Privacy Policy

ManagerPlus respects your privacy and takes safeguarding online privacy seriously.

Last update: 10-22-19

 

Who We Are

ManagerPlus Solutions, LLC, (“ManagerPlus”) is a software development organization in the United States that owns and operates the proprietary maintenance management solutions software also called ManagerPlus.  The ManagerPlus software is designed to assist organizations of all sizes better manage the maintenance of their equipment and assets with functionality to organize records, manage work requests, schedule maintenance, and provide parts inventory.  ManagerPlus is a configurable software product that allows the organization to customize the settings and functionality to align with their specific needs.

 

ManagerPlus respects your privacy and takes safeguarding personal data seriously.  Please read the following to understand the privacy practices of ManagerPlus.

 

EU-U.S. Privacy Shield Framework

ManagerPlus Solutions, LLC, complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States.  ManagerPlus Solutions, LLC, has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/list.

 

Personal Data We Process

We collect personal data that (a) you actively submit to us, (b) we receive from our customers, and (c) we obtain for marketing purposes for potential customers and their representatives.  We may process your personal data with or without automatic means, including collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of your personal data.  We do not sell the personal data we collect to other parties.

 

  1. Actively submitted data. You submit personal data to us when you register an account with us through our websites, license our ManagerPlus software, or engage in other interactions or communications with our organization.  We generally process name, physical address, telephone number, e-mail address, and payment information.  We may also process information related to your employment, such as employer address, your job title and role and scheduling information assigned to you and maintenance tasks you perform.

 

You may provide us with additional information to participate at your own initiative in surveys, feedback comments or other interaction including promotions. Participation is optional. If you do not wish to participate in, or provide personal data in connection with such activities, this will not affect your account status or ability to use available services.  In each such case you will know what personal data you provide us with because you actively and voluntarily submit the data.

 

  1. Data received from our customers. Our customers who license our software are granted administration rights to enable them to create user accounts for employees and representatives or others they designate.  Our customers act as Controllers in the use of the software and the collection and processing of personal data to be able to effectively operate the software.  In such cases, our role in processing the personal data provided by our customers is as a Processor, where we process data on behalf of the Controller (who is the customer).  As a Processor, we are bound to process this personal data as part of our Licensing Agreement entered with the customer.  The personal information collected generally includes the name, physical address and phone number of an assigned user, but may also include information related to employment, such as job title and role, scheduling information assigned to an individual and maintenance tasks performed by an individual.  Processing of this personal data is performed on behalf of the customer and for the purpose of providing the services requested by the customer.  “Controller” and “Processor” have the meanings given to such terms in the EU General Data Protection Regulation (“GDPR”).

 

As part of our Education and Information Services, communication is sent to the user to inform them of software features, enhancements, educational tips, available modules, as examples.

 

  1. Data obtained for marketing purposes for potential customers or others. We obtain marketing data that we use to reach out to inform potential customers and others of the services offered by our organization.  The personal data collected generally includes the email address of a potential customer or other and may also include their name and phone number.  We use the contact information provided to us by our customers to also communicate our Education and Information services, which may include a marketing purpose, especially in relation to available modules.

 

  1. Personal data not actively collected or processed. We do not actively collect or otherwise process personal data from minors and include in our License Agreement a condition that the user is not a minor and does not provide personal data of minors.  The age of a minor varies by country.  For the purposes of personal data collected from the European Union, the age of a minor is under age sixteen (16).

 

We do not actively collect or otherwise process special categories of personal data as identified in the GDPR including data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade-union membership, or genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

 

We do not actively collect or otherwise process personal data relating to criminal convictions and offences.

 

Tracking Technologies, Cookies and Clear GIFs

We use tracking technologies, cookies and clear GIFs to collect information.  Tracking technologies are used to collect information from your web browser through our servers or filtering systems when you visit any of our sites.

 

Cookies store small text files onto a user’s computer hard drive with the user’s browser, containing the session ID and other data.  Cookies enable a web site to track a user’s activities on the website for the following purposes: (1) enable essential features; (2) provide analytics to improve website performance and effectiveness; (3) store user preferences; and (4) facilitate relevant targeted advertising on advertising platforms or networks.  Users are free to change their web browsers to prevent the acceptance of cookies.  Cookies may also be set within emails in order to track how often our emails are opened.

 

A clear GIF is a transparent graphic image placed on a website.  The use of clear GIFs allows us to monitor your actions when you open a web page and makes it easier for us to follow and record the activities of recognized browsers. Clear GIFs are used in combination with cookies to obtain information on how visitors interact with our websites.

 

Information collected may include but is not limited to your browser type, your operating system, your language preference, any referring web page you were visiting before you came to our site, the date and time of each visitor request, and information you search for on our sites.  We can also track the path of page visits on a website and monitor aggregate usage and web traffic routing on our sites.  We collect this information to better understand how you use and interact with our sites in order to improve your experience.  We also collect this information to better understand what services and marketing promotions may be more relevant to you.  We may also share this information with our employees, service providers and customer affiliates.

 

You can change your web browser settings to stop accepting cookies or to prompt you before accepting a cookie from the sites you visit. If you do not accept cookies, however, you may not be able to use some sections or functions of our sites.

 

To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit http://www.allaboutcookies.org.

 

To opt out of being tracked by Google Analytics across all websites visit https://tools.google.com/dlpage/gaoptout.

 

Purposes for Processing Personal Data

We process personal data for software purposes, including licensing and operation of the software, remote management, education and information services, training, webinars, communication, customer service, system monitoring and data security.  In addition, we process personal data for our business purposes including processing sales leads, invoicing, payments, tradeshows, quotes, submitted forms, trials, consultations, demonstrations, response to inquiries, seminars, web analytics, other marketing, security monitoring, business operations and administration, tax, and other regulatory requirements.

 

We use personal data to enable use of software features and related services, including through use of third-party services providers.  We also use personal data to communicate with you for marketing purposes.

 

In this context, the legal basis for our processing of your personal data is either the necessity to perform contractual and other obligations as a provider of desktop software and SaaS-based software services.

 

We may also use your data to comply with applicable laws and exercise legal rights as the basis for our data processing.

 

We may also use your personal data for internal purposes, including auditing, data analysis, system troubleshooting, and research.  In these cases, we base our processing on legitimate interests in performing the activities of the organization.

 

Sharing of Personal Data

We share your personal data with other parties in the following circumstances:

 

  1. Third-Party Providers. We may provide personal data to third parties for their processing in performing functions on our behalf (for example payments, security, data analysis, surveys, operating a learning center for education and information services to support the ManagerPlus software, and so forth). In such instances, the providers will be contractually required to protect personal data from additional processing (including for marketing purposes) and transfer in accordance with this Privacy Policy and applicable laws.  In cases of onward transfer of personal information to third parties of data of EU individuals received pursuant to the EU-U.S. Privacy Shield, ManagerPlus remains liable.

 

  1. Legal Requirements. We may access and disclose your personal data to regulatory bodies if we have a good-faith belief that doing so is required under regulation. This may include submitting personal data required by local customs authorities and tax authorities.  Additionally, we may disclose your personal data and other information as required by law, including in response to lawful requests by public authorities or to meet national security or law enforcement requirements.  We may also disclose your personal data to exercise or defend legal rights; to take precautions against liability; to protect the rights, property, or safety of the resource, of any individual, or of the general public; to maintain and protect the security and integrity of our services or infrastructure; to protect ourselves and our services from fraudulent, abusive, or unlawful uses; or to investigate and defend ourselves against third-party claims or allegations.

 

Storage of Personal Data

We store personal data processed from our websites, obtained through sales leads and provided through our SaaS-based cloud model software in data centers in the United States, cloud storage solutions, or on our premises, including corporate offices and warehouses.  We endeavor to utilize third-party service providers from the United States that have certified with the EU-U.S. Privacy Shield Framework or alternatively provide adequate protections that are compliant with the GDPR.

 

Personal Data Security

ManagerPlus uses technical and organizational measures to protect the personal data that we store, transmit, or otherwise process, against accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access.  We regularly consider appropriate new security technology and methods as we maintain and develop our software and systems.  Security measures implemented include:

 

  • Web and database servers are protected using firewalls;
  • Passwords used for account registration require minimum password strength attributes;
  • User access is tracked;
  • Role-based security is applied to system access;
  • Use of data encryption;
  • Use of RC4 256-bit Transport Layer Security (TLS) technology where customer data traverses public networks;
  • Vendor-supplied patches are reviewed and tested for compatibility before installation;
  • Regular system backups are made;
  • Regular maintenance is performed on systems;
  • Systems are monitored for security;
  • Data requiring a higher level of protection, such as payment card account numbers processed via a third-party vendor that specializes in the payment processing;
  • Security assessments are performed on third-party vendors with access to personal data;
  • All employees are contractually obligated to maintain the confidentiality of personal data accessible through their employment; and
  • All employees are required to attend regular security and awareness training.

 

Retention of Personal Data

ManagerPlus retains collected personal data for a reasonable period of time to fulfill the processing purposes mentioned above.  Personal data is then archived for time periods required or necessitated by law or legal considerations.  When archival is no longer required, personal data is deleted from our records.

 

ManagerPlus retains the rights to delete customer data from its system after 30 days from the date of termination of its license agreement.

 

ManagerPlus removes customer data from its central database within a reasonable time after a customer has been deactivated, usually after 30 days.  This data is copied to a storage drive and is not accessible from the database server.  The data is removed permanently from the storage drive within a reasonable time, usually after 1 year.  ManagerPlus does not guarantee the ability to restore data that has been removed from its database server.

 

If you wish us to delete your account sooner than this time period, please contact us.  Our contact details are provided at the end of this Privacy Policy.

 

We continue to retain personal data that we are required to retain in order to meet our regulatory obligations including tax records and transaction history.  We regularly review our retention policy to ensure compliance with our obligations under data protection laws and other regulatory requirements.  We regularly audit our databases and archived information to ensure that personal data is only stored and archived in alignment with our retention policy.

 

Personal Data Rights

Individuals in the EEA have certain data subject rights which may be subject to limitations and/or restrictions. These rights include the right to: (i) request access to and rectification or erasure of their Personal Data; (ii) obtain restriction of processing or to object to processing of their Personal Data; and (iii) ask for a copy of their Personal Data to be provided to them, or a third party, in a digital format. If you wish to exercise one of the above-mentioned rights, please send us your request to the contact details set out below. Individuals also have the right to lodge a complaint about the processing of their Personal Data with their local data protection authority.

 

Please note that we rely upon our users maintaining the accuracy of the personal data they provide through our ManagerPlus software or our website, https://www.managerplus.com/, including the ability to add, edit and delete account profile information.  Where you are the Customer Administrator, you may view and edit the personal data set up for each of your users by accessing the administration features available through the ManagerPlus software.  Where you are the account holder, you may view and edit your personal data via your account profile.  If you do not have access to edit your personal data, you may reach out to the Customer Administrator and request that they make any required update under through the ManagerPlus software, including deletion of your personal data.

 

For communications provided under our education and information services or for other email communication of a marketing nature, an ‘unsubscribe’ option is provided in the footer of every email.  In addition, we may be contacted directly to unsubscribe.  Our contact details are provided at the end of this Privacy Policy.

 

You may also contact us with your personal data inquiries or for assistance in modifying or updating your personal data and to exercise additional statutory rights such as: access, rectification, data portability, objection, processing restriction, and erasure of your personal data.  Our contact details are provided at the end of this Privacy Policy.

 

Dispute Resolution

ManagerPlus participates in the EU-U.S. Privacy Shield Framework, under ManagerPlus Solutions, LLC.  A list of participants can be viewed by accessing the link below:

https://www.privacyshield.gov/list.

As part of its participation in the EU-U.S. Privacy Shield Framework, ManagerPlus is subject to the investigatory and enforcement powers of the Federal Trade Commission.

Organizations participating in the EU-U.S. Privacy Shield Framework must respond within 45 days of receiving a complaint.  If you have not received a timely or satisfactory response to your question or complaint, please contact one of the independent recourse mechanisms listed below:

EU Data Protection Authorities (“DPAs”)

http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

Please note that these independent dispute resolution bodies are designated to address complaints and provide appropriate recourse free of charge to the individual.

Under certain circumstances, individuals located in the European Economic Area may invoke binding arbitration to resolve a Privacy Shield related dispute.  In order to invoke arbitration, you must take the following steps prior to initiating an arbitration claim: (1) raise your complaint directly with ManagerPlus and provide us the opportunity to resolve the issue; (2) make use of the independent recourse mechanism listed above; and (3) raise the issue through your relevant Data Protection Authority to the U.S. Department of Commerce and afford the U.S. Department of Commerce an opportunity to use best efforts to resolve the issue at no cost to you.  For more information on binding arbitration, see the U.S. Department of Commerce’s Privacy Shield Framework: Annex I (Binding Arbitration) at: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

 

Effective Date and Amendments

This document is effective 4-29-19.  This document may be amended from time to time

 

Contact Information

Inquiries may be made to:

Organization:           ManagerPlus Solutions, LLC.
Contact:                     Marketing at ManagerPlus
Address:                     9350 South 150 East, Suite 650 Sandy, UT, 84070

E-mail:                        marketing@managerplus.com
Phone:                        800-730-9965
 

Please note that organizations participating in the EU-U.S. Privacy Shield Framework must respond within 45 days of receiving a complaint.