Holistics Software Pte Ltd

Singapore

Holistics Software’s Data Deletion Policy describes how customer data is deleted in connection with the cancellation or termination of a Holistics Software account. This policy applies to all data collected by Holistics Software except: • data that resides in any Holistics Software product or service not covered by this policy • data that resides in third-party services managed and hosted by third parties, with the exception of the company’s infrastructure provider • data that resides in Holistics Software products or services that are in beta, testing, or an early access program By default, a customer’s data is stored for the duration of his or her contract with Holistics Software. The data may be deleted within one quarter after the contract ends, at the latest, with the exception of data that is required to establish proof of a right or a contract, which will be stored for the duration provided by enforceable law. Once deleted, a user’s data cannot be restored. Holistics Software may provide the option for customers to delete data after their subscription ends. This request must be made by the customer, and Holistics Software may require additional ID verification. Holistics Software should hard delete all information from currently-running production systems within one quarter of the deletion request.

Holistics Software’s Data Deletion Policy describes how customer data is deleted in connection with the cancellation or termination of a Holistics Software account. This policy applies to all data collected by Holistics Software except: • data that resides in any Holistics Software product or service not covered by this policy • data that resides in third-party services managed and hosted by third parties, with the exception of the company’s infrastructure provider • data that resides in Holistics Software products or services that are in beta, testing, or an early access program By default, a customer’s data is stored for the duration of his or her contract with Holistics Software. The data may be deleted within one quarter after the contract ends, at the latest, with the exception of data that is required to establish proof of a right or a contract, which will be stored for the duration provided by enforceable law. Once deleted, a user’s data cannot be restored. Holistics Software may provide the option for customers to delete data after their subscription ends. This request must be made by the customer, and Holistics Software may require additional ID verification. Holistics Software should hard delete all information from currently-running production systems within one quarter of the deletion request.

As part of our operations, we obtain and process information, some of which can be used to identify individuals (personally-identifiable information, or PII). Our company collects this information in a transparent way and only with the full cooperation and knowledge of interested parties. Once this information is available to us, the following rules apply. The data will be: • Accurate and kept up-to-date • Collected fairly and for lawful purposes only • Processed by the company within its legal and ethical boundaries • Protected against any unauthorized or illegal access by internal and external parties The data will not be: • Communicated informally • Stored for more than the amount of time specified in our Terms of Service, Privacy Policy, customer contracts, or other binding agreements • Downloaded to unapproved devices • Transferred to organizations, states, or countries that do not have adequate data protection policies • Distributed to any party other than the ones agreed upon by the data’s owner (exempting legitimate requests from law enforcement authorities) In addition to ways of handling the data, Holistics Software has direct obligations towards people to whom the data belongs. Specifically we must: • Let people know which of their data is collected • Inform people about how we’ll process their data • Inform people about who has access to their information • Have provisions in cases of lost, corrupted, or compromised data • Allow people to request that we modify, erase, reduce, or correct data contained in our databases within legal guidelines specified by company policies or law-enforcement agencies To exercise data protection we’re committed to: • Restrict and monitor access to sensitive data • Develop transparent data collection procedures • Train employees in online privacy and security measures • Build secure networks to protect online data from cyberattacks • Establish clear procedures for reporting privacy breaches or data misuse • Include contract clauses or communicate statements on how we handle data • Establish data protection practices (document shredding, secure locks, data encryption, frequent backups, access authorization etc.)

no

Holistics Software may provide the option for customers to delete data after their subscription ends. This request must be made by the customer, and Holistics Software may require additional ID verication. Holistics Software should hard delete all information from currently-running production systems within one quarter of the deletion request. Only the following employees can delete customer data in the event that Holistics Software is required to do so: • Thanh - Chief Engineer • Triet - DevOps Lead • Hao - DevOps Engineer • Other employees who are explicitly granted the ability to delete customer data.

no

2018-10-12

yes

no

yes

security@holistics.io

yes

no

yes

yes

no