This Privacy Statement is effective as of September 2022
Privacy Policy
THIS PRIVACY POLICY (PRIVACY POLICY) SETS FORTH THE MODES OF COLLECTION, USE AND DISCLOSURE OF YOUR INFORMATION GATHERED ON THE RFPflow APPLICATION. THIS PRIVACY POLICY APPLIES ONLY TO PERSONAL
INFORMATION COLLECTED ON THE APPLICATION. THIS PRIVACY POLICY DOES NOT APPLY TO INFORMATION COLLECTED BY THE COMPANY IN OTHER WAYS, INCLUDING INFORMATION COLLECTED OFFLINE. PLEASE READ THIS PRIVACY POLICY CAREFULLY. BY CONTINUING TO USE THE SERVICES OR ACCESSING THE APPLICATION, YOU AGREE TO THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY THEN WE REQUEST YOU NOT AVAIL THE SERVICES.
Access to the Application is subject to the Terms and Conditions (Terms) accessible on the Application, capitalized terms used and not defined in this Privacy Policy, shall have the same meaning ascribed to them in the Terms.
This legal document is an electronic record in terms of legal provisions pertaining to electronic records. This electronic record is generated by a computer system and does not require any physical or digital signatures.
This legal document is published in accordance with the legal provisions of the data protection/privacy laws that require publishing the privacy policy for access or usage of our RFPflow software solution, its services and other integrated systems (“RFPflow”). By using RFPflow, you clearly agree and acknowledge to be bound by terms of this policy. References in this policy to "we" or "us" or “software solution” or “Application/App” or “services” or “Company” or “Aavenir” are references to RFPflow and its integrated systems and “you” as user of RFPflow.
This privacy policy applies to all types of users of RFPflow including but not limited to visitors, customers, channel partners and other users.
By using/browsing RFPflow, clicking the “I accept/I agree” button or completing the registration process, you clearly agree and acknowledge that you have reviewed this privacy policy agreement, given your free and full consent and accepted this agreement.
INTRODUCING OURSELVES
We, Aavenir Inc having our address at 2400 Lynbridge Drive, Plano, Texas 75025 (Company;
We; us; our) have developed a cloud based enterprise business application called RFPflow (Application/App) that help Businesses Automate their Source to Pay process, that is starting with Sourcing any material needed for business, shortlisting / onboarding and finalizing vendors. Create & manage Contracts with Vendors along with obligations. Also manage invoices from Vendors in Accounts payable process. The Personal Information shall be collected through the various forms available on the Application.
We respect the privacy of User in accordance with prevailing Law/Regulation that governs your privacy and always strive to uphold the standards in protecting the same.We have made this Privacy Policy to describe the procedures we adhere to for collecting, using, and disclosing the Personal Information. We recommend you to read this Privacy Policy carefully so that you understand our approach towards the use of your Personal Information.
PRIVACY PREAMBLE
While providing aforesaid Application, the issue of online privacy is extremely crucial for RFPflow which is committed to safeguarding the information provided by users. RFPflow is dedicated to create a reasonably secured environment for its users.
Respecting privacy of its online users while providing top-of-the-line services have remained the core strategies for RFPflow. Our Privacy Policy gives users a view of the Privacy Practices followed by RFPflow and assures them of safe passage.
At RFPflow, data protection is a matter of trust and your privacy is very important to us. We use your personal information only in the manner set out in this Privacy Policy. Please read this privacy policy to learn more about our information gathering and dissemination practices.
The privacy practices of this statement apply to our services related to RFPflow, our software products/solutions, our services and apply generally to our parent, affiliates, subsidiaries or joint venture of Aavenir. By using RFPflow, you agree to be bound by the terms and conditions of this Privacy Policy.
This Privacy Policy explains how RFPflow gathers personal information, classified as mandatory or optional as part of the normal operation of our services; and uses, discloses and protects such information through RFPflow. This detailed privacy policy enables you to take informed decisions in dealings with us. Our parent, subsidiaries and joint ventures operate under similar privacy practices subject to the requirements of applicable law.
By using RFPflow, you acknowledge your acceptance of the terms of this Privacy Policy, expressly consent to our use and disclosure of your personal information in accordance with this Privacy Policy and that any personal information provided by you through RFPflow is provided under a lawful contract. This Privacy Policy is incorporated into and subject to the terms of the Terms of Service/User Agreement.
At the same time, Aavenir would like to make it clear that it may provide links/integration to other web sites/apps/APIs that are governed by their own Privacy Policies and Aavenir does not take responsibility for the privacy/security practices provided by those sites/apps/APIs. Users of the RFPflow are urged to familiarize themselves with its Privacy Policy as well the policies of the third party that collect personally identifiable information.
When you provide us with your personal data, you are clearly agreeing to the rules and regulations stipulated under our Privacy Policy and are bound by it. If you do not agree to our Policy then kindly do not use RFPflow.
PERSONAL DETAILS COLLECTED
In order to avail the Services, you are required to register with the Company by logging in through RFPflow Application. During this process, you shall be required to share/upload certain personal information including but not limited to the following:
| Personal Information Collected in the Application |
| Building |
| Calender Intergration |
| City |
| Country Code |
| Department |
| Employee number |
| Failed login attempts |
| First name |
| Gender |
| Geolocation tracked |
| Home phone |
| Last Login |
| Last login device |
| Last login time |
| Last name |
| Last password |
| Locked out |
| Manager |
| Middle name |
| Mobile phone |
| Name |
| Business phone |
| Language |
| State / Province |
| Street |
| Time zone |
| Title |
| User ID |
| Password |
| Zip / Postal code |
How we use this data?: The aforementioned data is processed by us for the following purposes: Ensuring a smooth connection setup of the application and ensuring a comfortable use of our application. Further, This are all basic user information that we collect while creating new user and allowing them access to RFPflow application. Main usage of data is to store basic information of the user. Timezone and language like values will drive application behavior like date / time format and localization.
You undertake that you shall be solely responsible for the accuracy and truthfulness of the Personal Information you share with us.
TECHNICAL DATA
When you use RFPflow for information purposes only, we only collect the data that your browser transmits to our server. If you wish to view RFPflow app, we collect the following data, which is technically necessary for us to display our app to you and to ensure its stability and security: IP address, Date and time of the request, Time zone difference to Greenwich Mean Time (GMT), Content of the request (specific page), Access status/HTTP status code, Amount of data transferred in each case, Page from which the request came, Browser, Operating system and its interface, Language and version of the browser software.
How we use this data: The aforementioned data is processed by us for the following purposes: Ensuring a smooth connection setup of the app, ensuring a comfortable use of our app, evaluating system security and stability and for other IT administrative purposes.
EMAILS
You agree and acknowledge that when we receive e-mails from you, we may retain the content of any e-mail messages sent to us, as well as details of your e-mail address. You further agree and acknowledge that Aavenir shall use your email id information for sending promotional messages using different Applications from time to time. If you send us personal correspondence, such as letters, or if other users or third parties send us correspondence about your activities or postings on RFPflow, we may collect such information into a file specific to you.
COOKIES
We may set cookies to track your use of the Application. Cookies are small encrypted files, that a site or its service provider transfers to your devices hard drive that enables the sites or service provider’s systems to recognize your device and capture and remember certain information. By using the Application, you signify your consent to our use of cookies
We use data collection devices such as "cookies" on certain pages to help analyze our online page flow, measure promotional effectiveness, and promote trust and safety.
For certain services provided on RFPflow, cookies allow RFPflow to save information locally so that you will not have to re-enter it the next time you visit.
The user may set the browser to refuse cookies. If the user so chooses, the user may still gain access to most of the features, but the user may not be able to conduct certain types of transactions or take advantage of some of the interactive elements offered.
You can set your browser so that you are informed about the setting of cookies,allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, activate the automatic deletion of cookies when closing the browser.
The cookie settings can be managed under the appropriate links for the respective browsers.
We also recommend that you regularly delete your cookies and browser history manually.
Third party Apps which are accessible from RFPflow via links, click-through etc. may use Cookies. However, it is important for us to inform you that we shall have no access or control over such Cookies and therefore you agree that we shall not be held responsible for privacy/security issues relating to third parties.
API USAGE
We use REST APIs deployed on AWS cloud for many business functions. Theses APIs are secured over HTTPs channel and all data is encrypted at Rest as well as In Transit.
It is important for us to inform you that we will have limited control over aforesaid APIs and therefore you clearly agree and acknowledge that we shall not be held responsible for privacy/security issues relating to the same.
OUR USE OF YOUR INFORMATION
We use your personal information to facilitate the services you request. We do not sell, rent, trade or exchange any personally-identifying information of our Users. We may provide your collected information to our affiliates and service providers under contract (such as customer care, billing etc.) to support the operation of RFPflow and our services. To the extent we use your personal information to market to you, we will provide you the ability to opt-out of such uses. We use your personal information to: resolve disputes; troubleshoot problems; collect payments; measure consumer interest in the services provided by us, products, services, and updates; customize your experience; detect and protect us against error, fraud and other criminal activity; enforce our User Agreement(s), and in general to improve the user experience and make it comparable to other similar websites/apps; and as otherwise described to you at the time of collection. In our efforts to continually improve our product and service offerings,
We use your personal information to improve our Application, improve RFPflow's content and product offerings, prevent or detect fraud or abuses of our RFPflow and tailor it to meet your needs, so as to provide you with a smooth, efficient, safe and customized experience while using the app.
In future, we may also use your personal information to display contents and services that are targeted to your interests. By accepting the User Agreement and Privacy Policy, you expressly agree to receive this information. If you do not wish to receive these communications, we encourage you to opt out of the receipt of certain communications in your profile under My Account or by clicking unsubscribe button in any email communication. You may make changes to your profile at any time.
DISCLOSURES
We do not sell, rent, lease your Personal Information to anybody and will never do so. Keeping this in mind, we may disclose your Personal Information in the following cases:
Notwithstanding anything mentioned hereinabove, the Company shall not be responsible for the actions or omissions of the service providers or parties with whom the Personal Information is shared, nor shall the Company be responsible and/or liable for any additional information you may choose to provide directly to any service provider or any third party.
OPT OUT AND DATA RETENTION
At any time, you have an option to withdraw your consent for use of your sensitive personal data given earlier to us. Such withdrawal of consent shall be sent in writing to our email address.
However, we will retain your Personal Information for as long as your registration with us is valid. We may also retain and use your Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Subject to this section, we will try to delete your Personal Information upon reasonable written request for the same. Please note, however, that there might be latency in deleting Personal Information from our servers and backed-up versions might exist even after deletion for aforesaid purposes.
REASONABLE SECURITY PRACTICES & PROCEDURES
We value your trust in providing us your Personal Information, hence we continuously strive to use commercially acceptable means of protecting it. We request you to note that no method of transmission, whether in physical form or over the internet, or method of electronic storage is 100% secure and may be subjected to unintentional risks, due to reasons beyond our control. Data pilferage due to unauthorized hacking, virus attacks, data breach attacks, technical issues is possible and we take no liabilities or responsibilities for it.
You are responsible for all actions that take place under your user account. If you choose to share your user account details and password or any Personal Information with third parties, you are solely responsible for the same. If you lose control of your user account, you may lose substantial control over your Personal Information and may be subject to legally binding actions.
We have implemented reasonable security practices and procedures.
Access to your personal account is password protected. We shall not release your account password to any person. In the event that you forget your password, you may generate an online request for resetting your password by e-mail from your registered e-mail address.
RFPflow has implemented reasonably stringent, internationally acceptable standards of technology, managerial security, technical security, operational security and physical security in order to protect personally identifiable information from loss, misuse, disclosure, alteration or destruction. The data resides behind a firewall and other standard security tools, with access restricted to authorized personnel of RFPflow.
RFPflow has implemented “Reasonable Security Practices & Procedures” as required by the appropriate data protection laws and therefore you agree that Aavenir shall not be held responsible for any activity in your account which results from your failure to keep your own password/device secured.
By using this app, you agree that Aavenir shall not be held responsible for any uncontrollable security attacks and in such cases you agree that Aavenir shall not be held responsible for any type of financial losses, loss of opportunity, legal cost, business losses, reputation loss, loss of goodwill, direct and indirect losses that may occur to you under any jurisdiction.
You clearly agree and acknowledge that our reasonable security practices & procedures shall mean and include but are not limited to following:
Strong password, OTP and other general security controls
SSL certificate
Password Encryption: Passwords are encrypted using secure hash 1 way encryption.
Firewall rules
No Production instance access to developers
Standard machine security controls like USB / Disk access removed
Driven via security groups
Hosting server can be accessed only after IP whitelisting by security admin
All our applications are developed using ServiceNow’s Application As A Service (PAAS) offering. For more details on privacy and security practices of ServiceNow, please visit https://www.servicenow.com/company/trust/privacy.html
Cyber Crime, Cyber Law, Privacy/Data Protection Laws & Reasonable Security Practices Awareness for RFPflow’s top management people, team and grievance officer to have managerial security practices.
ACCESSING AND MODIFYING PERSONAL INFORMATION
In case you need to access, review, and/or make changes to the Personal Information, you will be required to furnish supporting documents relating to change in Personal Information for the purpose of verification by the Company. You shall keep your Personal Information updated to help us to serve you better.
CHILDRENS PRIVACY
Our services are not meant for children and we do not knowingly solicit or collect personal information from persons under the age of 18 (Eighteen). If we find out that a child has given us personal information, we will take steps to delete that information and terminate the relevant RFPflow account.
ANCILLIARY SERVICES
We may provide you with certain ancillary services such as chat rooms, blogs and reviews for the Services. Subject to any applicable laws, any communication shared by you via the Application or through the blogs, reviews or otherwise to us (including without limitation contents, images, audio, feedback etc. collectively Feedback) is on a non-confidential basis, and we are under no obligation to refrain from reproducing, publishing or otherwise using it in any way or for any purpose. You shall be responsible for the content and information contained in any Feedback shared by you through the Application or otherwise to us, including without limitation for its truthfulness and accuracy. Sharing your Feedback with us, constitutes an assignment to us of all worldwide rights, titles and interests in all copyrights and other intellectual property rights in the Feedback and you authorize us to use the Feedback for any purpose, which we may deem fit.
COMMUNICATIONS FROM THE Application
You may unsubscribe via the unsubscribe mechanism provided in each such communication or by emailing us at contact@aavenir.com
INDEMNIFICATION
You agree to indemnify us, our subsidiaries, affiliates, officers, agents, co-branders or other partners, and employees and hold us harmless from and against any claims and demand, including reasonable attorneys fees, made by any third party arising out of or relating to: (i) Personal Information and contents that you submit or share through the Application; (ii) your violation of this Privacy Policy; (iii) or your violation of rights of another Customer(s).
LIMITATIONS OF LIABILITY
You expressly understand and agree that the Company shall not be liable for any direct, indirect, incidental, special, consequential or exemplary damages, including but not limited to, damages for loss of profits, goodwill, use, data, information, details or other intangible losses (even if the Company has been advised of the possibility of such damages), resulting from: (i) the use or the inability to use the Services; (ii) unauthorized access to or alteration of your Personal Information.
GOVERNING LAWS AND DUTIES
You expressly understand and agree that the Company, including its directors, officers, employees, representatives or the service provider, shall not be liable for any direct, indirect, incidental, special, consequential or exemplary damages, including but not limited to, damages for loss of profits, goodwill, use, data or other intangible losses (even if the Company has been advised of the possibility of such damages), resulting from; (a) use or the inability to avail the Services (b) inability to use the Application (c) failure or delay in providing the Services or access to the Application (d) any performance or non-performance by the Company (e) any damages to or viruses that may infect your electronic devices or other property as the result of your access to the Application or your downloading of any content from the Application and (f) server failure or otherwise or in any way relating to the Services.
JURISDICTION
This Agreement shall be construed and governed by the laws of texas and courts of law at Plano, Texas shall have exclusive jurisdiction over such disputes without regard to principles of conflict of laws.
CHANGES TO THIS POLICY
We may update this Privacy Policy without notice to you. You are encouraged to check this Privacy Policy on a regular basis to be aware of the changes made to it. Continued use of the Services and access to the Application shall be deemed to be your acceptance of this Privacy Policy.
Our privacy policy is subject to change at any time without notice. We will update you in case of changes in the policy. To make sure you are aware of any changes, please review this policy periodically. Continued use of the Services and access to the Application shall be deemed to be your acceptance of this Privacy Policy.
CONTACT US FOR GRIEVANCE REDRESSAL
If you have any questions or grievances regarding the privacy statement, practices of the app, or any other transaction issue, please contact our grievance officers Jesal Mehta/Gaurang Soni on below email ids: jesal.mehta@aavenir.com or gaurang.soni@aavenir.com
