DOCOsoft Data Privacy Notice
Introduction
At DOCOsoft, we are committed to protecting and respecting your privacy. We understand that your personal data is important to you, and we value your trust in us. We provide enterprise claims management software solutions to insurance firms globally, and we process personal data in accordance with the EU General Data Protection Regulation (GDPR) and other applicable laws and regulations.
This data privacy policy explains how we collect, use, share, and protect your personal data when you use our software, visit our website, or interact with us in any other way. It also informs you about your rights and choices regarding your personal data and how you can contact us if you have any questions or concerns.
Please read this policy carefully and contact us if you need any clarification or assistance. By using our software, visiting our website, or interacting with us, you agree to the terms of this policy and consent to our processing of your personal data as described herein.
Personal Data we collect
The personal data we collect from you depends on the way you interact with us and the services you use and choices you make. For example, we may collect different types of personal data when you:
• Visit our website or use our software as a part of a business or organisation;
• Contact us by phone, email, or online form;
• Subscribe to our newsletter, blog, or other communications;
• Register for or attend our events, webinars, or trainings;
• Apply for a job or work with us as an employee or contractor;
• Provide us with feedback or testimonials;
• Interact with us on social media or other platforms.
In this section, we explain what types of personal data we collect in each scenario and the legal basis for doing so.
Information we collect
We may automatically collect certain information when you interact with our products and services, such as:
– Information about the device you use, such as the device type, operating system, browser, IP address, and device identifiers.
– Usage data, such as the pages you visit, the features you use, the actions you take, the time and duration of your sessions, and the referring URLs.
– Diagnostic logs, such as error reports, performance data, and app crashes.
We collect this information to provide and improve our products and services, to ensure their security and reliability, to measure and analyse their performance and usage, and to personalize your experience.
Information you provide
We may also collect information that you voluntarily provide to us, such as:
– Contact information, such as your email address, phone number, or postal address, when you communicate with us or sign up for our newsletters or promotions.
– Company information, such as your company name, industry, size, location, and website, when you request a demo, or purchase our products and services.
– Profile information, such as your first name, last name, or alias, job title, role, and preferences, when you create an account or update your profile on our platforms.
– Feedback or testimonials, such as your opinions, comments, ratings, reviews, suggestions, or endorsements, when you participate in our surveys, contests, or testimonials.
– Job applicants, such as your resume, cover letter, portfolio, or references, when you apply for a job with us or express interest in working with us.
– If you use DOCOsoft Vew and DOCOsoft AI products, you may provide us with personal information. For more details on this, please refer to the Data Processing Agreement.
We collect this information to communicate with you, to respond to your inquiries or requests, to provide you with our products and services, to manage your account and subscriptions, to solicit your feedback and testimonials, and to market our products and services to you.
How we use the personal data
Data type | Purpose of use |
Contact information, such as your name, email address, phone number, or mailing address. | To communicate with you, to respond to your inquiries or requests, to provide you with our products and services, to manage your account and subscriptions, to solicit your feedback and testimonials, and to market our products and services to you.
|
Job applicants, such as your resume, cover letter, portfolio, or references, when you apply for a job with us or express interest in working with us. | To evaluate your qualifications, to conduct background checks, to communicate with you about the recruitment process, and to comply with legal obligations.
|
Feedback or testimonials, such as your opinions, comments, ratings, reviews, suggestions, or endorsements, when you participate in our surveys, contests, or testimonials. | To improve our products and services, to understand your preferences and needs, to showcase your satisfaction and loyalty, and to market our products and services to you and others.
|
Company information, such as your company name, industry, size, location, or revenue, when you provide it to us or when we obtain it from publicly available sources. | To understand your business needs and goals, to tailor our products and services to you, to identify potential opportunities for collaboration or partnership, and to market our products and services to you and others.
|
Diagnostic logs, such as the information about your device, browser, network, or application, when you use our products and services or contact our customer support. | To troubleshoot any issues, to ensure the proper functioning and security of our products and services, to monitor and improve the performance and quality of our products and services, and to provide you with customer support.
|
Know Your Rights
EU GDPR
If you are a resident of the European Economic Area (EEA), you have certain rights under the General Data Protection Regulation (GDPR) regarding your personal data that we process. These rights include:
– The right to access, rectify, or erase your personal data, or restrict or object to our processing of your personal data.
– The right to data portability, which means that you can request a copy of your personal data in a structured, commonly used, and machine-readable format, and transfer it to another controller without hindrance from us.
– The right to withdraw your consent at any time, if we rely on your consent as the legal basis for processing your personal data.
– The right to lodge a complaint with a supervisory authority, if you believe that our processing of your personal data violates the GDPR or other applicable laws.
To exercise any of these rights, or if you have any questions or concerns about our privacy practices, please contact us using the contact details provided in this privacy policy. We will respond to your request within a reasonable timeframe, and in any case, within one month of receiving your request, unless we need to extend this period for legitimate reasons. We may ask you to verify your identity before we can act on your request.
Location of Data and Transfers
We primarily use data centres and services based in the United Kingdom and the European Union to store and process your personal data. However, we may transfer your personal data between the European Union, the European Economic Area, the United Kingdom, and your country or region, if necessary for the purposes described in this privacy policy. We will only transfer your personal data to countries or regions that have been deemed to provide an adequate level of protection for personal data by the European Commission, or where we have put in place appropriate safeguards to ensure that your rights and freedoms are protected in accordance with the GDPR. You can obtain more information about these safeguards by contacting us using the contact details provided in this privacy policy.
Sub processors
We may use third-party service providers (sub processors) to help us provide, maintain, and improve our services. These sub processors may access or process your personal data on our behalf and under our instructions, as part of the services they provide to us. We only share your personal data with sub processors that have agreed to comply with our data protection obligations, or those who can demonstrate adequate safeguards for personal data.
Some of the sub processors we use are:
– Microsoft Corporation, which provides cloud computing and software services, such as Azure Data Centres, Azure Services, Azure Open AI, Copilot and Office 365. Microsoft adheres to the EU-US and Swiss-US Privacy Shield frameworks and has obtained a certification from the US Department of Commerce. You can find more information about Microsoft’s privacy practices here: Microsoft Privacy Statement – Microsoft privacy
– HubSpot, Inc., which provides customer relationship management (CRM) and marketing automation tools. HubSpot participates in and has certified its compliance with the EU-US and Swiss-US Privacy Shield frameworks. You can find more information about HubSpot’s privacy practices here: General Data Protection Regulation | HubSpot
– Celoxis Technologies, which provides project management and collaboration software. Celoxis complies with the GDPR and other applicable data protection laws. You can find more information about Celoxis’s privacy practices here: Privacy Policy | Celoxis
For Job Applicants –
– Bamboo HR, LLC, which provides human resources management software and services. Bamboo HR is based in the United States and participates in the EU-US Privacy Shield framework. You can find more information about Bamboo HR’s privacy practices here: General Privacy Notice | BambooHR
– Metaview Technologies, Inc, which provides us AI Recruitment assistant to generate notes and ease out interview process. For more information about Metaview’s privacy policy please refer Privacy Policy | Metaview
– LinkedIn Recruiter, which provides recruitment and candidate management services. LinkedIn is based in the United States and complies with the EU-US and Swiss-US Privacy Shield frameworks. You can find more information about LinkedIn’s privacy practices here: LinkedIn Privacy Policy.
We may update this list of sub processors from time to time, and we will notify you of any changes by posting the updated policy on our website. You can object to the use of a new sub processor by contacting us using the contact details provided in this privacy policy.
How we protect your personal data
We take the security of your personal data very seriously and use appropriate technical and organizational measures to protect it from unauthorized access, alteration, disclosure, or destruction. We have implemented industry-standard security practices, such as encryption, firewalls, access control, and password policies, to safeguard the confidentiality and integrity of your personal data.
We also comply with the ISO 27001 standard for information security management and ISO 23301 standard for Business Continuity Management System, which demonstrates our commitment to maintaining a robust and effective security system. We undergo regular audits and reviews to ensure that we meet the requirements of this standard and continuously improve our security performance.
In addition, we limit the access to your personal data to those employees, agents, contractors, and sub processors who have a business need to know. They are subject to a duty of confidentiality and must only process your personal data in accordance with our instructions and applicable laws. We have entered into data processing agreements with our sub processors to ensure that they adhere to the same level of security and privacy as we do.
We will notify you and any applicable regulator of a breach involving your personal data as soon as reasonably possible and in accordance with our legal obligations.
Retention of Personal Data
We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
You can request details of the retention periods for different aspects of your personal data by contacting us at privacy@docosoft.com.
Cookie Usage
We use cookies and similar technologies to collect and store information when you visit our website or use our services. Cookies are small text files that are sent by a website to a web browser and stored by the browser. They allow the website to identify and interact with your device. We may use cookies for the following purposes:
– To enable certain functions and features of our website and services, such as remembering your preferences, authentication, and security.
– To analyse how you use our website and services, such as tracking your browsing patterns, measuring the effectiveness of our content, and improving the user experience.
– We do not use any advertising cookies on our website and other platforms
You can manage your cookie preferences at any time by adjusting your browser settings. Please note that if you disable or reject cookies, some parts of our website or services may not function properly or may be slower.
Updates to Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices, legal requirements, or technical developments. We will notify you of any material changes by posting the updated version on our website, along with the date of the last revision. We encourage you to review this privacy policy periodically to stay informed about how we handle your personal data. Your continued use of our website or services after the updated policy takes effect constitutes your acceptance of the revised policy. If you do not agree to the changes, please stop using our website or services. This privacy policy was last updated on 21st August 2024.
Contact Us
DOCOsoft
Information Security & Compliance Office
NexusUCD Belfield Office Park,
Clonskeagh,
Dublin 4,
Ireland
Email: privacy@docosoft.com