1. ECI's Data Protection Commitments to You
1.1 We will, in relation to any Personal Data Processed by us on your behalf:
(a) Process that Personal Data only on your instructions or as otherwise agreed in writing with you, unless we are required by applicable laws to Process that Personal Data. When we rely on applicable laws to Process Personal Data on your behalf, we will promptly notify you of this before we carry out the Processing, unless those applicable laws prevent us from doing so;
(b) ensure we have in place appropriate security measures to protect against unauthorised or unlawful Processing of Personal Data;
(c) ensure that everyone who has access to and/or Processes that Personal Data is obliged to keep the Personal Data confidential; and
(d) not transfer any Personal Data outside of the European Economic Area without your consent, except in relation to the ECI Acsellerate software which is placed in our US Datacentre. We will let you know if we change these data subcontractors and you can object to any changes. We will remain fully responsible to you for the acts or omissions of our data subcontractors;
(e) help you, at your cost, in responding to any request from a Data Subject and in ensuring compliance with your obligations under the Data Protection Legislation in relation to security, breach notifications, impact assessments, audits and consultations with supervisory authorities or regulators;
(f) notify you without undue delay on becoming aware of a Personal Data breach;
(g) at your direction, delete or return the Personal Data and any copies we have to you on termination of the licence or services agreement between us, unless we are required by applicable laws to store the Personal Data for longer; and
(h) maintain complete and accurate records and information to demonstrate our compliance with this paragraph 1.1.
1.2 We Process Personal Data for you to provide our software and related services, as set out on our website and in our written agreements with you. We will Process this Personal Data for as long as you use our services. The type of Personal Data we Process will depend on which ECI software you use, and how you use it, but is likely to include customer details, order progress, leads and prospects’ contact details. The types of data points we collect in each circumstance is set out in the documentation accompanying the applicable ECI software package you are using.
1.3 You need to ensure that you have all necessary consents and notices in place to enable the lawful transfer of Personal Data to us, for the duration and purposes of the licence and/or services agreement between us.
P.S. When we refer to “Data Protection Legislation” on this webpage, we mean:
a) unless and until the GDPR is no longer directly applicable in the UK, the General Data Protection Regulation ((EU) 2016/679); and
b) any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 1998.
If we have capitalised something on this webpage – those words have the meaning given to them in the Data Protection Legislation.