Sela Privacy and Data Protection Policy and Notice Last Updated: November 15, 2021
Sela Software Labs Ltd. (“Sela”, “we”, “our” or the “Company”, and their cognates) respects the privacy of its customers and end-users, and is committed to protecting the personal information you may share with us (these and any others with respect to whom we collect personal data, shall collectively be referred to as “Students”, “Customers”, “you” or “Data Subjects”).
Sela provides cloud solutions and end-to-end services including cloud development architecture, infrastructure and network management, big data solutions and performance improvement, software development and deployment, and related services. Sela also provides courses and conferences in the hi-tech field (together, the “Services”).
This policy and notice (the “Privacy Policy”) explain the types of information we may collect from you, that we may receive about you or that you may provide in the course of your interest in our Services. We are transparent about our practices regarding the information we may collect, use, maintain and process and describe our practices in this policy and notice. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
For the purposes of Regulation EU 2016/679 - the General Data Protection Regulation (the “GDPR”), Sela will usually be a data controller (the “Controller”) in relation to the Personal Data of our customers and prospective customers. However, Sela also acts as a data processor (the “Processor”) in relation to the Personal Data of our end-users provided to us by our customers, which we may process on behalf of those customers; likewise, Sela is a Processor of data provided to it by other organizations, including various cloud services providers, for whom Sela acts as a distributor or customer service provider.
We may collect data about you in connection with your transactions with us, or in processing data for our customers. One type of data is non-identifiable and anonymous information (“non-personal data”).
We also collect several categories of personal data (“Personal Data”).
We elaborate here on two categories of Personal Data we may collect from, on behalf of, or in connection with our Students and Customers.
Data we collect about you from your transactions with us:
Personal Data which is being gathered consists of any details which are personally identifiableprovided consciously and voluntarily by you, or by an organization you represent or are associated with or through your use of our Services or our support website (as described below). This may include your name (first and last), email address, phone numbers, postal address, identification number, position and organization name and other information you may choose to provide to Sela.
You do not have any legal obligation to provide any information to Sela, however, we require certain information in order to provide our Services, including services which we provide on behalf of others. If you choose not to provide us with certain information, then we may not be able to provide you or your organization with some or all of the Services.
Sela may also collect the email addresses or other communication details of people who communicate with Sela via email or other media or create accounts and login credentials.
By registering on the website, or submitting requests for support or information, Sela will collect details, including also your name, company name, phone number and personal or company email you provided, address and other such information. Sela may use this information to offer Sela’s Services and support.
By signing up to our courses and conferences, Sela collects your name, phone number, email address, course or conference you wish to attend, identification number and the four last digits of your credit card number.
We also may collect your account data, such as your bank account number, when you give us such information in order for us to fulfill our Services.
We collect Personal Data of users on behalf of our Students and Customers, such as usernames, contact informationand data associated with support cases.
We collect Personal Data through your use of our website, support website and when you contact us for our Services. We collect Personal Data required to provide Services when you provide us such informationby entering it manually or automatically, or through your use of our website, facilities and Services, or in connection with site visits, in the course of preparing a contract, or otherwise in engaging with us. We also may collect Personal Data when you call us for support, in which case we collect the information you provide us.
We will use Personal Data to provide and improve our services to our customers and others and meet our contractual, ethical and legal obligations. All Personal Data will remain accurate, complete and relevant for the stated purposes for which it was processed, including for example:
Processing which is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (GDPR Article 6(1)(b)):
carrying out our obligations arising from any contracts entered into between you or your employer or organization and Sela and/or any contracts entered into with Sela and to provide you with the information, products and services that you request from Sela;
administering your account with Sela including to identify and authenticate you and users from your organization;
verifying and carry out financial transactions in relation to payments you make in connection with the products;
notifying you about changes to our service and products;
contacting you for the purpose of providing you with technical assistance and other related information about the products;
Processing which is necessary for the purposes of the legitimate interests pursued by Sela or by a third party (GDPR Article 6(1)(f)) of providing an efficient and wide-ranging service to
customers:
contacting you to give you commercial and marketing information about events or promotions or additional services and products offered by Sela, including in other locations;
soliciting feedback in connection with your use of the Services;
tracking use of Sela services to enable us to optimize them;
replying to your queries, troubleshooting problems, detecting and protecting against error, fraud or other criminal activity;
contacting you to inform you of additional services which may be of interest to you;
Processing which is necessary for compliance with a legal obligation to which Sela is subject (GDPR Article 6(1)(c)):
compliance and audit purposes, such as meeting our reporting obligations in our various jurisdictions, and for crime prevention and prosecution in so far as it relates to our staff, Students, Customers, facilities etc;
if necessary, we will use personal data to enforce our terms, policies and legal agreements, to comply with court orders and warrants and assist law enforcement agencies as required by law, to collect debts, to prevent fraud, infringements, identity thefts and any other service misuse, and to take any action in any legal dispute and proceeding;
for security purposes and to identify and authenticate your access to the parts of the facilities;
we may collect personal data of our customers’ personnel, which will be used for the purposes set out above.
We may transfer Personal Data to:
Members of our Group: This includes any member of our group, which means our parent company, subsidiaries - whether wholly or partially owned by Sela, and co-owned companies.
Third Parties. We transfer Personal Data to third parties in a variety of circumstances. We endeavor to ensure that these third parties use your information only to the extent necessary to perform their functions, and to have a contract in place with them to govern their processing on our behalf. These third parties may include business partners, suppliers, affiliates, agents and/or sub-contractors for the performance of any contract we enter into with you. They may assist us in providing the Services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, analysing data, providing IT and other support services or in other tasks, from time to time. These third parties may also include analytics and search engine providers that assist us in the improvement and optimisation of our website, and our marketing.
We periodically add and remove third party providers. At present our third-party providers to whom we may transfer personal data include also the following:
Cloud computing providers, billing services, customer relationship management services, data backup and analytics, advertising services, newsletter and communication service, call center platforms;
Experts who assess foreign credentials in various fields
Our lawyers, accountants, local payroll service providers, other standard business service providers
Other industry standard business software and partners.
In addition, we may disclose your Personal Data to third parties if some or all of our companies or assets are acquired by a third party including by way of a merger, share acquisition, asset purchase or any similar transaction, in which case personal data may be one of the transferred assets. Likewise, we may transfer personal data to third parties if we are under a duty to disclose or share your Personal Data in order to comply with any legal or audit or compliance obligation, in the course of any legal or regulatory proceeding or investigation, or in order to enforce or apply our terms and other agreements with you or with a third party; or to assert or protect the rights, property, or safety of Sela, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.
For avoidance of doubt, Sela may transfer and disclose non-personal data to third parties at its own discretion.
We store your Personal Data in servers owned or controlled by Sela, or processed by third parties on behalf of Sela, by reputable cloud-service providers in the US, Israel and EU (see the following section regarding international transfers).
Personal Data may be transferred to, and stored and used at, a destination outside the European Economic Area (EEA) that may not be subject to equivalent data protection laws to those of the EU. Where your Personal Data is transferred outside of the EEA, we will take all steps reasonably necessary to ensure that your Personal Data is subject to appropriate safeguards, and that it is treated securely and in accordance with this Privacy Policy. Sela transfers data to other jurisdictions as follows:
To the United States of America. Sela stores Personal Data on Microsoft servers which are located in the US. Transfer to the US is subject to GDPR-approved mechanism, including especially standard contractual clauses.
We may transfer your personal data outside of the EEA, in order to:
store or backup the information;
enable us to provide you with the Services and products and fulfil our contract with you;
fulfill any legal, audit, ethical or compliance obligations which require us to make that transfer;
facilitate the operation of our group businesses, where it is in our legitimate interests and we have concluded these are not overridden by your rights;
to serve our customers across multiple jurisdictions; and
to operate our parent company, subsidiaries and affiliates in an efficient and optimal manner.
Sela will retain Personal Data it processes only for as long as required in our view, to provide the Services and as necessary to comply with our legal and other obligations, to resolve disputes and to enforce agreements. We will also retain personal data to meet any audit, compliance and business best-practices.
Data with respect to which Sela is the Processor may be deleted only on action and/or instruction of the Controller, except where such data must be retained by us, in our judgment, as above.
Data that is no longer retained may be anonymized or deleted. Likewise, some metadata and statistical information concerning the use of our Services are not subject to the deletion procedures in this Privacy Policy and may be retained by Sela. We will not be able to identify you from this Data. Some
Data may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policy and their retention policy.
We take great care in implementing, enforcing and maintaining the security of the Personal Data we process, whether as Processor or as Controller. Sela implements, enforces and maintains security measures, technologies and policies to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of Personal Data. We likewise take steps to monitor compliance of such policies on an ongoing basis. Where we deem it necessary in light of the nature of the data in question and the risks to data subjects, we may encrypt data. Likewise, we take industry standard steps to ensure our website and Services are safe.
Note however, that no data security measures are perfect or impenetrable, and we cannot guarantee that unauthorized access, leaks, viruses and other data security breaches will never occur.
Within Sela, we endeavor to limit access to personal data to those of our personnel who: (i) require access in order for Sela to fulfil its obligations, including also under its agreements, and as described in this Privacy Policy, and (ii) have been appropriately and periodically trained with respect to the requirements applicable to the processing, care and handling of the Personal Data, and (iii) are under confidentiality obligations as may be required under applicable law.
Sela shall act in accordance with its policies and with applicable law to promptly notify the relevant authorities and data subjects in the event that any personal data processed by Sela is lost, stolen, or where there has been any unauthorized access to it, all in accordance with applicable law and on the instructions of qualified authority. Sela shall promptly take reasonable remedial measures.
Data subjects with respect to whose data GDPR applies, have rights under GDPR and local laws, including, in different circumstances, rights to data portability, rights to access data, rectify data, object to processing, and erase data. It is clarified for the removal of doubt, that where personal data is provided by a customer being the data subject's employer, such data subject rights will have to be effected through that customer. In addition, data subject rights cannot be exercised in a manner inconsistent with the rights of Sela employees and staff, with Sela proprietary rights, and third-party rights. As such, job references, reviews, internal notes and assessments, documents and notes including proprietary information or forms of intellectual property, cannot be accessed or erased or rectified by data subjects. In addition, these rights may not be exercisable where they relate to data that is not in a structured form, for example emails, or where other exemptions apply. If processing occurs based on consent, data subjects generally have a right to withdraw their consent.
Where Sela is the Controller, a data subject who wishes to modify, delete or retrieve their Personal Data, may do so by contacting Sela (privacy@Sela.co.il). Note that Sela may have to undertake a process to identify a data subject exercising their rights. Sela may keep details of such rights exercised for its own compliance and audit requirements. Please note that Personal Data may be either deleted or retained in an aggregated manner without being linked to any identifiers or Personal Data, depending on technical commercial capability. Such information may continue to be used by Sela.
Data subjects with respect to whose data GDPR applies have the right to lodge a complaint, with a data protection supervisory authority in the place of their habitual residence. If the supervisory authority fails to deal with a complaint, you may have the right to an effective judicial remedy.
Where Sela is a Processor, any data subject rights may be exercised only through the relevant Controller; Sela will refer Data Subjects to exercise their rights through the relevant Controller.
Minors. We do not knowingly collect or solicit information or data from or about children under the age of 16 or knowingly allow children under the age of 16 to register for Sela services. If you are under 16, do not register or attempt to register for any of the Sela Service or send any information about yourself to us. If we learn that we have collected or have been sent Personal Data from a child under the age of 16, we will delete that Personal Data as soon as reasonably practicable without any liability to Sela. If you believe that we might have collected or been sent information from a minor under the age of 16, please contact us at: privacy@Sela.co.il, as soon as possible.
Changes to this Privacy Policy. The terms of this Privacy Policy will govern the use of the services, website, and any information collected in connection with them. Sela may amend or update this Privacy Policy from time to time. The most current version of this Privacy Policy will be available at: https://www.sela.co.il/static/legal/selaPrivacyNotice.pdf. Changes to this Privacy Policy are effective as of the stated “Last Revised” date and your continued use of our Services will constitute your active acceptance of the changes to and terms of the Privacy Policy.
Sela aims to process only adequate, accurate and relevant data limited to the needs and purposes for which it is gathered. It also aims to store data for the time period necessary to fulfill the purpose for which the data is gathered. Sela only collects data in connection with a specific legitimate purpose and only processes data in accordance with this Privacy Policy. Our policies and practices are constantly evolving and improving, and we invite any suggestions for improvements, questions or comments concerning this Privacy Policy, you are welcome to contact us (details below) and we will make an effort to reply within a reasonable timeframe.
Sela contact details: Sela Software Labs Ltd, 14-18 Baruch Hirsh St, Bnei Brak 5120206, Israel. Tel +972- 3-6176666.