1.1 Our Commitment
PelicanCorp (‘we’ or ‘us’ or ‘our’) is committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by data protection principles. However, we recognize our obligations in updating and expanding this program to meet the demands of the GDPR.
PelicanCorp is dedicated to safeguarding the personal information under our control and developing data protection methods that are effective, fit for purpose and demonstrate an understanding of, and appreciation for the GDPR regulations.
1.2 Information Security & Technical and Organisational Measures
PelicanCorp takes the privacy and security of individuals and their personal information very seriously and take every reasonable measure and precaution to protect and secure the personal data that we process. We develop our systems in such manner that a minimum of personal data is required to allow a user a register his or her account which minimizes the amount of meta data we store and have to manage. PelicanCorp has robust information security policies and procedures in place to protect personal information from unauthorized access, alteration, disclosure or destruction and have several layers of security measures, including: SSL, access controls, password policy, encryption, pseudonymization, best practices, data restriction, and IT authentication.
1.3 Collection of Personal Information
We may collect your personal information, including but not limited to your:
- Contact information;
- IP address and location data;
- Website statistics and analytics data regarding your use of the Website and Service;
- Other types of raw data relating to how you interact with the Website and Service including, for example, your browser information and session duration;
- Banking and/or credit card information;
- Any other information requested from you upon signing up to become a subscriber or account holder on our Service; and
- While we do not request it, there may be other instances where you elect to upload information to our Service that includes your, or a third party’s personal information.
Our Websites and Services may place a temporary or permanent "cookie" in the browser files of your computer. The cookie itself does not contain any personally identifying information. However, the cookie may enable us to relate your use of our Website and Service to information that you have specifically and knowingly provided. By changing the settings in your web browser, you can prevent cookies from being used. However, doing so may interrupt the proper use of the Websites and Services.
1.5 Data Logs
Part of our Service includes running processes on your data in either via a WFS feed to your hosted data, or to your data in our AWS account. When such processes are run, data logs are created by our software which record the names of the files, resources, objects, or items our Service processed.
To the extent the names of your resources include any personal information, such personal information may be stored and replicated in the logs our Service creates. While we have access to the file logs to provide customer and technical support, billing and audit trails, aside from running the processes requested on your data, we do not access any underlying resources your WFS feed data is provided by.
PROVIDING US WITH THIRD-PARTY PERSONAL INFORMATION
With respect to any personal information supplied to us, we keep personal information only for as long as it is required for the purposes for which it was collected and compliance with laws and regulations. As a result, there is no single retention period applicable to all instances of personal information collected by us. Upon your request, we will redact or where appropriate, delete, any third party personal information stored in the data logs.
1.6 The Use of Your Personal Information
The collection of your personal information is used to:
- Promote our Website and Service offerings to you;
- Support and improve the Website and Service we offer;
- Provide customer support;
- Communicate with you, your agents, employees or representatives about your account;
- Bill and collect money owed to us;
- Pursue available legal remedies to us;
- Meet legal requirements;
- Enhance our Service offerings to you; and
We do not sell your personal information to third parties. Nor do we sell the personal information of third parties that you provide to us.
1.7 The Disclosure of Your Personal Information and Access to It
We may share your personal information with our employees who need to use that information in connection with one or more of the purposes for which that personal information was collected.
We may operate the Website and Service in conjunction with independent contractors and services providers. Our independent contractors may have access to your personal information and data logs. We may use a variety of service providers (including cloud hosting and data storage providers), partners or affiliates in locations both inside and outside of Europe, which may make your personal information, or personal information stored in your account, the subject of foreign laws and foreign legal proceedings.
- We use SumoLogic (see https://www.sumologic.com) for log collection;
- We use Zendesk (see https://www.zendesk.com) software for interacting with you and providing you with customer and technical support;
- We use QuickBooks by Intuit Inc. (see https://quickbooks.intuit.com), for accounting and invoicing;
- We use SendGrid (see https://sendgrid.com) to send you receipts, account notifications and other emails; and
- We use SalesForce (see https://www.salesforce.com/) for contact and contract management.
- We use GoogleAnalytics (see https://policies.google.com/privacy?hl=en-US#infocollect) for the collection of website visits.
- We use Facebook pixels (see https://www.facebook.com/policies/cookies/) for tracking certain website visits.
We cannot make any guarantees as to the location(s) of data stored on our behalf by the above entities.
SumoLogic, operating as SumoLogic, may also store logs created by the Service for a limited period of time. To the extent the logs have any personal information (as referenced above), you acknowledge that SumoLogic will be in possession of that information.
We may also access and/or disclose personal information if required or permitted to do so by law (for example, in order to comply with a legal process, including but not limited to one imposed by a warrant, subpoena, court order or like instrument served on us).
We may also disclose personal information to our successors (if our business, the Website or the Service is acquired by another legal entity), or any assignee of our assets relating to the Website and Service.
WHILE WE TAKE MEASURES TO PROTECT PERSONAL INFORMATION, YOU AGREE THAT TO THE FULLEST EXTENT PERMITTED BY LAW, WE, OUR SUCCESSORS, ASSIGNS, EMPLOYEES, OFFICERS, DIRECTORS AND INDEPENDENT CONTRACTORS SHALL NOT BE LIABLE FOR THE LOSS OR THEFT OF ANY PERSONAL INFORMATION UPLOADED TO THE SERVICE (OR OTHERWISE PROVIDE TO US) OR ANY DAMAGES CAUSED AS A RESULT THEREOF.
1.8 Retention of Your Personal Information
When any personal information is no longer required for the purposes for which it was collected, we may destroy the personal information in a manner that takes into account its sensitivity. Please contact us if you wish to inquire about deleting your own personal information.
1.9 European General Data Protection Regulation
Our privacy practices intend to meet the requirements of the General Data Protection Regulation of the European Union ("GDPR"). As a company that may process the personal information of persons who reside in or are citizens of the European Union (a "European person"), we have implemented appropriate technical and organizational measures to meet the GDPR’s requirements and protect European persons personal information. Our technical measures to protect personal information take into account current technology available and the costs of implementing that technology in addition to the nature, scope, context and purposes of the personal information collected and processed. If you have any questions about our technical and organizational measures to meet the GDPR requirements, please contact us.
If you collect personal information from European persons, you represent and warrant to us that your personal information collection and storage procedures comply, at all times, with the GDPR. To the extent you provide us with, or, have our Service process any personal information of a European person, you further represent that you have obtained informed consent to transfer their information, internationally, to us. If such consent is subsequently revoked, you agree to inform us immediately.