fbpx

Privacy Policy

SPOTSPOS

PRIVACY POLICY

Information Gathering

We are devoted to maintaining the privacy of your information. Customers, who register, are required to provide contact information, such as name, company name, company address, phone number, e-mail address, billing details and the number of users within the organization that will be using SpotsPOS. We may also request for extra information, such as job title or additional company information.

Login Credentials

Upon registration for SpotsPOS, we will give you your login credentials which you will use to access the Service. You are responsible for the confidentiality as well as the security of your user registration and password. In the event of your login details becoming compromised, you are required to contact us instantly.

Personal Identification Information

We may acquire personal identification information from Users through different ways such as when Users access the Service, register on the website, make an order, fill out a form or a survey, and as regards other activities, features, services, resources or materials we provide on the Service. We may request for name, email address, mailing address, phone number from Users. We will acquire personal identification information from Users only when they voluntarily provide such information to us. You can always decline to provide personal identification information, only that it may hinder you from engaging in certain Service-related activities.

Non-personal identification information

We may acquire non-personal identification information about Users from them when they access or carry out any activity on the Service. The non-personal identification information may involve the browser name, the kind of computer as well as technical information about Users’ means of connection to the Service, including the operating system as well as the Internet service providers used and any other related information.

Other Information We Track and Log

SpotsPOS may acquire some information such as number of customers, repairs, appointments, orders, and sales from shops. Crashes and logs during the use of SpotsPOS. This information is often required to diagnose technical issues and to manage the Service so as to regularly improve the quality of the service.

Your Rights and Choices

You have the right to request a copy of the information that we hold about you.

The Data Protection Legislation also gives you additional rights about the information we hold about you and how we use it, including the right to:

Withdraw consent and the right to object and restrict further processing of your data in certain circumstances; however, this may affect service delivery to you

Request to have your data deleted where there is no compelling reason for its continued processing and provided that there are no legitimate grounds for retaining it

Request your data to be rectified if it is inaccurate

Have your data provided in a structured, commonly-used and machine readable format in certain circumstances.

You have the right to complain to us if you think we have not complied with our obligation for handling your personal information.

Edit your Personal Information

You can update or remove any or all of your personal information at any time by logging into your SpotsPOS account and editing your personal information. You can see your updated profile so that you can confirm that your edits have been made or you may contact us for any assistance at [email protected] .

Use of your Information

SpotsPOS makes use of the information that we acquire to create and manage the Service for individuals and their organization. We will use the acquired information to communicate with the shop to further discuss the Service that we offer as well as to send information (such as promotions) concerning the Service. We will not distribute or share your personal information with third parties without your knowledge and consent. We will not contact your customers.

Billing Information

Billing information that we collect through SpotsPOS is used only to bill for the Service. It is not used for any form of marketing or promotional purposes.

Customers Information

Our customers will be using the Service to host data and information. SpotsPOS will not share, dispense, print, or reference any such data except as mentioned in the SpotsPOS Terms and Conditions or as required by law. Individual records at times may be viewed or accessed only to sort out an issue, support matter, or speculated breach of the master subscription agreement, or as demanded by the law.

Data Controller

The data controller of this website/app is SpotsPOS.

Collection and Use of User Data

As regards Users, SpotsPOS does not automatically collect any Personal Data, and you may operate the Services so that no User Personal Data is processed.

Processing of Personal Data

YOU MUST PROVIDE SPOTSPOS WITH PRIOR WRITTEN NOTICE OF YOUR INTENT TO PROVIDE, SEND, COLLECT OR IN ANY WAY PROCESS USER PERSONAL DATA VIA THE SERVICES. 

Processing Personal Data via the Services, includes without limitation (a) processing by you; or (b) by SpotsPOS due to such events as (i) data import or export; or (ii) transfer occurring due to an integration with a Third Party Service. 

 

Upon notice of your intent to process Personal Data, we will consult with you and treat such Personal Data as required under the terms herein and the Section titled “Processing of Personal Data” below will apply thereto.

Sensitive Personal Data

Under no circumstance are you permitted to use the Services to process, or provide SpotsPOS with, ‘sensitive personal data’ as defined in the General Data Protection Regulation (the “GDPR”) or any other information which is subject to elevated data processing responsibilities in your jurisdiction, or any jurisdiction in which SpotsPOS operates, including without limitation social security numbers, driver’s license numbers, national id numbers, medical or health care data.

WHERE YOU HAVE PROVIDED US WITH NOTICE THAT YOU WILL BE COLLECTING USER PERSONAL DATA VIA THE SERVICES THE FOLLOWING TERMS APPLY:

SpotsPOS’ Obligations as Data Controller

By opting to allow us process Personal Data using the Services, you hereby agree that we are the data controller (as defined by GDPR) with respect to such Personal Data. 

In addition to our other responsibilities set out elsewhere in the Agreement, we also agree that:

We have and will continue to abide by an appropriate privacy policy relating to the collection and use of User Personal Data. We must post a privacy policy and that policy must provide notice of SpotsPOS’ use of User Personal Data;

We shall, at all times, comply with our obligations as data controller and shall procure that our subcontractors or agents and all authorized users comply with their obligations under all applicable data protection legislation in relation to all User Personal Data that is processed by or on our behalf under this Agreement. We shall ensure that all direct marketing undertaken or intended to be undertaken by or through the use of the Services or Third Party Services will comply with all applicable legislation; 

We shall ensure that our customers and all relevant third parties have been informed of and have given their consent, as required by applicable data protection legislation, to the specific use, processing, and transfer of Personal Data as contemplated by this Agreement.  This also includes consent to use of cookies and more particularly the specific cookies that are used by SpotsPOS in delivering the Services, and the specific data collected, as per above;

User Personal Data may be transferred or stored outside the country where we or our End Users are located in order to carry out the Services and our other obligations under the Agreement.  

Transfer of User Data to Third Party Providers

 

Third Party Providers Appointed by SpotsPOS

The Services are provided on a software-as-a-service, hosted basis.  As such SpotsPOS uses third party providers to provide certain services, including hosting.

These third party providers will have access to certain data, including relevant User Personal Data for the purposes of providing their specifically contracted services to SpotsPOS

We will use commercially reasonable efforts to ensure that such third party providers utilize reasonable industry recognized security measures to protect against loss, misuse and unauthorized viewing of the information you provide to SpotsPOS

SPOTSPOS DOES NOT GUARANTEE AND SHALL NOT BE LIABLE FOR THE PERFORMANCE OF ANY THIRD PARTY PROVIDER.

Third Party Providers Appointed by You 

You may elect to subscribe to the Services that permit integration with Third Party Services. 

Where you choose to integrate with Third Party Services, this may entail providing SpotsPOS with access to User Data held by such Third Party Services, and may require the providers of such Third Party Services to have access to Customer’s User Data collected via the Services.  SpotsPOS will only transfer User Data to providers of Third Party Services or other third parties appointed by you on written instructions from you. 

With regard to third party providers, you acknowledge and agree that:

SpotsPOS has no contractual relationship with such third parties, and no responsibility for User Personal Data once such a transfer commences, nor for the duration such third party holds the relevant data. SpotsPOS does not audit the adequacy or otherwise confirm the security or organizational measures employed by such third parties, which is your sole responsibility.

You are responsible for ensuring that your use of the Services complies with any service terms of applicable Third Party Services or service terms relating to other applicable third parties. SpotsPOS is not required to maintain User Personal Data collected in breach of any relevant data protection or other applicable laws.

SpotsPOS makes no representations as to the appropriateness or legality of your choice to permit such third parties with access to its User Data, and you are responsible for ensuring that you have all requisite consents, and have provided any required notices to End Users with respect to this processing of their data. SpotsPOS is not responsible for the processing of User Data by Third Party Services. 

SPOTSPOS HEREBY DISCLAIMS ALL RESPONSIBILITY FOR THE ACTIONS OF SUCH THIRD PARTIES OR FOR LOSS, DAMAGES, OR CLAIMS ARISING AS A RESULT OF DEPLOYING INTEGRATION CODE INVOLVING PERSONAL DATA OR MAKING A TRANSFER OF PERSONAL DATA ON CUSTOMER’S BEHALF.  SPOTSPOS MAKES NO REPRESENTATIONS OR WARRANTIES AS TO THE SUITABILITY OF SUCH THIRD PARTY FOR RECEIPT OF PERSONAL DATA NOR OF THE SUITABILITY OF THE THIRD PARTY SERVICES TO PROCESS PERSONAL DATA.

Transfers of User Personal Data Outside the EEA 

SpotsPOS will only transfer User Personal Data outside the EEA on your specific request.  Examples of why you may make such a request are transfers of such data to you or your affiliates, where you or your affiliate is based outside the EEA; a transfer to a third party outside of the EEA for further processing of the data; a specific request by you that SpotsPOS uses an third party hosting provider or where you opt to integrate with Third Party Services outside of the EEA.

All requests to transfer User Personal Data outside the EEA, except with respect to transfers related to integrations with Third Party Services, must be made to us via email or in writing.

Where you opt to send User Personal Data to providers of Third Party Services via integration, you agree that providers of Third Party Services are not sub-processors of SpotsPOS for data protection purposes and such providers are your directly-contracted data processors acting under your instructions.

In making a request for SpotsPOS to transfer User Personal Data, subject to the GDPR and related privacy regulations outside of the EEA, you confirm the following:

there is an adequate level of protection in place for such transfer as such term in understood under the GDPR.

You will indemnify and hold harmless SpotsPOS, its subsidiaries and affiliates (and their respective employees, directors, officers, shareholders, attorneys, agents and representatives) from and against any and all claims, costs, losses, damages, judgments, penalties, interest and expenses (including reasonable attorneys’ fees and costs) from any claim, action, audit, investigation, regulatory action, inquiry or other proceeding that arises out of or relates to use of User Personal Data by Third Party Services providers, or other transferees, or your failure to comply with any applicable laws and regulations in connection with the transfer of the User Personal Data outside the EEA including any applicable data protection legislation or that arises out of or relates to any subsequent use of the data by the relevant transferee. This indemnification obligation set forth herein shall survive the termination of your use of the Services and/or the termination of the Agreement.

Subject Access Requests

SpotsPOS will promptly assist you with all notice, requests or other enquiries relating to the data protection rights which may be received by you or SpotsPOS, at your reasonable expense.  

SpotsPOS will not be responsible for determining the authenticity of any purported data subject’s request to access his or her User Personal Data. In the absence of express instructions to do so from you, SpotsPOS will not provide a data subject with access to his or her Personal Data unless it is demonstrated to our satisfaction that the applicable data controller has refused such access.

Security

SpotsPOS is committed to pursuing maximum security measures to help protect against the loss, exploitation, damage, and alteration of the data we control. When the Service is accessed, Secure Socket Layer (SSL) technology defends information with the aid of not just server authentication but also data encryption to ensure that data is well secure and accessible only to you, the registered user. Our services are hosted in a secure cloud environment to hinder access from intruders. SpotsPOS grants you the opportunity to select uncommon usernames and passwords that must be used any time a customer logs on. This way, we ensure the appropriate use of data, thwart unauthorized access, and keep up data accuracy.

Each party (SpotsPOS and Users) agrees to take appropriate, and industry standard, technical and organizational measures against unauthorized or unlawful access or processing of User Personal Data or its accidental lost, destruction or damage, such as appropriate system and network access controls, intrusion detection and prevention systems, network segmentation, encryption, and the like.

Security Breach Notification

SpotsPOS will promptly notify Customer of any known or reasonably suspected loss, misuse, or unauthorized access, intrusion, destruction, deletion, modification, or other material compromise of Customer’s User Personal Data processed by SpotsPOS (“Security Breach”). 

Upon discovering a Security Breach, SpotsPOS shall take all reasonable industry standard measures to mitigate any harmful effects of such Security Breach and work with Customer as necessary to address the Security Breach.

Cookies

SpotsPOS makes use of cookies to identify returning visitors. We collect this information for internal use only and never authorize the release of this information to anyone outside of SpotsPOSSpotsPOS engages in advertising programs administered by third parties, and advertising, as well as retargeting, cookies are used. Advertising cookies permit us to make advertising more significant for visitors to access the Service, through showing adverts that might attract users or that they might be interested in viewing (based on other sites they have been to and prior browsing history) and evading showing adverts that they have already seen.

Retargeting cookies allow SpotsPOS to advertise to visitors to the Service via third-party websites. Those third-party websites show their visitors advertisements for SpotsPOS’ services based on cookies that inform the third party site that the visitor has earlier visited SpotsPOS’ site.

Also, the cookies we use suggest that data as regards to traffic on the Service and about the kinds of third-party websites that visitors to the Service also visit are gathered and shared with other participants in the third-party advertising program. The data that is shared contains no personal information and cannot be used to recognize any individual visitor.

How long we keep information

Subject to any applicable legal requirements, we typically retain personal data for a period of 2 years since your last usage of the Services.

Data Retention

After a request from a User to delete any data, an automated process will begin that permanently deletes the relevant data. Once begun, this process cannot be reversed and data will be permanently deleted. Any data which is not deleted shall be kept in an anonymized manner.

As a registered User you can always view, access, change and delete your information by logging into your account.

Similarly, SpotsPOS collects and retains usage data, other metadata and statistical information concerning the use of the Service are not subject to the deletion procedures in this Notice and may be retained by SpotsPOS. Some data may be retained also on our third party service providers’ servers.

Children Policy

We do not knowingly market or offer services to children. The Services are not designed for use by children under 18 years old. Children under 18 are not allowed to register with or use the Services, or submit personal data through the Services. We do not knowingly collect personal data from anyone under the age of 18. If we discover that we have collected personal information from a child under 18, we will delete that information immediately.

Relevant Legislation

Alongside our business and internal computer systems, this site is designed to comply with the following national and international legislation regarding data protection and user privacy:

EU Data Protection Directive 1995 (DPD) [http://eur-lex.europa.eu/legal-content/en/ALL/?uri=CELEX:31995L0046]

EU General Data Protection Regulation 2018 (GDPR) [http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG&toc=OJ:L:2016:119:TOC]

Compliance with Law

If we become aware that a SpotsPOS user is using or has used the Service to carry out any crime, or if any form of emergency occurs that acts a safety threat to you or to any other person, we will notify and collaborate fully with the proper authorities.

Changes & Updates

Our Privacy Policy will update from time to time, with the addition of more features, but we will inform you each time either by posting a detailed notice on the login page or through other means.

Questions or Concerns

If you have any questions or concerns regarding terms, privacy, or services, please send us a detailed message via our Contact Us page. We will make every effort to resolve your concerns.