Twenifor respects the privacy of individuals and the protection of personal data entrusted to our customers that is processed in our solutions. The Twenifor Platform and associated software-as-a-service offerings are business-to-business services and are not a service for use by individual consumers.
We use the terms “you” and “your” in this document to refer to users of the solution authorized to use the Twenifor services for the benefit of a business or organization and have drafted this policy to speak to you, as a user.
Please read the following carefully to understand our view sand practices regarding your Personal Data and how we, as a processor of your Personal Data will interact with it.
A. Who we are
The Twenifor Platform and Software Services (referred to inthis document together as the “Twenifor Platform” or “Platform”) are operated by Twenifor Inc. (“Twenifor”, “we” or “us”) with certain operations subcontracted to Twenifor affiliated companies and subcontractors. Our registered office are locate at the following address is 571 Rang Notre-Dame Saint-Rémi (Québec) J0L 2L0.
B. Defined terms
“Personal Data” means the information identifiable as associated with an individual human being such as name, email address, and username as referenced below.
“Twenifor Customer” means the organization or business entity that is subscribed to or authorized to use the Twenifor Platform, which may include a Twenifor reseller. Twenifor Customers use the Twenifor Platform as “buyers” or “sellers” to collaborate and exchange business documents and take advantage of other offerings (whether from Twenifor or third party service companies) accessible via the Twenifor Platform.
“User” means any person using our Platform (whether that person has paid for such use or not) and “Users”, “you” and “your” shall be construed accordingly. Each User is associated with and is using the Platform on behalf of a Twenifor Customer referred to sometimes below as “your company.”
C. Information we collect, why, and how we use it
When you register on the Platform
User Accounts: When you register your company on the Platform or add a new User to your company’s account we will collect the individual’s first and last name, a username, country of business and business email address. Individuals may also submit a business phone number and title. We do not collect an individual’s home address. Individuals should not submit personal credit card numbers, personal tax identifiers, or medical information to the Platform.
Cookies: Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit, register and use our Platform, we may collect information from you automatically through cookies or similar technology. Our cookies policy explains what data we collect from users of the Platform and what we do with it when you browse through our Site (e.g. your IP address).
As you use the Twenifor Platform
Personal Data in Transactions: Some business documents exchanged on the Platform and via the various services available from the Platform may include Personal Data but are not required to do so. Increasingly companies are not including individual contact names but rather department email addresses and phone numbers on their transaction documents (e.g. Accountspayable@GoodSupply.com rather than “Sue Smith, Accounts Payable, Good Supply Company”).
Business contact information (containing Personal Data) for your company’s trading partners may also be stored in the Platform to facilitate engagement within the context of the Services.
Usage Information: Information about how you transact with the platform using our Services, including access time, “log-in” and “log-out” information, browser type and language, country and language setting on your device, IP address, other attributes about your browser, mobile device and operating system, features you use, and the date and time of use of the Services.
Device Information: Information about your device, including hardware model, operating system and version, device name, unique device identifier, mobile network information, and information about the device’s interaction with our Services.
Why we need this data
User Accounts: We will need your name and username in order to authenticate your User account and validate it with your company’s usage of our Platform, so that you can benefit from the Software Services that are being provided to your company. We will need your email address to send you an activation link to your profile so that you can receive business documents and network requests on behalf of your company. We will also need your email address in case you forget your password or wish to receive emails from us with news about our services or changes to any of our policies or terms and conditions. Your IP address is logged by us in association with transactions and activities on the Platform so that we mitigate spam, fraud or abuse of our Platform. We will store this data for as long as necessary for the purposes of the Services as agreed in our agreement with your company, unless we are required, for legal reasons or under exceptional circumstances, to retain this data for an extended period, or removal is technically impractical. For so long as it is stored we will protect the personal data according to the Twenifor Information Security Policy and as agreed with your company.
Personal Data in Transactions: Twenifor Customers decide how much or how little Personal Data to include in the business documents exchanged on the Platform, however Twenifor Customers may not allow submission of personal medical information, personal tax ids or personal financial information (“Sensitive Personal Information”) or other sensitive personal data requiring special protection measures based on local law to the Platform.
Twenifor Customers use the Platform to store business contact information about their trading partners to facilitate engagement and collaboration with such parties by the Twenifor Customer and by Twenifor acting on the customer’s behalf. In order for Twenifor to perform certain actions related to seller onboarding for a buyer, Twenifor needs some business contact information for trading partners which can include Personal Data.
How we use this data
We use your user account data to administer the Platform, log transactions, and otherwise provide the Services as agreed with your company. Others in your company may also have access to your user account data and may be the ones to administer changes to the data.
We will not share your login data (your name, username, email address and IP address) with anyone other than our service providers and others in your company (or the Twenifor Customer who manages your user account)except in the circumstances referred to in this policy or in agreement with the Twenifor Customer.
From time to time we communicate to users using the email address they’ve submitted, to notify them of updates or changes to the Platform or Services, announce changes to policies, request information regarding a support issue, and other standard communications associated with the operation and management of an online service. In most cases such communications will be directed to the “Admin” level users who will then communicate with other users from their company.
From time to time we may send you, as a representative of a Twenifor Customer, news, updates and sales offers which you can easily opt out of receiving by clicking “unsubscribe” in the relevant email.
Twenifor may use the business contact information stored by you in the Platform in performance of the Services for the Twenifor Customer, such as seller onboarding activities, and as may be required by law for compliance.
D. How we store your personal data
All information you provide to us is stored on secure servers managed by us, an affiliate or a service provider. The Twenifor Platform, used by organizations outside of China, is primarily hosted in a datacenter in Ireland although integrated services may be hosted in other countries. Personal data may be transferred internationally between the various data centers and integrated service locations.
Your account will be secured with a password which enables you to access the Platform. You are responsible for keeping this password confidential. You should never share your password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Platform; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorized access.
E. Updating your personal data
We will need you to help us ensure the Personal Data you provided to us is accurate and up to date. If you wish to correct and update any of your Personal Data, you may do so by updating the Personal Data through the preferences available in your account. Your company’s administrator may also be able to assist with changes. Note that some changes or removal of your account need to be requested more formally by your company’s administrator because Twenifor is operating the system for the benefit of and at the instruction of the Twenifor Customer.
If European Union law is applicable to your Personal Data, note that Twenifor is a “processor” of your information on behalf of your company who is the “controller.” Twenifor will work with the controller to help you exercise your data protection rights (access, rectification, erasure, etc) but only upon consent and at the direction of the controller.
F. Information Sharing
In the event of onward transfers of personal data, Twenifor retains responsibility for only allowing further processing of data by third parties acting on our behalf to be done in a manner that is consistent with our agreement with your company or the Twenifor Customer including, as may apply to Personal Data from individuals in the European Union and other countries with international transfer restrictions in their data protection laws, the Standard Contractual Clauses, and/or a Data Processing Agreement executed between Twenifor and the Twenifor Customer.
We engage service providers to perform functions and provide services to us. Where allowed by law, we may share your Personal Data with such service providers subject to obligations consistent with this policy and any other appropriate confidentiality and security measures, and on the condition that the third parties use your private personal data only on our behalf and pursuant to our instructions. Twenifor maintains a list of service providers who perform follow-on processing of Personal Data at List of Sub processors for the Twenifor platform. We endeavor to keep the list up to date and each Twenifor Customer may request the latest list at any time.
Our employees, agents, consultants, contractors, or other authorized personnel may have access to user information as necessary in the normal course of our business in support of operations, customer care and communications, usage tracking, processing of requested transactions, and security incident investigations.
If the Platform, a specific business line, a Software Service, Twenifor, or substantially all of its assets, were acquired, liquidated, or dissolved, user information including Personal Data would be one of the assets that is transferred but the successor business would be bound by the terms of our agreements with Twenifor Customers, including this policy.
Government, Law Enforcement and Third Parties
We may disclose information, including, without limitation, Personal Data to comply with applicable laws, regulations, legal processes or governmental requests including the export laws of various countries to prevent access and use of the Services by certain entities and individuals. We reserve the right to disclose a user’s Personal Data if we believe, in good faith, that the user is in violation of the Terms of Service or other agreement with Twenifor, even without a subpoena, warrant or other court order.
G. Choice and Opt-Out
We provide you the ability to exercise certain controls and choices regarding our collection, use and sharing of your information, but since your user account is managed by the Twenifor Customer, some choices must be made through your company and not from you, the individual.
H. Access and Correcting Your Information
If you have a Twenifor account, you can help ensure that your contact information and preferences are accurate, complete, and up to date by logging in to your Twenifor account For other Personal Data we hold, we will provide you with access for any purpose including requesting that we correct the data if it is inaccurate or delete the data if we are not required to retain it by law or for legitimate business purposes. We may decline to process requests that are frivolous/vexatious, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law.
I. Security of Your Information
We have put in place physical, electronic, and procedural controls designed to help prevent unauthorized access, to maintain data security, and to use correctly the information we collect online. These safeguards vary based on the sensitivity of the information that we collect and store.
K. Users From Other Jurisdictions
Users from Switzerland and the EU
For transfer of personal data of individuals in the European Economic Area (the “EEA”) to countries that do not have a statutory level of data protection approved by the EU Commission as comparable to the protection required within the European Union, Twenifor utilizes the Standard Contractual Clauses approved by the EU Commission to contractually provide for a consistent level of protection.
Twenifor considers the following uses of Personal Data in relation to use of the Software Services and Twenifor Platform to constitute a legitimate interest, as that term is used in EU data protection law: Contacting you for billing purposes, administrative notices, system outage information, or investigation of security incidents, product and service updates and changes, legal disputes, claims of fraudulent use of the system or violation of the Terms of Service. If you do not agree with this, you may object as set out in this policy.
The California Consumer Privacy Act (“CCPA”), which is effective as of January 1, 2020, regulates how we handle personal in formation of California residents and gives California residents certain rights with respect to their personal information.
When we act as a service provider (for example, by providing our services to another company that you interact with), we follow the instructions of the business that engaged us with respect to how we process your personal information. If you would like more information about how your personal information is processed by other companies, including companies that engage us as a service provider, please contact those companies directly.
Information We May Collect - Using CCPA Terminology
We may collect the following categories of information:
Internet or other electronic network activity information
Audio, electronic, visual, or similar information
Professional or employment-related information
For each category of information, we collect the information from a variety of sources, including directly from you, from your devices, from your company, and/or from third party providers. We collect the information to provide you with services, protect our customers and ourselves (including the services), and to improve the services. We do not share personal information with Third Parties as the term is defined under the CCPA.
We do not sell personal information of any individual, including personal information of minors under 16 years of age.
We have disclosed the following categories of personal information for a business purpose in the 12 months prior to this Policy’s last update.
Internet or other electronic network activity information
Audio, electronic, visual, or similar information
Professional or employment-related information
Inferences drawn from any of the above information.
We have not disclosed any personal information for valuable consideration in the 12 months prior to this Policy’s last update.
You may have certain rights with respect to your personal information, including:
The right to access, including the right to know the categories and specific pieces of personal information we collect;
The right to deletion of your personal information, subject to certain limitations under applicable law;
The right to request disclosure of information collected;
The right to disclosure of information disclosed for valuable consideration; and
The right not to be discriminated against for exercising certain rights under California law.
If you would prefer, you may designate an authorized agent to make a request on your behalf.
L. Contact Information