We recognize that privacy is important. This Cloud Computing Security Policy applies to all of the products, services and websites offered by Cordys Inc. or its subsidiaries or affiliated companies (collectively, "Cordys services").
We take care that you can build, deploy and use Cloud Applications in a secure environment.Cordys adheres to the US Safe Harbor Privacy Principles of Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement, and is registered with the U.S. Department of Commerce’s Safe Harbor Program.
If you have any questions about this Cloud Computing Security Policy, please feel free to
contact us or write to us at
Privacy Matters
c/o Cordys Inc.
1676 Viewpond, Kentwood, MI, 94043
USA
Information we collect and how we use it
- Information you provide -When you sign up for Cordys Process Factory you are required to register. We ask you for personal information (name, phone number, email address and account password). Each subscriber is required to provide credit card payment. We pass the credit card payment information on to a third party secure payment gateway checkout which maintains the information in encrypted form on secure servers. We may combine the information you submit under your account with information from other services and provide it to various departments to provide you with a better experience and to improve the quality of our services.
- Cookies -When you visit us, we send one or more cookies – a small file containing a string of characters – to your computer. We use cookies to store user preferences, maintain login information, administer your account, improve the quality of our service and maintain a log of the people hitting our website.
- Log information -When you access Cordys services, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.
- User communications -When you send email or other communications to us, we may retain those communications in order to process your inquiries, respond to your requests and improve our services.
- Affiliated Cordys Services on other sites -We offer some of our services on or through other Cordys web sites. Personal information that you provide to those sites may be sent in order to deliver the service. We process such information under this Cloud Computing Security Policy.
- Third Party Applications -Cordys may make available third party applications through its services. The information collected by Cordys when you enable third party application is processed under this Cloud Computing Security Policy. Information collected by the third party application is governed by their privacy policies. We provide access to third party applications on our Cloud Marketplace.
- Other sites -This Cloud Computing Security Policy applies to our services only. We do not exercise control over third party applications or sites that can accessed from Cordys sites or links. These other sites may place their own cookies or other files on your computer, collect data or solicit personal information from you.
Cordys only processes personal information for the purposes described in this Cloud Computing Security Policy and/or the supplementary privacy notices for specific services. In addition to the above, such purposes include:
- Auditing, research and analysis in order to maintain, protect and improve our services;
- Ensuring the technical functioning of our network;
- Protecting the rights or property of our users; and
- Developing new services.
Cordys processes personal information on our servers in the United States of America and in other countries. In some cases, we process personal information on a server outside your own country. We may process personal information to provide our own services.
Choices for personal information
When you sign up for a particular service that requires registration, we ask you to provide personal information. If we use this information in a manner different than the purpose for which it was collected, then we will ask for your consent prior to such use.
If we propose to use personal information for any purposes other than those described in this Cloud Computing Security Policy and/or in the specific service privacy notices, we will offer you an effective way to opt out of the use of personal information for those other purposes. We will not collect or use sensitive information for purposes other than those described in this Cloud Computing Security Policy and/or in the supplementary service privacy notices, unless we have obtained your prior consent.
Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some features and services may not function properly if your cookies are disabled.
You can decline to submit personal information to any of our services, in which case Cordys is not able to provide those services to you.
Information sharing
Cordys only shares personal information with other companies or individuals outside of Cordys in the following limited circumstances:
- We have your consent. We require opt-in consent for the sharing of any sensitive personal information.
- We provide such information to our subsidiaries, affiliated companies or other trusted businesses or persons for the purpose of providing our services to you. We require that any third party process such information in compliance with a privacy policy that is at least as restrictive as this Cloud Computing Security Policy, that the third party be registered with the U.S. Department of Commerce’s Safe Harbor Program.
- We believe that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) detect, prevent, or otherwise address fraud, security or technical issues, or (e) protect against harm to the rights, property or safety of Cordys, its users or the public as required or permitted by law.
If Cordys becomes involved in a merger, acquisition, or any form of sale of some or all of its assets, we will ensure the confidentiality of any personal information involved in such transactions and provide notice before personal information is transferred.
We may share with third parties certain pieces of aggregated, non-personal information, such as the number of users who searched for a particular term for reporting purposes. Such information does not identify you individually.
Information security
We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data.
We restrict access to personal information to Cordys employees, contractors and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
Data integrity
Cordys processes personal information only for the purposes for which it was collected and in accordance with this Cloud Computing Security Policy or any applicable service-specific privacy notice. We review our data collection, storage and processing practices to ensure that we only collect, store and process the personal information needed to provide or improve our services or as otherwise permitted under this Cloud Computing Security Policy. We ensure that the personal information we process is accurate, complete, and current, but we depend on our users to update or correct their personal information whenever necessary.
Accessing and updating personal information
Users of Cordys services have password protected access to their personal information so they can correct this data if it is inaccurate. Users must use proper passwords to access, correct or remove the information. We may respond to a request to access, correct or remove such information, but we may decline to process requests that are unreasonably repetitive or systematic, require disproportionate technical effort, jeopardize the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup tapes), or for which access is not otherwise required. In any case where we provide information access and correction, we perform this service free of charge, except if doing so would require a disproportionate effort.
Enforcement
Cordys regularly reviews its compliance with this Cloud Computing Security Policy. Please feel free to direct any questions regarding this Cloud Computing Security Policy. When we receive formal written complaints, it is Cordys’ policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between Cordys and an individual.
Changes to this Cloud Computing Security Policy
This Cloud Computing Security Policy may change from time to time. We will not reduce your rights under this Cloud Computing Security Policy without your explicit consent, and we expect most changes will be minor. Regardless, we will post changes of this Cloud Computing Security Policy on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of changes of this Cloud Computing Security Policy). Each version of this Cloud Computing Security Policy will be identified at the top of the page by its effective date, and we will also keep prior versions of this Cloud Computing Security Policy in an archive for your review.
