Effective Date: September 24, 2021
What are the purposes of the Collection of information through the Service?
We collect information through the Service only to fulfill our contractual obligations with Customers of the Service. Accordingly, the use of information collected through our Service is limited to the purpose of providing the service for which our Customer has engaged Repsly.
What information we process, and why?
Through the Service, we provide a real-time insights on retail execution and sales performance, smart merchandising, promotion, and sales execution tools to the Customer.
As an integral part of the agreed service provisioning, Users (typically customers’ employees) manually and automatically fill the information needed for the service provisioning including the following data which can be directly or indirectly connected to a physical person and is processed for the described purposes:
Personal data processed
Purpose of processing
How do we protect your information?
We take great care in implementing, enforcing and maintaining the security of our Service, our website and Users’ information. Repsly implements, enforces and maintains security policies to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of Personal Information and to monitor compliance of such policies on an ongoing basis. All information is stored with logical separation from information of other Customers. However, we do not guarantee that unauthorized access will never occur.
We use a combination of processes, technology and physical security controls to help protect Personal Information from unauthorized access, use, or disclosure. Each server is protected by a firewall, exposing it only to the minimum ports necessary. However, no security controls are 100% effective, and we cannot completely ensure or warrant the security of your Personal Information.
Unless otherwise agreed with the Customer and subject to applicable law, Repsly will act in accordance with its policies to promptly notify Customer in the event that any Personal Information processed by Repsly on behalf of a Customer is lost, stolen, or where there has been any unauthorized access to it.
Cross-border data transfers
Service providers are authorized to use your Personal Information only as necessary to provide these services to us. Such service provider may be located in a country that does not have the same data protection laws as your jurisdiction. When Repsly transfers data to a service provider, we seek to transfer data only upon executing an appropriate agreement and/or with service providers that are located in a country recognized by the E.U. Council as providing adequate protection; or (j) pursuant to your explicit approval prior to the disclosure.
Modification or deletion of Personal Information gathered through the Service
If you want to access, correct, amend, or delete data stored by Repsly, you should direct your query to the Customer (the data controller). We will work with our customers to respond to data subject requests as outlined in our DPA.
Repsly will retain data it processes on behalf of its Customers only for as long as required to provide the Service to its Customers and as necessary to comply with its legal and contractual obligations, resolve disputes and enforce its agreements.
Customer data collected during your use of the Service is retained in accordance with the provisions of the applicable contract (including any data processing addendum).
However, some data will not be deleted and will be kept in an anonymized manner. Some metadata and statistical information concerning the use of the Service are not subject to the deletion procedures in this policy and may be retained by Repsly. Some data may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policies.
Third-Party software and services
Sharing of information gathered through the Service with third parties; California Online Privacy Protection Act Compliance
Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will never distribute your Personal Information to outside parties without your consent.
How to Contact Us
E.U. residents have the right to lodge a complaint with a supervisory authority (Data Protection Authority in your jurisdiction) at https://edpb.europa.eu/about-edpb/about-edpb/members_en in case of a breach of any E.U. data protection and privacy regulations. If the supervisory authority fails to deal with a complaint or inform you within the time frame set under applicable law, you have the right to an effective judicial remedy.
You can contact our EEA representative, HYDRA CONSULTING d.o.o., Prve Poljanice 7, 10040 Zagreb, Croatia at firstname.lastname@example.org, or our Data Protection Officer .