Data Privacy Policy

city skyline

Data Privacy Policy

Privacy Policy for Scribcor Global Lease Administration

Effective Date: January 17, 2025

1. Introduction

Scribcor Global Lease Administration (“Scribcor,” “we,” “us,” or “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy outlines how we collect, use, disclose, and protect your information in compliance with the General Data Protection Regulation (GDPR).

2. Data Collection and Use

We collect personal data to provide and improve our services. This may include:

  • Contact information (name, email, phone number)
  • Job titles and roles within organizations
  • Lease contracts and associated details
  • Financial information (billing details)
  • Transactional data (service requests)
  • Technical data (IP address, device information)

3. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

  • Consent: You have given clear consent for us to process your personal data for specific purposes.
  • Contractual Necessity: Processing is necessary for the performance of a contract to which you are a party.
  • Legal Obligation: Processing is necessary for compliance with a legal obligation.
  • Legitimate Interests: Processing is necessary for our legitimate interests, provided these interests do not override your fundamental rights.

4. Data Transfers and Transfer Mechanisms

Your personal data may be transferred to and processed in countries outside of the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place, including the use of Standard Contractual Clauses (SCCs) approved by the European Commission.

5. Subprocessors

We use third-party service providers (“Subprocessors”) to assist in delivering our services. These include:

  • Salesforce: Customer information databases
  • Amazon Web Services: Cloud storage and computing
  • Microsoft: Productivity and collaboration tools
  • QuickBooks: Financial management, accounting, and payment processing
  • ZoomInfo: Collect, analyze, and process contact and company information

We ensure that all Subprocessors adhere to strict data protection standards in line with GDPR requirements.

6. Data Sharing

We share personal data with the following parties for the purposes outlined below:

  • Third-party service providers, including IT support, data center providers, and software platforms (Salesforce, AWS, Microsoft)
  • Website hosting and backup providers for data storage and recovery
  • Backup and disaster recovery providers to ensure business continuity

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal obligations, resolving disputes, and enforcing agreements. Specific retention periods include:

  • Financial records: Retained for 7 years to comply with legal and accounting requirements
  • Lease contracts and associated data: Retained for the duration of the contract plus 5 years
  • Other PII: Retained for up to 5 years after service termination unless otherwise required by law

8. Your Rights

You have the following rights regarding your personal data:

  • Right to Access: You can request a copy of your personal data.
  • Right to Rectification: You can request correction of inaccurate data.
  • Right to Erasure: You can request deletion of your data under certain conditions.
  • Right to Restriction: You can request the limitation of data processing.
  • Right to Data Portability: You can request transfer of your data to another service provider.
  • Right to Object: You can object to the processing of your data.

To exercise these rights, please contact us at contactus@scribcorglobal.com, (630) 684-2200.

9. Security Measures

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, alteration, or destruction.

  • Physical: Secure office facilities with access controls
  • Technical: Encryption, firewalls, and secure access protocols
  • Administrative: Regular staff training, data protection policies, and audits

10. Data Storage and Disclosure Procedures

Personal data is stored in secure, access-controlled environments, including cloud-based solutions such as AWS and Microsoft Azure. Backup procedures include:

  • Daily data backups with encrypted storage
  • Disaster recovery plans reviewed quarterly

Data disclosure procedures:

  • Personal information is disclosed only to authorized personnel or third parties under contractual obligations
  • Requests for data disclosure are fulfilled within 30 days, where legally permissible

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the updated policy on our website with a revised effective date.

12. Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Scribcor Global Lease Administration 2 Mid America Plaza STE 650, Oakbrook Terrcae, IL 60181, contactus@scribcorglobal.com, (630) 684-2200

13. Mandatory Clauses

  • Data Protection Officer (DPO): We have appointed a DPO who can be contacted at Joesph Baker, Staff Accountant, jbaker@scribcorglobal.com, 630-581-5547.
  • Supervisory Authority: You have the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates GDPR.

By using our services, you acknowledge that you have read and understood this Privacy Policy.