Data security and privacy statement - ServiceNow apps

Owned by Anna Odrynska
Last updated: Aug 15, 2023

Overview

The aim of this documentation is to cover all of the relevant information about the Data Security & Privacy Statement of Alpha Serve including its US subsidiary acSoft Inc (hereinafter as Alpha Serve) to help our customers see clearly what we do and really don't do with their data.

Introduction

Protecting your data and your privacy is our highest priority and is very important for us. Alpha Serve adheres to a strict policy for ensuring the security and privacy of your data, in particular, your personal information (such as full name, address, email address, and/or other identifiable information, collectively such personally identifiable information Personal Data).

Alpha Serve provides downloadable products - on-premise apps - for ServiceNow Products, which are installed on the client's IT-systems.

This Data Security and Privacy Statement will provide you with an overview of the collection and processing of your data for Alpha Serve Apps.

In the following, all data created by the Alpha Serve’s Product end-user and stored within the Customer’s ServiceNow Instance are defined as Customer Data.

Data Security and Privacy of Our Apps

We support the latest technical and organizational measures to ensure data security, in particular, to protect your Personal Data. These measures are updated on a regular basis to stay up to date. We would like to draw your attention to the fact that security gaps are possible when transmitting data on the Internet, and it is impossible to ensure complete protection of data from unauthorized or malicious access by third parties. If you are interested in our data protection concept, please contact us.

We draw your attention to the fact that we do not collect, store or process any personal/ confidential information in applications for ServiceNow products, nor do we collect, store or process any analytical or tracking data, but nor do we place cookies or tracking beacons in any applications for ServiceNow products.

Some of our applications depend on the use of personal data, such as usernames and email addresses. All this information is used by the application for internal functional purposes only and, if at all used, is stored in the local database of your ServiceNow product.

For several applications, we use the option to include YouTube videos to the ServiceNow Store product pages, allowed by ServiceNow. All the videos used on the mentioned pages are stored on www.YouTube.com. In general, this means that some of your user data can be transmitted when you are playing these videos. We are not able to influence or prevent this data transfer. If you don’t want this data transfer, avoid playing the videos.

We do not use the option of Google Analytics integration to our ServiceNow Store product pages.

Data Storage & Transfer

Unless otherwise stated below our ServiceNow Apps do not store Customer Data locally, Customer Data stays stored in the corresponding ServiceNow On-Premise Product.

Power BI Connector for Servicenow fetches instance data directly through secured Servicenow Scripted REST APIs and transfer it to Power BI Services over SSL protocol.

Exceptions applying to all Apps (Except Customer Data):

  • Support Data: Our Apps may offer a problem report functionality which can be triggered in the respective Apps. If an App offers such functionality, it allows you to automatically report the error to our support team. This functionality will collect relevant support data (Support ZIP) from the customers' system and will create a support ticket in our support system on behalf of your users' email address. This data will be stored in the support system, but also downloaded to our own IT-system by a member of our support team. The same applies to all data manually sent by the customer reporting an error to our support team.

  • Real-time Error Tracking Data: Our Apps may track errors of their resources executed in the end-users' browsers in real-time. This includes, for example, AddOnKey, ClientKey, BaseUrl, anonymized TrackingID, error messages and information about the environment such as browser type, browser version, and operating system. It is exclusively used in order to improve our service.

  • Billing Data: We get the licence-related data on the ServiceNow Store, such as contact person name, email and phone number. It is exclusively used to inform about app related news and updates. No data is transferred to third parties.

Backups

This section explains our backup and recovery policy.

  • Our backup data is securely stored, unauthorized access to backup data is not possible.

  • We back up at least once a day, and we keep the backups.

Please read the documentation of the product for further details.

Billing Data Storage Terms

We may store your billing information (company name, tax codes, bank details, country, contacts of the involved ServiceNow partner) to fulfil the requirements of the local tax legislation. We are not able to influence this data storage.

Application and Infrastructure Security

This section explains the security measures we've taken in our application and infrastructure:

  • Alpha Serve support team accesses addon data only for the purposes of application health monitoring and performing system or application maintenance, and upon customer request for support purposes.

  • Customers are responsible for maintaining the security of their own ServiceNow login information.

  • AddOn server is only accessible through secure protocols (e.g. https).

Please read the documentation of the product for further details.

Customers of Our Apps

By purchasing a commercial license, our customers accept the following:

  • Alpha Serve will receive personal information of the technical contact person from ServiceNow.

  • Alpha Serve may retain personal information during the active maintenance period and after the expiration of the last maintenance period.

  • Alpha Serve may send emails containing product news and updates, tips, best practices, webinar or training details, event-related information. To comply with GDPR regulations, customers can request the removal, rectification or review of their own personal information stored in the support system by sending an email to support@alpha-serve.com or by clicking the unsubscribe link in the emails received.

Access to Customer Data

Alpha Serve does not have access to Customer Data stored in the ServiceNow instance.

Only authorized Alpha Serve employees and subcontractors from our support and development teams have access to Except Customer Data mentioned in the Exceptions section. Such subcontractors are contractually bound to the same data security and privacy standards that apply to Alpha Serve.

Licence Termination

If a customer does not renew the purchased licence after expiration, we mark stored Except Customer Data for deletion. However, the customer can contact us to ask for immediate manual deletion.