Smackcoders and the GDPR

The new regulation General Data Protection Regulation (GDPR) coming in the European Union takes effect on 25th May 2018. Here, we provide clear and complete info to equip Smackcoders customers, resellers and our service patrons on the information gathered, why it is gathered and how you can view it or opt-out altogether.

Our Commitment to Privacy

Your Privacy is important to us. At Smackcoders, we’ve some basic principles:

• We are thoughtful about the personal info we collect from you on using any of our products or services.
• We store all your personal information secures for only as long as we have a reason to keep it.
• We help protect you from overreaching government demands for your personal info.
• We provide full transparency on how we gather, use and share your personal information.

Who We Are

We at Smackcoders are folks behind a variety of Open-Source products and JoForce CRM. And vast majority of our works is available under the GPL. You can download and take a look at the code to see how it works. And few of our products are encoded to license the product for a single domain and to protect the code. You can know our address details in our contact page.

What Personal Data We Collect And Why We Collect

We collect your personal information if we have a reason to do so. We collect your name, email address, mailing address, phone number, credit card info or other details to provide services, to communicate with you or to make our services better.

Comments
When you leave comments in our website, we collect the data shown in the comment form and IP address to help spam detection. We will also use the data to share with you the recommended posts or products we think that will interest you.

With the approval of your comment, your profile picture will be visible to the public in the context of your comment, if you have enabled for Gravatar service. You can read on the privacy policy of Gravatar service here.

Contact Forms
Information submitted through the contact forms embedded in our website are stored for communicating with you, sending newsletters or to introduce the products we think that will interest you. And they will never be shared with third parties. For example, registration form, place an order, live chat, subscribe to newsletter, open a support ticket or enter information in our website.

Cookies
Our site use cookies to enhance user experience. Your web browser places cookies for record-keeping purposes or to track information. For instance, we use cookies to help us remember and process the packages added in your cart. We also use cookies to help us compile aggregate data about site traffic and site interaction. You may choose to set their browser to refuse cookies or to alert when cookies are being sent. If you do so, some parts of the website may not function properly.

Our site uses:

• Google Analytics Cookies – It is set to track visitors behavior in website.
• WordPress logged-in Cookies – It is used to authenticate logged-in customers, password and user verification.
• WooCommerce Cookies – It is tracked by the WooCommerce plugins to track visitors and their purchased items in cart.

Embedded Content From Other Site
Articles on our site includes embedded content like web page links, YouTube Videos. Embedded content from other websites behaves in the exact same way you visit them.

These websites may collect data about you, use cookies, embed third-party tracking and monitor interaction. And we do not have any control over them.

Data Shared With Our Support or Development Team
Sometimes to help you in debugging the products purchased from our website or do any custom development, we might ask to share a copy of your site, CRM or any environment that you are facing issue with. We highly appreciate your trust in us and guarantee that we are not going to share your data with anyone outside the company. But, we strongly recommend you to remove any personal information from the database before sharing with us. Since this is a replica of your site or environment, you are the one responsible for its data.

What Our Support or Development Team Do With The Shared Data:

• When a debug, configuration check or enhancement is needed, we ask for access to the site, CRM or any environment your even a full copy of it. And we strictly use it only for debugging.
• We destroy the data shared when the debugging or custom development work is resolved,

Who We Share Your Data With

We don’t share any of your personal data with third-parties. However, some data is transferred and/or stored with third-party services we use like cloud-based services and payment methods. This is used to provide you with a better overall service and friendly user experience.

The services we use to make you feel better with our service:

• MailChimp – we store our customers info to send newsletters and announcements. You can opt-out of these any time.
• Freshdesk – we store our customers support request and contact info to give better solution and user experience.
• Hawksales – we store our lead or customer contact info for better customer relationship management.
• PayPal – we use PayPal as one of the payment method. During checkout, customer will provide login info, address, phone numbers and credit card info. The credit card information is directly processed within the payment gateway and we do not store in our website. Paypal’s privacy policy.
• Stripe – We also use Stripe as our payment method. In checkout, client will provide credit card info. And it will not be stored in our servers, the information provided is directly handled by Stripe site and governed by their Privacy Policy.

How Long We Keep Your Information

We generally discard info about you when we no longer need for the purpose we collect and use it. We have described in the above section on How and Why we use your information. And we will not continue storing your data, once the purpose is solved.

When you submit a support ticket or a comment, your information will be stored in our website or support portal and we use this data to evaluate previous support history and recognize you to approve your comments automatically.

If you register on our site, we store your personal information in user profile. You can see, edit or delete your data any time. Administrators can also see and edit your information.

How We Protect Your Data

While no online service is 100% secure, we work very hard to protect your information against unauthorized access, alteration, destruction or use. We frequently monitor our services for potential vulnerabilities and attacks.

We protect your data with the following features:

• We are using SSL/HTTPS throughout our website to encrypt user communications with the servers. And it ensures that personal identifiable information is never captured by third parties without authorization.
• Our website is in compliance with PCI vulnerability standards to create secure environment for our users.
• Databases are sanitized before deploying to development or testing environment.
• All transactions are processed through a gateway provider and they are not stored or processed in our servers.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices, we will take responsive actions. In case of data breach:

• System Administrators will immediately go through affected users and will attempt to reset passwords.
• We will notify our users via email within 1 business day
• We will inform our users via in-site notification within 1 business day

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

What Rights You Have Over Your Data

If you have an account on this site or left comments in our website, we give you rights with respect to your personal data. It includes the following rights:

• Request access to your personal data
• Request changes or deletion of your personal data. This does not include any data we obliged to keep administrative, legal or security purposes. We can’t remove data that is vital to you being currently our customer.
• Request that we limit our use and processing of your data

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following:

• We allow users to visit our website anonymously
• We will include our Privacy Policy in the website footer to notify customers on the page they land in our website.
• Our Privacy Policy link includes the word ‘Privacy’ to clearly specify to our website users.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:
• Send information, respond to inquiries, and/or other requests or questions
• Process orders and to send information and updates pertaining to orders.

To be in accordance with CAN SPAM, we agree to the following:
• Not use false or misleading subjects or email addresses.
• Identify the message as an advertisement in some reasonable way.
• Include the physical address of our business or site headquarters.
• Monitor third-party email marketing services for compliance, if one is used.
• Honor opt-out/unsubscribe requests quickly.
• Allow users to unsubscribe by using the link at the bottom of each email.

Children’s Privacy

Our services does not address anyone below 18 years of age.
We do not knowingly collect any personal identification info from anyone under the age of 18. If you are a parent or guardian aware of your Children shared any of their personal data with us, please contact us. If we become aware of data, we will remove those data from our servers.

Disclosure For Law Enforcement

Under certain situations, Smackcoders Inc. may be required to disclose your personal information if required to do so by law or in response to valid request from public authority. For example, court or government agency.

Changes To Our Privacy Policy

We have the discretion to update this Privacy Policy at any time. When we do, we will revise the updated date at the bottom of this page. We encourage all our customers to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect.You acknowledge and agree that is your responsibility to review this Privacy Policy periodically and become aware of modifications.

How To Reach Us

We trust the above information will be helpful for you in this new GDPR regulation on protecting data. If you notice any crucial information you want to be missing, please write to us at [email protected]

Address