Effective on: May 25, 2018
Introduction and Scope
Categories of Personal Data
We may process the following categories of Personal Data about you:
- online identifiers (such as IP address);
- account identifiers (such as user name, email address, mailing address);
- approximate geographical location data, including your country, region, city, latitude & longitude of city, ZIP code, time zone, connection speed, ISP, domain name, IDD country code, area code, weather station code and name, mobile carrier, elevation and usage type information; and
- feedback you may provide through our Website which may contain Personal Data.
In the context of this Notice, Hexasoft acts as a data controller for Personal Data we process about you..
How We Receive Personal Data
We may receive your Personal Data:
- from you directly, when you visit our Website;
- through our Service from our customers; and
- through our own technical means of investigation, we discover based on your public IP address.
Basis of Processing
Within the scope of this Notice, we may rely on one or more of the following lawful grounds for processing of your Personal Data:
- to perform our obligations to you in cases where you have purchased a service from us, or in order to help you make a purchase, upon your request;
- our legitimate interests and the legitimate interests of our customers for the purpose of facilitating the fulfillment of their business needs, which may include the detection and prevention of credit card fraud, password sharing or abuse of service, compliance with export control and sanctions, content localization, digital rights management, spam filtering, etc.; and
- any other ground, as required or permitted by law in the specific respective context.
Purpose of Processing
We process Personal Data in our Service for the purposes of identifying the geographical location of an individual or an IT system and providing this information to our customers.
Personal Data collected via our Website is processed for the following purposes:
- to respond to your inquiries, and/or other requests or questions;
- to sell our services to you, including processing your payments;
- to pay commissions to our affiliates;
- to improve our Website;
- to enable us to send you our newsletter; and
- for logging and statistical purposes.
Personal Data processed by our Service is retained indefinitely. However, you may send a request to us to ask to delete your Personal Data, subject to the limitations described in this Notice.
Sharing Personal Data with Third Parties
We may use third-party vendors to perform certain services on our behalf. These third-party vendors include those providing:
- infrastructure services;
- payment processing services;
- service desk and bug tracking software services; and
- email services.
We may share your Personal Data with these third-party vendors solely to enable them to perform the services for us. In providing them with your Personal Data, we require that these third-party vendors maintain at least the same level of data protection that we maintain for your Personal Data. We do not provide your Personal Data to parties unconnected with the services we provide.
Other Disclosure of Your Personal Data
We may also disclose your Personal Data:
- to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders;
- if we sell or transfer all or a portion of our company’s business interests, assets, or both, or in connection with a corporate merger, consolidation, restructuring, or other company change; or
- to our subsidiaries or affiliates only if necessary for business and operational purposes as described in the section above.
We reserve the right to use, transfer, sell, and share aggregated, anonymous data, which does not include any Personal Data, about the users of our Service as a group for any legal business purpose, such as analyzing usage trends and seeking compatible advertisers, sponsors, clients, and customers.
If we must disclose your Personal Data in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your Personal Data will maintain the privacy or security of your Personal Data.
Data Integrity & Security
Hexasoft has implemented and will maintain technical, administrative, and physical measures that are reasonably designed to help protect Personal Data from unauthorized processing such as unauthorized access, disclosure, alteration, or destruction.
Accessing, Deleting & Updating Your Personal Data
If you are a data subject about whom we store Personal Data, you may have a right to request access to, and the opportunity to update, correct or delete such Personal Data. Under certain circumstances, you may have a right to restrict or object to the processing of your Personal Data. To submit such requests or raise any other questions, please reach out to us by using the contact information provided in the “Contact Us” section below. Your rights may be limited where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where the exercise of your rights would result in a violation of the rights of other individuals.
Changes to this Privacy Notice
If we make any material change to this Notice, we will post the revised Notice to this web page and update the “Effective” date above to reflect the date on which the new Notice became effective.
If you have any questions about this Notice or our processing of your Personal Data, please write to us by email at firstname.lastname@example.org or by postal mail at:
Hexasoft Development Sdn Bhd
Attn: Data Protection Officer
70-3-30A D'Piazza Mall
11950 Bayan Baru
Please allow up to four weeks for us to reply.
European Union Representative
VeraSafe has been appointed as Hexasoft's representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. VeraSafe can be contacted in addition to Hexasoft, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://www.verasafe.com/privacy-services/contact-article-27-representative
Alternatively, VeraSafe can be contacted at:
VeraSafe Ireland Ltd
North Point House
North Point Business Park
New Mallow Road
If you are a resident of the European Union, you may have the right to lodge a complaint with a data protection regulator in one or more of the EU member states.