Data Protection Statement

Data Protection Statement

1. ABOUT EVIVIEW

Terms used to refer to the Company include “we”, “us” and “our” and “EVIVIEW
Company
Eviview
Address
74 South Mall, Cork T12 F3FD
Website
https://eviview.com
Email
info@eviview.com
Phone
+353 21 2427026w

EviView is an Information Technology and Services Company founded in 2015. We are based in Cork City and registered in the Republic of Ireland as EviView Limited (566454). EviView provides best-in-class production and reliability management software (e-ConnX) to any lean-focussed manufacturers. We specialise in Business Intelligence, Efficiency, Innovation, Pharmaceutical, Biotechnology, Cutting-Edge, Bulk processing, Lean, Continuous Improvement, Shift handover, Shift passdown, Reliability, and Downtime. In order to provide our services, we need to process Personal Data. We are committed to protecting the rights and privacy of individuals in accordance with data protection legislation including the General Data Protection Regulation in Europe (the “GDPR”). This Data Protection Statement applies to all of the services offered by EviView.

2. THE PURPOSE OF THIS DATA PROTECTION STATEMENT

This Data Protection Statement describes our approach to data protection and sets out the basis on which any Personal Data we collect from you, or that you provide to us, will be used by us where we are controllers of that personal data for the purposes of the GDPR. Please read this Data Protection Statement carefully to understand our views and practices regarding the Personal Data we collect and how we will treat it. Your Privacy is important to us and we are committed to protecting and safeguarding your rights

3. WHO THIS DATA PROTECTION STATEMENT APPLIES TO

This Data Protection Statement provides specific information relating to the following individuals whose Personal Data we process:

  • prospective employees/those applying for jobs at the Company “Candidates”;
  • business contacts details including those of our customers, suppliers, partners, shareholders and business prospects “Business Contacts”; and
  • users/visitors of our Website “Website Users”.

Personal Data of employees of EviView is dealt with in a separate internal Data Protection notice.

4. CATEGORIES OF PERSONAL DATA

We process the following categories of Personal Data. For each category we have included an example of the type of Personal Data that may be part of that category:

Personal Data Category Description
Identification Data may include a person's name, date of birth, driver's license and passport information.
Contact Data may include a person's email address, phone number, postal address, other communication details (e.g. Skype), IP Address
Communication Data may include phone calls, email and hard copy correspondence.
Marketing Data may include your Contact Data and any preferences in receiving marketing from us and your communication preferences.
Recruitment Data “If we interact with you for the purposes of any job with the Company, we will collect recruitment related data such as identity data, CV data, and job application data as part of the recruitment process. When processing CV data, we may process certain Personal Data including the following: date of birth, employment history, skills/ experience, languages, educational history, qualifications, membership of professional associations, contact details of employer references/character references, licenses held, interests and hobbies, languages, locations, nationality, passport, eligibility to work in certain jurisdictions, salary expectations. As part of processing Recruitment Data, we process interview/screening answers and notes and usernames and passwords for access to our recruitment portal.”
Financial Data may include payment related information or bank account details and financial data received as part of the services that we provide.
Web Data may include Personal Data provided on any forms on our website and, to the extent that it includes Personal Data, information on the type of device you're using, its IP address, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.
Special Category Recruitment Data If we interact with you for the purposes of a job with the Company, we may collect Recruitment Data that is of a special category per the GDPR definition: this can include diversity data such as gender, religion, racial or ethnic origin, sexual orientation, trade union membership or data relating to health. We will only source this data with the explicit consent of Candidates.
Social media data We receive Personal Data about Website Users when they follow social media links on our website.
CCTV Data We operate CCTV cameras at some of our premises. If you pass by and/or visit some of EviView premises, your image may be recorded on CCTV

5. OUR LEGAL BASIS FOR PROCESSING PERSONAL DATA

We process all Personal Data lawfully and in accordance with the requirements of the law. The GDPR sets out the grounds where processing of Personal Data can be undertaken. We set out here the legal basis we use to process Personal Data:

  • Contract: We will process Personal Data where necessary to perform our obligations relating to or in accordance with any contract that we may have with you or to take steps at your request prior to entering into that contract (e.g. our client services agreement); For instance, when you register for one of our services you will enter a contract with us for the delivery of that service.
  • Consent: For certain processing activities we may rely on your consent. If you consent to the processing of your Personal Data, then we may process your Personal Data on this ground. For example, we will get your consent if you are not an existing user of any of our services and you sign-up to receive marketing newsletters from us. Where we are unable to collect consent for a particular processing activity, we will only process the Personal Data if we have another lawful basis for doing so. You can withdraw consent provided by you at any time by contacting us at dpl.
  • Legitimate Interest: At times we will need to process your Personal Data to pursue our legitimate business interests, for example for administrative purposes, to collect debts owing to us, to provide information to you, to operate, evaluate, maintain, develop and improve our websites and services or to maintain their security and protect intellectual property rights. We will not process your Personal Data on a legitimate interest basis where the impact of the processing on your interests or fundamental rights and freedoms outweigh our legitimate interests. Where we carry out marketing activities based on legitimate interests you will always have an option to opt-out of receiving marketing communications. You may object to any processing we undertake on this basis. If you do not want us to process your Personal Data on the basis of our legitimate interests, contact us at privacy@eviview.com and we will review our processing activities.
  • Special Category Recruitment: Data When we process special category recruitment data such as your health data, we require your explicit consent to do so. We will explain the purpose for processing at the time we collect the data and provide you with suitable information to fully inform your consent.

6. OUR PROCESSING ACTIVITIES

We use your Personal Data to provide you with our services and to assist us in the operation of our company. Under data protection law, we must ensure that the purpose of processing is clear. We have set out below the general purpose of processing, the categories of Personal Data processed and the related lawful basis for processing.

Purpose of Processing Categories of Personal Data Lawful Basis
Marketing & Sales Activities:
  • to send newsletters and other information that may be of interest
  • to contact you as part of our business relationship or for lead generation and general administration
  • to inform you of events or webinars that might be of interest
  • Marketing Data
  • Web Data
  • Contact Data
  • Communication Data
  • Consent
  • Legitimate Interest
Recruiting staff including:
  • to interview the Candidate
  • to manage our database of Candidates
  • to contact you in connection with any job position we may have open
  • to check your suitability for the role
  • to fulfil the recruitment needs of the business
  • Identification Data
  • Contact Data
  • Communications Data
  • Recruitment Data
  • Web Data
  • Special Category Recruitment Data
  • Legitimate Interests
  • Consent
  • Contract
Social Media Account Management including:
  • To market our services to you through social media interactions
  • To respond to enquiries about our services
  • Contact Data
  • Correspondence data
  • Social media data
  • Consent
  • Legitimate Interest
Website delivery including:
  • to manage and respond to web forms
  • to promote our products and services
  • to administer the Website
  • for internal operations, including support, troubleshooting, data analysis, testing, research, statistical and survey purposes
  • to ensure the safety and security of our website and our services
  • Web Data
  • Contact Data
  • Legitimate Interests
  • Consent
Registration and Administration of Client Relationship
  • to manage/respond to a complaint/appeal
  • to notify you of updates to this Data Protection Statement
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
  • Contract
  • Legitimate Interest
Managing payments and administration of the contract including:
  • To carry out due diligence on suppliers prior to entering into a contract
  • to process payments to and from our business
  • to fulfil our legal/contractual obligations
  • to manage/respond to complaints/issues
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
  • Contract
  • Legitimate Interest
  • Legal Requirement
Ensuring security of the EviView premises
  • CCTV Data
  • Legitimate Interests
Management of Corporate Affairs:
  • to take minutes at board meetings
  • to contact shareholders/investors
  • to enter into partnerships and other commercial relations
  • to undertake appropriate due diligence
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
  • Contract
  • Legitimate Interest
  • Legal Obligation

7. SOURCES OF PERSONAL DATA

BUSINESS CONTACT PERSONAL DATA We collect Business Contact Personal Data from our business contacts including – customers, suppliers, partners, shareholders and business prospects. We source Business Contact Personal Data in order to serve the business relationship. We will only ever source Personal Data that is necessary and in a way that would be generally expected. We receive Personal Data about Business Contacts from a variety of sources, as follows:
  • the information is often provided by the Business Contact as part of the business relationship;
  • the information may be collected from public sources;
  • the information may be collected indirectly from another person within the company of the Business Contact;
  • the information may be collected through our website as part of registration;
  • the information may be collected indirectly from a website or from a third party.

CANDIDATE PERSONAL DATA We will only ever source data that is necessary to provide services to you and in a way that would be generally expected. We receive Personal Data relating to Candidates from a variety of sources. The primary source is from Candidates directly. We collect Personal Data from you in the context of seeking a role within EviView, or on a EviView project with a third-party client. This involves receiving your Personal Data, highlighting your skills and competencies, contacting you, emailing you with projects that may be of interest to you and sharing your Personal Data with those EviView clients in relation to a project placement, where appropriate. When you submit your Personal Data through the Contact Forms you are agreeing to EviView sharing your data with third party clients for the purposes of securing a role within EviView or working on a EviView project with a third party. We collect Personal Data about you from the application forms and questionnaires you may be asked to complete; we also gather Personal Data from records of our correspondence, phone calls and emails. Examples of the sources of Personal Data of Candidates are as follows:

  • the Candidate may send their CV to us with the intention of registering with us to be informed of potential job vacancies
  • the Candidate may apply directly to a position advertised on the EviView website
  • the Candidate may apply to a position advertised on a third-party job's website
  • the Candidate may be sourced from publicly accessible platforms where the Company employees are also registered users, for example LinkedIn
  • the Candidate may be sourced from third party CV providers such as jobs websites who provide CV search facilities and where users have made their CV data available to registered customers of these sites
  • we receive Candidate information when the Candidate interacts with our communications e.g. websites and advertisements
  • we may receive Personal Data about a Candidate from nominated referees of the Candidate or from other contacts of the Candidate
  • the Candidate may be referred to us from a third-party recruitment business; or
  • the Candidate's information may be provided to us directly by a Client
  • A third party may provide your Personal Data to us, when we:
  • provide our services or
  • are recruiting and you have provided your Personal Data to a recruitment agency for the purpose of sharing it with us.

WEB USERS PERSONAL DATA We collect Website User information from all visitors to our web site www.eviview.com in order to improve our services and develop the Website. We receive Personal Data about Website Users who access our advertisements or our Website regardless of whether they interact or register with the Website.

  • Logfiles of service interactions in order to manage our service delivery and progress users through the service offerings
  • Logfiles of website activity collected for security purposes.
  • Cookies that track website visitors. For more details please refer to our Cookie Statement.

SOCIAL MEDIA USERS PERSONAL DATA We collect information from you when follow our social media accounts, like, comment or reshare a social media post or when you communicate with us via messaging apps on social media platforms.

CCTV PERSONAL DATA We may collect CCTV video footage of visitors to our premises.

8. DISCLOSURE OF PERSONAL DATA

We will need to share your information in certain circumstances. We will always ensure that we comply with the law when we transfer your Personal Data. We will also ensure that any processor or sub-processor takes appropriate technical and organizational measures when processing Personal Data on our behalf. In certain circumstances, we may disclose Personal Data to third parties as follows:
  • to business partners and subcontractors for the performance of any contract relating to our services, including email, Skype, Customer Relationship Management system, Application Tracking System, payment processors, data aggregators, hosting service providers, external consultants, auditors, IT consultants and lawyers;
  • to analytics and search engine providers that assist us in the improvement and optimisation of the Website.  This consists of aggregated anonymous information only and relates to the web pages visited on the Website and not the information included on those web pages;
  • if we or substantially all of our company is merged with another company or acquired by a third party, in which case Personal Data held by us will be one of the transferred assets;
  • if we are under a duty to disclose or share Personal Data in order to comply with any legal obligation (including tax, audit or other authorities), or in order to enforce or apply any contracts that we have;
  • to protect our rights, property, or safety, or that of our Candidates or Business Contacts or others. This may include exchanging information with other companies and organisations for the purpose of fraud protection.

More specifically we may share:

  • Candidate information with Business Contacts and potential Business Contacts, third party representatives of our Business Contacts and third parties providing verification services (for example, criminal record checks / pre-employment screening services and assessments);
  • information about our Business Contacts, their employees and others for the purpose of our consultancy activities;
  • Personal Data with third party payment service providers for the purpose of processing payments related to the services we offer; or
  • We may be required to share references provided by referees of Candidates in the event of an access request by the Candidate.

When we engage another organisation to perform services for us, we may provide them with information including Personal Data, in connection with the performance of those functions. We do not allow third parties to use Personal Data except for the purpose of providing these services.

9. SECURITY MEASURES

We will take all steps reasonably necessary to ensure that all Personal Data is treated securely in accordance with this Data Protection Statement and the relevant law, including the GDPR. In particular, we have put in place appropriate technical and organizational procedures to safeguard and secure the information we process. We monitor for and do everything we can to prevent security breaches of the Personal Data that we process. Once we have received your information, we will use strict procedures and security features for the purpose of preventing unauthorized access and ensuring that only those who need to have access to your Personal Data can access it. We also use secure connections to protect Personal Data during its transmission. If you think that there has been any loss or unauthorized access to Personal Data of any individual, please let us know immediately.

10. TRANSFERS OUTSIDE THE EEA

We will only transfer Personal Data outside the EEA if necessary and with appropriate safeguards in place.

As a global organisation we use and share Personal Data both inside and outside the EEA. We ensure that any transfer of Personal Data outside the EEA is undertaken using legally compliant transfer mechanisms and in accordance with the GDPR. When we transfer Personal Data outside of the EEA, we generally rely on the Standard Contractual Clauses under Article 46.2 of the GDPR adopted by the EU Commission or the Privacy Shield in the case of transfers to the USA. However, we may also rely on some of the other legally compliant transfer mechanisms.

11. COOKIES

Cookies are small text files placed on your computer or mobile device by websites that you visit, and they help us improve the products and services that we offer you. They are used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Cookies may allow a website to remember your activity over a period of time. Cookies are optional and you do not have to accept them. Further information on the cookies we use on www.eviview.comand the purpose behind their respective uses are set out in our Cookie Statement.

12. THIRD PARTY WEBSITES

Our Website may contain links to and from third party websites. If you follow a link to any of these websites, please note that these websites have their own privacy settings, and these are not endorsed by us. We do not accept any responsibility or liability for these third-party websites. Please undertake the appropriate due diligence before submitting any Personal Data to these websites.

13. RETENTION

We only keep your Personal Data as long as it is necessary for the purposes of processing it or to comply with legal or regulatory requirements.

In some circumstances it is not possible for us to specify in advance the period for which we will retain your Personal Data. In such cases we will determine the appropriate retention period based on balancing your rights against our legitimate business interests.  We may also retain certain Personal Data beyond the periods specified herein in some circumstances such as where required for the purposes of legal claims. Our retention policy is as follows:

Purpose of Processing Categories of Personal Data Retention Period
Relationship Management
  • Contact Data
  • Communications Data
  • Identification Data
  • Financial Data
Withdrawal of consent + 30 days
Marketing & Sales
  • Contact Data
  • Communication Data
  • Marketing Data
  • Web Data
Withdrawal of consent + 30 days
Recruitment
  • Identification Data
  • Contact Data
  • Communications Data
  • Recruitment Data
  • Web Data
  • Special Category Recruitment Data
18 months or duration of employment + 7 years
Website Delivery
  • Web Data
  • Contact Data
Withdrawal of consent + 30 days
Registration and Administration of Client Relationship
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
10 years or 30 days after termination of contract
Managing payments and administration of the contract
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
7 years
Management of Corporate Affairs
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
7 years

In certain cases, we may retain Personal Data for longer than specified here if required under relevant laws.

14. YOUR RIGHTS UNDER THE GDPR

You have various rights relating to how your Personal Data is used.

You can ask for access to the Personal Data we hold on you

You have the right to ask for all the information we have about you. When we receive a request from you in writing, we must give you access to everything we've recorded about you as well as details of the processing, the categories of Personal Data concerned and the recipients of the Personal Data. We will provide the first copy of your Personal Data free of charge, but we may charge you a reasonable fee for any additional copies. We cannot give you access to a copy of your Personal Data in some limited cases including where this might adversely affect the rights and freedoms of others.

You can ask to change Personal Data you think is inaccurate

You should let us know if you disagree with something included in your Personal Data. We may not always be able to change or remove that information, but we'll correct factual inaccuracies and may include your comments in the record to show that you disagree with it.

You can ask to delete Personal Data (right to be forgotten)

In some circumstances you can ask for your Personal Data to be deleted, for example, where:

  • your Personal Data is no longer needed for the reason that it was collected in the first place
  • you have removed your consent for us to use your information (where there is no other lawful basis for us to use it)
  • there is no lawful basis for the use of your information
  • deleting the information is a legal requirement

Where your Personal Data has been shared with others, we will do what we can to make sure those using your Personal Data comply with your request for erasure. Please note that we can't delete your information where:

  • we are required to have it by law
  • it is used for freedom of expression
  • it is used for public health purposes
  • it is used for scientific or historical research or statistical purposes where deleting the Personal Data would make it difficult or impossible to achieve the objectives of the processing
  • it is necessary for legal claims.
You can ask us to limit what we use your Personal Data for

You have the right to ask us to restrict what we use your Personal Data for where:

  • you have identified inaccurate information, and have told us of it
  • where we have no legal reason to use that information, but you want us to restrict what we use it for rather than erase the information altogether

When Personal Data is restricted it can't be used other than to securely store the Personal Data and with your consent to handle legal claims and protect others, or where it's for important public interests.

You can ask to have your Personal Data moved to another provider (dataportability)

You have the right to ask for your Personal Data to be given back to you or another service provider of your choice in a commonly used format. This is called data portability. This right only applies if we're using your Personal Data with consent and if decisions were made by a computer and not a human being. It does not apply where it would adversely affect the rights and freedoms of others.

You can make a complaint

You have the right to lodge a complaint with the local supervisory authority for data protection in the EU member state where you usually reside, where you work or where you think an infringement of data protection law took place.

15. AMENDMENTS TO THIS DATA PROTECTION STATEMENT

We will post any changes on the Website and when doing so will change the effective date at the top of this Data Protection Statement.  Please make sure to check the date when you use our services to see if there have been any changes since you last used those services. If you are not happy with any changes that we have made you should cease using our services. In some cases, we may provide you with additional notice of changes to this Data Protection Statement, such as via email. We will always provide you with any notice in advance of the changes taking effect where we consider the changes to be material.

16. OUR CONTACT INFORMATION

Please contact us if you have any questions about this Data Protection Statement or Personal Data we hold about you:

Email: privacy@eviview.com
Address: Data Protection Lead, 74 South Mall, Cork T12 F3FD
Telephone: +353 21 2427026

17. SUPERVISORY AUTHORITY

If you have any concerns or questions about the processing of your Personal Data, the Supervisory Authority in Ireland may be contacted as follows:

Email: info@dataprotection.ie
Address: Canal House, Station Road, Portarlington, R32 AP23, County Laois
Tel Lo-Call: 1890 252 231