Focal Point Software Ltd. and our subsidiaries (“we” or “us”) are a leading provider of cloud document processing services. Our brands include Focal Point, Aluma and aluma.io. We care about protecting the personal information of our customers and visitors who use our websites, products or services (collectively, our “Users”).
Information we collect from you
In the course of your use of the Services, we obtain the following information about you as described below. We collect this data for the purposes described under “How We Use Your Information”.
Signing up for services; User information
- Information you provide prior to any registration process, such as your email when you provide it to us; and
- Information that you provide during any registration process (such as your name, company name, email address, phone number and geographic location), when you call or email us (for support or otherwise) or when you use our products or services.
Use of services
- The sort of information we hold may include, but not be limited to; your name, postal address, email address and telephone contact numbers.
Website visits and support
Data relating to your online activity on our websites or cloud services with respect to our Services, including the following:
- IP address
- browser type and version
- geographic location
- pages you view
- how you got to our Services and any links you click on to leave our Services
- when you update your information, communicate with us, or order new Services
- metadata about your use and your contacts’ use of our Services and your interactions with the emails we send you (including clicks and opens)
- your interactions with any videos we offer
- issues you encounter requiring our support or assistance
- any device or other method of communication you use to interact with the Services
- requests made to the Aluma API, including frequency and types of requests
We store this data we collect in a variety of places within our infrastructure, including system log files, back end databases and analytics systems.
- Information you provide to us at seminars or to our partners;
- Information you provide to us in surveys;
- Information that is publicly available; and
- Information you consent to us receiving from third parties.
How we use your information
We use the information we collect, both on its own and combined with any other information we collect about you, for the following purposes:
- To provide the requested Services to you;
- To provide you with useful content;
- To ensure the proper functioning of our Services
- To offer and improve our Services;
- To provide you with requested information or technical support
- To facilitate your movement through our websites or your use of our Services;
- To diagnose problems with our servers or our Services;
- In connection with our security and compliance programs;
- To administer our websites;
- To communicate with you;
- To target prospective customers with our products or services (such targeting is only performed with your permission where your consent is required by applicable law);
- To assist us in offering you a personalized experience or otherwise tailor our Services to you; and
We also use the information we receive in aggregated and anonymized formats to produce reports on trends and statistics, such as mobile search trends, email open rates by industry, campaign best practices or the number of users that have been exposed to, or clicked on, our websites or evaluated or purchased our products and services.
Sharing of information
As further described below, we will only share certain personal information with:
- third party service providers and vendors;
- in connection with a sale, merger, acquisition or corporate reorganization;
- authorized users within your organization; and
- for legal reasons.
Further information about the third parties with whom we share personal information is available here.
Sharing with third party service providers and vendors
Occasionally, we enter into contracts
with carefully selected third parties
so that they can assist us in servicing
you (for example, providing you with
secure login pages for our services and
providing us with information
technology and storage services) or to
assist us in our own marketing and
advertising activities (including
providing us with analytic information
and search engine optimization
Additional information about certain third-party service providers we share personal information with is available below. Our contracts with such third parties prohibit them from using any of your personal information for any purpose beyond the purpose for which it was shared.
- Microsoft Azure
If we are involved in a merger, acquisition, a sale of all or a substantial portion of our assets, or other similar sale transaction, your information will be transferred as part of that transaction. We will notify you by email and/or a prominent notice on our website of any such transfer and any choices you may have regarding your information.
Lastly, if legally required to do so, or if we have a good faith belief that such disclosure is reasonably necessary, we may disclose your personal information to courts of law, law enforcement authorities and other relevant third parties, such as internet service providers, to conduct an investigation, respond to a third party or law enforcement subpoena or court order, bring legal action, prevent harm to others or pursue other relief when you or a third party are or may be:
- violating our terms and conditions of use;
- causing injury or other harm to, or otherwise violating the property or other legal rights, of us, other users, or third parties; or
- violating federal, state, local, or other applicable law.
This disclosure can include transferring your information to the U.S. and other countries outside the European Economic Area. To the extent we are legally permitted to do so, it is our policy to notify you in the event that we are required to provide your personal information to third parties in connection with a subpoena.
The transmission of information via the internet, email or text message is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted through the Services or over email; any transmission is at your own risk.
Once we have received your information, we will take appropriate technical and organizational measures to safeguard your personal information against loss, theft and unauthorized use, access or modification.
When we collect financial account information, such as credit card numbers, we protect its transmission through the use of encryption such as the Transport Layer Security (TLS) protocol.
Tracking technologies and online advertising
Marketing communications from us
You always have the opportunity to opt out of our marketing communications with you or change your preferences by following a link in the footer of all non-transactional email messages from us or by emailing us at email@example.com. Some communications from us are considered transactional or service communications (for example, important account notifications and billing information), and your account(s) for Focal Point Software products and services are provided to you upon the condition that you receive these communications from us.
You must cancel your account(s) for Focal Point Software products and services, as applicable, if you do not wish to receive any transactional or service communications. To cancel your Focal Point Software account(s), please follow the instructions found in the terms of service for the applicable Focal Point Software service. You may still receive marketing communications from us even after you cancel your account unless you also opt-out of our marketing communications, as described above.
We may contact you by telephone, with your consent where applicable, for marketing purposes. We will check the Telephone Preference Service (TPS) and our internal CRM system before making calls. If your number appears as blocked on either list, we will not call you. If you do not want to receive marketing calls, please contact customer support and we will update our records.
As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers
Information from third parties
To manage the information we receive about you from a social networking site or other third parties (if applicable), you will need to follow the instructions from that party for updating your information and changing your privacy settings, where available.
If an account or profile was created without your knowledge or authorization, please contact customer support to request removal of the account or profile.
Retention of personal information
We retain your personal information to provide services to you and as otherwise necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will retain your personal information for no more than seven years following the later of (i) the date on which you terminate your use of the Services or (ii) May 25, 2018, unless we are otherwise required by law or regulation to retain your personal information for longer.
Legal basis for processing your information
Depending on what information we collect from you and how we collect it, we rely on various grounds for doing processing your information under the GDPR, including the following reasons:
- In order to administer our contractual relationship, including setting up your requested Services, payments, renewals and processes;
- Because it is in our legitimate interest to run a successful and efficient business and provide you with the Services and other useful content;
- In order to fulfil any legal obligations we may have to collect this information from you; and/or
- Because you have provided your consent for us to do so.
Where the European Union’s General Data Protection Regulation 2016/679, or GDPR, applies, in certain circumstances and subject to data processing agreements, you have rights in relation to the personal information we hold about you. We set out below an outline of those rights and how to exercise those rights.
Please note that we will require you to verify your identity before responding to any requests to exercise your rights by providing details only known to the account holder. To exercise any of your rights, please email firstname.lastname@example.org. Please note that for each of the rights below we may have valid legal reasons to refuse your request, in such instances we will let you know if that is the case.
You have the right to know whether we process personal information about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
You have the right to receive a subset of the personal information you provide us if we process it on the legal bases of our contract with you or with your consent in a structured, commonly used and machine-readable format and a right to request that we transfer such personal information to another party.
If you wish for us to transfer the personal information to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal information or its processing once received by the third party.
Please note that while we assess whether the personal information we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below.
You may request that we erase the personal information we hold about you in the following circumstances:
- where you believe it is no longer necessary for us to hold the personal information;
- we are processing it on the basis of your consent and you wish to withdraw your consent;
- we are processing your data on the basis of our legitimate interest and you object to such processing;
- you no longer wish us to use your data to send you marketing; or
- you believe we are unlawfully processing your data.
- Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.
Restriction of processing to storage only
You have a right to require us to stop processing the personal information we hold about you other than for storage purposes in the following circumstances:
- You believe the personal information is not accurate for the period it takes for us to verify whether the data is accurate;
- We wish to erase the personal information as the processing we are doing is unlawful but you want us to simply restrict the use of that data;
- We no longer need the personal information for the purposes of the processing but you require us to retain the data for the establishment, exercise or defence of legal claims; or
- You have objected to us processing personal information we hold about you on the basis of our legitimate interest and you wish us to stop processing the personal information while we determine whether there is an overriding interest in us retaining such personal information.
You also have the right, at any time, to object to our processing of data about you in order to send you marketing, including where we build profiles for such purposes and we will stop processing the data for that purpose.
Withdrawal of consent
Where you have provided your consent to us processing your personal data, you can withdraw your consent at any time by emailing email@example.com.
Third party links and information collection and use by our users
Some of our Services may provide links to other websites. Because we do not control the information policies or practices of these third party sites, you should review their privacy policies to learn about how they collect and use personal information.
For example, these services may collect your IP address, which page you are visiting on our websites, and may set a cookie to enable it to function properly.
Our Services are not directed to persons under 18. We do not knowingly collect personal information from children under 18. If a parent or guardian becomes aware that his or her child has provided us with personal information without such parent or guardian’s consent, he or she should contact us. If we become aware that a child under 18 has provided us with personal information, we will delete such information from our files.
In providing the Services to you, your personal information will not be transferred to outside of the European Economic Area (EEA). Should any changes to this policy take place, appropriate safeguards will be introduced in accordance with the GDPR regulations and this will be communicated to Users accordingly.
For transfers of personal information within the Focal Point Software corporate family, such transfer will be under the Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decision 2004/915/EC and 2010/87/EU.
In the event that you wish to make a complaint about how we process your personal information, please contact our representative at firstname.lastname@example.org and we will try to deal with your request. This is without prejudice to your right to raise a complaint with the UK Supervisory Authority (Information Commissioner’s Office) by contacting:
Information Commissioner’s Office
Notification of changes