How Allgress Processes Information
Personal Information Allgress Processes
In the normal course of using the Allgress Service, Customers will input electronic data into the Allgress systems (“Customer Data”). The use of information collected through our service shall be limited to the purpose of providing the service for which the Customer has engaged Allgress. Allgress may access Customer Data for the purposes of providing the Service, preventing or addressing service or technical problems, responding to support issues, and responding to Customer’s instructions, or as may be required by law, in accordance with the relevant agreement between Customer and Allgress.
Allgress processes Customer Data under the direction of its Customers, and has no direct control or ownership of the personal data it processes. Customers are responsible for complying with any regulations or laws that require providing notice, disclosure, and/or obtaining consent prior to transferring the data to Allgress for processing purposes.
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to the Allgress Customer (the data controller). If the Customer requests Allgress to remove the personal data to comply with data protection regulations, Allgress will respond to their request within 30 days.
Allgress will refer any request for disclosure of personal data by a law enforcement authority to the Customer. Allgress may, where it concludes that it is legally obligated to do so, disclose personal data to law enforcement or other government authorities. Allgress will notify Customer of such request unless prohibited by law.
Accessing the Service
Customers and their authorized users may access the Service directly through a URL unique to their individual tenant, or may elect to use internal launch pages for single sign-on or other purposes. Customers input information for processing and storage as they use the Service. Customers may also configure the Service to allow end users to input information directly into the Service.
EU-U.S. and Swiss-U.S. Privacy Shield Statement
Allgress complies with both the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. If there is any conflict between the terms in this Privacy Statement and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, please visit privacyshield.gov.
If you have an unresolved concern regarding EEA or Swiss privacy or data use that we have not addressed satisfactorily, please contact the relevant EU data protection authority or the Swiss Federal Data Protection and Information Commissioner, as applicable.
Additional Allgress Privacy Information
Allgress retains Customer Data according to the timeframes set forth in the relevant agreement with its Customers.
The security of Customer Data, including personal data, is very important to Allgress. Allgress maintains a comprehensive, written information security program that contains industry-standard, administrative, technical, and physical safeguards designed to prevent unauthorized access to Customer Data. Allgress designs its applications to allow Customers to achieve differentiated configurations, enforce user access controls, and manage data categories that may be populated and/or made accessible on a country-by-country basis. Configuring these settings appropriately is the Customer’s responsibility.
Allgress has appointed a chief privacy officer responsible for overseeing the implementation of the privacy program within the organization. If you have further questions related to this policy, please ask your Customer Support contact to log a customer care case with the privacy question.
Last Updated: June 14, 2018