Privacy notice
Privacy Notice – General users and clients
Effective from 20th Mar 2024
Introduction
We appreciate the trust you place in us when sharing your personal data. Movate (formerly CSS Corp) including its subsidiaries and affiliates; Movate Technology Services (Dalian) Ltd., China; Movate Technologies Costa Rica Limitada, Costa Rica; Movate Technologies Private Limited, India; Movate SDN. BHD, Malaysia; Movate (Mauritius) Limited, Mauritius; Movate Philippines.Inc. Philippines; Movate SP Z.O.O, Poland; Movate PTE Limited., Singapore; Cybernet Software Systems, Inc. USA; Movate Inc., USA; Movate UK Limited., UK; OnDemand Answers Inc., US; Movate Belgium BV, Belgium; Movate Technologies S.R.L., Romania; Movate SAS, Colombia; Movate UK Limited – Sucursal Em Portugal; Movate Canada. Inc., Canada; respects the privacy of its customers, business partners, and all relevant stakeholders. In this document, we will explain how we collect, use, and protect your personal data. We will also explain what rights you have with regards to your personal data and how you can exercise those rights. This document also describes the measures we take to protect the security of the information and how individuals can contact us about our privacy practices.
If you need more information, please contact:privacy.officer@movate.com
We take the security of all the data we hold very seriously. We adhere to internationally recognized security standards and our information security management system relating to client confidential data is independently certified as complying with the requirements of ISO/IEC 27001: 2013. We have a framework of policies, procedures, and training in place covering data protection, confidentiality, and security and regularly review the appropriateness of the measures we have in place to keep the data secured. We have developed our Data Privacy policy in line with the requirements of the European Union Data Protection Directive (Directive 95/46/EC) and the General Data Protection Regulation (in force from 25 May 2018) and applicable national laws.
1. The information we collect
We collect and use the contact details of our customers, clients, and customers in order to manage and maintain our relationship with those individuals. Our policy is to collect only the personal data necessary for agreed purposes and we ask our clients only to share personal data where it is strictly needed for those purposes. The personal data may include Name, email ID, Home address, Work address, phone numbers, and job titles. In some cases, we also need invoice details, delivery addresses, payment credit card details, and any other information which you provide to process our activity.
IP Addresses
Movate web servers gather your IP address to assist with the diagnosis of problems or support issues with our services, and to monitor the use of our Site, including the monitoring of the location of our users.
Cookies and Similar Tracking Technologies
We and our service providers use technologies on our sites to collect information that helps us improve the quality of our services and the online experience of our visitors and users. In this Privacy Notice, we refer to these technologies, which include cookies. These are small text files stored on your computer or mobile device to remember your actions or preferences over time such as session cookies, flash cookies, HTML5, and JavaScript. They help deliver and gather usage and performance data and similar technologies from third-party providers and are collectively known as “cookies.” Cookies allow us to personalize your return visits and save you time during certain activities, by remembering your user preferences – remaining logged on into our site. Most web browsers support cookies and users can control the use of cookies at the individual browser level. Please note that if you choose to disable cookies, it may limit your use of certain features or functions on our sites.
For further information, please refer the Movate Cookie policy https://www.movate.com/cookie-policy/.
2. How we use your information
Providing professional services
We provide a diverse range of professional services to our clients and customers. Some of our services require us to process personal data in order to provide maintenance, delivery, advice, and troubleshooting services. For example, we will take the customer’s personal details to verify customer credentials in order to ensure the delivery of technological troubleshooting services to the right customer.
Quality Assurance management
We monitor the services provided to the clients and customers for improving the quality of our services, which may involve processing personal data stored on our or our client’s IT platforms / Operating Systems. We have policies and procedures in place to monitor the quality of our services and security risks management. As part of our process, we also carry out searches using publicly available sources like the internet. Where either we or a customer contact by telephone or any similar voice-over channels, we may record the conversation with our customers for improvement of quality, training, and security purposes, in accordance with our legitimate interests. Our Research and Development team some time use your information to invite you to take part in market research or surveys.
Business administration and management
We process personal data in order to run our business, including managing our relationship with our clients, customers, and the third party, developing our businesses and services to accommodate customer satisfaction, like identifying client & customer’s needs and improvements in our service delivery, improving technology in our Information and Communications Technology systems, administration and management of our website and client tools. We also use information you provide to personalize (i) our communications to you; (ii) our website; and (iii) products or services for you, in accordance with our legitimate interests.
We may also send you direct marketing in relation to relevant products and services. Electronic direct marketing will only be sent where you have given your consent to receive it, or (where this is allowed) you have been given an opportunity to opt-out. You will continue to be able to opt-out of electronic direct marketing at any time by following the instructions in the relevant communication.
Legal and regulatory requirements
We need to keep certain personal data to demonstrate that our services are provided in compliance with applicable legal and regulatory requirements. In the event we are required to disclose personal data to comply with the direction issued by a public authorities, governmental, statutory, national security, or law enforcement authority, we will take commercially reasonable steps to disclose only such information that is required and were permitted by such authorities, we will inform you.
3. With whom and where will we share your personal data?
We may share your personal data with our subsidiaries to process it for the purposes of inter-group administration and to deliver products or services where elements of these are provided by group companies other than those with which you have directly contracted.
Use of the third party:
We are part of a global network of companies, firms, and other service providers, we use third parties located in other countries to help us run our business in a legitimate way. As a result, personal data may be transferred outside the countries where we and our clients are located. These countries may include countries outside the EU/EEA area. We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EU are done lawfully. Where we transfer personal data outside of the EU to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be under an agreement which covers the EU requirements for the transfer of personal data outside the EU, such as the European Commission approved standard contractual clauses.
We will only share personal data with others when we are legally permitted to do so. When we share data with others, we put contractual arrangements and security mechanisms in place to protect the data and to comply with our data protection, confidentiality, and security standards.
We use third parties to support us in providing our services and to help provide, run, and manage our internal IT systems. For example, providers of information technology, cloud-based software as a service provider, identity management, website hosting and management, data analysis, data back-up, security, and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centers around the world, and personal data may be stored in any one of them.
Corporate Transactions: If Movate is involved in a merger, acquisition, dissolution, sale of all or a portion of its assets, or other fundamental corporate transactions, we reserve the right to sell or transfer your information as part of the transaction. In such an event, you will be notified via email and/or a prominent notice on our website of any change in ownership, incompatible new uses of your personal information, and choices you may have regarding your personal information.
EU-U.S. / Swiss-U.S. / U.K-U.S. Data Privacy Framework Principles
Movate.Inc complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Movate.Inc has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Movate.Inc has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/
Movate.Inc is responsible for the processing of personal information we receive and subsequently transfer to a third party acting for or on our behalf. We are liable for ensuring that the third parties we engage support our Data Privacy Framework commitments. The U.S. Federal Trade Commission has subject to investigate and regulatory enforcement authority over Movate.Inc processing of personal information received or transferred pursuant to Data Privacy Framework. Under certain conditions, more fully described on the Data Privacy Framework website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Movate.Inc commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMSADR, an alternative dispute resolution provider based in the United States, the European Union, the United Kingdom, and/or Switzerland. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMSADR are provided at no cost to you.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Movate.Inc commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU and UK individuals and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF should first contact Movate.Inc at:
Karthikeyan Chandrasekaran
Associate Vice President- Information Security
Email: karthikeyan.chandrasekaran@movate.com
Phone: (408) 667-7253
4. How long will you keep my personal data?
We will not keep your personal information for any purpose for longer than is necessary for our processing purposes and will only retain the personal information that is necessary for relation to the purpose. We are also required to retain certain information as required by law or for as long as it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.
Where you are a customer, we will keep your information for the length of any contractual relationship you have with us and after that for a period of 12 months or as per the data retention policy of Movate.
Where you are a prospective customer and you have expressly consented to us contacting you, we will only retain your data (a) until you unsubscribe from our communications; or, if you have not unsubscribed, (b) while you interact with us and our content; or (c) for 12 months from when you last interacted with us or our content.
In the case of any contact, you may have with our customer services team, we will retain those details for as long as it is necessary to resolve your query and for two weeks after the query is closed.
We will retain your data for a short time beyond the specified retention period, to allow for information to be reviewed and any deletion to take place. In some instances, laws may require Movate to hold certain information for specific periods other than those listed above.
5. Where is my data stored?
The personal data that we collect from you may be transferred to and stored outside the EU/EEA, UK area at a safe and secure place. It may also be processed by staff operating outside the EU/EEA, UK who works for us under strict security contractors for one of our suppliers, in which case the third country’s data protection laws will have been approved as adequate by the European Commission or other applicable safeguards are in place. Further information may be obtained from our Privacy Team.
6. What are my rights in relation to my personal data?
As a data subject, you have certain rights over your personal data, and data controllers are responsible for fulfilling these rights. Further information about the rights that individuals have and how to exercise them is given below:
Right of access
You have the right access to your personal data held by us as a data controller. This right may be exercised by emailing us at privacy.officer@movate.com. We will aim to respond to any requests for information promptly and in any event within the legally required time limits of 30 days from the day of request received by us.
Where you have provided your data to us and it is processed by automated means, you may be able to request that we provide it to you in a structured, machine-readable format. If you wish to transmit your personnel data directly from one data controller to another data controller, the same will be processed, wherever it is technically feasible.
Right of rectification
At any stage, while your data is in our processing and if you want to update the same, you may email us at privacy.officer@movate.com. We will process your request to the extent it is practically possible for us, and we will make corrections based on your updated information.
Right of withdrawal of consent
Where we process personal data based on consent, individuals have a right to withdraw consent at any time. To withdraw consent to our processing of your personal data please email us at privacy.officer@movate.com. We will process your request as early as practically possible.
Right of erasure
Where we process personal data based on consent, individuals have a right to ask to erase his data at any time. To erase your data from our database please email us at privacy.officer@movate.com. We will process your request as early as practically possible.
7. Where can I find more information about Movate’s handling of my data?
If you have a complaint about how we have handled your personal data, you may be able to ask us to restrict how we use your personal data while your complaint is resolved. Should you have any queries regarding this Privacy Notice, about Movate’s processing of your personal data, or wish to exercise your rights you can contact Movate’s Privacy Team using this email address: privacy.officer@movate.com.
Contact Us. If you have a question about this Privacy Notice or wish to inquire about our personal information handling practices, please contact us as follows:
[Movate INC, Address: 5600 Tennyson Parkway, Suite 255, Plano, Texas 75024, USA”]
Changes to Our Privacy Policy
Movate reserves the right to update or change this privacy statement from time to time and as such, we request you to review our privacy statement periodically on our web site for any further updates or changes that we may have made. If we propose to make any material changes, we will notify you by means of a notice on this page prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
In compliance with the Data Privacy Framework Principles, MOVATE INC (formerly Slash Support, Inc). commits to resolve complaints about our collection or use of your personal information. EU Swiss and UK individuals with inquiries or complaints regarding our Data Privacy Framework policy should first contact MOVATE INC (Formerly Slash Support, Inc). at:
Contact Information:
Name: Karthikeyan Chandrasekaran CISA, CISM, CRISC
Designation: Associate Vice President – Head Information Security (GRC)
Email id: karthikeyan.chandrasekaran@movate.com
MOVATE INC (Formerly Slash Support, Inc). has further committed to refer unresolved Data Privacy Framework complaints to JAMS, an alternative dispute resolution provider located in the [United States]. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Invoke Binding Arbitration
Movate.Inc is obligated to arbitrate claims and follow the terms as set forth in Annex I of the DPF Principles, provided that an individual has invoked binding arbitration by delivering notice to your organization and following the procedures and subject to conditions set forth in Annex I of Principles.
A Note to Children and Parents
Children: We do not process the young person’s data age below 16 years. If you are below 16 years of age and someone asks you to share information about yourself. Before sending any information about yourself over the Internet to us or anyone else, be sure to ask your parents for permission.
Parents: Movate encourages parents to talk to your children about safe and responsible use of their personal information while using the Internet
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider at https://www.jamsadr.com/DPF-Dispute-Resolution
Movate Personal Data Processing Policy – Colombia
MOVATE S.A.S. performs the processing of data and establishes the procedures for the handling of queries and claims from the Data Subjects on which the COMPANY performs any type of Processing.
Please refer these links to see the detailed “Movate Personal Data Processing Policy – Colombia (Spanish) and Movate Personal Data Processing Policy – Colombia (English)”