PRIVACY POLICY

About Sensorpro

Sensorpro is a platform that a business can use for messaging & feedback with their customers. The platform is made and hosted in the EU. This privacy policy is for Customers using the platform and for their Subscribers.

Customers who use the platform must read and accept our Acceptable usage policy. Customers must identify themselves using Two-factor authentication by phone to access their account. Subscribers must have consented to communications under GDPR consent and legitimate interest terms, Recital 40

GDPR terms

This Privacy policy makes use of specific GDPR terms:

Data Controller

Under GDPR, the Sensorpro Customer is the Controller. This is usually the business with an account on our platform.

Data Processor

Under GDPR, Sensorpro is the Processor. Our platform physically sends the messages or gathers feedback under instruction by our Customer. Sensorpro does not engage with any other third-party to perform the processing. All processing is carried out in the EU within our secure ISO27001 certified datacenter.

Data subject

Under GDPR, The Data subject is an EU individual that shares personal data. For the purpose of this privacy policy, our Customer shares personal data with us and therefore a Data subject.

Subscribers share personal data with our Customers, governed by the Privacy policy of our Customer.

As a Processor, we have obligations to both under GDPR Article 29. We outline in the text where it's important to know the difference.

How we adhere to your rights under GDPR

This privacy policy is organised around how we adhere to the basic rights an EU individual has under GDPR:

1 What information is collected

[Customer] When you create an account as a Customer, we store personal information that includes your name, your business name, your email address, your telephone number, your business address. We record the email address, IP address and date/time of when you created the account and we verify the account using a phone number. When you make an online payment on your account, we use the services of Paypal Inc. We do not store credit card or bank information in our platform. When you make a manual payment, you may supply your bank details to us for the purpose of writing a cheque or sending an electronic payment.

We only use First-party Cookies on our sites. When you use our site, we place a cookie in your browser to manage using our product. We also use Google Analytics which places cookies in the browser that collects IP Address, time of visit, Country and browser type. We use Session storage in the browser to detect a returning visitor and display different content for each visit.

[Subscriber] When a Subscriber opts into communications from our Customer based on either consent or legitimate interest (Recital 40) they may receive communications as specified in the consent form or legitimate interest. The Customer may store information that includes your IP address and email address at a minimum. The customer can store further information that includes address, gender, social media account names, answers to survey questions. The information is only collected with the permission given by the Subscriber. When a Subscriber opens an email, a tracking pixel is used to indicate if the email was opened or not.

2 How the information is used

[Customer] We use the personal data you provide us to secure your account, identify you as the owner of the account and manage payments. From time to time we will send you messages and surveys in relation to updates about your account such as campaign analytics, payment confirmations and product roadmap.

[Subscriber] Customers use your Subscriber personal data to send messages and and gather feedback. They may use the data for profiling so that, for example, subscribers with different interests or NPS score receive different messages. Subscribers can request to be removed from profiling.

3 What information we share.

[Subscriber] We do not share your information with any third-party and your data does not leave the EU.

[Customer] We may include your email address and social media account on our advertising account with Google Adwords, Linkedin and Twitter Ads for the purposes of advertising to other Customers like you. These companies may export this information outside the EU.

It's important to note we do not, under any circumstances, share your Subscriber data which is private to you and governed by your Privacy policy.

4 EU GDPR Right to be forgotten.

[Subscriber] Sensorpro has a specific tool to exercise your right to be forgotten under EU GDPR. When you unsubscribe you can also ask that the Right to be forgotten be processed by the Customer. Customers can find the option on the Subscriber dashboard: accessibility

[Customer] To exercise your right to be forgotten, contact support@sensorpro.net with your account details.

5 EU GDPR Proof of consent.

[Subscriber] To exercise your right to access proof of consent, your customer has specific tools on the Subscriber dashboard to produce this report. Contact your Customer to provide proof of consent.

[Customer] Contact support@sensorpro.net for your proof of consent. As a Customer, we have legitimate interest in contacting you from time to time about your account in terms of payment status, availability or changes to how it works.

6 EU GDPR Right to restrict processing

Under EU GDPR you can restrict how your personal information is used. For example, you could opt-in to a newsletter but ask that your Gender or other personal information is not used. To restrict processing, indicate this on the signup form or let the controller know.

7 Security of infrastructure

Any information you provide is stored in our highly secure ISO27001 data centre in Dublin, Ireland. Information you provide is secured in transit with SSL/TLS. Information is encrypted at rest when the Customer makes use of our Data at Rest encryption option. Our platform undergoes penetration testing on a daily basis.

In order to access the platform, Customers are required to use Two-factor authentication. They optionally may employ login lockdown so that access is only allowed from specific locations based on an IP address.

8 How long do we keep your data?

[Customer] We retain your data as long as you are a customer for the purpose of carrying out business with you. When you are no longer a customer, we remove all records within 3 months outside of any record required for accounting audit purpose and the details of any communications consent given.

[Subscriber] Our customer retains your data as long as you are a subscriber. Once you opt-out or exercise the right to be forgotten, your data is removed outside of any communications consent.

Identity of the Controller and Processor

We are registered with the Data Protection Authority of Ireland No 17017/A

[Customer] The Controller and Processor is:

Sensorpro, SAI House, Lonsdale road, Plassey V94 RT7C, Ireland.
tel +353 61 234500
email support@sensorpro.net

[Subscriber] The Processor is:

Sensorpro, SAI House, Lonsdale road, Plassey V94 RT7C, Ireland.
tel +353 61 234500
email support@sensorpro.net

[Subscriber] The Controller is the company you subscribed to. If you have difficulty in locating this, please contact us.