Smackcoders and the GDPR
The new regulation General Data Protection Regulation (GDPR) coming in the European Union takes effect on 25th May 2018. Here, we provide clear and complete info to equip Smackcoders customers, resellers and our service patrons on the information gathered, why it is gathered and how you can view it or opt-out altogether.
Our Commitment to Privacy
Your Privacy is important to us. At Smackcoders, we’ve some basic principles:
- We are thoughtful about the personal info we collect from you on using any of our products or services.
- We store all your personal information secures for only as long as we have a reason to keep it.
- We help protect you from overreaching government demands for your personal info.
- We provide full transparency on how we gather, use and share your personal information.
Who We Are
We at Smackcoders are folks behind a variety of Open-Source products and JoForce CRM. And vast majority of our works is available under the GPL. You can download and take a look at the code to see how it works. And few of our products are encoded to license the product for a single domain and to protect the code. You can know our address details in our contact page.
What Personal Data We Collect And Why We Collect
We collect your personal information if we have a reason to do so. We collect your name, email address, mailing address, phone number, credit card info or other details to provide services, to communicate with you or to make our services better.
When you leave comments in our website, we collect the data shown in the comment form and IP address to help spam detection. We will also use the data to share with you the recommended posts or products we think that will interest you.
Information submitted through the contact forms embedded in our website are stored for communicating with you, sending newsletters or to introduce the products we think that will interest you. And they will never be shared with third parties. For example, registration form, place an order, live chat, subscribe to newsletter, open a support ticket or enter information in our website.
- Google Analytics Cookies – It is set to track visitors behavior in website.
- WordPress logged-in Cookies – It is used to authenticate logged-in customers, password and user verification.
- WooCommerce Cookies – It is tracked by the WooCommerce plugins to track visitors and their purchased items in cart.
Embedded Content From Other Site
Articles on our site includes embedded content like web page links, YouTube Videos. Embedded content from other websites behaves in the exact same way you visit them.
Data Shared With Our Support or Development Team
Sometimes to help you in debugging the products purchased from our website or do any custom development, we might ask to share a copy of your site, CRM or any environment that you are facing issue with. We highly appreciate your trust in us and guarantee that we are not going to share your data with anyone outside the company. But, we strongly recommend you to remove any personal information from the database before sharing with us. Since this is a replica of your site or environment, you are the one responsible for its data.
- When a debug, configuration check or enhancement is needed, we ask for access to the site, CRM or any environment your even a full copy of it. And we strictly use it only for debugging.
- We destroy the data shared when the debugging or custom development work is resolved,
Who We Share Your Data With
We don’t share any of your personal data with third-parties. However, some data is transferred and/or stored with third-party services we use like cloud-based services and payment methods. This is used to provide you with a better overall service and friendly user experience.
The services we use to make you feel better with our service:
- MailChimp – we store our customers info to send newsletters and announcements. You can opt-out of these any time.
- Freshdesk – we store our customers support request and contact info to give better solution and user experience.
- Hawksales – we store our lead or customer contact info for better customer relationship management.
How Long We Keep Your Information
We generally discard info about you when we no longer need for the purpose we collect and use it. We have described in the above section on How and Why we use your information. And we will not continue storing your data, once the purpose is solved.
When you submit a support ticket or a comment, your information will be stored in our website or support portal and we use this data to evaluate previous support history and recognize you to approve your comments automatically.
If you register on our site, we store your personal information in user profile. You can see, edit or delete your data any time. Administrators can also see and edit your information.
How We Protect Your Data
While no online service is 100% secure, we work very hard to protect your information against unauthorized access, alteration, destruction or use. We frequently monitor our services for potential vulnerabilities and attacks.
We protect your data with the following features:
- We are using SSL/HTTPS throughout our website to encrypt user communications with the servers. And it ensures that personal identifiable information is never captured by third parties without authorization.
- Our website is in compliance with PCI vulnerability standards to create secure environment for our users.
- Databases are sanitized before deploying to development or testing environment.
- All transactions are processed through a gateway provider and they are not stored or processed in our servers.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices, we will take responsive actions. In case of data breach:
- System Administrators will immediately go through affected users and will attempt to reset passwords.
- We will notify our users via email within 1 business day
- We will inform our users via in-site notification within 1 business day
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
What Rights You Have Over Your Data
If you have an account on this site or left comments in our website, we give you rights with respect to your personal data. It includes the following rights:
- Request access to your personal data
- Request changes or deletion of your personal data. This does not include any data we obliged to keep administrative, legal or security purposes. We can’t remove data that is vital to you being currently our customer.
- Request that we limit our use and processing of your data
California Online Privacy Protection Act
According to CalOPPA, we agree to the following:
- We allow users to visit our website anonymously
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
• Send information, respond to inquiries, and/or other requests or questions
• Process orders and to send information and updates pertaining to orders.
To be in accordance with CAN SPAM, we agree to the following:
• Not use false or misleading subjects or email addresses.
• Identify the message as an advertisement in some reasonable way.
• Include the physical address of our business or site headquarters.
• Monitor third-party email marketing services for compliance, if one is used.
• Honor opt-out/unsubscribe requests quickly.
• Allow users to unsubscribe by using the link at the bottom of each email.
Our services does not address anyone below 18 years of age.
We do not knowingly collect any personal identification info from anyone under the age of 18. If you are a parent or guardian aware of your Children shared any of their personal data with us, please contact us. If we become aware of data, we will remove those data from our servers.
Disclosure For Law Enforcement
Under certain situations, Smackcoders Inc. may be required to disclose your personal information if required to do so by law or in response to valid request from public authority. For example, court or government agency.
How To Reach Us
We trust the above information will be helpful for you in this new GDPR regulation on protecting data. If you notice any crucial information you want to be missing, please write to us at [email protected]
1010 Rockville Pike Suite 600,
R43/S1 Shah Complex,
India – 627002