Sona Systems : Privacy

Privacy Policy for Sona Systems

This Service Provider (SP) will respect the relevant legal frameworks for the protection of personal data, especially the EU data protection directive.


 Name of the service  Sona Systems
 Description of the
 service
 Research Management Software
 Data controller and a
 contact person
 Sona Systems

 Trummi 5

 12616 Tallinn

 ESTONIA

 Sona Support, support@sona-systems.com
 Jurisdiction  EE Estonia
 Personal data processed
  1. Following data is retrieved from your Home Organization:
    • - your unique user identifier (eduPersonPrincipalName, ePPN)
  2. Following data is requested from yourself unless your Home Organization provides it:
    • - your Given Name (givenname)
    • - your Surname (sn)
    • - your E-Mail Address (mail)
 Purpose of the processing
 of personal data
 Personal data and log files are used for:
  •    • User authorization
  •    • Perform the services as set out in the agreement between Company and its customer
  •    • To maintain the infrastructure that supports the services
  •    • In response to an inquiry by the customer providing the Subject Information to Company to troubleshoot these services.
 Third parties to whom
 personal data is
 disclosed
 Subject Information will be provided to third parties in the following circumstances:
  •    • To back up the Subject Information
  •    • As authorized by the Company’s customer
  •    • In response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

 Subject Information will only be sold by the Company in conjunction with the sale, or other acquisition, of its businesses.
 How to access, rectify and 
 delete the personal data
 Contact Company at support@sona-systems.com or by mail at Sona Systems, Trummi 5, 12616 Tallinn, ESTONIA.

 To rectify the data released by your Home Organization, contact your Home Organization's IT helpdesk.
 Data retention  Information covered by this policy may be deleted upon a customer’s request. The Company may keep information covered by
 this policy for a period of six months from the data of Customer’s termination of their relationship with the Company, or as required by law.

 Web server software logs are kept no longer than 12 months.
 Data Protection Code of
 Conduct
 Your personal data will be protected according to the Code of Conduct for Service Providers, a common standard for the research and higher 
 education sector to protect your privacy.

 Your person data is also protected in according with Company’s Privacy Policy.