Repsly Product Privacy Policy

 

Effective Date: September 24, 2021

Repsly, Inc. (with its affiliates, “Repsly,” “we” or “us“) is committed to protecting the privacy of the users of its online retail execution platform service (the “Service”). This Product Privacy Policy is meant to help you understand what information we collect and process through the Service, how and why are we doing it, and how you can exercise your data protection rights.

What are the purposes of the Collection of information through the Service?

We collect information through the Service only to fulfill our contractual obligations with Customers of the Service. Accordingly, the use of information collected through our Service is limited to the purpose of providing the service for which our Customer has engaged Repsly.

Repsly may process data of a User on behalf of the Controller (defined below) when the Controller has a lawful basis for doing so under applicable law. For purposes of this Privacy Policy, a Controller may mean a Customer or anyone acting on behalf of the Customer (the “Controller”). Customers may only utilize the Service pursuant to an agreement with Repsly and in compliance with applicable law. If you are a User of the Service, please contact the Controller for additional detail.

What information we process, and why?

Through the Service, we provide a real-time insights on retail execution and sales performance, smart merchandising, promotion, and sales execution tools to the Customer.

As an integral part of the agreed service provisioning, Users (typically customers’ employees) manually and automatically fill the information needed for the service provisioning including the following data which can be directly or indirectly connected to a physical person and is processed for the described purposes:

Personal data processed

Purpose of processing

  • Information entered by the service users (users’, customers’ suppliers’ and other contact information, such as: Users Contact Data, Calendar Data, Geolocation Data, Work Activity Data, Photos…
  • information about the service usage collected from the users’ devices (Geolocation data, Logs…)
  • Automatically generated information about the user (User IDs, Activity logs, Service usage tracking information, Message IDs …)
  • WEB application Service provisioning
  • Mobile application Service provisioning
  • Geolocation based services provisioning
  • Mobile App data synchronization
  • Customers’ Data storage service
  • Providing API integration/connectivity service
  • Insights Dashboards provisioning
  • Customer e-mail communication
  • User messaging services
  • Any information manually exchanged with users required for identification, troubleshooting, and providing other support services
  • automatically collected information about service usage (activity logs, service usage tracking information…)
  • Providing customer support

 

How do we protect your information?

We take great care in implementing, enforcing and maintaining the security of our Service, our website and Users’ information. Repsly implements, enforces and maintains security policies to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of Personal Information and to monitor compliance of such policies on an ongoing basis. All information is stored with logical separation from information of other Customers. However, we do not guarantee that unauthorized access will never occur.

We use a combination of processes, technology and physical security controls to help protect Personal Information from unauthorized access, use, or disclosure. Each server is protected by a firewall, exposing it only to the minimum ports necessary. However, no security controls are 100% effective, and we cannot completely ensure or warrant the security of your Personal Information.

Unless otherwise agreed with the Customer and subject to applicable law, Repsly will act in accordance with its policies to promptly notify Customer in the event that any Personal Information processed by Repsly on behalf of a Customer is lost, stolen, or where there has been any unauthorized access to it.

Repsly may use your Personal Information with third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Service. We seek to obtain confidentiality agreements that are consistent with this Privacy Policy and that limit others’ use or disclosure of your Personal Information and Personal Information.

Cross-border data transfers

Service providers are authorized to use your Personal Information only as necessary to provide these services to us. Such service provider may be located in a country that does not have the same data protection laws as your jurisdiction. When Repsly transfers data to a service provider, we seek to transfer data only upon executing an appropriate agreement and/or with service providers that are located in a country recognized by the E.U. Council as providing adequate protection; or (j) pursuant to your explicit approval prior to the disclosure.

For avoidance of doubt, Repsly may transfer Personal Information to its affiliates, which will be obligated with the same restrictions as agreed with the Customer and as specified in this Privacy Policy.

Modification or deletion of Personal Information gathered through the Service

If you want to access, correct, amend, or delete data stored by Repsly, you should direct your query to the Customer (the data controller). We will work with our customers to respond to data subject requests as outlined in our DPA.

If you are seeking to exercise your data subject access rights for the data Repsly processes as a controller, please see this Privacy Policy.

Data retention

Repsly will retain data it processes on behalf of its Customers only for as long as required to provide the Service to its Customers and as necessary to comply with its legal and contractual obligations, resolve disputes and enforce its agreements.

Customer data collected during your use of the Service is retained in accordance with the provisions of the applicable contract (including any data processing addendum).

However, some data will not be deleted and will be kept in an anonymized manner. Some metadata and statistical information concerning the use of the Service are not subject to the deletion procedures in this policy and may be retained by Repsly. Some data may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policies.

Third-Party software and services

We may use third-party software and/or services (“Sub-processors”) in order to collect and/or process the Service’s User’s information. Such Sub-processors are bound contractually to comply with obligations at least as protective of your Personal Information as this Privacy Policy. Repsly remains liable for the compliance of its Sub-Processors with the terms of this Privacy Policy.

Sharing of information gathered through the Service with third parties; California Online Privacy Protection Act Compliance

Repsly may disclose Personal Information collected through the Service to hold and/or manage your Personal Information through Repsly’s authorized affiliates and third party service providers, solely in connection with the Service and subject to confidentiality agreements not less stringent than Repsly’s obligations under this Privacy Policy, and to satisfy any applicable law, regulation, order, legal process, subpoena or governmental request;

Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will never distribute your Personal Information to outside parties without your consent.

Changes to this Privacy Policy

Repsly reserves the right to change this Privacy Policy. Repsly will provide notification of the material changes to this Privacy Policy through the Service.

How to Contact Us 

If you have questions or concerns about this Privacy Policy, or our collection and use of your Personal Data, you are welcome to send us an email or otherwise contact us at the following address and we will make an effort to reply within a reasonable timeframe. You may contact us through our Data Protection Officer, Branimir Karacic, by email at privacy@repsly.com; by telephone at +1-617-356-8125; or by postal mail at 170 Milk Street, 4th Floor, Boston, MA 02109, attention Legal Department. 

E.U. residents have the right to lodge a complaint with a supervisory authority (Data Protection Authority in your jurisdiction) at https://edpb.europa.eu/about-edpb/about-edpb/members_en in case of a breach of any E.U. data protection and privacy regulations. If the supervisory authority fails to deal with a complaint or inform you within the time frame set under applicable law, you have the right to an effective judicial remedy. 

You can contact our EEA representative, HYDRA CONSULTING d.o.o., Prve Poljanice 7, 10040 Zagreb, Croatia at privacy@repsly.com, or our Data Protection Officer .