Process Shepherd

Categories

Menu

Privacy Policy

1. Introduction

At Process Shepherd LLC (‘Process Shepherd’ or ‘we’ or ‘us’ or ‘our’), we are dedicated to protecting your privacy and ensuring the security of your personal data. As the data controller, we uphold the highest standards of compliance with global data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), the Personal Information Protection and Electronic Documents Act (PIPEDA), and Japan’s Act on the Protection of Personal Information (APPI) to safeguard the confidentiality of your information. This privacy policy outlines our strict procedures and commitments to secure your personal data.

2. Scope of the Privacy Policy

This privacy policy applies when you willingly share your personal data with us. It covers situations where you provide personal data by subscribing to our newsletter, requesting a demo, accessing resources or content, submitting support inquiries, contacting us via email, or creating a client account. It also applies when Process Shepherd collects your personal data to manage platform user access, after-sales service, and website analytics. Importantly, this Privacy Policy does not apply to any of the personal information that our Customers may collect and process using Process Shepherd’s Services (“Customer Data”). Our Customers’ respective privacy policies govern their collection and use of Customer Data. Our processing of Customer Data is governed by the contracts that we have in place with our Customers, not this Privacy Policy. Any questions or requests relating to Customer Data should be directed to our Customer(s). By using the Services, you further acknowledge that we will collect, use, disclose, and store personal information as described in this Privacy Policy.

3. Our Identity

Process Shepherd, operating as the data controller, is responsible for the processing of your Personal Data. Our full identity information is as follows:
  • Company Name: Process Shepherd LLC
  • Registered Address: Suite A 8 The Green Dover DE 19901, USA
  • Contact Email: hello@processshepherd.com
  • Website: www.processshepherd.com

4. Our Commitments

Process Shepherd prioritizes the protection of personal data and privacy. We are committed to working with transparency and adhering to global data protection regulations. We process your personal data in strict compliance with the Regulations, this Privacy Policy, and any lawful instructions from our clients who act as data controllers. We practice data minimization, processing only the personal data necessary for specified, explicit, and legitimate purposes. Our processing activities are conducted with strict security and confidentiality measures and limited to the required duration.

5. Applicable Regulations

Our processing of personal data adheres to all relevant national and international laws and regulations, including GDPR, CCPA, CPRA, PIPEDA, APPI, the European Directive, and applicable guidelines, opinions, recommendations, and certifications.

6. Personal Data Processing by Process Shepherd

6.1 Customer Data Processing

Customers can use our website or Services to process Customer Data, possibly containing personal information. We handle this data on behalf of our customers as per our contracts with them, not this Privacy Policy. For queries about Customer Data handling, contact the person or entity who engaged us to process the data. Customers control the personal data, security settings, access controls, and data retention in these scenarios. Still, we’ll help address your concerns, aligned with our contract terms.

6.2 Personal Data Processing as Data Controller

If you are a client of Process Shepherd or have a commercial relationship with us, we may collect and process personal data of your employees, collaborators, service providers, or platform users (such as name, first name(s), business email address, telephone number, status within the client’s company, and browsing data) for the following purposes:
  • Managing platform user access: Based on the execution of the contract between Process Shepherd and you.
  • Managing client relationships: Including contracts, invoicing, loyalty programs, after-sales service, user assistance, satisfaction surveys, management of unpaid invoices, etc., in compliance with legal obligations.
  • Sending newsletters: Based on Process Shepherd’s legitimate interest in maintaining a commercial relationship.
  • Managing requests for access, rectification, and opposition rights: In compliance with legal obligations.
  • Communicating about your account, activities, policy changes, and processing your payment methods.
  • Providing advertising, analytics, marketing services, and allowing event registration.
  • Detecting security incidents, preventing fraud, conducting technological research, and improving our services.
Your personal data is stored by our services for the necessary duration, which is one (1) year from the end of the contractual relationship or for the applicable statute of limitations regarding legal obligations. Guides created by users can be retained even after their account deletion without retaining personal data. Process Shepherd only discloses your personal data to authorized recipients within our commercial, accounting, and marketing departments, as well as data processors, to fulfill their designated tasks.

6.3 Transfer of Personal Data to Third Parties

Process Shepherd will not transfer personal data to third parties without obtaining the prior consent of the data subject, except as permitted under APPI. If personal data is transferred to a third party located outside of Japan, Process Shepherd will ensure that the third party has equivalent data protection standards or will obtain explicit consent from the data subject for such transfer. Process Shepherd will also provide the necessary information to the data subject regarding the transfer and the receiving party upon request.

6.4 When You Access a Client’s Guide

Process Shepherd may process anonymized data on its own behalf for data science purposes, ensuring the proper execution of the services provided. Anonymized data processed in this manner is retained for one (1) year. Process Shepherd only discloses anonymized data to authorized recipients within our commercial and marketing departments, as well as data processors, as required for their tasks.

6.5 When You or Your Employer are Prospects of Process Shepherd or Visit Our Website

You may provide your name, first name(s), email address, browsing data, etc., to subscribe to our newsletter, request information about our services, or authorize the placement of cookies on your device. Your personal data is processed for the following purposes:
  • Subscription to our newsletter: Based on Process Shepherd’s legitimate interest in initiating a commercial relationship.
  • Managing requests for access, rectification, and opposition rights.
Personal data processed for newsletter purposes is retained until you unsubscribe via the “unsubscribe” link in each newsletter. Personal data processed for targeted advertising is retained for one (1) year. Process Shepherd only discloses your personal data to authorized recipients within our sales, accounting, and marketing departments, as well as data processors, as necessary to fulfill their tasks.

6.6 Anonymization of Data

Process Shepherd may anonymize personal data to use it in ways that do not identify individual data subjects. When personal data is anonymized, it is processed in accordance with APPI requirements, ensuring that the data cannot be re-identified. Process Shepherd implements strict measures to prevent unauthorized re-identification of anonymized data.

6.7 Data Retention Policy

All categories of personal data collected by Process Shepherd are retained for a period of one (1) year. This includes data collected through cookies, marketing data, customer data, and any other personal data processed by Process Shepherd. This retention policy applies uniformly to all personal data, after which the data is securely deleted, unless required to be retained longer by applicable laws or for legal obligations.

7. Personal Data Processing as Data Processor

When acting as a data processor, Process Shepherd processes personal data on behalf and under the instructions of our clients. Within our knowledge-sharing activities, we process personal data (such as browsing data, IP addresses, and data entered in guide fields) to enable our clients to efficiently utilize our products. Please refer to the privacy policies of relevant content editors for information on their data processing methods.

8. Cookies Usage and Management

Cookies are small data files placed on your device when browsing websites. At Process Shepherd, we use cookies to facilitate browsing, provide personalized advertising, and compile visit statistics.

8.1 Our Cookies Include

  • User preferences and authentication cookies: To identify unique users, enable sign-up, and register preferences.
  • Targeted advertising cookies: To optimize advertisements on our website based on your interests and limit repetitive ads.
  • Statistical cookies: To establish website traffic statistics and detect browsing issues for quality monitoring and improvement.
You can set your browser preferences to manage cookies, including refusal of certain cookies. We provide an interface through our cookie banner to express and modify your preferences upon initial connection to the website or after deleting cookies. Disabling targeted advertising and statistical cookies may impact the relevance of advertisements and the inclusion of your visit in our traffic measurement tools. Personal data collected via cookies is retained for one (1) year.

8.2 Microsoft Statement

We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.

9. Requirements for Third-Party Recipients

We request that recipients of your personal data comply with the Regulations and ensure the confidentiality of your information.

10. Personal Data Transfers outside the European Union

Process Shepherd may transfer personal data to data processors located outside the European Union. In such cases, we take necessary measures with our data processors and partners to ensure adequate protection of your personal data in accordance with the Regulations. This includes selecting processors and partners located in countries with adequate protection levels, adherence to the Privacy Shield (for transfers to the United States), or implementation of standard data protection clauses approved by the European Commission through contractual agreements.

11. Security Measures

To safeguard your personal data, Process Shepherd implements appropriate physical, technical, and organizational measures to prevent alteration, loss, or unauthorized access. These measures include strict access control, regular data verifications, security instructions for authorized personnel, secure data center hosting, database access traceability, two-factor authentication, and data encryption.

12. Data Subject Rights and Exercising Them

As the data controller, Process Shepherd respects your rights as outlined in global data protection regulations, including GDPR, CCPA, CPRA, PIPEDA, and APPI.

12.1 Exercising Your Rights

Data subjects can exercise their rights by contacting the organization (Customer) they interact with. The organization will work with Process Shepherd to fulfill requests.
  • Right to Access: To request a copy of your personal data or confirm whether your data is being processed, contact the organization you provided data to. The organization will facilitate access through Process Shepherd, who will provide the requested data within one month.
  • Right to Rectification: If your personal data is incorrect or incomplete, contact the organization to request correction. Process Shepherd will update your data promptly upon the organization’s request.
  • Right to Erasure: You may request the deletion of your data by contacting the organization. Process Shepherd will delete your data as directed by the organization and confirm the deletion within one month.
  • Right to Restrict Processing: If you wish to restrict how your data is processed, please contact the organization. The organization will coordinate with Process Shepherd to ensure your data processing is restricted as required.
  • Right to Data Portability: To receive a copy of your data in a portable format or to have it transferred to another provider, contact the organization. Process Shepherd will facilitate the secure transfer of your data as instructed by the organization.

12.2 Contact Information

For exercising your rights or obtaining additional information, you can contact Process Shepherd: We will complete the request within one (1) month after receiving it, accompanied by a copy of a signed proof of your identity and any other necessary information to confirm your identity and process your request.

13. Lawful Basis for Processing

Process Shepherd processes personal data under the following lawful bases in accordance with GDPR and other global data protection laws:
  • Performance of a Contract: We process personal data as necessary to provide our services to you or to fulfill any other contractual obligations.
  • Legitimate Interests: We may process personal data to pursue legitimate business interests, such as enhancing our platform, ensuring security, and providing customer support. We ensure that our legitimate interests do not override your rights and freedoms.
  • Compliance with Legal Obligations: We process personal data to comply with applicable laws, including regulatory and legal obligations.
  • Consent: Where we rely on your consent to process personal data (e.g., for marketing purposes), you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

14. Data Breach Notification

Process Shepherd is committed to protecting your personal data. In the event of a data breach, Process Shepherd will notify the relevant supervisory authorities and affected data subjects without undue delay and, where feasible, within 72 hours of becoming aware of the breach, in accordance with GDPR, CCPA, CPRA, PIPEDA, and APPI requirements.

15. Data Protection Officer (DPO)

Process Shepherd has appointed a Data Protection Officer (DPO) to oversee compliance with data protection laws. You can contact our DPO at privacy@processshepherd.com for any questions or concerns related to data protection and privacy.

16. Processing of Sensitive Data

Process Shepherd does not process any sensitive data (e.g., health data, biometric data) unless necessary for the provision of services, and where such processing is in strict compliance with APPI and other relevant regulations. Any processing of sensitive personal information will be carried out only with the explicit consent of the data subject or as otherwise required by law.

17. Privacy Policy Modifications

Process Shepherd reserves the right to modify this Privacy Policy to align with legal and regulatory requirements, as well as recommendations, opinions, and decisions from relevant authorities, including the CNIL, the European Committee for Data Protection, the Office of the Privacy Commissioner of Canada, Japan’s Personal Information Protection Commission (PPC), and other relevant jurisdictions.