WHAT THIS POLICY COVERS
- What information we collect
- How the information is used
- Sharing of information
- Transfer and storage of your information
- Access to your information
- Notice to end users
B2BE provides a number of Services to help connect businesses and streamline their processes. These Services include, but are not limited to:
- EDI Messaging
- OCR and DDP Data Capture
- Print and Post
- Web solutions such as Accounts Payable, Document Routing, Web Trader, e-Catalogue, and Procurement
- Mobile applications such as B2P.
- Business Intelligence Reporting
B2BE also enable visitors to the B2BE website to submit queries or requests for information via several web pages.
We collect information to deliver the Services your company has contracted us to provide. Generally, this information is provided to us, and is information in a business context.
Information provided to us
- Personal Information: Visitors to B2BE’s website may submit their personal information to enable B2BE to respond to a query or request for information.
- Message/Document Information: We process many different message types that range in complexity and in the amount of information that it contains. Through our EDI services we retain a copy of the message in its sender, intermediary and receiver formats. The message content may contain information about you in a business or private context.
- Account Information: If you are registered for an account on the B2BE Customer Centre or Web Portal solution we will collect your name and contact information. Your account will be assigned an account profile, and you can maintain it to your preferences.
- Web Portal Captured Information: Many of the Services provided via the Web Portal capture information to facilitate business process. This may include information about you when it is needed for providing the Services and capturing the necessary message content.
Information we collect when you use our Services
- Website Use: B2BE only collects personally identifiable information about you (ie: your name, address, etc.) through our website when voluntarily submitted by you. Visitors may choose to submit personal information to obtain information or submit a comment. Providing personal information is up to you, our visitor. If you do not want your personal information collected, please do not submit it to us.
- B2BE websites may contain links to other sites and whilst we make every effort to only link to sites that share our standards, we cannot be held responsible for the contents and privacy policies of such sites.
- Occasionally, we may collect technical information automatically when you connect to our site that is not personally identifiable. An example of this would include the type of Internet Browser or the type of computer operating system you are using or the domain name of the website from which you linked to our site.
- Web Portal Use: Information relating to you accessing and using the Services is collected and logged. This information includes access attempts, information you have viewed or changed.
- Device and Connection Information: We may collect information about your computer, phone, tablet, or other devices you use to access the Services. This information includes what device you have used, operating system, browser type, IP address and device identifiers. The collection of this information will differ between Services and the type of device.
How we use the information depends on which Services you use.
- Website: B2BE may use the information provided by you (together with other information we hold or obtain) to send you information and offers about our goods and/or services that we believe may be of interest to you. This may involve contacting you by post, email or telephone. We also offer you an “opt-out” option at any time should you wish to cease receiving emails or other information from us.
- Business Process and Communication: Message content is used to facilitate business process and for communication back to your organisation or their trading partners. We are providing the Services as an intermediary and do not use the message content for any purpose other than providing the contracted Services.
- Safety and Security: Information about you and your use of the Services are used to verify access and activity, for the purposes of providing a secure service and ensuring data integrity.
- Research and Development: We use device and usage information to enhance our Services and make them faster, more secure and more widely available to all end users.
- Legal bases for processing (for EEA users): If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the Services you use, and how you use them. Overall, we collect and use your information only where:
- We need it to provide you the Services, including to operate the Services, provide customer support and to protect the safety and security of the Services;
- It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests;
- You give us consent to do so for a specific purpose; or
- We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.
Your information could be shared with the following parties.
- Web Portal Users: Information about your account or message content about you can be shared based on granted permissions. This information is shared to provide the Services that the information was intended for.
- Trading Partners: The message content may contain information about you, and based on partnership arrangements within the Services, this information is then shared with your trading partners.
- Organisation Administrators: Administrators within your organisation will be able to access your account information and perform defined actions against your account. They have the ability to control your access within the system, and possibly the access of other end users to your information.
- Service Providers: We work with third-party service providers for application development, server hosting and maintenance, virtual infrastructure, faxing, payment processing and other possible services. To perform these services, they may require access or use of information about you. The service provider does this under instruction from us, including abiding by policies and procedures designed to protect your information.
- B2BE Companies: B2BE operate within a global shared services model and information about you can be shared with other entities within the B2BE group to provide the Services. This information may be shared in connection with any merger, acquisition or sale of company assets.
- Enforcement Requests: Information about you may be shared if deemed necessary for:
- Compliance with any applicable law, legal request, regulation or government requirement;
- Protection against illegal activities; or
- Protection of our Services.
Information storage and retention
Information retention differs between Services and the type of information. Your organisation and trading partners will have agreed retention periods for the Services, and information will be retained for at least that period.
Information can be retained online and is accessible via the Services. After a pre-determined period, information is archived and retained permanently in a secure location.
Security of your information
We regularly review our security procedures and the technical measures we have in place to secure your information at all times. No system that is open to the Internet is impenetrable, and we cannot guarantee that data during transmission or while stored is safe from intruders. We will take appropriate measures to ensure our Services are as secure as possible. If malicious activity is detected, we will follow regulated breach procedures without undue delay.
International transfer of information
B2BE is a global organisation that receives information in many different locations. Information received in one location may need to be transferred to a different location to facilitate the Services with your trading partners or third-party service providers.
We maintain servers around the world and your information may be stored and processed outside of the country where you live.
For transfers of EU Personal Data to a jurisdiction other than a jurisdiction in the EU, or the European Commission-approved countries providing ‘adequate’ data protection, B2BE will provide an adequate level of data protection for EU personal data in our best effort.
You have the right to request a copy of your information, object to its use, or request for it to be updated or deleted. Where B2BE is administering the Services, a formal request can be made via the ‘Contact Us’ section below. If your account is administered by another organisation as described in the ‘Notice to end users’ section, then your request should first be made to that organisation.
Our Services are primarily provided to organisations, and those organisations make the Services available to you. The organisation that has contracted us to provide the Services is the administrator and is responsible for the end users and controls within those Services. In this situation, questions relating to data privacy should be directed to this organisation’s administrator as their practices may be different to this policy.
Information on children
The Services are not directed to individuals under 13, and we do not knowingly collect personal information from children under 13. If we are advised of personal information of a child under 13, we will take steps to delete that information.
Notification of changes and updates
This Policy was last updated on 22th August 2018.
If you have any questions or concerns about how your information is handled please contact B2BE’s Data Privacy Officer – Gary Liow: firstname.lastname@example.org