PLM-Zone Privacy Policy.

Last Updated: May 1, 2021

This privacy policy (the “Privacy Policy”) is incorporated into and is subject to the PLM-Zone Online Service Terms (the “Terms of Service” or the “Agreement”). Capitalized terms used but not defined in the Privacy Policy have the meaning given to them in the Agreement.

1. Scope of the Privacy Policy

This Privacy Policy describes and sets out the basis on which any personal data PLM-Zone Oy (the “Service Provider”) gathers from the Customer and the Named Users or such personal data is provided to the Service Provider by using the Service Provider’s application services and/or other online service(s) or by visiting the web site of the Service Provider (the “Online Service”), how the Service Provider uses and discloses such information, and the steps the Service Provider takes to protect such information. By visiting the Service Provider’s website www.plm-zone.com or concluding the Agreement when using the Online Service, you as the Customer and/or the Named User consent to the privacy practices described in this Privacy Policy.

The Service Provider may provide links to third-party websites for your convenience and information. If you access those links through the Online Service, you will leave the Online Service. The Service Provider does not control those sites or their privacy practices, which may differ from the Service Provider’s practices. We do not endorse or make any representations about third-party websites. The personal information you choose to provide to or that is collected by these third-parties, including any social media websites featured on our website, is not covered by the Service Provider’s Privacy Policy. We encourage you to review the privacy statement or policy of any website before submitting your personal information.

2. Collected information on the Online Service

Information specifically identifies an individual is called as personal data (the “Personal Data”). Examples of the Personal Data include name, email address, mailing address, mobile phone number, and billing information.

The following Personal Data and other information is collected and stored to the Online Service whenever the Customer or the Service Provider creates a new User Account for the Named User or updates the existing User Account of the Named User:

• First name

• Last name

• Email address

• Organization name

• Language preference

The following Personal Data is collected from the Service Provider’s web site visitors who subscribe themselves to receive news from the Service Provider:

• First Name

• Last name

• Email address

The Service Provider’s Online Service collects the following Personal Data and other information whenever the Named User signs into and uses the Online Service:

• Email address

• IP address from where the Online Service is accessed

• Time of sign in and performed operations

The Service Provider utilizes following partner data services (the “Partner Data Services”) that collect information from web site visitors:

• Squarespace service that operates according to its privacy policy (https://www.squarespace.com/privacy).

• Google Analytics service that operates according to its privacy policy (https://support.google.com/analytics/topic/2919631?hl=en&ref_topic=1008008 ).

• Leadfeeder service that operates according to its privacy policy (https://www.leadfeeder.com/privacy/ ).

The Customer or the Named User may provide user content of the User Account, including Personal Data about the Customer’s customer, the Customer’s supplier or any other individual in connection with the use of the Online Service (the “User Content”). It is the Customer’s sole responsibility to ensure the privacy of the Personal Data included into the User Content. The Service Provider has no direct relationship with the individuals whose Personal Data it hosts as part of User Content.

The Customer or the Named User may be given the option to access or register for the Online Service through services provided by a third party (the “Integrated Service”). By authorizing the Service Provider to connect with an Integrated Service, the Customer or the Named User authorizes the Service Provider to access and store information that the Integrated Service makes available to the Service Provider, and to use and disclose it in accordance with this Privacy Policy.

3. Use of collected information

The Service Provider uses collected information on the Online Service in a variety of ways including the following:

• The Service Provider uses the collected information on the Online Service to operate, maintain, enhance and provide all features of the Online Service, to provide services and information that the Customers and the Named Users request, to respond to comments and questions and otherwise to provide support to the Customers and the Named Users.

• The Service Provider uses the collected information on the Online Service to understand and analyze the usage trends and preferences of the Customers and the Named Users, to improve the Online Service, and to develop new products, services, features, and functionality.

• the Service Provider may use the Customer’s or the Named User’s email address or other collected information on the Online Service (i) to contact the Customer or the Named User for administrative purposes such as customer service, to address intellectual property infringement, right of privacy violations or defamation issues related to the User Content posted on the Online Service or (ii) to send communications, including updates on promotions and events, relating to products and services offered by the Service Provider and by third parties the Service Provider works with.

• The Service Provider may use cookies or other equivalent technique to: (i) personalize the Online Service; (ii) provide customized advertisements and content; (iii) monitor and analyze the effectiveness of the Online Service and marketing activities; (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed; and (v) track the Customer’s or the Named User’s activities on the Online Service.

The Service Provider works with third party service providers (the “Subcontractors”) to provide application development, hosting, maintenance, and other services for the Service Provider. The Subcontractors may have access to or process collected information as part of providing those services for us. Generally, we limit the information provided to the Subcontractors to that which is reasonably necessary for them to perform their functions.

The Service Provider may disclose the Customer’s information if required to do so by law, in response to a court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.

The Service Provider also reserves the right to disclose the Customer’s information that the Service Provider believes, in good faith, is appropriate or necessary to (i) take precautions against liability, (ii) protect the Service Provider or others from fraudulent, abusive, or unlawful uses or activity, (iii) investigate and defend the Service Provider against any third-party claims or allegations, (iv) protect the security or integrity of the Online Service and any facilities or equipment used to make the Online Service available, or (v) protect the Service Provider’s property or other legal rights (including, but not limited to, enforcement of the Agreements), or the rights, property, or safety of others.

Information about the Customer and the Named Users, including the Personal Data, may be disclosed and otherwise transferred to an acquirer, or successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets.

4. Access to Personal Data

The Service Provider respects the privacy rights of the Customer and the Named Users and provides them with reasonable access to their Personal Data on the Online Service. The Service Provider provides the Customer and the Named Users with the possibility to correct inconsistencies of, to update, or to delete their Personal Data on the Online Service. If the Customer and the Named Users declines to provide certain Personal Data, the Service Provider may not be able to provide all features and functionality of the Online Service.

The Service Provider has no direct relationship with any third party whose Personal Data the Service Provider may process on behalf of the Customer. The Customer may request the Service Provider to correct inconsistencies of, to update, or to delete the Personal Data of a third party and the Service Provider will act accordingly within reasonable timeframe.

The Customer acknowledges and approves on behalf of the Named Users and third parties that the Service Provider may retain older Personal Data for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where the Service Provider otherwise reasonably believes that the Service Provider has a legitimate reason to do so.

5. Other online services

The Online Service may contain features or links to online services provided by other service providers. Any information the Customer and the Named Users provide on the sites or services of other service providers is subject to those service providers’ policies, if any, governing privacy and security, even if accessed through the Online Service. The Service Provider is not responsible for the content or privacy and security practices and policies of the sites or services of other service providers. The Customer and the Named Users acknowledge that they need to learn about other service providers’ privacy and security policies before providing them any information.

6. Cookies and other similar technologies

The Online Service may send cookies or store other equivalent data to the Customer’s or the Named User’s device in order to enhance user experience of the Service Provider’s web site and improve the quality of the Online Service. If the Customer or the Named User deletes or chooses not to accept cookies or other data from the Online Service, the Customer or the Named User may not be able to utilize all features of the Online Service.

The Online Service creates new session ID whenever the Customer or the Named User signs in. Session IDs are used to ensure that user who signed in is able to use the Online Service during the whole user session.

The Service Provider utilizes business partners (the “Partner Data Services”) that use cookies and other similar technologies to better understand web site visitors. Each Partner Data Services has defined their own cookie policy which we encourage the Customer and the Named Users to review:

• Squarespace service follows their cookie policy (https://www.squarespace.com/cookie-policy ).

• Google Analytics cookie usage on websites are defined here (https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage ).

• Leadfeeder service uses cookies and other tracking technology in a following way (https://www.leadfeeder.com/cookies-and-tracking/ ).

7. Children’s Privacy

Protecting the privacy of young children is especially important and according to the General Data Protection Regulation of EU (“GDPR”) the processing of personal data of a child younger than 16 years requires consent and authorization by the parent or legal guardian. The Online Service is not directed to children, and the Service Provider does not knowingly collect the Personal Data from children under the age of 16 without obtaining parental consent. Persons under 16 years of age are strongly advised not or use nor access the Online Service at any time or in any manner. If the Service Provider learns that Personal Data has been collected on the Online Service from persons under 16 years of age and without verifiable parental consent, then the Service Provider will take the appropriate steps to delete this information.

The Customer of the Online Service is an independent business entity. The Named Users of the Online Service are assigned by the Customer. The Customer acknowledges and agrees to verify that none of the Named Users is under 16 years of age.

8. Data Security

The Service Provider follows generally accepted industry standards to protect the information submitted to the Online Service. Personal information is collected in databases that are protected by firewalls, passwords and other technical means. The databases and their backups are located in locked premises and the data can be accessed by authorized and confidential persons. The Service Provider maintains appropriate administrative, technical and physical safeguards to protect the Personal Data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Data on the Online Service.

However, no method of transmission over the Internet, or method of electronic storage, is totally secure. The Service Provider cannot ensure or warrant the security of any information the Customer and the Named Users store on the Online Service. The Customer acknowledges and agrees that the Customer and the Named Users store information on the Online Service at their own risk. The Service Provider also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of the Service Provider’s safeguards.

The Service Provider hereby prohibit the use of contact information published in connection with the statutory notices on the Online Service for purpose of sending promotional and informational materials that are not specifically requested. The Service Provider reserves the right to take legal actions if unsolicited promotional material, such as email spam is received to any contact information found on this Online Service.

If the Service Provider learns of a security breach, then the Service Provider attempts to notify the Customer electronically either directly or via the Online Service.

9. Data Retention

The Service Provider only retains the information collected from the Customer and the Named Users for as long as the Agreement is in force or otherwise for a limited period of time as long as the Service Provider needs it to fulfill the purposes for which the Service Provider has initially collected it, unless otherwise required by law. The Service Provider will retain and use information as necessary to comply with the Service Provider’s legal obligations, resolve disputes, and enforce agreements.

10. Data Transfer, Storage, and Processing

The Service Provider may transfer, process and store the Personal Data collected through the Online Service in centralized databases located outside of the country from which the Customer and the Named Users use the Online Service. The Customer acknowledges that the data protection framework differs between countries. When the Service Provider stores the Personal Data to another country, the Service Provider will protect the Personal Data as described in this Privacy Policy.

Some of the service providers who work for the Service Provider operate outside the EU or European Economic Area (“EEA”), so when they process the Personal Data, the data must be transferred outside the EEA. In these cases, the Service Provider will take the necessary safeguards as required by applicable law. This means: Personal Data will only be transferred to countries which have been assessed by a decision of the European Commission as providing an adequate level of data protection (“Data Protection Adequacy Decision”). When a service provider operates in a country not covered the “decision on adequacy”, separate contractual clauses adapted by the European Commission apply, which provide for the same level of contractual protection of personal data as within EEA. The Service Provider may also use service providers in the United States who are committed to the so-called Privacy Shield Framework, which requires them to provide adequate protection for personal information shared between Europe and the United States. The Customer and/or the Named Users submitting their Personal Data, agree to this transfer, storing or processing outside of the EEA according to this Privacy Policy.

11. Changes and Updates to the Privacy Policy

The Service Provider reserves the right to update the Privacy Policy. Please revisit the Privacy Policy of the Online Service periodically to stay aware of any changes, which the Service Provider may update from time to time. If the Service Provider modifies the Privacy Policy, the Service Provider will make it available through the Online Service. Any material changes will be posted on the Online Service and will come into effect 30 days after their posting. If the Customer does not refuse the changes in writing before they become effective, this shall mean that the Customer has consented to the Privacy Policy as changed. The Customer’s continued use of the Online Service after the revised the Privacy Policy has become effective indicates that the Customer has read, understood and agreed to the current version of the Privacy Policy.

12. Contact Us

If you have any questions or comments regarding this Privacy Policy or processing of your information, please contact us by written to:

Address: PLM-Zone Oy

Lars Sonckin Kaari 14

FI-02600 Espoo, Finland

Email: admin@plm-zone.com

Copyright © 2021 PLM-Zone Oy. All rights reserved.