last updated: May 2022
For the purposes of this policy, CorePartners defines the term “User” as an entity with which CorePartners has an established contractual relationship or who is included as a contact in a User’s account and the term “Visitor” as an individual that visits CorePartners front-end website (for example www.CorePartners.com or www.CoreIMS.com).
Any information stored on CoreIMS’s platform is treated as confidential. All information is stored securely and is accessed by authorized personnel only. CorePartners implements and maintains appropriate technical, security and organizational measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.
2. Collection and use
The following sections cover the specifics of each of the three groups from which data is collected: website Visitors and Users.
2.2 Website Visitors
If you are a Visitor to our website only, and not a User to CoreIMS platform, then this section is relevant for you.
By visiting this website, you consent to the collection and use of your Personal Data as described herein.
If you do not agree with the terms set out herein, please do not visit this website. If required by applicable law, we will seek your explicit consent to process Personal Data collected on this website or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your Personal Data, the use of this website may not be possible.
Furthermore, CorePartners may collect and process any Personal Data that you volunteer to us in our website’s forms, such as when you register for events or sign up for information and newsletters. If you provide CorePartners with your social media details, CorePartners may retrieve publicly available information about you from social media.
Such Personal Data may comprise your IP address, first and last name, your postal and email address, your telephone number, your job title, data for social networks, your areas of interest, interest in CorePartners products, and certain information about the company you are working for (company name and address), as well as information as to the type of relationship that exists between CorePartners and yourself.
CorePartners gathers data about visits to the website, including numbers of Visitors and visits, Geo- location data, length of time spent on the site, pages clicked on or where Visitors have come.
2.2.1 Purpose of processing personal data
CorePartners uses the collected data to communicate with Visitors, to customize content for Visitors, to show ads on other websites to Visitors, and to improve its website by analyzing how Visitors navigate its website.
2.2.2 Sharing personal data
CorePartners may also share such information with service vendors or contractors in order to provide a requested service or transaction or in order to analyze the Visitor behavior on its website.
Cookies are small pieces of information sent by a website to a Visitor’s hard disk. Cookies cannot be used to run programs or deliver viruses to your computer. By continuing to visit the website, you agree to the placement of cookies on your device. If you choose not to accept our cookies, we cannot guarantee that your experience will be as fulfilling as it would otherwise be.
2.2.4 Links to other sites
2.3 CorePartners Professional Services
Intentionally left Blank
In order to provide services to its Users, CorePartners collects certain types of data from them.
Furthermore, CoreIMS’s Users collect information when they are sign up. This section will describe how these data are collected and used by CorePartners as well as geographical differences that effect this policy. Data entered or transferred into CorePartners by Users such as texts, links, contacts, media files, etc., remains the property of the User and may not be shared with a third party by CorePartners without express consent from the User.
2.4.2 Collection of User data
During a User’s registration and later on CoreIMS’s platform, they provide information such as name, company name, email, address, telephone, and other relevant data about themselves, their Customers and Vendors. This information is used by CorePartners to identify the User and provide them with support, services, mailings, sales and warehouse actions, billing and to meet contractual obligations.
CoreIMS Users can at any time access and edit, update or delete their contact details by logging in with their user name and password to CoreIMS’s platform. CoreIMS Users may create more Users with different privilege levels within their account. It is the responsibility of the User that creates other User accounts, to choose the level of access each User should have. Once these new Users log into CoreIMS, they meet the definition of User in this policy. CorePartners will not retain User data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations.
2.4.3 Collection of Customer data
CoreIMS used as Inventory Management Software platform by our Customers, who make them available to relevant businesses, organizations, and individuals. It is the Customer’s responsibility to ensure that collection and processing of data is done in accordance with applicable law . CorePartners will not process Personal Data for other purposes or by other means than instructed by its Customers.
Customer data includes data from individuals uploaded, transferred or manually entered by a CoreIMS User into their account for the purpose of inventory warehouse management to the User by using CoreIMS. Personal Data may include, personal contact information such as name, business address, business telephone or mobile number, email address, information concerning family, lifestyle and social circumstances including age, date of birth, marital status, number of children, employment details, education/qualification, business contact details, gender, religion, race, health detail and other sensitive Personal Data.
The purpose of collecting Personal Data as part of a CoreIMS will vary depending on the application, as set up by CoreIMS’s Users. As CorePartners provides IMS platform to a wide group of customers and businesses, the purpose may vary greatly. For Users in the EEA, or for Users providing training to Customers in the EEA, the User will be the “controller”, as defined in the Directive and the GDPR. The purpose will consequently be defined by CoreIMS’s User.
If you or your organization are required under the European Union’s General Data Protection Regulation (GDPR) to enter into a contract, or other binding legal act under EU or Member State law, with your data processors, review and accept CoreIMS’s Data Processing Agreement in your
2.4.4. Geographical location
CorePartners offers a number of data regions. A CorePartners “Data Region” is a set of data centers located within a defined geographical area where User data is stored. Personal Data is not transmitted between Data Regions. For CorePartners Users with accounts located in CorePartner’s European Data Region, all Personal Data is processed in the EEA. For Users with accounts in the Data Regions: United States of America (US) and Canada all Personal Data is processed solely in the USA.
126.96.36.199 Processing in the European Economic Area (EEA)
For Users with accounts located in CorePartner’s European Data Region, all processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and CorePartner’s processing will take place in accordance with the GDPR.
CorePartners processes Personal Data both as a Processor and as a Controller, as defined in the Directive and the GDPR:
The CorePartners entity which you as a Customer entered an agreement with when using CorePartner’s platform, will be the Controller for Customer data, as outlined above in “Collection of Customer data” section. For User data, as outlined in the “Collection of Users data” section, the User will be the Controller in accordance with Directive and GDPR, and CorePartners will be the Processor.
CorePartners adheres to the Directive of 1995 and the GDPR from May 25th, 2018. Consequently, CorePartners processes all data provided by its Users with accounts in its European Data Region, in the European Economic Area (EEA) only.
All data collected by CorePartners Users through CoreIMS Platform will be stored exclusively in secure hosting facilities provided by Microsoft Azure. CorePartners has a data processing agreement in place with its provider, ensuring compliance with the Directive. All hosting is performed in accordance with the highest security regulations. All transfers of data internally in the EEA is done in accordance with this data processing agreement.
188.8.131.52 Processing in the United States Of America (US)
For Users with accounts in the CorePartners US Data Region, CorePartners processes data solely in data centers located in the US. CorePartners has adopted reasonable physical, technical and organizational safeguards which substantially mirror the EU safeguards against accidental, unauthorized or unlawful destruction, loss, alteration, disclosure, access, use or processing of the User’s data in CorePartner’s possession. CorePartners will promptly notify the User in the event of any known unauthorized access to, or use of, the User’s data.
All data collected by CorePartners Users through CoreIMS Platform will be stored exclusively in secure hosting facilities provided by Microsoft Azure. CorePartner’s contract with its hosting provider ensures that all hosting is performed in accordance with the highest security regulations per https:// docs.microsoft.com/en-us/microsoft-365/compliance/gdpr-dsr-azure. CorePartner’s policy is to protect and safeguard any personal information obtained by CorePartners in accordance with United States state or federal laws governing the protection of personal information and data. Accordingly, CorePartners adheres to practices and policies that aim to safeguard the data.
184.108.40.206 Processing in Canada
Please see Processing in the United States Of America paragraph above.
220.127.116.11 Processing in other regions
Intentionally left Blank.
3. Retention and deletion
CorePartners will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. For User’s data including personal information, CoreIMS’s Users have control of the purpose for collecting data, and the duration for which the Personal Data may be kept. For User’s data, Users with an active account will therefore have the responsibility to delete data when required. When a users’s account is terminated or expired, all Personal Data collected through the platform will be deleted, as required by applicable law.
4. Acceptance of these Conditions
5. Our Legal Obligation to Disclose Personal Information
CorePartners will reveal a user’s personal information without his/her prior permission only when we have reason to believe that the disclosure of this information is required to establish the identity of, to contact or to initiate legal proceedings against a person or persons who are suspected of infringing rights or property belonging to CorePartners or to others who could be harmed by the user’s
activities or of persons who could (deliberately or otherwise) transgress upon these rights and property. We are permitted to disclose personal information when we have good reason to believe that this is legally required.
6. CorePartner’s Data Protection Officer
CorePartners has a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following address:
Attn: Data Protection Officer
6 w 3rd Street
Frederick, Maryland 21701 USA
7. For Further Information
If you have any further questions regarding the data CorePartners collects, or how we use it, then please feel free to contact us by email at: legal@CorePartners.com, or in writing at:
6 w 3rd Street
Frederick, Maryland 21701 USA