RAZOR ERP PLATFORM PRIVACY POLICY

RAZOR ERP PLATFORM

Introduction

RazorERP is committed to conducting its business following all applicable Data Protection laws and regulations and in line with the highest standards of ethical conduct. This policy sets forth the expected behavior of RazorERP’s staff, partners, and associates, concerning the collection, use, retention, transfer, disclosure, and destruction of any Personal Data or other data belonging to a RazorERP customer or partner. RazorERP may collect, store and process such data to aid it in performing the Services, including for testing and applying new product or system versions, patches, updates, and upgrades, and resolving bugs and other issues You have reported to Razor. RazorERP respects your right to ownership of such data created or provided by you, and unless specifically permitted by you, RazorERP will not adapt, modify, publish or distribute the data generated/provided by you or stored in your user account for RazorERP’s marketing or sales purposes. However, you hereby grant RazorERP permission to access, copy, distribute, store, transmit and reformat the content of your user account solely as required for providing the Services to you.

RazorERP, as a Data Controller, is responsible for ensuring compliance with the Data Protection requirements outlined in this policy. Non-compliance may expose RazorERP to complaints, regulatory action, fines, and/or reputational damage. RazorERP’s leadership is fully committed to ensuring continued and effective implementation of this policy and expects all its employees and partners to share in this commitment. Any breach of this policy will be taken seriously and may result in disciplinary action or business sanction.

Definitions

  • Data is any information (including opinions and intentions) that relates to an identified or identifiable person or entity and which is subject to certain legal safeguards and other regulations, which impose restrictions on how organizations may process such data.
  • Data Policy refers to this document which contains the entire rules relating to how data is handled by RazorERP.
  • Data Processor means any natural or legal person who processes the data on behalf of the Data Controller.
  • GDPR refers to the European Union’s General Data Protection Regulations.
  • Data Subject, Customer, You, Your, is any living natural individual who is using our service and is the subject of personal data being collated by us.
  • In this Data Policy references to RazorERP include “RazorERP”, the “Company”, “We”, “Us”, and “Our”.
  • Services refer to RazorERP’s platform services. The Service includes such features as are set forth on Razo ERP’s website (www.razorerp.com) which will be made available to the Customer through any selected Account, as RazorERP may change such features from time to time, at its sole discretion.

Aims & Goals

The ultimate goals of this policy are to protect RazorERP from the risks of a data breach, disclose how RazorERP stores and processes individuals’ data, protect the rights of RazorERP’s customers, staff, members, and stakeholders, and comply with all applicable regulations and international best practices concerning data collection, processing, storage, and protection.

This Data Policy applies worldwide to RazorERP and is based on globally accepted, basic principles of data protection. By creating strong data protection framework, RazorERP seeks to build its credibility and trustworthy relationships with its customers, partners, and associates. This Data Policy is drafted as a practical and easy-to-understand document to which all RazorERP customers, staff, and partners can easily refer.

Scope of Our Data Policy

This policy applies to all RazorERP Employees and all third its party associates and partners responsible for the processing of data on behalf of RazorERP.

Principles of Data Collection and Processing

RazorERP has adopted the following principles to govern its collection, use, retention, transfer, disclosure, and destruction of Personal Data and other data:

  • Lawfulness, Fairness, and Transparency: All data shall be processed lawfully, fairly, and transparently concerning the Data Subject. Thus, RazorERP will always inform the Data Subject of the processing activities that will be carried out, such as processing matching the description being given to the Data Subject, and complying with all applicable data protection regulations.
  • Purpose Limitation: All data shall be collected for specified, explicit, and legitimate purposes and not processed in any further manner that is incompatible with those purposes.
  • Data Minimization: All data collected shall be adequate, relevant, and limited to what is necessary for relation to the purposes for which they are to be processed. Thus, RazorERP will not store any data beyond what is strictly required.
  • Accuracy: All data collected shall be accurate and up to date.
  • Storage Limitation: All data shall be kept in a form that permits identification of the Data Subjects for no longer than is necessary for the purposes for which the data is processed.
  • Integrity & Confidentiality: Every data shall be processed in a manner that ensures appropriate security of such data, including protection against unauthorized or unlawful processing, and accidental loss, destruction, or damage.
  • Accountability: RazorERP shall be responsible for, and shall at all times demonstrate compliance.

Consent

RazorERP will obtain every data only by lawful and fair means and, where appropriate with the knowledge and consent of the Data Subject. Where a need exists to request and receive the consent of an individual before the collection, use, or disclosure of their data, RazorERP will endeavor to use all approved legal means to obtain such consent.

Under certain circumstances, it shall be permissible to share data without the knowledge or consent of the Data Subject. Such cases include the prevention or detection of crime, the apprehension or prosecution of offenders, the assessment or collection of a tax or duty, by order of a court, or by any rule of law. If a RazorERP staff processes any data for one of these purposes, then it may apply an exception to the processing rules outlined in this Data Policy but only to the extent that not doing so would be likely to prejudice the case in question.

Legitimate Interest

Any data may also be processed in a manner necessary to enforce the legitimate interest of RazorERP. Legitimate interests are generally of a legal (such as filing, enforcing, or defending against legal claims), audit, or financial nature. However, no data will be processed based on a legitimate interest if, in individual cases, there is evidence that the interests of the individual merit protection. Before data is processed, it must be determined whether there are interests that merit protection. Control measures that require the processing of data can be taken only if there is a legal obligation to do so or there is a legitimate reason. Even where a legitimate reason exists, the proportionality of the control measure must also be examined. The justified interests of the organization in performing the control measure (e.g., compliance with legal provisions and internal rules of RazorERP) must be weighed against any interests meriting protection that the individual affected by the measure may have in its exclusion, and cannot be performed unless appropriate.

How We Use Data

RazorERP uses all data obtained to provide the Services, for the seamless administration of its work processes, and the administration and management of customers’ accounts.

RazorERP uses the data:

  • To enhance your experience as our cherished client
  • To maintain constant communication with you
  • To provide you with relevant services tailored to your needs
  • To notify you about changes to our services and/or products
  • To provide customer support when you need it
  • To gather analysis or valuable information that would enable us to improve our services
  • To detect, prevent and address technical issues which you may face while accessing our services

 

In achieving these purposes listed above, we might transmit your data to third parties with whom we have a data processing agreement. However, rest assured that we do not sell or transmit your personal information to third parties for marketing purposes.

Legal Framework

RazorERP’s legal basis for collecting and using every data described in this Data Policy depends on the sort of data we collect, the specific context in which we collect such data, and the applicable laws. This Data Policy complies with the United States data protection laws, the internationally accepted data privacy principles and laws like the GDPR, and all other laws applicable in the countries of our customers and Data Subjects. The relevant national law will take precedence if it conflicts with this Data Policy, or if it has stricter requirements than this Data Policy. The content of this Data Policy will also be observed in the absence of corresponding national legislation. The reporting requirements for data processing under national laws shall at all times be observed. In the event of conflicts between applicable legislation and this Data Policy, RazorERP will work with the relevant country offices to find a practical solution that meets the relevant purposes of this Data Policy.

What Data We Collect

We only collect the data you provide us with through any forms on our platforms and your accounts. We may also use cookies, where necessary.

Rights of Data Subjects

All Data Subjects are entitled to request information on which data relating to him/her has been stored, how the data was collected, and for what intended purpose. If any personal data is transmitted to third parties the affected Data Subject shall be informed of such a possibility. If personal data is incorrect or incomplete, the Data Subject can demand that it be corrected or supplemented. Every Data Subject may also request his/her data to be deleted if the processing of such data has no legal basis, or if the legal basis has ceased to apply. The same applies if the purpose behind the data processing has lapsed or ceased to be applicable for other reasons. Existing retention periods and conflicting interests meriting protection must be observed. Finally, every Data Subject has the right to object to his/her data being processed, and this must be taken into account if the protection of his/her interests takes precedence over the interest of the data controller owing to a particular personal situation. This does not apply if a legal provision requires such data to be processed.

Transmission of Data

Transmission of personal data to recipients outside or within RazorERP is subject to the need to provide the Services to the customer and compliance by such recipients with this Data Policy. The data recipient must be required to use the data only for the defined purposes. This does not apply if the transmission is based on a legal obligation.

Retention of Data

For the convenience of re-enrolling you to the RazorERP Services, we retain data inputted into your RazorERP Service account for twelve (12) months after termination of the Service Agreement. Thereafter, RazorERP deletes the customer’s data. RazorERP makes no guarantees, nor assumes any liability, for any data deleted before the twelfth month after termination of the Service Agreement.

Confidentiality of Data

RazorERP will adopt physical, technical, and organizational measures to ensure the security of every piece of data. This includes the prevention of loss or damage, unauthorized alteration, access or processing, and other risks to which it may be exposed by human action or the physical or natural environment. All data shall be subject to data secrecy. RazorERP will ensure that any unauthorized collection, processing, or use of such data by any RazorERP employee is prohibited. RazorERP will also strive to ensure that its employees, associates, and partners are prohibited from using any data for private or commercial purposes, from disclosing any data to unauthorized persons, or making it available in any other way.

Security Framework

All data shall be safeguarded from unauthorized access and unlawful processing or disclosure, as well as accidental loss, modification, or destruction. This applies regardless of whether any data is processed electronically or in paper form. Before the introduction of new methods of data processing, particularly new IT systems, technical and organizational measures to protect personal data must be defined and implemented. These measures must be based on the state of the art, the risks of processing, and the need to protect the data (determined by the process for information classification).

Compliance Checks

To confirm that an adequate level of compliance is being achieved by RazorERP concerning this Data Policy and all applicable data protection laws, the Team will carry out an annual data protection compliance audit for all such RazorERP data processes. The results of the audit shall be reported to the RazorERP Chief Executive Officer. The relevant data protection authority may also perform its audit of compliance with the regulations of this Policy, as permitted under any applicable law.

Violations and Sanctions

Any failure to comply with the current policy or to deliberately violate the rules set in the policy will result in the launch of an appropriate investigation by RazorERP. Depending on the gravity of the suspicion or accusations, RazorERP may suspend the affected staff or relations with the affected associate or partner pending the conclusion of the investigation, and this action will not be subject to challenge. Depending on the outcome of the independent investigation, if it comes to light that anyone associated with IMPACT has deliberately violated the rules set in the policy for its profit or any other usage of personal data, or has systematically and deliberately contravened with the principles and standards contained in this document, IMPACT will take immediate disciplinary action and any other action which may be appropriate to the circumstances. This may include disciplinary action/dismissal of erring staff, ending any partnership with an offending partner, or withdrawal of funding/support from such partner. Furthermore, RazorERP may, depending on the nature, circumstances, and location of the case and violation, consider involving authorities such as the police to ensure the protection of data and victims.

Implementation of this Policy

This policy has been approved by RazorERP’s Chief Executive Officer on January 1, 2022, and comes into effect immediately. It is subject to periodic review.

Availability of Data Policy

RazorERP seeks to ensure that all its customers are aware that their data is being processed and that they understand how the data is being used and how to exercise their rights. Thus, this Data Policy is made available to all RazorERP staff and available on request by individuals.

Data Policy Enforcement

To demonstrate our commitment to data protection, and to enhance the effectiveness of our compliance efforts, RazorERP actively employs individuals to oversee the administration of all activities related to data collection, processing, storage, and retention/deletion.

Data Subjects with a complaint about the Processing of their data should put forward the matter in writing to the Razor Support Team. An investigation of the complaint will be carried out to the extent that is appropriate based on the merits of the specific case. The Team will inform the Data Subject of the progress and the outcome of the complaint within a reasonable period. If the issue cannot be resolved through consultation between the Data Subject and the Team, then the Data Subject may, at their option, seek redress by sending a formal complaint to the management of RazorERP.

Changes to this Policy

RazorERP reserves the right to update or change this Data Policy at any time and when we do, we shall give you notice of such changes and how they may affect you. Your continued use of our platforms and Services after such changes will constitute your acknowledgment of the changes and your consent to abide and be bound by the modified Data Policy.

Contact Us

If you have any questions or concerns about this Data Policy, please contact us at info@razorerp.com