At Serviceaide we are committed to strong privacy, security, compliance and transparency. This includes supporting our customers’ need to comply with data privacy requirements including those set out in the with European Union’s (EU) General Data Protection Regulation (“GDPR”), which became enforceable on May 25, 2018.

Based on GDPR requirements, companies who collect, transmit, host or analyze personal data of EU citizens must guarantee their ability to implement technical and organizational security processes. To ensure compliance with these regulations Serviceaide has enhanced our contractual terms to ensure customers can:

• Respond to requests from data subjects to correct, amend or delete personal data.
• Be made aware of and report personal data breaches to relevant supervisory authorities and data subjects in accordance with GDPR timeframes.
• Demonstrate their compliance with the GDPR as pertaining to Serviceaide Services.

The full updated terms of service and privacy policy are available on our web site or from your account manager.

Helping Customers Comply with GDPR

Serviceaide’s products are designed for businesses to run their service management processes efficiently. These products are intended to store business information and not personal information. Therefore, Serviceaide does not identify, distinguish or detect personal, financial or health related information that has been introduced into its products. Any personal information entered into the system is under the responsibility of the customer. Serviceaide uses best commercial practices to secure all data stored within its products including the items referenced below.

The following features help Serviceaide Intelligent Service Management (ISM) users ensure compliance with the GDPR.

Data Security

• Strong password authentication and authorization
• Role based security to limit access to certain data elements
• Encryption of data in transit using HTTPS
• Encryption of data at rest by encrypting the database server disk

Support for removing personal information

In the event that personal information was entered into the Intelligent Service Management, the customer is responsible for removing this data. If you have any questions, please contact the Serviceaide support team at support@serviceaide.com

• Ticket deletion – Tickets can be deleted by a privileged user (administrator) through a workflow action on that particular ticket or from a bulk action within Ticket Center. This is a permanent delete and the ticket will no longer be available in the system.
• Attachment Deletion – All analyst users (licensed users) have the ability to delete attachments to tickets and other objects. The file is permanently deleted from the system.
• Analyst and End User Profile Deletion – A privileged user (administrator) can delete one or many users at a time from the MANAGE>Tools>Users page. The user cannot have any open tickets associated with their account. All tickets and other objects related to the user will not be deleted but will be associated with a blank or deleted user.
• Configuration Item Deletion - All analyst users (licensed users) have the ability to delete a Configuration Item through the workflow action on that particular Configuration Item.
• Deletion of other objects - Currently many objects in the system can be set to inactive and therefore aren’t available for use in Service Management processes but are still available for historical use and reporting. If personal information is entered into an object such as a Knowledge Article or Project, we recommend overwriting that information and saving the object. That will remove the personal information from the system.

Recurring Security Audits

Serviceaide uses independent third parties to perform intrusion and penetration testing with every new feature release and yearly hosting audits to ensure compliance with industry hosting standards.

Notification on Maintenance and Data Breaches

Serviceaide provides an opt-in service to sign up for maintenance and disruptions to service notification. This same service will be used to notify customers in the event of a data breach. Please ensure your organization is registered and the contacts are up to date so that you receive these notifications. Register or update your company’s profile here.

Usage Analytics and Cookies with Intelligent Service Management

We also wanted to answer common questions around how Serviceaide monitors usage and utilizes data to improve the customer experience with Intelligent Service Management.

Usage Analytics

To understand customer usage, post maintenance banners, show in product training and improve the product, Serviceaide tracks user navigation through Intelligent Service Management (ISM) on Production systems.

• Log data: As with most websites and technology services delivered over the Internet, our servers automatically collect information when you access or use Intelligent Service Management and record it in log files. This log data may include the Internet Protocol (IP) address, the address of the web page visited before using the Website or Services, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data (see below for more detail).
• User and account information- To understand the users’ navigation through the web application Serviceaide collects information such as ISM username, slice ID, license type, user type, ISM language, click events and pages visited. No personal information or keystrokes are collected.
• Device information- Serviceaide collects information about devices accessing the Intelligent Service Management web and mobile apps, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and crash data. Whether we collect some or all of this information often depends on the type of device used and its settings.

Browser Cookies and Local Storage Information

Intelligent Service Management (ISM) uses the browser’s local storage and cookies to store user preferences and the user’s active session.  User session information will be kept in local storage and will exist from when the user logs into the system until they logout. The user’s preferences such as applied filters and grid/list choice are also stored in local storage until the user clears their browser cache. A cookie stores the user’s last used ISM language to show the login page in the correct language. This cookie will exist until the user deletes their browser cookies.

We hope this information is informative and addresses any questions you may have. If you have further questions, please reach out to us at support@serviceaide.com.