Privacy policy

EPIITO PRIVACY POLICY

LAST UPDATED: JUNE, 2018

 

 

NAME OF THE REGISTER

 

Customer and marketing register of Epiito A/S (the “Register”).

EPIITO AND YOU

At Epiito, we understand the value of data and the importance of protecting it. This Epiito Privacy Policy (“Privacy Policy”) sets out details about the information that we collect, and how we process, store and share it.

We urge you to read this Privacy Policy, so you can understand Epiito’s use of your information, Epiito’s commitment to protecting all data that it receives and how you can be involved in this process. However, if this does not answer all of your questions, or if you have any feedback, we’d like to hear from you. Please use the contact information at the end of the Privacy Policy for any questions or feedback.

This Privacy Policy should be read alongside the Epiito’s General Terms of Use (“Terms”) which is incorporated here by reference. Unless otherwise defined in this Privacy Policy, defined terms used have the same meaning as in the Terms.

SECTION 1. WHO WE ARE

In this Privacy Policy, the words “our,” “us,” “we,” and “Epiito” refer to Epiito A/S, a Danish limited liability company located at Strandlodsvej 6B, 3., DK-2300 Copenhagen S registered with the Danish Business Authority under business no. 37943525. Contact person relating to this Privacy Policy is CTO Jesper Bendix, j.bendix@epiito.com

We collect and use information about our Website visitors and those that interact with our Services in order to manage your relationship with Epiito and to better serve you by personalizing your experience and how you connect with us.

SECTION 2. HOW WE PROCESS AND HANDLE DATA

The information we collect from you depends on the nature of your relationship with us or your interaction with our Website, Services and marketing events and communications. The information we collect may include both Personal Data and Other Information, as detailed below.

Personal Data. For the purposes of this Privacy Policy, “Personal Data” is information from which you could be identified, directly or indirectly, and may include contact and business information (such as name, title, email address), account information, license information, payment information, information from third parties, social media data and any other unique identifying information.
Other Information. For the purposes of this Privacy Policy, “Other Information” is any information that does not independently reveal your specific identity or does not directly relate to an identifiable individual. Examples include an IP address, browser type, browser language, browsing data, device information, time and date of requests, login activity and cookies. Gathering this information helps us to ensure that our Website and Services work correctly and support our visitor and customer analysis.

You are not required to share the Personal Data that we request. However, if you choose not to share such information, in some cases we might not be able to provide you with the Services, allow you to access certain specialized features of the Services or be able to effectively respond to any queries you may have.

Epiito will never collect more of your Personal Data than is necessary for the intended purpose of processing that information. Some of the uses of Personal Data listed in sections 3, 4 and 5 may not be mandatory and can be controlled by you.

Please see the YOUR PRIVACY RIGHTS section below to learn more about how you can control the information Epiito processes about you.

SECTION 3: EPIITO WEBSITE AND SERVICES

Epiito maintains control of the data provided to, collected by or for, or processed in connection to the Epiito Website and Services. We gather information about visitors to both our password-protected Services and our publicly accessible Website.

A. What information we collect through our Website and Services and how we collect it 

a. Information you provide to us

We collect information about you through our Website, Services, online forms and email, for example when you request a free trial or demo or contact us via our Website. This can include e.g. (i) first and last name; (ii) e-mail address, telephone number, address; (iii) payment information and transactional data. In addition, we may collect the following data arising from the customer relationship (i) information relating to maintaining the customer relationship; (ii) information on marketing permissions; and (iii) customer service data.

When you communicate with Epiito, we will store all communications we receive unless otherwise requested by you. If you are submitting information on behalf of another individual, you are responsible for obtaining appropriate consent, including consent to share and transfer any Personal Data across borders.

b. Information we collect automatically

Although we do not normally use automatically collected data to identify you as an individual, you can sometimes be recognized from it. In such situations, the automatically collected data can also be considered personal data under applicable laws.

 

Log data. As with most internet technology services, our servers automatically collect information when you access or use our Website and Services and record it in log files. This log may include IP address, usage data, browser type, the date and time the Site or Service were accessed, and language preferences cookies (if enabled).

Device Information. Epiito collects data about devices accessing the Website and Services, which may include the type of device, device settings, application IDs, and unique identifiers. Whether we collect any or all of this information will depend on the type of device used and how it has been configured by you.

Location Information. We receive data from you and other third parties that helps us to track an approximate device location. We may use, for example, an IP address detected by your browser or device to determine device location. We may also collect information from devices in accordance with the consent process provided by your device.

Third Parties. We use and permit selected third parties to use automatic data collection tools to collect information using website tracking technologies such as cookies, web beacons, embedded URS, pixels, widgets, buttons or other similar technologies. These can be disabled by you.

B. How we use that data

We may use the information collected for the following purposes:

  • To be able to deliver our Services to you and meet our contractual obligations. Some of the functions and Services on this site are simply unable to work properly if we do not know who is using them.
  • To improve the operation of the Website and Services;
  • To engage in research and development of the Website and Services;
  • To conduct ordinary business operations such as sales, marketing, support, education and training;
  • To engage in corporate reporting and management; and
  • To conduct market research.
  1. How we share that data
  • Sharing with third party service providers. We retain third party service providers to manage or support certain aspects of our business. These third party service providers may be located globally and may provide services to us such as website hosting, data analysis, advertising and marketing services, data hosting, live-chat and helpdesk services, providing information technology infrastructure, customer service, email delivery, credit card processing, auditing and other similar services. Our third party service providers are contractually bound to safeguard any Personal Data they receive from us and they are prohibited from using such Personal Data for any purpose other than to perform the services as instructed by Epiito.
  • Sharing with ad technology providers. We may provide information we collect to ad technology providers so that they may recognize your devices and deliver interest-based content to you. The information may include your name, postal address, email, device ID, or other identifier in encrypted form. The providers may process the information in hashed or anonymized form. These providers may collect additional information from you, such as your IP address and information about your browser or operating system; may combine information about you with information from other companies in data sharing cooperatives in which we participate; and may place or recognize their own unique cookie on your browser. These cookies may contain demographic or other data in an anonymized form.
  • Engaging in corporate transactions. Circumstances may arise where we may buy or sell assets or businesses as part of a sale, merger or change in control of Epiito. In such transactions, we may disclose or transfer your information, in accordance with this Privacy Policy, to prospective or actual purchasers or receive your information from sellers. Any entity which buys us or part of our business will have the right to continue to use the information we have collected and stored, but only in the manner set out in this Privacy Policy.
  • Complying with law / protecting legal rights. We may be required to disclose your information to comply with applicable laws (including laws outside of your country of residence), regulations, court orders, government and law enforcement requests, including national security or other law enforcement requirements. Additionally, if we reasonably believe that it is necessary or appropriate, we reserve the right to use or disclose your information to allow us to pursue available claims or remedies and protect our legal rights, property or the safety of our employees, users or others, to the extent allowed by applicable law. This includes exchanging information with companies and organizations for the purposes of fraud detection.

SECTION 4: MARKETING ACTIVITIES 

Epiito maintains control of the data provided to, or collected by or for, or processed in connection with certain marketing activities, such as email communications, webinars, conferences and events. We and our third party service providers may collect information in the following ways:

A. What data we collect through our marketing activities and how we collect it 

a. Information you provide to us

In addition to information submitted to Epiito through our Website, for example when you register for a webinar, subscribe to our email newsletter or download content (such as a whitepaper), we may also collect information from you offline, such as when you attend our events in person or during phone calls with sales representatives.

b. Information we acquire from a third party
To enhance Epiito’s ability to provide relevant marketing, offers, and services to you, we may receive information about you from third parties, such as public databases, partners, lead generation services, and social media platforms. We also collect information from other sources to help us correct or supplement our records such as customer enrichment services, improve the quality or personalization of our Services to you and to verify your identification in instances of suspected fraud or identity theft. In each instance we will only accept information from third parties where those third parties can demonstrate they have received all necessary consents to share such information with us.

B. How we use that data 

We may use information that is collected through our marketing activities in the same way we use information collected through our Website or Services, as well as for the following purposes:

  • To verify your identity if required (for example, for payment of a ticket to a Epiito event);
  • To tailor marketing to your interests, or to recommend Services that may be of interest to you;
  • To contact you with business, marketing and sales communications that you have agreed to receive such as newsletters, announcements, and special offers, or to notify you of upcoming events;
  • To update and improve Epiito’s Services;
  • To engage in corporate reporting and management;
  • To conduct market research; and
  • To conduct other similar uses pertaining to the Epiito’s Marketing Activities.
  1. How we share that data 

    We may share information that is collected through our marketing activities in the same way we share information collected through our Website and Services, as well as for the following purposes:

  • Communicating with you regarding a Epiito Event. We or our partners may communicate with you about events hosted or co-sponsored by Epiito or one or more of our partners. These communications may include information about the event’s content, logistics, payment, updates, or requests for additional information related to your event registration. After the event, Epiito may contact you about the event and our related services and may share information about your attendance with other third parties. Epiito may also share your information with designated event sponsors or partners who may then send you communications related to your event attendance.
    Please note that, during events, our partners or conference sponsors may directly request that you provide them with information about you at their conference booths or presentations. You should review their privacy policies to learn how they use information they collect. Each event may include additional privacy protection practices and terms unique to that event, included in attendee guidebooks, the event website or sponsorship agreements.
  • Engaging in advertising. We may provide you with personalized promotional offers (in accordance with your privacy preferences regarding Epiito Services and other selected partner websites). For example, you might see an advertisement on a partner site for a service that you have recently viewed on our Website. This may involve the use of cookies. We also partner with service providers to place advertisements on websites owned by third parties. Sometimes this will be achieved by sharing your Personal Data as described in the Cookie Policy.

SECTION 5: OUR CUSTOMER RELATIONSHIPS
When you use our Services, certain user data is processed by Epiito. The data is still controlled by you (the customer, partner, prospective customer), however, Epiito is a processor. Epiito collects, processes and stores information throughout these processes, as follows:

A. What data we collect and how we collect it

a. Information customers and certain users provide directly through password protected portals

We collect data as registration details from you when an account is set up. We will collect the data that you share with Epiito in the Service, as based on your organization’s configuration of the Epiito Service.

b. Information collected automatically 

We may automatically collect information through our Services in the same way we automatically collect information through our Website. We will further collect user behavior in our Services, including actions, movements, notes, visualizations, 3D models etc. that will be connected to your login and shared with you when downloading or extracting information about your behavior within the Services.

c. Anonymized, aggregated data 

In addition to the information you provide to us and which we collect automatically, Epiito also collects anonymous and aggregated information about how Epiito’s Services are used, to better design and operate our Service. As part of our operations we might also anonymize or pseudonymize your information for regulatory compliance, market analysis and other Epiito business purposes.

B. How we use that data

Epiito collects and uses customer information as necessary for the adequate performance of the contract between you as a customer and Epiito, and in accordance with any instructions received and the applicable contract terms. We use customer, partner and prospective customer information collected through our password-protected Services in a number of ways.

Using Account Generated Data. Epiito will use account generated data in furtherance of our legitimate interests in operating the Services. We may use information that is collected through our customer relationships in the same way we use information collected through our Website and Marketing Activities (cf. above), as well as for the following purposes:

  • To verify your identity if required (for example, for security reasons to gain access to an account);
  • To prevent fraudulent activities, such as fraudulent purchases;
  • To monitor use of the Services to ensure compliance with Epiito’s Terms of Use;
  • To provide customer support services, problem solution support and enhancing your customer experience – we use the data (which can include communications with Epiito employees) to investigate, respond to and resolve complaints and service issues;
  • To monitor license compliance;
  • To provide transaction support, including fulfilment of purchased licenses and to communicate with you about those requests;
  • To provide notification of bug fixes and security patches;
  • To review and respond to queries or feedback that you may provide to us;
  • To monitor calls for training and providing support purposes; and
  • To conduct other similar uses pertaining to our relationships with you.
  1. How we share that data

    We may share information that is collected through our customer relationships in the same way we share information collected through our Website.

 

SECTION 6. PROCESSING YOUR PERSONAL DATA

We will only collect and process your Personal Data in the ways described in this Privacy Policy when we have a reason to do so.

Epiito relies on the following reasons for processing Personal Data:

  • Consent (where you have given consent)
    We process certain Personal Data based on the consent you provided when you submitted your information. Where we rely on your consent, you have the right to withdraw or decline your consent at any time, such as consenting to receive marketing communications.
  • Contract (where processing is necessary for the performance of a contract with you, i.e. to deliver the Services you or your organization have purchased).
    When information is processed under contract, you are able to terminate the contract at any time and request that information be returned to you and/or deleted.
  • Legitimate interests of Epiito or any third parties. 
    Legitimate interests include enabling us to conduct internal business services, such as audits, mergers and acquisitions, reporting, and improving our Services. Personal Data will only be processed on these grounds when doing so does not outweigh your rights.
    Where we rely on legitimate interests, you have the right to object at any time.
  • Compliance with laws (where we are required to process information to comply with applicable laws)
    If we ask you to provide Personal Data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your Personal Data is mandatory or not (as well as the possible consequences if you do not provide your information).

SECTION 7. HOW WE KEEP YOUR INFORMATION SECURE

At Epiito, we understand the importance of information, and the need to keep Personal Data secure. We have implemented and maintain technical, administrative and physical security measures designed to protect your information from unauthorized access, disclosure, misuse, alteration, accidental loss or destruction.

We regularly review our security procedures to maintain the confidentiality, integrity, availability and resilience of all data both online and offline. These security procedures and measures vary based on the sensitivity of the information that we collect, process and store and the current state of technology but include firewalls, data encryption, physical access controls and information access authorization controls. Epiito has implemented an incident response plan, with a company protocol we follow in the event of any data breach. We take steps to regularly monitor our systems for vulnerabilities and to ensure that we only share information with those who need to know it.

However, no website or internet transmission is completely secure. While we strive to protect your data, we cannot guarantee that unauthorized access, hacking, data loss or a data breach will never occur, and we cannot warrant the security of any information that you provide to us. You are responsible for securing and maintaining the privacy of any password(s) and account registration information uses with Epiito, and verifying that the information we maintain about you is accurate and current. We are not responsible for protecting any information that we share with a third party based on an account connection that you have authorized.

We require that our third party service providers and partners agree to keep the information we share with them confidential and to use the information only to perform their obligations in the agreements we have in place with them. Epiito has implemented internal policies to ensure that such parties are required under contract to maintain privacy and security protections which are at least as consistent with our own policies and practices.

We maintain a list of our current sub-processors of Personal Data.

SECTION 8. STORAGE AND RETENTION OF YOUR INFORMATION 

Epiito is a global company and your information is stored on regional servers depending on your location and the locations of the servers of the companies we hire to provide services to us based on contractual requirements.

We will retain your Personal Data for the length of time needed to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law, or unless the information is deleted pursuant to the exercise of your rights. We may also retain cached or archived copies of information provided to us. The deletion of your Personal Data and other use of our Website and Services may result in the deletion and/or de-identification of Other Information that is retained by us.

SECTION 9. WHAT IS NOT COVERED IN THIS POLICY

Please note that this Privacy Policy applies only to your relationship with Epiito through your use of Epiito’s Websites, Services, events, trainings, communications, and marketing and advertising activities.

Epiito Partners who provide implementation and other solution services may also gather information and you should consult those other parties’ privacy policies as appropriate as they may be applicable to you. Please also note that in using our Website, we may provide links to other websites. Any interactions you have with these websites are beyond the control of Epiito.

SECTION 10. YOUR PRIVACY RIGHTS

We provide you the ability to exercise certain controls and choices regarding our collection, use and sharing of your information.

Please be aware that, if you do not allow us to collect your information from you, we may not be able to deliver certain products and services to you, and some of the Epiito services may not be able to take account of your interests and preferences.

Your choices. In accordance with applicable law, you may be entitled to exercise your rights and choices as follows:

  • Account settings. You may update your profile, your account and any related information at any time to ensure that information is up to date or delete inaccuracies.
  • Devices and browsers. Some of our mobile services useyour device’s location information. You can adjust the setting of your mobile device at any time to control whether your device communicates this location information.
  • Communications from Epiito. We may use your information to communicate with you by email, including sending you transactional or marketing emails. Epiito enables you to opt out of marketing communications.Some communications you may receive from us are not considered marketing emails, such as communications related to product download, sales transactions, software updates and other support-related information, patches and fixes, security alerts, events for which you have registered, disclosures to comply with legal requirements, and (where permitted by law) quality assurance surveys. Such transactional emails are not subject to general opt-out. Some additional communications you may receive from our partners may also not be subject to general-opt out, including product alerts, updates, and other notices related to partner status. You can tell us to stop sending you marketing emails by clicking the unsubscribe link included at the bottom of Epiito’s marketing emails or updating your preferences here. If you have any issues unsubscribing, you may contact us directly using the contact information at the end of this Privacy Policy.
  • Cookies. Some web browsers (including mobile web browsers) provide settings that allow you to control or reject cookies or to alert you when a cookie is placed on your computer, tablet or mobile device. Although you are not required to accept cookies, if you block or reject them, you may not have access to all features or functionalities available through our Services. Please go to our cookie policy to learn more on how you can manage your cookie preferences or opt out of cookies and other website data collection tools.
  • Data Access. You may request access to the Personal Data we hold about you and request that we edit or delete them.
  • Data Portability. You are entitled to request copies of Personal Data that you have provided to us in a structured, commonly used and machine-readable format and/or request that this information be transmitted to another service provider (where technically feasible).
  • Deletion. You may be able to have your Personal Data deleted or erased.
  • Correcting inaccurate or incomplete information. We maintain a process to help you confirm that your personal details remain correct and up-to-date.
  • Manage your Information. You may choose whether or not you wish to receive material from us or some of our partners. Please let us know by contacting us.
  • Withdrawing consent. If the processing of your Personal Data is based on your consent, you may withdraw your consent at any time as to future processing.
  • Objecting to or restricting use of Personal Data. You can ask us to stop using all or some of your Personal Data (e.g., if we have no legal right to keep using it) or to limit our use of it (e.g., if your Personal Data is inaccurate or unlawfully held).

SECTION 11. UPDATES AND HOW TO CONTACT US

UPDATES TO THIS PRIVACY STATEMENT

From time to time, we may change this Privacy Policy to accommodate new technologies, industry practices, regulatory requirements or to reflect any changes in how we process information. Any changes to this Privacy Policy will be effective when we post the revised Privacy Policy on this website. The “Last Updated” section at the top of this Privacy Policy states when this Privacy Policy was last revised and serves as notice of the update. Your use of the Website or Service provided following these changes means you accept the revised Privacy Policy.

CONTACT US

If you believe your Personal Data has been used in a way that is not consistent with this Privacy Policy or your specified preferences, or if you have further questions related to this Privacy Policy, we encourage you to please contact our CTO at the address below or by emailing: j.bendix@epiito.com

Written inquiries may be addressed to CTO Jesper Bendix at:

 

Epiito A/S

Strandslodvej 6B, 3.

2300 Copenhagen S

Denmark

PHONE: +45 70 215 215

If you feel that you have not received a timely or satisfactory response from us to your question or complaint, please contact the applicable independent recourse below: EU Data Protection Authorities (DPAs)