Privacy Policy

42Gears Mobility Systems Private Limited (“We”) respects its users’ (“User”/“You”/”Customer”/”Your”) privacy and appreciate Your concern to protect Your privacy. This Privacy Policy has been adopted by us to inform you of how we handle the information that you share with us.

GDPR Statement:

The European Union (EU) General Data Protection Regulation (GDPR), enforceable as of May 25, 2018, imposes additional requirements upon companies to enhance the protection of personal data of EU residents. 42Gears Mobility Systems has a dedicated, core-functional team overseeing 42Gears' GDPR readiness. We discuss our efforts and commitment to GDPR below.

 

42Gears’ Commitment to General Data Protection Regulation:

GDPR regulates the governance of personal data for European Union citizens with a prominence on Data security and  Data privacy. The GDPR not only apply to companies that operate in the European Union (EU) but it will also impact companies operating outside of the EU, if they process any personal data of any of its customers in the EU.

42Gears has established its Information security and Data privacy principles to protect the privacy and information rights of its Customers. We are strenuously committed to GDPR compliance.

Personal Data:

Personal data is the information relating to an individual who can be directly or indirectly identified from that data. Identification of personal data can be through reference to the information itself, or in conjunction with any other information in our possession or is likely to come into such possession. The processing of personal data in the EU is governed by the General Data Protection Regulation.

Privacy Notice:

The purpose of this Privacy Notice is to outline how we have established measures to protect your privacy rights.

Customer Data:

We may receive, store or process certain information including personal information on behalf of our customers. Under the EU-GDPR such information is controlled and owned by the Customers, referred to as Data Controllers with respect to such information.

This Customer Data may include information from devices or other systems that the Customer manages and monitors using our services or products. It could also include end user data related to an individual’s activities on Customer’s network and systems including but not limited to Email address, IP address, device information, CPU usage and any other data related to address a support or a service request. Under GDPR we are primarily a data processor for Customer Data.

Data collected:

We collect some information to conduct our regular business operations and administration that may include some personal information such as Company name, email address and contact details. We outline this below as:

  • Data collected from website users;
  • Data collected through the use of our products and services; and
  • Other data

Data collected from website users:

When you visit our website or seek to conduct business with us you may be prompted to provide certain personal information such as name, email address, mobile number, organization name and geographic location etc. This information is used by us in the following ways:

  1. Help us connect with you or to establish communication at your request.
  2. Collect your Email address to subscribe to our newsletters.
  3. Register for webinars.
  4. Enquire about our products and services.

Generally, the personal information you provide to us are necessary to provide information you have requested, resolve a complaint or address a query.

We may also collect billing and transactional details of the Customer during their purchase of our products or services. We work with industry standard payment providers to collect payment.

Our servers automatically collect certain information when you visit our website. This information does not necessarily reveal your identity directly but it may include information about the specific device used, such as the hardware model, operating system version, web-browser software (such as Firefox, Safari, or Internet Explorer) and the Internet Protocol (IP) address/MAC address/device identifier. In some countries, including the European Economic Area, this information may be considered personal information under applicable General Data Protection Regulation. We do not use this information to identify you, and do not process this information actively. The collection is a by-product of using the website.

Data Collected through the use of our Products and Services:

Usage Data: Where our customers subscribe to our products and services we collect certain technical information obtained from software, systems hosting the services or products and device accessing these products and services which do not directly identify the end user herein referred to as Usage Data. We collect this information for business analytics to identify how our products and services are used by our Customers. The extent of this collection is configurable by our customers, but as an indication, our collection of  technical information that constitutes personal data includes (but is not limited to):

  • IP Address
  • Email address
  • Company name
  • Mobile number
  • Device Time
  • Device Model
  • RAM Information
  • Storage Information
  • Bluetooth Information
  • Data Usage details
  • Password Strength
  • Device Notes
  • Other usage statistics

We do not collect usage details about Customer’s end users, except as necessary for support or to provide the Services requested by Customers (in which case we are a data processor of such data).  The information is only processed to provide the service requested by the Customer.

Other Data:

Cookies

Our website uses "cookies", which are files in text format placed on Your (User's) computer, to help the website analyse how Users use the site. The cookie provides information about Your use of the website (including your IP address) for the purpose of evaluating and compiling reports on website activity and internet usage. You may refuse the use of cookies by selecting the appropriate settings on your browser, however, please note that if You do this You may not be able to use the full functionality of this website.

Use of Personal Data:

Following is an overview of the core purpose for using the personal information collected by us.

Data collected from website users

For Customers in the European Union, our processing (i.e use) of your personal information is justified on the following legal basis:

  • the processing is necessary to perform a contract with you or take steps to enter into a contract at your request; This is the primary basis of our processing.
  • the processing is in our legitimate interests, subject to your interests and fundamental rights, and notably our legitimate interest in using applicable data to conduct and develop our business activities; or
  • you have clearly consented to the processing of your personal data for a specific purpose.

The personal data we collect is used for the following purposes:

  • conduct and develop our business with you and with others;
  • engage you about events, promotions, the websites and our products and services;
  • provide you with documentation or communications which you have requested;
  • correspond with users to resolve their queries or complaints;
  • provide you with any Services you request;
  • send you marketing communications, where you have subscribed to receive such marketing communications or where it is lawful for us to do so;

Data collected through the use of our products and services

For Customers in the European Union, our processing (use) of your personal information is justified on the following legal basis:

  • the processing is necessary to perform a contract with you or take steps to enter into a contract at your request; This is the primary basis of our processing.

The personal data we collect is used for the following purpose:

  • conduct and develop our business with you and with others;
  • process, evaluate and complete certain transactions involving our products and services;
  • maintain our internal business and accounting records;
  • provide you with any Services you request;
  • manage, protect against and investigate fraud, risk exposure, claims and other liabilities, including but not limited to violation of our contract terms or laws or regulations.

Other data

For Customers in the European Union, our processing (i.e use) of your personal information is justified on the following legal basis:

  • the processing is in our legitimate interests, subject to your interests and rights, and notably our legitimate interest in using applicable data to conduct and develop our business activities; or
  • you have clearly consented to the processing of your personal data for a specific purpose.

The personal data we collect is used for the following purpose:

  • operate, evaluate, maintain, improve and develop our products and services or our websites (including by monitoring and analysing trends, access to, and use of the website for advertising and marketing);
  • customize our websites, products or services to users' needs;

 

Disclosure of Personal Data to Service Providers:

We engage third parties to support the services we deliver to you. These third parties assist us in providing information, products or services to you, in conducting and managing our business, or in managing and improving our products/Services or our websites.

We share your personal data with these third parties to render services for which they have been engaged by us to perform on our behalf, subject to appropriate contractual restrictions and security measures, or if we believe it is reasonably necessary to prevent harm or loss, or it believes that the disclosure will further an investigation of suspected or actual illegal activities.

The third parties may include:

  • Cloud infrastructure providers such as Amazon Web Services (AWS).
  • Cloud application and productivity providers to support our internal office operations such as email and document management.
  • Administration and support: to enable customer support and assist in sales management.
  • Marketing and Newsletter: To manage our email communication with our Customers for marketing purpose such as newsletters etc.
  • Payment Gateways: We work with commercial payment gateways such as PayPal, Stripe, Chargify and BlueSnap. Customers can select the payment gateways, upon selection you are transferred to systems controlled by these service providers to complete the payment. The payment gateways render the payment services as a data controller and comply with all the obligations for processing the data under the applicable data protection laws.

We do not share, sell, rent, or trade any of your personal information to third parties, other than as necessary to deliver the services we provide you or to administer our business.

 

International Transfer:

Personal information collected by us including any and all the personal information of the EU Customers may, therefore be processed by our service providers in the United States. However, where you are using 42Gears UEM SureMDM - Software as a Service solutions, you can select whether processing of device specific information takes place in the EU or in the United States when you first register for such service.

We will protect the personal information in accordance with this Privacy Notice. We take appropriate contractual or other measures to protect the personal information in accordance with the applicable laws pertaining to Data Protection.

Where processing takes place in the United States we ensure that the service providers have subscribed to the EU-US Privacy Shield Framework. Further details can be found at: http://www.commerce.gov/sites/commerce.gov/files/media/files/2016/eu-us_privacy_shield_fact_sheet.pdf

https://aws.amazon.com/compliance/gdpr-center/

 

Security:

The nature of our services is such that we share a responsibility with our Customers for the security of data.

We aim to safeguard and protect your personal data from unauthorized access, improper use or disclosure, unauthorized modification or unlawful destruction or accidental loss, and have adopted reasonable technical and organisational security measures to ensure that this is the case, in line with established commercial good practice.

It is nevertheless important that our Customers recognise their responsibility in maintaining effective security in the use of our services.

 

Retention of Personal Data:

We retain your personal data for as long as required to fulfil the purposes for which it was collected.  A summary of our approach to retention is outlined below:

  • Data collected from website users:  We retain this information for the duration of our relationship with the Customer.  Once you have initiated and, where appropriate consented to our communication, you have the right to request us to stop communication (see the ‘Rights’ section below).
  • Data collected through the use of our products and services: Data collected to deliver the products and services to the Customers (for example, data relating to specific devices) is typically retained by us for less than twelve months after termination of the active license. Active license herein includes the trial and paid licenses which are not expired. Data relating to our commercial arrangement (billing information) will be held as long as necessary for us to fulfil our statutory record keeping obligations.

 

  • Other data: We store other data for as long as needed to fulfil its purpose.  We have a default retention period defined and take what we consider are reasonable measures to remove the data once this has expired.

In some circumstances, we may retain personal data for other periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required.

In specific circumstances, we may also retain your personal data for longer periods of time corresponding to a statute of limitation, so that we have an accurate record of your dealings with us in the event of any complaints or challenges.

 

Your Rights:

For Customers in the European Union, Your rights under the GDPR are outlined below.  For Customers outside the European Union, You may have some or all of the following rights available to you in respect of your personal data, depending on the reason for processing this data:

  • Right to be informed- you have the right to obtain a copy of your personal data together with information about how and on what basis that personal data is processed.
  • Right of access: You have the right to access your personal data and supplementary information provided.
  • Right of Rectification: You have the right to rectify inaccurate personal data (including the right to have incomplete personal data completed).
  • Right to Erasure: You have the right to erase your personal data (in limited circumstances, such as where it is no longer necessary in relation to the purposes for which it was collected or processed.
  • Right to restrict processing: you have the right to request we cease processing if – where you object to processing and we have to consider whether we still have a legitimate interest to process it.
  • Right to data portability: You have the right to port your data in machine-readable format to a third party (or to you) when we justify our processing on the basis of your consent or the performance of a contract with you;
  • Right relating to automated decision making including profiling: You have the right to obtain, or see a copy of the appropriate safeguards under which your personal data is transferred to a third country or international organization.
  • Right to Object:  You have the right to object, on grounds relating to your particular situation, at any time to any processing of your personal data for which we have justified on the basis of a legitimate interest, including profiling (as opposed to your consent) or to perform a contract with you. You also have the right to object at any time to any processing of your personal data for direct marketing purposes, including profiling for marketing purposes.

 

Contact Details:

We recognize that you may have questions on how we process your data, or you may want to change either the data we hold or how we communicate with you in the future.

If you have given consent for processing, you are free to withdraw the consent. In this case you may write us at dpo@42gears.com.

You can request deletion of your personal information at any time and we will consider your request in accordance with applicable laws.  Please contact us at dpo@42gears.com.
If you have questions in respect to this Privacy Notice, or would like to exercise your right please write to us at dpo@42gears.com.

Where you are a European Customer and you are unhappy towards your response to a query or you have a further complaint , the Information Commissioner’s Office can be contacted on https://ico.org.uk.

 

Further Information:

This Privacy Policy applies to all the products/services offered by us. Each of our third party service providers have their own privacy policies, You acknowledge that your visit to any third party service provider website will solely be at your discretion and risk. We do not claim knowledge of or ownership of any content in any third party websites nor do we endorse any third party website.

Updates to this Policy:

This Privacy Policy may be updated from time to time to bring in new security measures (if required) or to comply with applicable laws and shall by updating this page accordingly. You should check this page periodically to ensure that you accept and are compliant with the amended Privacy Policy Your continued use of this website will constitute Your agreement to this Privacy Policy and any amendments thereto.

If at any time You have questions or concerns about the Privacy Policy, please feel free to email us at legal@42gears.com.

Last Updated: May 18, 2018