Groupe GSOFT Inc. (“GSOFT”) offers tools and platforms commercialized as “Overcast” (“Overcast”) which gathers cost information about Customer’s Azure resources and issues recommendations to optimize management of resources, and allows Customer to act on those recommendations. GSOFT understands the importance of protecting personal information. For this reason, GSOFT strives to have business procedures and security safeguards in place to protect personal information under its control.

1. Application and Scope

This Privacy Policy (“Policy”) is intended to establish responsible and transparent practices for the management of personal information and to satisfy the relevant and applicable legal requirements. This Policy sets out the standards, responsibilities and obligations of GSOFT in respect of any personal information collected, accessed or processed by GSOFT in the course of its business operations and specifies the obligations of GSOFT that arise from the Overcast Terms of Service (the “General Terms”) governing the use of Overcast, entered into between GSOFT and its corporate customers (each, a “Customer”), whereby GSOFT might handle or have access to personal information.

This Policy also governs personal information collected about GSOFT’s website users and explains how GSOFT uses and discloses personal information collected from people who visit its website and otherwise interact with GSOFT through https://overcast.cloud (the “website”). It also explains how GSOFT uses cookies and similar technologies.

2. International Compliance

GSOFT complies with: (i) data protection laws applicable to GSOFT ; and (ii) applicable industry standards concerning data protection, confidentiality or information security. GSOFT has global operations and therefore, in some cases, information managed by GSOFT may be transferred, processed and stored in other countries, although at all times, GSOFT will ensure that personal information is protected by confidentiality and security procedures and protections that are, at a minimum, equivalent to those employed by GSOFT itself.

GSOFT complies with this Policy as well as applicable Canadian private sector data protection laws such as the Personal Information Protection and Electronic Documents Act (“PIPEDA”) and substantially similar provincial laws pertaining to the collection, use and disclosure of personal information. PIPEDA provides for an adequate protection of personal information according to the European Commission Decision of 20 December 2001 pursuant to Directive 95/46/EC of the European Parliament and the Council.

GSOFT also complies with the General Data Protection Regulation (Regulation (EU) 2016/679). Where applicable, our commitment to such regulation may be found in our Data Processing Addendum.

3. Definition of Personal Information

Personal information is defined as “any information about an identifiable individual”. This may include, for example, email addresses and contact details and any similar information provided to GSOFT in the course of its business operations, or which GSOFT may receive from business inquiries. Personal information that is aggregated and cannot be associated with an identifiable individual is not considered to be personal information.

4. Collection and Use of Personal Information through Overcast 

When providing Overcast, GSOFT only processes personal information in accordance with the General Terms, this Policy and applicable laws. GSOFT generally uses personal information from or about its Customers or which is received from Customers and belongs to their own customers or end users (hereinafter referred to as “Customer’s Personal Information”) for the following purposes:

Unless required or authorized by law, when providing products, GSOFT will not use personal information for any other or new purpose without obtaining its Customers’ consent.

5. Collection and Use of Personal Information through the Website

GSOFT generally collects and uses personal information from or about its website users as follows:

 

 

 

6. Sharing of Personal Information

GSOFT will not sell, rent or trade personal information to any third party. However, GSOFT may share personal information when authorized and/or required by law or as follows:

 

 

 

7. Security of Personal Information

GSOFT will store and process the personal information in a manner consistent with industry security standards. GSOFT has implemented technical, organizational and administrative systems, policies, and procedures to help ensure the security, integrity and confidentiality of personal information and to mitigate the risk of unauthorized access to or use of personal information, including (i) appropriate administrative, technical and physical safeguards and other security measures designed to ensure the security and confidentiality of the personal information it manages; (ii) a security design intended to prevent any compromise of its own information systems, computer networks or data files by unauthorized users, viruses or malicious computer programs; (iii) appropriate internal practices including, but not limited to, encryption of data in transit or at rest; using appropriate firewall and antivirus software; maintaining these countermeasures, operating systems and other applications with up-to-date virus definitions and security patches so as to avoid any adverse impact to the personal information that it manages; appropriate logging and alerts to monitor access controls and to assure data integrity and confidentiality; permitting only authorized users access to systems and applications; and (iv) all persons with authorized access to personal information must have a genuine business need-to-know prior to access (“Security Program”).

 

8. Training and Supervision

GSOFT maintains adequate training programs to ensure that its employees and any others acting on its behalf are aware of and adhere to its Security Program. GSOFT shall exercise necessary and appropriate supervision over its relevant employees to maintain appropriate confidentiality and security of the personal information it manages.

 

9. Data Incidents involving Customer’s Personal Information

GSOFT shall immediately notify Customer of any reasonably suspected or actual loss of data or breach or compromise of its Security Program which has or may result in the loss or unauthorized access, disclosure, use or acquisition of Customer’s Personal Information (including hard copy records) or otherwise presents a potential threat to such information (“Data Incident”). While the initial notice may be in summary form, a comprehensive written notice shall be given within 48 hours to Customer. The notice shall summarize in reasonable detail the nature and scope of the Data Incident (including each data element type) and the corrective action already taken or to be taken by GSOFT. GSOFT shall promptly take all necessary and advisable corrective actions, and shall cooperate fully with Customer in all reasonable efforts to mitigate the adverse effects of Data Incident and to prevent its recurrence.

 

10. How to Contact Us

Any questions or complaints regarding this Policy or GSOFT handling of personal information can be addressed by sending an email to: legal@overcast.cloud.

 

11. Change of Privacy Policy

GSOFT will review and update its policies and procedures as required to keep current with rules and regulations, new technologies, standards and customer concerns. This Policy may therefore change from time to time.

This Policy was last updated on June 13th, 2018.

 

overcast-by-sharegate-logo Created with Sketch.