Version 2.0.1 (June 8, 2018)
Responsible Data Controller
Grandite, P.O. Box 47133, Quebec (Quebec), Canada G1S 4X1
First things first - your visit on our website!
This website is hosted on a server located in the European Union ("EU") / European Economic Area ("EEA").
While you are browsing our website (including public access to our free products) we only collect access log data about your visit that are necessary for the protection and smooth operation of the website (e.g. timestamp, your browser type, your operating system, your IP address). IP addresses in those log files are anonymized on a daily basis. All the information in log files is not shared with any Third Party and erased after 7 days. While you visit our website we do not collect any other Personal Data, in particular, we do not use any cookies related to the categories Performance, Functionality and Targeting/Advertizing on this website.
Any account names that we may have created to provide you access to reserved areas of our web site (or web servers) are pseudonymized.
This website contains links to the following websites:
If you want to know more how we care for your data privacy in general throughout your interactions with us (i.e. not limited to your visit on this website), you will find some additional information below.
General interactions with Grandite
Personal Data means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Processing (incl. conjugations of the verb "Process") means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of personal data
Processor means a natural or legal person, public authority, agency or other body which Processes Personal Data on behalf of the Controller
Third Party means a natural or legal person, public authority, agency or body other than the Data Subject, Controller, Processor and persons who, under the direct authority of the Controller or Processor, are authorised to Process Personal Data
What Personal Data we collect
We may collect the following Personal Data about you:
- First name, last name, job title and role
- Postal address at work
- Contact information at work including email address
- Other professional information (that is related to you) as it may be necessary to customize our offer of products and services for your organization
- Documents that are related to you through identifying Personal Data (e.g. emails sent from/to your email address, contracts that name you as the technical contact).
- Log data about your visit on our website (see the section First things first - your visit on our website!)
- Voice mails (e.g. you leave us a message via telephone)
We may consult publicly available sources such as your organization's website, business registries or social media sites to verify and complete the above Personal Data.
If you participate in our web sessions (e.g. webinars, software demos), we may Process your voice and/or your image.
You may voluntarily provide us additional Personal Data that is not necessary for the purpose of our business interactions with you (e.g. your work email contains your private cell phone number or your photo). We may store such additional Personal Data as well if they are integral part of a document or a file (e.g. an email) received in context with a business interaction from you. However, we will not otherwise Process such additional Personal Data without your consent.
What we do with the Personal Data we gather
We collect Personal Data for one or several of the following purposes:
Where we Process your Personal Data
- To communicate with you (e.g. to ensure that we have accurate and complete Personal Data about you)
- To respond to your requests
- To get feedback
- To inform you about product releases
- To grant you access to our products
- To provide support and services
- To perform commercial transactions (e.g. sending quotes / invoices)
- To keep you informed and updated on relevant products you may be interested in
- To create statistics from the log data of visits on our web servers (see the section First things first - your visit on our website!)
In general, we Process Personal Data in our offices in Canada or through Processors (e.g. web hosting, SMTP service) located in the EU/EEA.
Where (other) suitable cloud-based services (e.g. for web meetings) may not be available in the EU/EEA, we choose providers who Process Personal Data based on an Adequacy Decision from the European Commission.
How we safeguard your Personal Data
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure we have put in place suitable physical, electronic and organizational procedures to safeguard and secure the Personal Data that we have collected about you.
Access to Personal Data within our business operations is limited to employees, Processors and additional cloud-based services on a "need-to-know" basis.
How long we keep your Personal Data
If your organization has entered a contractual relationship with us regarding any of our products or services, we keep your Personal Data as long as your organization assigns a role to you within that contractual relationship.
After a period of 24 months without a contractual relationship between your organization and us regarding any of our products or services, we will remove all Personal Data, that we may have collected about you during this period, from our systems.
We may have statutory obligations to keep your Personal Data for an extended period of time (e.g. invoices for financial auditing purposes (usually 6 years)).
Log data of visits on our web servers are kept for 7 days (see the section First things first - your visit on our website!).
Who we share your Personal Data with
As laid out in preceding sections (particularly in Where we Process your Personal Data), Processors and additional cloud-based-service providers Process Personal Data under certain safeguards.
We will not share your Personal Data with and not sell and not otherwise disclose your Personal Data to any other Third Party without your prior consent unless we are required by law to do so.
How you can control your Personal Data
You have the right:
To have access to your Personal Data
You may request a copy of the Personal Data which we hold about you. We will contact you to verify your identity, and if we hold Personal Data about you, we will provide you a detailed copy and tell you why we are holding those Personal Data.
To rectify your Personal Data
You may want us to correct or complete the Personal Data we hold about you. We will take the necessary measures without any undue delay.
To withdraw your consent for the Processing of Personal Data
Where the purpose of Processing your Personal Data is based on consent, you may withdraw your consent to Process your Personal Data for that purpose at any time with future effect.
To object to the Processing of your Personal Data
If you want us to not use your personal information for direct marketing purposes in the future, you may opt-out at any time by clicking on the "unsubscribe" link at the bottom of a marketing email that you may have received from us.
If you believe that we might have any information from or about an individual under 16 years of age (hereinafter: "minor age") without their legal representative's consent, we will appreciate if you contact us. (Please note: We do not knowingly collect, store or otherwise Process Personal Data provided by or about anyone of minor age without their legal representative's consent.) If we learn that we have collected Personal Data from or about an individual of minor age without their legal representative's consent, we will delete those Personal Data without any undue delay.
To have erased your Personal Data
If you want us to remove your Personal Data completely from our systems and if we do not have any statutory obligation to keep your Personal Data any longer, we will follow your request without any undue delay, but may keep a record about the related communication with you.
To restriction of Processing your Personal Data
Executing your rights to have rectified or erased your Personal Data or to object to the Processing of your Personal Data may require some clarification between you and us. For the time of clarification you can request that we restrict the Processing of the Personal Data in question.
To portability of your Personal Data
If you want us to produce a copy of the Personal Data that we sourced from you, we will follow your request without any undue delay and deliver those Personal Data in spreadsheet format, at your preference, to you or another Controller of your choice.
To file a complaint (if you reside within the EU/EEA)
If you believe that our Processing of Personal Data infringes the GDPR, you can file a complaint with the supervisory authority in an EU/EEA member state.
How you can address any questions or concerns