Privacy notice

Privacy Notice – General users and clients Effective from 20th Dec 2022

Introduction

We appreciate the trust you place in us when sharing your personal data. Movate (formerly CSS Corp) including its subsidiaries and affiliates Movate Technologies Services Limited, Dalian China; Movate Costa Rica Technology Services Limitada, Costa Rica; Movate Technologies Private Limited, India; Movate ICT Services SDN BHD, Malaysia; Movate Technologies (Mauritius) Limited, Mauritius; , Movate ICT Services, Inc. Philippines; Movate SP Z.O.O, Poland; Movate ICT Services PTE Limited., Singapore; Cybernet Software Systems, Inc. USA; Movate Inc., USA; Movate UK Limited., UK; OnDemand Answers Inc., US

;Movate Belgium BV, Belgium; Movate Technologies S.R.L., Romania; Movate Colombia SAS, Colombia; CSS Corp Europe Limited – Sucursal Em Portugal; respects the privacy of its customers, business partners, and all relevant stakeholders. In this document, we will explain how we collect, use, and protect your personal data. We will also explain what rights you have with regards to your personal data and how you can exercise those rights. This document also describes the measures we take to protect the security of the information and how individuals can contact us about our privacy practices.

We take the security of all the data we hold very seriously. We adhere to internationally recognized security standards and our information security management system relating to client confidential data is independently certified as complying with the requirements of ISO/IEC 27001: 2013. We have a framework of policies, procedures, and training in place covering data protection, confidentiality, and security and regularly review the appropriateness of the measures we have in place to keep the data secured. We have developed our Data Privacy policy in line with the requirements of the European Union Data Protection Directive (Directive 95/46/EC) and the General Data Protection Regulation (in force from 25 May 2018) and applicable national laws.

1.  The information we collect

We collect and use the contact details of our customers, clients, and customers in order to manage and maintain our relationship with those individuals. Our policy is to collect only the personal data necessary for agreed purposes and we ask our clients only to share personal data where it is strictly needed for those purposes. The personal data may include Name, email ID, Home address, Work address, phone numbers, and job titles. In some cases, we also need invoice details, delivery addresses, payment credit card details, and any other information which you provide to process our activity.

IP Addresses

Movate web servers gather your IP address to assist with the diagnosis of problems or support issues with our services, and to monitor the use of our Site, including the monitoring of the location of our users.

Cookies and Similar Tracking Technologies.

We and our service providers use technologies on our sites to collect information that helps us improve the quality of our services and the online experience of our visitors and users. In this Privacy Notice, we refer to these technologies, which include cookies. These are small text files stored on your computer or mobile device to remember your actions or preferences over time such as session cookies, flash cookies, HTML5,

and JavaScript. They help deliver and gather usage and performance data and similar technologies from third-party providers and are collectively known as “cookies.” Cookies allow us to personalize your return visits and save you time during certain activitiesby remembering your user preferences – remaining logged on into our site. Most web browsers support cookies and users can control the use of cookies at the individual browser level. Please note that if you choose to disable cookies, it may limit your use of certain features or functions on our sites

2.  How we use your information Providing professional services We provide a diverse range of professional services to our clients and customers. Some of our services require us to process personal data in order to provide maintenance, delivery, advice, and troubleshooting services. For example, we will take the customer’s personal details to verify customer credentials in order to ensure the delivery of technological troubleshooting services to the right customer.

Quality Assurance management

We monitor the services provided to the clients and customers for improving the quality of our services, which may involve processing personal data stored on our or our client’s IT platforms / Operating Systems. We have policies and procedures in place to monitor the quality of our services and security risks management. As part of our process, we also carry out searches using publicly available sources like the internet. Where either we or a customer contact by telephone or any similar voice-over channels, we may record the conversation with our customers for improvement of quality, training, and security purposes, in accordance with our legitimate interests. Our Research and Development team some time use your information to invite you to take part in market research or surveys

Business administration and management

We process personal data in order to run our business, including managing our relationship with our clients, customers, and the third party, developing our businesses and services to accommodate customer satisfaction, like identifying client & customer’s needs and improvements in our service delivery, improving technology in our Information and Communications Technology systems, administration and management of our website and client tools. We also use information you provide to personalize (i) our communications to you; (ii) our website; and (iii) products or services for you, in accordance with our legitimate interests.

We may also send you direct marketing in relation to relevant products and services. Electronic direct marketing will only be sent where you have given your consent to receive it, or (where this is allowed) you have been given an opportunity to opt-out. You will continue to be able to opt-out of electronic direct marketing at any time by following the instructions in the relevant communication.

Legal and regulatory requirements

We need to keep certain personal data to demonstrate that our services are provided in compliance with applicable legal and regulatory requirementsIn the event we are required to disclose personal data to comply with the direction issued by a governmental, statutory or law enforcement authority, we will take commercially reasonable steps to disclose only such information that is required and were permitted by such authorities, we will inform you.

3.  With whom and where will we share your personal data?

We may share your personal data with our subsidiaries to process it for the purposes of inter-group administration and to deliver products or services where elements of these are provided by group companies other than those with which you have directly contracted.

Use of the third party:

We are part of a global network of companies, firms, and other service providers, we use third parties located in other countries to help us run our business in a legitimate way. As a result, personal data may be transferred outside the countries where we and our clients are located. These countries may include countries outside the EU/EEA area. We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EU are done lawfully. Where we transfer personal data outside of the EU to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be under an agreement which covers the EU requirements for the transfer of personal data outside the EU, such as the European Commission approved standard contractual clauses.

We will only share personal data with others when we are legally permitted to do so. When we share data with others, we put contractual arrangements and security mechanisms in place to protect the data and to comply with our data protection, confidentiality, and security standards.

We use third parties to support us in providing our services and to help provide, run, and manage our internal IT systems. For example, providers of information technology, cloud-based software as a service provider, identity management, website hosting and management, data analysis, data back-up, security, and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centers around the world, and personal data may be stored in any one of them.

Corporate Transactions: If Movate is involved in a merger, acquisition, dissolution, sale of all or a portion of its assets, or other fundamental corporate transactions, we reserve the right to sell or transfer your information as part of the transaction. In such an event, you will be notified via email and/or a prominent notice on our website of any change in ownership, incompatible new uses of your personal information, and choices you may have regarding your personal information.
EU – US / Swiss-US Privacy Shield Participation

We participate in the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks and have self-certified to the

4.  How long will you keep my personal data?

We will not keep your personal information for any purpose for longer than is necessary for our processing purposes and will only retain the personal information that is necessary for relation to the purpose. We are also required to retain certain information as required by law or for as long as it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.

Where you are a customer, we will keep your information for the length of any contractual relationship you have with us and after that for a period of 12 months or as per the data retention policy of Movate.

Where you are a prospective customer and you have expressly consented to us contacting you, we will only retain your data (a) until you unsubscribe from our communications; or, if you have not unsubscribed,

(b) while you interact with us and our content; or (c) for 12 months from when you last interacted with us or our content.

In the case of any contact, you may have with our customer services team, we will retain those details for as long as it is necessary to resolve your query and for two weeks after the query is closed.

We will retain your data for a short time beyond the specified retention period, to allow for information to be reviewed and any deletion to take place. In some instances, laws may require Movate to hold certain information for specific periods other than those listed above.

5.  Where is my data stored?

The personal data that we collect from you may be transferred to and stored outside the EU/EEA, UK area at a safe and secure place. It may also be processed by staff operating outside the EU/EEA, UK who works for us under strict security contractors for one of our suppliers, in which case the third country’s data protection laws will have been approved as adequate by the European Commission or other applicable safeguards are in place. Further information may be obtained from our Privacy Team.

6.  What are my rights in relation to my personal data? As a data subject, you have certain rights over your personal data, and data controllers are responsible for fulfilling these rights. Further information about the rights that individuals have and how to exercise them is given below:

Right of access

Right of rectification

At any stage, while your data is in our processing and if you want to update the same, you may email us at privacy.officer@movate.com. We will process your request to the extent it is practically possible for us and we will make corrections based on your updated information.

Right of withdrawal of consent

Where we process personal data based on consent, individuals have a right to withdraw consent at any time. To   withdraw   consent   to   our   processing   of   your   personal   data   please   email   us at privacy.officer@movate.com. We will process your request as early as practically possible.

Right of erasure

7.  Where can I find more information about Movate’s handling of my data?

If you have a complaint about how we have handled your personal data, you may be able to ask us to restrict how we use your personal data while your complaint is resolved. Should you have any queries regarding this Privacy Notice, about Movate’s processing of your personal data, or wish to exercise your rights you can contact Movate’s Privacy Team using this email address: privacy.officer@movate.com.

Contact Us. If you have a question about this Privacy Notice or wish to inquire about our personal information handling practices, please contact us as follows: [Movate INC, Address: 5600 Tennyson Parkway, Suite 255, Plano, Texas 75024, USA”]

Changes to Our Privacy Policy

Movate reserves the right to update or change this privacy statement from time to time and as such, we request you to review our privacy statement periodically on our web site for any further updates or changes that we may have made. If we propose to make any material changes, we will notify you by means of a notice on this page prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

In compliance with the Privacy Shield Principles, MOVATE INC (formerly Slash Support, Inc). commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact MOVATE INC (Formerly Slash Support, Inc). at:

Contact Information:

Name: Karthikeyan Chandrasekaran CISA, CISM, CRISC

Designation: Associate Vice President – Head Information Security (GRC)

Email id: karthikeyan.chandrasekaran@movate.com

MOVATE INC (Formerly Slash Support, Inc). has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the [United States]. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint.  The services of JAMS are provided at no cost to you.

A Note to Children and Parents

Children: We do not process the young person’s data age below 16 years. If you are below 16 years of age and someone asks you to share information about yourself. Before sending any information about yourself over the Internet to us or anyone else, be sure to ask your parents for permission.

Parents: Movate encourages parents to talk to your children about safe and responsible use of their personal information while using the Internet