We understand the trust users place in us and our responsibility to protect the privacy of user information. We want you to be clear about how we’re using the information and the ways in which you can protect your privacy.
When we refer to “XHOCKWARE, we mean the legal entity behind solutions like Shoppster, that acts as the controller or processor of your information, as explained in more detail in the “Identifying the Data Controller and Processor” section below.
By “Customers” we mean our Customers, usually Retail Companies. These are 3rd Party legal entities that sign a service agreement or business contract with XHOCKWARE for rendering any of the services provided to by the company, to their customers, staff or stores.
Table of Contents
- INFORMATION WE COLLECT AND RECEIVE
- USER DATA
- USAGE DATA
- CUSTOMER’S INFORMATION (RETAILERS)
- SERVICES METADATA
- LOG DATA
- DEVICE INFORMATION
- LOCATION INFORMATION
- COOKIE INFORMATION
- THIRD PARTY SERVICES
- CONTACT INFORMATION
- THIRD PARTY DATA (CUSTOMERS)
- ADDITIONAL INFORMATION PROVIDED
- HOW WE USE INFORMATION
- XHOCKWARE GETS USAGE INFORMATION
- DATA RETENTION
- HOW WE SHARE AND DISCLOSE INFORMATION
- CUSTOMER’S INSTRUCTIONS (RETAILERS)
- USERS’ INSTRUCTIONS – DATA PORTABILITY
- COLLABORATING WITH OTHERS
- CUSTOMER ACCESS
- THIRD PARTY SERVICE PROVIDERS AND PARTNERS
- THIRD PARTY SERVICES
- AGGREGATED OR DE-IDENTIFIED DATA
- TO COMPLY WITH LAWS
- WITH YOUR CONSENT
- INTERNATIONAL DATA TRANSFERS PRIVACY SHIELD AND CONTRACTUAL TERMS
- DATA PROTECTION OFFICER
- IDENTIFYING THE DATA CONTROLLER AND PROCESSOR
- YOUR RIGHTS
- DATA PROTECTION AUTHORITY
- CONTACTING XHOCKWARE
A separate agreement (Contract) governs delivery, access and use of the Services by 3rd parties (Our Customers).
- Customer: Companies that work with XHockware to obtain Shoppster’s solution and provide the minimal information necessary for Xhockware to render its services, but that do not include or share any personal information from their customers.
Usage Data is collected when Customers access Shoppster’s service and platform or any of XHOCKWARE services. Usage information may include the usage information when working with and using the platform of Shoppster, or for any interaction with the service.
This information is used to continuously improve the services provided, for debugging, statistics and diagnostic purpose, or any another objective set by this Policy. No personal information or personally identifiable information is kept under usage data.
Customer’s Information (Retailers)
XHOCKWARE also collects, generates and/or receives Information from Customers. This information may include:
- Sales information
- Product information (inc. prices, product data, etc)
XHOCKWARE will not share or receive from Customer’s any of its End User’s/customer’s personal information.
In the case of when the User makes purchases that include a loyalty card identifier, this identifier may be shared with Shoppster. This identifier has no relevance to XHOCKWARE, as no matching loyalty or personal information for the User is stored.
The Websites and Service may also include cookies and similar tracking technologies of third parties, which may collect Usage Information via the Websites and Services and across other websites and online services.
For more details about how we use these technologies, please see our Cookies Policy.
A customer can choose to permit or restrict Third-Party Services.
Third-Party Services are software that integrates with our Services to provide the desired functionality.
Once enabled, the provider of a Third-Party Service may share certain information with XHOCKWARE.
For example, we may receive a username or email address of Customers, along with additional information that the application has elected to make available to XHOCKWARE to facilitate the integration.
When a Third-Party Service is enabled, XHOCKWARE is authorized to connect and access Usage Information made available to XHOCKWARE in accordance with our agreement with the Third-Party Provider (Customers).
We do not, however, receive or store passwords for any of these Third-Party Services when connecting them to the Service.
Third Party Services examples are:
- Social Media Networks
Third-Party Data (Customers)
XHOCKWARE may receive data about organizations, industries, marketing campaigns and other matters related to our business from affiliates and subsidiaries, our partners or others that we use to make our own information better or more useful. This data may be combined with Usage Information we collect and might include aggregate level data, such as which IP addresses correspond to zip codes or countries. Or it might be more specific, for example, online marketing or email campaign.
Additional Information Provided
We receive Usage information when submitted to our Servers when the Customer interacts with our social media accounts or otherwise communicates with the company.
Certain Information is collected automatically and, if some Information is not provided, we may be unable to provide the Service.
4. How We Use Information
Customer’s Data will be used by XHOCKWARE in accordance with Terms of Service as accepted when signing the contract.
Customer (3rd party) Data will be used by XHOCKWARE in accordance with Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. XHOCKWARE is a processor of Customer Data and Customer is the controller.
Customer may, for example, assign roles and configure settings, access, modify, export, share and remove Customer Data and otherwise apply its policies to the Services.
XHOCKWARE Gets Usage Information:
- To provide, update, maintain and protect our Service and business. This includes the use of Usage Information to support the delivery of the Service under a Customer Agreement, prevent or address service errors, security or technical issues, analyse and monitor usage, trends, and other activities.
- As required by applicable law, legal process or regulation.
- To develop and provide search, learning and productivity tools, and additional features. XHOCKWARE tries to make the Services as useful as possible for Customers.
For example, we may improve coupon personalization by using Usage Information to help determine and rank the relevance of content, make Services suggestions based on historical use and predictive models, identify trends and insights, to customize a Services experience or create new features.
- To send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices, such as security and fraud notices. These communications are considered part of the Services and you may not opt out of them. In addition, we sometimes send emails about new product features, promotional communications or other news about XHOCKARE services. These are marketing messages so you can control whether you receive them.
- To investigate and help prevent security issues and abuse.
5. Data Retention
XHOCKWARE will retain Customers Data in accordance with Customers consent, including any applicable terms of the Customer Agreement, and as required by applicable law. The deletion of Customers Data and other users of the Services by Customer may result in the deletion and/or de-identification of certain associated Usage Information.
6. How We Share And Disclose Information
Only when we have your explicit consent to do so, we may share company information with companies, organizations or individuals outside of XHOCKWARE.
If requested for legal purposes, we may share company information with companies or organizations to meet any applicable law, regulation, legal process or enforceable governmental request, enforce applicable Terms of Service, including investigation of potential violations or to detect, prevent, or otherwise address fraud, security or technical issues.
Customer’s Instructions (Retailers)
XHOCKWARE may share and disclose Customer Data in accordance with a Customer’s consent, including any applicable terms in the Customer Agreement and in compliance with applicable law and legal process.
Users’ Instructions – Data Portability
XHOCKWARE will share and disclose Customers Data and Usage Information in accordance with Customers instructions, including any applicable terms in the Terms of Service, and in compliance with applicable law and legal process.
Customer representatives and authorized personnel may be able to access Usage Information.
This may include, for example, accessing sales details, usage data related to couponing, service metrics related to your usage of the service in stores.
Third-Party Service Providers and Partners
We may involve third party companies or individuals as business partners to process Usage Information and support our business.
These third parties may, for example, provide virtual computing and storage services. Additional information about the sub-processors we use will be available.
XHOCKWARE may use services like Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP) for cloud servers and online storage. Amazon’s security policies can be found here. Azure security policy can be found here. GCP security policies can be found here. Other providers may be added in the future. Their Security Policies should be referenced here.
XHOCKWARE will assure that any third-party with access for any reason to Company information or usage information will be bound by contract, fully complying with these terms, and meeting or exceeding XHOCKWARE’s confidentiality level.
Aggregated or De-Identified Data
We may disclose or use aggregated or de-identified Usage Information for any purpose. For example, we may share aggregated or de-identified Usage Information with prospects or Customers for business or research purposes.
To Comply with Laws
If we receive a request for information, we may disclose Usage Information if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process.
Please see the Data Request Policy to understand how XHOCKWARE responds to requests to disclose data from government agencies and other sources.
To enforce our rights, prevent fraud, and for safety. To protect and defend the rights, or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.
With your consent
XHOCKWARE may share Usage Information with third parties when we have your explicit consent to do so.
XHOCKWARE takes the security of data very seriously. XHOCKWARE works hard to protect Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Information we collect, process and store, and the current state of technology.
Given the nature of communications and information processing technology, XHOCKWARE cannot guarantee that Information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others.
XHOCKWARE will continuously seek to increase the security of your data. In the case of a Company Data breach, Shoppster, without undue delay and where feasible, not later than 72 hours after detection, will notify the Company Data breach to the supervisory authority competent in accordance with GPDR Article 55.
Any delay to report to the supervisory authority will be accompanied by detailed reasons.
9. International Data Transfers Privacy Shield And Contractual Terms
XHOCKWARE may transfer your Company Data to countries other than the one in which you live. We deploy the following safeguards if XHOCKWARE transfers Company Data originating from the European Union or Switzerland to other countries not deemed adequate under applicable data protection law:
- E.U.-U.S. Privacy Shield and Swiss-U.S. Privacy Shield. To comply with European Union and Swiss data protection laws, XHOCKWARE self-certified under the E.U.-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield.
These frameworks were developed to enable companies to comply with data protection requirements when transferring company data from the European Union and Switzerland to the United States. To learn more about the Privacy Shield Program, please see http://www.privacyshield.gov/welcome.
- European Union Model Clauses. XHOCKWARE offers European Union Model Clauses, also known as Standard Contractual Clauses, to meet the adequacy and security requirements for our Customers that operate in the European Union, and other international transfers of Customer Data.
10. Data Protection Officer
XHOCKWARE does not formally require the role of a Data Protection Officer.
However, if you have any question, request, complain related to Data Protection or your Privacy Rights, you can reach our teams through the contacts on our website, or e-mail us at firstname.lastname@example.org
11. Identifying The Data Controller And Processor
XHOCKWARE is the controller and processor of Company’s Data and the controller of Usage Information.
XHOCKWARE is the controller of Information and a processor of Customer Data relating to Usage Data.
12. Your Rights
Companies located in certain countries, including the European Economic Area, have certain statutory rights in relation to their company data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information.
You can usually do this using the settings provided in the Shoppster platform. If you cannot use the settings, contact user support for additional assistance (email@example.com)
To the extent that XHOCKWARE’s processing of your Company Data is subject to the General Data Protection Regulation, XHOCKWARE relies on its legitimate interests, described above, to process your data. XHOCKWARE may also process other information that constitutes your Company Data for direct marketing purposes and you have a right to object to XHOCKWARE’s use of your Company Data for this purpose at any time.
- Restrict XHOCKWARE use of Information that constitutes your Company Data.
- If your company is in the European Economic Area and believe we maintain your Personal Data within the scope of the General Data Protection Regulation (GDPR), you may direct questions or complaints to our lead supervisory authority:
Comissão Nacional de Proteção de Dados (Portugal)
R. de São Bento 148,
Telefone: 21 392 8400
14. Contacting XHOCKWARE
You may contact us at firstname.lastname@example.org