Data Protection Statement

Data Protection Statement

1. ABOUT EVIVIEW

Terms used to refer to the Company include “we”, “us” and “our” and
“EVIVIEW</em >
Company
Eviview
Address
74 South Mall, Cork T12 F3FD
Website
https://eviview.com
Email
info@eviview.com
Phone
+353 21 2427026w

EviView is an Information Technology and Services Company founded in 2015. We
are based in Cork City and registered in the Republic of Ireland as EviView
Limited (566454). EviView provides best-in-class production and reliability
management software (e-ConnX) to any lean-focussed manufacturers. We
specialise in Business Intelligence, Efficiency, Innovation, Pharmaceutical,
Biotechnology, Cutting-Edge, Bulk processing, Lean, Continuous Improvement,
Shift handover, Shift passdown, Reliability, and Downtime. In order to provide
our services, we need to process Personal Data. We are committed to protecting
the rights and privacy of individuals in accordance with data protection
legislation including the General Data Protection Regulation in Europe (the
GDPR</span >”). This Data Protection Statement applies to all of the services offered by
EviView.

2. THE PURPOSE OF THIS DATA PROTECTION STATEMENT

This Data Protection Statement describes our approach to data protection and
sets out the basis on which any Personal Data we collect from you, or that you
provide to us, will be used by us where we are controllers of that personal
data for the purposes of the GDPR. Please read this Data Protection Statement
carefully to understand our views and practices regarding the Personal Data we
collect and how we will treat it. Your Privacy is important to us and we are
committed to protecting and safeguarding your rights

3. WHO THIS DATA PROTECTION STATEMENT APPLIES TO

This Data Protection Statement provides specific information relating to the
following individuals whose Personal Data we process:

  • prospective employees/those applying for jobs at the Company “Candidates</span >”;
  • business contacts details including those of our customers, suppliers,
    partners, shareholders and business prospects “Business Contacts</span >”; and
  • users/visitors of our Website “Website Users”.

Personal Data of employees of EviView is dealt with in a separate internal
Data Protection notice.

4. CATEGORIES OF PERSONAL DATA

We process the following categories of Personal Data. For each category we
have included an example of the type of Personal Data that may be part of that
category:

Personal Data CategoryDescription
Identification Datamay include a person's name, date of birth, driver's license and
passport information.
Contact Datamay include a person's email address, phone number, postal address,
other communication details (e.g. Skype), IP Address
Communication Datamay include phone calls, email and hard copy correspondence.
Marketing Datamay include your Contact Data and any preferences in receiving marketing
from us and your communication preferences.
Recruitment Data“If we interact with you for the purposes of any job with the Company,
we will collect recruitment related data such as identity data, CV data,
and job application data as part of the recruitment process. When
processing CV data, we may process certain Personal Data including the
following: date of birth, employment history, skills/ experience,
languages, educational history, qualifications, membership of
professional associations, contact details of employer
references/character references, licenses held, interests and hobbies,
languages, locations, nationality, passport, eligibility to work in
certain jurisdictions, salary expectations. As part of processing
Recruitment Data, we process interview/screening answers and notes and
usernames and passwords for access to our recruitment portal.”
Financial Datamay include payment related information or bank account details and
financial data received as part of the services that we provide.
Web Datamay include Personal Data provided on any forms on our website and, to
the extent that it includes Personal Data, information on the type of
device you're using, its IP address, operating system, referral source,
length of visit, page views and website navigation paths, as well as
information about the timing, frequency and pattern of your service use.
Special Category Recruitment DataIf we interact with you for the purposes of a job with the Company, we
may collect Recruitment Data that is of a special category per the GDPR
definition: this can include diversity data such as gender, religion,
racial or ethnic origin, sexual orientation, trade union membership or
data relating to health. We will only source this data with the explicit
consent of Candidates.
Social media dataWe receive Personal Data about Website Users when they follow social
media links on our website.
CCTV DataWe operate CCTV cameras at some of our premises. If you pass by and/or
visit some of EviView premises, your image may be recorded on CCTV

5. OUR LEGAL BASIS FOR PROCESSING PERSONAL DATA

We process all Personal Data lawfully and in accordance with the requirements
of the law. The GDPR sets out the grounds where processing of Personal Data
can be undertaken. We set out here the legal basis we use to process Personal
Data:

  • Contract: We will process Personal Data where necessary to perform
    our obligations relating to or in accordance with any contract that we may
    have with you or to take steps at your request prior to entering into that
    contract (e.g. our client services agreement); For instance, when you
    register for one of our services you will enter a contract with us for the
    delivery of that service.
  • Consent: For certain processing activities we may rely on your
    consent. If you consent to the processing of your Personal Data, then we may
    process your Personal Data on this ground. For example, we will get your
    consent if you are not an existing user of any of our services and you
    sign-up to receive marketing newsletters from us. Where we are unable to
    collect consent for a particular processing activity, we will only process
    the Personal Data if we have another lawful basis for doing so. You can
    withdraw consent provided by you at any time by contacting us at dpl.
  • Legitimate Interest: At times we will need to process your Personal
    Data to pursue our legitimate business interests, for example for
    administrative purposes, to collect debts owing to us, to provide
    information to you, to operate, evaluate, maintain, develop and improve our
    websites and services or to maintain their security and protect intellectual
    property rights. We will not process your Personal Data on a legitimate
    interest basis where the impact of the processing on your interests or
    fundamental rights and freedoms outweigh our legitimate interests. Where we
    carry out marketing activities based on legitimate interests you will always
    have an option to opt-out of receiving marketing communications. You may
    object to any processing we undertake on this basis. If you do not want us
    to process your Personal Data on the basis of our legitimate interests,
    contact us at privacy@eviview.com and we will review our processing
    activities.
  • Special Category Recruitment: Data When we process special category
    recruitment data such as your health data, we require your explicit consent
    to do so. We will explain the purpose for processing at the time we collect
    the data and provide you with suitable information to fully inform your
    consent.

6. OUR PROCESSING ACTIVITIES

We use your Personal Data to provide you with our services and to assist us in
the operation of our company. Under data protection law, we must ensure that
the purpose of processing is clear. We have set out below the general purpose
of processing, the categories of Personal Data processed and the related
lawful basis for processing.

Purpose of ProcessingCategories of Personal DataLawful Basis
Marketing & Sales Activities:
  • to send newsletters and other information that may be of interest
  • to contact you as part of our business relationship or for lead
    generation and general administration
  • to inform you of events or webinars that might be of interest
  • Marketing Data
  • Web Data
  • Contact Data
  • Communication Data
  • Consent
  • Legitimate Interest
Recruiting staff including:
  • to interview the Candidate
  • to manage our database of Candidates
  • to contact you in connection with any job position we may have open
  • to check your suitability for the role
  • to fulfil the recruitment needs of the business
  • Identification Data
  • Contact Data
  • Communications Data
  • Recruitment Data
  • Web Data
  • Special Category Recruitment Data
  • Legitimate Interests
  • Consent
  • Contract
Social Media Account Management including:
  • To market our services to you through social media interactions
  • To respond to enquiries about our services
  • Contact Data
  • Correspondence data
  • Social media data
  • Consent
  • Legitimate Interest
Website delivery including:
  • to manage and respond to web forms
  • to promote our products and services
  • to administer the Website
  • for internal operations, including support, troubleshooting, data
    analysis, testing, research, statistical and survey purposes
  • to ensure the safety and security of our website and our services
  • Web Data
  • Contact Data
  • Legitimate Interests
  • Consent
Registration and Administration of Client Relationship
  • to manage/respond to a complaint/appeal
  • to notify you of updates to this Data Protection Statement
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
  • Contract
  • Legitimate Interest
Managing payments and administration of the contract including:
  • To carry out due diligence on suppliers prior to entering into a
    contract
  • to process payments to and from our business
  • to fulfil our legal/contractual obligations
  • to manage/respond to complaints/issues
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
  • Contract
  • Legitimate Interest
  • Legal Requirement
Ensuring security of the EviView premises
  • CCTV Data
  • Legitimate Interests
Management of Corporate Affairs:
  • to take minutes at board meetings
  • to contact shareholders/investors
  • to enter into partnerships and other commercial relations
  • to undertake appropriate due diligence
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
  • Contract
  • Legitimate Interest
  • Legal Obligation

7. SOURCES OF PERSONAL DATA

BUSINESS CONTACT PERSONAL DATA We collect Business Contact Personal Data from
our business contacts including – customers, suppliers, partners, shareholders
and business prospects. We source Business Contact Personal Data in order to
serve the business relationship. We will only ever source Personal Data that is
necessary and in a way that would be generally expected. We receive Personal
Data about Business Contacts from a variety of sources, as follows:

  • the information is often provided by the Business Contact as part of the
    business relationship;
  • the information may be collected from public sources;
  • the information may be collected indirectly from another person within the
    company of the Business Contact;
  • the information may be collected through our website as part of
    registration;
  • the information may be collected indirectly from a website or from a third
    party.

CANDIDATE PERSONAL DATA We will only ever source data that is necessary
to provide services to you and in a way that would be generally expected. We
receive Personal Data relating to Candidates from a variety of sources. The
primary source is from Candidates directly. We collect Personal Data from you
in the context of seeking a role within EviView, or on a EviView project with
a third-party client. This involves receiving your Personal Data, highlighting
your skills and competencies, contacting you, emailing you with projects that
may be of interest to you and sharing your Personal Data with those EviView
clients in relation to a project placement, where appropriate. When you submit
your Personal Data through the Contact Forms you are agreeing to EviView
sharing your data with third party clients for the purposes of securing a role
within EviView or working on a EviView project with a third party. We collect
Personal Data about you from the application forms and questionnaires you may
be asked to complete; we also gather Personal Data from records of our
correspondence, phone calls and emails. Examples of the sources of Personal
Data of Candidates are as follows:

  • the Candidate may send their CV to us with the intention of registering with
    us to be informed of potential job vacancies
  • the Candidate may apply directly to a position advertised on the EviView
    website
  • the Candidate may apply to a position advertised on a third-party job's
    website
  • the Candidate may be sourced from publicly accessible platforms where the
    Company employees are also registered users, for example LinkedIn
  • the Candidate may be sourced from third party CV providers such as jobs
    websites who provide CV search facilities and where users have made their CV
    data available to registered customers of these sites
  • we receive Candidate information when the Candidate interacts with our
    communications e.g. websites and advertisements
  • we may receive Personal Data about a Candidate from nominated referees of
    the Candidate or from other contacts of the Candidate
  • the Candidate may be referred to us from a third-party recruitment business;
    or
  • the Candidate's information may be provided to us directly by a Client
  • A third party may provide your Personal Data to us, when we:
  • provide our services or
  • are recruiting and you have provided your Personal Data to a recruitment
    agency for the purpose of sharing it with us.

WEB USERS PERSONAL DATA We collect Website User information from all
visitors to our web site
www.eviview.com in order to improve our
services and develop the Website. We receive Personal Data about Website Users
who access our advertisements or our Website regardless of whether they
interact or register with the Website.

  • Logfiles of service interactions in order to manage our service delivery and
    progress users through the service offerings
  • Logfiles of website activity collected for security purposes.
  • Cookies that track website visitors. For more details please refer to our Cookie Statement</a >.

SOCIAL MEDIA USERS PERSONAL DATA We collect information from you when
follow our social media accounts, like, comment or reshare a social media post
or when you communicate with us via messaging apps on social media platforms.

CCTV PERSONAL DATA We may collect CCTV video footage of visitors to our
premises.

8. DISCLOSURE OF PERSONAL DATA

We will need to share your information in certain circumstances. We will
always ensure that we comply with the law when we transfer your Personal Data.
We will also ensure that any processor or sub-processor takes appropriate
technical and organizational measures when processing Personal Data on our
behalf.</em >

In certain circumstances, we may disclose Personal Data to third parties as
follows:

  • to business partners and subcontractors for the performance of any contract
    relating to our services, including email, Skype, Customer Relationship
    Management system, Application Tracking System, payment processors, data
    aggregators, hosting service providers, external consultants, auditors, IT
    consultants and lawyers;
  • to analytics and search engine providers that assist us in the improvement
    and optimisation of the Website.  This consists of aggregated anonymous
    information only and relates to the web pages visited on the Website and not
    the information included on those web pages;
  • if we or substantially all of our company is merged with another company or
    acquired by a third party, in which case Personal Data held by us will be
    one of the transferred assets;
  • if we are under a duty to disclose or share Personal Data in order to comply
    with any legal obligation (including tax, audit or other authorities), or in
    order to enforce or apply any contracts that we have;
  • to protect our rights, property, or safety, or that of our Candidates or
    Business Contacts or others. This may include exchanging information with
    other companies and organisations for the purpose of fraud protection.

More specifically we may share:

  • Candidate information with Business Contacts and potential Business
    Contacts, third party representatives of our Business Contacts and third
    parties providing verification services (for example, criminal record checks
    / pre-employment screening services and assessments);
  • information about our Business Contacts, their employees and others for the
    purpose of our consultancy activities;
  • Personal Data with third party payment service providers for the purpose of
    processing payments related to the services we offer; or
  • We may be required to share references provided by referees of Candidates in
    the event of an access request by the Candidate.

When we engage another organisation to perform services for us, we may provide
them with information including Personal Data, in connection with the
performance of those functions. We do not allow third parties to use Personal
Data except for the purpose of providing these services.

9. SECURITY MEASURES

We will take all steps reasonably necessary to ensure that all Personal Data
is treated securely in accordance with this Data Protection Statement and the
relevant law, including the GDPR. In particular, we have put in place
appropriate technical and organizational procedures to safeguard and secure
the information we process. We monitor for and do everything we can to prevent
security breaches of the Personal Data that we process. Once we have received
your information, we will use strict procedures and security features for the
purpose of preventing unauthorized access and ensuring that only those who
need to have access to your Personal Data can access it. We also use secure
connections to protect Personal Data during its transmission. If you think
that there has been any loss or unauthorized access to Personal Data of any
individual, please let us know immediately.

10. TRANSFERS OUTSIDE THE EEA

We will only transfer Personal Data outside the EEA if necessary and with
appropriate safeguards in place.</i >

As a global organisation we use and share Personal Data both inside and
outside the EEA. We ensure that any transfer of Personal Data outside the EEA
is undertaken using legally compliant transfer mechanisms and in accordance
with the GDPR. When we transfer Personal Data outside of the EEA, we generally
rely on the Standard Contractual Clauses under Article 46.2 of the GDPR
adopted by the EU Commission or the Privacy Shield in the case of transfers to
the USA. However, we may also rely on some of the other legally compliant
transfer mechanisms.

11. COOKIES

Cookies are small text files placed on your computer or mobile device by
websites that you visit, and they help us improve the products and services
that we offer you. They are used in order to make websites work, or work more
efficiently, as well as to provide information to the owners of the site.
Cookies may allow a website to remember your activity over a period of time.
Cookies are optional and you do not have to accept them. Further information
on the cookies we use on
www.eviview.comand the purpose behind
their respective uses are set out in our
Cookie Statement.

12. THIRD PARTY WEBSITES

Our Website may contain links to and from third party websites. If you follow
a link to any of these websites, please note that these websites have their
own privacy settings, and these are not endorsed by us. We do not accept any
responsibility or liability for these third-party websites. Please undertake
the appropriate due diligence before submitting any Personal Data to these
websites.

13. RETENTION

We only keep your Personal Data as long as it is necessary for the purposes
of processing it or to comply with legal or regulatory requirements.</i >

In some circumstances it is not possible for us to specify in advance the
period for which we will retain your Personal Data. In such cases we will
determine the appropriate retention period based on balancing your rights
against our legitimate business interests.  We may also retain certain
Personal Data beyond the periods specified herein in some circumstances such
as where required for the purposes of legal claims. Our retention policy is as
follows:

Purpose of ProcessingCategories of Personal DataRetention Period
Relationship Management
  • Contact Data
  • Communications Data
  • Identification Data
  • Financial Data
Withdrawal of consent + 30 days
Marketing & Sales
  • Contact Data
  • Communication Data
  • Marketing Data
  • Web Data
Withdrawal of consent + 30 days
Recruitment
  • Identification Data
  • Contact Data
  • Communications Data
  • Recruitment Data
  • Web Data
  • Special Category Recruitment Data
18 months or duration of employment + 7 years
Website Delivery
  • Web Data
  • Contact Data
Withdrawal of consent + 30 days
Registration and Administration of Client Relationship
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
10 years or 30 days after termination of contract
Managing payments and administration of the contract
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
7 years
Management of Corporate Affairs
  • Identification Data
  • Contact Data
  • Communication Data
  • Financial Data
7 years

In certain cases, we may retain Personal Data for longer than specified here
if required under relevant laws.

14. YOUR RIGHTS UNDER THE GDPR

You have various rights relating to how your Personal Data is used.

You can ask for access to the Personal Data we hold on you

You have the right to ask for all the information we have about you. When we
receive a request from you in writing, we must give you access to everything
we've recorded about you as well as details of the processing, the categories
of Personal Data concerned and the recipients of the Personal Data. We will
provide the first copy of your Personal Data free of charge, but we may charge
you a reasonable fee for any additional copies. We cannot give you access to a
copy of your Personal Data in some limited cases including where this might
adversely affect the rights and freedoms of others.

You can ask to change Personal Data you think is inaccurate

You should let us know if you disagree with something included in your
Personal Data. We may not always be able to change or remove that information,
but we'll correct factual inaccuracies and may include your comments in the
record to show that you disagree with it.

You can ask to delete Personal Data (right to be forgotten)

In some circumstances you can ask for your Personal Data to be deleted, for
example, where:

  • your Personal Data is no longer needed for the reason that it was collected
    in the first place
  • you have removed your consent for us to use your information (where there is
    no other lawful basis for us to use it)
  • there is no lawful basis for the use of your information
  • deleting the information is a legal requirement

Where your Personal Data has been shared with others, we will do what we can
to make sure those using your Personal Data comply with your request for
erasure. Please note that we can't delete your information where:

  • we are required to have it by law
  • it is used for freedom of expression
  • it is used for public health purposes
  • it is used for scientific or historical research or statistical purposes
    where deleting the Personal Data would make it difficult or impossible to
    achieve the objectives of the processing
  • it is necessary for legal claims.

You can ask us to limit what we use your Personal Data for

You have the right to ask us to restrict what we use your Personal Data for
where:

  • you have identified inaccurate information, and have told us of it
  • where we have no legal reason to use that information, but you want us to
    restrict what we use it for rather than erase the information altogether

When Personal Data is restricted it can't be used other than to securely store
the Personal Data and with your consent to handle legal claims and protect
others, or where it's for important public interests.

You can ask to have your Personal Data moved to another provider (data</b >portability)

You have the right to ask for your Personal Data to be given back to you or
another service provider of your choice in a commonly used format. This is
called data portability. This right only applies if we're using your Personal
Data with consent and if decisions were made by a computer and not a human
being. It does not apply where it would adversely affect the rights and
freedoms of others.

You can make a complaint

You have the right to lodge a complaint with the local supervisory authority
for data protection in the EU member state where you usually reside, where you
work or where you think an infringement of data protection law took place.

15. AMENDMENTS TO THIS DATA PROTECTION STATEMENT

We will post any changes on the Website and when doing so will change the
effective date at the top of this Data Protection Statement.  Please make sure
to check the date when you use our services to see if there have been any
changes since you last used those services. If you are not happy with any
changes that we have made you should cease using our services. In some cases,
we may provide you with additional notice of changes to this Data Protection
Statement, such as via email. We will always provide you with any notice in
advance of the changes taking effect where we consider the changes to be
material.

16. OUR CONTACT INFORMATION

Please contact us if you have any questions about this Data Protection
Statement or Personal Data we hold about you:

Email:privacy@eviview.com
Address:Data Protection Lead, 74 South Mall, Cork T12 F3FD
Telephone:+353 21 2427026

17. SUPERVISORY AUTHORITY

If you have any concerns or questions about the processing of your Personal
Data, the Supervisory Authority in Ireland may be contacted as follows:

Email:info@dataprotection.ie
Address:Canal House, Station Road, Portarlington, R32 AP23, County Laois
Tel Lo-Call:1890 252 231