4.1. Use of Customer Data. Unless it receives Customer’s prior written consent, Vendor: (a) shall not access, process, or otherwise use Customer Data, and (b) shall not grant any third party access to Customer Data. Notwithstanding the foregoing, Vendor will not hand over to law enforcement unless required by a court order. We will reject data requests from local and federal law enforcement without a court order.  And, unless we are legally prevented from it, we will always inform you when we receive such requests. 

4.2. Privacy Policy. The Privacy Policy applies only to the System and does not apply to any third party website or service linked to the System.

(a)  Personal identifiable information.  When a user registers a new account with Vendor, the system asks for first and last name, e-mail address, password, locale and time zone information. Name helps to personalize your experience. E-mail address is used as a unique user identifier and for communication with the user. Locale and time zone information is used by the system to present numbers and dates in an appropriate format.  Due to various data integrity constraints user account cannot be deleted, but it can be cleared from any personally identifiable information upon request.

(b)  Sharing personally identifiable information.  We will never pass your personal information to third parties and we will not use your name in marketing statements without your permission.

(c)  Cookies.  Cookies are used for authentication, keeping certain user preferences and tracking user movements around the site.  No cookies, however, contain personally identifiable information.

4.3. Data Accuracy. Vendor will have no responsibility or liability for the accuracy of data uploaded to the System by Customer, including without limitation Customer Data and any other data uploaded by Users.

4.4.  Data Retention & Deletion

(a) Data Retention.  Customers are responsible for understanding and implementing their data retention and deletion requirements related to the data they upload to System. 

(b) Data Deletion. Customers may delete their data at any time and primary instances of their data in production systems will be erased immediately, however, since backups are kept for 6 months, it may take up to 6 months for their data to be completely purged from the backup systems after it has been deleted.

(c) Deleted Records.  Deleted Records are moved to the Recycle Bin, kept there for 30 days and then purged automatically.  Records may be purged from the Recycle Bin manually at any time.

(d) Expired databases.  A database is considered ‘expired’ when the subscription is cancelled.  Access will be blocked to expired databases.  Expired paid databases are securely kept in locked stage until being deleted by a database owner or administrator.  Database administrators are provided with all the means to delete a database at any time, before or after its expiration.

(e) Deleted Databases.  Databases that are deleted by their owners or administrators will disappear from users’ reach immediately and will be physically deleted from the global databased within 30 days.

(f) Backups.  All types of data deleted from online databases (from individual records to whole databases) will reside in system backups for 6 months.  It will not be restored back to production systems, except for certain rare instances such as the need to recover from a natural disaster or serious security breach.  In such cases, some of deleted data instances may be restored from backups, but Vendor will immediately take all necessary steps to honor the initial request to delete and erase the primary instance of the data again.

4.5 Personnel Access. A small team of operations personnel have administrative access to the infrastructure where System is hosted.  Additionally, developers occasionally require a read-only access to the database metadata to troubleshoot problems.  Support personnel does not have access to customer databases unless they are invited or authorized by Customer.