Privacy Shield - Service Pro .Net
Service Pro .Net Inc. is a “Software as a service” (SaaS) provider that offers a cloud-based web application for Service Industry businesses. Pest Control, Lawncare, Landscaping, Tree / Arbor care are examples of some of the industries that we serve.
Servsuite is the name of the online web-based application. Service Organizations subscribe to Servsuite to handle Scheduling, Routing, Invoicing, and many other functions that are necessary to running a Service Organization.
Service Organizations are given unique logins with secure passwords to log into the Servsuite web application. The application is locked down so that only users with valid logins can see their assigned Organization’s data.
User Roles are assigned to each Login to limit the scope of accessible data on a per user basis. The Administrator for the Service Organization maintains the user logins, the security roles, and the assignment of the role to the user.
Servsuite utilizes 3 distinct sets of personal data:
- Employee HR Data.
This data is used only by the Service Organization (SO) and is not sent to any third party organizations. It is the responsibility of the SO to maintain, correct, and remove all SO Employee Data. The data that is stored per employee is intended strictly for HR purposes. Name, Address, Phone Number, Email, and related traditional HR data. Servsuite does not track information related to lifestyle preferences, sexual orientation, religious beliefs, or any other social attribute. For a list of specific data fields stored on the SO Employee, please review the “Servsuite Employee Fields Addendum 1” document.
- End Customer Data.
The End Customer (EC) is the entity that contracts with the SO to have services performed at the EC location. It is the responsibility of the SO to maintain, correct, and remove all EC data stored within Servsuite. The purpose of this information is to supply the SO with minimum required data to perform services at the EC’s location. Servsuite does not track information related to lifestyle preferences, sexual orientation, religious beliefs, or any other social attribute. For a list of data stored on the EC, please review the “Servsuite Account Fields Addendum 2” document.
- End Customer Data sent to Third Parties for Enhanced Services.
- Address Validation
- Street Name
- Street Number
- State / Province / Territory
- Postal Code, Postal Code Extended
- Phone / SMS service prenotification
- Phone number
- Service Name
- Service Date / Time
- Google Maps
- Street Name
- Street Number
- State / Province / Territory
- Postal Code, Postal Code Extended
1. Statement of Privacy Shield Notice
- Service Pro .Net Inc. is a participant in the U.S. Department of Commerce’s EU-US Privacy Shield program and has certified that it adheres to the EU-US Privacy Shield Principles. For more information about the EU-US Privacy Shield, visit the Department of Commerce’s Privacy Shield website at https://www.privacyshield.gov/welcome. Service Pro .Net Inc. is subject to the jurisdiction of the Federal Trade Commission.
- The Servsuite web application stores the following personal information
Employee Info: Privacy Shield - Servsuite Employee Fields Addendum 1
Homeowner / Business Info: Privacy Shield - Servsuite Account Fields Addendum 2
- Service Pro .NET is committed to apply the Principles of Privacy Shield to all personal data received from the EU in reliance on the Privacy Shield.
- Personal data is collected only for the use of the Service Organization (SO) that subscribes to ServSuite, and optionally for third party services that the customer agrees to in order to provide enhanced services. Personal data is not collected for any other purpose. Service Pro .Net does not store Personal Data on its own behalf or for any purpose of its own.
- Service Pro .Net Inc. can be contacted at email@example.com, or by phone: +1 614-874-4300.
- We do not disclose any information to any third parties that is not previously agreed upon. Third parties are used strictly for enhanced functionality of the Servsuite Web App. These enhanced features can be disabled by the Service Organization on a per customer basis.
- To access their personal data, an individual should contact the branch manager of the Service Organization that they belong to for access.
- The Service Organization that subscribes to Servsuite will decide on the use and disclosure of the data that they subscribe to.
- Service Pro will use “JAMS” for the alternative dispute resolution process. Individuals whose complaints have not been satisfactorily addressed by Service Pro .Net can visit JAMS’ website at: https://www.jamsadr.com/eu-us-privacy-shield for details on how to file a complaint. This recourse mechanism is free of charge to individuals.
- “JAMS” as an “alternative dispute resolution provider” is subject to the FTC, Department of Transportation, and any other US Statutory body.
- Service Pro .NET provides the possibility under certain circumstances for the individual to invoke binding arbitration. As a last resort, complaints that remain unresolved after pursuing these recourse mechanisms may be subject to binding arbitration. For more details about binding arbitration, contact Service Pro at firstname.lastname@example.org.
- Service Pro.Net Inc. may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements in accordance with the Privacy Shield Principles.
- Service Pro .Net Inc. will disclose its liability in cases of onward transfers to third parties.
- Service Pro .Net Inc discloses personal data to third parties only for the use of enhanced services agreed to by the customer, and does not use personal data for a purpose materially different than the purpose for which it was originally collected.
- Service Pro .Net Inc does not act as an agent to perform tasks on behalf of the organization in regards to the use of personal data.
- Service Pro .Net Inc does not collect personal information related to medical conditions, racial or ethnic origin, political opinion, religious, philosophical beliefs, trade union memberships, or specifying the sex life of an individual. All personal information collected in Servsuite will be treated as sensitive.
3. Accountability for onward transfer
- Service Pro.Net will comply with the Notice and Choice Principles. Service Pro .NET will enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Principles and will notify Service Pro.Net if it makes a determination that it can no longer meet this obligation. The contract shall provide that when such a determination is made the third party controller ceases processing or takes other reasonable and appropriate steps to remediate
- Service Pro .Net Inc. will (i) transfer such data only for limited and specified purposes; (ii) ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Principles; (iii) take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with the organization’s obligations under the Principles; (iv) require the agent to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles; (v) upon notice, including under (iv), take reasonable and appropriate steps to stop and remediate unauthorized processing; and (vi) provide a summary or a representative copy of the relevant privacy provisions of its contract with that agent to the Department upon request.
- Service Pro .Net Inc. will take reasonable and appropriate measures to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the personal data.
5. Data Integrity and Purpose Limitation
- Consistent with the Principles, personal information will be limited to the information that is relevant for the purposes of processing. Service Pro .Net Inc. will not process personal information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual. To the extent necessary for those purposes, Service Pro .Net Inc will take reasonable steps to ensure that personal data is reliable for its intended use, accurate, complete, and current. An organization must adhere to the Principles for as long as it retains such information.
- Information will be retained in a form identifying or making identifiable the individual only for as long as it serves a purpose of processing within the meaning of 5a. This obligation does not prevent Service Pro .Net Inc. from processing personal information for longer periods for the time and to the extent such processing reasonably serves the purposes of archiving in the public interest, journalism, literature and art, scientific or historical research, and statistical analysis. In these cases, such processing shall be subject to the other Principles and provisions of the Framework. Service Pro .Net Inc. will take reasonable and appropriate measures in complying with this provision.
- Individuals will have access to personal information about them that Service Pro .Net Inc. holds, and will be able to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. It is the responsibility of the Service Organization to make the requested corrections and deletions.
7. Recourse, Enforcement, and Liability
- Effective privacy protection must include robust mechanisms for assuring compliance with the Principles, recourse for individuals who are affected by non-compliance with the Principles, and consequences for the organization when the Principles are not followed. At a minimum such mechanisms must include: i. readily available independent recourse mechanisms by which each individual’s complaints and disputes are investigated and expeditiously resolved at no cost to the individual and by reference to the Principles, and damages awarded where the applicable law or private-sector initiatives so provide; ii. follow-up procedures for verifying that the attestations and assertions organizations make about their privacy practices are true and that privacy practices have been implemented as presented and, in particular, with regard to cases of non-compliance; and iii. obligations to remedy problems arising out of failure to comply with the Principles by organizations announcing their adherence to them and consequences for such organizations. Sanctions must be sufficiently rigorous to ensure compliance by organizations.
- Service Pro .Net Inc will respond promptly to inquiries and requests for information relating to the Privacy Shield. Service Pro .Net Inc will respond expeditiously to complaints regarding compliance with the Principles referred by EU Member State authorities through the Department. Service Pro .Net Inc will respond directly to such authorities with regard to the investigation and resolution of complaints.
- Service Pro .Net Inc will arbitrate claims and follow the terms as set forth in Annex I, provided that an individual has invoked binding arbitration by delivering notice to Service Pro .Net Inc following the procedures and subject to conditions set forth in Annex I.
- In the context of an onward transfer,Service Pro .Net Inc has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. The Privacy Shield organization shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless Service Pro .Net Inc proves that it is not responsible for the event giving rise to the damage.
- Service Pro .Net’s employees do not have access to Personal Data, except incidental access if Customer requests technical assistance based on the services purchased from Service Pro .Net.
- When Service Pro .Net Inc becomes subject to an FTC or court order based on non compliance, it shall make public any relevant Privacy Shield-related sections of any compliance or assessment report submitted to the FTC, to the extent consistent with confidentiality requirements. The Department has established a dedicated point of contact for DPAs for any problems of compliance by Privacy Shield organizations. The FTC will give priority consideration to referrals of non-compliance with the Principles from the Department and EU Member State authorities, and will exchange information regarding referrals with the referring state authorities on a timely basis, subject to existing confidentiality restrictions.
- If there is any conflict between the terms in this Policy and the EU-US Privacy Shield Principles, the EU-US Privacy Shield Principles shall govern. Service Pro .Net may amend this Policy from time to time by posting a revised Policy, which is located at https://www.servicepro.com. Service Pro .Net will amend this Policy in a manner consistent with the requirements of the EU-US Privacy Shield Principles.
- Service Pro commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities with regard to human resources data transferred from the EU in the context of the employment relationship.