Essence International s.r.o., is a limited liability company registered in the Czech Republic, with offices at Šumavská 15, 602 00 Brno, ID No.: 25316524, (“Essence,” “we,” “our,” or “us”) providing a software application that helps You manage your accounting and finances (the “Licensed Application”).
Your privacy is important to us. This privacy statement explains what personal data we and Microsoft collect from you, through our interactions with you and through the Licensed Application and how we use that data. Essence stores data on Azure and MS SQL Server. References to products in this statement include Essence and Microsoft services, websites, apps, software, servers and devices.
This statement applies to Essence and Microsoft’s interactions with you, the Licensed Application and Microsoft products listed below.
Essence and Microsoft collect data to operate effectively and provide you the best experiences. You provide some of this data directly or contact us for support. We get some of it by recording how you interact with our products by, for example, using technologies like cookies, and receiving error reports or usage data from software running on your device. Microsoft also obtains data from third parties for which their policies apply.
The data we collect depends on the context of your interactions with our products, the choices you make, including your privacy settings, and the products and features you use. The data we collect can include the following:
Name and contact data. We collect your username and preferences.
Credentials. We collect passwords, password hints, and similar security information used for authentication and account access.
Demographic data. We collect data about you such as country and preferred language.
Device and Usage data. We collect data about your device and how you and your device interact with our products. For example, we collect:
- Product use data. We collect data about the features you use. This also includes the settings you select and the software configurations you use most.
- Device, connectivity and configuration data. We collect data about your device and the network you use to connect to our products. It includes data about the operating systems and other software installed on your device, including product keys. It also includes IP address, device identifiers, regional and language settings.
- Error reports and performance data. We collect data about the performance of the products and any problems you experience with them. This data helps us to diagnose problems in the products you use, and to improve our products and provide solutions. Depending on your product and settings, error reports (sometimes called “crash dumps”) can include data such as the type or severity of the problem, details of the software or hardware related to an error, contents of files you were using when an error occurred, and data about other software on your device.
- Troubleshooting and Help Data. When you engage us for troubleshooting and help, we collect data about you and your hardware, software, and other details related to the incident. Such data includes contact or authentication data, data about the condition of the machine and the application when the fault occurred and during diagnostics, and system and registry data about software installations and hardware configurations.
Content. We collect content of your files and communications when necessary to provide you with our product. For example, if you transmit a file we need to collect the content of that file to display it to you and the other users as you direct.
We also collect information you provide to us and the content of messages you send to us, such as feedback and product reviews you write, or questions and information you provide for customer support. When you contact us, such as for customer support, phone conversations or chat sessions with our representatives may be monitored and recorded.
Product-specific sections below describe data collection practices applicable to use of those products.
How We Use Personal Data
- Security, Safety and Dispute Resolution. We use data to protect the security and safety of our products and our customers, to detect and prevent fraud, to confirm the validity of software licenses, to resolve disputes and enforce our agreements. Our security features and products can disrupt the operation of malicious software and notify users if malicious software is found on their devices.
- Business Operations. We use data to develop aggregate analysis and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.
Reasons We Share Personal Data
We share your personal data with your consent or as necessary to complete any transaction or provide any product you have requested or authorized.
We will access, transfer, disclose, and preserve personal data, including your content (such as the content of your documents), when we have a good faith belief that doing so is necessary to:
- comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies;
- protect our customers, for example to prevent spam or attempts to defraud users of our products, or to help prevent the loss of life or serious injury of anyone;
- operate and maintain the security of our products, including to prevent or stop an attack on our computer systems or networks; or
- protect the rights or property of Microsoft, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.
For more information about data Microsoft discloses in response to requests from law enforcement and other government agencies, please see our Law Enforcement Transparency Report, available at microsoft.com/about/corporatecitizenship/en-us/reporting/transparency.
How to Access & Control Your Personal Data
You can view, edit, or delete your personal data online for many Microsoft products. You can also make choices about Microsoft’s collection and use of your data. How you can access or control your personal data will depend on which products you use. For example:
- Microsoft privacy dashboard. You can see and control activity data across multiple Microsoft services on the Microsoft privacy dashboard at: account.microsoft.com/privacy. From here, you can view, and clear browsing, search, and location data associated with your Microsoft account. You can also manage data in your Cortana Notebook and Microsoft Health services.
- Microsoft account. If you wish to access, edit, or remove the profile information and payment information in your Microsoft account, change your password, add security information or close your account, you can do so by visiting account.microsoft.com. From here, you can also access controls for other Microsoft products.
- Microsoft Store. You can access your Microsoft Store profile and account information by visiting www.microsoftstore.com/ and clicking on “View account” or “Order history.”
- Microsoft.com. You can access and update your profile on microsoft.com by visiting the Microsoft.com Profile Center.
If you cannot access certain personal data collected by Essence or Microsoft via the links above or directly through the Microsoft products you use, you can always contact Microsoft by using their web form or Essence via our support e-mail address. We will respond to requests to access or delete your personal data within 30 days.
Cookies & Similar Technologies
- Storing your Preferences and Settings. Settings that enable our products to operate correctly or that maintain your preferences over time may be stored on your device. If you opt out of interest-based advertising, we store your opt-out preference in a cookie on your device.
- Sign-in and Authentication. When you sign into a website using your personal Microsoft account, we store a unique ID number, and the time you signed in, in an encrypted cookie on your device. This cookie allows you to move from page to page within the site without having to sign in again on each page. You can also save your sign-in information so you do not have to sign in each time you return to the site.
- How to Control Cookies
Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. For example, in Microsoft Edge, you can block or delete cookies by clicking Settings > Privacy > Cookies. Instructions for blocking or deleting cookies in other browsers may be available in each browser’s privacy or help documentation.
Certain features of Microsoft products depend on cookies. Please be aware that if you choose to block cookies, you may not be able to sign in or use those features, and preferences that are dependent on cookies may be lost. If you choose to delete cookies, settings and preferences controlled by those cookies, including advertising preferences, will be deleted and may need to be recreated.
Additional privacy controls that can impact cookies, including the Tracking Protection feature of Microsoft browsers, are described in the Access and Control section of this privacy statement.
Notice to End Users
Essence and many Microsoft products are intended for use by organizations and are administered to you by your organization. Your use of the Essence application and Microsoft products may be subject to your organization’s policies, if any. If your organization is administering your use of the such products, please direct your privacy inquiries to your administrator. When you use social features of such products, other users in your network may see some of your activity.
With a Microsoft account, you can sign into Essence and Microsoft products. Signing into your account enables improved personalization, provides seamless and consistent experiences across products and devices, permits you to access and use cloud data storage, and enable other enhanced features and settings.
When you sign into your account to access our product, Microsoft creates a record of that sign in. You will be asked to consent to share the account data required by our service.
Other Important Privacy Information
Below you will find additional privacy information you may find important. You can also find more information on Microsoft’s commitment to protecting your privacy at privacy.microsoft.com.
Security of Personal Data
Essence and Microsoft are committed to protecting the security of your personal data. Microsoft uses a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure. For example, Microsoft stores the personal data you provide on computer systems that have limited access and are in controlled facilities.
Where We Store and Process Personal Data
Personal data collected by Essence and Microsoft may be stored and processed in your region, in the United States or in any other country where Microsoft or its affiliates, subsidiaries or service providers maintain facilities. Microsoft maintains major data centers in the Australia, Austria, Brazil, Canada, Finland, France, Germany, Hong Kong, India, Ireland, Japan, Korea, Malaysia, the Netherlands, Singapore, the United Kingdom and the United States. Typically, the primary storage location is in the customer’s region or in the United States, often with a backup to a data center in another region. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps to ensure that the data we collect under this privacy statement is processed according to the provisions of this statement and the requirements of applicable law wherever the data is located.
Microsoft transfers personal data from the European Economic Area and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When they do, they use a variety of legal mechanisms, including contracts, to help ensure your rights and protections travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where Microsoft processes personal data, please visit: ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm
Microsoft Corporation complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Microsoft Corporation has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If third-party agents process personal data on our behalf in a manner inconsistent with the principles of either Privacy Shield framework, we remain liable unless we prove we are not responsible for the event giving rise to the damage. The controlled U.S. subsidiaries of Microsoft Corporation, as identified in our self-certification submission and listed here, also adhere to the Privacy Shield Principles.
If you have a question or complaint related to Microsoft’s participation in the EU-U.S. or Swiss-U.S. Privacy Shield, we encourage you to contact them via Microsoft’s web form. For any complaints related to the Privacy Shield frameworks that cannot be resolved with Microsoft directly, they have chosen to cooperate with the relevant Data Protection Authority, or a panel established by the European DPAs for resolving disputes. Please contact Microsoft to be directed to the relevant DPA contacts. As further explained in the Privacy Shield Principles, binding arbitration is available to address residual complaints not resolved by other means. Microsoft is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
Our Retention of Personal Data
Essence and Microsoft retain personal data for as long as necessary to provide the products and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types in the context of different products, actual retention periods can vary significantly. The criteria used to determine the retention periods include:
- How long is the personal data needed to provide the products and operate our business? This includes such things as maintaining and improving the performance of those products, keeping our systems secure, and maintaining appropriate business and financial records. This is the general rule that establishes the baseline for most data retention periods.
- Do customers provide, create, or maintain the data with the expectation we will retain it until they affirmatively remove it? Examples include a document you store in our database. In such cases, we maintain the data until you actively delete it.
- Is there an automated control, such as in the Microsoft privacy dashboard, that enables the customer to access and delete the personal data at any time? If there is not, a shortened data retention time will generally be adopted.
- Is the personal data of a sensitive type? If so, a shortened retention time would generally be appropriate.
- Has Microsoft adopted and announced a specific retention period for a certain data type? For example, for Bing search queries, Microsoft de-identifies stored queries by removing the entirety of the IP address after 6 months, and cookie IDs and other cross-session identifiers after 18 months.
- Has the user provided consent for a longer retention period? If so, Microsoft will retain data in accordance with your consent.
- Is Microsoft subject to a legal, contractual, or similar obligation to retain the data? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation.
Changes to This Privacy Statement
We will update this privacy statement when necessary to reflect customer feedback and changes in our products. When Microsoft posts changes to this statement, they will revise the “last updated” date at the top of the statement and describe the changes in the Change History page. If there are material changes to the statement or in how Microsoft will use your personal data, they will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how Microsoft is protecting your information.
How to Contact Us
If you have a technical or support question, please visit our e-mail technical support or support.microsoft.com to learn more about Essence and Microsoft Support offerings. If you have a personal Microsoft account password question, please visit Microsoft account support.
If you have a privacy concern, complaint, or a question for the Chief Privacy Officer/Data Protection Officer of Microsoft, please contact us by using their Web form. They will respond to questions or concerns within 30 days.
Unless otherwise stated, Microsoft Corporation is a data controller for personal data they collect through the products subject to this statement. Their address is Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052, USA. Telephone: (+1) 425-882-8080.
Microsoft Ireland Operations Limited is the data protection representative for the European Economic Area and Switzerland. The data protection officer of Microsoft Ireland Operations Limited can be reached at the following address: Microsoft Ireland Operations, Ltd., Attn: Data Protection, Carmenhall Road, Sandyford, Dublin 18, Ireland.
To find the Microsoft subsidiary in your country or region, see www.microsoft.com/worldwide/.