OpenText™ Core Cloud Services
1. Data Controller
The Services are operated by Open Text Inc., The Pyramid Center, 600 Montgomery Street, Suite 1800, San Francisco, CA 94111, ("OpenText", "we", "our", or "us"). OpenText is the data controller for the Personal Data collected, processed, used disclosed or transferred in connection with the Services.
2. Purpose of Policy and Definitions
(i) “Personal Data” means information that is about, or relates directly or indirectly to an identified or identifiable individual (e.g. User Content, name, e-mail address, phone number)
(ii) “Collection” of Personal Data means the acquisition of Personal Data by whatever means;
(iii) “Processing” of Personal Data means the recording, alteration, transfer, blocking or erasure of Personal Data; and
(iv) “use” of Personal Data means any handling of Personal Data that is not a Collection or Processing.
3. Scope of Policy
4. Personal Data We Collect, Process and Use
4.1 Account and Services-related information
We may collect, process and use the following types of Personal Data that you provide to us when you create an OpenText Core account (“Account”) to use or access the Services:
- Name and address;
- Work contact information provided you signed up for a paid subscription (e.g., company name, email address);
- Login information, such as login name and password;
- Payment information, such as credit card and/or financial account information (if you subscribe to a paid subscription model).
In addition to such Account information, we may collect, process and use other Personal Data that you voluntarily provide to use us via your use of the Services (e.g., when you complete a form or submit an email to our customer support service).
4.2 Passive information Collections
We may use technologies to passively collect information while you are using the Services (that is, you do not actively provide this information). These technologies allow us to collect the following kinds of information:
- Internet domain name;
- Internet Protocol Address (IP address);
- type of web browser and operating system you use;
- date and time you visit the Services;
- specific pages you visit on the Services;
- HTTP header information from your device, and our server logs;
- Screen Resolution;
- Page title.
We do not link this passively collected information with Personal Data that you have actively provided elsewhere in connection with the Services.
Furthermore, we also collect non-Personal Data in connection with your use of the Services, such as anonymous, statistical or aggregated information, for instance with a view to determining which parts of the Services are most popular.
5. Purposes of Personal Data Collection, Processing and Use
We use and process the Personal Data collected as part of your use of the Services for the purposes described below. In addition, we may also use Personal Data to comply with legal obligations, prevent unlawful uses of the Services, resolve disputes, for other purposes that you have specifically agreed to or otherwise as permitted by applicable law.
5.1 Account Management and Provisions of the Services
We collect, process and use Personal Data in connection with your Account to:
- create an Account that enables you to access and use the Services;
- administer, execute and enforce the contractual relationship and the agreed terms between us;
- collect payments (if you subscribe to a paid subscription model);
- respond to any inquires or questions you raise;
- provide general support with regard to your use of the Services.
As mentioned above, we may also access or use User Content to provide the Services to you, including by providing you with access to the User Content you have uploaded so that you can view, download, amend, delete and/or share User Content in your sole discretion.
5.2 Passive Information Collections
We collect, process and use Personal Data we passively collect information while you are using the Services to:
- administer, operate, maintain and improve the Services;
- provide access to the Services to you;
- provide you with a personalized experience of the Services;
- provide technical support and maintain the functionality of the Services; and/or
- improve the system.
At times, we will use your HTTP header information and your IP address to help diagnose problems with our server and to administer our Services. We may also track browser types to help us understand our users’ needs related to the Services. Except as otherwise described in this Policy, we do not honor Do Not Track signals.
6. Recipients of Personal Data
We may share your Personal Data with other members of the OpenText group of companies and with our business partners if there is a legitimate reason to do so (e.g., if and to the extent this is necessary for answering or otherwise complying with your requests).
To the extent permitted by applicable law, we may share Personal Data with courts and public authorities when we believe it necessary to comply with the law, to protect the rights or safety of our Services, other users, or third parties (e.g., for fraud protection and credit risk reduction purposes; for protecting and defending the rights or property of OpenText, its customers, other users, or members of the public). Without limitation, this may include cases in which we are required by law or binding order of courts, law enforcement authorities or regulators to share Personal Data.
We may utilize third party service providers (i.e., companies or individuals engaged by us) to perform certain functions on our behalf and in accordance with our instructions. Examples include database management, maintenance services, web analytics, handling in-bound inquiries, removing repetitive information from customer lists, analyzing data, Processing credit card payments, and providing customer service. We will (i) diligently choose such third party service providers, and (ii) take steps to ensure that such third party service providers adopt adequate technical and organizational security measures to safeguard Personal Data, and (use the Personal Data only as instructed and for no other purposes.
OpenText hosts Personal Data, and performs Processing operations on Personal Data, using hardware and servers located in the United States. For users outside of the United States, you acknowledge that the United States may not provide the same level of data protection as the country where you reside and you expressly consent to the transfer of Personal Data to the United States.
In addition to these recipients, some information, including User Content, may be visible to other users of the Services, including without limitation, certain profile information associated with your Account and your User Content, such as email account and/or profile photo. Please note that you are solely responsible for with whom you share your User Content and who you want to provide with additional rights to amend the User Content – thus, please be diligent in choosing the individuals with whom you share your User Content.
7. Data Security
We are committed to protecting the security of your Personal Data. In order to prevent unauthorized access or disclosure, we have put in place physical, electronic and managerial procedures to safeguard and secure the Personal Data we provide.
When you use secure areas of the Services, we use Secure Sockets Layer (SSL) protocol with 128-bit encryption. This means that all the information sent between your computer and our secure computer environment is encrypted or scrambled so that no one can read it in transit. Secure areas of the site have a time-out feature. If you leave your secure session inactive for some time, it times-out to prevent unauthorized access.
8. Data Privacy Rights
Depending on your location, you may have certain rights to access your Personal Data, or to request that your Personal Data be rectified, deleted or blocked, as provided by applicable law.
If you wish to exercise such rights, please contact us at firstname.lastname@example.org. We may require follow-up or contact information to allow us to verify your identity.
9. Data Retention, Deletion and Destruction
We will only retain your Personal Data until the purpose for which it was collected has been accomplished or as otherwise required or permitted by applicable law and internal data retention policies.
You can delete or amend User Content at any time by using the respective functionalities provided in the Services. To completely delete the Account, you need to email us at the: email@example.com. Deleted User Content stored in our backup systems will be automatically deleted or updated during our backup procedures.
11. Contact Us
If you have any questions, comments, concerns or complaints about this Policy, or the information practices of these Services, please contact us at firstname.lastname@example.org.
November, 4th 2014