Privacy Policy

responsive site templates

Privacy Policy

Your privacy is important to Prolite CRM.

This Privacy Policy covers what we collect and how we use, disclose, transfer and store your information.

1. Identity of Prolite CRM

If there are any questions regarding this Privacy Policy you may contact us using the information below.

Prolite CRM LLC

Our customers may submit inquiries regarding personal data protection, privacy and security matters to Privacy Officer at Prolite CRM by sending email to

2. What information do we collect?

You may visit our site anonymously.

If you choose to register on our website, three categories of data to and on behalf of you will be processed:

“Registration data”

When you register for an account on our site, place an order, subscribe to our newsletter or respond to a survey, basic contact details are collected such as the e-mail address and name of your contact person, company name, address, phone number, VAT number, preferred language and currency, any purchase order number and any e-mail address provided.

“Configuration data”

We collect your optional direct input to our cloud service Configuration Tool (the “Configurator”) used to configure your service, which includes the domain name(s) of the website(s) where you implement the Service and associated hosting environment information including email address, mail servers, authentication information and other information necessary to configure your service.

“Support Data”

Data provided when you request technical support from our service. When you nominate a person or persons from your organisation to act on behalf of that organisation, we record the e-mail address and name of your contact person, company name, address and phone number of the nominated person. We also may retain information provided by a nominated person required to investigate their technical support request, which may contain personal information of your customers or commercial information about your business that you have provided to us.

You will be informed by Prolite CRM about relevant changes concerning the Service, such as the implementation of additional functions, by e-mail, if you subscribe to the Prolite CRM mailing list.

3. What do we use your information for?

Any of the information we collect from you may be used for one or more of the following purposes:
3.1. To personalize your experience (the information will help Prolite CRM better respond to your individual needs);
3.2. To enable you to control the user experience towards End Users and enable the Service to automatically apply the End User’s consent to other websites of yours;
3.3. To improve our website (Prolite CRM continually strives to improve our website offerings based on the information and feedback we receive from our customers);
3.4. To identify you as a contracting party;
3.5. To enable secure login for you in the Service Manager at;
3.6. To establish a primary channel of communication with you;
3.7. To enable Prolite CRM to issue valid invoices and to process transactions (your information will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the service requested);
3.8. To enable automated handling of the subscriptions;
3.9. To produce and display cookie declarations to End Users and store and display scan report(s) to you;
3.10. To provide you with aggregated information on the choices of the End Users regarding accepted cookie types and generate a graphical representation in the Service Manager; and/or
3.11. To send periodic e-mails (The e-mail address you provide for order processing, may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news (if accepted), updates, related product or service information, etc.)

If at any time you would like to unsubscribe from receiving future e-mails, you can cancel your account after login by clicking on "Cancel my account"

4. Legal basis

4.1. EU General Data Protection Regulation (GDPR)

The processing of your data is either based on your consent or in case the processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract, cf. GDPR art. 6(1)(a)-(b).

If the processing is based on your consent, you may at any time withdraw your consent by contacting us using the contact information in clause 1.
In order to enter into a contract regarding the purchase of Prolite CRM’s Service, you must provide us with the required personal data. If you do not to provide us with all the required information, it will not be possible to deliver the Service.

4.2. California Online Privacy Protection Act Compliance

Because Prolite CRM values your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute any personal information to outside parties without your consent except as stated in clause 7.

As part of the California Online Privacy Protection Act, all users of our website may make any changes to their information at any time by logging into their account and navigating to the “profile page”.

4.3. Children’s Online Privacy Protection Act Compliance

Prolite CRM is in compliance with the requirements of the Children’s Online Privacy Protection Act. We will not intentionally collect any information from anyone under 18 years of age. Our website, products and services are all directed at people who are at least 18 years old or older.

5. How do we protect your information?

Prolite CRM implements the following technical, physical and organizational measures to maintain the safety of your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized use, unauthorized modification, disclosure or access and against all other unlawful forms of processing.

5.1. Availability

The Service utilizes the extensive features of the cloud environment to ensure high availability, like full redundancy, load balancing, automatic capacity scaling, continuous data backup and geo-replication along with a traffic manager for automatic geographical failover on datacenter level disasters. All failover mechanisms are fully automated.

No personal data is stored permanently outside Prolite CRM’s cloud platforms. The physical security is thereby maintained by Prolite CRM’s subcontractors, see clause 7. All datacenters comply with industry standards such as ISO 27001 for physical security and availability, e.g. by using security staff around the clock, two-factor access control using biometric and card readers, barriers, fencing, security cameras and other measures.

5.2. Integrity

To ensure integrity, all data transits are encrypted to align with best practices for protecting confidentiality and data integrity. E.g. all supplied credit card information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our payment gateway provider’s database only to be accessible by those who are authorized to access such systems and who are required to keep the information confidential.

For data in transit, the Service uses industry-standard transport protocols between devices and datacenters and within datacenters themselves.

5.3. Confidentiality

All personnel are subject to full confidentiality and any subcontractors and subprocessors are required to sign a confidentiality agreement if not full confidentiality is part of the main agreement between the parties.

5.4. Transparency

Prolite CRM will at all times keep you informed about changes to the processes to protect data privacy and security, including practices and policies. You may at any time request information on where and how data is stored, secured and used. Prolite CRM will also provide the summaries of any independent audits of the Service.

5.5. Isolation

All access to personal data is blocked by default, using a zero privileges policy. Access to personal data is restricted to individually authorized personnel. Prolite CRM’s Privacy Officer issues authorizations and maintains a log of granted authorizations. Authorized personnel are granted a minimum access on a need-to-have basis through our AAD.

5.6. The ability to intervene

Prolite CRM enables your rights of access, rectification, erasure, blocking and objection mainly by providing built-in functions for data handling in the Service Manager, by offering the option to send instructions through Prolite CRM’s helpdesk and also by informing about and offering the customer the possibility of objection when Prolite CRM is planning to implement changes to relevant practices and policies.

The overall responsibility for data security lies with Prolite CRM’s Data Protection Officer who educates and updates all personnel on the data security measures outlined in Prolite CRM’s security handbook and this Privacy Policy.

5.7. Monitoring

Prolite CRM uses security reports to monitor access patterns and to proactively identify and mitigate potential threats. Administrative operations, including system access, are logged to provide an audit trail if unauthorized or accidental changes are made.
System performance and availability is monitored from both internal and external monitoring services.

5.8. Personal Data breach notification

In the event that your data is compromised, Prolite CRM will notify you and competent Supervisory Authority(ies) within 72 hours by e-mail with information about the extent of the breach, affected data, any impact on the Service and Prolite CRM's action plan for measures to secure the data and limit any possible detrimental effect on the data subjects.

"Personal data breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of the Service.

6. How we use cookies

Our web site uses cookies to track your session on the web site for the purposes of maintaining session state information between visited pages. Cookies store the pages that you have visited and the next page you have requested. Cookies are set to expire after visiting our web site. We do not store your personal information in cookies.

7. Do we disclose any information to outside parties?

Prolite CRM does not sell, trade or otherwise transfer to outside parties any personally identifiable information.

This does not include trusted third parties or subcontractors who assist us in operating our website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential.
We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.

Furthermore, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

7.1. Subcontractors/trusted third parties

Prolite CRM will monitor subcontractors’ and subprocessors’ maintenance of standards and audits to ensure that data protection requirements are fulfilled.

Any intended changes concerning the addition or replacement of subcontractors or subprocessors handling personal data will be announced to you with at least 3 months’ notice. You retain at all times the possibility to object to such changes or to terminate the contract with Prolite CRM.

7.2 Legally required disclosure

Prolite CRM will not disclose the customer’s data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from Prolite CRM, Prolite CRM strives to limit the disclosure.

Prolite CRM will only release specific data mandated by the relevant legal demand.
If compelled to disclose your data, Prolite CRM will promptly notify you and provide a copy of the demand unless legally prohibited from doing so.

8. Third party links

Occasionally, at our discretion, we may include or offer third party products or services on our website. These third-party sites have separate independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked websites. 

9. Where do we store the information?

No stored data will be transferred, backed up and/or recovered by Prolite CRM outside of our nominated data centers and service providers.

9.1. Personal data location

All data are stored in databases and file repositories hosted in commercial data centers.
Databases are continuously backed up to enable restore to any point in time within a retention period of 14 days. Backups are stored on file storage at the same geographical location as the database.

A copy of the Account Data is also stored in Prolite CRM’s cloud accounting system.

9.2. Installation of software on cloud customer’s system

Prolite CRM is not responsible for any software installed on client premises or third party hosting services that are operated by the client or a third party service provider.

10. Access, data portability, migration, and transfer back assistance

You may at any time obtain confirmation from Prolite CRM as to whether or not personal data concerning you are being processed.

You may at any time order a complete data copy. Your data will be delivered by email within 10 working days by Prolite CRM as a text file that can be opened in an ASCII editor or most Word Processor programs. For security purposes, data can only be provided to the email address associated with your account. Logical relations between datasets will be preserved in form of unique identifiers.

11. Request for rectification, restriction or erasure of the personal data

11.1. Rectification

You may at any time obtain without undue delay rectification of inaccurate personal data concerning you, cf. clause 5.6.

11.2. Restriction of processing personal data

You may at any time request Prolite CRM to restrict the processing of personal data when one of the following applies:
a. if you contest the accuracy of the personal data, for a period enabling Prolite CRM to verify the accuracy of the personal data;
b. if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; or
c. if Prolite CRM no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims.

11.3. Erasure

You may without undue delay request the erasure of personal data concerning you, and Prolite CRM shall erase the personal data without undue delay when one of the following applies:
a. if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
b. if you withdraw your consent on which the processing is based, and where there is no other legal ground for the processing;
c. if you object to the processing in case the processing is for direct marketing purposes;
d. if the personal data have been unlawfully processed; or
e. if the personal data have to be erased for compliance with a legal obligation in EU or national law.

12. Data retention

12.1. Data retention policy

Account Data will due to tax regulations be retained for up to five full fiscal years from your cancellation of your Service account.
Configuration Data and System Generated Data will be erased immediately when you cancel the Service account.

End User Data will be erased on an ongoing basis after 12 months from registration, and immediately when you cancel the Service account.

12.2. Data retention for compliance with legal requirements

You cannot require Prolite CRM to change any of the default retention periods, except for the reasons for erasure pursuant to clause 11.3, but may suggest changes for compliance with specific sector laws and regulations.

12.3. Data restitution and/or deletion

No data except Account Data will be retained after the termination of the contract. You may request a data copy before termination. You must not cancel the Service account until the data copy has been delivered, as Prolite CRM otherwise will not be able to deliver the data copy.

13. Accountability

Prolite CRM uses the extensive range of built-in logging features and audits trails. Prolite CRM also logs all system updates, configuration changes and access to provide an audit-trail if unauthorized or accidental changes are made.

14. Cooperation

Prolite CRM will cooperate with you in order to ensure compliance with applicable data protection provisions, e.g. to enable you to effectively guarantee the exercise of data subjects’ rights (right of access, rectification, erasure, blocking, opposition), to manage incidents including forensic analysis in case of security breach.

15. Terms of Service

Please also visit our Terms of Service section establishing the use, disclaimers, and limitations of liability governing the use of our website at

16. Your consent

By using our site or our services or providing us with your personal information by email or other means of communication, you consent to this Privacy Policy.

17. Changes to our Privacy Policy

If we decide to change our Privacy Policy, we will post those changes on this page, and/or update the Privacy Policy modification date below.

This Privacy Policy was last modified on July 1, 2018.

18. Complaint

You may at any time lodge a complaint with a supervisory authority in your country regarding Prolite CRM’s collection and processing of your personal data. 

© Copyright 2018
 Privacy Policy and Terms of Use