Privacy Policy

Last updated May, 2018

1. Scope

This document describes the Data Protection policies of O’Sullivan Computer Consulting Limited.

You may know us as DiaryBook or Iflow. These are the names we trade under and the names of our online messaging services. This document is about the data protection policy of the whole organization covering both of these online services. We are registered in Ireland; registration number 296090.

2. Personal Information

Personal Information is information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

If your organization is a sole-trader or a partnership, then Information we collect from you may fall in to this category.

3. Data we store about you and your organization

This section relates to information we collect and store about you and your organization. For this type of data we act as a Data Controller and are registered as such with the Data Protection Commissioner.

Data: The data we gather include details you provide during registration on our website, secondary forms you may fill in on our website, emails we receive from you and meta-data from your Internet browser. See below for a full list.
Sharing: In the normal course of business, we do not share this data with any 3rd party organization. However, we may be compelled to share some information with law-enforcement or other government officials if instructed to do so.
Storage: Data about you is securely stored by our propriety system within the EU. Access to your data is restricted to employees of our company and only when necessary.
Retention: The data we store is necessary to conduct business with you. We will continue to retain and process your data so long as you remain an active customer with us. Your data will be destroyed either 48 months from the date of the last transaction between us or within 30 days of a written request from you.

3.1 Data Stored

The following is a list of personal data items that we may store about you. The list does not include your preferences and settings relating to the services we provide.

  • Organization Name
  • Site Address
  • Billing Address
  • V.A.T. Number
  • Primary Contact Name
  • Job Title
  • Primary Contact Email Address
  • Primary Contact Telephone Number
  • Primary Contact Mobile Number
  • Primary Contact Fax Number
  • Secondary Contact Name
  • Secondary Contact Email Address
  • Secondary Contact Telephone Number
  • Secondary Contact Mobile Number
  • Secondary Contact Fax Number
  • Tertiary Contact Name
  • Tertiary Contact Email Address
  • Tertiary Contact Telephone Number
  • Tertiary Contact Mobile Number
  • Tertiary Contact Fax Number
  • Credit Alert Email Address
  • Credit Alert Mobile Number
  • I.P Address when accessing our service

4. Browser Cookies

4.1 What is a cookie?

A cookie is a small piece of data that is put on your device by the browser when you visit certain websites. In general cookies can be used to record a user’s browsing activities, to remember arbitrary pieces of information that the user enters or to flag user authorization.

4.2 Cookies We Use

Note: PII stands for Personal Identifiable Information.

Preferences Does not contain PII Your Explicit Consent is Required Persistent – 90 days
Google Analytics Contains your I.P. address. Is not used in our account portal Your Explicit Consent is Required Persistent
Authentication and Session Cookies May contain PII indirectly Your Explicit Consent is Required Session

4.3 Persistent versus Session

A persistent cookie can remain on your device after you have left the website and be retrieved the next time you visit.

A session cookie normally remains on your device for the duration of your site visit and times-out after a short period of inactivity.

4.4 How do we use cookies?

Following GDPR rules, we will not use cookies that contain Personal Identifiable Information (PII) that can be used to identify you without your explicit permission.

We do use cookies to remember certain options that you may have chosen to improve your browsing experience and for our analytics but these do not contain data that can be used to identify you.

We use a session cookie for the purposes of authentication. Once you have signed in to our account portal the authentication cookie identifies you to our server. When you sign-out, or after a period of inactivity, your browser will delete this cookie.

Please note: without your permission to use cookies, actions such as registration or sign-in to our portal may fail.

4.5 Pre-ticked Consent?

If the “allow cookies” tick box is already ticked on the sign-in screen, it means you have already consented to the use of cookies elsewhere on the site or on a previous visit using your device. This consent can be removed by unticking the box.

5. Use of Google Analytics

We use Google analytics to provide us with information about traffic on our websites. We do not use Google analytics in our account portal. Google analytics will collect information from you, this information may include the following:

  • Date and Time of visit
  • Your IP address
  • Type of web browser that you’re using
  • Your operating system
  • Pages visited
  • Time spent on each page of the website
  • Referring site statistics
  • The website (URI) you came through in order to arrive at our website
  • Search engine query used

The above information will be collected by Google and may be stored on databases located outside of the EU. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

6. Data we store and process on your behalf

This section relates to information we store and process on your behalf. This could be data about you, your customers and your staff. For this type of data we act as a Data Processor and are registered as such with the Data Protection Commissioner.

As you are the owner of the data and control when it is created, used and deleted, you are the Data Controller.

Data: The main areas of data we store and process on your behalf are

  • Contacts
  • Users
  • Messages
  • Appointments

Sharing: It is your data and we respect your privacy. We do not share this information with or give access to any 3rd party except under unusual circumstances where we may be compelled to share some information regarding Messages with law-enforcement or other government officials if instructed to do so by them.

Messaging: We operate a messaging platform and by definition this entails passing message content and addressing information to 3rd parties. When you send or receive a message using our service, information is shared.

Storage: Your data is securely stored by our propriety system within the EU. Access to your data is restricted to employees of our company and only when necessary.

Retention: As the Data Controller, data retention is controlled by you and your data should be removed from our system as and when required.

If your account expires or is closed by you or closed by us, your data will be destroyed either 48 months from the date of closure or within 30 days of a written request from you.

 
© Copyright 2018 Iflow. All Rights Reserved. Terms and Conditions | Privacy Policy  0.2.0.2