PRIVACY POLICY
This privacy policy describes how Capisoft ("we", "us" or "our") collects, uses and shares personal information when you visit our website or use our services. We strive to protect your privacy and keep your personal data secure in accordance with applicable law, including the General Data Protection Regulation (GDPR).
Principles
- The organization recognizes the importance of information security and the protection of privacy;
- The organization conforms to the principles of privacy by design and privacy by default;
- To demonstrate that the organization complies with the most recent regulations, such as GDPR, ISO27001 has been implemented and an Information Security Management System (ISMS);
- A risk assessment shows how data is used in the organization's processes;
- Measures have been implemented to ensure adequate security of stored data and data in transit;
- Processes have been adapted to ensure that data is not stored for longer than necessary for the performance of services;
- For verification purposes, the implemented measures and controls are recorded in a Compliance Statement, which is available upon request.
Collected Data
We collect different types of personal data for different purposes to provide and improve our services. This data may include:
- Name
- Contact details such as email address, telephone number
- Company information
- Information about your use of our services, such as pages visited or functions used
- Other information you voluntarily provide while interacting with our services
Use of Data
We use the collected data for various purposes, which may include:
- Providing and maintaining our services
- Improving, personalizing and expanding our services
- Communicating with you about our services, including providing updates and newsletters
- Analyzing trends and collecting statistics to understand and improve the performance of our services
- Protecting our rights, property and safety, and that of others
Sharing Data
We share your personal information with third parties only in limited circumstances, which may include:
- With your permission
- With service providers acting on our behalf who carry out or support data processing
- To comply with legal obligations or to respond to court orders
Data security
We take appropriate technical and organizational measures to protect your personal data against loss, misuse, unauthorized access, disclosure, alteration and destruction.
Privacy by Design and Privacy by Default
We apply the principles of privacy by design and privacy by default when developing and managing our systems and services. This means that we take the protection of your privacy into account from the design of our systems and services and that we use the highest privacy settings as standard.
ISO27001 and ISMS
To ensure that we comply with the latest regulations and the highest standards for information security, we have implemented ISO27001 and set up an Information Security Management System (ISMS). This allows us to identify, assess and manage risks relating to the processing of personal data.
Risk assessment
We regularly conduct risk assessments to evaluate how personal data is used in our processes. Based on these assessments, we implement appropriate measures to ensure the confidentiality, integrity and availability of personal data.
Security of Data
We have implemented technical and organizational measures to ensure adequate security of stored data and data in transit. This includes encryption, access control and regular security audits.
Data retention
We do not store personal data for longer than is necessary for the performance of our services and compliance with legal obligations. When personal data is no longer needed, we will securely delete or anonymize it. See Retention Policy.
Your Rights
You have certain rights in relation to your personal data, including the right of access, rectification, erasure, restriction of processing, data portability and objection to processing. If you would like to exercise these rights or have questions about how we process your personal data, you can contact us using the contact details at the bottom of this policy.
Changes to this Privacy Policy
This privacy policy may be updated from time to time to reflect changes in our practices. We recommend that you regularly check our privacy policy for any changes.
This privacy policy is effective as of 01-01-2024 and was last updated on 27-02-2024.