The DPS you are setting up is a web application and, as such, it is necessary that users who access the service by sharing their data, during registration and login, agree to the terms and conditions and privacy policy.
To fulfill legal obligations, you can configure the following documents:
Privacy Policy: is a statement or legal document (in privacy law) that discloses some or all of the ways a party gathers, uses, discloses, and manages a customer or client's data.
Terms of Service: is a type of document that details the responsibilities of a service provider and the obligations of users that must be met in order for the service to keep used.
Editing Agreements
To edit the user agreement, you must:
Enter the Service / User Agreements page.
Select the User Agreement you want to edit.
Change the Agreement content.
Press the Save button, to amend the agreement.
Note that, by changing the document, all users must accept the new agreement the next time they log in.
.png?sv=2022-11-02&spr=https&st=2024-11-23T20%3A17%3A50Z&se=2024-11-23T20%3A31%3A50Z&sr=c&sp=r&sig=PS33unNmfvFotPrrC7Urk3ZmP7YuNP1mcqyvW8GqCDU%3D "image(187).png")
Privacy Policy
Taking into account the new GDPR law in effect since the 25th May 2018, privacy is one of the main things to consider in the service definition. A privacy policy agreement typically contains the following topics:
Introduction about how the company takes care of users' privacy.
Kind of collected data (e.g. contact information, GPS, IP, phone numbers).
A description of how the collected data are used.
Where data are stored or transferred.
Usage of the cookies.
Links to other websites.
Data disposal and update.
Personal information right.
Contacts.
GDPR
Servitly allows configuring properties and managing data to identify personal data or user habits.
Categories of processed Personal Data
Personal data: name, surname, address, social security number, date of birth.
Contact details: e-mail, phone number (home phone, mobile phone, fax).
Data that the Customer can decide to add through the Servitly interface.
Data that may decide to add, pursuant to this mandate, the Customer upon explicit request to the Supplier.
Categories of stakeholders to whom the Personal Data refer
Consumers.
End users.
Employees of the customers, partners, or organizations.
Places where treatment operations are carried out
Cloud provider Data Centers.
Operational offices of Servitly.
Duration of treatment
Duration of the contract stipulated for the provision of the product services, except as provided for by law.
Purpose of the processing
Execution of the contract for the provision of the product services.
Controller and Processor entitlement
Within the Privacy Policy, you must clearly report which are:
Data Controller: determines the purposes for which and the means by which personal data is processed. Generally, is the company/organization that owns the DPS application, and that has a legal contract with the end-users of the DPS.
Data Processor: processes personal data only on behalf of the Data Controller. The Data Processor is usually a third party external to the company (e.g. a system integrator, or Servitly itself).
Sensitive data management not allowed
In accordance with article 9 of the GDPR, Servitly does not authorize the Customer to use Servitly in such a way that the Customer may collect and record Personal Data belonging to special categories, for instance, those that reveal: the racial or ethnic origin, political opinions, religious or philosophical convictions, union membership. The prohibition also includes data: genetic, biometrics intended to uniquely identify a natural person (for example, a group of photographs uploaded online, or at the airports where the image of the individual is scanned to identify it), related to health (also the simple one-hand wound), related to the sexual life or sexual orientation of the person, judicial (reveal the existence of criminal provisions susceptible of registration in the criminal register, or the quality of suspect or accused).
Terms of Service
A Terms of Service agreement is required to protect the parties involved in service provisioning and usage, typically it contains sections pertaining to one or more of the following topics:
Disambiguation/definition of keywords and phrases.
User rights and responsibilities.
Proper or expected usage; definition of misuse.
Accountability for online actions, behavior, and conduct.
Payment details such as membership or subscription fees, etc.
An opt-out policy describing the procedure for account termination, if available.
Arbitration, detailing the dispute resolution process and limited rights to take a claim to court.
Disclaimer/Limitation of Liability, clarifying the site’s legal liability for damages incurred by users.
User notification upon modification of terms, if offered.
User Acceptance Management
Servitly automatically grants that all the users will agree to the latest version of these agreements.
When a user fills out the account registration form, he or she must agree to all of these agreements to complete the registration.
From time to time it is possible that such agreements may change and when updated, during the login, users will be informed with a popup where they can review the new agreement and accept it to keep using the service.
.png?sv=2022-11-02&spr=https&st=2024-11-23T20%3A17%3A50Z&se=2024-11-23T20%3A31%3A50Z&sr=c&sp=r&sig=PS33unNmfvFotPrrC7Urk3ZmP7YuNP1mcqyvW8GqCDU%3D "image(188).png")
Privacy and Terms documents agreed by the users are always visible by navigating the Privacy and Terms page under the user menu on the page top right.
.png?sv=2022-11-02&spr=https&st=2024-11-23T20%3A17%3A50Z&se=2024-11-23T20%3A31%3A50Z&sr=c&sp=r&sig=PS33unNmfvFotPrrC7Urk3ZmP7YuNP1mcqyvW8GqCDU%3D "image(189).png")
By accessing the user edit page, the back-office manager can check the date/time each user accepted User Agreements.
.png?sv=2022-11-02&spr=https&st=2024-11-23T20%3A17%3A50Z&se=2024-11-23T20%3A31%3A50Z&sr=c&sp=r&sig=PS33unNmfvFotPrrC7Urk3ZmP7YuNP1mcqyvW8GqCDU%3D "image(190).png")
Public URLs
In case an external application needs to refer to your DPS agreements, the following URLs can be used:
Privacy Policy
https://<ENVIRONMENT_BASE_URL>/legal/privacy-policyTerms of Service
https://<ENVIRONMENT_BASE_URL>/legal/terms-of-serviceAgreements Localization
Optionally, you can also force the document loading language; this can be used, for example, when you need to set up a mobile or home assistant integration in different languages.
https://<ENVIRONMENT_BASE_URL>/legal/privacy-policy?language=en
https://<ENVIRONMENT_BASE_URL>/legal/terms-of-service?language=itCustom Agreements
Other than Privacy Policy and Terms of Service, more agreements can be added. Each custom agreement is described by a name and a text, which can be localized as you need.
.png?sv=2022-11-02&spr=https&st=2024-11-23T20%3A17%3A50Z&se=2024-11-23T20%3A31%3A50Z&sr=c&sp=r&sig=PS33unNmfvFotPrrC7Urk3ZmP7YuNP1mcqyvW8GqCDU%3D "image(191).png")
Moreover, each custom agreement can be marked with the Mandatory User Acceptance flag, in order to be displayed to the user during the login.
Within the DPS application, custom agreements are visible within the Privacy and terms page of the user menu.
Sample Agreements
Here you can find some samples you can use to define your own user agreement.
Sample Privacy Policy document.
Sample Terms of Service document.
Pay attention that these documents, available as a result of creating the environment, are just samples and should be used only during the configuration phase. When moving the DPS into production, you must enter your own documents.
Servitly declines all responsibility for the use of such documents.