“Customer” means a customer of Miradore.
“Customer Data” means Personal Data about, Users, End Users, reports, Managed Devices, and all data associated manually or automatically to Managed Devices in electronic form that a User of the Service stores within the Service.
“End User” means an individual person whose Managed Device is added to the Service and being managed by the User or Customer using the Service.
“Managed Device” means a device, such as a computer, mobile, or tablet, which is added to the Service and being managed by the User or Customer using the Service.
“Personal Data” means information that identifies or is identifiable to an individual or that is linked to information that identifies or makes a specific individual identifiable.
“Public Area” means the area of the Site that can be accessed both by Users and Visitors, without needing to use a login ID and a password.
“Restricted Area” means the area of the Site that can be accessed only by Users, and where access requires the use of a login ID and a password.
“Supplier” means Miradore Oy and its affiliate or subsidiary companies.
“User” means an employee, agent, or representative of a Customer, who primarily uses the Restricted Areas of the Site for the purpose of accessing the Service in such a capacity.
“Visitor” means an individual other than a User, who uses the Public Area, but has no access to the Restricted Areas of the Site or Service.
4. How to contact us
Attn: Privacy Officer / Lasse Vento
P.O. Box 129
5. Information we collect
c. Information Collected from your use of the Service. We may receive information about how and when you use the Service, store it in log files or other types of files associated with your account, and link it to other information we collect about you. This information may include, for example, your IP address, time, date, browser used, and actions you have taken within the application. This type of information helps us to improve our Service for both you and for all of our users.
e. Analytics. We may use Google Analytics or other website analytics providers to measure and evaluate access to and traffic on the Public Area of the Site, and create user navigation reports for our Site administrators.
6. Information Collected for and by our Users
a. Information Collected by the Customer. A Customer or User may store or upload Customer Data into the Service. Miradore has no direct relationship with the End Users whose Personal Data it hosts as part of the Customer Data.
b. Information Collected from the Managed Device. Customer Data is automatically collected from the Managed Device and its End User when the Managed Device is added to the Service. This information varies by operating system and may include specific information of the device hardware and its configuration, installed software including usage statistics, and location information.
c. Controller of Customer Data. A Customer is the controller of the Customer Data and shall acquire all permits, consents, and authorizations necessary for processing the Customer Data in the Services; and provide necessary information to the data subjects, and notifications to the relevant authorities.
d. Processor of Customer Data. Miradore is the Processor of the Customer Data and shall process the Customer Data only on behalf of the Customer and in compliance with the Terms of Service.
7. How We Use the Information We Collect
The legal basis for Miradore’s processing of personal data is primarily the provision of the Service. We may also process data upon your consent, asking for it as appropriate.
In providing the Service and operating our business, we use the information that we collect in a variety of ways, including the following:
a. Operations. We use the information, other than Personal Data that is processed on behalf of a customer, to operate, maintain, enhance and provide all features of the Service; to provide the services and information that you request; to respond to comments and questions; and to provide support to users of the Service. We may contact you to complete surveys that we use for quality assurance purposes. We process Customer Data solely in accordance with the directions provided by the applicable Customer or User.
b. Improvements. We use the information, other than Customer Data, to understand and analyze the usage trends and preferences of our Visitors and Users; to improve the Service; and to develop new products, services, features, and functionality. Miradore is entitled to use anonymous, aggregated or statistical information not identifying the Customer or End Users that is derived from the Services to provide services to its other customers and to improve and develop its Services.
c. Communications. We may use a Visitor’s or User’s email address or other information, other than Customer Data, to contact that Visitor or User (i) for administrative purposes, such as customer service; to address intellectual property infringement, right of privacy violations or defamation issues related to the Customer Data or Personal Data posted on the Service; or (ii) with updates on promotions and events, relating to products and services offered by us and by third parties with whom we work. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email.
8. How We Disclose Information
We take your privacy extremely seriously, and we never sell Customer Data or Personal Data.
We may disclose your information, including Personal Data, as described to you at the time of collection or disclosure or as follows:
a. Service Providers. We may disclose your information, including Personal Data, to our vendors, service providers, agents, or others who perform functions on our behalf. For example, we may disclose your information to third-party service providers to process payments on our behalf.
b. Business Transfers. We may disclose your information, including Personal Data, to another entity in connection with negotiations of, an acquisition or merger, sale or transfer of a business unit or assets, bankruptcy proceeding, or as part of any other similar business transfer.
d. Legal Compliance. We may disclose your information, including Personal Data, to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding. We may also disclose your information and Personal Data in response to a subpoena, warrant, court order, or other legal process or as part of an investigation or request, whether formal or informal, from law enforcement or a government official.
e. Aggregate or Anonymous Information. We may disclose aggregate, anonymous information about you for marketing, advertising, research, compliance, or other purposes.
9. Your Choices
a. Data Requests, Correction and Removal. As a data subject you have the right to receive a copy, access or correct any Personal Data we hold about you, or to request that we delete any information about you, by contacting us as set forth in the “How to Contact Us” section. Your request will be dealt with as soon as possible.
b. Right to Object and Complain. As a data subject, you have a right, according to the EU’s General Data Protection Regulation, to object to or request the restriction of the processing and lodge a complaint with a supervisory authority responsible for processing personal data.
c. Opting out from Commercial Communications. If you receive commercial emails from us, you may unsubscribe at any time by following the instructions contained within the email or by sending an email to the address provided in the “How to Contact Us” section.
10. Third Party Services
The Service may contain features or links to websites and services provided by third parties. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through the Service. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through the Service. We encourage you to learn about third parties’ privacy and security policies before providing them with information.
11. Data Security
Miradore follows generally accepted industry standards to protect the information and personal submitted to us, both during the transmission and once we receive it. Miradore ensures that its employees and other persons authorized to process the Customer Data have committed to confidentiality. We maintain appropriate administrative, technical and physical safeguards to protect Personal Data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Data in our possession. This includes, for example, firewalls, password protection and other access and authentication controls. We use TLS technology to encrypt data during transmission through the public Internet, and we also employ application-layer security features to further anonymize Personal Data.
Our credit card processing vendor uses security measures to protect your information both during the transaction and after it is complete. Our vendor is certified as compliant with card association security initiatives. Nevertheless, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information or Personal Data you transmit to us, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your Personal Data has been compromised, please contact us as set forth in the “How to Contact Us” section.
12. We Operate in the EU
Our servers are located in the European Union. All Customer Data (including Personal data) stored by Miradore is stored and processed in the EU. We may use Subprocessors, as later defined in this policy, that may process some Customer Data (eg. Contact details in customer relationship management applications or customer support information in ticketing systems) in other locations than EU.
13. Use of Subprocessors
A Subprocessor is a third-party data processor engaged by Miradore who has or potentially will have access to Customer Data. By agreeing to these Terms, the Customer grants the Supplier a general authorization in the meaning of Article 28 (2) of Regulation (EU) 2016/679 to engage Subprocessors for the purposes of providing the Services. The following is an up-to-date list (as of the date of this policy) of the names and locations of Miradore Subprocessors:
|Entity Name||Purpose||Applicable Services||Entity Country|
|Microsoft Cloud Germany||Microsoft Cloud Germany provides hosting of Miradore’s production systems.||Miradore cloud Services||Germany|
|Pipedrive||Pipedrive provides a customer relationship management application.||All||Germany / USA|
|Zendesk||Zendesk provides a customer service and ticketing system.||All||Ireland / USA|
|Google Analytics||Google Analytics is a web analytics service run by Google that tracks and reports website traffic.||All||Around the world|
|Hotjar||Hotjar provides user experience and website performance data.||All||EU / EEA|
|MailChimp||MailChimp provides marketing automation tools.||All||USA|
|GoToWebinar||GoToWebinar is a platform for creating and delivering online and video conferences (webinars).||All||Around the world
Miradore’s use of Subprocessors will be under written contract and Miradore will require the Subprocessor to comply with the data protection obligations applicable to Miradore under this Agreement or obligations which provide for the same level of data protection. All the subprocessors are in compliance with the EU-U.S. Privacy Shield Framework. Miradore will be liable for its Subprocessor’s actions as for its own.
Miradore will inform Customer in advance of any intended changes concerning the addition or replacement of Subprocessors.
14. When does Miradore Send Notices to You?
a. Breach of Security
In case of a Personal Data breach, Miradore will notify you without undue delay after receiving information of the breach or after a subcontractor of Miradore has received information of the breach, as required by law and the Terms of Service. If the security breach materially affects You, then Miradore will notify you as soon as possible and later report the action we took in response.
b. Other notices
To the extent not prohibited by law, Miradore shall without undue delay notify the Customer in writing of any:
- Communication received from a data subject relating to (i) the End Users´ rights to access, modify, correct, delete, or block his or her personal data, and (ii) any complaint about the Customer’s processing of his/her personal data;
- Judicial or administrative order or proceeding by data protection authorities or other authorities seeking access to, or disclosure of, Customer Data;
- Complaint, notice or other communication that relates to the Customer’s compliance with data protection and privacy law and the Processing of Customer Data.
15. Data Retention
We only retain the Personal Data collected from a User for as long as the User’s account is active or otherwise for a limited period of time as long as we need it to fulfill the purposes for which we have initially collected it, unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our Terms of Service, and comply with technical and legal requirements and constraints related to the security, integrity and operation of the Services.
Updated June 20th, 2018.