Version released: May 15th 2018.
Last Updated: May 15th 2018
Who are Glide?
Glide, also referred to in this document as ‘we’, is the company Glide Practice Solutions Limited. We are headquartered in Peterborough, UK.
Our UK Company Number is 06562745.
We provide Practice Management solutions to Professional Service firms all around the world. The privacy information contained in this document is designed for our customers based within the European Union, these customers will access our services via the www.whatsglide.com website.
Glide Practice Solutions Ltd
Future Business Centre
At Glide Practice Solutions Ltd we understand that your privacy and your clients’ privacy is of utmost importance. Our company principles in relation to data protection are:
- Transparency: We will always notify you of all personal data we collect when we collect it. We shall confirm exactly why we collect it, where it is stored, how we process it and when it shall be destroyed. We shall at all times ensure that our privacy information is easy to understand and be available to discuss this with you at any time.
- Security: We shall adopt all leading best practice in relation to both our business processes and the technology that enables them to do all we can to secure your personal data and your clients’ personal data.
How and when we collect your information
As a prospective customer:
If you register for a system demonstration, meeting, webinar (or similar) we shall collect basic personal information. The legal basis for collecting this data is that it is necessary to provide you with the demonstration (or similar event) in advance of our potentially entering a contract.
This information will all be provided by you in a webform, over the telephone or by e-mail. We do not collate further information about you from 3rd parties. The information collected is restricted to that required to provide the service such as your name, phone number, e-mail address and business name.
We routinely destroy this information after 7 years and we use for no purpose other than to provide the service you have signed up for. You will be offered the opportunity to separately consent to joining our marketing list, this will never be assumed.
As a customer – information you provide to us:
If you create an account (whether a trial or fully licenced Glide system) we store basic information about you and your organisation. The legal basis for collecting this data is that it is necessary in order for Glide to fulfil our contractual obligations to you. This includes the correct functioning of the Glide system and our ability to contact you for Account/billing queries.
The information collected is your organisation name, main contact name and email address, billing contact name and e-mail address and a phone number. All of this information is provided by you via a web form within the Glide system.
We shall retain this data for as long as you use Glide’s services. Our data retention and deletion policies in relation to the Glide application are detailed in this document.
As a customer – information we collect automatically:
We collect some information about you automatically when you use the Glide application. This includes information about your IP address, browser and location as well as information about how you use the software such as the features you have activated, the pages you have visited and the buttons you have pressed. The legal basis for collecting this information is to enable Glide to fulfil our contractual obligations to you. Information about your IP address, location and device are used to maximise the security of the Glide system and to monitor for unusual log in attempts. Information about usage patterns is used to make the Glide system as easy as possible to use and to ensure upgrades are scheduled during the time of least system use.
We never collect information about you from 3rd parties.
How we use your information
Our main use for your personal data is to allow our website and application to operate in the way you expect it to, for example the ability to display your Company name in the menu or to send you an automated e-mail should you forget your password. We also use your personal data for other purposes as listed below.
Our preference is to communicate with you directly through the Glide application; however, we will need to e-mail you or potentially phone you for the following essential reasons that are a necessary part of the contract between us:
- Communicating changes and updates to the Glide system. This is to ensure you are made aware in a timely basis of changes to the system, including functionality updates, security updates and changes to our terms and conditions.
- To support you where you have requested support. This may be through the in built support system, via e-mail or telephone.
- Asking for your feedback so that we can continually improve the Glide application.
We may contact you to market our latest features, advise of best use of the Glide application and to draw you attention to case studies, videos, tutorials or other content we have created.
This is not necessary to fulfil our contract and so the legal basis for this usage would always be your explicit consent to receiving these marketing communications. We shall never assume to have your consent simply because you use our applications.
Improvements to our application:
We shall use automatically collected data to improve our application and website. For example our data will show areas where numerous users are clearly aiming to configure or use the system in one way but are not able to achieve the desired outcome. We shall use the data to diagnose this issue so that we can improve the usability of the system works in order to improve the experience for all users.
We shall also collate information from our support system to decide which features to build next, for example if multiple users are reporting the same issue we shall develop a solution to this.
We shall use automatically collected data such as IP addresses, geographic locations and browsers to maximise the level of security provided to Glide users. For example if we detect a log in from an unusual country or if we notice the same user has multiple failed attempts to log in we shall block the log in and/or lock the account.
When we share your personal information
There are instances where we share your information with third party service providers who assist Glide with the provision of our application, these are fully detailed below. Generally speaking data is only shared as part of the provision of optional services and integrations within Glide, meaning you can decide whether to utilise them or not and thus exercise control over your data. The core Glide system can be fully utilised without data transfers which ensures full data sovereignty within the UK.
Some third parties are based outside of the European Economic Area (EEA) which results in international data transfers. In these cases we only work with third parties that have either been specifically assessed as providing adequate data protection by the European Commission (EC) or where the entire territory they are located in has been assessed as providing adequate data protection by the EC.
Organisations and territories that have been assessed and deemed to provide adequate data protection are listed here. This means that we do not need explicit authorisation for the data transfer, we choose to provide full information here in accordance with our transparency principle.
Clockwork SMS (UK)
Where SMS messages are sent by the Glide system they are sent using the Clockwork SMS service. Clockwork SMS is a trading name of SRCL Limited (company number 03226910) and are based in Manchester, UK. We share the phone number and the message contents only. Clockwork SMS store your data within the UK, of course if you send an SMS to a mobile that is located outside of the UK then the data shall be transferred there. Clockwork destroy the contents of SMS messages after 3 months and only retain the phone number, date stamps for audit logs and message status.
You can access their privacy, IT Security and data retention policies at the above link (https://www.clockworksms.com/legal/).
Send Grid E-mail server (US)
Where e-mail messages are sent by the Glide system they are sent using the Send Grid e-mail server. Send Grid is located in the US and is part of the EU-US Privacy Shield framework, this framework has been assessed as providing adequate data privacy by the EC.
In addition to the membership of the EU-US Privacy Shield Send Grid have incorporated standard data protection clauses in our terms of service that have been approved by the EC.
You can access the privacy, data security and data retention policies of Send Grid here (https://sendgrid.com/policies/tos/).
IRIS Software Group Limited (UK)
For the purpose of our internal Accounting we share information with IRIS by virtue of using the Kashflow Accounting platform. This information is restricted to that necessary to maintain Accounting records being your name, organisation name, phone number, address and e-mail address.
Certain services require payment through a credit card or other payment method. We work alongside reputable payment processing companies who uphold our high standards of privacy and security. We do not store any payment details ourselves. These include GoCardless, PayPal and Stripe.
When signing up to pay for Glide’s services you can choose which payment method to use. You can review each processor’s privacy, data security and general terms at the links below to decide which to entrust with your personal data.
Stripe (US, within Privacy Shield framework) -> https://stripe.com/privacy-shield-policy
GoCardless (UK) -> https://gocardless.com/legal/privacy
PayPal (US) -> https://www.paypal.com/uk/webapps/mpp/ua/privacy-full#7
Help Scout Inc
If you submit e-mails to our support team we use HelpScout to process these support requests. Help Scout is located in the US and is part of the EU-US Privacy Shield framework, this framework has been assessed as providing adequate data privacy by the EC.
In addition to the membership of the EU-US Privacy Shield Help Scout have incorporated standard data protection clauses in our terms of service that have been approved by the EC.
You can access the privacy, data security and data retention policies of Help Scout here (https://www.helpscout.net/company/legal/privacy/)
The Glide system integrates with a series of 3rd party applications, the use of these will potentially result in your own or your clients’ personal data being shared with these companies. At present this includes Xero, Google Drive and Zapier.
The decision to share this information is taken by yourself in your capacity as data controller. Prior to connecting to a 3rd party service you should review the information that will be shared and satisfy yourself that those companies provide adequate levels of protection.
In addition to your ability to opt out of marketing communications (for example where you had previously opted in) you also have the following rights in relation to your personal data.
- The right to access the personal data we hold about you, to check it is accurate and to request changes be made where it is not accurate.
- The right to request the personal data we hold about you is fully deleted, also known as the ‘right to be forgotten’.
- The right to request the restriction or suppression of your personal data, for example to prevent us from continuing to process it and to object to our processing of your information.
To exercise these rights please contact us by sending an e-mail top email@example.com
If you are concerned with how we are processing your personal data please complain in the first instance to us at firstname.lastname@example.org, we shall review your complaint and respond to you within 30 days of receiving it. If you are not satisfied with the outcome of our investigation you also have the right to complain to your local data protection authority.
Retention and deletion of Personal Information
We retain all personal information relating to the Glide application for as long as the system is provided to you. We retain personal information relating to prospects (webinars etc) for a period of 7 years following the event. We retain information necessary for the completion of our Accounting and taxation records for at least the minimum period as required by law making agencies and potentially longer where necessary.
As a customer if you cease to subscribe to Glide’s services we shall routinely delete all data 3 months after the end of your subscription. In addition to this you can delete your Glide system at anytime from within the application, this will instantly delete all data we hold from our main production servers. Whether deleted by us or you all system data will cease to exist in our system back ups 14 days after the deletion event.
At any point you may write to us and request that your account and any related Personal Information (not held to fulfil our legal obligations in relation to Accounting records) be destroyed. On receiving such a request we promise to delete all data relating to your account within 30 days. This data will not be retrievable after this period.
How to contact Glide