Effective Date: June 22, 2011
Last Updated Date: December 18, 2013
information we obtain through the “Services.” The term “Epicor,” “we,” and “us” includes Epicor Software Corporation and our affiliates and subsidiaries.
The “Services” include the Epicor HCM solution and related hosting and/or Internet services under the control of Epicor, whether partial or otherwise, in connection with providing Epicor’s HCM solution. We provide our customers with services and tools that automate and streamline their business functions. These services and tools are not a part of our corporate website. The information submitted through our customer service relationships will be held by us subject to the requirements specified by our customers.
“Personal Information” means information that alone or when in combination with other information may be used to readily identify, contact, or locate an individual, such as: name, address, email address, or phone number. We do not consider Personal Information to include information that has been anonymized so that it does not allow a third party to easily identify a specific individual.
THE SERVICES COLLECT INFORMATION
Customer Support. We may collect Personal Information through communications with our customer-support team, such as when individuals request more information or help on a product or service.
From our Customers through the Services. We collect information, including Personal Information, about individuals from our customers through the Services, such as contact, human resource-related, and billing information. This information may include, among other things, an individual’s name, email address, address, telephone number, billing, credit card, benefits, payroll, resume, and performance management-related information. As we expand our services, we may collect other types of information.
We operate as a data processor for our customers. Our customers act as the data controllers. We collect and maintain only Personal Information our customers have asked us to process. It is our customers’ responsibility to ensure that the data they collect can be legally collected from individuals in their country of origin. Our customers are responsible for notifying their employees and customers that personal information is being collected and maintained outside of their countries of origin.
Cookies, Automatic Data Collection, and Related Technologies. The Services collect and store information that is generated automatically as they are used, including preferences and anonymous usage statistics.
When users visit the Services, we and our third-party service providers may receive and record information on our server logs from users’ browser, including IP address, and from cookies and similar technology. Most browsers allow users to block and delete cookies. However, if users do that, the Services may not work properly.
By using the Services, users are authorizing us to gather, parse, and retain data related to the provision of the Services.
HOW EPICOR USES INFORMATION
Internal and Service-Related Usage. We use information, including Personal Information, for internal and service-related purposes and may provide it to third parties to allow us to facilitate the Services. We may use and retain any data we collect to provide and improve our Services. We will use Personal Information only in ways compatible with the purpose for which it was collected or authorized by our customers.
For Our Customers. We use information, including Personal Information, according to the instructions of customers that submitted such information to us through the Services.
Communications. We may send email to the email address individuals provide to us for informational and operational purposes, such as account management, customer service, or system maintenance.
Aggregate Data. We may anonymize and aggregate data collected through the Services and use it for any purpose.
EPICOR MAY DISCLOSE INFORMATION
We Use Vendors and Service Providers. We may share any information we receive with vendors and service providers retained in connection with the provision of the Services. For example, we may share Personal Information with payment processors to complete transactions.
As Required By Our Customers. We may share any information we receive from our customers as directed by our customers.
Marketing. We do not rent, sell, or share Personal Information about users with other people or nonaffiliated companies for their direct marketing purposes, unless we have the individual’s permission.
As Required By Law and Similar Disclosures. We may access, preserve, and disclose Personal Information, other account information, and content if we believe doing so is required or appropriate to: comply with law enforcement requests and legal process, such as a court order or subpoena; respond to customer or end user requests; or protect users’, ours’ or others’ rights, property, or safety.
Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of Epicor assets, or transition of service to another provider, information may be sold or transferred as part of such a transaction as permitted by law and/or contract. We cannot control how such entities may use or disclose such information.
We may also disclose an individual’s Personal Information with such individual’s permission.
SECURITY OF INFORMATION
Our collection, use, and disclosure of information are generally governed by service agreements with our customers. Information relied upon to provide these Services is retained only for as long as we have a valid business purpose and in accordance with applicable law; including the maintenance of backups in the ordinary course of performing the Services.
Safe Harbor. Epicor complies with the U.S.-EU and U.S.-Swiss Safe Harbor Frameworks and adheres to the Safe Harbor privacy principles with respect to the Services. Information on both Safe Harbors may be found at http://www.export.gov/safeharbor/.
UPDATE INFORMATION OR POSE A QUESTION OR SUGGESTION
In most cases, when we obtain Personal Information, we do so on behalf of another organization (as an agent or data processor). To request access to, correct, amend, or delete Personal Information, a customer or end user should contact the organization to which the data was provided.
OVERSIGHT AND ENFORCEMENT
Any questions, comments or complaints about the data practices of a customer for which Epicor processes data should be addressed to that customer (including, without limitation, compliance with data privacy principles of notice, choice, onward transfer, access, security, data integrity, or enforcement), although we will make reasonable efforts to comply or assist with such requests.
Epicor Software Corporation
18101 Von Karman Avenue, Suite 1600
Irvine, CA 92612
Attention: Legal Department