Data Privacy and Security Policy for Chenosis Developer Portal (sandbox version)
- THE PRODUCTS AND SERVICES WE PROVIDE
- THE TYPES OF PERSONAL DATA WE COLLECT
- HOW WE USE YOUR INFORMATION
- DISCLOSURE OF YOUR INFORMATION TO THIRD PARTIES
- INTERNATIONAL TRANSFERS OF PERSONAL DATA
- HOW WE SAFEGUARD YOUR INFORMATION
- HOW LONG WE KEEP YOUR PERSONAL DATA
- YOUR RIGHTS
- CONTACTING US
- Chenosis with its registered office at 216, 14 Avenue, Fairland, Roodepoort, Republic of South Africa, 2195 and with company number 2004/006343/07 and other companies in the Chenosis group collect and use certain Personal Data. Chenosis is responsible for ensuring that it uses that Personal Data in compliance with data protection laws
THE PRODUCTS AND SERVICES WE PROVIDE
THE TYPES OF PERSONAL DATA WE COLLECT
Chenosis requires certain Personal Data about you in order to make the Chenosis Developer Portal and related services available to you. You may be unable to access the Chenosis Developer Portal if such Personal Data are not provided. In relation to your use of the Chenosis Developer Portal, we will collect and otherwise process the following Personal Data about you:
Information that you provide to Chenosis
This includes Personal Data about you that you provide to us and may include (by way of a non-exhaustive list):
- basic Personal Data, such as first name, family name, email address and phone number; and
- any information that you choose to share on the Chenosis Developer Portal which falls within the definition of Personal Data.
Information that we collect or generate about you
This includes Personal Data about you which we generate or collect and may include (by way of non-exhaustive list):
- a file with your contact history to be used for enquiry purposes so that we may ensure that you are satisfied with the services which we have provided to you;
- information on your use of the Chenosis Developer Portal, including the number of times you visit a page, your interactions with the page, how long you spend on the site, how long you spend on each page and the what medium of communication you have used to arrive on the Chenosis Developer Portal; and
- activity data relating to the number of APIs registered on the Chenosis Developer Portal.
Information we obtain from other sources
This includes Personal Data about you provided to us by third-party service providers, agencies or other publicly available sources where applicable.
When you visit the Chenosis Developer Portal, cookies are used to collect technical information about the services that you use, and how you use them.
In addition to the categories of Personal Data described above, Chenosis may also process further anonymised information and data which cannot be related to a specific individual and will not constitute Personal Data.
- Information that you provide to Chenosis
- Chenosis requires certain Personal Data about you in order to make the Chenosis Developer Portal and related services available to you. You may be unable to access the Chenosis Developer Portal if such Personal Data are not provided. In relation to your use of the Chenosis Developer Portal, we will collect and otherwise process the following Personal Data about you:
HOW WE USE YOUR INFORMATION
Your Personal Data may be stored and processed by us in the following ways and for the following purposes:
- to set up, authenticate and register you on the Chenosis Developer Portal, including sending email verification links;
- to allow you to manage your account on the Chenosis Developer Portal and to access all functionalities;
- to allow you to use and access the functionalities provided by the Chenosis Developer Portal;
- to send you alerts regarding your usage of the Chenosis Developer Portal;
- for ongoing review and improvement of the information provided on the Chenosis Developer Portal to ensure they are user friendly and to prevent any potential disruptions or cyber-attacks;
- to conduct analysis required to detect malicious data and understand how this may affect your IT system;
- for statistical monitoring and analysis of current attacks on devices and systems and for the on-going adaptation of the solutions provided to secure devices and systems against current attacks;
- to understand feedback on the Chenosis Developer Portal, Chenosis services and to help provide more information on the use of such services quickly and easily;
- to communicate with you in order to provide you with services or information about Chenosis, the Chenosis Developer Portal, or other related services;
- for in-depth threat analysis or for the purposes of protecting our own IT security systems;
- to understand your needs and interests;
- for the management and administration of our business;
- in order to comply with and in order to assess compliance with applicable laws, rules and regulations, and Chenosis’s internal policies and procedures; or
- for the administration and maintenance of databases storing Personal Data.
Irrespective of how we process Personal Data we will always make sure that the processing is permitted under applicable data privacy laws. We process Personal Data about you if:
- we need to do so in order to perform our contractual obligations with you;
- we have obtained your consent;
- we have legal and regulatory obligations that we have to discharge;
- we may need to do so in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings; and/or
the use of your Personal Data as described is necessary for our legitimate business interests, such as:
- allowing us to effectively and efficiently manage and administer the operation of our business;
- maintaining compliance with internal policies and procedures;
- monitoring the use of our copyrighted materials;
- enabling quick and easy access to information for the purposes of providing services on the Chenosis Developer Portal;
- offering optimal, up-to-date security solutions for mobile devices and IT systems; and/or
- obtaining further knowledge of current threats to network security in order to update our security solutions and provide these to the market.
- Your Personal Data may be stored and processed by us in the following ways and for the following purposes:
DISCLOSURE OF YOUR INFORMATION TO THIRD PARTIES
We may also share your Personal Data outside of the Chenosis group of companies for the following purposes:
With third party agents and contractors providing services to Chenosis
To third parties designated by you
These may be, as the case may be, other Developers and/or End-Users specifically selected by you.
To the extent required by law
For example, if we are under a duty to disclose your Personal Data in order to comply with any legal obligation (including, without limitation, in order to comply with tax reporting requirements and disclosures to regulators), or to establish, exercise or defend our legal rights.
If we sell our business or assets, or if we are acquired by a third party
In that case we may need to disclose your Personal Data to the prospective buyer for due diligence purposes.
- With third party agents and contractors providing services to Chenosis
INTERNATIONAL TRANSFERS OF PERSONAL DATA
- While we typically store your Personal Data on IT systems located in the EEA, Chenosis is a global business and our operations are spread around the world. As a result, we collect and transfer Personal Data on a global basis in order to provide services effectively. That means that we may transfer your Personal Data to locations outside of your country, including in some cases to a country outside the EEA.
Where we transfer your Personal Data to another country outside the EEA, we will ensure that it is protected and transferred in a manner consistent with legal requirements. In relation to data being transferred outside the EEA, for example, this may be done in one of the following ways:
- the country that we send the data to might be approved by the European Commission as offering an adequate level of protection for Personal Data (by way of example, Switzerland and the United States are approved countries);
- the recipient might have signed up to a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your Personal Data;
- the recipient may have adhered to binding corporate rules (only for intragroup transfers);
- where the recipient is located in the US, it might be a certified member of the EU-US Privacy Shield scheme; or
- in other circumstances the law may permit us to otherwise transfer your Personal Data outside Europe.
- You can obtain more details of the protection given to your Personal Data when it is transferred outside the EEA (including a copy of the standard data protection clauses which we have entered into with recipients of your Personal Data) by contacting us as described in Section 11 below.
HOW WE SAFEGUARD YOUR INFORMATION
- We have extensive controls in place to maintain the security of our information and information systems. Developers and client files are protected with safeguards according to the sensitivity of the relevant information. Appropriate controls (such as restricted access) are placed on our computer systems. Physical access to areas where Personal Data is gathered, processed or stored is limited to authorised employees.
- As a condition of employment, Chenosis employees are required to follow all applicable laws and regulations, including in relation to data protection law. Chenosis does not collect Special Category Personal Data as part of the Chenosis Developer Platform. In relation to any other Chenosis products or services, access to sensitive Personal Data is limited to those employees who need to it to perform their roles. Unauthorised use or disclosure of confidential client information by an Chenosis employee is prohibited and may result in disciplinary measures.
- When you contact an Chenosis employee about your file, you may be asked for some Personal Data. This type of safeguard is designed to ensure that only you, or someone authorised by you, has access to your file.
HOW LONG WE KEEP YOUR PERSONAL DATA
How long we will hold your Personal Data for will vary and will be determined by the following cumulative criteria:
The purpose(s) for which we are using it
Chenosis will need to keep your Personal Data for as long as is necessary for those purposes. Chenosis’s standard retention policy is to keep Personal Data for a duration of 24 months after the end of each contractual relationship, unless a longer period may be required for example in case of dispute or for litigation purposes.
Laws or regulation may set a minimum period for which Chenosis has to keep your Personal Data.
- The purpose(s) for which we are using it
- How long we will hold your Personal Data for will vary and will be determined by the following cumulative criteria:
In all the above cases in which we collect, use or store your Personal Data, you may have the following rights, and, in most cases, you can exercise them free of charge. These rights include:
- the right to obtain information regarding the processing of your Personal Data and access to the Personal Data which we hold about you;
- the right to withdraw your consent to the processing of your Personal Data at any time. Please note, however, that we may still be entitled to process your Personal Data if we have another legitimate reason for doing so. For example, we may need to retain Personal Data to comply with a legal obligation;
- in some circumstances, the right to receive some Personal Data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to Personal Data which you have provided directly to Chenosis;
- the right to request that we rectify your Personal Data if it is inaccurate or incomplete;
- the right to request that we erase your Personal Data in certain circumstances. Please note that there may be circumstances where you ask us to erase your Personal Data, but we are legally entitled to retain it;
- the right to object to, or request that we restrict, our processing of your Personal Data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your Personal Data but we are legally entitled to refuse that request; and
- the right to lodge a complaint with the relevant data protection regulator if you think that any of your rights have been infringed by us.
- You can exercise your rights by contacting us using the details listed in Section 11 below.
- Further information about your rights may be obtained by contacting the supervisory data protection authority located in your jurisdiction. A list of current members of the European Data Protection Board is available here: https://edpb.europa.eu/about-edpb/board/members_en.
- In all the above cases in which we collect, use or store your Personal Data, you may have the following rights, and, in most cases, you can exercise them free of charge. These rights include:
Types of cookies and purposes
Cookies used on the Chenosis Developer Portal are used to record information necessary for the proper functioning of the Chenosis Developer Portal and the services offered to you, the audience measurement, use monitoring and security.
Cookies are placed by Chenosis and, if applicable, its business partners, third party agents and contractors (without Chenosis being held responsible for the placement of Cookies by its partners, third party agents and contractors).
Each time you are identified on the Chenosis Developer Portal, a Cookie is placed allowing secure identification of the computer or hardware used and your navigation on the Chenosis Platform. This Cookie allows services to be provided seamlessly and therefore without re-identification. This Cookie is invalidated when the browser is closed or after a period of inactivity on the Chenosis Platform.
Deactivation of cookies
Cookies following visits are kept for a maximum of 12 months from the first visit.
You can configure your browser software so that Cookies are saved in your terminal or rejected, either systematically or according to their issuer.
You can also configure your browser so that the acceptance or rejection of Cookies are proposed to you punctually, before a Cookie is likely to be registered in his/her terminal.
For the management of Cookies and related choices, the configuration of each browser is different. It is described in the help menu of your browser, which will allow you to know how to modify your preferences in terms of Cookies.
The procedures are described in the help menu for the following software:
If you are accessing the Chenosis Developer Portal via a mobile device, you should consult the relevant handbook or manual for that mobile device in order to disable cookies.
If you would like to learn more about cookies in general and how to manage them, please visit aboutcookies.org.
- Any written request must be accompanied by a photocopy of an identity (ID) card bearing the signature of the holder. Chenosis may address request within a period of one (1) month, following receipt of the request, except in exceptional circumstances.