Shireburn takes your privacy very seriously. We have implemented systems and processes that place privacy at the forefront of our work and these have been further strengthened in line with the General Data Protection regulations (GDPR).
The term “Web Sites” means Shireburn’s principle websites (including but not limited to www.shireburn.com and indigo.shireburn.com).
Shireburn never sells personal data and we commit to process personal data strictly in compliance with the EU General Data Protection Regulation (“GDPR”) as well as the Laws of Malta (together the “Applicable Law”).
Shireburn will not sell, rent, or loan our email lists or personal data to any 3rdparty.
We will store and/or process your personal data in any of the following circumstances:
We use the information we collect from all of our services to provide, protect, maintain, support, administer and improve our products/services. When you contact Shireburn for sales, software and support services we keep a record of your contact to help solve any issues you might be facing or to provide the requested service to you as well as to administer our relationship with you.
We may use your email address to inform you about our services and products such as letting you know about upcoming changes or improvements and/or new product modules. You will always give you the right to opt out. We will request specific consent (Opt-In) to allow us to communicate with you for purposes other than those related to our relationship.
People have different privacy concerns. Our goal is to be clear about what information we collect, so that you can make meaningful choices about how it is used.
If you receive emails from us, we may use certain analytics tools, to capture data such as when you open our email or click on any links or banners our email contains. This data helps us to gauge the effectiveness of our communications and marketing campaigns.
You may choose to contact Shireburn for pre-sales or post-sales services, support or other type of enquiries either via telephone, messaging services, email, a contact form on a website or even through real-time chat facilities made through our software or web sites.
These types of contact may result in us asking you for certain information to allow us to respond and provide you with our services including your name, address, phone number, email address. In the case of the chat facility this will also result in the storage of the contents of the chat sessions including the company name, and the chat activity. We will retain and process this personal data in our systems to allow us to service your request and the ongoing relationship with you whether you are a client, prospective client or supplier. Your rights as data subject, as defined below, will of course be preserved.
We also collect Personal Data such as name, email and physical addresses and even credit card information, where necessary, to support our licensing and billing processes.
We collect information in the following ways:
When you purchase a good or services on-line through one of our Web Sites , we utilize 3rd party providers of payment processing and the data related to your credit card is processed by the 3rd party provider and we do not have access to that credit card information. See our current Sub-contracts/Sub-Processors list.
Shireburn web sites utilize cookies to process user usage and behaviour information in a bid to improve user experience.
If your browser has been enabled by you to allow this, Shireburn will store Cookie information onto the device used by you to access these sites. You will be able to use your browser’s capabilities to view and delete these cookies. The functionality of the web site may change based on the ability of Shireburn to utilise these cookies.
Use of the on-line help facilities that may be made available on the Web sites will record the details of the user name accessing the on-line help facility, the help centre activity related to the documents accessed and the location.
Should you consent to be contacted by Shireburn, we shall use the Personal Data provided by you to communicate with you regarding those services for which you have consented to be contacted. This shall be on an opt-in basis.
If you are a user of our software or services, or an end-user of one of our clients, who is obtaining support or needs to be notified of technical or commercial aspects of the use of our software or services, we shall retain the right to communicate with you as a result of a legitimate business interest provision as defined under GDPR.
Like most websites, our servers automatically record the page requests made when you visit our Web Sites. These “server logs” typically include your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.
Accessing of our systems and network is controlled through security infrastructure including firewall protection. As is industry practice, the firewall automatically logs traffic requests made when you access our systems. These “firewall logs” typically include details such as your Internet Protocol address, request type, and the date and time of your request. These logs are maintained for 1 year.
Unless with explicit, prior, written consent, Shireburn shall only store Personal Data either within the European Economic Area (EEA) or in a manner which is undertaken by Shireburn through one of the following mechanisms:
Shireburn’s data retention policy varies according to the nature of data itself and details of this policy can be located in Shireburn’s Data Retention Policy found at www.shireburn.com/dataprotection/dataretention.
GDPR provides a data subject with the following rights:
Shireburn of course respects these rights, subject to our obligations to retain and process data under other laws. For instance, while we might receive a request for erasure of data from a Data Subject related to that subject, we may not be able to erase data related to that subject which is necessary for the performance of our legal obligations for record keeping. A simple example is that we could erase non-critical correspondence but we are obliged to retain details of the purchase orders, invoices etc which relate to that Data Subject for period as required by laws related to accounting and business record keeping.
Should you wish to exercise any of these Data Subject Rights please send a request to firstname.lastname@example.org.
4 Aug 2020