This Privacy Policy covers the privacy practices CPA Global employs when CPA Global’s customers (“Customers”) use IdeaScout, our Cloud-Based Enterprise Software (hereafter referenced as the “Service”). This Privacy Policy describes how we obtain, use, share and safeguard the personal information of users of our Software as well as any personal information CPA Global may be provided access to during the course of the Service.
This Privacy Notice sets out the basis on which your personal data will be processed by CPA Global, the data processor of your personal data under the compliance requirements of the Jersey Data Protection Laws (the “Act”). Please also note that this Privacy Notice complies with the provisions of all applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679. Please read the following carefully to understand our views and practices regarding your personal data and how it will be treated by us.
In the normal course of using the Service, Customers will input electronic data into the CPA Global’s systems (“Customer Data”). The use of information collected through our service shall be limited to the purpose of providing the Service for which the Customer has engaged CPA Global. CPA Global may access Customer Data for the purposes of providing the Service preventing or addressing service or technical problems, responding to support issues, responding to Customer’s instructions or as may be required by law, in accordance with the relevant agreement between Customer and CPA Global.
CPA Global processes Customer Data under the direction of its Customers, and has no direct control or ownership of the personal data it processes. Customers are responsible for complying with any regulations or laws that require providing notice, disclosure and/or obtaining consent prior to transferring the data to CPA Global for processing purposes.
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his or her query to CPA Global’s Customer (the data controller). If the Customer requests CPA Global to remove the personal data to comply with data protection regulations, CPA Global will respond to their request within 30 business days.
CPA Global will refer any request for disclosure of personal data by a law enforcement authority to the Customer. CPA Global may, where it concludes that it is legally obligated to do so, disclose personal data to law enforcement or other government authorities. CPA Global will notify Customer of such request unless prohibited by law.
Access management processes are defined and tailored for each Customer at the Service on boarding in line with the Customer’s preferences and access management controls. Customers are responsible for ensuring access to Service is provided only to their authorised users and managed accordingly. Customers input information for processing and storage as they use the Service and may also configure it to allow end users to input information directly into the Service.
When you use IdeaScout, you are not anonymous. Your name will be visible to other users within your corporate group and you in turn will be able to view other users who are part of your organisation.
The personal information we process ensures you can use our Services. Your information is retained for as long as it is needed to fulfil the purposes mentioned above and helps us to constantly improve our services and provide you with an efficient experience. As part of this objective, we will use your information for the following purposes:
Unless otherwise specified, we retain information as long as it is necessary and relevant for us to achieve the purposes referred to above or to enable us to comply with our legal data protection retention obligations. You consent to our retention of your data for as long as permissible under applicable law – up to one year after you close your account or otherwise withdraw consent
CPA Global retains Customer Data according to the timeframes set forth in the relevant agreement with its Customers.
The security of Customer Data, including personal data, is very important to CPA Global. CPA Global maintains a comprehensive, written information security program that contains industry standard, administrative, technical, and physical safeguards designed to prevent unauthorized access to Customer Data. Where possible, CPA Global designs its applications to allow Customers to achieve differentiated configurations, enforce user access controls, and manage data categories that may be populated and/or made accessible on a country-by-country basis.
CPA Global complies with both the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States, respectively. CPA Global has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov, and view our EU-U.S. & Swiss-U.S. Privacy Shield Notice.
We reserve the right to change or update this Privacy Policy at any time. Changes to the Privacy Policy will be posted on this website and links to the Privacy Policy will indicate that the policy has been changed or updated. We encourage you to periodically review this Privacy Policy for any changes. For new Customers, changes or updates are effective upon posting. For existing Customers, changes or updates are effective 30 days after posting.
CPA Global’s nominated representative responsible for overseeing the implementation of the privacy program in the organization is: Ms Lucy Archer, Chief Privacy Officer, email address: larcher@cpaglobal.com