GDPR Assurances

GDPR Policy

miniOrange ("Us", "We", "Our" or the "Company") is committed to protecting the privacy of your information while you use our miniOrange Product and Services. We’ve crafted the policy below to help you understand how our Product/Services collects and uses personally identifiable information

Definitions

  • miniOrange Product: This refers to all the products and services offered by miniOrange. For Example Product like miniOrange Cloud and On-Premise IDP and services includes different functionalities with the Product.
  • Customer Support Services: It involves screen sharing sessions, meetings and support by mail.
  • miniOrange Servers: This refers to miniOrange service which is stored on secure cloud service AWS. miniOrange Users datais also stored with AWS.
  • Third Party: This refers to customers using miniOrange services i.e. plugin with specific service to all its users
  • Personal data: This refers to information provided by you such as name, company name, address, phone number, email address, and any other information necessary.

Introduction

We protect your personal information using industry ­standard safeguards. We may share your information only with your consent or as required by law as detailed in this policy, maintaining your trust is our top priority, so we adhere to the following principles to protect your privacy.
We protect your personal information and will only provide it to third parties

  1. with your consent;
  2. where it is necessary to carry out your instructions;
  3. as reasonably necessary in order to provide our features and functionality to you;
  4. when we reasonably believe it is required by law, subpoena or other legal process; or
  5. as necessary to enforce our User Agreement or protect the rights, property, or safety of miniOrange, its Customers and Users, and the public

Personal Data Collection

miniOrange collects data provided by you while registering with miniOrange or through any other service while contacting miniOrange. We also collect data needed to provide miniOrange services. This data may contain different information as listed below: When you register in the plugin, you provide us with information (including your name(optional), email address, phone number(optional), company name/website and password) that we use to offer you a personalized, relevant experience on miniOrange. When User contacts our Customer Support, User’s personal data is shared which is necessary for us to provide support where we can assist you with the plugin configurations, setup or any other issues while using miniorange Plugins. The Personal Data you provided is used for purposes like answering questions, improving the content of the website, customizing the content, and communicating with the customers about miniOrange’s Services, including specials and new features. When you contact us using our support form, we collect information that helps us categorize your question, respond to it, and, if applicable, investigate any breach of our User Agreement or this Privacy Policy. We also use this information to track potential problems and trends and customize our support responses to better serve you. We do not collect email addresses from miniOrange production service for any marketing purpose. To know more about our Data Collection and Data Processing check our https://docs.miniorange.com/privacy-policy

Who has access to your information ?

Your data is only accessed by the authorized employee of the miniOrange which is used solely for the maintenance of your service provided by miniOrange, to provide your billing / payment details, to provide you the support to serve better.

Your Rights

  • Right to be erasure: Information collected is stored in miniOrange Servers. Customers can delete end-user’s information if end-user requests.
  • Right to object: In certain situations, the end user has the right to object to the data being processed insofar as such data have been collected for direct marketing purposes.
  • Right to rectification: You have a right for clarification of inaccurate personal data. And change the data by providing complete information.
  • Right of access: You have the right to obtain from us information concerning i.e. you have the right to request and get access to that personal data.
  • Right to be informed: You have the right to be informed if we make any changes in the policy or any significant changes we treat your personal information.
  • Right to restrict processing: Customers have the right to restrict the access to their personal data by signing mutual NDA with the specific terms and conditions.
  • Right to data portability: The right to portability only applies to data that customer has provided with his own consent for the performance.

miniOrange Approach on Rights Through the miniOrange directory services, IT Administrators of customer companies have complete control over the personal data of their end-users, which is securely stored in the identity management platform. They can access the data and then choose to delete or share it. The end-users themselves also have control over their personal information and can utilize it to access other services, as well. These features of our platform allow for our compliance with this section of the GDPR.

miniOrange Approach on Data Breach Notification

miniOrange takes pride in its methods of security concerning personal data: access to our technical infrastructure (In which personal information is contained) is limited only to personnel with a documented and approved business need; all of our data at rest is encrypted; login requests and privileged commands are tracked using the appropriate software; our authentication process is secured with the implementation of methods such as MFA and password complexity. However, if miniOrange has the least reason to suspect a data breach, the technical and organizational personnel follow a specified response plan and policy. Data recovery aside, the Data Breach Notification is something miniOrange is ready to fulfill to the level described above, as soon as the moment arises. This notification includes : data subject name and details. The date and time of the breach The date and time we detected it. Information about the type of breach Information about the personal data affected.

miniOrange Approach on Data Minimization

miniOrange only collects and processes personal data that we need to provide services and products. This personal information includes names, email addresses, and other company information. If customers desire their end-users to input this data individually, the customer themselves becomes the controller over that information, and miniOrange becomes the sub-processor. Customers have a large amount of control over this personal information. They can add, delete or modify existing data as they see fit. miniOrange does not utilize this user-generated content in any way other than to display it at the customers' end, for authentication and verification.

Approach on Data Protection Officer (DPO)

miniOrange does not meet any of the circumstances where a Data Protection Officer would be required. A Data Protection Officer is required to be implemented under if the following circumstances hold true. They are: The processing of personal data is done by a public authority (Courts and independent judicial authorities are exempted from this). The personal data being processed requires regular and systematic monitoring on a large scale. The data subjects (i.e. The EU citizens) are required to be regularly monitored on a large scale for the data processing. The personal data being processed is related to or regards crimes and convictions on a large scale. We need only a handful of personal data from our customers, such as names, email addresses, organization names and phone numbers. Since we are not a public authority, nor are we partaking in the collection or processing of high

Changes in the Policy

We will notify you when we change this policy. We may change this Policy from time to time. If we make significant changes in the way we treat your personal information, we will provide notice by posting an announcement on the Website or sending an email prior to the change becoming effective.

Contact

If you would like to contact us with questions or concerns about our privacy policies and practices, you may contact us via any of the following methods:

Email us at: info@xecurify.com

Or call us at: +1 978 658 9387

Or you can fill form with your question/concern: https://www.miniorange.com/contact