is nevertheless important that our Customers recognise their responsibility in maintaining effective security in the use of our services. While we will use all reasonable efforts to safeguard Your personal data, You acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that transferred from You or to You via the internet.
NOTICE TO END USERS
Many of our Products or Services are intended to be used by the organization or made available through an organization (eg. your employer), that organisation is an administrator of the Services who is responsible and has control over all the related accounts and/or services. In such a scenario, please direct your data privacy related questions to your administrator, as your use of the services is subject to that organisation’s policies. We don't hold any responsibility for such privacy or security practices of an administrator’s organisation, which might be different from this Notice.
Administrators are able to:
- require you to reset your account password;
- restrict, suspend or terminate your access to the Services;
- access information in and about your account;
- access or retain information stored as part of your account;
- install or uninstall third-party apps or other integrations
In some cases, administrators can also:
- restrict, suspend or terminate your account access;
- change the email address associated with your account;
- change your information, including profile information;
- restrict your ability to edit, restrict, modify or delete information
Please contact your organization or refer to your administrator’s organizational policies for more information.
POLICY TOWARDS MINORS OR CHILDREN
We do not knowingly collect or solicit personal information from anyone under the age of 18 or knowingly allow such persons to register for the Services. It has also been provided in our Terms and Conditions for using our website.
OUR ONGOING EFFORTS TO BE TRANSPARENT
We continue to make available necessary information to help our Users better understand 42Gears processing of personal information and how to exercise choices regarding the use of Your personal information through various channels including this Privacy Notice and any other relevant information that may be made available timely on our website or on Your devices.
This Privacy Notice applies to all the products/services offered by us. Each of our third-party service providers have their own privacy policies/notice. You acknowledge that Your visit to any third-party service provider website will solely be at Your own discretion and risk. We do not claim knowledge of or ownership of any content in any third-party websites nor do we endorse any third-party website.
UPDATES TO THIS NOTICE
This Privacy Notice may be updated from time to time to bring in new security measures (if required) or to comply with applicable laws . You should review this page periodically to ensure that You accept and are compliant with the amended Privacy Notice. Your continued use of this website will constitute Your agreement to this Privacy Notice and any amendments thereto. Changes to this Privacy Notice are effective when they are posted on this Page.
We value your privacy and your rights as a data subject and have therefore appointed Prighter as our privacy representative and your point of contact.
Prighter gives you an easy way to exercise your privacy-related rights (e.g., requests to access or erase personal data). If you want to contact us via our representative Prighter or make use of your data subject rights, please visit: https://prighter.com/q/19678700118
If You have any questions or concerns about this Privacy Notice, please feel free to email us at email@example.com.
Last Updated: November 26, 2021