Effective date: November 08, 2022
We value your privacy. With this policy, we set out your privacy rights and how we collect, use, disclose, transfer, and store your Personal Data.
When we say "Ablebits", "we", "our", or "us", we mean Office Data Apps sp. z o.o., Warszawska str., 109, Office 5, Lomianki, 05-092, Poland, which is the entity responsible for processing your Personal Data.
When we say "Website" or "Products", we mean all of Ablebits's websites, software application products or application services, or the services related thereto.
When we say "Personal Data", we mean all of personal data or personal information or personally identifiable information (as defined by applicable law).
When we say "you" or "user" or "users", we mean all of visitors, customers and consumers that access our Website or Products.
When processing Personal Data, we adhere to the following principles:
- We do not collect more information than is necessary.
- We do not store Personal Data if it is no longer needed.
When you decide to contact us, download, install or access a trial version of our Products, purchase a license or subscription, we may ask you to provide your personal details. Depending on the context, we may use this Personal Data, for example, to communicate with you, to perform an agreement concluded with you, fulfill statutory data retention obligations (e.g. resulting out of accounting law regulations or tax law or data protection regulations), inform you about our Products updates and pursue other legitimate goals.
We may also temporarily process data which belongs to you if you want to contact our support services and decide to share program and system logs with us. You can find more information about how we process data in the What information we collect section.
You have the right to request access and update your Personal Data and the right to be forgotten. You also have the right to have the processing of your Personal Data restricted. If the processing of your Personal Data is based on your consent, you also have the right to withdraw it at any given time. Withdrawal of your consent will not influence the lawfulness of processing based on this consent before its withdrawal. If the processing of your Personal Data is based on our legitimate interests, you also have the right to object against such processing. You can find more information about your rights in the Your rights regarding your Personal Data section.
On our Website, you can find both on-premises and cloud-based Products. The former requires installation in your on-premises IT infrastructure. This means that in these cases we will not have access to your personal or organization's data and this data will not be stored in our infrastructure. Nevertheless, in cloud-based products, some of your personal or organization's data will be processed within our infrastructure.
If you need more product-specific details, please follow these links:
What information we collect
We collect information about you when you provide it to us and when you use Website or Products, as described below.
Information that you provide to us
- Contact Information. You may optionally provide email address and/or other contact information (e.g. name, company name, address, job title) to contact us through Website with questions about our Products and Services, or to request support service or demo.
- Account Information. Products with per-user license require to create an account. We will ask you to provide personal account information, including first and last name, username, email address, and additional information such as a company name, number of users for a company account.
- Newsletters. You may also optionally subscribe to our newsletters. We will only use your email address to send you newsletters and promotional emails with your express consent. You may opt-out of receiving our email communications at any time by clicking an unsubscribe link at the bottom of every email, or by sending us an email stating your request through the contact information below. This opt-out does not apply to information provided to us as a result of your support requests regarding Products.
- Comments. You may also optionally post comments on our Website.
- Correspondence. If you send messages through the regular mail, we store copies of your correspondence (including name, postal address).
- Surveys. We store your responses to our questions and surveys that we might ask you to complete for research purposes.
Information we collect automatically
As you navigate through and interact with our Website, we may use automatic data collection technologies or other methods of web analysis to collect certain information about your equipment, browsing actions, and patterns, specifically:
- Log-file information. Log file information is automatically reported by your browser each time you access a web page. Server logs may include information such as your web request, IP address, operating system, browser type, referring / exit pages and URLs, number of clicks, domain names, landing pages, pages viewed, search queries on Website, and other such information. Log-file data is securely encrypted utilizing the most advanced encryption methods and is used for debugging purposes and to improve our Website and Products.
- Analytics. In our logs, we store the number of installations and activations for Products you have purchased for our in-house purposes.
Information we receive from others or shared or disclosed
We may use third parties to perform services on our behalf. We share your Personal Data with selected third parties that provide us with a variety of different services ("Sub-processors"). These parties are bound by contractual obligations to keep Personal Data confidential and use it only for the purposes for which we disclose it to them. By accepting this Policy, you authorize us to instruct Sub-processors to process your Personal Data in accordance with this Policy and for the purposes of using Website and Products.
Specifically, such third parties include:
- Cloud service provider. We use Amazon Web Services for our backend infrastructure. You should click on the hyperlink (https://aws.amazon.com/privacy/) for more information about their data collection and privacy policies.
- Software activation services. We use Activatenow for license activation and management. You should click on the hyperlink (https://www.activatenow.com/privacy.asp) for more information about their data collection and privacy policies.
- Social media. You may optionally follow Ablebits on Facebook, LinkedIn, Twitter, YouTube, and other social media platforms. You should review the applicable privacy policies for more detail about information collected and processed by their websites.
- Analytics. Ablebits utilizes Google Analytics to access anonymized and/or pseudo anonymized data to help us understand how our Website and Products are used, so that we can review and improve our Website and Products. Google Analytics provides a report to us with website trends without identifying users. Please see Google's data privacy and security policy (https://policies.google.com/privacy). However, if you decide to withdraw your consent to such data collection, you may opt out by installing Google Analytics Opt-out Browser Add-on. For more information about Google Analytics, please visit https://support.google.com/analytics/answer/6004245
- Resellers. Sales made through Digital River, Verifone Payments BV dba 2Checkout and other our resellers (https://www.ablebits.com/docs/microsoft-office-add-ins-resellers/) are governed by separate rules which will be made available to you during the purchasing process on their websites.
- External accounting and bookkeeping services providers. We may use this to the extent that such disclosure is necessary to have these services provided to us.
- Other potential third-party disclosures. Personal Data may also be disclosed to third parties to serve our legitimate business interests as follows: as required by law, such as to comply with a subpoena, or similar legal process; if Ablebits is involved in a merger, acquisition, or sale of all or a portion of its assets; to investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies; to investigate and defend ourselves against any third-party claims or allegations. We will use commercially reasonable efforts to notify you about law enforcement or court ordered requests for data unless otherwise prohibited by law.
- Information disclosed by you in public areas. You should be aware that when you disclose information (by comments in articles or blogs) about yourself, you do it at your own risk. We cannot control the actions of other Website users with whom you may choose to share your information. Therefore, we cannot and do not guarantee that your information posted on publicly accessible pages will not be viewed by unauthorized persons. If you choose to submit content to any public areas, such content will be considered "public" and will not be subject to the privacy protections set forth herein.
- Anonymized or pseudo-anonymized information. However, we may disclose anonymized and/or pseudo-anonymized data about our users, and information that does not identify any individual, without restriction.
As required by applicable law, Ablebits has in place Data Processing Agreement(s) with those processors that process Personal Data to ensure compliance with Ablebits's obligations under applicable data protection laws and regulations.
We do not collect
We do not collect any payment information such as bank account details, credit card information, check information.
We do not ask you to provide and do not knowingly collect any special categories of Personal Data from you such as Personal Data that reveals your racial or ethnic origin, political opinions, religious, philosophical beliefs, or trade unions membership, or the processing of data concerning your health or data concerning your sex life or sexual orientation or history of criminal convictions.
We do not track you over time and across third-party websites or other online services for any purpose, therefore we do not respond to browser Do Not Track (DNT) signals and do not modify what information we collect or how we use that information based upon whether such signal is broadcast or received.
How and why we use your Personal Data
Purposes of processing Personal Data
We may use your Personal Data for one or more of the following purposes:
- to present our Website and its content to you
- to provide you with information about our Products (including license keys) you request from us
- to provide you with notices about your licenses and subscriptions, including expiration and renewal notices, quotes and invoices
- to carry out our obligations and enforce our rights arising from any contracts entered into between you and us
- to notify you about changes or updates to our Website or Products you have purchased or that we offer
- to allow you to participate in interactive features on our Website
- in any other way we may describe when you provide the information
- and for any other purpose with your consent
Lawful basis for processing your Personal Data
We have a lawful basis for collecting and processing your Personal Data, as required by the data protection regulation of countries, and we want to demonstrate to you the purposes for which we do so.
The reasons for using your Personal Data may differ depending on the purpose of the collection. Generally, we use your Personal Data for the following purposes and on the following legal grounds:
- Legitimate interests. We will process your Personal Data as necessary for our legitimate interests. Specifically, our legitimate interests are to: facilitate communication between Ablebits and you; develop products and services, detect and correct bugs in our Products; improve our Website; safeguard our IT infrastructure and intellectual property; detect and prevent fraud and other crimes (including misappropriation of intellectual property); promote and grow our business. We do not process your Personal Data if your rights and freedoms outweigh our legitimate interests.
- To perform our contractual services to you. We process your Personal Data to fulfill our obligations to you pursuant to our contract with you to deliver Products and corresponding services to you.
- As required by law. We may also process your Personal Data when we are required or permitted to by law; to comply with government inspection, audits, and other valid requests from government or other public authorities; to respond to legal process such as subpoenas; or as necessary for us to protect our interests or otherwise pursue our legal rights and remedies (for instance, when necessary to prevent or detect fraud, attacks against our network, or other criminal and tortious activities), defend litigation, and manage complaints or claims.
We do not use
We do not use your Personal Data with any automated decision-making processes.
How long we store your Personal Data
Ablebits will retain your Personal Data for the entire time that you have licenses or contractual agreements with us. At any time, you may ask for your Personal Data to be removed by sending a request using the form https://ablebits.com/support/data-protection-form.php. After the data removal, we may keep pseudonyms of your Personal Data solely for a record about the data removal.
We may retain your Personal Data:
- for as long as necessary to comply with any legal requirement, protect our legal interests, or otherwise pursue our legal rights and remedies. We will delete your Personal Data after all such statutory data retention periods lapse
However, anonymized and pseudo-anonymized data will be retained as long as Ablebits determines such data is commercially necessary for its legitimate business interests.
How we keep your Personal Data safe
Our steps to be secure
We have implemented reasonable administrative, technical, and physical security measures to protect your Personal Data against unauthorized access, destruction, or alteration. All data is securely encrypted with the most advanced encryption methods; connection to external web resources is protected by TSL encryption.
We host our public and internal IT-infrastructure on Amazon Web Services, Microsoft Azure Services and Microsoft 365. These are well known companies which have high-level data security practices. You can find more details about their security practices at https://aws.amazon.com/security/ and https://www.microsoft.com/en-us/trust-center/product-overview.
Also, we use only PCI-DSS compliant third-party payment processors to ensure the security of your payment information. You can find more information on security practices for Digital River, Inc (USA) (https://www.digitalriver.com/compliance/pci-dss/) and Verifone Payments B.V. (Netherlands) (https://www.2checkout.com/certificates-and-awards/).
Your role in data safety
The safety and security of your Personal Data also depend on you. Whether we have given you or you have chosen a password for access to certain parts of our Website and Products, you are responsible for keeping this password confidential. We ask you to never share your password with anyone.
We will notify you without undue delay after becoming aware of a Personal Data breach. Such notice will include, at a minimum:
- description of the nature of the Personal Data breach including, where possible, the categories and approximate number of data subjects concerned, and the categories and approximate number of personal records concerned
- contact details where you can get more information
- description of the likely consequences of the Personal Data breach
- description of the measures taken or proposed to be taken by you to address the Personal Data breach including, where appropriate, measures to mitigate its possible adverse effects
International Personal Data transfers
Whenever possible, we will try to use processors which process Personal Data within the European Economic Area ("EEA"). In case there is a need for us to use processors located outside of the EEA, we will only disclose Personal Data to them provided that appropriate international data transfer safeguards described in the GDPR are in place.
We may transfer the information you have provided to us outside the EEA, only to the United States of America. Such transfer will rely on the mechanisms provided in the GDPR that allow the transfer of Personal Data outside the EEA, including standard contractual clauses approved by the European Commission.
If you have further questions about international data transfers that we make, you can contact our Privacy Team (firstname.lastname@example.org).
Your rights regarding your Personal Data
Under applicable data protection laws, you have the following rights with regard to our processing of your Personal Data.
- Access and update. You may notify us about any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible. We may also not be able to accommodate your request if we believe it would violate any law or legal requirement or cause the information to be incorrect.
- Restrictions. You have the right to restrict our processing of your Personal Data under certain circumstances. In particular, you can request that we restrict our use of your Personal Data if you contest its accuracy, if the processing of your Personal Data is determined to be unlawful, or if we no longer need your Personal Data for processing, but we have retained it as permitted by law.
- Portability. In relation to Personal Data that you provide to us based on your consent or in order to perform a contract, you have the right to request that we provide you with a copy of, or access to, all or part of such Personal Data in structured, commonly used and machine-readable format.
- Withdrawal of consent. You have the right to withdraw your consent to the processing of your Personal Data at any time by sending a request through the contact information below. Withdrawing your consent will not, however, affect the lawfulness of our processing of your Personal Data based on your consent before its withdrawal or on any other lawful basis.
- Right to be forgotten. You have the right to request that we delete all of your Personal Data. We cannot delete your Personal Data except by also deleting your user account and revoking your licenses, and we will only delete your account when we no longer have a lawful basis for processing your Personal Data or after a final determination that your Personal Data was unlawfully processed. We may not accommodate a request to erase information if we believe the deletion would violate any law or legal requirement or cause the information to be incorrect. In all other cases, we will retain your Personal Data as set forth in this Policy. In addition, we cannot completely delete your Personal Data as some data may rest in previous backups. These will be retained for the periods set forth in our disaster recovery policies.
- Complaints. You have the right to lodge a complaint with the applicable supervisory authority in the country you live in, the country you work in, or the country where you believe your rights under applicable data protection laws have been violated. However, before doing so, we request that you contact us directly in order to give us an opportunity to resolve any concerns about your privacy. A list of Supervisory Authorities is available here:
Requests under this section can be made through Data Subject Request Form (https://www.ablebits.com/support/data-protection-form.php). We will respond in the timeframes required under applicable law. Our team may ask you for additional information to verify your identity. We reserve the right to limit or deny your request if you have failed to provide sufficient information to verify your identity or to satisfy our legal and business requirements.
Our Website and Products are not designed or intended for persons under the age of 18, and we do not knowingly collect information from children under the age of 18. If a parent or guardian becomes aware that their minor child (as defined by the applicable privacy rules or regulations pertaining to the minor child) has provided us with Personal Data without their consent, they should contact us. We will delete such Personal Data from our files within a commercially reasonable time, but no later than required under the applicable law relating to the child's state and/or country of residence.
California privacy rights
This section provides additional details about the personal information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act ("CCPA").
For more details about the personal information we have collected over the past 12 months, please see the What information we collect section above. We collect this information for the business and commercial purposes described in the How and why we use your Personal Data section above. We share this information with the categories of third parties described in the Information we receive from others or shared or disclosed section above.
Under the CCPA you have the following rights in relation to the personal information we hold about you:
- right to be informed
- right to request deletion
- right to opt out
- right to disclosure
- right to equal services and prices (non-discrimination)
We are committed to exercising your privacy rights, including the rights granted to you under the CCPA.
In accordance with the CCPA's requirements, we will not discriminate against you for exercising any of your CCPA rights. You may make a request pursuant to your rights under the CCPA by contacting us via email (email@example.com) or by mail using the contact details set out below. We will verify your request using the information associated with your user account, including the email address. Californian consumers can also designate an authorized agent to exercise these rights on their behalf.
You may request to opt out of the sale of your personal information to third parties. The CCPA defines a sale very broadly and this includes communicating personal information to another business or a third party for non-financial gain. Ablebits will never sell your data for profit, however, where we transfer it to our partners for things like displaying personalized ads to you or to deliver improvements to our service, these uses fall within the broad definition of a "sale" under CCPA. We only engage in this kind of data transfer where we believe it benefits you by providing you with a better experience, quality of service or to deliver content that you may be interested in.
You can opt out from any practice that may lead to the sale of your Personal Data at any time. To manage your privacy preferences and opt out of the sale of your personal information, please use the features provided to opt out in our dedicated Do Not Sell My Info page (https://www.ablebits.com/docs/do-not-sell-my-info/). You can also contact us via email (firstname.lastname@example.org) or by mail using the contact details set out below.
Our Website contains links to other websites, but that does not mean we endorse those websites. We encourage you to review the privacy policies for these third-party websites because their procedures for collecting, handling and processing Personal Data might be different to ours.
By form: Data Subject Request Form (https://www.ablebits.com/support/data-protection-form.php)
By email: email@example.com
By phone: +1 (424) 253-9944 (USA), +48 605 225 490 (Europe)
Office Data Apps sp. z o.o.
Attn: Privacy Team
Warszawska str., 109, Office 5,
Lomianki, 05-092, Poland