ECI Canada’s Data Protection Commitments to You
1. ECI Canada’s Data Protection Commitments to You
1.1 We will, in relation to any personal data processed by us on your behalf:
(a) process that personal data only on your instructions or as otherwise agreed in writing with you, unless we are required by applicable laws to process that personal data. When we rely on applicable laws to process personal data on your behalf, we will promptly notify you of this before we carry out the processing, unless those applicable laws prevent us from doing so;
(b) ensure we have in place appropriate security measures to protect against unauthorised or unlawful processing of personal data;
(c) ensure that everyone who has access to and/or processes that personal data is obliged to keep the personal data confidential; and
(d) not transfer any personal data without your consent, except in relation to the ECI Lasso CRM software which is placed in amazon Web Services. We will remain fully responsible to you for the acts or omissions of our data subcontractors;
(e) help you, at your cost, in responding to any request from a data subject and in ensuring compliance with your obligations under the Data Protection Laws in relation to security, breach notifications, impact assessments, audits and consultations with supervisory authorities or regulators;
(f) notify you without undue delay on becoming aware of a personal data breach;
(g) at your direction, delete or return the personal data and any copies we have to you on termination of the licence or services agreement between us, unless we are required by applicable laws to store the personal data for longer; and
(h) maintain complete and accurate records and information to demonstrate our compliance with this paragraph 1.1.
1.2 We process personal data for you to provide our software and related services, as set out on our website and in our written agreements with you. We will process this personal data for as long as you use our services. The type of personal data we process will depend on which eci software you use, and how you use it, but is likely to include customer details, order progress, leads and prospects’ contact details. The types of data points we collect in each circumstance is set out in the documentation accompanying the applicable ECI software package you are using.
1.3 You need to ensure that you have all necessary consents and notices in place to enable the lawful transfer of personal data to us, for the duration and purposes of the licence and/or services agreement between us.
When we refer to “Data Protection Laws” on this webpage, we mean:
a) PIPEDA: Personal Information Protection and Electronic Documents (Canadian Privacy Legislation)
b) the General Data Protection Regulation:
c) the California Consumer Privacy Act
d) any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in North America, the UK, and other jurisdictions where ECI conducts business and then any successor legislation to such laws, rules or regulations.
Defined terminology may vary across applicable Data Protection Laws.