ERPLY may collect and receive Customer Data, other information and data (“Other Information”) in a variety of ways. When you visit or use our Website or Services in any way, we collect and process different types of information about you:
Generally, no one is under a statutory or contractual obligation to provide any Customer Data or Other Information (collectively, “Information”). However, certain Information is collected automatically and, if some Information, such as Workspace setup details, is not provided, we may be unable to provide the Services. Moreover, certain information provided by Customer to ERPLY can vary depending on the agreed-upon contractual obligations of both parties and hence this list of data being processed by ERPLY can differ. ERPLY is not obligated to know about the data which the Customer inserts into the ERPLY Services and Websites, and Customer is 100% owner of their data, hence Controller to their data and obligated to follow the current Data Protection Law.
Our Websites and Services may, from time to time, contain links to third-party websites. If you follow a link to any of those third party websites, please note that those websites have their own privacy policies and we do not accept any responsibility or liability for those practices. Please check those policies before you submit any personal data to those websites.
To the extent prohibited by applicable law, ERPLY does not allow the use of our Services and Websites by anyone younger than 16 years old. If you learn that anyone younger than 16 has unlawfully provided us with personal data, please contact us and we will take steps to delete such information. Insertion of Customer Data containing personal data of individuals younger than 16 years old into ERPLY is prohibited without parental or another guardian lawful permission.
Customer Data will be used by ERPLY in accordance with Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by Data Protection Law or other applicable law. ERPLY is a processor of Customer Data and Customer is the controller.
ERPLY uses Other Information in furtherance of our legitimate interests in operating our Services, Websites, and business. More specifically, ERPLY uses Other Information:
This section describes how ERPLY may share and disclose Information. Customers determine their own policies and practices for the sharing and disclosure of Information, and ERPLY does not control how they or any other third parties choose to share or disclose Information.
ERPLY takes security of data very seriously. ERPLY works hard to protect Other Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Other Information we collect, process and store, and the current state of technology. ERPLY has signed confidentiality agreements with our personnel. The personnel will receive training when onboarding and as well as on an ongoing basis. ERPLY transfers your data over secure protocols and data is kept only on dedicated environments which ERPLY fully owns at our hosting partners. The environment that hosts the ERPLY services maintains multiple certifications, including ISO 27001 compliance. To learn more about current practices and policies regarding security and confidentiality of the Services, please see our Security Practices. Given the nature of communications and information processing technology, ERPLY cannot guarantee that Information, during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others.
We store your personal data during the time that you are a Customer of the ERPLY Services, and for up to ten years after you cease to be a Customer or User. If you have never been a Customer or registered User of ERPLY, but have consented to receive marketing inquiries or other information from ERPLY, we may store your data until you have opted-out from marketing subscription. We reserve the right to store or delete your personal data earlier or later than set forth herein if required to do so by an applicable law or regulation, including the current Data Protection Law and for the exercise or defense of legal claims.
ERPLY is committed to ensuring that you have control and visibility to your personal data and it´s processing. Below is a summary of your rights and additional commitments from ERPLY. You may exercise your rights by contacting us at dpo(@)erply.com. ERPLY will only process requests from individuals directly associated to ERPLY Services, hence will only process requests about Personal Data for which ERPLY is controller party. It is your responsibility to ensure that any information you have provided to us is accurate and up-to-date.
The right of Access. You can request a copy of the personal data we hold about you.
Right to Erasure (‘Right to be Forgotten’). You have the right to request that your personal data be deleted in certain circumstances including:
Right to Restriction of Processing. You can ask us to restrict the use of your personal data where:
We can continue to use your personal data:
Right to Data Portability. Where you have provided personal data to us, you have a right to receive such personal data back in a structured, commonly-used and machine-readable format, and to have those data transmitted to a third-party data controller without hindrance but in each case only where:
Right to Object. You have a right to object to the processing of your personal data in those cases where we are processing your personal data in reliance on our legitimate interests. In such a case we will stop processing your personal data unless we can demonstrate compelling legitimate interests which override your interests. You also have the right to object where we are processing your personal data for direct marketing purposes.
If you do not want to receive newsletters, announcements, or other communications and/or services from the ERPLY, please do not opt-in for those communications or services at the time of registration. ERPLY only exercises two types of consents which of first is required for us to provide Services to Customer and such consent can be only opted-out once legal agreement and obligations between ERPLY and the Customer has ended. If Customer has opted-in to direct marketing consent, the Customer is given the option to discontinue receiving future communications (i.e., unsubscribe) from ERPLY via e-mail. Simply follow the unsubscribe process or directions provided at the bottom of the e-mail.
Automated Decision-Making. In ERPLY no such functionality exists in our standard Services and we do not exercise any automated decision-making for our business or other processes. If any of our Customers exercises such decision-making to process the individual´s personal data, such individual should contact the Customer with such requests.
Right to Complain. You have the right to lodge a complaint with the Data Protection Authority, in particular in the Member State of your residence, place of work or place of an alleged infringement, if you are unhappy with how we are processing your personal data. We will respond to your request in writing, or orally if requested, as soon as practicable and in any event not more than one month after receipt of your request. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. We will inform you of any such extension within one month of receipt of your request. We may request proof of identification to verify your request. All requests should be addressed to dpo(@)erply.com.
ERPLY keeps all European Customer data in EU data centers only. ERPLY may transfer your Personal Data to countries other than the one in which you live. We deploy the following safeguards if ERPLY transfers Personal Data originating from the European Union or Switzerland to other countries not deemed adequate under applicable data protection law:
To communicate with our Data Protection Officer, please email dpo(@)erply.com.
Data protection law in certain jurisdictions differentiates between the “controller” and “processor” of information. In general, Customer is the controller of Customer Data. In general, ERPLY is the processor of Customer Data and the controller of Other Information. Different ERPLY entities provide the Services in different parts of the world.
CHANGE COOKIE SETTINGS
Cookies are small text files sent by us to your computer or mobile device. They are unique to your account or your browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire. ERPLY uses use both session-based and persistent cookies, of which some may be third-party cookies.
To find out more about cookies, visit this site.
Some cookies are associated with your account and personal information in order to remember that you are logged in and other cookies are not tied to your account but are unique and allow us to carry out analytics and customization, among other similar things. Cookies can be used to recognize you when you visit a Site or use our Services, remember your preferences, and give you a personalized experience that’s consistent with your settings. Cookies also make your interactions faster and more secure.
|Categories of Use||Description|
|Authentication||These cookies help us show you the right information and personalize your experience.|
|Security||Some cookies enable and support our security features, and to detect malicious activity.|
|Preferences, Features, and Services||Cookies can tell us which language you prefer, your communications preferences, features, insights, and other customized content.|
|Cookie Name||Cookie Purpose||Expires|
|Cookie preferences:gdpr[allowed_cookies], gdpr[consent_types]||The cookie preferences are stored to retain visitor choices in the main cookie banner. This means that the main cookie banner can be minimised on future visits.||One year|
|Cloudflare:_cfduid, _cfduid||Set by the Cloudflare service. It is used to improve site speed and performance and does not record any personal information.||6 months|
|CONSENT||Used by Google for cookie consent settings||20 years|
|NID||Unique ID used to remember preferences.||6 months|
|SIDCC||Security cookie to protect users data from unauthorised access||3 months|
|SSID||Used by Google to store user preferences and information.||2 years|
|1P_JAR||Used by Google to store user preferences and information.||1 month|
|1P_JAR||Used by Google to store user preferences and information.||1 month|
|APISID||Used by Google to store user preferences and information.||2 years|
|HSID||Used by Google to store user preferences and information.||2 years|
|SAPISID||Used by Google to store user preferences and information.||2 years|
In some browsers, you can set up cookie management rules. This means is that you can disallow cookies from sites that you don´t trust. If you limit the ability of websites and applications to set cookies, you may worsen your user experience, stop having customized settings, and lose the ability to access the services. Browser manufacturers provide help relating to cookie management in their products. Such information can be found at:
For other browsers, please consult the documentation that your browser manufacturer provides. Some cookies can be opted-out on the third party sites, for example, Google Analytics. For mobile platforms, you can change your device settings to control whether you see interest-based marketing ads.