Act! Software Limited Privacy Policy

Who this policy is for and what information it relates to

This policy applies to all web pages we operate for the following languages: French, German, Dutch, UK and RoI English. You can check which regional web page you are viewing as it is indicated from the ‘Select a region’ option at the top of each web page. This policy applies to information you provide to us in email; it also applies when you respond to advertising which results in you submitting information directly to us. It also applies to all services we provide, including our online and mobile products, and any other apps or services we may offer (for example, events or training). In this policy, we call these our ‘services’. This policy applies to you if you are a citizen of the European Economic Area. This privacy policy does not apply to you if you are a citizen of a country in North or Latin America – in this case, please select English (Americas) as your region and note that the privacy policy governing your use of the web site is at https://www.act.com/legal/privacy-policy.

Companies and similar legal entities are not in their own right covered by this policy because a company is not a living person (see the section ‘what personal data means’, below) – though this policy does apply to an employee of a company. In addition, this Privacy Policy does not cover data which you store in our products and services (‘Product Stored Data’), for example Act! Premium Cloud, Act! emarketing and Act! 365 and related apps. Because you determine how we should process Product Stored Data on your behalf, we are a ‘data processor’ in relation to Product Stored Data and your own policy and procedures will apply to Product Stored Data.

Use of the words ‘us’, ‘we’ and ‘our’

In this policy we use the words ‘we’ (or ‘our’ or ‘us’), to mean Act! Software Limited. We are a company registered in England, based in the beautiful (but sometimes a bit chilly) north east of England in the United Kingdom. Our registered and postal address is Ground Floor Q15, Quorum Park, Benton Lane, Newcastle upon Tyne, NE12 8BU, UK. You can contact Act! Software Limited by calling (+44) (0)203 356 2486 or for Privacy and data protection related matters, by emailing privacy@act.com. For other questions you can email CustomerCare@act.com.

What personal data means

When we use the term ‘personal data’ we mean it as defined by the General Data Protection Regulation – in summary this is any data relating to a living person which enables them to be identified, directly or indirectly, from that data. Examples of this data are your name, email, address, telephone number, user name, post code, your own bank account details, your own payment information, and similar information.

Agreeing to this policy, informing you of changes to it

If you do not agree with this policy, your choice is to not use our services. By accessing or using our services or products, you indicate your agreement to the terms of this Policy. This policy may change from time to time when we will communicate the changes by a notice on our web site. Your continued use of the Websites after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

How we collect your personal data

When you visit our websites or use our services, we collect personal data. We collect personal data actively and automatically as follows.

Personal data you actively provide to us. When you visit or use some parts of our websites and/or services we might ask you to provide personal data to us. For example, we ask for your contact information when you sign up for a free trial, transact with us (like purchasing a product or contract from us), respond to a job application or an email offer, participate in community forums, join us on social media, take part in training and events, respond to a survey, contact us with questions or request support. If you don’t want to provide us with personal data, you don’t have to, but it might mean you can’t use some parts of our websites or services.

Information we collect automatically. We collect some information about you automatically when you visit our websites or use our services, like your IP address, web browser, operating system and type of device. We also collect information when you browse our websites and services, including what pages you looked at and what links you clicked on. We collect your personal data automatically because it helps us get a better understanding of how you’re using our websites and services so that we can continue to provide you with the best experience possible (for example by personalising the content you see and editing our content to be more interesting).

Information we get from third parties. In certain circumstances we may obtain from third parties information about pages you visited before and after your use of website. This is usually when you have consented to such collection and sharing of data with one of our third party advertising partners, like Google. For more information about this kind of data use, please check the relevant advertising vendor’s privacy policy and, if relevant, you may wish to check your preferences with the relevant advertising platform vendor – for example, Google, Facebook, LinkedIn.

Where we collect personal data, we’ll only process it on a lawful basis, as follows:

  • to perform a contract with you (or to work with you in relation to a prospective contract), or
  • if we have legitimate interests to process the personal data and they’re not overridden by your rights. Our legitimate interests are to conduct our business of selling and servicing Act! and related products and services, or
  • in accordance with a legal obligation (like an Act of Parliament), or
  • if we have your consent.

If we don’t collect your personal data, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you.

How we use your personal data

We use your personal data in a number of ways, as described below.

To operate our websites and provide our other services and products. We will also use it to manage our relationship with you.

To communicate with you. This may include:

  • providing you with information you’ve requested from us (like training or education materials) or information we are required to send to you
  • operational communications, like changes to our websites, products and services, security updates, or assistance with using our products, websites and services
  • marketing communications (about our own products and services, and sometimes those of others which are complementary to our own) in accordance with your marketing preferences
  • asking you for feedback or to take part in any research or surveys we are conducting (which we may engage a third party to help with).

To support you. This may include assisting with the resolution of technical support issues or other issues relating to our products, websites or services, whether by email, in-app support or otherwise.

To enhance our products, websites and services and develop new ones. For example, by tracking and monitoring your use of websites and services so we can keep improving, or by carrying out technical analysis of our products, websites and services so that we can optimise your user experience and continually improve our products, websites and services.

To protect from misuse. So that we can detect and prevent any fraudulent or malicious activity, or other misuse of our websites and services, and make sure that everyone is using our websites and services fairly and in accordance with our terms of use.

To advertise to you. In addition to sending you marketing communications, we may also use your personal data to display targeted advertising to you online – through our own websites and services or through third party websites and their platforms.

To analyse, aggregate and report. We may use the personal data we collect about you and other users of our websites and services (whether obtained directly or from third parties) to produce aggregated and anonymised analytics and reports, which we may share publicly or with third parties.

Disclosing your personal data to third parties

Disclosing to our group companies. We will provide your personal data to affiliate companies in the Act! LLC  group based in the USA. This is because we share resources globally so need to pass information seamlessly between our group companies. To ensure adequate safeguards are in place to protect your personal data these group companies have self-certified with Privacy Shield.

Disclosing to other third parties, like suppliers. We may provide personal data to our vendors, suppliers, and other business partners which we need to process your personal data on our behalf (“our Processors”) to enable us to provide you with Act! products or services. In accordance with Act! GDPR obligations, Act! has put in place written contracts with our Processors. Those which are based in the USA have self-certified with the US Department of Commerce Privacy Shield framework. If we export to others outside the EEA, we will ensure adequate safeguards are in place. If you are based outside the UK (excluding the Americas and Oceania) we may share your personal data with one of our Act! Certified Consultants – these are identified by country on our relevant web page – click on the ‘Global Partner Network’ tab in the top menu bar of our website. We will also provide your personal information to government agencies, courts or other third parties where it is necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. If permitted by law and appropriate, we will notify you of this type of disclosure.

Anonymised Information. We may provide information about you to third parties that does not allow you to be identified by third parties (“Anonymised Information”). We may also use Anonymised Information as part of products or services that we provide to third parties and to improve our products, services, and the Sites.

Product Stored Data. We will not access Product Stored Data except in the following limited circumstances: (1) to provide you with technical support, solely at your request and with your permission; (2) on a limited-access basis (being the minimum access technically necessary) to install updates, produce regular backups, or restore data from backups at your request; (3) where the inherent purpose of the product or service requires us to provide Product Stored Data to a third party on your behalf (for example when you have set up the API to do so) and, (4) to utilize Anonymised Information derived from Product Stored Data to help us improve our products and services (including individually to you) and in developing additional offerings. To enable you (or the business entity you represent) to fulfil the GDPR requirement to enter into a contract with us covering you engagement of us as a data processor, please request a copy of our Data Processing Agreement. If at any time you decide to discontinue your use of the applicable service, your Product Stored Data will be destroyed and removed from all servers according to the terms of use and other contract terms relating to the Service.

Public Posts. You may provide information to be posted on public areas of the Websites. Your public posts are posted and transmitted to others at your own risk. Although we limit access to certain pages, and you may set certain privacy settings for such information by logging into your account profile, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users of the Website with whom you may choose to share public posts. Therefore we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons.

Act! business changes. In the event that all or a portion of any member of the Act! group of companies (or the assets of one of them), is bought or sold, your personal data will be included among the transferred business assets, but such information remains subject to this Privacy Policy or a Privacy Policy substantially similar to this privacy Policy.

Sending personal data outside the EEA. The personal data that we collect from you will be transferred to, and stored by our group companies and third parties mentioned above. Our group companies and some third parties process this data with personnel and on computer equipment located in the USA. By submitting your information, you agree to this transfer, storing or processing. We will ensure that appropriate safeguards are in place so that your personal data is kept secure. As mentioned above and to comply with GDPR, we will require our Processors to enter into written contracts with us, and ensure that they have in place appropriate safeguards to ensure compliance with data protection requirements and to ensure the rights of the data subjects appropriate to processing in the EU.

Security of your personal data. We understand we have a legal obligation under GDPR to keep your personal data secure, and we have appropriate technical and organisational measures in place to ensure it is. For more information about security please see our web page about our technical and organisational security measures, which you can access from www.act.com/gdpr.

Duration of processing your personal data. The period for which we will store Personal Information is based on our need to fulfil our legitimate business needs, comply with applicable law, resolve disputes, and enforce our agreements. If you (or the company/organisation you represent) becomes a customer of Act!, typically we will process your personal data for up to 6 years at which point we will destroy it. If you (or your company/organisation) does not become a customer, typically we will process it for up to one year before we destroy it or delete your personal data from the contact details of the relevant account records we hold for your company/organisation.

Your individual rights

You have rights to make a request to us:

  • for access to your personal data
  • for rectification or erasure of your personal data
  • for restriction of processing concerning you
  • to object to our processing which is based on legitimate interests
  • to object to direct marketing (including related profiling)
  • to port your personal data which you have provided to us, either to you or to another provider in a structured, commonly used and machine readable format.

Right to withdraw consent

You have a right to withdraw any consent you give us at any time. This will not affect the legality of our consent-based use before you withdrew consent. To exercise any of these rights, please contact us using the contact details at the beginning of this policy.

Opting out of Email. Occasionally, Act! may send you email to provide you with sales and marketing information or promotions relating to products and services that may be of interest to you. You may opt out of receiving these communications as indicated below. We will also send you relationship or transactional messages in order to notify you of important product issues and updates, such as to inform you about the renewal of your existing subscription contract, to resolve specific questions or requests made by you via phone, fax, email, or the Web and in response to any activity completed on any of the Sites, including but not limited to, registration, ordering, downloads, and requests for information. Each email we send will contain instructions on how to unsubscribe in the event that you do not wish to receive future emails from Act!. Please allow 10 business days to be removed from the promotional email list. Please note that we do need to continue to send you some transactional email for the duration of any contract for services with you; typically these messages concern important security and similar information about product or service updates.

If you receive email through the Act! emarketing service and wish to opt-out, simply click the “Leave this list” link in the footer of the email.

Cookies. Our website uses cookies and similar tracking technologies to distinguish you from other users of the Websites. This allows us to provide you with a good experience when you browse the Websites and also allows us to improve the Websites. For detailed information on cookies and how we use them, please see our Cookie Policy.

Third-party email promotions. If you access and/or use any third party services from a link on our website, a Partner co-branded site or by any other means, any personal data you provide in connection with such service is submitted to that third party and is not subject to this Privacy Policy. You should consult the privacy policy of the third-party site before you provide your personal data.

Complaints about how we use your personal data

If you’re not happy with how we are processing your personal data, please let us know by sending an email to privacy@act.com. We will review and investigate your complaint, and try to get back to you within a reasonable time.

You have a right to complain to the Information Commissioner, whose contact details are:

Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow, Cheshire
SK9 5AF
England, UK

Telephone: 0303 123 1113 (local rate) or 01625 545 745 (national rate).

Website: https://ico.org.uk which sets out relevant email addresses and an email form.

Privacy Policy Effective Date: this privacy policy is effective from 25 May 2018.