Privacy policy
Personal data
This Privacy Policy governs the manner in which FledgeWorks collects, uses, maintains and discloses information collected directly from users (each, a “User”) or entered into the system by companies and organizations (“The Client”) using the FledgeWorks app (“Service”). This privacy policy applies to the Service and all products and services offered by FledgeWorks.
We may collect personal data and identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, register on the site, are added by their employer or organisation, place an order, subscribe to the newsletter, fill out a form or use other activities, services, features or resources we make available on our Service.
Users may be asked for, as appropriate, name, email address, mailing address, phone number or profile photo. We will collect personal data from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Service related activities.
We may collect non-personal identification information about Users whenever they interact with our Service. Non-personal identification information may include, but is not limited to, the browser name, operating system, IP address, versions, the type of computer and other technical information about Users device and software.
Information collected by clients
A Client or User may store or upload into the Service Client Data. This includes but is not limited to new user invites, their employees and team members or external parties. FledgeWorks has no direct relationship with the individuals whose Personal Data it hosts as part of Client Data. Each Client is responsible for providing notice to its employees and users and third persons concerning the purpose for which Client collects their Personal Data and how this Personal Data is processed in or through the Service as part of Client Data. In the framework of GDPR FledgeWorks is the data processor for such data.
Web browser cookies
Our Service may use “cookies” to enhance User experience. User’s web browser places cookies – small objects of data – on your computer for record-keeping and information tracking purposes. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. Keep in mind that if you do so, some parts of the Service may not function properly.
Session cookies are used to keep track of your authentication, so that you are not required to log in each time you use the Service. Other examples of session cookies are keeping track of which pages and features of the Service you have used, which configuration and view options you have selected, which language you selected and so on, so you can start from where and how you left off.
The Service uses 3rd party partner technologies and analytics services to analyze and improve the Service for you.
By using the Service you agree to the use of cookies in your browser and HTML based e-mails for the purposes outlined above.
How we use collected information
FledgeHR may collect and use Users personal information for the following purposes:
- To improve customer service. Information you provide helps us respond to your customer service requests and support needs more efficiently.
- To personalize user experience. Your data helps us to customize how the user interface and features look like for you, or provide you with tips, hints and training.
- To improve our Service. We may use feedback you provide to improve our products and services. We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Service. We use it to diagnose and fix problems you might have while using the Service. We do not share this information with outside parties except to the extent necessary to provide the service.
- To honor our contractual commitments to the Clients and to meet our contractual obligations to our users.
- To inform you of new features, promotions, contests, surveys or other Service improvement or training activities.
- To send periodic emails, information and updates, to respond to user inquiries, questions, and/or other requests. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe options in the user profile within FledgeWorks app.
We do not sell, trade, or rent Users personal identification information to others.
To improve our Service, we may use generic aggregated anonymized information not linked to any personal identification information regarding visitors and users.
We protect your data
FledgeWorks is designed with data protection and security in mind. We perform detailed analysis in all development and hosting phases of the system’s modules taking into account risk assessment, information security and data protection. The output is then applied on all application levels from design documents to low level algorithms and libraries so that information security is embedded in FledgeWorks both through our people’s knowledge and through the underlying platform.
Data transmitted and stored in FledgeWorks is served to and from your browser under secure connection SSL (Secure Socket Layers)
Where is your data stored
FledgeWorks uses Microsoft Azure cloud and Azure SQL database as its native hosting and processing platform coupled with highly scalable and proven web development languages, tools and practices.
Azure is designed by Microsoft with industry-leading security measures and privacy policies to safeguard your data in the cloud, including the categories of personal data identified by various regulations. Read more about Azure security
here.
All FledgeWorks data is stored on Microsoft Datacenters located in Europe, in Netherlands and Ireland. Read more about Azure locations here.
Managing access and controlling how data is used and accessed
FledgeWorks helps ensure that only authorized users with valid credentials can access the data.
The system follows recommended best practices for data protection and authentication, such as using separate accounts to authenticate users and applications. This enables limiting the permissions granted to users and applications and reduces the risks of malicious activity.
The underlying database server of FledgeWorks, Microsoft SQL, provides the following built-in solutions that help in achieving greater security.
Azure SQL Database Firewall
When creating a database server in Azure, a firewall is set up to help protect the data. The firewall prevents all access to the database server until explicit access permissions are specified, based on the originating IP address of each request.This allows only necessary services to connect to the database, to ensure full functionality across Azure services.
Row-Level Security
This feature is used to restrict access according to specific user entitlements. We use Row-Level Security to control access to rows in a database table based on the characteristics of the user. In this way, only database users that have a specific need to access data in a database row will be granted that access. For example, every company using FledgeWorks can access only those data rows that are pertinent to their setup.
The restrictions are applied every time that data access is attempted from any tier. This makes the security system more reliable and robust by reducing the system’s surface area.
Transparent Data Encryption
Transparent Data Encryption (TDE) addresses the scenario of protecting the data at the physical storage layer. TDE performs real-time encryption and decryption of the database, associated backups, and transaction log files.
This ensures that if these files are moved to another server, they cannot be opened and viewed on that server.
Backups
We rely on Azure’s native automatic database backup processes and we perform additional daily backups, so we can have your data safe and restorable within minutes in case of a major impact on the business continuity.