Legal entities and policies

Content

1     Legal entity

2     Disclaimer

3     Protime respects your privacy

4     Cookie Statement

5     Removing and disabling cookies

6     Email security

1 Legal entity

Germany:

Herausgeber
Protime WFM GmbH (part of the SD Worx group)
Im Gefierth 13c
63303 Dreieich

Tel.: +49 6103 38070
Fax: +49 6103 9938451
E-Mail: info@protime.eu

Geschäftsführer
Peter s’Jongers  

Handelsregister
HRB 46958

 

1      Disclaimer

This disclaimer applies each time the website www.protime.eu,  www.protime.be,  www.protime.nl,  www.protimewfm.co.uk,  www.protime.fr,  www.protimewfm.de,  www.maketimevaluable.com,  www.protime360.be,  www.protime360.fr or www.protime360.com  is consulted or when the ProMobile app is used.  By consulting the website or using the app, the visitor/user explicitly accepts the conditions of this disclaimer. Protime may change the conditions of this disclaimer unilaterally at any time.

Unless stipulated otherwise, the pages and simulations consulted or acquired by the visitor via interactive applications are purely informative. All data on the site is maintained by Protime with the greatest of care using reliable sources only. Given the fast evolution and complexity of the material used, Protime does not offer any guarantee about the accuracy and completeness of the information offered through this website. Protime therefore disclaims all responsibility for any direct or indirect damage sustained by accessing, consulting or using the information, data and publications on the website and/or the access to and the use of the interactive applications.

The use of the information on the website is always case specific. Information does not replace advice and assistance in concrete cases. The visitor remains fully responsible for the information he/she selects and for the consequences the use of this information may have for him or her.

The website can basically be consulted at all times except when maintenance is carried out on the technology or the contents or when the website is under repair. Protime cannot be held responsible for any direct or indirect damage due to unavailability of the website or parts of it, for any restrictions in its use, etc.

This website contains hyperlinks to other websites. The visitor is free to visit these websites. Protime is in no way responsible for the contents of the websites to which it provides links and do not offer any guarantee for the security level of these sites. Protime cannot be held responsible for any harmful effects or for any damage the visitor may sustain by using the hyperlinks.

The intellectual property rights on the website, the logos, the information, interactive applications etc. are owned by Protime and are also protected by copyright. Copying, modifying or altering part of all of this site in whatever form or manner without the express permission of Protime is prohibited. Civil and criminal proceedings will be brought against anyone in breach of this condition. Protime grants the visitor of this website permission to copy, print and use the consulted information provided that this information is used purely for his own information, and with the exclusion of any further multiplication, distribution, commercialization or use by third parties.

Protime gives much care to the safe access to on-line services, accessible for customers and registered users, by using security systems according to the latest technological developments. To gain access, the user must provide proof of his identity by means of an identification procedure which he alone can use. The user undertakes to use the service with due care and to do his utmost to prevent that any third party may find out about the strictly personal identification procedure. The responsibility for complying with this identification procedure and for any harmful effects of misuse of the identification procedure rests solely with the user.

Protime respects the privacy of the users of its website in accordance with the provisions of the Data Protection Act of 8 December 1992. More information: privacy.

The conditions of this disclaimer are governed by Belgian law. The courts of Antwerp have jurisdiction.

2      Protime respects your privacy

2.1      Protection of personal data

Protime respects the privacy of the users of its website in accordance with the provisions of the applicable data protection legislation (based upon the European Directive 95/46/EU of 24 October 1995 of the European Parliament and the Council concerning the protection of natural persons in connection with the processing of personal data and concerning the free movement of these data). 

When allowing the ProMobile app access to your devices camera, the images are used for barcode scanning only. None of the images are used for a different purpose, nor are they stored in the app, on your device, in the Protime software or our datacenter. 

The personal data provided by the user voluntarily via the different websites are kept on a certain location (see below). Since the data are provided by the user, Protime cannot be held responsible for their contents and Protime therefore disclaims all responsibility. 

You are entitled to inspect, correct and remove these data as provided for by the applicable data protection legislation. This can be done by addressing a written request with proof of your identity to Protime NV, Kontichsesteenweg 54, 2630 Aartselaar.

The user data are used to provide you quickly and efficiently with the requested services or information as well as additional communication regarding other products or services of Protime. Applications to which only registered users can log in, are governed with respect to privacy by the terms of use of the application itself as agreed between the client and Protime.

2.2      Cookies – Google Analytics 

Please read our cookie statement below for more information.

2.3      Protection of access 

Protime gives much care to the safe access to on-line services, accessible for customers and registered users, by using security systems according to the latest technological developments. To gain access, the user must give proof of his identity by means of an identification procedure which he alone can use in accordance with the terms of use of the application itself as agreed between the client and Protime. The user undertakes to use the service with due care and to do his utmost to prevent that any third party may find out about the strictly personal identification procedure.

2.4      Datacenter locations

2.4.1      Corporate website

The personal data provided by the user voluntarily via this website are registered in the files of Protime and are kept at the address of Protime Kontichsesteenweg 54, 2630 Aartselaar.

2.4.2      Premium suite

The personal data provided by the user voluntarily via this website are registered in the files of Protime and are kept at the address of SD Services NV, Brouwersvliet 5, 2000 Antwerp.

2.4.3      Protime 360°

The personal data provided by the user voluntarily via this website are registered in the files of Protime and are kept at the address of Unitt (Combell) (EU).

 

 

3      Cookie Statement

3.1      What are cookies?

Cookies are small text files which are saved on the user’s computer when a website is visited.

A distinction is made between permanent and temporary cookies on the one hand, and direct and indirect cookies on the other. Cookies are permanent when they remain on the user’s computer, even after the browser has closed; temporary cookies disappear as soon as the user closes the browser. Direct cookies are sent by the website itself; indirect cookies originate from third parties.

Some of these cookies remember functional preferences, such as the user’s choice of language. Other cookies are intended to enable analysis of information, such as the number of visits to a website. Yet other cookies are used for marketing purposes.

3.2      Definition of ‘our websites’

  • The corporate websites of Protime: www.protime.eu and all variants (see above)
  • 360° Productsite: [yourdomain].protime360.be
  • www.protime360.com and all variants (see above)
  • www.maketimevaluable.com

3.3      Which cookies does Protime use and why?

Protime uses cookies for both functional and analytical purposes. These cookies are used only to improve the user experience for visitors to our website as well as additional communications based on preferences and surfing behavior. Personal details gathered via cookies are used for the sole purpose of .personalized offers and will never be sold or given to third parties.

3.4      Functional cookies

The functional cookies (permanent and direct) on ‘our sites’ register the preferences entered by the visitor (e.g. choice of language) and recognise the visitor when he visits the website again. The advantage of functional cookies is that the visitor is not required to indicate his preferences or fill out forms every time, so the website is easier to use. You can remove these functional cookies by means of the browser settings. See how to do this below.

3.5      Cookies for analytical purposes

3.5.1      Internal usage

Protime collects analytical information about the visitors on ‘our sites’ for internal marketing usage. No data is sold or goes outside Protime for other purposes.

3.5.2      Google analytics

This website also uses Google Analytics, a web analysis service provided by Google Inc. (“Google”) for statistical purposes. Google Analytics itself uses cookies (temporary, permanent and direct) to analyse how visitors use ‘our sites’. The information generated by the cookies concerning your use of the Protime websites (including your IP address, time of visit to the site, the type of browser that you use, the pages you consult and the files you download) is transferred to and archived by Google on servers in the United States. Google uses this information to create reports on the website activity for Protime. Google may not supply this information to third parties unless there is a legal obligation to do so. Google will not combine your IP address with other data at its disposal. By using ‘our sites’, you consent to the processing of the information by Google in the manner and for the purposes as described above.

Google complies with the Safe Harbor principles and subscribes to the Safe Harbor program operated by the U.S. Department of Commerce.

In the event that you do not wish data on your website visit to be forwarded to Google Analytics, you can download and install the Google Analytics Opt-out Browser Add-on.

You will find further information on privacy in Google Analytics here.

4      Removing and disabling cookies

Most internet browsers are set to accept cookies automatically. However, you can remove existing cookies and reject new cookies via the browser settings on your computer. The way of doing this varies from one browser to another. If necessary, consult the Help function of your browser.

If you remove or reject these cookies, you may not be able to make full use of the possibilities provided by ’our websites’.

6      Email security

Our state of the art email security device does several checks on incoming emails. If our email security device has dropped your mail this means that one of the following checks has failed:
 

1. Reverse DNS

Reverse DNS Lookup determines the host associated with a given IP address. If an email from somecompany.eu  with a source IP address of X.X.X.X is delivered to our anti-spam security gateway, the Reverse DNS lookup feature will check the IP Address X.X.X.X is actually associated with the domain somecompany.eu. If this is not the case, it is assumed the email has been spoofed.
 

2. SPF

The owner of a domain (somecompany.eu) will publish an SPF record which will consist of all authorised senders for this domain. An email receiver can check the sender's records to see if it is associated with that domain, and when the SPF records specify this is the case, the email is accepted. 
The SPF record will prove the sender is a trusted sender for that domain.
 
There is a difference between:
  • SPF softfail
v=spf1 ip4:X.X.X.X ~all
~all means that any servers not listed in this SPF record should be treated as a "softfail", ie. mail can be allowed through but should be tagged as suspicious.
 
-> Protime will tag the email with a tag [SPF SOFTFAIL]
-> Protime will put the mail in the users personal SPAM Quarantine where it can be released if wanted
-> Domains which get a tag [SPF SOFTFAIL] cannot be added to personal whitelist
 
  • SPF Hardfail
The owner of the domain can specify the SPF record for the domain like:
v=spf1 ip4:X.X.X.X -all
-all means that any senders not listed in this SPF record should be treated as a "hardfail", ie. they are unauthorised and emails from them should be discarded
 
-> Protime will tag the email with a tag [SPF FAIL]
-> Protime will put the mail in Quarantine where it can be checked by the Itservicedesk team
 

3. DKIM

DKIM (DomainKeysIdentified Mail) is an email security standard designed to make suremessages aren’t altered in transit between the sending and recipient servers.It uses public-key cryptography to sign email with a private key as it leaves asending server. Recipient servers then use a public key published to a domain’s DNS to verify the source of the message, and that the body of the messagehasn’t changed during transit. Once the signature is verified with thepublic key by the recipient server, the message passes DKIM and is considered authentic.
 
The mail security will flag messages with error "DKIM: permfail body hash did not verify [final]" for every mail send by $sender" with a tag [DKIM failed]
This can be caused by several things:
>> The public key specified in the DKIM-Signature header is wrong.
>> The public key published by the sender in their DNS is wrong.
>> The body of the email was modified after it left the mailserver
>> Someone spoofed the email and signed it without having the correct private key.
>> Other causes are also possible
 
Anyway the emails with DKIM failed flag are "suspected" and quarantined.
The sender will have to solve this issue!
 

4. Anti-Malware - Virusscan

The  Anti-Malware System combines  Web Reputation Filters, a critical first layer of preventative defense against new outbreaks, with best-of-breed signature-based verdict engines to provide powerful, fully integrated anti-malware defense. 
As the second layer of defense Anti-Malware System scans web content, as it is downloaded, against malware and virus signatures - eliminating the broadest range of known and emerging web-based threats. A combination multiple antivirus engines, including Sophos and McAfee, provide maximum security without compromising scalability. 

5. AMP (Advanced Malware Protection)

AMP analyzes emails for threats  hidden in malicious attachments. It gives advanced protection against spear phishing, ransomware, and other sophisticated attacks.
 
AMP uses a combination of file reputation and file sandboxing to identify and stop threats.
  • File Reputation captures a fingerprint of each file as it traverses the Email Security gateway and sends it to AMP’s cloud-based intelligence network for a reputation verdict. Given these results, malicious files are automatically blocked
 
  • File Sandboxing provides  the ability to analyze unknown files that are traversing the Email Security gateway. A highly secure sandbox environment enables AMP to glean precise details about a file’s behavior and to combine that data with detailed human and machine analysis to determine the file’s threat level. This disposition is then fed into AMP’s cloud-based intelligence network and used to dynamically update and expand the AMP cloud data set for enhanced protection. 
 

6. Outbreak filters - URL Filtering

Outbreak Filters protect our network from large-scale virus outbreaks and smaller, non-viral attacks, such as phishing scams and malware distribution, as they occur.
Global traffic patterns are used to develop rules that determine if an incoming message is safe or part of an outbreak. Messages that may be part of an outbreak are quarantined until they are determined to be safe based on updated outbreak information  or new anti-virus definitions are published by Sophos and McAfee.
 
Outbreak Filters analyze a message’s content and search for URL links to detect this type of non-viral attack.  
 
The reputation and category of links in messages, in conjunction with other spam-identification algorithms, to help identify spam. For example, if a link in a message belongs to a marketing web site, the message is more likely to be a marketing message.
 

7. Blackmail (SPAM)

All our incoming mails are scanned by an anti-spam engine. This engine has a very large rule base (thousands of rules) to check mails and give them an overall spam score.
If mails get a score between 50 en 90 they will get a tag [SUSPECTED SPAM].
If mails get a score between 90 en 100 they will get a tag [SPAM].
We cannot check why the overall score is what it is. Nor can we read the current score or get insight on past scores.
 

8. Graymail (SOCIAL/MARKETING/BULK)

Graymail messages are messages that do not fit the definition of spam, for example, newsletters, mailing list subscriptions, social media notifications, and so on. These messages were of use at some point in time, but have subsequently diminished in value to the point where the end user no longer wants to receive them.
 
The difference between graymail and spam is that the end user intentionally provided an email address at some point (for example, the end user subscribed to a newsletter on an e-commerce website or provided contact details to an organization during a conference) as opposed to spam, messages that the end user did not sign up for.
 
The graymail engine classifies each graymail into one of the following categories:
  • Marketing Email. Advertising messages sent by professional marketing groups, for example, bulletins from Amazon.com with details about their newly launched products.
  • Social Network Email. Notification messages from social networks, dating websites, forums, and so on. Examples include alerts from: LinkedIn, for jobs that you may be interested in, CNET forums, when a user responds to your post.
  • Bulk Email. Advertising messages sent by unrecognized marketing groups, for example, newsletters from TechTarget, a technology media company.
 

9. Suspected Domain

When our colleagues keep receiving "clean" unwanted messages from the same domain, we classify the domain as SUSPECTED and all mail from that domain will be quarantined!
 
If you have further questions, please contact your Protime consultant or our helpdesk.