PRIVACY POLICY THESAURUS SOFTWARE LIMITED

This document sets out how we handle your data. At Thesaurus Software Ltd., we are committed to protecting your privacy. Our Privacy Policy applies to all products, applications and services offered by Thesaurus Software Ltd.

Please note that this policy does not apply to any company or person outside Thesaurus Software Ltd.

A. UNDERSTANDING OUR PRIVACY POLICY

The purpose of this policy is to give you information about how Thesaurus Software Ltd. collects and processes your personal data. Also included in this policy are your privacy rights including contact information in the event you have further questions.

This policy applies where you have, directly or indirectly, provided us with your personal data in any of the ways described in section C below.

It is important that you read and understand this privacy policy so that you are fully aware as to how and why we are using your data.

B. CONNECT USERS

Connect customers

Thesaurus Software shall be the data controller of the information you provide to us when purchasing our software.

Thesaurus Software shall be the data processor of the payroll information and personal data of employees that you provide through our application, and you shall remain the data controller with responsibility for such data. Thesaurus Software will process this personal data in accordance with the terms of this privacy policy and our terms of service.

If you are using Connect as an employee

Your employer shall remain the data controller of the information you have provided to them. This policy sets out how we process your personal data on behalf of your employer and the rights that you have in relation to such information.

C. PERSONAL DATA COLLECTED

You may submit your information to us for a number of reasons:

  • When you purchase a product or register to use our software: this may include your name, business name, address, email, telephone number, business registered number, IP address and payment details.
  • When you contact us with a support query, either through phone, email or our chatbot: this will primarily include your name and contact details.
  • When you request a demo of our software, attend a webinar, sign-up to our mailing list, submit an online query, download our software (incl. free trials) or complete any surveys, provide testimonials or enter into any competitions. Details gathered may include your name, business name, address, email and telephone number.
  • When you interact with us using social media: this may include name, email address, business name.
  • When you apply for a job posting: this may include your curriculum vitae, details of qualifications and experience or any other application forms completed.

Additional data we may collect about you if you are an employee:

  • Identity Data: national insurance number, company identifier, profile images, gender.
  • Financial / Employment Data: tax codes, salary, payroll details and IDS, worksheets, expenses, job details, historic payroll figures, pension scheme details, employment start and leave dates, performance review notes, training records, employment contracts.
  • Medical Data: including sickness and maternity records. Your employers will have the relevant consent and authorisations in place in order to allow this information to be processed to us.

We will not process special categories of personal data such as race, ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data (other than outlined above). Nor do we collect any information about criminal convictions and offences.

We may obtain information through our online applications that you or your users install. We may gather information related to a user’s use of that application and use of specific features within the application.

Providing us with information about others

Should you give us personal data about someone else, you are responsible for ensuring that you comply with all data protection laws. In advance of submitting any information to us you should have notified them that data is shared and clarified how we collect, use and retain their personal information.

D. HOW WE USE YOUR DATA

We undertake to design our systems and products in such a way as to minimise the use of personal data. Where data is required, the purpose for which you are invited to give us information is clear. We will not use your information for purposes that are not clear when you provide your details. Should we intend to use your data for any other purpose, we will not do so without first notifying you in writing.

We use your information to:

  • process your payment,
  • meet the requirements of the contract,
  • provide information and services that you have requested,
  • provide software support to you and manage our relationship with you,
  • monitor, measure, improve and protect our products and services,
  • manage software usage and ensure compliance with the terms of our contract,
  • comply with regulatory requirements,
  • request your participation in any customer research, for example when we research possible new products / features or feedback on existing products or services. Where testimonials or feedback have been provided, this information may be used in marketing material in an anonymous format and only with specific agreement from you will your details be associated with any comments,
  • notify you of product developments, including essential upgrades,
  • assist in our sales cycle and the onboarding of new customers,
  • market new products, features or services,
  • conduct our recruitment processes.

We do not employ automated decision making methods in relation to any of your personal data stored.

Software Users' information will be held for as long as permitted for legal, regulatory, and fraud prevention, currently 6 years.

As a Connect user, should you opt to discontinue using the Connect service, we will retain your Connect data for a period of three months after you opt-out of the service.

Your information we use for marketing purposes will be kept with us until you notify us that you no longer wish to receive this information – the option to ‘Opt-Out’ is available on all marketing correspondence from us. Please also see section E below.

If you withdraw your consent or opt not to provide requested personal information for the purposes set out in our Privacy Policy, we may not be able to provide you with access to the requested product or service.

To ensure continuity and transparency in our recruitment campaigns, all applicant details will be kept for no longer than 14 months after the end of the recruitment process.

E. EMAILS FROM US

We will send users email notifications regarding purchases (such as invoices and renewal notifications) as well as emails relating to essential software maintenance, including product upgrades and releases.

We may contact users and prospective users with additional marketing information such as free webinars, CPD events, special offers and newsletters from our group companies. We may contact you for this purpose by telephone, post, SMS or email. You have the ability to unsubscribe from these communications at any time. Alternatively, you can let us know your preferences by:

F. DISCLOSURE AND SHARING OF YOUR DATA

In the following circumstances, we may send your personally identifiable information to others.

  • We have obtained your express consent to share the information.
  • We need to share your information to provide the service or product you have requested, paid or unpaid.
  • We need to send the information to others who work on behalf of Thesaurus Software Ltd to provide a service or product to you.
  • We find that your actions violate the terms of our Terms of Service or any of our usage guidelines.
  • Our company is subject to a take-over or merger in which case the information will be disclosed to the new owners on the understanding that they will protect the information and only use the information in substantially the same way as previously.
  • We must respond to court orders and any other legitimate request by authorities with which we must comply.
  • We undertake not to sell, trade, or rent any personally identifiable information to others.

Internally, we limit access to personal information about you to only those Thesaurus Software Ltd. employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their job.

Third Party Service Providers

In providing you with the product or service you request, we may occasionally use third party companies to manage collation, processing and storage of your personal information on our behalf. These companies are carefully selected and screened to ensure maximum protection of your security and privacy and are permitted to use the information only in accordance with our instructions.

These third party providers are not permitted to further transfer your personal data nor are they permitted to use your personal data for their own business purposes.

International Data Transfers

Where possible, we only process your information within the European Economic Area (EEA). However, some of the service providers referred to above may be based outside of the EEA.

We take steps to ensure that where your information is transferred outside of the EEA to our service providers and hosting providers, appropriate measures and controls are in place to protect that information in accordance with applicable data protection laws and regulations.

G. MEASURING OUR VISITORS

We measure visitors to our websites using Google Analytics. This records what pages you view on our site, how you arrived at our site and some basic information about your computer. All of that information is anonymous. We don’t know who you are – just that somebody visited our site.

The information we collect from analytics helps us understand what parts of our website are doing well, how people arrive at our site, and so on. Like most websites, we use this information to make our website better.

You can learn more about Google Analytics or opt out if you wish.

H. COOKIES

Cookies are small text files that are placed on your computer by websites you visit. Cookies help make this website work and provide information to us about how users interact with our site. We use this information to improve our website.

By using our website, you agree that we can place these types of cookies on your device.

Full details of the cookies we use and what they do can be found in our Cookie Policy.

I. PAYMENT

We use a variety of providers to process payments. These companies will have access to your personal and payment information. The third parties we use are Realex and AIB Merchant Services.

We share information with these companies only to the extent necessary for the purposes of processing payments you make via our website. Thesaurus Software Ltd. has carried out due diligence on the privacy policies of both Realex and AIB Merchant Services, to the best of our knowledge they are fully compliant with Data Protection legislation.

Where you have submitted payment details to our online billing account, your card details are stored on the Microsoft Azure, PCI compliant platform.

J. DATA FILES

Thesaurus Software Ltd. has no control over the authority, the quality or safety of the data input. You, and you alone are responsible for the accuracy and completeness of your records.

Where applicable, you are responsible for keeping your password and user details confidential. Nobody at Thesaurus Software Ltd. will ever ask you for your password, please do not trust anybody asking for it.

Customers using Desktop Software

Thesaurus Software Ltd. does not have access to your data files, except where they have been submitted for support reasons.

Whilst we have security measures in place to protect your data, it remains your responsibility to keep your sign in details secret, to sign off from the Thesaurus Software Ltd. product when you are not using it and to ensure there is no unauthorised access to your computer.

Customers using Cloud Software

You acknowledge that apart from data format validation checks, Thesaurus Software Ltd. does not monitor, edit or review whether the data provided by you is correct.

You can edit your stored data at any time by signing in to your account and making the necessary changes. You can also request the deletion of your account by contacting Thesaurus Software Ltd. in writing. We undertake to stop processing your data upon receiving notification, in some instances we may need to request specific information from you to help us confirm your identity before deleting any data. We reserve the right to regularly delete any data that we deem to be out of date or no longer required.

K. CUSTOMER SNAPSHOTS/BACKUPS

From time-to-time, in order to resolve a customer query, it may be necessary for us to request a backup of your data file or a payroll related document. We are extremely mindful that this information contains sensitive personal data and we take numerous steps to ensure their security. Data received is processed only for the purposes of resolving your query as advised in writing by you, and is done so by trained Thesaurus staff, your backup will never be shared externally without prior approval from you. Customer backups are retained for the minimum amount of time necessary, usually no longer than one week.

Every effort has been taken to maintain the highest possible levels of security, however we would draw your attention to section M below.

We are committed to compliance data protection law and where necessary will make available to customers any information necessary to demonstrate compliance with their processing obligations.

If you are providing a backup to us in a bureau capacity, you are responsible for ensuring that you comply with all data protection laws and that you have prior approval to send the data to us.

L. EMAILING OF PAYROLL DOCUMENTATION

Should you select to use our software’s emailing feature, your employee’s payslips will be sent through our secure server. Every effort has been taken to maintain the highest possible levels of security and all emails are automatically deleted from our server once sent. To enhance the security of emailed files, we highly recommend that Customers utilise the password feature contained within the software. Finally, we would draw your attention to section M below.

M. SECURITY

We take the security of your data very seriously. Thesaurus Software Ltd. take technical and organisational measures to prevent the loss, misuse or alteration of your personal information. These precautions include:

  • Use of SSL encryption for sensitive data
  • Hardware stored in secured data centres behind firewalls
  • All access to information restricted by password and/or secure key
  • Restrictions to what information can be accessed via any location
  • Internet security protocols to create a protected connection between you and our servers

Whilst we undertake to maintain the highest possible levels of security practicable to protect data it should be realised that no data transmission over the Internet or information storage technology can be guaranteed to be 100% secure, and there is always some risk of unauthorised access. Thesaurus Software Ltd. cannot be held liable for any breach of security. Any information submitted to us is done so at your own risk.

N. UPDATES TO OUR PRIVACY POLICY

Thesaurus Software Ltd. reserves the right to change the content of this Privacy Policy at any time without prior notice. If we decide to change our Privacy Policy, we undertake to post any changes on our website so you are always aware of what information we collect, how we use it, and under what circumstances we disclose it. Therefore, we recommend that you check the Privacy Policy regularly.

O. YOUR RIGHTS

Should you have any questions in relation to this policy or you would like to exercise any of your rights, set out below, please contact us using the below contact details.

In certain circumstances, you have rights under data protection law in relation to your personal data. You have the right to:

  • Request access to the personal data processed on you
  • Request the correction or erasure of your personal data
  • Object to the processing of your data
  • Request restrictions on the processing of your personal data
  • Request to transfer your personal data
  • Withdraw consent

If you wish to raise a complaint on how we have handled your personal data, please contact us and we will investigate the matter.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have a number of requests. In this case, we will notify you and keep you updated.

Our contact details are:

Address:      Thesaurus Software Ltd., Dublin Road, Ashbourne, Co. Meath A84 KV18
Email: privacy@thesaurussoftware.com
Phone: 01 8352074

 

If you are not satisfied with our response or believe our processing of your personal data is not in accordance with the law you can complain to the Data Protection Commissioner.

If you withdraw your consent or opt not to provide requested personal information for the purposes set out in our Privacy Policy, we may not be able to provide you with access to the requested product or service.