Privacy Policy

Updated 22nd October 2020.

OnePosting is a service provided by Sentrio Technologies Limited (“Sentrio”), a company registered in Dublin, Ireland under registration number 228853.

DEFINITIONS

Key terms used within this Privacy Policy and their meanings are as follows:

“We”, “we”, “Our”, “our”, “Us”, “us”
Sentrio Technologies Limited

Service
Suite of software, consultancy and ancillary activities provided by Sentrio.

Personal Data
Information about a living individual that can potentially identify them.  This may have been provided by the individual or may have been derived from other sources.

Confidential Information
Data owned by our Clients’ that does not fall into the definition of Personal Data but for which we take privacy very seriously and only use in accordance with the terms of this Privacy Policy.

Usage Data
Data that is collected automatically, either generated by the Service or from the infrastructure on which the Service operates, e.g. pages visited or the duration of a page visit.

Data Controller
A Data Controller is an individual or organisation that gathers information about living individuals and determines what information should be gathered and how it is used.

Sentrio is a Data Controller for data that is provided by individuals that register on our website to use the Service; who access our support services; or who request more information about our services.  It is also a Data Controller for any information that is gathered about an individual’s interaction with the Service.

Data Processor
A Data Processor holds Personal Data but does not exercise control over how it is used.

Sentrio is a Data Processor for transaction data that it processes on behalf of clients, e.g. invoices, credit notes, statements, account-related documentation, contact details and email addresses to which transaction data should be transmitted.

Data Subject
Any living individual who is using our Service and for whom Personal Data is stored and processed.

Cookies
“Cookies” are small files of data that reside on your computer that allow us to recognise you as a client of OnePosting if you return to the OnePosting site using the same computer and browser.

Examples of cookies that we use are:

Session Cookies – We send a “session cookie” to your computer if and when you login to your OnePosting account.  These cookies allow us to recognise you if you visit multiple pages in our site during the same session, so that you don’t need to re-enter your password multiple times.  Once you log out or close your browser, these session cookies expire and no longer have any effect.

Preference Cookies – These are used to remember your preferences and settings within the Service.

Security Cookies – These are used for security purposes.

We also use beacons, tags, and scripts to collect and track information and to improve and analyse our service.

OVERVIEW

In order to operate the Service, we must ask you to provide us with information about your business and the people you authorise to have access to it.  This Privacy Policy describes the information we collect and how we use that information.  We take the privacy of the information you supply very seriously and only use it in accordance with this Privacy Policy.  We will not sell or rent your Personal Data or Confidential Information to third parties.

INFORMATION COLLECTION AND USE

In order to provide our service, we collect several different type of information which is summarised as follows:

Personal Data
While using our Service, you may be asked to provide Personal Data which may include but is not limited to:

  • Email address(es)

  • First and last name

  • Phone number(s)

  • Company/Business/Organisation

  • Business address

  • Opt-in/out to receive marketing materials or other information that may be of interest to you

We may also ask you to choose security questions to answer (such as your city of birth or your pet’s name).  This required information is necessary for us to issue you with a new password if you forget your existing one, protect against fraud, and to contact you should the need arise in administering your account.

Please note that we may also receive Personal Data from your clients or suppliers if they wish to distribute accounting transactions to you through our Service.

Transaction Data
Accounting and billing related information is received, processed and distributed by OnePosting to its intended recipients.  This may involve converting data from one format to another, e.g. taking an invoice in PDF format, extracting all of the information from it, and generating data that can be imported electronically into a client’s financial system.

Transaction Data can include some or all of the data on:

  • Invoices

  • Credit Notes/Credit Memos

  • Statements

  • Purchase Orders

  • Supporting documentation

Business Data
Data related to your business such as bank account numbers, transactional activity, employees authorised to access Confidential Information, is maintained in accordance with regulatory requirements.

Usage Data
We may collect data on how the Service is accessed and used.  This may include information such as the type of device used to access the Service, browser type, IP Address, pages of our Service that you visit, the time and date of  your visit, time spent on each page, diagnostic data and the transactions that you viewed.

Location Data
We may use and store information about your location if you give us permission to do so.  This data is used to customise your experience.  You can enable or disable location services at any time through your device settings.

Tracking Cookies Data
As outlined previously, “cookies” are small data files that are used to store information about your use of the Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.  However, the Service may not operate correctly if you do not accept cookies.

HOW WE USE DATA COLLECTED

With the exception of data obtained from sales & marketing activities, the data collected is used to provide the Service which may include but is not limited to the following:

  1. Distribute Transaction Data to your clients.

  2. Extract useful information from Transaction Data provided by your suppliers which can be used in ways that you have requested from us.

  3. Facilitate the processing of payments for outstanding transactions.

  4. Enable queries to be raised, updated and ultimately resolved for transactions.

  5. Provide visibility on the status of individual transactions for the issuer of the transaction and the intended recipient(s) of the transaction.

  6. Restrict and control access to Transaction Data.

  7. Create transactions such as purchase orders, invoices and payments.

  8. Improve our product and service.

PROCESSING OF YOUR PERSONAL DATA

We may process your Personal Data because:

  • We need to perform a contract with you

  • One or more of your suppliers have requested us to distribute Transaction Data to you

  • You have given us permission to do so

  • We need to personalise, improve or operate our Service and business

  • The processing is in our legitimate interests and it’s not overridden by your rights

  • Payment may need to be processed

  • Fraud, harmful, unauthorised or illegal activity may need to be investigated and/or deterred

  • We need to comply with the law

RETENTION OF PERSONAL DATA

We will retain your Personal Data only for as long as necessary for the purposes set out in this Privacy Policy.  Please note that there are specific legal requirements related to the retention of Transaction Data with which we must comply.  This may have an impact on the retention of Personal Data that is connected to the Transaction Data.

TRANSFER AND STORAGE OF PERSONAL DATA

As a global business, our Service utilises data centres within the EU and Canada.  Our North American clients are serviced from Canada while clients from within the EU and the rest of the world are serviced from within the EU.

Your information including Personal Data may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ from those in your jurisdiction.

Security of your Personal Data
We take reasonable steps necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.  We use a combination of industry-standard security technologies, procedures and organisational measures to help protect your Personal Data from unauthorised access, use or disclosure.

We use Secure Sockets Layer (SSL) encryption technology for all browser based interactions with our Service and Secure FTP for data transfers.  We recommend that you take every precaution to protect your Personal Data when you are on the Internet.  For example, use long passwords containing a combination of letters, numbers and special characters.

Disclosure of your Personal Data
We do not sell or rent your Personal Data to third parties for any purpose.

We may disclose your Personal Data where it is required:

  • To comply with a legal obligation

  • To protect and defend our property rights

  • To prevent or investigate possible wrongdoing in connection with the Service

  • To protect the personal safety of users of the Service or the public

  • To protect against legal liability

EMAIL COMMUNICATIONS

We issue several types of email communication.

Marketing Emails
If you have opted to receive marketing communications from us, you can change your mind at any time and opt-out from future marketing emails.

Service Announcements
These are used to inform you about changes to the Service, or to provide information about issues that have occurred.  You may not opt out of these emails as they are essential to the operation of the Service.

Transactional Emails
Notifications related to transactions may be delivered to you via email.  For example, this may advise you that an invoice has been received that requires your attention.  If the transaction has been submitted by one of your suppliers, you need to contact your supplier directly to get them to update your preferences.  If the notification was issued on behalf of your employer, you will have to contact your employer directly to update your preferences.

SUB-PROCESSORS

A Sub-Processor is a third party data processor used by us to support the delivery of our services to you.  They may potentially have access to or process customer data.  Prior to engaging with any third party, we evaluate their security and privacy policies.

Sub-Processors used include:

  • Zendesk a cloud-based customer support based in the United States.

  • Pipedrive customer relationship management software based in Estonia.

As our business grows and evolves, the Sub-Processors we use may change.  If that occurs, we will update our Privacy Policy.

CORRECTING PERSONAL DATA

You may request to a copy of your Personal Data which we are happy to provide.  If the nature of the data retrieval places a significant financial burden on us, we will apply reasonable charges to cover the cost of the data retrieval.

If you establish an error in your Personal Data at any point, we will correct it as soon as is it is feasible to do so.

If you wish to remove your Personal Data, we will endeavour to do so within a reasonable timeframe provided that its removal does not compromise any regulatory obligations that apply.  For example, we may have to retain invoices, log information about distribution and access for a period specified by regulatory authorities.

CHILDREN’S PRIVACY

Our Service is not intended to be used by anyone under the age of 18 and as a result, we do not knowingly collect personally identifiable information from anyone under 18.

If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us and we will take steps to remove that information from our Service.

CHANGES TO THIS PRIVACY POLICY

We may update our Privacy Policy from time to time.  We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know by email and/or a notification through our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.  Changes to this Privacy Policy are effective when they are posted on this page.

You are advised to review this Privacy Policy periodically for changes.

f you have any questions about this Privacy Policy, please contact our Data Protection Officer.