Engage Process BV
1. PERSONAL DATA AND PURPOSES
In this paragraph we describe the categories of personal data that we receive and our goals for processing this data.
A. Subscription Contracts
When a customer requests a subscription for one of our solutions, we request the customer to provide us with data. We offer both student- and business subscriptions. Requests for subscriptions are received by us through our webshop, forms on our website, email and telephone. Providing this information/ data is a requirement for obtaining a subscription.
Purposes: In this phase we process data for the purpose of obtaining a subscription to access one of our tools.
Depending on the type of subscription we process the following data:
B. Use of Subscriptions
For the use of our tooling we process the business email addresses and password of the users, and data about the use of our tool. This data consists of: Logs [name of creator, latest edit data and type of records by the users] and [specific tool components that are accessed/used by the user]. For Student subscriptions the Client is always the User. For Business subscriptions the customer's Administrator can create additional user accounts. For such additional user accounts, we process the email address, last name and first name, as listed above.
Purposes: We process this data for providing access to the functions of the tooling.
C. Providing Training To Users and Organising User Meetings
We provide training to our customers and organise user conferences and meetings. We receive the names of participant(s) and often also their email address.
Purposes: We process this data for planning and organising trainings and sessions, for sending our invitations and materials and, often after the meeting, for sending a copy of any presentation used.
When we send an invoice and collect payments, we use the data as described in paragraph A. for any business subscription. We also process any business payment history and any data we have registered during contact about our invoices and collectables. After the end of any subscription we keep this information in line with legal and tax requirements.
Purposes: We process this data for sending invoices, processing payments and, when needed, managing our collectables.
E. Relationship Data
In addition to data that is needed for getting and using a subscription, we process data for setting up and managing a business relationship. This includes the contact persons of any future user of our solutions and other personnel of your company, like IT personnel or compliance personnel. Relationship data includes: Name of company, department, name of employee, role, business email address and business telephone number.
Purposes: We process personal data to setup and maintain the business relationship with the company, for example, for sending out quotations. We also maintain contact details with the decision makers of your company. Contact details are not used for direct marketing but may include product newsletters.
F. Our Newsletters
For sending out our newsletters we use your name and email address. Our newsletters contain functional information about our tooling, information regarding developments in our company and information about process management. Additionally, you can select to receive direct marketing from us via email. We never send out direct marketing without prior permission. For sending out emails we use an email service that allows us to see whether the newsletters or mailings are opened; we use this data within the tooling's environment. Newsletters are also sent to people that have indicated on out website that they have an interest in our services. Our email always offers an opt-out link. You can use this to indicate that you no longer want to receive the emails.
Purposes: We process your personal data for sending out newsletters and getting an insight from our customers on how the tools are used and can be further developed. When you are a prospective user, we use your data to get an insight into your interest in our tools and services.
The general justification for us to use your data is embedded in our subscriptions. In addition, we process personal data for complying with laws and legal guidelines, like those for managing finances and taxes of our company. When monitoring usage data or data on email-clicks we are legally justified to do so. That is based on our rights to get an insight on the usage of our tooling and your interest to do so; we use this data to further improve our tooling and services.
3. WITH WHOM DO WE SHARE DATA?
Your data is shared with our employees and partners if they need it to provide our services. Our employees and partners are legally bound to keep your data confidential. We also share your data with our suppliers and outsourcing parties where that is needed to support our SaaS/Cloud services and to support our administration. We have signed agreements with all services that we use. These agreements meet the guidelines of GDPR rules.
4. STORAGE TIME FRAME
Customer data is stores and used by us for the duration of the subscriptions and up to 6 months thereafter in backups of our solutions. Relationship data is additionally stored for as long as employees are employed by our business relations.
5. INTERNATIONAL DATA TRANSFER
All personal data is processed and stored within the EU.
7. YOUR RIGHTS AND CONTACT DETAILS
By law you have the right to request us:
- To inform you which data of yours we are processing
- To correct, add on to, or remove certain personal data of yours
- To stop processing your personal data
- To restrict the amount of data we hold on to
- To not forward your personal data to other parties
We will accept and judge your request in line with the GDPR. We will reply to your request as soon as possible, but no later than 1 month after receiving the request. For any questions or comments about this privacy statement, please do not hesitate to contact us via email@example.com or via telephone at +44 2045927949.
8. RESPONSIBLE PERSONS AT ENGAGE PROCESS AND ESCALATION PROCEDURE
The Chief Technology Officer (CTO) of Engage Process is responsible for all data security and privacy regulations. The CTO is a member of the Management Team. In the occurrence of a (possible) data breach or other compromising situation, the CTO will immediately investigate the situation, search for potential root causes, corrections to be made and improvements by which re-occurrence can be avoided. the CTO will report these findings to the management team and to the managing director. Any corrections and improvements will be implemented as soon as possible. All parties involved in the breach will be informed according to the GDPR regulations. The CTO will inform and involve the CEO in any serious situation, as such decided/classified by the CTO. Decision regarding such cases will be made by the CEO and CTO. Any such cases will be documented in detail.