CHIEF AUTOMATION OFFICER LTD ("CAO", "we", "us" or "our") an Israeli limited company, has updated our Privacy Policy ("Privacy Policy") as of 01/08/2020.
Introduction
CAO provides office management solutions software and makes its software available to Customers who use the Software and/or the Services (each term, as defined in the Terms of Use https://officer.org.il/TermsofUse). The scope of this Privacy Policy shall apply to all Personal Information that is Processed by us during the course of our provision of the Software and/or the Services.
This primary purposes of this Privacy Policy are to:
For the purposes of this Privacy Policy, the term, "Website", shall refer to https://officer.org.il as well as the other websites that we operate and that link to this Privacy Policy.
Important Definitions
"Personal Information" or "Personal Data" means information relating to an identified or identifiable natural person (also known as a "Data Subject"). An identifiable person or Data Subject is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, email address, an identification number, location data, and online identifier or to one or more factors specific to his/her physical, physiological, genetic, mental, economic, cultural or social identity. Personal Information can include, without limitation, information and data pertaining to Website users, Customers, clients of Customers, and other third parties that we may Process from time to time during the course of providing the Software and/or the Services or that is collected during the course of using or maintaining the Website, and including, without limitation, any Personal Information related to any Data Subjects (from any source) that is posted and/or uploaded by Customers while using the Services. With respect to California residents, “Personal Information” also comprises “information” that directly or indirectly relates to or could reasonably be linked to a particular Consumer (as defined in the California Consumer Privacy Act of 2018 (CCPA)) or to a household.
"Customer" shall have the meaning ascribed to such term in the Terms of Use https://officer.org.il/TermsofUse.
"Processing" means any operation or set of operations performed upon Personal Information or sets of Personal Information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Information that we Collect
We collect Personal Information from persons who:
In the above contexts, we may collect Personal Information, which may include, without limitation:
Right to Opt-Out from Marketing Communications
Customers can opt-out of receiving marketing communications from us by contacting us at the e-mail address set forth in the Contact Us Section of this Privacy Policy or following the unsubscribe instructions included in our marketing communications.
Processing under Discretion of Customers
Other than as expressly required by applicable law, we collect and Process information under the sole direction of our Customers, and we have no direct relationship with individuals whose Personal Information we Process in connection with the use of the Software and/or Services. We bear no responsibility for the content or lawfulness of Personal Information provided by our Customers, by any customers of such Customer, by any Data Subject or by any Website users.
Customer Responsibility to Protect Personal Information
Customers are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, as well as with complying with any and all privacy policies, agreements or other obligations, relating to the collection of their Personal Information and/or the collection by the Customers of third parties' Personal Information in connection with the use of the Software and/or Services.
Individuals who interact with a Customer using the Software and/or the Services (if any) will be directed to contact the relevant Customer for assistance with any requests or questions relating to their Personal Information. Unless otherwise set forth herein or mandated by applicable law, our use of Personal Information collected through our Service shall be limited to the purpose of providing the Software and/or the Services.
Requisite Consent
By voluntarily providing us with Personal Information, all parties who provide us with Personal Information for the purposes of enabling the Services represent that they are the owner of such Personal Information or otherwise have the requisite consent to provide it to us.
Processing in Israel
If a party is located outside of Israel and chooses to provide Personal Information to us and/or in the event we are provided with any Personal Information of Data Subjects located outside of Israel, we may transfer such Personal Information to Israel and we may Process such Personal Information within Israel. Consent to this Privacy Policy followed by the submission of such Personal Information represents an explicit agreement to such transfer and Processing.
Service Providers
We engage and/or may engage certain trusted third parties to perform functions and provide services to us, including hosting and maintenance, error monitoring, debugging, performance monitoring, billing, customer relationship, database storage and management, and direct marketing campaigns. We may share Personal Information with these third parties, but only to the extent necessary to perform these functions and provide such services. We also obligate these third parties to maintain the privacy and security of the Personal Information they process on our behalf.
Credit Card Processing
A third-party intermediary may be used to manage credit card processing. This intermediary is not permitted to store, retain, or use your billing information for any purpose except for credit card processing on our behalf.
Automatically Collected Information
When you use our Website or otherwise access or use the Software and/or the Services, we may automatically collect certain computer information by the interaction of your mobile phone or web browser with our Website.
Cookies
The Website uses "Cookies" to identify the areas of our Website that you have visited. A Cookie is a small piece of data stored on your computer or mobile device by your web browser. We use Cookies to personalize the Content that you see on our Website. Most web browsers can be set to disable the use of Cookies. However, if you disable Cookies, you may not be able to access functionality on our Website and/or the Services correctly or at all. We never place Personal Information in Cookies.
Log Information
We automatically receive information from your web browser or mobile device. We reserve the right to use this information to analyze trends among our users to help improve the Website and/or the Services.
Third-Party Links
The Website might include links to external third-party websites. PLEASE NOTE THAT WE ARE NOT RESPONSIBLE FOR THE PRIVACY PROTECTION, POLICIES, AND USE OF ANY SOFTWARE OFFERED IN THESE EXTERNAL WEBSITES. WE WILL NOT BE RESPONSIBLE TO ANY PARTY OR FOR ANY REASON FOR ANY DIRECT OR INDIRECT DAMAGES CAUSED FROM THE USE OF THIRD-PARTY WEBSITES.
Sharing of Information
We may use aggregated, anonymized data that we periodically collect in connection with the Website, Software and/or Services in order to help us to improve, develop and market our Website, Software and/or Services. Examples of such use may include, without limitation, the transfer of anonymized data for purposes of traffic analysis, SEO optimization, mailing list management, e-mail support and analytics. To the extent permitted by applicable law, Customer grants CAO a perpetual, non-revocable and royalty-free right to use any depersonalized anonymous or statistical data, which does not identify the Customer and/or any other person, and any derivative or data which is derived or deducted by CAO from the Customer’s use of the Software and/or Services, for CAO’s research, development, marketing and other uses.
In addition, we may transfer Personal Information to third parties for the purpose of providing the Software and/or the Services. We may disclose Personal Information to our appropriate affiliates, including third party service providers, to provide you with the Software and/or the Services. For example, we may transfer your Personal Information to third party service providers to:
We may also elect to transfer Personal Information that we collect to third parties under special circumstances such as:
From time to time, we may post testimonials on the Website that may contain Personal Information. We obtain your consent to post your name along with your testimonial. If you wish to update or delete your testimonial, you can contact us at the e-mail address set forth in the Contact Us Section of this Privacy Policy.
UNLESS OTHERWISE PROHIBITED BY APPLICABLE LAW, WE WILL NOT BE LIABLE TO CUSTOMERS, WEBSITE USERS, CUSTOMERS OF CUSTOMERS, DATA SUBJECTS OR TO ANY THIRD PARTY FOR ANY GOOD FAITH DISCLOSURES OF PERSONAL INFORMATION IN ANY OF THE FOREGOING CONTEXTS.
Communications Preferences
You may manage your receipt of marketing and non-transactional communications by clicking on the "unsubscribe" link located on the bottom of our marketing emails or Contact us at the e-mail address set forth in the Contact Us Section of this Privacy Policy.
Retention of Personal Information
We retain Personal Information for as long as is needed to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). When we have no ongoing legitimate business need to Process your Personal Information, we will either delete or anonymize it, or, if this is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further Processing until deletion is possible.
For Personal Information that we Process on behalf of our Customers, we will retain such Personal Information in accordance with the terms of our agreement with them, subject to applicable law.
Privacy Rights
Upon request we will provide Customers with information about whether we hold, or Process on behalf of a third party, any of their Personal Information. To request this information please contact us at the e-mail address set forth in the Contact Us Section of this Privacy Policy. Customers may update or change their information by editing their profile when logged into the Software and/or Services. To make a request to have Personal Information maintained by us returned to you or removed, please email us at the e-mail address set forth in the Contact Us Section of this Privacy Policy. Requests to access, change, or remove your information will be handled within thirty (30) days.
An individual who is not a Customer who seeks access to, or who seeks to correct or, amend inaccuracies in, or delete Personal Information stored or Processed by us on behalf of a Customer should direct his/her query to the Customer (the data controller). Upon receipt of a request from one of our Customers for us to remove the data, we will respond to their request within thirty (30) days, unless a shorter period is mandated by applicable law.
We will retain Personal Information that we store and Process on behalf of our Customers for as long as needed to provide the Software and/or Services to our Customers. However, we reserve the right to retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
If you are a Customer or otherwise provide us with Personal Information in connection with your use of our Website, Software and/or Services, we will delete and/or anonymize this information upon your request, provided that, notwithstanding such request, this information may be retained for as long as you maintain an Account for our Software and/or Services, or as needed to provide you with our Software and/or Services, comply with our legal obligations, resolve disputes and enforce our agreements.
Security/Unauthorized Access
We employ administrative and electronic measures designed to appropriately protect Personal Information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Information in our possession. Please be aware that no security measures are perfect or impenetrable. We cannot guarantee that information about you will not be accessed, viewed, disclosed, altered, or destroyed by breach of any of our administrative, physical, and electronic safeguards, subject to requirements under applicable law to ensure or warrant information security.
We also take measures to delete Personal Information or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period. When determining the retention period, we take into account various criteria, such as the type of products and services requested by or provided to you, the nature and length of our relationship with you, possible re-enrollment with the Software and/or Services, the impact on the Services that we provide to you if we delete some information from or about you, mandatory retention periods provided by law and the statute of limitations.
Children’s Personal Information
We do not knowingly collect, and you may not submit through the Software and/or Services, any Personal Information from children under the age of 18. If you are under the age of 18, please do not submit any Personal Information through our Website or seek to obtain Software and/or Services from us. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Privacy Policy by instructing their children never to provide Personal Information through the Website, Software and/or Services without their permission. If you have reason to believe that a child under the age of 18 has provided Personal Information to us through the Website, Software and/or Services, please contact us at the e-mail address set forth in the Contact Us Section of this Privacy Policy, and we will use commercially reasonable efforts to delete that information.
Business Transactions
We may assign or transfer this Privacy Policy, as well as any Customers’ Accounts and related information and data, including any of their Personal Information, to any person or entity that acquires all or substantially all of our business, stock or assets, or with whom we merge.
Privacy Policy Changes
If there are any material changes to this Privacy Policy, we will notify users of the Website, our Software and/or the Services by our posting of a prominent notice on the Website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. Your continued use of the Website, Software and/or the Services constitutes your agreement to be bound by such changes to this Privacy Policy. Your only remedy, if you do not accept the terms of this Privacy Policy, is to discontinue use of the Website and cease your use of the Software and/or Services.
European Union (EU) and European Economic Area (EEA)
Our Status
Unless otherwise mandated by applicable law, in no event shall we act as a Controller of any Personal Information, as defined by the General Data Protection Regulation (GDPR). Rather, we shall be acting solely as a Processor, or a person who Processes Personal Data on behalf of the Controller.
Scope
The terms set forth within this subsection shall apply to all forms and sources of Personal Data that we Process that are subject to applicable privacy laws within the EU and the EEA that relate to the use of the Website or to our provision of the Software and/or the Services, including, without limitation to Personal Data pertaining to Website users, Customers, customers of Customers and/or other Data Subjects.
Legal Basis for Processing
If a person or entity is located within the EEA, our legal basis for collecting and using that person’s or entity’s Personal Information, as described in this Privacy Policy, depends on the information we collect and the specific context in which we collect it. We may process Personal Information because:
If you have any questions about the legal basis on which we collect and use your Personal Information and/or any Personal Information you have uploaded to the Services, please contact us at the e-mail address set forth in the Contact Us Section of this Privacy Policy.
Transfer of Personal Information
For individuals who are located in the European Union, Customers should be aware that we transfer Personal Data based on Data Processing Agreements which incorporate the Standard Contractual Clauses 2010/87/EU ("Model Clauses"). These Model Clauses are recognized by the European Commission as providing adequate safeguards to protect your privacy and rights regarding Personal Data. If you and/or any Data Subjects about whom we Process Personal Data are located outside of the EEA, we will take all steps reasonably necessary to ensure that Personal Data is treated securely and in accordance with this Privacy Policy. By using our Website and/or the Software and/or the Services, you give us, on your behalf and on behalf of all the Data Subjects, the consent to store, process and transfer your information as described above. If you object to such information (if any) being transferred or used in this way, please do not use the Website and/or the Software and/or the Services.
Additional Rights under the General Data Protection Regulation (GDPR)
If you and/or the Data Subjects about whom we Proceed Personal Data are residents of the European Economic Area (EEA), you and/or such Data Subjects have certain data protection rights. In certain circumstances, you and/or such Data Subjects have the following data protection rights:
You and/or any Data Subjects about whom we Process Personal Data have the right to complain to a Data Protection Authority about our collection and use of your personal information. For more information, please contact your local data protection authority in the European Economic Area (EEA).
California
Scope
The terms set forth within this subsection shall apply to all forms and sources of Personal Information that we Process related to Consumers, as defined under the CCPA, who are subject to applicable privacy laws within the State of California that relate to the use of the Website or to our provision of the Software and/or the Services, including, without limitation to Personal Information pertaining to Website users, Customers, customers of Customers and/or other Consumers.
California Consumer Privacy Act of 2018 (CCPA)
The following terms shall apply if our Processing of Personal Information is subject to the CCPA:
Definitions and Relationship
"Business" is any for-profit entity doing business in California, that either has as annual gross revenues of at least 25 million USD per year, annually buys, sells, receives, or shares personal information from at least 50,000 consumers, households, or devices, or makes over 50 percent of its gross annual revenue from selling personal information.
A "Consumer" is “a natural person who is a California resident. The California Code of Regulations defines a resident as: (a) every individual who is in the State for other than a temporary or transitory purpose, and (b) every individual who is domiciled in the State who is outside the State for a temporary or transitory purpose.
"Sell" "Sell," "selling," "sale," or "sold," means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or a third party for monetary or other valuable consideration.
"Service Provider" means a sole proprietorship, partnership, limited liability company, corporation, association, or other legal entity that is organized or operated for the profit or financial benefit of its shareholders or other owners, that processes information on behalf of a business and to which the business discloses a consumer’s personal information for a business purpose pursuant to a written contract, provided that the contract prohibits the entity receiving the information from retaining, using, or disclosing the personal information for any purpose other than for the specific purpose of performing the Services specified in the Terms of Use https://officer.org.il/TermsofUse and any Order, or as otherwise permitted by this applicable law, including retaining, using, or disclosing the personal information for a commercial purpose other than providing the Software and/or Services specified therein.
For purposes of the CCPA, we are a Service Provider and each Customer is a Business.
We are acting in our capacity as a Service Provider and providing the Software and/or the Services described in the Terms of Use https://officer.org.il/TermsofUse, and in such capacity, will not:
We shall promptly notify the relevant Customer if it receives a request from an individual to exercise his/her rights under CCPA and shall assist that Customer in fulfilling such requests. We have no direct relationship with customers of Customers or any Consumers about whom we Process Personal Information and will direct any requests from such persons to the relevant Customer who provided us with the Personal Information.
Requests for Information
We acknowledge that California consumers have the right to submit requests for information required to be disclosed. A California consumer who seeks to request information should direct their query to the e-mail address set forth in the Contact Us Section of this Privacy Policy.
In addition, if you and/or any Consumer about whom we Process Personal Information are a California resident, you and/or such Consumers may request that we:
Data Collected during Prior 12 Months
As of the Effective Date of this Privacy Policy, we have not collected or disclosed any categories of Personal Information about California residents within the preceding 12 months.
Contact for Disclosures and Collected Personal Information
If you are a California resident, you may make a request for the disclosures described above or make a request to delete Personal Information we collected from you, by contacting us at the e-mail address set forth in the Contact Us Section of this Privacy Policy.
California Online Privacy Protection Act of 2003 (CalOPPA)
"Do Not Track" Signals
California law requires that we let you know how we respond to web browser Do Not Track (DNT) signals. The Website does not respond to DNT signals. Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the preferences or settings page of your web browser.
Contact Us
For questions and requests regarding:
Please email privacy@officer.org.il
Alternatively, you may contact us at:
Gershon Shatz 16, Tel Aviv
Israel