Privacy Policy & Cookies
At Octopus System, we respect your privacy and are committed to protecting your personal information. Octopus System has established this Privacy Policy to inform individuals how Octopus System handles the collection, use, disclosure and storage of personal information.
Personal Information
“Personal information” is generally considered to be any information about an identified individual or that can be used (directly or indirectly) to identify an individual. For example, an individual’s name, e-mail address, phone number, online identifier, IP address or photo. Information that has been anonymized, and from which no individual can be identified either directly or in combination with other data, is not personal information.
How this Privacy Policy Applies
This Privacy Policy applies to the personal information Octopus System collects from individuals (“you”), including those who browse or use our websites and the web-based resources we make available through them, such as our resource center, online training, community and tools & templates. This Privacy Policy does not apply to:
- Customer Data. Personal information collected and used by our customers in the operation of Octopus System products and services is not covered by this Privacy Policy. Customers own and control their customer data. Please contact your customer’s administrator for any privacy questions about customer data used in connection with Octopus System products and services.
- Third Party Services. Business activities of third parties are not covered by this Privacy Policy. This includes our channel partners and resellers, and any websites, applications, products or services that are operated by companies other than Octopus System and which may be accessed from our websites (such as YouTube, Twitter, Facebook, Instagram or Google…etc). Please consult the Privacy Policies of those third parties for information about their privacy practices.
Personal Information We Collect
Octopus System collects personal information that you provide to us directly, that we collect automatically when you access and use Octopus System websites and products, and that is provided to us by third parties or through publicly available sources.
Personal information you provide to us directly:
- Contact Information. We collect contact information, such as your name, email address, company or organization, job level and function, industry, telephone number and/or country when you fill out online forms, register online, set-up a user account or make a support enquiry.
- Billing Information. If you make a purchase, such as an online training course or attendance at an event, we will collect your billing address and payment preferences. If you choose to pay by credit card, your credit card details (number, expiration date, card verification value (cvv)) will be provided directly to our payment processor. We do not keep or store credit card information.
- Career Information. We will collect your resume and work eligibility if you submit a job application or sign-up for job alerts through the Careers section of our web sites. You may, optionally, provide us with your social profiles (such as Facebook and LinkedIn) and any other information you choose to provide with your application.
- Other Information. We collect other information that you provide to us at your option, such as survey responses, contest submissions, user profile information (which may include a photo) or special notes you have asked us to include with your account information.
Personal information collected when you access and use Octopus System websites or products:
- Log and Device Information. Octopus System collects information about how you access our websites and products in order to optimize them for the types of connections, browsers and devices being used. We collect your browser type and settings, language preferences, access times, Internet Service Provider and IP address. Your IP address is a unique 32-bit numeric address that distinguishes your computer from another computer. If you access Octopus System websites or products through your mobile device, we collect the type, brand and model of device, the operating system and version, unique device identifiers, mobile network information or platform information (to the extent permitted) and device settings, such as screen resolution, browser or mobile input selector (i.e., touchscreen, mouse, click-wheel).
- Product Usage Information. Octopus System collects aggregated data about use of the Octopus System products, including applications and features used, number and size of attached files, number and types of devices used to access Octopus System products, and content accessed and used. Usage information does not contain any customer data.
- Cookies and Tracking Information. Cookies are small data files that are stored on your computer or device by a website. Octopus System and our analytics partners use cookies and other tracking technologies (i.e., web beacons, device identifiers and pixels) to learn about use of our websites, to determine if emails have been opened, and to allow you to access and use the Octopus System websites or products without re-entering your username and password. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. Your browser also provides you the option to delete the cookies from your computer or device at any time. For more information about cookies, see our Cookie Policy.
Personal information provided by third parties or publicly available sources:
- Octopus System Channel Partners and Resellers. We collect information you or your organization provide to Octopus System channel partners or resellers in order to fulfill your organization’s order for Octopus System products and services.
- Data Providers. From time to time, we may collect business contact information and contact lists from third party data providers, provided they have demonstrated compliance with applicable privacy and data protection laws.
- Social Media. We may collect contact information you provide to third party social media services and make publicly available (such as LinkedIn).
How We Use Personal Information
Octopus System uses the personal information we collect for the following purposes:
- Fulfill Your Requests. We use your personal information to fulfill your requests to download materials, such as ebooks, webinars, analyst reports or product details; to register for a webinar, event or course; to obtain further information about our products; to access products and services you are authorized to use; to receive job alerts; and to process your purchase and payment.
- Sales and Marketing. We use your personal information to provide you with information about our products and services that may be of interest to you, such as new features, newsletters, offers, promotions, contests, and events; to host and carry out events and contests; to improve our websites and web-based services to meet visitor and user needs; and to seek information about your use of our products and services to better understand your needs and as input to future product development or marketing activities.
- Products and Services. We use personal information to set up individual user accounts for our customers and verify users’ identity for access to Octopus System products and related resources, such as technical support, online training, tools and templates; to communicate with our customers about their product subscription through emails and in-app notifications to their individual users, including notices regarding scheduled maintenance, updates, security alerts, support and administrative messages and issues concerning use of our products and services; to make it easier to use our websites or web-based services (for instance, by collecting cookies of your email address and password so that you will not need to re-enter your password to log on); and to carry out research and development in order to improve our products and services.
- Job Applications. We use your personal information to process job applications made through the Careers section of our web site.
-
Community Forums. We use your personal information to give you access to our community forums and allow you to create your own user profile. Please be aware that:
- Your name, title, organization and “about me” information are publicly displayed in the community forums and user groups.
- Your profile photo will not be publicly displayed unless you choose to show your photo on publicly accessible pages by checking a box for this.
- Your profile is searchable by other community users and the public, even if they are not part of your organization.
- Content that you share or post may be seen by other users of the community or the public.
We will also use personal information for other purposes of which we have notified you, or as legally required.
Legal Basis (GDPR)
For personal information that is subject to the General Data Protection Regulation (GDPR), the lawful basis for collecting and using your personal information is consent, where you have given consent, or our legitimate interests (which are not overridden by your data protection interests), such as operating our business, understanding and improving our products, direct marketing related to our products and services, hosting events, communicating with our customers and their users about our products, services, events or related resources, improving our websites and protecting our legal rights and interests.
Where consent is the legal basis, you may withdraw that consent at any time. Where we are using your personal information for our legitimate interests, you have the right to object to that use. See below under Your Rights for how to withdraw consent or object. If you have any questions about the lawful basis upon which we collect and use your personal data, please Contact us as noted below.
Sharing Your Personal Information
Octopus System does not sell or distribute personal information to third parties. Octopus System will only share your personal information as provided below.
- Vendors and Service Providers. Octopus System may share your personal information with third party vendors and service providers who provide products and services that we use to operate our business and carry out the purposes listed above. These include customer relationship management systems, contract signing applications, in-app notifications, website hosting, website analysis, marketing campaigns, email services, event registration, billing and payment processing, cloud-hosted document storage, job applications and alerts, surveys and contests, and other contractors or consultants that work on our behalf. Before sharing your personal information, we ensure that the third parties receiving the personal information have provided appropriate safeguards, and that your privacy rights are protected and preserved.
- Corporate Transactions. Octopus System may share your personal information in connection with, or during negotiations of, any merger, amalgamation, sale of company assets, financing, purchase or acquisition, subject to a commercially reasonable confidentiality or non-disclosure agreement.
- Compliance with Laws. Octopus System may disclose your personal information to a third party if we are required to do so in order to comply with applicable laws, government request, a court order or other quasi-government request to assist with an investigation. We may also be required to disclose your personal information to enforce our legal rights, to enforce security requirements, or to respond to an emergency which we believe, in good faith, requires us to disclose your personal information. In such instances, if permissible, we will make every reasonable effort to give you as much notice as possible regarding the disclosure of your personal information, what information was disclosed and why.
Storage and Retention
We retain personal information only for as long as necessary to achieve our stated purposes, or as required by applicable law. After such time, we will delete, archive or anonymize your personal information. We will store your personal information securely until it is deleted. Specifically:
- User Account Information is kept for as long as your user account is active and for a reasonable period after it has been deactivated in the event you or your organization wish to re-activate your user account. User account information may also be retained as necessary to comply with our legal obligations, resolve disputes or maintain our relationship with your customer organization. Credit card information is never kept or stored by us.
- Career Information is kept until your job application has been reviewed and may be kept on file as required by law and for future consideration as new job opportunities arise.
- Log and Device Information regarding your use of our websites or products will be kept for up to three (3) years.
- Marketing Contact Information will be kept after your initial consent until you delete your information or request that we do so. You may opt-out or unsubscribe from our mailing lists and marketing messages at any time by updating your email preferences in your account settings. You may also opt out or unsubscribe from future email communications from a link within each email we send to you.
You may delete your personal information, or request that we do so, at any time. See below under Your Rights for further information on how to do this.
Security and Shared Responsibility
Octopus System takes reasonable steps to ensure the security of your personal information against loss, misuse and unauthorized disclosure. We have implemented policies, standardized procedures, training, and physical and logical access controls. Our websites and sub-domains are protected by an SSL (Secured Sockets Layers) certificate to ensure all information is transmitted over a secured connection between your browser and our web server. We use PCI compliant third-party payment processors to process credit card transactions in a secure manner.
While we follow, and often exceed, industry standards to protect your information, no electronic communication is ever completely secure. You share responsibility for protection of your personal information by keeping your username and password confidential and by changing passwords regularly. Octopus System will notify affected parties of any security incident involving personal information in accordance with Octopus System’s Security Incident Response Plan and applicable legal and regulatory requirements.
International Transfers
Personal information may be transferred to and processed in Canada and the United States.
Before transferring your personal information, we ensure that appropriate safeguards are in place and that your privacy rights are protected and preserved. Such safeguards may include the existence of an EU adequacy decision, certification and adherence to EU-US Privacy Shield and Swiss-US Privacy Shield Frameworks, the Standard Contractual Clauses approved by the European Commission, binding corporate rules, or other legal mechanisms to safeguard the personal information being transferred.
Information about the Privacy Shield Frameworks can be found at www.privacyshield.gov
Your Rights
You have certain rights in respect of your personal information. These rights are set out below.
- Correction and Deletion. Octopus System will make reasonable efforts to ensure that the personal information we collect from you is accurate and complete. You may update, correct or delete your personal information at any time by logging into your user account and modifying your personal information, including your preferences to receive messages from us. You may also update, correct or delete information. To exercise your rights with respect to personal information held by Octopus System, please write to us at info@octopus-booking.com. If you wish to deactivate your product user account, please contact your organization’s administrator.
- Withdrawing Consent. Where we have relied on your consent to use your personal information, you have the right to withdraw that consent at any time by contacting us as noted below. In addition, all our marketing email messages contain the ability to automatically “opt-out” or unsubscribe from our mailing lists and marketing messages. You may also elect not to receive communication from us by updating your preferences in your account settings or sending an email to info@weOctopus System.com to request that we remove your email, address and name from our mailing lists. We will continue to send you messages of a non-promotional nature related to your organization’s product subscription or your user account, such as security alerts, maintenance notices, updates, renewal or suspension notices, or notifications to comply with legal requirements or applicable law.
- Access and Portability. You have the right to request a record of the personal information that we have collected about you. In addition, you have the right to request that we provide that information in a structured, commonly used electronic format for transmission to another company (where applicable and technically feasible). There may be some cases where we cannot provide you with certain information about you if it would mean disclosure of personal information of another person or other confidential information, or if it would compromise our security systems. If you require access to your personal information, please Contact Us. We will respond to you within thirty (30) days of receiving your request. We may charge a fee where permitted by applicable law.
- Restriction and Objection. In certain limited circumstances, individuals in the EU may request that we restrict our use of their personal information and, where we rely on legitimate interests as the legal basis for using your personal information, you have the right to object to such use. In these cases, we can be required to no longer use your personal information; however, this may mean that certain products, services or information cannot be made available to you. If you wish to exercise your right to restrict or object, please Contact Us.
- Complaints. You have the right to lodge a complaint with a supervisory authority (i.e., the independent public authority responsible for monitoring data protection laws in your country).
Contact Us
If you have any questions or concerns about our Privacy Policy and privacy practices, you may contact us at:
SIA OCTOPUS SYSTEMS
LATVIA - RIGA
STABU IELA 26 - 2A , LV 1011
Attention: Privacy Officer
Email: info@octopus-system.com
This Privacy Policy was updated Mar 01, 2021.
Octopus System Cookie Policy
What Are Cookies?
Cookies are small data files that are downloaded to your computer or device by a website. They are commonly used by professional websites to track overall website usage, determine your browsing preferences and improve and customize your user experience.
Cookies may be session-based or persistent. Session-based cookies exist only during one session and disappear from your computer or device when you close your browser or turn off your computer or device. Persistent cookies remain on your computer or device for a certain period after you close your browser or turn off your computer or device. Most persistent cookies expire within 6 months to 2 years.
Cookies We Use and Why We Use Them
When you visit Octopus System websites or access our online services, we, or an authorized third party, may place a cookie on your browser which collects information about your online activities over time and across different websites. The types of cookies we use and why we use them is described below. Please note that cookies are dynamic and change frequently and, therefore, the exact cookies in use at any given time may vary slightly from those listed in the tables below; however, the purpose of the cookies remains the same.
Strictly Necessary Cookies
These cookies are necessary for Octopus System websites to function and cannot be switched off in our systems. We use these cookies to allow you to login to secure areas of our websites and use our services. Once logged in, we may place a cookie on your browser to identify you in order to process your requests and expire your session after a period of inactivity. These cookies are also used to test whether or not your browser has cookies enabled, and to apply security settings when you access our websites.
Functional Cookies
These cookies enable Octopus System websites to provide enhanced functions, such as online chat, access to third party services (for ex: YouTube) and measuring the effectiveness of our email campaigns. They may be set by Octopus System or by the third parties whose services we have added to our pages. If you do not allow these cookies some services may not function properly. These cookies do not directly store personal information, but are based on uniquely identifying your browser and internet device.
Performance Cookies
These cookies count website visits and track pages visited and traffic sources. We use these cookies to measure and improve the performance of Octopus System websites and understand which web pages are popular. If you do not allow these cookies, we will be less able to optimize our websites performance. All information these cookies collect is aggregated and anonymous.
Targeting Cookies
These cookies are used by third party companies to build a profile of your interests and show you relevant advertisements on other sites. Targeted ads may be displayed to you based on your visits to our websites. If you do not allow these cookies, you will experience less targeted advertising. These cookies do not directly store personal information, but can uniquely identify information such as your browser and device.
How to Change Your Cookies Settings
Most web browsers allow some control over cookies through the browser settings. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from websites you visit. Your browser also provides you the option to delete the cookies from your computer or device at any time. Please be aware that if cookies are disabled, not all features of the websites or services may operate as intended.
Octopus System and EU Privacy Shield
This document is intended for informational purposes and is not intended to provide legal advice. Octopus System encourages Customers to obtain independent legal advice with respect to compliance obligations specific to the Customer.
Octopus System is committed to maintaining the security of Customer Data and ensuring its compliance with GDPR. In light of the recent decision passed down by the European Court of Justice that invalidated the EU Privacy Shield, we understand that some Customers may have questions about how this affects their relationship with Octopus System. We hope that the following information provides answers to some of your concerns.
Does this decision affect Octopus System Customers?
- Most Customers will not experience any changes in their contracts with Octopus System or in their use of the Octopus System products. Even though the EU Privacy Shield was invalidated, personal data may still be transferred outside the EU through the Octopus System products pursuant to the EU adequacy decision for Canada and the Standard Contractual Clauses. Please note that the EU Standard Contractual Clauses (“SCC’s”) are already incorporated by reference in the standard Octopus System Data Processing Addendum (“DPA”), which forms part of the Octopus System Master Subscription Agreement.
- If you have an older agreement with Octopus System that does not incorporate a DPA and the SCC’s, or would like to execute an updated DPA, please get in touch with your Account Manager or Client Partner.
How does Octopus System comply with the GDPR for International data transfers?
- Octopus System is a Latvian corporation headquartered in Riga, Latvia. As a Europe Commission Company, Octopus System may receive International data transfers from the EU under the European Commission adequacy decision. There is no requirement to have SCC’s or another transfer mechanism to legally transfer personal data from an EU controller to Octopus System.
Where is Customer data stored?
- Octopus System utilizes Their Dedicated Server Company As Web Services as a sub-processor to host the Octopus System products. The Server has designated data centers hosted locally in the EU. Each Customer is responsible for designating the data center location for hosting their Customer Data for use in the Octopus System products. Octopus System holds the encryption keys for storage of Customer Data at rest.
How does Octopus System respond to Government requests?
- A government order or subpoena can only be issued in accordance with the appropriate legal processes in the appropriate jurisdictions. All such orders would be reviewed by Octopus System and, where applicable, by Host Servers, to determine to what extent, if any, Octopus System or Server Host Company is required to comply with such order. Octopus System will seek legal advice on the required disclosure and to determine if we are permitted to notify customers when we receive such orders or subpoenas. Unless Octopus System or The Server Company is prohibited from doing so by applicable laws or the governmental order, Octopus System or Server company will notify customers before disclosing Customer Data, so the customer may take the necessary steps to object or seek protection from disclosure.
If you have any questions regarding Octopus System’s Privacy and Data Protection, please mail us at info@Octopus-System.com.