At Instant Management Systems, information security and privacy are paramount. We process your personal data (name, email address) in line with the latest privacy regulations (GDPR). Here’s how:
Consent
When you supply your contact details to us (e.g. via email or contact form) this implies your consent to process them.
(Sub) processors
Depending on your question or service offering, your data may be shared with the following (sub) processors:
| Sub processor | What we use them for | Compliance notes |
|---|---|---|
| Automattic | Website content management system (WordPress) | GDPR |
| Atlassian | Confluence Cloud demo and development environments | ISO 27001, SOC 2, SOC 3, GDPR |
| Google Workspace | Email and document management | ISO 27001, GDPR |
| Acumulus | Invoicing and accounting | GDPR |
| Calendly | Scheduling service for demos and support calls | SOC 2, GDPR |
| Zapier | Task automation and notification service | GDPR |
| Mailchimp | Newsletters and mailings | GDPR |
| ISOPlanner | Fulfillment of Instant 27001 for Microsoft 365 | GDPR (ISO 27001 underway) |
Data collection
Depending on the type of service provided, we could process the following types of personally identifiable information: First and last name, email address, IP address and/or (mobile) phone number.
Data retention
Your data will be used only for scheduling demos, communicating offers and invoices. Once an invoice has been sent, we are required by law to keep your organization’s data on file for 7 years.
Third party access
Your data will be accessed by employees, partners and subcontractors only when necessary to perform a task (e.g. schedule a demo in a specific language or timezone).
Your rights
If you wish to execute your rights (access, rectification, erasure), please direct your request to info (at) instantmanagementsystems (dot) com. We will respond in a timely manner.
Responsible disclosure
If you wish to report a (potential) vulnerability or data breach, please direct your message to info (at) instantmanagementsystems (dot) com. We will process your message with due confidentiality.
We keep a registration of all (potential) data leaks. A data leak of substantial size and/or impact will be reported to the proper authorities and/or the affected data subject(s).
Legal
Instant Management Systems B.V. is registered with the Dutch Chamber of Commerce under number 82423172, VAT number NL862465321B01. Postal address: Stieltjesstraat 92, 3071 JX, Rotterdam, The Netherlands.
The intellectual property rights regarding quoted standards are vested in the respective owners, such as (but not limited to) ISO, NEN and Stichting MedMij. Instant 27001 does not replace or include these licenses.