Last updated: June 2016
- What information we collect and how;
- How we use personal information;
- Who we share personal information with and why;
- The steps taken to protect personal information under our control;
- How IT Live retains and deletes personal information;
- Choices available to users regarding collection, use, transfer and disclosure of personal information;
- How to access and update personal information; and
- How to contact us.
1. Information We Collect
IT Live provides managed services, hosting services, as well as other cloud-based products and services.
Our products and services allow users to upload information and data to our servers (“user content”).
We also provide software products which allow users to remotely monitor and access their system from any device.
There are three ways we collect information:
(a) Information users give us.
(b) Information we collect when users use our products or services.
(c) Information we collect from third parties.
(a) Information Users Give Us
In order to trial, purchase or use our products or services, a user must provide us with certain contact, billing and personal information including name, address, phone number, email address and company information.
Users may also provide us with information when they:
- Register product licences with us;
- Create user accounts and logins;
- Subscribe to receive the latest news on our products and services; or
- Contact our support team.
Users can always choose not to provide us with personal information, however this may mean that we are unable to supply our products or services.
(b) Information We Collect from Use of Our Products & Services
Our cloud-hosted services store user content on our data-centre servers in order to provide users with web-based access to their user content. The nature of our cloud-hosted services means that all collected or submitted user content (including all documents, files, communications, personal information and sensitive information submitted by users) is stored on our servers. This may include any personal or sensitive information (i.e. information regarding medical health or conditions, race or ethnic origins, political opinions and other sensitive information) collected from or submitted by the user.
The confidentiality and security of user content is a fundamental priority for IT Live. While user content may be transferred/disclosed for the purposes of providing the services, user content will be stored separately, and will not be accessed, used or disclosed by IT Live except for the purposes of providing, monitoring or managing the services, in which case we will limit our interaction with user content to a minimum.
All Other Products and Services
We may automatically collect information (which may include personal information) when users interact with or use our products and services (including visiting our website or requesting technical support). This information may include:
- System information: we may collect information about user system(s), including, but not limited to, the CPU serial number, operating system, user names and passwords, applications, IP address and, where applicable, host ID.
- Usage information: we collect information about how users and their system environment interact with our products and services. This may include information relating to the features used, the performance of the products or services and any problems experienced by users.
- Device information: our remote network access solutions provide up-to-date system information anywhere, anytime and on any device. When users download or use these products or services, we may receive information about the user device, such as the hardware model, operating system version, unique device identifier and mobile network information (including phone number).
- Location: when users use our products or services (including our website), we may collect and process information about the user’s location. We use various technologies to determine location, including IP addresses.
(c) Information We Collect from Third Parties
We work closely with third parties (for example, our supply partners, other business partners and service providers) in order to be able to develop our products and services, and provide them to users.
We may receive the same kinds of information described in (a) and (b) above from third parties.
Personal Information Received from Users about Others
When using our products or services, users may disclose, and we may collect, personal information about someone else. For example, user content may contain personal information relating to the customers or employees of users.
Before disclosing personal information to us about someone else, users must ensure that they have obtained sufficient consent to disclose that information to us, and that, without taking any further steps required by applicable data protection or privacy laws, we may collect, use, transfer and disclose such information for the purposes described in this Policy.
Users shall remain responsible for all personal information collected and processed by the user, and for compliance with applicable privacy and data protection laws.
2. HOW WE USE PERSONAL INFORMATION
We collect information in order to be able to provide our products and services (which may include technical support services) and to improve our products and services.
We also use personal information to:
- Communicate, interact and build our relationship with users, including to better understand user needs and interests and ensure a quality experience for users;
- Monitor, develop or optimise the performance of our products and services;
- Protect and enhance the safety and security of our products and services;
- Provide information and technical support, including training;
- Carry out billing and licence administration;
- Market and make recommendations on our products or services;
- Conduct, manage, develop and protect our business;
- Comply with laws and regulations in applicable jurisdictions;
- Verify user identities and prevent fraud or other unauthorised or illegal activity;
- Enforce our terms of service or other usage policies; and
- Enable third parties to provide services to us.
3. Who we share Information with
We share information, including personal information, as necessary to provide users the products and service requested or authorised. For example, we may share information with:
- Banks and other entities which process payment transactions when a purchase is made;
- Third party communication service providers, in order to communicate with users, to provide users with remote access or to provide notifications on the performance of our products or services;
- Our service providers or suppliers acting and working on our behalf. For example, companies we have hired to assist in protecting and securing our systems and services may need access to personal information to provide those services. In such cases, we will require these entities to abide by our data privacy and security requirements, and restrict use of any personal information received from us;
- Other business partners for the purpose of providing our goods and services to users;
- A purchaser, as part of a corporate transaction such as an acquisition, merger or sale of assets;
- To other third parties, when we have a good faith belief that doing so is necessary to:
- Comply with any applicable law, regulation, legal process or enforceable governmental request;
- Protect our users;
- Operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks;
- Detect, prevent or otherwise address fraud; or
- Protect our rights and property, including enforcing our terms.
We require that our business partners agree to keep confidential all information we share with them and to use information only to perform their obligations in agreements we have with them. These parties are expected to maintain privacy and security protections that are consistent with our privacy and information security policies. While we provide these third parties with no more information than is necessary to perform the function for which we engaged them, users should be aware that any information provided to these third parties independently/directly is subject to the third parties’ respective privacy policies and practices.
We may also share or use non-personal information (i.e. information that is related to an individual but does not personally identify that individual such as aggregated, anonymised or de-identified data) publicly or with third parties, such as our partners or advertisers. For example, we may share or use information publicly to show trends about the general use of our products or services. This data or information will in no way identify users or any other individual.
4. Steps Taken to Protect personal Information
Protecting the security of user personal information is of the utmost importance to IT Live. We maintain a variety of organisational, technical and physical safeguards and procedures in order to protect personal information from unauthorised access, use, interference, modification or disclosure.
For example, we store personal information on computer systems that have limited access and are in controlled facilities.
Some of our products and services do however require use of the internet, and the internet is not itself a secure environment. We therefore cannot give an absolute assurance or guarantee that user information will be secure at all times. Transmission of information over the internet or third-party networks is at the user’s own risk. We will notify users at the first reasonable opportunity if we discover or are advised of a material security breach which has resulted in unauthorised access, disclosure or loss of user personal information.
To help maintain the security of information, users agree to keep their passwords and account details private and confidential.
5. Retention and deletion of personal Information
Our cloud-hosted services involve storage of user content on our host system. This means that any information or data which is deleted by a user is therefore deleted from our servers.
The period of time for which we continue to hold any other personal information which we have collected varies according to what the personal information is used or required for. Unless there is a legal requirement or justification for us to keep the personal information, we will retain it for no longer than is necessary:
- To provide the products and services requested by the user;
- As part of our usual business record-keeping practices;
- To fulfill the purpose(s) for which the personal information was originally collected; or
- For any other purpose(s) authorised by the User.
Once personal information is no longer required, the personal information will be deleted or securely destroyed.
6. Choices available to users for the collection, use, transfer and disclosure of personal information
- The collection of personal information from third parties;
- The collection of sensitive information;
- The disclosure of personal information to third parties; or
- The processing of personal information in a particular way, or for a particular purpose.
Provided the information is not required for legal reasons, users may also request that all personal information held by IT Live (or shared with third parties) in relation to that user is deleted.
All requests or objections should be sent to us at firstname.lastname@example.org. Because user choices in relation to personal information may affect our ability to provide our services, or the performance of the products and services, we will contact users as soon as possible to discuss the impact of the user’s requests or objections on the products and services, any other issues arising and to confirm the user’s intention to proceed.
We will endeavour to include “unsubscribe” functions in any direct marketing communications sent to users, or alternatively, users may revoke their consent by sending an email to email@example.com.
7. Accessing and Updating User Personal Information
Users are responsible for ensuring that personal information provided to us is accurate, complete and up-to-date. This includes personal or sensitive information contained in their user content. We will also take reasonable steps to ensure that any personal information that we collect (i.e. information obtained from other sources) is accurate, up-to-date, complete and not misleading.
We endeavour to provide users with reasonable access to personal information we hold about users, and users may request that we update, correct or delete any personal information that is inaccurate or inappropriate for the purposes for which it was collected.
Requests for access to or the correction of personal information should be emailed to firstname.lastname@example.org.
We will process requests as soon as reasonably practicable, provided we are not otherwise prevented from doing so by law. If we are unable to meet a user’s request, we will explain the reasons why. For example, the information may not be readily retrievable and it may not be reasonable or practicable for us to process the request in the manner requested. In some instances, it may also be necessary for us to arrange access to user personal information through a third party (for example, a reseller).
8. How to Contact Us
Users may write to IT Live at the relevant addresses below, or alternatively email us, including any supporting documentation at email@example.com.
Attention: IT Live Privacy Officer
M107 Private Bag 300987
Our Privacy Officer will endeavour to respond to your questions within 30 days.
We recommend that users regularly review this privacy statement to learn how we protect personal information.