Xceed Software Inc.
Revised May 21, 2018
Privacy is important, and Xceed Software Inc. (Xceed) is committed to transparency, protection of your data and keeping up to date with the best practices of the industry to maintain the integrity of our data infrastructure. We hope the following information will help you make an informed decision about how you visit this website and whether or not to share personal information with us.
Xceed is committed to sound data management practices and believes in transparency. Our revised Privacy Statement explains:
What Personal Data we collect and why we collect it
How we use Personal Data
Who we share Personal Data with
The choices and rights you have including how to access, update, and remove Personal Data
If you do not agree to this Privacy Statement and the applicable User Agreement, please exit, and do no access or use, the Service.
Information We Collect
(a) Information you voluntarily provide to us: When you sign up for, download or purchase and use Xceed software, consult with our customer service team, send us an email, post on our blog, download free trial software, or communicate with us in any way, you are voluntarily giving us information that we collect. That information may include either your or your name, physical address, email address, IP address, phone number, credit card information, as well as details including gender, occupation, location, purchase history, and other demographic information.
By giving us this information, you consent to this information being collected, used, disclosed, transferred to Canada and stored by us.
(c) Cookies and tracking: We and our service providers may use various technologies to collect and store information when you use our web site and our services, and this may include using cookies and similar tracking technologies on our Website, such as pixels and web beacons, to analyze trends, administer the website, track users' movements around the website, serve targeted advertisements, and gather demographic information about our user base as a whole.
Lawful Basis for Processing Personal Data & Use of Personal Information
Xceed is an incorporated enterprise located in Canada. In addition to respecting local data protection laws and guidelines, Xceed has taken considerable steps to make itself compliant with the new GDPR in respect to EU persons.
(i) In processing your Personal Data in connection with the purposes described in this Policy, we rely on the legal basis defined in the GDPR of: CONTRACT, the processing is NECESSARY FOR THE PERFORMANCE OF A CONTRACT to which the data subject is a party or to take steps at the request of the data subject prior to entering into a contract; in the following situations:
(a) To provide price quotes to you, bill and collect money owed to us. This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and we send billing information to those third parties to process your orders and credit card payments. Whenever possible, credit card information (or information for other payment types) is collected by a trusted payment processor partner, and not collected by Xceed's website, nor stored on or seen collected by Xceed's servers. At the time of the May 21, 2018 revision of this Privacy Statement, credit card information is collected and handled by a well-known payment processor that is audited by a PCI-certified auditor and is certified to PCI Service Provider Level
1.-This is the most stringent level of certification available.
(b) To send you System Alert messages. For example, we may inform you of temporary or permanent changes to our products and services, such as planned outages, new features, version updates, releases, abuse warnings, and changes to our Privacy Statement.
(c) To communicate with our users about their account and provide customer support. For example, we may contact you in anticipation of your license expiration to avoid service outage. You may contact Xceed to answer questions specific to your account, the Service you are using or enquiring about other services or products Xceed offers.
(d) To improve our services, audit and analyze data to improve Xceed Technologies or Services.
(ii) In processing your Personal Data in connection with the purposes described in this Policy, we rely on the legal basis defined in the GDPR of: CONSENT, in the following situations:
(a) To send you informational and promotional content in accordance with your marketing preferences which may be updated at any time. You can also stop receiving our promotional emails by following the unsubscribe instructions included in every email.
(iii) We may use and disclose Personal Information only for the following purposes:
(a) To promote use of our services to you and others. For example, if we collect your Personal
Data Collected for and by our Partners (such as resellers)
As resellers offer our products to end users, we have no direct relationship with end user prior to Reseller's contractual agreement with end user, and for that reason, Resellers are responsible for making sure they have the appropriate permission for us to process information about those individuals.
We will retain Personal Information we process on behalf of our Resellers for as long as needed toprovide our Services or to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements.
We may disclose Personal Information to the following types of third parties for the purposes described in this policy:
(a) Service Providers. Sometimes, we share your information with our third-party Service Providers, who help us provide and support our Services. Just like with the other third parties we work with; these third- party Service Providers enter into a contract that requires them to use your Personal Information only for the provision of services to us and in a manner that is consistent with this policy. Examples of Service Providers include payment processors, hosting services and content delivery services.
Frequency of verification of third party processors and sub processors
Xceed believes that data protection will continue to evolve. Xceed will make sure to review its list of third-party processors and their documented methods of processing and protecting data on a regular basis (at least once every 2 years). To the extent where it reasonably possible, Xceed will also validate the agreements and arrangements that the mentioned third-party processors have with their sub- processors, or, at the very least, validate that such agreements are in place between the processor and the sub-processor.
Notice of Breach of Security
If a security breach causes an unauthorized intrusion into our system that materially affects a user, then Xceed will notify you as soon as possible and later report the action we took in response.
Safeguarding Your Information
Xceed uses reasonable and appropriate security measures to protect against unauthorized access, alteration or destruction of data. This includes using 128-bit SSL when dealing with private data, periodically verifying that the web site stores passwords in the form of one-way hash codes and keeping servers in locked server rooms after-hours.
Xceed provides access to stored personal information only to employees or contractors that require it in order to operate, support or develop our products or services.
We Operate in Canada.
Our servers and offices are in Canada, so your information may be transferred to, stored, or processed in Canada. By using our Websites, you understand and consent to the collection, storage, processing, and transfer of your information to our facilities in Canada and those third parties with whom we share it as described in this policy. At the time that the GDPR became applicable, Canada was one of the third countries which are counted as secure countries for transfer of data.
Accuracy and Retention of Data
We do our best to keep your data accurate and up to date, to the extent that you provide us with the information we need to do so. If your data changes (for example, if you have a new email address), then you are responsible for notifying us of those changes. Upon request, we will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Information. We will retain your information for as long as your account is active or as long as needed to provide you with our Services. We may also retain and use your information in order to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our Agreements.
Access & right of erasure
We will give an individual, either you or a Subscriber, access to any Personal Information we hold about them within 30 days of any request for that information. Individuals may request to access, correct, amend or delete information we hold about them by contacting us. Unless it is prohibited by law, we will remove any Personal Information about an individual, either you or an end user to a reseller, from our servers at your or their request. There is no charge for an individual to access or update their Personal Information.
What are cookies?
Cookies are small data files that are placed on your computer or mobile device when you visit a website. Cookies are widely used by online service providers in order to (for example) make their websites or services work, or to work more efficiently, as well as to provide reporting information. Cookies set by the website owner or service provider are called "first party cookies". Cookies set by parties other than the website owner are called "third party cookies". Third party cookies enable third party features or functionality to be provided on or through the website or service you are using (such as advertising, interactive content and analytics). The third parties that set these third-party cookies can recognise your computer both when it visits the website or service in question and also when it visits certain other websites or services.
Essential Website Cookies
These cookies are strictly necessary to provide you with services available through our websites and to use some of its features, such as access to secure areas. Because these cookies are strictly necessary to deliver the websites, you cannot refuse them without impacting how our websites function. You can block or delete them by changing your browser settings, as described under the heading "How can I control cookies?" in the Cookie Statement.
Other tracking technologies
We and our third-party partners may use other, similar technologies from time to time, like web beacons, pixels (or "clear gifs") and other tracking technologies. These are tiny graphics files that contain a unique identifier that enable us to recognise when someone has visited our Websites or, in the case of web beacons, opened an e-mail that we have sent them. This allows us, for example, to monitor the traffic patterns of users from one page within our Websites to another, to deliver or communicate with cookies, to understand whether you have come to our Websites from an online advertisement displayed on a third-party website, to serve targeted advertisements to you and others like you, to improve site performance, and to measure the success of marketing campaigns. While you may not have the ability to specifically reject or disable these tracking technologies, in many instances, these technologies are reliant on cookies to function properly; accordingly, in those instances, declining cookies will impair functioning of these technologies.
Targeted online advertising
We have engaged one or more third party service providers to track and analyse both individualized usage and volume statistical information from interactions with our Websites. We also partner with one or more third parties (such as advertisers and ad networks) to display advertising on our Websites and/or to manage and serve advertising on other sites.
Cookies served through third party services
User email campaigns
Third-party email services like MailChimp automatically place single pixel gifs, also known as web beacons, in every email sent by our Mailchimp for our newsletter content. These are tiny graphic files that contain unique identifiers that enable us and our users to recognize when their subscribers have opened an email or clicked certain links. These technologies record each subscribers email address, IP address, date, and time associated with each open and click for a campaign. We use this data to create reports for our marketing team to learn about how an email campaign performed and what actions subscribers took.
Google remarketing ads: Our Google remarketing ads feature (also known as web retargeting ads) allows our marketing team to create and manage advertisements on the Google Display Network. If we choose to use this feature, MailChimp installs a Google tracking pixel on our Site through the Snippet. The Snippet also allows our Site to set a MailChimp cookie that will recognize Site visitors via ads placed with the Google remarketing ads feature. These technologies facilitate the placement of advertising campaigns on the Google Display Network and enable MailChimp to provide reporting to our users about the performance of these advertising campaigns. To refuse these cookies, please follow the instructions below under the heading "How can I control cookies?" Alternatively, please click on the relevant opt-out link here: https://www.google.com/settings/ads/plugin
Product retargeting emails: MailChimp product retargeting emails feature allows Xceed to promote new items or best sellers to our subscribers. When a subscriber clicks a link within a product retargeting email, our Site drops a MailChimp cookie on that subscriber's device that is placed through the Snippet. This cookie allows MailChimp to track attribution rates and browser activity and provide reporting to our marketing team regarding the success of our product retargeting emails.
Controlling your Cookies
Disabling Most Interest Based Advertising: Most advertising networks offer you a way to opt out of Interest Based Advertising. If you would like to find out more information, please visit http://www.aboutads.info/choices/ or http://www.youronlinechoices.com
Mobile Advertising: You can opt out of having your mobile advertising identifiers used for certain types of Interest Based Advertising, including those performed by us, by accessing the settings in your Apple or Android mobile device and following the most recent published instructions. If you opt out, we will remove all data about you and no further data collection or tracking will occur. The random ID we (or our third-party partners) had previously assigned to you will also be removed. This means that if at a later stage, you decide to opt-in, we will not be able to continue and track you using the same ID as before, and you will for all practical purposes be a new user to our system.