Please read the following Privacy Policy carefully

Introduction

We respect your right to privacy and we understand that, when you use our products and services (hereinafter “Services”) or otherwise interact with us (for example, by viewing our webinars), you prefer to control the way you share your personal information (“Personal Data”) and preferences. The terms “we”, “us” and “our” refers to iSpring Market Account Owner. The terms “user”, “you”, and “your” refer to customers.

We provide this Privacy Policy ("Policy") to inform you of our practices with respect to the collection and use of your Personal Data.

We comply with the Regulation 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”). We act as both a data controller and a data processor under GDPR.

We have implemented the following requirements under the GDPR, including but not limited to:

- A record of our Personal Data processing activities;

- Adequate organizational and technical protection measures;

- Request forms and internal instructions for Privacy by Design & Default, Data Portability, Data Subject Rights like the Right to be Forgotten.

We collect information globally and primarily store that information on the servers based in the United States and Germany. We transfer, process and store your information outside of your country of residence, to wherever we or our third-party service providers operate for the purpose of providing you the Services. The Personal Data of individuals from EEA and Switzerland are stored on servers based in Germany and processed in the United States.

Regardless of where your information is stored or processed, we apply the same protection described in this Policy. We offer European builds of desktop products to individuals from EEA and Switzerland to store the information we collect from your use of the Services on the servers in Germany. We also use the model contract clauses approved by European Commission as a means of ensuring adequate protection when transferring data outside of the EEA and Switzerland. By incorporating model contract clauses into a contract established between the parties transferring data, personal data can be protected when transferred outside the EEA to countries which have not been deemed by the European Commission to adequately protect personal data.

Agreement to this Policy

Please read this Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Services. By accessing or using our Services, you agree to this Policy. This Policy may change from time to time. Your continued use of our Services after we make changes is deemed to be acceptance of those changes, so please check the Policy periodically for updates.

Notice to End Users

We are the administrator of the web based services and are responsible for the accounts in web based services over which we have control. Please direct your data privacy questions to us, as your use of the web based services is subject to our policies.

We are able to:

- reset your account password;

- restrict, suspend or terminate your access to the web based services;

- access information in and about your account;

- access or retain information stored as part of your account;

- install or uninstall third-party apps or other integrations.

In some cases, we can also:

- restrict, suspend or terminate your account access;

- change the email address associated with your account;

- change your information, including profile information;

- restrict your ability to edit, restrict, modify or delete information.

The administrator of the account in web based services will assert administrative control over your account and use of the web based services. You will be able to change the email address associated with your account only upon the administrator’s approval.

Please contact us for more information.

How we may collect information about you in our role as data controller We collect information about you and determine the purposes and means of processing your Personal Data in our role as data controller when you input it into the Services or otherwise provide it directly to us.

Site account and Profile Information: We collect information about you, when you order Services from us, register for creating a site account, create or modify your profile, set preferences, sign-up for or make purchases through the Services. We keep track of your preferences when you select settings within the Services.

Information you provide through our support center: The Services also include our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service. Whether you designate yourself as a technical contact, open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.

Subscription to our newsletters and webinars. We collect information about you, when you subscribe to our newsletters and webinars. You can set your communication preferences from your site account or opt-out at any time.

Information we collect automatically when you use the Services We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Services. Your use of the Services: We keep track of certain information about you when you interact with any of our Services. This information includes the features you use; information about the system configuration, PowerPoint version you use; time you spent using the Services; the links you click on; the type, size and filenames of attachments you upload to the Services; frequently used search terms; and how you interact with others on the Services.

Device and Connection Information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience.

Cookies: We use cookies to provide functionality and to recognize you across different Services and devices. For more information, please see our Cookie Policy, which includes information on how to control or opt out of the cookies and other tracking technologies.

Information we receive from other sources We receive information about you from other Service users, from third-party services, from our related companies, and from our business partners.

Other users of the Services: Other users of our Services may provide information about you when they submit content through the Services. For example, you may be mentioned in a support ticket opened by someone else. We also receive your email address from other Service users when they provide it in order to invite you to the Services. Similarly, an administrator may provide your contact information when they designate you as the billing or technical contact on your company's site account.

Our Partners: We work with a global network of partners who help us to market and promote our products, generate leads for us, and resell our products. Some of these partners provide consulting, training and other services around our products. We receive information from these partners, such as contact information, company name, what products you have purchased or may be interested in, evaluation information you have provided, what events you have attended, and what country you are in.

Other Partners: We receive information about you and your activities on the Services from third-party partners, such as advertising and market research partners who provide us with information about your interest in and engagement with, our Services and online advertisements.

What information we may collect about you in our role as data controller

We may collect the following information about you:

- Your name, email address, phone number, company name, title and business/private address;

- Your site account information – such as our Services you ordered, domain name registration information, the IP addresses assigned to you, the use of our Services or any other information related to your site account;

- Your contact with us – such as a note or recording of a call you make to us, a chat record when you engage in a chat session with us, an email or letter you send to us or other records of any contact you have with us;

- Information provided by you to us when you notify us of a (suspected) breach of acceptable use of our Services;

- Your photo when you send us a testimonial and video footage of you when we record your video review about our Services.

Why we process your personal information in our role as data controller

We process your Personal Data for the following purposes:

- Processing of orders and provision of Services;

- Conducting market research, conducting retention and customer satisfaction surveys, conducting marketing activities (including through email newsletters, social media and onsite/offsite and online/offline advertisement), conducting sales activities (including analyzing your Personal Data and your use of our Services for making (personalized) offers and quotes with the aim of entering into a customer relationship, and/or maintaining, renewing or expanding a customer relationship);

- Communicating with customers (a) to provide information about our Services, (b) to provide information about offers, orders, provision of Services, order status and payment, (c) to provide support and maintenance services, (d) to handle complaints, and (e) to answer questions from (potential) customers;

- Investigating and processing suspected violations of acceptable use of our Services;

- Complying with statutory obligations, including (a) provision of data to authorized authorities in the context of criminal investigations, (b) complying with (applicable) data retention obligations, and (c) the provision to third parties of Personal Data concerning customers in connection with an infringement of these third parties’ rights.

How we share your personal information in our role as data controller

We may share Personal Data about you with:

- Partners or agents involved in delivering the Services;

- Law enforcement agencies, regulatory organizations, courts or other public authorities to the extent required by law;

- A customer, if you notify us that this customer uses our Services violates the acceptable use of our Services or applicable law;

- A third party that has claimed that your use of our Services violates the acceptable use of our Services or applicable law (to the extent such sharing is required by law);

- In certain situations, we may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Legal bases for processing

If you are an individual in the European Economic Area (EEA) or Switzerland, we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. To process your information as described above, we rely on the following legal bases:

- Performance of a contract: the use of your information is necessary to provide you the Services, customer support and personalized features. If you order and use our Services, we will use your information to carry out our obligation to complete and administer that Services under the contract that we have with you;

- Legitimate interests: the processing is necessary for the purposes of the legitimate interests pursued by us, namely for information security. We also want to provide you with the best suitable content of the website, to improve and promote our products and services and the content on our website, and for administrative, fraud detection and legal purposes;

- Consent: we may rely on your consent to use your Personal Data for specific purposes, for example, for sending newsletters and for certain direct marketing purposes.

How we store and secure information we collect

Information storage. We use data hosting service providers in the United States and Germany to host the information we collect, and we use technical measures to secure your data.

Technical and organizational security procedures and data transfers. We observe reasonable procedures to prevent unauthorized access to, and the misuse of Personal Data. We use appropriate business systems and procedures to protect and safeguard the Personal Data. We also use security procedures and technical and physical restrictions for accessing and using the Personal Data on our servers. Only authorized personnel are permitted to access Personal Data in the course of their work.

For more information on where we store your information and our security measures please contact us as provided in the Contact Us section below.

How long we keep information (retention procedures)

We will store your personal information as long as necessary to perform the purposes of processing as stated in this Policy. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

Site account information: We retain your site account information for as long as your site account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.

Information you share on the Services: If your site account is deactivated or disabled, some of your information and the content you have provided will remain in order to allow your team members or other users to make full use of the Services. For example, we continue to display messages you sent to the users that received them and continue to display content you provided.

Managed accounts: If the Services are made available to you through an organization (e.g., your employer), we retain your information as long as required by the administrator of your account.

Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your site account. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

How you can access and control your information

Subject to some limits, you have certain rights regarding your Personal Data and the processing thereof. PLEASE NOTE THAT OUR CUSTOMERS CONTROL AND MAINTAIN ACCESS TO THEIR DATA THAT IS STORED BY US, AND WE MAY NOT HAVE ACCESS TO THE DATA MAINTAINED BY OUR CUSTOMERS OR EVEN TO KNOW WHAT DATA IS BEING MAINTAINED.

You have the right to request a copy of your information, to object to our use of your information (including for marketing purposes), to request the deletion or restriction of your information, or to request your information in a structured, electronic format. If you are an end user and the Services are administered for you by an administrator (see section "Notice to End Users" below), you may need to contact your administrator to assist with your requests first. For all other requests, you may contact us as provided in the Contact Us section below to request assistance.

Your rights:

- You can access and update your information in your site account at any time;

- You can deactivate your site account, if you no longer wish to use our Services;

- You can request for what information we have collected about you;

- You can request that we make changes to the Personal Data you have seen, but cannot change in your site account;

- You also have the right to obtain from us the erasure of your Personal Data (right to be forgotten);

- In addition, you may, under certain circumstances, have the right to restriction of the processing of your Personal Data;

- You have the right to object, on grounds relating to your particular situation, at any time to processing of your Personal Data;

- You have the right to receive your Personal Data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller when the processing is based on your consent or is necessary for the performance of a contract (the right to data portability);

- You can opt out of promotional communications from us by using the unsubscribe link within each email, updating your email preferences within your site account settings menu, or by contacting us as provided below to have your contact information removed from our promotional email list or registration database.

Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our Services. You can opt out of some notification messages in your site account settings;

- You can refuse the use of cookies: relevant browser-based cookie controls are described in our Cookie Policy.

We acknowledge that EU individuals have the right to access the personal information that we maintain about them. An EU individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct their query to Prosynergy Training Team (cs@prosgy.com). If requested to remove data, we will respond within a reasonable timeframe.

Consent and withdrawal of consent. You are entitled to withdraw your consent at any time by giving us notice. Upon receipt of a notice where your consent is withdrawn, we will without undue delay stop processing your Personal Data to the extent it is required under law. Please use the contact information at the bottom of the page should you wish to withdraw your consent given under this privacy statement. To limit the use and disclosure of your personal information, please submit a written request to Prosynergy Training Team (cs@prosgy.com).

Our policy towards children

The Services are not directed to individuals under 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information. If you become aware that a child has provided us with personal information, please contact our support services.

Changes to this Policy

We may change this Policy from time to time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by adding a notice on the Services homepages, login screens, or by sending you an email notification. We will also keep prior versions of this Policy in an archive for your review. We encourage you to review our privacy policy whenever you use the Services to stay informed about our information practices and the ways you can help protect your privacy.

If you disagree with any changes to this privacy policy, you will need to stop using the Services and deactivate your account(s), as outlined above.

Contact Us

If you have questions or concerns about how your information is handled, please direct your inquiry to Prosynergy Training Team (cs@prosgy.com).

Prosynergy Consulting Limited (“PGY”) respects the personal data privacy of all individuals and recognizes its responsibilities in relation to the collection, holding, processing, use and/or transfer of personal data under the Personal Data (Privacy) Ordinance (Cap. 486) of the laws of Hong Kong (“PDPO”). Personal Data (as defined under the PDPO) will only be collected for lawful and relevant purposes and all practicable steps will be taken to ensure that Personal Data held by PGY is accurate and secure.

The provision of Personal Data is voluntary, however, any failure to supply us with the necessary Personal Data requested may result in PGY being unable to process your requests or provide the services requested by you.

MANNER OF COLLECTION

PGY primarily collects Personal Data directly by requesting that you complete forms, and also in connection with the provision of services to you at your request.

PGY may also collect information regarding your usage record and data regarding services provided to you.

PURPOSE OF COLLECTION

From time to time, it is necessary for you to supply PGY with different categories of Personal Data in connection with our provision of services to you, depending on the nature of the services offered. The Personal Data PGY collects may include, but not limited to, your name, contact number, email address, title, company name.

USE OF PERSONAL DATA

PGY may use your Personal Data for one or more of the following purposes from time to time:

• providing and processing applications or requests for services, operation of our website and user accounts and matters relating to the administration, management, operation and maintenance of the same;

• communicating with you, including but not limited to responding to your requests for information and services;

• conducting internal statistical research and analysis;

• making disclosure when required by any law, court order, direction, code or guideline applicable in or outside Hong Kong;

• investigating and handling complaints or cases involving PGY, or any of our website users;

• preventing, detecting or investigating suspicious or illegal activities; and

• other any purposes directly relating to any of the above.

TRANSFER AND DISCLOSURE OF PERSONAL DATA

Except with your prior consent or as required by law, we will not transfer or disclose your Personal Data to any third party except that we may transfer or disclose your Personal Data in or outside Hong Kong as stated below:

• any personnel, agent, adviser, auditor, contractor, collaborator or service provider who provides services or advice to us in connection with our operations as required to enable us to provide, or assist us in providing, the services you have requested;

• any person with your express or implied consent;

• any person under a duty of confidentiality to us; and

• any person to whom we are required to make disclosure under any law, court order, direction, code or guideline applicable in or outside Hong Kong.

ACCESS TO DATA

You have the right to request access to and correction of your Personal Data in accordance with the provisions of the PDPO. PGY has the right to charge a reasonable fee for processing any data access request.

RETENTION

Personal Data provided to PGY will be retained for such period required under applicable law and as otherwise needed as may be necessary to fulfil the purposes set out above, but may not be kept longer than is necessary for the fulfilment of the abovementioned purposes.

PGY will keep confidential your Personal Data and will take all practicable steps to ensure that your Personal Data is kept secure against unauthorized or accidental access, loss, disclosure and destruction.

ENQUIRIES

You have a right to request access to and correction of your Personal Data in your enquiry in accordance with the PDPO.

Any enquiries regarding the Personal Data provided or requests for access to Personal Data or correction of Personal Data should be addressed in writing to Prosynergy Consulting Limited, Room 1515 – 1516, 15th Floor, Nexxus Building, 41 Connaught Road, Central, Hong Kong (if by conventional mail) or such other address as may be notified for this purpose from time to time or by email to cs@prosgy.com (if by e-mail).