This document describes the Data Protection policies of DiaryBook Limited.
You may also know us as ExcelSend or Iflow. These are the names we trade under and the names of our online messaging services. This document is about the data protection policy of the whole organization covering both of these online services. We are registered in Ireland; registration number 296090.
Personal Information is information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
If your organization is a sole-trader or a partnership, then Information we collect from you may fall in to this category.
This section relates to information we collect and store about you and your organization. For this type of data we act as a Data Controller and are registered as such with the Data Protection Commissioner.
Data: | The data we gather include details you provide during registration on our website, secondary forms you may fill in on our website, emails we receive from you and meta-data from your Internet browser. See below for a full list. |
Sharing: | In the normal course of business, we do not share this data with any 3rd party organization. However, we may be compelled to share some information with law-enforcement or other government officials if instructed to do so. |
Storage: | Data about you is securely stored by our propriety system within the EU. Access to your data is restricted to employees of our company and only when necessary. |
Retention: | The data we store is necessary to conduct business with you. We will continue to retain and process your data so long as you remain an active customer with us. Your data will be destroyed either 48 months from the date of the last transaction between us or within 30 days of a written request from you. |
The following is a list of personal data items that we may store about you. The list does not include your preferences and settings relating to the services we provide.
A cookie is a small piece of data that is put on your device by the browser when you visit certain websites. In general cookies can be used to record a user’s browsing activities, to remember arbitrary pieces of information that the user enters or to flag user authorization.
Note: PII stands for Personal Identifiable Information.
Preferences | Does not contain PII | Your Explicit Consent is Required | Persistent – 90 days |
Google Analytics | Contains your I.P. address. Is not used in our account portal | Your Explicit Consent is Required | Persistent |
Authentication and Session Cookies | May contain PII indirectly | Your Explicit Consent is Required | Session |
A persistent cookie can remain on your device after you have left the website and be retrieved the next time you visit.
A session cookie normally remains on your device for the duration of your site visit and times-out after a short period of inactivity.
Following GDPR rules, we will not use cookies that contain Personal Identifiable Information (PII) that can be used to identify you without your explicit permission.
We do use cookies to remember certain options that you may have chosen to improve your browsing experience and for our analytics but these do not contain data that can be used to identify you.
We use a session cookie for the purposes of authentication. Once you have signed in to our account portal the authentication cookie identifies you to our server. When you sign-out, or after a period of inactivity, your browser will delete this cookie.
Please note: without your permission to use cookies, actions such as registration or sign-in to our portal may fail.
If the “allow cookies” tick box is already ticked on the sign-in screen, it means you have already consented to the use of cookies elsewhere on the site or on a previous visit using your device. This consent can be removed by unticking the box.
We use Google analytics to provide us with information about traffic on our websites. We do not use Google analytics in our account portal. Google analytics will collect information from you, this information may include the following:
The above information will be collected by Google and may be stored on databases located outside of the EU. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
This section relates to information we store and process on your behalf. This could be data about you, your customers and your staff. For this type of data we act as a Data Processor and are registered as such with the Data Protection Commissioner.
As you are the owner of the data and control when it is created, used and deleted, you are the Data Controller.
Data: The main areas of data we store and process on your behalf are
Sharing: It is your data and we respect your privacy. We do not share this information with or give access to any 3rd party except under unusual circumstances where we may be compelled to share some information regarding Messages with law-enforcement or other government officials if instructed to do so by them.
Messaging: We operate a messaging platform and by definition this entails passing message content and addressing information to 3rd parties. When you send or receive a message using our service, information is shared.
Storage: Your data is securely stored by our propriety system within the EU. Access to your data is restricted to employees of our company and only when necessary.
Retention: As the Data Controller, data retention is controlled by you and your data should be removed from our system as and when required.
If your account expires or is closed by you or closed by us, your data will be destroyed either 48 months from the date of closure or within 30 days of a written request from you.