1. Introduction
Please read this Privacy Policy carefully as it describes collection, use, disclosure, retention, and protection of personal data by the Gate Software group of companies (brand name “ALLOut Security”).
- “Personal data” is here defined as information concerning any living natural person (a “Data Subject”) that is not already in the public domain. For example, this might include an individual’s name, email address, or phone number.
- Gate Software is an international group of companies providing a market-leading security, audit, and compliance toolset for JD Edwards.
This Privacy Policy applies to all products and services offered by:
- Gate Software, Ltd (a company incorporated in England with registration number 05286432 and registered office of Office 2a Innovation House, Molly Millars Close, Wokingham, Berkshire, RG41 2RX); and
- Gate Software, Inc (a company incorporated in Colorado, United States with registration number 20091132278 and registered office address of Suite 1500, 8400 E. Prentice Ave, Greenwood Village, CO 80111);
- Excluding any product applications or services that have separate privacy notices.
Please also see our separate Cookie Policy, available on our website: https://alloutsecurity.com/.
2. How do we collect your data?
We collect and process your data when you:
- Communicate with us and provide information by email, telephone, or other means of communication.
- Use or view our website via your browser’s cookies and the log-in information you provide.
3. How do we process your personal data?
We will only use your personal data when legally permitted and when we believe you would wish us to do so. The most common uses of your personal data are:
- Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests.
- To execute a contract between us.
- To register you as a customer.
- To deliver material and products.
- To manage and collect payment.
- To offer and provide educational material and webinars.
- To manage our relationship with you which will include notifying you about changes to our Terms and Conditions or Privacy Policy.
- Where we need to comply with a legal or regulatory obligation.
- Where we need to manage and protect our systems (e.g. website and databases) and your data within them - including troubleshooting, maintaining, supporting, testing, analysis, reporting and hosting.
3.1. Marketing and Offers of Educational Material
You will receive communications from us offering educational material, our educational webinar program, our products and services, and communications relevant to our industry if you have:
- Purchased goods or services from us.
- Requested material from us (including attending webinars, recorded or otherwise) and provided us with your details and ticked the box at the point of entry of your details in order for us to send you that promotional or educational material.
- Connected to us, directly or through third parties, in order to receive information from us.
In each case, you have provided us with your details in order to maintain a relationship with us and have not opted out of receiving offers of promotional and educational material.
3.2. Sensitive Data and Children’s Personal Data
We do not collect any sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
This website, and any services available from this website, are not directed to children under the age of 18. By providing us with your data, you warrant to us that you are over 18 years of age. If you learn that a child under the age of 18 has provided us with their Personal data, please contact our Data Protection Officer immediately at complianceofficer@alloutsecurity.com.
4. What is the legal basis for processing personal data?
- For the purposes of meeting Gate Software’s contractual obligations to our clients regarding provision of software and services.
- For the purposes of pursuing legitimate interests of Gate Software, where such interests are not overridden by the interests or fundamental rights and freedoms of the Data Subject. Such legitimate interests are to promote the software and services offered by Gate Software and/or to market those products to existing and potential clients.
This is in accordance with Article 6 Regulations (EU) 2016/679 (the General Data Protection Regulations or “GDPR”), and with UK GDPR (retained EU law).
5. What are your rights as a Data Subject?
At any point whilst Gate Software is in possession of or processing your personal data, all Data Subjects have the following rights:
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
If you wish to exercise any of the rights set out above, please email our Data Protection Officer at complianceofficer@alloutsecurity.com.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made multiple requests. In this case, we will notify you and keep you updated.
6. How do we secure your information?
Protecting your personal data is important to us and we have put in place security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. However, we cannot guarantee that user data will be immune from malicious attack or compromise.
We also limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breaches and will notify you and any applicable regulator of a breach where we are legally required to do so.
7. How long do we keep your personal data?
We will only keep your personal data for as long as is necessary to fulfil the purposes for which we collected it. We may retain your data to satisfy any legal, accounting, or reporting requirements so for example we need to keep certain information about you for 6 years after you cease to be a client for tax purposes.
We may anonymize your personal data (so that you can no longer be identified from such data) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
8. How can you withdraw consent?
You have the right to withdraw consent for our processing of your personal data at any time, by emailing complianceofficer@alloutsecurity.com.
You also have the right to stop us from sending you marketing communications only. You can do this by selecting your contact preferences at the point where you provide us with your information on our website, applications or services, using any preference centers we give you access to or by sending an email to marketing@alloutsecurity.com.
9. When do we disclosure data to third parties?
We will only share your information with third parties, which are either related to or associated with the running of our business, and where it is necessary for us to do so. These third parties include:
- Our accountants & advisors, Gate Software companies and affiliates.
- Third party database hosters and service providers who help us manage our data, website and databases.
- Third party business partners, where you have explicitly indicated a wish to receive products and/or services from them.
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
We do not otherwise share your information with any other external organization without your consent unless required to do so by law, for safeguarding purposes or to protect against harm to the rights, property or safety of Gate Software, its users or the public, as required or permitted by law.
Gate Software has no intention of sharing your personal data with any third party for marketing purposes. We undertake to request your express opt-in consent should we wish to do this in the future.
10. What about transfers outside of the European Economic Area?
Personal data in the European Union is protected by data protection laws but other countries do not necessarily protect your personal information in the same way.
Our website and some databases or parts of them may also be hosted by providers in the United States or otherwise outside of the EEA (which means all the EU countries plus Norway, Iceland and Liechtenstein), and this means that we may transfer any information which has been submitted by you through the website or via any other means outside of the EEA to the United States or to other territories outside of the EEA. When you send an email to us, this will also be stored on our email servers which may be hosted in the United States.
Our service providers who help us provide our website, applications, software, marketing, and other services may also be located in the United States or otherwise outside of the EEA and this means that we may transfer any information which has been submitted by you through the website or via any other means outside of the EEA to the United States or to other territories outside of the EEA.
We take steps to ensure that where your information is transferred outside of the EEA by our service providers and hosting providers, appropriate measures, and controls in place to protect that information in accordance with applicable data protection laws and regulations. For example, we may share information with affiliates based outside the EEA for the purposes envisaged by this Privacy Policy.
All Gate Software companies are subject to data protection policies designed to protect data in accordance with EU data protection laws. In each case, such transfers are made in accordance with the requirements of GDPR and may be based on the use of the European Commission’s Standard Model Clauses for transfers of personal data outside the EEA.
By using our website, products, or services or by interacting with us in the ways described in this Privacy Policy, you consent to the transfer of your information outside the EEA in the circumstances set out in this Privacy Policy. If you do not want your information to be transferred outside the EEA you should not use our website, applications, or services.
11. What is the procedure for complaints?
We are committed to protecting your personal data - but if for some reason you are not happy with any aspect of how we collect and use your data, you have the right to complain to Gate Software’s Data Protection Officer by sending us an email to complianceofficer@alloutsecurity.com.
You also have the right to lodge a complaint with the supervisory authority in the country where you live, where you work, or where the alleged infringement took place.
12. Changes to our Privacy Policy
We may update our Privacy Policy from time to time. Please check for updates when you visit our website, https://alloutsecurity.com/.
Privacy Policy last updated 18 May 2023