Who we are
Our website address is: www.silversoft.com
How we use your information
We collect the email addresses of those who communicate with us via email, aggregate information on what pages consumers access or visit, and information volunteered by the consumer (such as survey information and/or site registrations). The information we collect is used to improve the content of our web pages and the quality of our service, and is not shared with or sold to other organisations for commercial purposes, except to provide products or services you’ve requested when we have your permission, or under the following circumstances:
It is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
Silversoft’s use of information received, and Silversoft's transfer of information to any other app, from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use Requirements.
Information gathering and usage
When you register on this website, or request further information, we may ask for information such as your name, company name, email address, physical address and related information. Silversoft uses this information for the following general purposes: providing products and services, marketing, identification and authentication, improving our service, contacting you, and research.
Silversoft may disclose personally identifiable information under special circumstances, so as to comply with subpoenas or when your actions violate the Terms of Service.
Silversoft may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your Silversoft primary account holder account, or by placing a prominent notice on our site.
GDPR & POPI
Silversoft is compliant with the EU General Data Protection Regulation (GDPR). By the terms of this regulation, we act as both a controller and a processor of data. As a data processor, we enable you, the client, to act as a data controller. This means that your company and its activities must comply with the regulations set out in the GDPR. Magnetic is obligated to assist authorities in ensuring that GDPR compliance is met by any data controllers we enable. Even if you are not based in the European Union, the GDPR applies to your company if you store any personal information for any European Union citizen. As a controller of data, we collect the following personal data from our users.
Client Relation Data
We collect your full names (as given during sign-up), email address(es) and contact numbers. This data is used by our sales representatives and implementation specialists in order to contact you regarding your Silversoft account, so as to set it up and provide support. We also collect information regarding your place of work, which is rendered from your employer and is necessary to associate users to their company.
We collect IP addresses and behavioural data for two reasons: as part of our obligations as a data processor to keep a record of processing events and to assist our team in diagnosing any problems you encounter while using our system.
In order to provide the best possible experience, we make use of analytic third-party systems which may track any of the information above. These third-party applications are listed below.
Future Data Storage
In the future, Silversoft may extend the personal data we store as needed to provide an inclusive, accessible and useful system to our clients. All this data will be obtained with your explicit knowledge and consent, and we will explain exactly how we intend to use it.
Silversoft makes use of several third-party services in order to provide utility to you, the client, and to assist us in diagnosing issues and improving the user experience. Some of these third-party services are optional integrations for our clients to use in their work as data controllers. All of these third-party services are listed below, along with links to their own GDPR information pages. All our third-party services are GDPR compliant.
What has Silversoft done to comply with the GDPR?
As a global company which handles sensitive information for our clients, Silversoft takes the protection of our client’s data and privacy very seriously. We have conducted an extensive review of all our third-party applications, their GDPR compliance and data policies, and the data transfer contracts we have with each of them. Sensitive information is stored as securely as possible, and we have a comprehensive security module to ensure that data can only be accessed by those who have explicit approval. Internally, we have a strict policy regarding the access of data, both via our back-end system and in terms of our support and ticketing services.
We have also conducted a review of our logging and record policies to ensure that we comply with the logs and records required from data processors. We commit to responding timeously to requests for erasure, and requests for access, from any potential data subject who can provide sufficient proof of identity. We also have available systems for our clients to download their uploaded data for portability.
In the unlikely event of a data breach, we commit to notifying affected parties within 72 hours of becoming aware that such a breach has occurred. In this time, we will conduct as extensive an investigation as possible, so as to inform affected parties of the consequences of the breach as transparently as possible.
PROTECTION OF PERSONAL INFORMATION ACT, NO 4 OF 2013 (SOUTH AFRICA)
1.1. For the purposes of paragraphs 1.1 to 1.6, “Personal Information”, “Data Subject”, “Processing” shall have the meanings ascribed to them in the Protection of Personal Information Act, No 4 of 2013.
1.2. When processing any Personal Information in the provision of the Service, we shall, and shall ensure that all our employees, agents and subcontractors shall:
1.2.1. only Process the Personal Information for the purposes of the provision of the Service;
1.2.2. Process the Personal Information only in accordance with your instructions (which may be specific instructions or instructions of a general nature or as otherwise notified by you to us) and cease to Process, return or delete the Personal Information upon your instructions, subject to applicable laws;
1.2.3. implement appropriate, technical and organisational measures against unauthorised or unlawful Processing of Personal Information and against accidental loss or destruction of, or damage to, Personal Information;
1.3. not transfer any of the Personal Information outside the Republic of South Africa unless:
1.3.1. we are legally obliged to do so; or
1.3.2. it is reasonably necessary to do so; or
1.3.3. if neither of 1.3.1 or 1.3.2 is applicable, once your prior written consent has been obtained.
1.4. not otherwise modify, amend or alter the contents of the Personal Information or disclose or permit the disclosure of the Personal Information to any third party unless specifically authorised by the Disclosing Party or by the Data Subject; and
1.5. immediately notify you in writing if (a) we receive any request for disclosure of Personal Information by a law enforcement agency, individual or other party or (b) any accidental or unauthorised access takes place in relation to the Personal Information.
1.6. We shall comply at all times with the provisions of the Protection of Personal Information Act, No 4 of 2013 and shall not perform our obligations in such a way as to cause you to breach any of your applicable obligations under such act.