It sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
3. DATA CONTROLLER
For the purposes of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, (“GDPR”) and any applicable national implementing laws, regulations and secondary legislation relating to the processing of personal data (together “Data Protection Law”), the data controller is BCD Safety & Business Support Ltd t/a Engage EHS a private limited company incorporated in Ireland under registration number 447607 and having its registered office at The Moorings, Lennox Place, Portobello, Dublin, D08 NV96, Ireland.
4. LEGAL BASIS FOR THE PROCESSING
If you are an individual from the European Economic Area (EEA) or the UK, our legal basis for collecting and using the personal information will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only where: (a) we have your consent to do so, (b) where we need the personal information to perform a contract with you (e.g. to deliver the Services you have requested), or (c) where the processing is in our or a third party’s legitimate interests (and not overridden by your data protection interests or fundamental rights and freedoms). In some cases, we may also have a legal obligation to collect personal information from you, or may otherwise need the personal information to protect your vital interests or those of another person.
Where we rely on your consent to process the personal information, you have the right to withdraw or decline your consent at any time. Please note that this does not affect the lawfulness of the processing based on consent before its withdrawal.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). Similarly, if we collect and use your personal information in reliance on our (or a third party’s) legitimate interests which are not already described in this Notice, we will make clear to you at the relevant time what those legitimate interests are.
If you have any questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided further below.
We collect and process your Personal Data when you use the Website or Services, when you sign up to receive our content or newsletters and when you engage with us (for example, by sending us an email), and when you are registered as a user or employee in our Services. Our processing operations are mainly necessary to enable us to make contact with you, necessary for the purposes of operating the Services, or based on you having given us consent. We store your Personal Data on servers located within the European Economic Area (the “EEA”). We share your Personal Data within the Services (and with third parties as set out below). We may also share your Personal Data with law enforcement agencies or other bodies if we are required by law to do so.
6. INFORMATION WE COLLECT
6.1. Information Related to Your Interaction with Us and the Offerings
Registration and Contact Information. We collect information about you when you: (a) register to use the Services; and (b) otherwise provide contact information to us via email, mail, or through our Offerings. This information you provide may include your username, first and last name, email address, mailing address or phone number.
Third Party Platforms. We may collect information when you interact with our advertisements and other content on third-party sites or platforms, such as social networking sites. This may include information such as “Likes”, profile information gathered from social networking sites or the fact that you viewed or interacted with our content.
6.2. Customer Data
Customers of the Services may submit various types of information and data into the Services for hosting and processing purposes (“Customer Data”). Customer Data may include, without limitation, personal information such as names, email addresses and phone numbers of users, contractors and other people involved in health and safety (“People”), which information may be input into the Services by you.
We will only use, disclose and otherwise process Customer Data for the purposes set forth in your agreement with us for the provisioning of the Services (“Service Subscription Agreement”).
7. THE PERSONAL DATA WE PROCESS
7.1 We will collect and process the following personal data when you use the Website:
7.1.1 Device Information
7.2 You can choose to provide us with the following Personal Data:
Demo Request, White paper, Show Appointments: If you request a demo, request a white paper, or make show appointments with us, we will process your email address, your name, telephone number, company name.
Subscription: If you subscribe to our Blog or regular Marketing material we will process your email address. If you choose to subscribe we will also process information about how you interact with the emails and messages you receive from us, such as whether or not you open the communication, the links you click on, whether you purchase anything or whether you opt out of the communications.
Query Information: You may choose to give us information such as your name, e-mail address, address, telephone number and other details when contacting us by submitting enquiries through the Website contact form, our live chat service on the Website or by e-mailing email@example.com. If you choose to provide us with this information, we will keep a record of this correspondence for as long as is necessary to deal with this query (for further information please see our section on How Long We Keep Your Personal Data below).
7.3 We collect and process the following personal data when you use the Services:
7.3.1 Device Information
7.3.2 Personal Data
8. HOW AND WHY WE USE YOUR PERSONAL DATA
8.1 We use your information in the following ways:
- To provide, maintain and improve the Website and Services, including to operate certain features and functionality of the Offerings (for example, by remembering your information so that you will not have to re-enter it during this or subsequent visits);
- To process your inquiries and otherwise deliver customer service;
- To control unauthorised use or abuse of the Offerings and our other products and services, or otherwise detect, investigate or prevent activities that may violate our policies or be illegal;
- To analyse trends, administer or optimize the Offerings, monitor usage or traffic patterns (including to track users’ movements around the Offerings) and gather demographic information about our user base as a whole;
- To communicate directly with you, including by sending you newsletters, promotions and special offers or information about new products and services. Your opt-out options for promotional communications are described below (Your Controls and Choices);
- To deliver you advertising, including by serving and managing ads on the Website or on third party sites and to tailor ads based on your interests and browsing history. Please see below (Your Controls and Choices) for additional information on how to manage the ads you see.
- To carry out obligations arising from any contracts entered into between you and us;
- To notify you about changes to the Website and Services;
- To ensure that content from our Website and Services is presented in the most effective manner for you and for your computer;
- To administer the Website and Services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To inform you about scheduled downtimes and new features;
- To improve the Website and Services to ensure that content is presented in the most effective manner for you and your computer;
- To allow you to participate in interactive features of our Services, when you choose to do so.
9. WHO WE SHARE YOUR PERSONAL DATA WITH
9.1 We will disclose your personal data to our employees and suitably authorised personnel of any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. For example, our Sales and Marketing personnel will use contact information in order to respond to enquiries received via the Website. Our Customer Success and Product Team personnel may use personal information, with our customer’s permission, in order to resolve a product query, or analyse a technical issue with the Services.
9.2 We will disclose your personal information to third party business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you including in the following circumstances:
Third Party Service Providers
- to send you post or email via third party communications or delivery service providers
- to provide our customer service infrastructure including our live chat and helpdesk features
- to manage how we follow up with enquiries
- to collect website analytics and optimisation information to improve our Website
- credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you
For a full list of the sub processors we use, click here.
Regulatory Authorities, Law Enforcement Agencies, Public Bodies and Other Third-Party Companies
- to comply with any applicable legal obligation, court order, summons, search warrants, or any other legal or regulatory obligation or request to which Engage EHS is or may become subject
- to protect the rights, property or safety of us, our customers, or others
- for the purposes of fraud protection and credit risk reduction
- to enforce our legal agreements with you
In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
If we or a member of our group of companies or substantially all of their assets are acquired by a third party, in which case personal data held by them about their customers will be one of the transferred assets.
10. STORING AND TRANSFERS OF YOUR PERSONAL DATA
10.1 Our Services and Website are global and your information (including personal data) may be stored and processed in any country where we have operations or where we engage service providers, and we may transfer your information to countries outside of your country of residence, which may have data protection rules that are different from those of your country of residence.
10.2 We store and process your Personal Data on servers located within the European Economic Area (the “EEA”). However, we may transfer your Personal Data outside the EEA where we engage with third party services providers. Your Personal Data may also be processed by staff operating outside the EEA who work for us or for one of our suppliers or partners. Such staff or subcontractors may be engaged in, among other things, the fulfilment of your order, the processing of your payment details or the provision of support services.
10.4 Our Website and Services are accessible via the internet and may potentially be accessed by anyone around the world. Other users may access the Website or Services from outside the EEA. This means that where you chose to post your data on our Website or within the Services, it could be accessed from anywhere around the world and therefore a transfer of your data outside of the EEA may be deemed to have occurred. You consent to such transfer of your data for and by way of this purpose.
If you would like to find out more about the appropriate safeguards that we have in place to govern the transfer of your Personal Data you can contact us at firstname.lastname@example.org
11. PROTECTION OF YOUR PERSONAL DATA
11.1 Information you provide to us through the Website is protected by encryption. Once we have received your information, we use strictly maintained physical, electronic and procedural safeguards to prevent unauthorised access. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website or Services, you are responsible for keeping this password confidential. We ask you not to share any password with anyone.
11.2 Unfortunately, the transmission of information via the Internet is not completely secure. Although we will endeavour to protect your personal data, we cannot guarantee the security of your data transmitted to our Website or the Services. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
12. WEBSITE LINKS
12.2 The Website contains links to other websites and resources provided by third parties for your convenience and information only. We accept no liability in connection with any Linked Website, or any contract entered on or through a Linked Website. We have no control over the contents of those websites or resources and accept no responsibility for them or for any loss or damage that may arise from your use of Linked Websites.
13. HOW LONG WE KEEP YOUR PERSONAL DATA
13.1 We will keep your Personal Data no longer than is necessary for the purposes for which the data was provided.
13.1.1 Subscription Information: Where you have opted in to receive communications and subsequently opted out or have not confirmed your subscription, we will retain your data for a period not longer than 6 months before removing it from our systems.
13.1.2 Device Information: Device information is stored for a period of 3 years. Where device information is associated with an account that is deleted by request or as per our data retention policy then the associated device information will also be removed.
13.1.3 Query Information: We retain query information for 3 years from the date the query was marked as closed.
13.1.4 User Information: We retain user information for 3 years from the date a Customer ceases to use our service, unless they specifically request us to remove their data sooner than this.
13.2 Please note that in certain circumstances, we may hold your Personal Data for a longer period, for example, if we are processing an ongoing claim or believe in good faith that the law or a relevant regulator may reasonably in our view expect or require us to preserve your data, to maintain system backups, to maintain security, prevent fraud or abuse, to enforce our legal agreements or fulfil a request to “unsubscribe”.
13.3 We will retain de-personalised information after your account has been closed.
13.4 Also, after you have closed your account or deleted information from your account, any information you have shared with others will remain visible. We do not control data that other users may have copied from the Website or Services. Your profile may continue to be displayed in the services of others (e.g. search engine results) until they refresh their cache
14. YOUR RIGHTS
14.1 You have the right under Data Protection Law, free of charge, to request:
- Access to your personal data.
- Rectification or deletion of your personal data.
- A restriction on the processing of your personal data.
- Object to the processing of your personal data.
- A transfer of your personal data (data portability) in a structured, machine readable and commonly used format.
- Withdraw your consent to us processing your personal data, at any time.
To request your information, please contact us at either email@example.com (if you are not a paying customer) or firstname.lastname@example.org (if you are) with your name and the information requested to be accessed, corrected or removed. We will provide you with information without undue delay and at the latest within one month of receiving your request. We may extend this up to 2 months if necessary, however we will inform you if this arises.
14. MARKETING COMMUNICATIONS
14.1 Please note that where we process your Personal Data for marketing purposes, if you change your mind about being contacted in the future, you can also “opt out” at any time by clicking the “unsubscribe” link at the bottom of any communication. Once you “opt out”, you will no longer receive any marketing emails from us. We will continue to communicate with you regarding your service billing and support via email.
14.2 We send push notifications from time to time in order to update you about any service updates, events and promotions we may be running. If you no longer wish to receive these communications, please disable these in the settings on your device.
For individuals located in the EU: your local data protection supervisory authority in the country in which you are located.
16. NO CHILDREN UNDER 16