The Cloud Data Protection Policy of FileHound, developed by Element3 Software Limited, is committed to protecting the privacy of its customers.
For the purpose of the Data Protection Act 2018 (the Act) and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR), Element3 Software Limited is the data controller, with registration number 07308314, and its office is located at Star House, Star Hill, Rochester, Kent, England, ME1 1UX.
Definitions:
The following expressions and words shall have the meanings set out below in this Data Protection Policy:
"Customer" means any Client, Agent or Reseller as defined in any supporting agreements.
"Customer Personal Data" means Personal Data that the Processor processes while providing the Services under the Agreement, controlled by the Customer and its customers (where applicable) and subject to Privacy Laws.
"Data Controller" shall have the meaning as interpreted under the Privacy Laws.
"Data Processor" shall have the meaning as interpreted under the Privacy Laws.
"Data Subject" shall have the meaning as interpreted under the Privacy Laws.
"Privacy Laws" means all applicable EU data protection and privacy laws.
"GDPR" means the General Data Protection Regulation (EU) 2016/679.
"Personal Data" shall have the meaning as interpreted under the Privacy Laws.
"Processor" means Element3 Software Limited, the official developer of FileHound Document Management.
Policy
Element3 Software Limited acknowledges that the Customer is the Data Controller, and the Processor is the Data Processor, in relation to the Customer Personal Data. The Processor accepts that it remains responsible and liable under the Privacy Laws, and nothing in this agreement relieves the Processor of these responsibilities and liabilities.
The Processing of Customer Personal Data is for the purpose of performing the Services and will continue until the Processor ceases to provide Services to the Customer. The nature and purpose of the Processing, the types of Personal Data, and the categories of Data Subjects are set out below:
"Subject matter of the Processing": The subject matter for Processing results from the Service Agreement between the Data Controller and the Data Processor.
"Nature and purpose of the Processing": The Processing of the Personal Data in the course of the Processor delivering cloud-based hosting services as more particularly described in the FileHound Cloud Customer Service Level Agreement (SLA).
"Type of Personal Data": Personal data may include personal contact information, employment details, financial details, goods and services provided, unique IDs, IP addresses, behavior and interest data, and any other data the Data Controller may include as part of Processing.
"Categories of Data Subject": Data Subjects may include the Customer’s representatives and end users, such as employees, job applicants, contractors, collaborators, partners, customers and users of the Customer, and any other Data Subjects the Data Controller may elect to include as part of Processing.
When the Processor Processes Customer Personal Data in providing Services, the Processor will:
Process Customer Personal Data only in accordance with written instructions from the Customer.
Take reasonable steps to ensure the reliability and competence of the Processor personnel who have access to Customer Personal Data.
Implement and maintain Appropriate Technical and Organisational Measures to protect Customer Personal Data against unauthorised or unlawful processing, and against accidental loss, destruction, damage, theft, alteration or disclosure.
Make available to the Customer all information necessary to demonstrate compliance with obligations, and allow the Customer and its authorised agents to conduct audits and inspections.
Not give access to or transfer any Customer Personal Data to any third party without the prior written consent of the Customer.
Notify the Customer immediately if an instruction for the Processing of Customer Personal Data given by the Customer infringes applicable Privacy Laws.
Communicate any claims or requests related to Customer Personal Data to the Customer without delay.
Notify the Customer without undue delay if there is a Personal Data Breach, provide a detailed description of the breach, the type of Customer Personal Data that was affected, and the identity of each affected person, and not release or publish any filing, communication, notice, press release, or report concerning the breach without the Customer's prior written approval.
Agree to any changes reasonably required by the Customer to incorporate any element of standard contractual clauses adopted by the European Commission, pursuant to Article 28(7) or Article 28(8) of the GDPR, for the matters referred to in Article 28(3) and Article 28(4) of the GDPR.
Not process Customer Personal Data outside the European Economic Area, or a country with a valid adequacy decision issued by the European Commission, without the prior written consent of the Customer, and subject to the terms of the model clauses for the transfer of Personal Data to data processors established in third countries adopted by the European Commission or any replacement or additional form approved by the European Commission or as applicable in the UK.
Other important privacy information:
Additional information on Element3 & FileHound's approach to customer privacy can be found in your signed agreement with FileHound.
Review of this Policy:
This Cloud Data Protection Policy will be under regular review, and any updates will be placed on the knowledge base. The last review of this policy was conducted in April 2023.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article