WHAT DOES GDPR ENTAIL?
The General Data Protection Regulation (GDPR) is a European Union (EU) law that safeguards data protection and privacy rights for individuals within the EU. Effective since May 25, 2018, it mandates compliance for all organizations conducting business with EU Data Subjects.
WHAT SPECIFIC EMPLOYEE INFORMATION IS STORED IN PRECISELY SOFTWARE?
Our software stores the following information related to a customer’s employees: their corporate email addresses, names, departments, and employee phone numbers. It is important to note that corporate email addresses are necessary for user account credentials in Connect, making them a required element for utilizing our products.
For customers who have recently purchased and solely utilize Precisely Automate Studio with Connect, Connect requires certain employee information for licensing and product management purposes. However, for customers who use Automate Evolve or Automate Studio Manager and synchronize usage log data into Connect, this data is not associated with personally identifiable employees.
HOW CAN CUSTOMERS MANAGE THEIR PERSONAL INFORMATION IN THEIR PRODUCT?
To manage personal information in Precisely products, it is advised that the customer’s product administrators delete employee accounts when they are no longer needed. This ensures the removal of personal information from Precisely products.
If the customer exclusively uses Precisely Automate Studio with Connect, they can reach out to Precisely customer support and request the activation of the “Secure Anonymous” data privacy mode in Precisely Connect. This mode displays user information as “Private Users” and anonymizes employee identifier data for enhanced privacy. However, it’s important to note that selecting the Secure Anonymous privacy mode may render the data unusable for user reports, so it is recommended only if usage reports are not required. If a customer no longer wishes to use Automate Studio with Connect and wants their employees’ personal data anonymized, it is their responsibility to contact Precisely Customer Support to facilitate the anonymization process.
WHAT HAPPENS TO THE EMPLOYEE DATA STORED IN CONNECT WHEN A PRECISELY CUSTOMER PROVIDES WRITTEN NOTICE OF TERMINATION OF THEIR AGREEMENT TO USE PRECISELY AUTOMATE PRODUCTS?
Precisely will anonymize their employee’s personal information from Connect such that it is can be considered destroyed within 60 days of written notice by the customer of their Automate Studio product usage termination. Precisely retains the right to store anonymized transactional data for product usage analysis reporting purposes. Customers can notify Precisely customer support with such a written notification.
WHAT HAPPENS TO THE EMPLOYEE DATA STORED IN CONNECT IF A PRECISELY CUSTOMER REDUCES THE NUMBER OF ACTIVE LICENSES THAT THEY HAVE CONTRACTED PRECISELY FOR?
The customer will need to assign or re-assign employees to the reduced number of licenses that the purchased. Any employee’s transactional data that was previously associated with a license will be automatically anonymized such that the employee’s personal information is removed from Connect and the license will be freed up for assignment to another employee.
WHAT HAPPENS TO THE CONNECT DATA WHEN A PRECISELY CUSTOMER DOESN’T RENEW THEIR PRECISELY CUSTOMER SUPPORT MAINTENANCE AGREEMENT AND ITS EMPLOYEES WITH PERPETUAL LICENSES CONTINUE TO USE AUTOMATE STUDIO WITH CONNECT?
For customers who have European Union employees who have licensed access to Precisely Automate Studio, then the GDPR still applies to the licensing information stored by Precisely’s cloud based Precisely Connect service homed in the USA. However, for perpetual licensed Automate Studio users to still work with Precisely Connect, the licensed employee information must be retained until either the licensed is transferred to another user or the customer provides written notice of termination of their Automate Studio product usage agreement with Precisely. If customers want to maintain access to view their usage or dashboard reports, they are required to maintain their support agreement with Precisely.
WHAT IS PRECISELY’S RESPONSIBILITY FOR GDPR COMPLIANCE IF THE CUSTOMER HAS PURCHASED PRECISELY SAAS EVOLVE OR AUTOMATE STUDIO MANAGER?
Precisely is responsible for the maintenance of Evolve and the customer is still fully responsible for GDPR compliance by securing and hardening their server and network environments to protect against any data breaches.