We value your cookies.
We value your cookies.
LAPIS International Compliance
Collection and Use of Information
Parts of this website may invite you to register for events, download white papers or literature, or obtain more information. LAPIS collects the email addresses of those who communicate via email, as well as information volunteered by consumers, such as in information requests and/or website registrations. Under no circumstances will any information provided to LAPIS be sold or rented to a third party without your prior consent. LAPIS may use your contact information to send you company and product information that you requested, and for marketing analysis of LAPIS’s website traffic.
This website may use technology that lets LAPIS collect certain technical information, such as IP addresses, browser types, traffic patterns and the address of any referring websites and uses HTTP cookies for systems administration. However, if you do not wish to receive cookies, or want to be notified of when they are placed, you may set your web browser to do so, if your browser so permits.
LAPIS may monitor how a visitor arrives at website but cannot and will not gather information about other websites you have been on.
Use of Personal Information
LAPIS may use your personal information for the following purposes:
You may remove your name from any LAPIS distribution list by clicking on a link provided within each electronic communication, or by replying to the email with the subject line “unsubscribe.”
If you supply LAPIS with your telephone number online, you may receive telephone contact from us with information regarding new products and services or upcoming events. If you do not wish to receive such telephone calls, please let us know by calling the telephone number below.
Links to Other Websites
We reserve the right to access and disclose your information when we believe in good faith that such disclosure is necessary to: (a) enforce legal rights and comply with the law; (b) comply with an order from a government entity or other competent authority; (c) prevent or address potential or actual injury or interference with our rights, property, operations, users or others who may be harmed or may suffer loss or damage; and (d) protect our rights, prevent fraud and/or comply with judicial proceeding, court order, or legal process served on LAPIS.
Under certain circumstances, we may be required to disclose your information to government or law enforcement officials in response to a lawful request by a public authority or if we have to do so to comply with a legal obligation, including to meet national security or law enforcement requirements. We can also disclose your information in order to apply or enforce our terms and conditions or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent or prevent any illegal activity (including for the purposes of fraud protection and credit risk reduction).
You will be notified when any identifying information about you is collected or shared by any third party that is not our service provider, so you can make an informed choice as to whether to share your information with that party. If you do not wish to have your information shared and want to opt out from receiving further communications from any third party that is not our agent or service provider, please contact that third party directly.
Protecting your privacy and your information is a top priority at LAPIS.
LAPIS has taken appropriate measures to prevent the loss, misuse and alteration of your information. Once LAPIS receives information that is entered into its website, it is stored behind a firewall. All LAPIS employees are aware of the company’s privacy and security policies. Your information is only accessible to those employees who need it in order to perform their jobs.
Accountability and Liability for Onward Transfer
LAPIS is required to take certain steps when transferring personal data received from the European Union to third parties (such as including contractual provisions in our third-party contracts which require them to provide the same level of protection and limiting their use of the data to the specified services provided on our behalf).
We take reasonable and appropriate steps to ensure that third parties process personal data in accordance EEA data privacy regulations and to stop and remediate any unauthorised processing. Under certain circumstances, we may remain liable for the acts of third parties who perform services on our behalf in connection with their handling of personal data that we transfer to them.
Privacy Complaints Handling, Recourse and Enforcement
We will respond to any complaints as soon as possible and within 45 days.
You may also refer a complaint to your local data protection authority and we will work with them to resolve your concerns.
Access to information
You have the right to access the personal data we collect about you in the EEA and to request that we correct, amend, or delete it if it is inaccurate or processed in violation of the EEA data privacy regulations. These access rights may not apply in some cases, including where we must comply with legal requirements or if providing access is unreasonably burdensome or expensive under the circumstances or where it would violate the rights of someone other than the individual requesting access.
If you would like to request access to, correction, or deletion of your personal data collected in the EEA, you can submit a written request using the contact information provided below. We may request specific information from you in order to confirm your identity. In some circumstances, we may charge a reasonable fee for access to your information.
Processing Information for our Customers and (“General Data Protection Regulation”) GDPR.
Where we process personal information in connection with the provision of our software solutions to our enterprise customers, we only collect, process and store personal information to support and provide those solutions. We act as data processors on behalf of our customers and do not use such information for our own purposes. You should refer to the agreements governing your use of those solutions with such enterprises to find out more about how your data is being used by them.
LAPIS as Data Processor
LAPIS applications and Cloud Solutions provide Governance, Risk, and Compliance (GRC) systems of records to its customers. As a service provider to its customers, LAPIS applications may capture personal data (name, email address, contact info, company affiliation, etc.) to track the records entered into the system from an authentication and authorization perspective. In this capacity, LAPIS acts as a data processor on behalf of its customers. As a data processor, LAPIS has put in place appropriate technical and organizational measures to help ensure that its processing activities meet the requirements of GDPR, some of which we have described in this statement.
LAPIS has implemented various security measures including controls and application and network level security audits by third-parties as well as robust standard operating procedures to manage any security incident in collaboration with the customer.
LAPIS is committed to ensuring that it has data transfer and data management mechanisms in place as required by the GDPR. Further, as an ISO 27001 and SSAE 16 SOC 2 certified organization, LAPIS adheres to all necessary controls to protect customer data.
To comply with GDPR, Metric uses Standard Contractual Clauses (SCC) specified by GDPR when there is transfer of personal data outside of the EEA.
LAPIS Customers as Data Controller
LAPIS is working with its customers to enable them with specific capabilities within its applications to assist them in meeting their requirements.