Privacy Shield Privacy Policy

Last updated: February 9, 2021

Compute Software, Inc. has created this Privacy Shield Privacy Policy to help you learn about how we handle Personal Information that is collected in the European Union and the United Kingdom and Switzerland (the “EEA”) and transferred to Compute Software in the U.S.

Compute Software (“Compute Software,” “we,” “us,” “our.”) complies with the EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, the United Kingdom, and Switzerland to the United States in reliance on Privacy Shield. Compute Software has certified to the Department of Commerce that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov.

This Privacy Shield Privacy Policy supplements our Global Privacy Policy. Unless specifically defined in this policy, the terms in this Privacy Shield Privacy Policy have the same meaning as in our Global Privacy Policy.  In case of conflict between our Global Privacy Policy and this Privacy Shield Privacy Policy, this Privacy Shield Privacy Policy prevails. In case of conflict between this Privacy Shield Privacy Policy and the Principles, the Principles will govern.

How We Obtain Personal Information

We obtain and process Personal Information in different capacities.

  • As a data controller, we collect and process EEA Personal Information directly from individuals, either via our publicly available websites, including computesoftware.com, or in connection with our customer, partner, and vendor relationships.
  • As a data processor, we process and host EEA Personal Information obtained from our Customers (“Hosted Data”) when providing commercial hosted software applications (collectively, the “Software Services”) to our Customers.  In that context, we only process Personal Information on behalf and instructions of our Customers, which are data controllers.  The Software Services agreement defines the roles and responsibilities of the parties for the processing of Personal Information in the context of the Software Services (“Customer Agreement”).

Compute Software commits to subject to the Principles all Personal Information received from the EEA in reliance on the Privacy Shield (which includes both types of activities).

Notice

We provide information in our Global Privacy Policy regarding our privacy practices.

When we process Hosted Data, Customers determine the categories of data they upload in our systems and the purposes of the processing. For example, they may upload directly or via a service provider, various businesses and IT cost, value and utilization data at their own discretion.  Accordingly, Customers are responsible for providing notice to individuals.

Data Integrity and Purpose Limitation

Any Personal Information we obtain may be used by Compute Software for the purposes indicated in our Global Privacy Policy or as otherwise notified to you. We will not process Personal Data in a way that is incompatible with these purposes or as subsequently authorized by you.

We take reasonable steps to limit the collection and usage of Personal Information to that which is relevant for the intended purposes for which it was collected, and to ensure that such Personal Information is reliable, accurate, complete and current.

We will retain your Personal Information in an identifiable form identifying or making identifiable individuals only for the period necessary to fulfil the purposes outlined in our Global Privacy Policy unless a longer retention period is required or permitted by law or by the Principles. We will adhere to the Principles for as long as we retain the Personal Information collected under the Privacy Shield.

When we process Hosted Data, we process and retain Personal Information only as necessary to provide our Software Services as permitted in the Customer Agreement, or as required or permitted under applicable law.  

Data Disclosures

We disclose Personal Information as described in our Global Privacy Policy. If we disclose it to a third party acting as a data controller or as an agent, we will comply with, and protect the Personal Information as provided in, the Accountability for Onward Transfer Principle.

When processing Hosted Data, we disclose Personal Information as provided in the Customer Agreement. Compute Software uses a limited number of third-party service providers, acting as agent, to assist us in providing our services to customers, in particular to provide data storage services.

In case of disclosure to an agent, we remain responsible for the processing of Personal Information received under the Privacy Shield and subsequently transferred to that agent if it processes such Personal Information in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the inconsistent processing.

We may also disclose Personal Information as may be required or permitted under the Principles and under applicable law, including in response to lawful requests by public authorities, such as to meet national security or law enforcement requirements.

Data Security

We use reasonable and appropriate measures to protect your Personal Information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the Personal Information.

Choice and Access

Where appropriate, Compute Software provides you with access to the Personal Information that we maintain about you and to correct, amend or delete that information when it is inaccurate or has been processed in violation of the Principles by sending a written request as indicated in “Contact Information” below.  We will review your request in accordance with the Principles, and may limit or deny access to Personal Information where providing such access is unreasonably burdensome or expensive under the circumstances, or as otherwise permitted by the Principles.

If we intend to use your Personal Information for a purpose that is materially different from the purposes listed in this policy or if we intend to disclose it to a third party acting as a controller not previously identified, we will offer you the opportunity to opt-out of such uses and/or disclosures where it involves non-sensitive information or opt-in where sensitive information is involved.

When we process Hosted Data, we only process and disclose the data as specified in the Customer Agreement. Customer controls the type of information we obtain, how that information is disclosed and used, and how it can be modified.  Accordingly, if you wish to request access, to limit use or to limit disclosure, please contact the Customer who submitted your data to our services. If you provide us with the name of the Customers, we will refer your request to that Customer, and will support them as needed in responding to your request.

Recourse and Enforcement

We conduct an annual self-assessment of our Personal Information practices to verify that the attestations and assertions made in this Privacy Shield Privacy Policy are true and have been implemented as represented.

In compliance with the Privacy Shield Principles, Compute Software commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union, United Kingdom, or Swiss individuals with Privacy Shield inquiries or complaints should first contact Compute Software via email at privacy@computesoftware.com, or via mail at: Compute Software, Attn: Privacy Officer, 1953 Sage Loop, Mountain View, CA 94043

Compute Software has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction

Our commitments under the Privacy Shield are subject to the investigatory and enforcement powers of the United States Federal Trade Commission.

Changes to the Privacy Shield Privacy Policy

This Privacy Shield Privacy Policy may be changed from time to time, consistent with the requirements of the Privacy Shield. You can determine when this Privacy Shield Privacy Policy was last revised by referring to the “Last Updated” legend at the top of this page. Any changes to this Privacy Shield Privacy Policy will become effective when we post the revised version on our website

Contact Information

If you have any questions, concerns or complaints regarding our privacy practices, or if you’d like to exercise your choices or rights, contact us via email at privacy@computesoftware.com.