Our Commitment To Privacy
Last Updated: December 30, 2019
Your privacy is important to us. To better protect your privacy, we provide this notice explaining our online information practices and the choices you can make about the way your information is collected and used. To make this notice easy to find, we make it available throughout our website and at every point where personal data may be requested. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
As discussed below, we collect contact information from persons interested in purchasing our products and services, which are designed for business customers. We use this information for responding to your requests for information and for providing products and services to you. We also may collect information automatically as you use our website, but we typically do not associate this with you as an individual.
The Information We Collect
We collect the following information, which may include your personal data (collectively “information”):
• Information you provide to us – we collect data that you choose to provide to us when filling out forms on our website and when you register to receive materials or view webinars. Such data includes your name, address, email address, phone number, geographic region and a password.
Unless otherwise specified above, the provision of the above personal data is not required: you do not have to provide us your personal data and we will not automatically collect information if you reject or switch off our cookies. However, we may not be able to provide the services you request from us without your personal data.
The Way We Use Information
We collect your information with a lawful basis for the specific purposes below. Please know that insofar we already hold information about you, we may use that information for the same purposes.
• For the performance of our agreement with you: In order to carry out our obligations arising from any contracts entered into between you and us, and to provide you with the information and services that you request, including managing and handling your requests, inquiries or complaints. This also includes responding to your requests to provide customer service, respond to your inquiries, providing you with technical support, provide you with essential information, documentation or communications regarding our services, etc.
• For our legitimate commercial interests: We may use your personal data (both on aggregated and on individual basis), such as your contact details and your electronic identification data for the purpose of advertising our products and services, making contact with you for marketing or other commercial purposes if you are an existing customer. We may also use your personal data for analyzing, developing and improving our website and services, such as providing you with customer services, and to understand you as a customer (customer optimization). We also work with service providers that help us determine what features, posts, or other statements of PROS are of most interest to our customers and prospective customers (e.g., are people reading our social media feeds, downloading whitepapers, etc.). This enables us to assess what may interest you (often such analysis, however, is completed without using any personal information or attempting to identify a particular user), to measure or understand the effectiveness of advertising we serve to you and others and to deliver relevant advertising. In addition, based on your historical use we may target you with advertisements or other marketing materials that are customized to your personal preferences and experiences.
We may also use your personal data for our other legitimate commercial interests such as: operating and expanding our business activities; developing and improving or modifying our services; generating aggregated statistics about the users of our website; assisting in security and fraud prevention; managing, protecting against and investigating fraud, risk exposure, claims and other liabilities and to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, and statistical purposes; system integrity purposes (for example the prevention of hacking, spamming etc.); facilitating our business operations; operating company policies and procedures; enabling corporate transactions, such as any merger, sale, reorganization, transfer of assets or businesses, acquisition, bankruptcy, or similar event; or for other legitimate business purposes permitted by applicable law.
• Marketing: to the extent permitted by applicable law or with your consent, we may send you marketing communications via email (such as newsletters and promotions). You can withdraw your consent at any time; see the section ‘Your Rights’ below.
• To comply with our legal obligations: Any information referred to above in the section ‘The Information We Collect’ may be used to comply with a legal obligation to which we are subject, such as maintaining appropriate business records, complying with lawful requests by governmental agencies and public authorities, complying with applicable laws and regulations or as otherwise required by law
The Way We Share Information
We share your personal data with the following parties:
• Service Providers and processors. We engage vendors, from time to time, including: business partners, suppliers, agents and contractors (such as IT service providers and hosting providers) and sub-contractors for the performance of any contract we enter into with them or to provide services on our behalf.
In providing their services, they will access, receive, maintain or otherwise process personal data on our behalf. For example, our agents and contractors may assist us in fulfilling requests for information, receiving and sending communications, updating marketing lists, analyzing data, providing IT support, including hosting services, and providing other support services. Our service providers will only use your information to the extent necessary to perform their functions and our contracts with these service providers do not permit the use of your personal data for their own (marketing) purposes. Consistent with applicable legal requirements, we take commercially reasonable steps to require third parties to adequately safeguard your personal data and only process it in accordance with our instructions.
• Third parties in case of legal requirement. We also disclose your personal data if disclosure is required by law or in the context of an investigation, regulatory requirement, judicial proceeding, court order or legal process served on us, or to protect the rights or safety of the website, us or our affiliated companies.
• Corporate transaction. In addition, information about our customers, including personal data, may be disclosed as part of any merger, sale, transfer of assets, acquisition, bankruptcy, or similar event.
• With explicit consent. We also disclose information about you, including personal data to any other entity, where you have consented or requested that we do so.
Our Commitment To Data Security
To prevent unauthorized access, maintain data accuracy, and provide for the correct use of information, we have put in place physical, electronic and managerial procedures designed to safeguard and secure the information we collect about you online. We endeavor to secure your personal data in accordance with industry standards and technology. Since the internet is not a 100% secure environment, we cannot ensure or warrant the security of any information you transmit to PROS. There is no guarantee that information may not be accessed, copied, disclosed, altered or destroyed by breach of any of our physical, electronic or managerial safeguards.
Our website users are responsible for maintaining the security of any password, user ID or other form of authentication involved in obtaining access to password protected or secure areas of our web site. In order to protect you and your information, we may suspend your use of our website, without notice, pending an investigation, if we suspect that any security breach has taken place.
Data Processing in the U.S. and Globally
PROS is located in the United States and our website is hosted in the United States. We, and our service providers acting on our behalf, process any personal data collected about EEA visitors via our website or EEA customers in the United States and other worldwide locations. To comply with European data protection regulations on the transfer of personal data outside of the EEA, we take steps to safeguard European privacy rights by asking that our suppliers undertake a valid mechanism to give adequate protection to such personal data transferred outside of the EEA. For example, our suppliers use mechanisms approved by the European Commission, such as Binding Corporate Rules (for more information, please see http://ec.europa.eu/justice/data-protection/international-transfers/binding-corporate-rules/bcr_cooperation/index_en.htm), standard contractual clauses, or, for those suppliers based in the United States, registration under the EU-US Privacy Shield Framework Principles (for more information please see https://www.privacyshield.gov/list).
Within the PROS international group of companies, in order to supply you with services you have requested and for other lawful purposes, it may be necessary for us to transfer your personal data from one PROS group company to another PROS group company. The PROS group companies have signed standard contractual clauses (in the form approved by the European Commission) to provide for such circumstances where EEA personal data is transferred to a location outside of the EEA. For further information about where PROS group companies are located please see the PROS contact page.
Where you are based in the EEA, you are entitled, upon request, to receive a copy of the relevant contract (such as standard contractual clauses or Binding Corporate Rules) showing that appropriate safeguards have been taken to protect your personal data during such transfer.
How We Retain Information
We are committed to effective records management to comply with applicable laws and meet the information retention and retrieval needs of our operations. We will generally retain your personal data for as long as it is required for purposes for which the data were collected. Unless we will inform you otherwise, this will usually a period of three (3) years after our last interaction with you plus the length of any applicable statutory retention period following such activity. If you wish to cancel your account or request that we no longer use your information to provide you services, please contact us using the information set forth below.
Personal data will be handled in the following manner:
- • Stored appropriately in light of the sensitivity and confidentiality of the information.
- • Retrievable.
- • Disposed of appropriately to prevent it from being accessed by unauthorized persons.
- • Considered as confidential in nature.
Special Notice to European Union Residents
This section applies to European Union residents.
We will take steps in accordance with applicable legislation to keep your personal data accurate, complete and up-to-date. You are entitled to have any inadequate, incomplete or incorrect personal data corrected (that is, rectified). You also have the right to request access to your personal data as well as additional information about the processing and to request us to erase the personal data we hold about you.
The following rights apply in addition to the above:
- • Right to restriction: you have the right to obtain restriction of processing, for example in case we no longer need your personal data in view of the initial purposes but they are required by you for the establishment, exercise of defense of legal claims.
- • Right to object: you have the right to object to our processing of your personal data which is based on our legitimate interests. We will no longer process your personal data upon your request, unless we have compelling legitimate grounds for the continuation of the processing which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims. You may also object against our use of your data for direct marketing purposes. To that end, you may also use the unsubscribe button provided for in every email we send.
- • Right to withdraw consent: in cases where we rely on your consent for using your personal data, you can withdraw such consent at any time by sending an email to: firstname.lastname@example.org.
- • Right to data portability: under circumstances, you have the right to have your personal data transmitted to another data controller in a structured, commonly used and machine-readable format.
- • Right to lodge a complaint: in case you have a question or complaint about how we process your personal data, you can send an email to: email@example.com. Alternatively, you can lodge a complaint with your local supervisory data protection authority.
Special Notice for California Consumers
In this section, we provide information for California residents, as required under California privacy laws, including the California Consumer Privacy Act (“CCPA”), which requires that we provide California residents certain specific information about how we handle their personal information, whether collected online or offline. Under the CCPA, “personal information” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. It does not include publicly available data as defined by the CCPA.
Information that We Collect About You: Above, we describe the personal data that we collect about you. As the CCPA prescribes specific categories, we repeat our data collection practices here – please also note that in this section, we also describe our offline data collection practices, as pertains to California residents. Of the categories established in the CCPA, we collect the following information about you:
- • Name, Contact Information, and Other Identifiers: when you interact with us online or offline, we collect your contact information which may include your name mailing address, IP address, email address, and employer’s name (if you are an authorized representative of one of our customers);
- • Customer Record Information/Purchase Histories: if you are a registered customer with us we collect information about the services that you purchase from us. Please note that only certain business-related information is within scope of the CCPA.
- • Usage Data: As stated above, we collect information about the use of our website, including our customer portal. This may include log activities, IP address, browsing history, click stream data, but we do not necessarily associate this information with any individual user or account holder (except as described above). We also collect information about downloads of our whitepapers, posts to our social media fees, or other references to PROS in the public space; we do not usually associate this with any PROS account or seek to identify a particular individual.
- • Audio/Visual Data: if you visit our offices, we may use CCTV or other surveillance to protect our property; we do not associate this information with your account. If you choose to chat with our online sales representatives through our website, we also collect personal data about your chat. Absent a customer service inquiry, we typically do not associate this information with your account. If you are not an account holder, then we may use the information obtained through the chat to contact you about our products and services.
Disclosure: We disclose each of the categories above for a business purpose to assist us in providing our services to you.
California Resident Rights
California law grants California residents certain rights and imposes restrictions on particular business practices as set forth below.
Right to Opt-out of Sale of Personal Information. California residents have the right to opt-out of our sale of their personal information. To exercise your right, please complete this form or contact us at 1-(800)-555-3548, option 5.
Verifiable Requests to Delete and Requests to Know. Subject to certain exceptions, California residents have the right to make the following requests, at no charge:
• Request to Delete: California residents have the right to request deletion of their personal information that we have collected about them and to have such personal information deleted, except where an exemption applies.
• Request to Know: You have the right to know the categories of data that we collect about you, each of which is described above. You also have the right to request, subject to certain exemptions, a copy of the specific pieces of personal information that we have collected about you in the prior 12 months and to have this delivered, free of charge, in an easy to read format either by email or another portable means.
• Request to Opt-out of Sale: You may request that we cease “selling” your information to the entities as describe above.
• Submitting Requests: Requests to Opt-out of Sale of Personal Information, Requests to Know, and Requests to Delete may be submitted by going to our California Individual Rights Page at this form, as well as by contacting us at 1-(800)-555-3548, option 5 (toll free). We will respond to verifiable requests received from California consumers as required by law.
You may make up to two requests within 12 months.
• Requests from Agents: We will accept requests from authorized agents as required by applicable law. We request that the consumer complete a notarized statement authorizing the agent to submit the request on his/her behalf.
• Financial Incentives. We do not offer any incentives at this time.
For more information about our privacy practices, you may contact us as set forth in the How to Contact Us section below.
How to Contact Us
PROS Legal Department
3100 Main Street, Ste 900
Houston, TX USA 77002