Privacy Policy & GDPR

I. ASCENT SOLUTIONS

Precisio Business Solutions, Corp. doing business as Ascent Solutions (“Ascent Solutions”).

Who are ‘we’?

When we refer to ‘we’ (or ‘our’ or ‘us’), that means Ascent Solutions. Our headquarters is in New Jersey, USA.

We provide an easy-to-use global online platform for businesses and their customers/partners. At the core of our platform is our cloud ERP software. If you want to find out more about what we do, see the who is Ascent Solutions page.

II. GENERAL

Ascent Solutions acts as the data controller:

Ensuring your privacy is of utmost importance to us, we define in this Privacy Statement Ascent Solutions 2024 (“Privacy Statement) how we process your personal data when you use our website, services, applications and software (together “Services”) unless otherwise provided in writing to you.

Ascent Solutions reserves the right to modify this privacy statement. We recommend that you periodically visit our website and review all updates.

Our approach to data protection is built around four key principles. They are at the heart of everything we do relating to personal data:

1. Transparency: We take a human approach to how we process personal data by being open, honest and transparent.
2. Enablement: We enable connections and efficient use of personal data to empower productivity and growth.
3. Security: We champion industry leading approaches to securing the personal data entrusted to us.
4. Stewardship: We accept the responsibility that comes with processing personal data.

Note regarding the use of our applications / software by you.

Our applications / software that we provide to you are 100% native on the Salesforce Platform. Therefore:
– your data is stored and hosted on the Salesforce servers;
– you are in full control of your data;
– you, alone or jointly with others, determine the purposes and means of the processing of your (personal) data, and the data controller.

Ascent Solutions does not have access to your (application on the) Salesforce Platform and your data unless you provide us access pursuant to a written agreement.

Ascent Solutions does not process on your behalf personal data when you (1.) merely provide us access to your (personal) data, (2.) use the applications / software, or (3.) when we provide other Services (like technical support) to you. Ascent Solutions will keep said personal data strictly confidential, unless provided herein.

If you would like Ascent Solutions to process personal data on your behalf, Ascent Solutions will enter into a written data processing agreement with you, defining that you are the data controller and we are the data processor. Depending on the situation that data processing agreement will also contain relevant provisions regarding the international transfer of personal data.

III. WHERE DOES ASCENT SOLUTIONS’ STORE ITS DATA?

Ascent Solutions’ data that is collected and processed as defined in this Privacy Statement is stored on servers within the USA.

IV. WHAT PERSONAL DATA DOES ASCENT SOLUTIONS COLLECT FROM YOU AND FOR WHAT PURPOSES IS IT USED?

Ascent Solutions processes your personal data for specific purposes. Below, we indicate the data processed for each purpose. Personal data collected for the same purpose is grouped into one category.

Additionally, we specify the retention period for each category. Such personal data can be provided directly by you or collected by us.

a. Mandatory processing

When you become a customer of Ascent Solutions, we process the following personal data to the extent necessary to comply with our mandatory legal administration obligations:
1. name;
2. address.

Since we must comply with mandatory legal obligations, you are obliged to provide Ascent Solutions with the relevant personal data. You cannot object to the processing or request us to limit the processing thereof. We retain and process this data for 7 years.

b. Processing necessary for the execution of our agreement with you

Ascent Solutions processes the following personal data from you to the extent necessary for the execution of our (service) agreement with you:
1. name;
2. email address (including for contact about our Services);
3. telephone number;
4. other personal data that you provide to us in the context of our Services (such as personal data in documents and information that you provide to us);
5. other personal data that you provide to us when you contact us.

You are obliged to provide the personal data mentioned under 1 up to and including 3 and cannot object to the processing or request us to restrict the processing. If you do not provide the personal data mentioned under 1 up to and including 3, then we may terminate our agreement with you.

If you do not provide the personal data referred to under 4 and 5, or wish the processing thereof to be restricted, this may have consequences for the execution of our (service) agreement with you. In such a case, we may terminate the agreement with you.
The processing duration of the personal data referred to under 1 up to and including 5 is up to 2 years after the termination of the agreement with you.

c. Processing to the extent necessary for protecting the legitimate interests of Ascent Solutions

Ascent Solutions processes the following personal data from you to the extent necessary for protecting our legitimate interests:
1. For improving our Services:
– your name;
– other information you provide in an evaluation form or during an evaluation discussion with us.
2. To inform you about other services that Ascent Solutions provides:
– email address (if you provide this when filling out the evaluation form).
3. Marketing (if you are a customer of Ascent Solutions):
– contact details.
4. (Job) Applications (as soon as you apply with us);
– contact details;
– resume;
– other information provided voluntarily.

You must provide the above personal data if you wish to use the respective Services mentioned in points 1 to 3, or if you wish to apply for a (job) position with us (point 4).

You can object to the processing already carried out of the respective personal data and the processing yet to be carried out. We will weigh your interests against our interests and decide whether we will follow up on your objection. If the processing of personal data is restricted, this may result in us no longer being able to provide the respective Service, or not being able to provide it properly.

If you object to the processing of your contact details for marketing purposes (see point 3), we will immediately stop the respective processing.

The processing duration of the personal data mentioned in points 1 up to and including 3 is 2 years after the end of our agreement with you unless the processing is terminated earlier based on an objection raised by you.

For personal data processed during an application procedure (point 4), a different processing duration of 4 weeks after completing the application procedure applies, or 1 year if you have given permission for this.

d. Processing with your consent

Ascent Solutions processes the following personal data from you with your consent:
1. Upon your request, we can inform you about the Services we have rendered to you or you have followed or other services of Ascent Solutions:
– name;
– organization;
– email address.

2. We can inform you upon your request or answer your questions:
– name;
– organization;
– email address;
– other personal data provided at the time you contact us.

3. If you are not yet a customer of Ascent Solutions, we can send you blogs, newsletters, and other marketing information upon your request:
– contact details;
– interests.

We only process the personal data for the respective Services mentioned in points 1 up to and including 3 if you have actually given your consent. Not providing the respective personal data for the Services mentioned in points 1 up to and including 3, or withdrawing your consent for processing, will not have negative consequences for you.

The processing duration of the personal data for the Services mentioned in points 1 and 2 is up to 2 years after the termination of the service agreement with you. The personal data processed for the Service mentioned in point 3 will be processed until you indicate that you are no longer interested in the respective Service. You can unsubscribe by following the provided unsubscribe instructions, or by sending an email to [email protected] with the instruction ‘unsubscribe blog/newsletter/marketing (include what is applicable)’. Your unsubscribe request will be processed as soon as possible.

V. SHARING OF PERSONAL DATA

a. No sale or trading of personal information

Unless provided herein, Ascent Solutions does not sell or trade personal information about our visitors, customers and users to others.

b. Sharing with processors (Processors) of Ascent Solutions

Ascent Solutions may engage third parties who process your personal data on behalf of Ascent Solutions in the delivery of a Service to you. This third party is hereinafter referred to as ‘Processor’. Ascent Solutions uses the following types of Processors:
– Suppliers of relationship management software;
– hosting provider(s);
– suppliers of (data) storage of (personal) data, database management, and database maintenance;
– analytical software to improve our Services, such as Google Analytics which is set up in accordance with the advice of the Dutch Data Protection Authority to be privacy-friendly so that no personal data is shared with Google.

Ascent Solutions enters into data processing agreements with all its Processors. The data processing agreement stipulates that Processors may only process your personal data within the framework of the Services to be provided. Ascent Solutions is not liable if you provide additional information to Processors yourself.

c. Sharing of personal data with your permission.

If you give your permission, Ascent Solutions can share your personal data with third parties. For example, Ascent Solutions works with specific service providers who can also offer their services to you directly. If you wish to use these services, we can provide your name and contact details to the relevant third party at your request so that they can contact you.

d. Our legal responsibility

Ascent Solutions may share your personal data with third parties if:
– it is reasonably necessary or appropriate to comply with legal obligations;
– it is necessary to comply with legal requests from competent authorities;
– it is necessary to respond to any claims;
– it is necessary to protect the rights, property, or safety of Ascent Solutions and/or its employees, our customers and relations, or the public;
– it is necessary to protect Ascent Solutions and/or its employees, our customers and relations from fraudulent, abusive, inappropriate, or unlawful use of our Services.
Ascent Solutions will notify you of a request from any competent authority regarding your (personal) data, unless this is not permitted under applicable law and/or regulations.

e. Regarding the use of our applications / software

Our applications / software that we provide to you are 100% native on the Salesforce Platform. Therefore:
– your data is stored and hosted on Salesforce servers;
– you are in full control of your data;
– you, alone or jointly with others, determine the purposes and means of the processing of your (personal) data, and the data controller.
Ascent Solutions does not have access to your application on the Salesforce Platform and your data unless you provide us access.

Ascent Solutions does not process on your behalf personal data when you (1.) merely provide us access to your (personal) data, (2.) use the applications / software, or (3.) when we provide other Services (like technical support) to you. If you make personal data accessible to Ascent Solutions, we will keep said personal data strictly confidential except as provided herein.

If you would like Ascent Solutions to process personal data on your behalf, Ascent Solutions will enter into a written data processing agreement with you, defining that you are the data controller and we are the data processor. Depending on the situation that data processing agreement will also contain relevant provisions regarding the international transfer of personal data.

VI. MERGER OR SALE OF (A PART OF) THE BUSINESS OF ASCENT SOLUTIONS

It may occur that Ascent Solutions discloses, shares, or transfers your personal data if we are going to transfer/sell, merge, or obtain financing for a part of our business.

VII. PROTECTION OF PERSONAL DATA

Ascent Solutions takes appropriate technical and organizational security measures to protect your personal data. In protecting your personal data, we follow generally accepted standards. Ascent Solutions has already taken the following measures:

– Physical and electronic measures designed to prevent unauthorized access, loss, or misuse of personal data as much as possible have been taken;
– Sensitive information is stored encrypted where possible;
– TLS (Transport Layer Security) technology is used to encrypt the transmission of sensitive information or personal data to Ascent Solutions (such as (account) passwords and identifiable information about payments);
– Periodic back-ups of (personal) data are made where reasonably possible;
– Vulnerabilities in the software are identified and addressed as quickly as reasonably possible. Our Processors are obliged in the processing agreement to secure (the processing of) your personal data. Ascent Solutions would like to point out that absolute security of data being processed (including storage and transmission) does not exist and therefore cannot and is not guaranteed.

VIII. OUR WEBSITE

a. Hyperlinks to third-party websites

On our website, there may be hyperlinks to third-party websites. We may also provide you with hyperlinks to third-party websites in the performance of our Services. Ascent Solutions has no control over and is not responsible for third-party websites, the information collected about you on those websites, the activities of these third parties (including with respect to the processing of personal data), and the privacy policy that is followed. We advise you to critically review the privacy policy of these third parties before you provide (personal) data.

b. Social media buttons

We use plugins on our Website from social media networks such as LinkedIn, X and YouTube. You can recognize these plugins by their logos.

We do not have any influence over which data these providers collect from you, and we are also not aware of the extent of their data processing. If you would like more information about their data processing, we recommend that you review the respective privacy policies on the websites of these providers.

c. Cookies

We use cookies and similar techniques, such as tags/beacons and java scripts, which are small text files stored on your device. Cookies enable us to recognize people and Customers who have previously visited the Website. Furthermore, Cookies allow us, in conjunction with our web server’s log files, to calculate the aggregate number of people visiting our Website and which parts are most popular. This helps us gather feedback to improve our Website and better serve you.

Cookies we do not intentionally store any personal data that your browser provided us in your Cookies.

If you wish to block, erase, or be warned of cookies, please refer to your browser or mobile device’s instructions or help screen to learn about these functions. However, if a browser or mobile device is set not to accept cookies or if you reject a cookie, some portions of the Website and Service may not function properly. For example, you may not be able to sign in and may not be able to access certain Website features or Service.

You may find out more specific information about our use of cookies and web beacons at our Cookie Policy. You can find out more information about how to change your browser cookie settings at www.allaboutcookies.org.

IX. Notifications of Changes

Ascent Solutions will post changes to this privacy statement in the homepage or other places we deem appropriate so you can always be aware of what information we collect, how we use it, and under what circumstances we disclose it.

X. YOUR RIGHTS

California Consumer Privacy Act (CCPA) of 2018. Effective January 1, 2020, if you reside in California and other states then you have the following rights:

a. You have the right to opt out, correct, or delete your personal data processed by us through a Service. If you wish to exercise this right, please contact us at the following email address: [email protected]. Deleting personal data, restricting processing, or withdrawing consent may result in your inability to use the relevant Services. In some cases, as outlined in this privacy statement, we have the right to retain your personal data. To gain email access to your personal data, we will ask you to provide sufficient proof of your identity. If we are unable to sufficiently verify your identity, we may deny access to your personal data until we can verify your identity to our satisfaction.

b. You have the right to direct that we limit the use of your Sensitive Personal Information, for limited purposes such as providing you with the services you requested.

c. You have the right to request, no more than twice in a 12-month period, that we disclose the following information:

• a. Categories of Personal Information we collected about you during the preceding 12 months.
• b. Categories of sources from which we collected the Personal Information during the preceding 12 months.
• c. Business or commercial purpose(s) for collecting or selling your Personal Information during the preceding 12 months.
• d. Categories of third-parties with whom we share the Personal Information during the preceding 12 months.
• e. Specific pieces of Personal Information we collected about you during the preceding 12 months.
• f. Categories of Personal Information we have sold and categories of third-parties to whom the information was sold to during the preceding 12 months.
• g. Categories of Personal Information we disclosed about you for a business purpose during the preceding 12 months.
• h. We will not discriminate against you because you exercise your rights under this section of our Notice

d. Households. Ascent Solutions does not hold personal information at the household level as defined by the CCPA. If you would like to submit a request for multiple people in the same household, please submit an individual request for each person.

California Shine the Light Law:

e. If you reside in California, you have the right to ask us one time each year if we have shared personal information with third-parties for their direct marketing purposes. To make a request please submit an inquiry to the following address: [email protected]. In your request, please specify that you want a “’Ascent Solutions’ California Shine the Light Notice.” Please allow 30 days for a response.

Do Not Track Signals:

f. We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. We allow third-party behavioral tracking.

Protection of Children

g. The Federal Trade Commission, United States’ consumer protection agency, enforces Children’s Online Privacy Protection Act (COPPA). We do not accept personally identifiable information online from children under the age of thirteen (13) and we do not knowingly accept personally identifiable information from children under the age of thirteen (13). If you are under 13, please do not use our Website. If we discover a minor under thirteen (13) has submitted information to our Website, we will delete this information as soon as possible.

XI. CONTACT

Please contact us if you have any questions or comments about this privacy statement, by sending an email to [email protected].

1. What is the GDPR?

The GDPR is a new regulation passed by the European Union (EU) that (1) expands the data privacy rights of EU citizens and (2) imposes new obligations on businesses that collect, use or store personal data regarding these EU citizens. It is intended to serve as a single set of privacy and security standards for the EU.

2. Who and what does the GDPR protect?

The GDPR protects “personal data” regarding “data subjects.”

Personal data includes any information related to a natural person (as opposed to businesses) that can be used to identify that person directly or indirectly. It provides a set of rights to data subjects regarding how businesses must treat their personal data.

Personal data is broadly defined. The following are examples of information that would qualify as personal data regarding data subjects:

• – name, address;
• – education and employment information;
• – financial information;
• – medical information.

3. What businesses must comply with GDPR?

The GDPR applies to businesses that (1) engage in certain activities concerning personal data and (2) have established certain contacts with the EU. A business can act as a “controller” or “processor” of personal data.

A “controller” determines the purposes and means of processing personal data.

A “processor” is responsible for processing personal data on behalf of a controller. The processing is ultimately for the business purposes of the controller. The controller performs the processing on its own behalf and can engage a processor to perform specified processing activities for him.

Summarized, “processing of personal data” refers to any treatment of personal data, including collection, use, recording, storage, disclosure etc.

A business is covered by the GDPR as a controller or processor only if it establishes at least one of the following links to the EU:

• – the business is “established” in the EU and the processes personal data in the context of the activities of that establishment, regardless of where the processing takes place;
• – the business is “not established” in the EU but offers goods or services to EU data subjects or monitors their behavior (or other operation of law).

As a result, the GDPR can apply to processing of personal data that a business performs outside the EU.

4. What data protection does the GDPR require?

GDPR sets forth a set of core principles with which controllers and processors must comply when processing personal data. They are:

• – Lawfulness, fairness and transparency: Personal data must be processed lawfully, fairly and in a transparent manner.
• – Purpose limitation: Personal data may only be collected for, and processed consistent with, specified, explicit and legitimate purposes.
• – Data minimization: Controllers and processors must limit processing of personal data to that which is adequate, relevant and necessary to achieve a proper purpose.
• – Accuracy: Controllers and processors must take reasonable steps to make sure that personal data is accurate and, where necessary, kept up to date.
• – Storage limitation: Except under certain circumstances, personal data may only be stored as long as necessary for the appropriate processing to occur.
• – Integrity and confidentiality: Personal data must be processed in a manner that ensures its appropriate security (Article 5(1)(f) GDPR). This includes protection against unauthorized or unlawful processing and against accidental loss, destruction or damage. In this regard, controllers and processors must use appropriate technical or organizational security measures.
• – Accountability: The controller is responsible for, and must be able to demonstrate, compliance with the other data protection principles (Article 5(2) GDPR).

The GDPR imposes detailed standards regarding each principle. Further, controllers and processors must implement data security measures to operationalize these principles.

5. What are some of the specific requirements that GDPR-covered businesses must comply with?

Examples include:

• – having obtained “consent” of a data subject for data processing;
• – closing a data processing agreement when a processor processes personal data on behalf of a controller;
• – “anonymizing” collected data under certain circumstances to protect privacy;
• – providing (national) data protection authorities and (in applicable) data subjects (timely) with “breach notifications”;
• – taking adequate security measures (including safely storing and transferring of personal data);
• – when applicable, appointing a data protection officer to oversee GDPR compliance.

6. What is a data processing agreement?

According to the GDPR, covered controllers and processors of personal data must use third-party (sub)processors that provide sufficient guarantees that processing of personal data will be consistent with the GDPR (and applicable national execution laws).

The data processing agreement (or addendum) (“DPA”) is meant to establish these duties. The GDPR further sets forth certain requirements that must be included DPAs between controllers and processors, or processors and sub-processors. The GDPR imposes more detailed requirements for DPAs.

Ascent Solutions offers DPAs to its customers as necessary to comply with applicable law, if Ascent Solutions is to process personal data on behalf of its customer (being the controller).

7. Does Ascent Solutions process data of its customers?

Ascent Solutions provides 100% Salesforce native applications and related services to seamlessly extend Salesforce Products and allow to achieve Operations 360° to meet our customers’ inventory visibility and control needs.

Salesforce relationship. Ascent Solutions uses the Salesforce Platform as the exclusive host for its applications. We believe strongly in Salesforce commitment to data protection.
Our customers interface directly with Salesforce to populate and access its data. Customers utilize Ascent Solutions’ applications autonomously within Salesforce’s environment. At all times, all customer data resides on Salesforce’s infrastructure and is subject to the terms and conditions of Salesforce.

We encourage our customers to review the Salesforce GDPR Webpage and its terms and conditions with Salesforce.

Ascent Solutions Processing. We will only access customer data on the Salesforce platform for troubleshooting and related purposes upon a customer’s specific request. This means that we do not process personal data on behalf of a customer.

In these cases, we provide our customers with the ability to grant data access credentials for Ascent Solutions’ workforce.

Ascent Solution and its workforce do not export customer data from the Salesforce platform.
If Ascent Solution would process personal data on behalf of a customer, we would first sign a respective data processing agreement (tailored to the situation and hence considering any international transfer of personal data).

For questions, please contact [email protected].