Privacy Statement

Updated - May 22, 2018

This Privacy Statement discloses the information collection and dissemination practices for the services offered by ProcessMaker® (the "Services") and for the Websites associated with them. ProcessMaker reserves the right to amend this Privacy Statement at any time with or without notice. Only the current Privacy Statement is deemed effective, so please review this Privacy Statement periodically.

ProcessMaker has created this Privacy Statement in order to demonstrate our firm commitment to safeguarding the privacy of our Website visitors and clients. Our Privacy Rules summarize this commitment.

 

ProcessMaker General Privacy Rules:

1) We do not reveal any personally identifiable information (PII) that we collect about you, your use of the Services, or any information that you post on your Site to anyone else.

During the registration process, ProcessMaker collects personally identifiable information (PII) from the Subscribing Organizations and its Members. ProcessMaker may also collect personally identifiable information (PII) at other times. ProcessMaker uses such information only for its own internal purposes. We will not sell, rent or release a Subscribing Organization's or Member's personally identifiable information (PII) to any other party except with its explicit permission or under special circumstances. In addition, we will not access or release the Site Information except at the request of the Subscribing Organization or under specific circumstances.



2) Unless you choose otherwise, ProcessMaker shares information about you only on a basis that it does not personally identify you.

In order to improve our Service, provide content and develop applications and services that are useful to our Subscribing Organizations, and Members, ProcessMaker automatically gathers information on an aggregate basis about the applications and services Members use. A Subscribing Organization's or its Member's personally identifiable information (PII) cannot be linked to any of this information. ProcessMaker also uses demographic information and profile data about Subscribing Organizations and Members for these purposes.



3) We use industry-standard technology and other means to keep your information as secure as possible.

At ProcessMaker we know the security of your site and data is an important issue for you. ProcessMaker exercises great care to secure your personally identifiable information and has implemented security measures in accordance with industry-standard practice.

Internally, we restrict access to all personally identifiable information to employees who need access to the information in order to do their jobs. These employees are limited in number, and are committed to our privacy and security policies. All such employees execute comprehensive nondisclosure agreements, and undergo privacy training which provide explicit confidentiality protections. Any employee who violates our privacy and/or security policies is subject to possible termination of contract and civil/criminal prosecution.  These employees also undergo data privacy training when they join our company.

Unfortunately, no data transmission over the Internet can be guaranteed to be totally secure, and there is a slight risk that data could be intercepted or interrupted during Internet transmission. We strive to provide secure transmission of Subscribing Organization information and Member’s personally identifiable information (from the Member's computer to ProcessMaker servers). However, ProcessMaker cannot warrant the security of any information that Subscribing Organizations or Members transmit to us over the internet. Therefore Subscribing Organizations and Members do so at their own risk. 



4) We give you certain choices concerning the collection and use of information about you.

Except for a few specific instances, Subscribing Organizations and Members may always elect: 

  • Not to transmit any personally identifiable information (PII), to use or receive any Service for which a fee is charged, special service, product, discount, or promotional communications from ProcessMaker or our Third Party Providers.
  • To decline or not use services that require them to transmit certain information to our Third Party Providers.
  • To remove their personally identifiable information from the Site, or
  • To discontinue the Site use and have all information deleted.

Subscribing Organizations and Members can exercise some of these options by telling us during the registration process or when they choose to receive or use a specific advertisement, service or product. Subscribing Organizations and Members can notify us of a change in their registration options by sending an email to [email protected], or writing to ProcessMaker, 201 West Main Street, #225, Durham, NC 27701, USA.

If information is being collected by any entity other than a Third Party Provider or if it will be disclosed by ProcessMaker in any manner not described in this Privacy Statement, Subscribing Organizations and Members will be given prior notice, and can always elect not to use that particular service or provide the Information.

If a Subscribing Organization discontinues its Site use, all the personally identifiable information of the Subscribing Organization and its Members will be removed from our databases (other than in aggregate form), and the Site and all of its Site Information will be removed and/or deleted from our servers.

A Subscribing Organization or Member may update or modify any of its personally identifiable information through the Admin tab in their ProcessMaker installation. For further assistance with this, members may send an email to [email protected].

 

Cookie Policy

How does ProcessMaker use cookies?

When you use and access the Services and for the Websites associated with them, we may place a number of cookie files in your web browser. We use cookies for the following purposes: to enable certain functions of the Services, to provide analytics, and to store your preferences.

We use the following session and persistent cookies on the Services and the Websites. Cookies within each Service or Website are listed in alphabetical order.

bugs.ProcessMaker.com Website uses the following cookie:

  • PHPSESSID


support.ProcessMaker.com Website uses the following cookies:

  • _app_market_session
  • _zendesk_authenticated
  • _zendesk_cookie
  • _zendesk_session
  • _zendesk_shared_session
  • _zendesk_thirdparty_test


university.ProcessMaker.com Website uses the following cookie:

  • MoodleSession


wiki.ProcessMaker.com Website uses the following cookie:

  • has_js


www.ProcessMaker.com Website uses the following cookies:

  • __cfduid
  • _ga_gat_gid
  • has_js
  • _hjIncludedInSample
  • _hp2_id
  • _hp2_ses_props
  • _vis_opt_exp_1_combi
  • _vis_opt_exp_1_goal_1
  • _vis_opt_exp_4_combi
  • _vis_opt_s
  • _vis_opt_test_cookie
  • _vwo_uuid
  • _vwo_uuid_v2
  • wp3812


www.ProcessMaker.io Website uses the following cookies:

  • _ga
  • _gat
  • _gid
  • _hjIncludedInSample
  • laravel_session
  • _vis_opt_test_cookie
  • _vis_opt_s_
  • vwo_uuid_v2
  • XSRF-TOKEN

What are your choices regarding cookies?

If you'd like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser.

Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.

 

ProcessMaker GDPR Compliance

ProcessMaker has implemented the necessary actions and resources in order to comply with the European Union’s General Data Protection Regulation (GDPR) which goes into effect on May 25th, 2018.

What information is being collected?

Several of our public websites are designed with your customer experience in mind, which includes requesting personal identifiable information (PII) to be collected and used for the delivery of our services.

Personal identifiable information (PII) may include, but not limited to, the following:

  • Name, First and Last
  • Company Name
  • Position at the Company
  • Phone Number
  • Email Address

This information may or may not be collected along with generic, industry standard information, to gauge the size, general location of the company, vertical industry, as well as other non personal data.

Who is collecting PII and why?

Our Sales, Support, Marketing, Training and Accounting teams are the ones using your personal identifiable information, in order to fulfill your service requests, solve technical issues, and deliver a world class experience with our services.

How will PII be used?

Personal identifiable information is used to communicate with you and your company, to inform you of our services, service updates, security notifications, as well as to produce internal reports for account management and improved service delivery.  Our own sales team may also use this information to call you to see if you would like to purchase additional services from us.

Who will PII be shared with?

Personal identifiable information (PII) collected by ProcessMaker is not meant to be shared with anyone outside of our company, except under specific circumstances.

How long will PII be stored?

For our enterprise customers, we will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreement.

What are the data subjects’ rights?

As a user of ProcessMaker services, through a paid subscription or through one of the freely available resources, such as software trials, document downloads, webinars, forum posts and discussions, where you may choose to consent to provide us with personal identifiable information (PII), you have the following rights:

  • The right to be informed –  organizations must be completely transparent in how they are using personal data (personal data may include data such as a work email and work mobile if they are specific to an individual).
  • The right of access - individuals will have the right to know exactly what information is held about them and how it is processed.
  • The right of rectification - individuals will be entitled to have personal data rectified if it is inaccurate or incomplete.
  • The right to erasure - also known as 'the right to be forgotten',  refers to an individual's right to having their personal data deleted or removed without the need for a specific reason as to why they wish to discontinue. Doing so may restrict or altogether prevent ProcessMaker from delivering tailored services such as Technical Support and/or notifications/updates on Technical Support request status, therefore rendering invalid on-going paid subscription contracts.
  • The right to restrict processing - an individual's right to block or suppress processing of their personal data.
  • The right to data portability -  allows individuals to retain and reuse their personal data for their own purpose.
  • The right to object - in certain circumstances, individuals are entitled to object to their personal data being used. This includes, if a company uses personal data for the purpose of direct marketing, scientific and historical research, or for the performance of a task in the public interest.
  • Rights of automated decision making and profiling - the GDPR has put in place safeguards to protect individuals against the risk that a potentially damaging decision is made without human intervention. For example, individuals can choose not to be the subject of a decision where the consequence has a legal bearing on them, or is based on automated processing.

How can you object or complain?

To ask any questions about this Privacy Statement, the practices of this Website, our Services, to make any suggestions, or tell us about any other ideas concerning our website or our services, please contact:

ProcessMaker
201 West Main Street
#225
Durham, NC 27701
USA
[email protected] 

If Subscribing Organizations or Members have any questions or concerns about this Privacy Statement, they should contact us at [email protected].