This Privacy Statement is a part of our Terms of Service (“Terms”). Both this Privacy Statement and the Terms apply to the use of www.eppione.com (the “Website”), any materials or information contained on the Website (the “Content”), as well as software designed to assist you in managing your employee benefits (the “Platform”). Collectively, we refer to the Website, the Content and the Platform as our “Services” to you. Please read both this Privacy Statement and the Terms carefully before proceeding to ensure you understand and agree to them. If you do not agree to them, continued use of the Services is not permitted.
Eppione Ltd is committed to respecting and protecting your privacy and would like you to feel safe when you give us your personal details and the personal details of your employees. As such, it is important that you read the information in this document to understand how we process your information.
Who Are We
This Privacy Statement is issued on behalf of our entire group of entities worldwide (collectively, “Eppione Ltd” or “we”/”us”/”our”),
- Eppione Holdings Ltd
- Eppione Technologies Ltd
- Eppione Ltd (ROI)
- Eppione Ltd (UK)
- Eppione Solutions Ltd (ROI)
- Eppione Solutions Ltd (UK)
To provide you with relevant information, respond to your requests we sometimes request that you provide us with information about yourself. This Privacy Statement applies to personal information that we may collect through your use of Eppiones’ Services. It also applies to personal information about you that we collect because you are a customer or prospective customer of our products and services or that we are provided pursuant to a business relationship you have with us.
What information we gather
In general, you may visit our website without identifying yourself or revealing any personal information. Eppione Ltd collects domain information from your visit to customise and improve your experience on our website.
This website may collect certain information from your visit, including the date and time of your access, the pages you have accessed, your browser or operating system, the name of the Internet Service Provider or wireless carrier, and the Internet Protocol (IP) address by which you are accessing the Internet, and the Internet address from which you linked to our site, or the internet address after using our site, and data relating to malfunctions or problems occurring when you use our Services. Additionally, we may collect information about other software on your device for the limited purpose of protecting your security or improving your online experience. We use this information to better understand how our website is being used so that we can improve its performance.
In order to deliver the Services, we provide you the opportunity to enter certain information relative to your organization and your employees. This information is narrowly tailored so as to allow us to deliver the Services, while using only a minimum amount of information. We may also collect or receive information about your interactions with us. Due to the nature of the Services, our Platform may allow you to provide Sensitive Data (as that term is defined in the European Union’s General Data Protection Regulation) regarding your employees.
Types of information collected include but are not limited to:
You and your employees account login details for our services, including your user name and chosen password;
Company Details: Name, Address, e-mails, phone numbers, authorised personnel, telephone recordings.
Employee details: Name, address, e-mail, date of birth, gender, marital status, employment start date, function, employment terms, annual leave, sick leave, health information, personal e-mail/phone, pps no. visa details, photograph, emergency contacts, reviews, rostering, training information, payment details, telephone recordings.
Information about any device you or your employees have used to access our Services (such as your device’s make and model, browser or IP address) and also how you or your employees use our Services. For example, we try to identify which of our apps you or your employees use and when and how you or your employees use them. If you or your employees use our websites, we try to identify when and how you or your employees use those websites too;
Your contact details and details of the emails and other electronic communications you or your employees receive from us, including whether that communication has been opened and if you or your employees have clicked on any links within that communication. We want to make sure that our communications are useful for you or your employees, so if you or your employees don’t open them or don’t click on any links in them, we know we need to improve our Services; and Information from other sources such as specialist companies that provide customer information (like credit reference agencies such as Experian, fraud prevention agencies, claims databases, marketing and research companies) and social media providers, as well as information that is publicly available.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive. We use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our services.
Our Legal Basis for processing your personal information
Whenever we process your or your employees personal information we have to have something called a “legal basis” for what we do. The different legal basis we rely on include:
Consent: You or your employees have agreed to us processing your personal information for a specific purpose;
Legitimate interests: The processing is necessary for us to conduct our business, but not where our interests are overridden by your interests or rights.
Performance of a contract: We must process your personal information to meet the terms of your contract with us;
Prevention of fraud: Where we are required to process your data in order to protect us and our customers from fraud or money laundering;
Vital interests: The processing of your personal information is necessary to protect you or your employees or someone else’s life;
Legal claims: The processing of your personal information is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity; and
Legal obligation: We are required to process your personal information by law.
Use of the information we gather
When we collect information about you, we intend to tell you why we are asking for the information and what we intend to do with it. Information you provide will be used in furtherance of the Services. In addition, your information may be anonymized, aggregated, and/or supplemented with additional information from other companies, and other publicly available information in order to enhance our software and algorithms and to otherwise operate and improve our Services. We may also use your information to personalize certain content to you, to fulfill your requests for functionality, features, and services, and to communicate with you and respond to your inquiries.
You will have the option of not providing the information, in which case you may still be able to access other parts of this website, although you may not be able to access certain services. In certain areas of our website, we may, where appropriate, enable you to ‘opt in’ to certain uses of your information e.g. personal data and direct marketing. Data will not be held for longer than is necessary, credit card transactions will be held for the duration of the transaction and general client details will be held while you are a customer. For details on information gathered and data protection while you are customer, please see our privacy notice (link).
The information we collect about you or your computer is used to run the website, respond to your requests or process any transactions you have requested. It may also be used to verify your identity, send you information or contact you in relation to an Eppione Ltd product or service that you are using or that we believe may be of interest to you after you have chosen to ‘Opt in’. You may withdraw your consent for this at any time.
How will Eppione use the personal data it collects about me?
Eppione will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR). We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary.
Special Categories of personal data
If we collect any special categories of personal data (e.g. health, religious beliefs, racial, ethnic origin – financial information is not classified as special categories of personal data) – we will ensure the below
- we will obtain your explicit consent
Sharing information with third parties
In certain instances, we may make your information available to third parties with whom we have a relationship where that third party is providing services on our behalf. We will only provide those third parties with information that is necessary for them to perform the services and we take measures to protect your information.
We may share aggregated, non-personally identifiable information, publicly and with our partners like publishers, advertisers or connected sites. For example, we may share information publicly to show trends about the general use of our websites and/or other products or services.
The contents of your online communications, as well as other information about you as a user of our Services, may be accessed and disclosed only under the following circumstances: in response to lawful governmental requests or legal process (for example, a court order, search warrant or subpoena), in other circumstances in which we have a good faith belief that a crime has been or is being committed by a user of our Services, that an emergency exists that poses a threat to the safety of you or another person, when necessary either to protect our rights or property or our employees, or for us to render the Services you have requested.
In the event that ownership of us was to change as a result of a merger, acquisition, or transfer to another company, your information may be transferred. If such a transfer results in a material change in the use of your information, you will be provided notice about the choices you have to decline to permit such a transfer.
If we transfer personal data or allow the transfer of personal data to a third party or outside the EU we as the data controller will ensure the recipient (processor or another controller) has provided the appropriate safeguards and on condition that enforceable data subject rights and effective legal remedies for you the data subject are available.
The third parties that we pass your personal data to are:
- Our representatives, such as companies that provide various services (including telecommunications, data storage, document destruction, and IT such as Goldfish, Smart IT, Kefron, Google, Amazon Web Services (AWS) and Microsoft 365), lawyers and auditors
- State or government departments, regulators, bodies or agencies
Eppione takes seriously its obligations in respect of your personal data under the General Data Protection Regulation and Data Protection Act 2018. Eppione Ltd’s intent is to strictly protect the security of your personal information; honour your choice for its intended use; and carefully protect your data from loss, misuse, unauthorised access or disclosure, alteration or destruction. We have established safeguards to help prevent unauthorized access to or misuse of your information. To protect your privacy and security, we may use passwords or other technologies to register or authenticate you and enable you to take advantage of our Services, and before granting access or making corrections to your information.
How to update and/or amend the personal information you have provided
You are entitled to know whether we hold information about you and, if we do (subject to certain limitations), to have access to that information and have it corrected if it is inaccurate or out of date. To exercise your Right of Access or to update your details under your Right of Rectification, Right to restrict processing or Right to be forgotten please email your request to firstname.lastname@example.org with proof of identity.
If we are unable to take action on your request, we will, as required by applicable law, annotate the personal information under our control with a note that action was requested but not made. In this event, we will notify you without undue delay of the reasons for not taking action, and you have the right to lodge a complaint with the relevant supervisory authority and ability to seek to enforce your rights through a judicial remedy.
Retention of your personal data
Eppione is required to retain information in accordance with the law, such as information needed for income tax and audit purposes. How long certain kinds of personal data should be kept may also be governed by specific business-sector requirements and agreed practices.
Data will not be held for longer than is necessary for the purpose(s) for which they were obtained. Eppione will process personal data in accordance with our retention schedule. This retention schedule has been governed by our regulatory body Central Bank of Ireland, Revenue and other regulatory bodies and our internal governance.
Our Services does not address anyone under the age of 16 (“Children”).
We do not knowingly collect personally identifiable information from children under 16. If you are a parent or guardian and you are aware that your Children have provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from children under age 16 without verification of parental consent, we take steps to remove that information from our servers.
This website contains links to other websites. Eppione Ltd is not responsible for the privacy practices or the content of such websites. We do not control these websites and are not responsible for their personal information practices. We urge you to review any privacy statement posted on any website you visit before using the website or providing any personal information about yourself or others.
In the event that you wish to make a complaint about how your personal data is being processed by Eppione or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and Eppione’s GDPR Owner
Please contact us. Email: email@example.com
Failure to provide further information
If we are collecting your data for a statutory requirement or to fulfil a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.
How we use automated processing
Your personal data is not subject to automated decision making, including profiling.
If we intend to further process your personal data for a purpose other than for which the data was collected, we will provide this information prior to processing this data.
If you have any questions or comments about our privacy statement or practices, please contact us.
Future Changes to this Privacy Statement
Eppione Ltd may modify or update this privacy statement from time to time at any time without prior notice.
You can check the “Last Updated” date below to see when the statement was last changed. We encourage you to check this statement often so that you can continue be aware of how we are protecting your personal information. Your continued use of the website constitutes your consent to the contents of this privacy statement, as it may be modified from time to time.
This privacy statement was last reviewed in September 2018