ECM-GO Privacy Policy
Table of Contents
1. Introduction
BoostPLM A/S (“BoostPLM”, “we”, “us”, or “our”) is committed to protecting the privacy and security of personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard personal data in connection with the provision of our SaaS business solution ECM-Go (“Service”) as well as related support, billing, and communication activities.
We process personal data in compliance with applicable data protection laws, including the EU General Data Protection Regulation (“GDPR”).
2. Data Controller
BoostPLM A/S
Company Registration No.: DK36494255
Address: Aabogade 15 – 8200 Aarhus N – Denmark
Email: info@BoostPLM.com
For the purposes of this Privacy Policy, BoostPLM A/S is the data controller.
3. Scope of This Privacy Policy
This Privacy Policy applies to personal data we process when:
- Authorized business users access and use of the ECM-Go SaaS solution.
- Customers interact with our support, sales, billing, or administration teams.
- We conduct business-to-business (B2B) communications, marketing, and contract management.
This Privacy Policy does not apply to personal data that BoostPLM processes strictly on behalf of its customers within ECM-Go as part of its role as data processor, which is governed by separate Data Processing Agreements (DPA)
4. Types of Personal Data We Collect
We may collect and process the following categories of personal data related to business contacts and authorized users:
- Name and contact details (email address, phone number, job title, company name)
- User credentials, authentication identifiers (including information provided through Microsoft Entra ID / Azure AD authentication)
- System usage data, technical logs, and IP addresses
- Customer support inquiries and correspondence
- Billing and invoicing details
- Marketing preferences and communication history
The personal data collected typically relates to individuals acting on behalf of their employer or organization.
5. Purpose and Legal Basis for Processing
We process personal data for the following purposes and under the following legal bases:
Purpose | Legal Basis |
Provision of the ECM-Go SaaS solution, including user account management and authentication (via Microsoft Entra ID / Azure AD) | Performance of contract (GDPR Art. 6(1)(b)) |
Operation, maintenance, and improvement of the ECM-Go solution | Legitimate interest (GDPR Art. 6(1)(f)) |
Customer support and incident management | Performance of contract (GDPR Art. 6(1)(b)) |
Billing, invoicing, and contract administration | Performance of contract (GDPR Art. 6(1)(b)); Legal obligation (GDPR Art. 6(1)(c)) |
Technical logs, system monitoring, security auditing, and fraud prevention | Legitimate interest (GDPR Art. 6(1)(f)) |
Compliance with legal obligations (e.g. tax, regulatory compliance) | Legal obligation (GDPR Art. 6(1)(c)) |
Direct B2B marketing communications | Legitimate interest (GDPR Art. 6(1)(f)); Consent where required |
We do not process special categories of personal data (GDPR Art. 9) or personal data of private individuals using ECM-Go for personal purposes. The Service is intended exclusively for business use.
6. Disclosure of Personal Data
We may share personal data with:
- Authorized employees and contractors of BoostPLM.
- Sub-processors and service providers who support the operation, hosting, and maintenance of the ECM-Go solution.
- Legal authorities where required by applicable law.
All sub-processors are contractually bound by data protection obligations equivalent to those in this Privacy Policy and applicable laws. A list of current sub-processors is available upon request.
7. International Data Transfers
Where personal data is transferred outside the EU/EEA, we ensure that appropriate safeguards are in place in accordance with GDPR requirements, such as Standard Contractual Clauses (SCCs) or other legally recognized transfer mechanisms
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes described above, unless a longer retention period is required by law.
Data processed on behalf of customers within ECM-Go is retained in accordance with the Data Processing Agreement and service contract.
9. Data Subject Rights
Individuals whose personal data we process have the following rights under GDPR:
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to data portability
- Right to object to processing
- Right to lodge a complaint with a supervisory authority
Requests to exercise these rights can be submitted to: Info@BoostPLM.com
10. Security
We have implemented appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.
Authentication and user access to ECM-Go is managed via Microsoft Entra ID (Azure AD) integration to ensure secure login and identity management.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website. In case of material changes, affected customers will be notified.
12. Contact Information
For questions, requests, or concerns related to this Privacy Policy, please contact us at:
BoostPLM A/S
Address: Aabogade 15 – 8200 Aarhus N – Denmark
Email: Erik.Lober@BoostPLM.com
Phone: +45 2223 5655