We respect your privacy and your rights for data protection and privacy. Please read this privacy statement carefully to understand who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event that you have a complaint.
2. Who we are
Edenhouse Solutions Limited (‘we’, ‘us’) collect, use and is responsible for certain personal information about you. When we do so we are regulated under the data protection and privacy laws which apply across the European Union (including those in the United Kingdom), and we are responsible as a ‘Controller’ of that personal information for the purposes of those laws
3. Types of Personal Information We Collect
Information collected by us:
We collect, store and use the following personal information when you provide it to us:
- Name and Contact Data: We collect your first and last name, email address, postal address, phone number, job title or role and/or other similar contact data.
- Credentials: We may collect usernames, passwords, password hints and other similar security information for the authentication and access to accounts or services.
- Device and Usage Data: We collect data about how you and your devices interact with our website (by cookies and other similar tracking technologies), which might include, amongst other things, your IP address and/or details of which version of web browsers you use or the pages you view on our website. See our Cookies Policy for further details regarding the use of such tracking technologies.
- Comments and Feedback: We retain information when you make enquiries or provided comments or feedback on our services.
- Client Personal Data: In the course of providing professional services to you, you may request that we process the personal data of your employees and your customers.
Information collected from other sources:
Occasionally we receive personal information from third party sources, which vary from time to time, but generally include:
- Data brokers, who may supplement our marketing database from time to time;
- Partners, with whom we might provide co-branded services, or with whom we might engage in joint marketing activities;
- Publicly-available sources such as open government databases or other data in the public domain;
- Cookies and other tracking technologies.
4. How We Use Your Personal Information
We use your personal information to:
- Provide (and improve) the products and services we offer to you, and keep you informed of similar or related products and services relevant to you.
- Perform essential business operations to enable us to operate our business, make informed decisions and report on performance of our business. This processing is necessary to serve our legitimate interests.
- Protect the security of our services and our customers, detect fraud, confirm validity of software and service access rights, resolve disputes and enforce our agreements. This processing is necessary to serve our legitimate interests.
- Improve our website by monitoring how you use it. This processing is necessary to serve our legitimate interests.
- Where you request or consent to such, to send you marketing material and other relevant notifications.
- Provide third parties with statistical information about our users (albeit this information will be anonymised). This processing is required to serve our legitimate interests.
5. Who We Share Your Personal Information With
We do not and will not sell personal information about our customers. We may share information with the following types of third parties, or in the following circumstances:
- Group Companies: Our business is closely aligned with that of EdenOne Solutions Limited who also provides SAP related products and services. We share information with EdenOne and our other affiliates and subsidiaries for business purposes, such as internal administration and providing you with relevant products and services. This processing is for our legitimate interests.
- Partners: We are a certified, channel partner of SAP (UK) Limited (SAP). We may liaise with SAP and its affiliates, and other strategic partners for the purposes of delivering products and services to you.
- Other Third Party Vendors: We use a variety of third-party vendors (including agents, contractors, advisors and service providers) who perform a variety of functions to help us operate our business – such as, by way of example only, website management and hosting, and/or services to protect and secure our systems and services.
- (We only share your data as necessary for the purpose of receiving these products, services or advice from these third parties. Such entities are required to abide by our privacy and security requirements, and are prohibited from using personal data received from us for any other purpose.)
- Sale, Merger or Acquisition: We may share your information in the event of a sale, merger or acquisition or all or any part of our business or our assets. This would be for our legitimate interests.
- Compelled Disclosure: When legally required, strictly necessary for the performance of a contract, or to protect our rights (or those of our affiliates) we may disclose your personal information to law enforcement or other authorities if required by applicable law, or as may otherwise be legally required.
When sharing data with third parties, your personal information may be transferred outside of the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’.
We will not share your personal information with any other third party without your consent.
6. Whether Information Must Be Provided By You
In some instances it will be necessary for you to provide Name and Contact Data and Credentials to enable us to provide products and services to you. The use of such data also assists us to ensure the secure and effective management of the supply of such products and services.
We will inform you at the point of collecting information from you, whether you are required to provide the information to us, and any impact this may have on our ability to deliver products/services if you decline.
7. How Long Your Personal Information Will Be Kept
We hold your personal information for as long as is necessary to provide the products and services offered and/or supplied to you, or for other legal purposes such as complying with the law and our legal obligations, resolving disputes and enforcing our agreements. All personal information we retain will be subject to this privacy statement and our internal retention guidelines. If you have any questions about a specific retention period for specific types of personal information we process, please contact the Privacy Team (see ‘How to Contact Us’ below).
8. Legal Bases For Using Your Personal Information
8.1 Performance of a Contract
We may use your personal data where necessary for the performance of a contract we have with you or to take steps to enter into a contract.
8.2 Compliance with the Law
Processing may be necessary for our compliance with any relevant legal, regulatory and corporate governance obligations. By way of example only, certain products, technologies and services are subject to export laws in various contracts, and you acknowledge that we may be required to take measures to prevent entities, organisations and parties listed on government–issued sanctioned party lists from accessing such products, technologies and services. This may include checks on user registrations data, or contacting a user to confirm his or her identity.
8.3 Legitimate Interests
We may also use your personal data for our legitimate business interests, for example recording transactions, quality improvement purposes, improving the content on our website and for other administrative, fraud detection and legal purposes. In order to network or grow our business we may also use your information to keep you up-to-date in relation to our products and services (including webinars, seminars or events) which are similar or relate to any products and services you have already purchased from us.
You have a right to object to us processing your personal data for our legitimate interests, and you may exercise this right by emailing email@example.com. Upon receipt of such a request, we will stop processing any applicable personal data unless we are permitted to process such data for another purpose set out in this privacy statement, or we are able to demonstrate a compelling legitimate interest to continue processing.
Except where we have a legitimate interest to do so, we will only use your personal data for direct marketing purposes if you have granted us consent. You may withdraw your consent in this case any time by emailing firstname.lastname@example.org; alternatively you can unsubscribe from any direct marketing by following the instructions in each email we send to you.
8.5 In the event that we are required to retain your personal data for legal reasons, we shall retain your personal data for period required by law.
9. Cookies other Tracking Technologies
For example, we may monitor how many times you visit the website, which pages you go to, traffic data, location data and the originating domain name of a user’s internet service provider. This information helps us to build a profile of our users. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.
You can set your browser not to accept cookies and the websites below tell you how to remove cookies from your browser. However, some of our website features may not function as a result.
10. Transfer of Your Information Out of the EEA
As a Controller we process personal data in the European Economic Area. However, we may transfer your personal information to sub-processors, who may process data within as well as outside of the EEA. As a consequence, whenever such transfers occur your personal data may be transferred to countries outside of the EEA. In such cases we have adequate mechanisms in place to protect personal information, for example by the use of Standard Contractual Clauses as approved by the European Commissions. If you would like further information please contact the Privacy Team (see ‘How to Contact Us’ below).
11. Your Rights
We rely on you to ensure that your personal information is complete, accurate and up to date. In the circumstances, we would ask you to notify us promptly of any changes or inaccuracies in your personal information.
In any event, you have a number of important rights in relation to our use of your personal information. In summary, such rights include the right to:
- access to your personal information;
- require us to correct any mistakes in your information which we hold;
- require the erasure of personal information concerning you in certain situations;
- object to our processing of personal information concerning you for direct marketing purposes;
- object to our processing where we process your personal information based on legitimate interest;
- otherwise restrict our processing of your personal information in certain circumstances.
For further information on each of those rights, including the circumstances in which they apply, you may wish to read the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of these rights, please contact us at email@example.com and let us have:
- enough information to identify you (eg full name, company name, user name or registration details);
- proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
- enough information to understand what your request relates to.
Please note that regardless of your communication settings we will continue to communicate with you in the ordinary course of business for the purposes of performing our contractual or legal obligations.
12. Keeping Your Personal Information Secure
We are committed to protecting the security of personal information. We maintain appropriate security measures to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. Our ISO 27001 certification also ensures the ongoing confidentiality, integrity, availability and resilience of our processing systems.
We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. Whilst we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet.
We also have procedures in place to deal with any suspected data security breaches. We will notify you, the applicable supervisory authority and any applicable regulator of any suspected data security breach where we are legally required to do so.
13. Links to Other Websites
Our website(s) may contain links to third party (meaning websites which are not owned by us). We are not responsible for the privacy practices or the content of such third party websites. If you provide personal data to such third parties, your data will be governed by their privacy statements.
14. How To Complain
We hope that we can resolve any query or concern you raise about our use of your information. However, you also have a right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner, who may be contacted at https://ico.org.uk/concerns/.
15. Changes To This Privacy Statement
This privacy statement was published on 18 May 2018.
We may change this privacy statement from time to time. If there are material changes to this statement, or in how we use your personal information we will inform you by either posting a notice of such changes prior to them taking place, or by directly sending you a notification. We would encourage you to regularly review this statement.
16. Children’s Personal Information
Our website and services are intended for adults only. Our services are not directed to minors and we do not knowingly collect personal information from minors.
17. How To Contact Us
You can contact the Privacy Team if you have any questions about this privacy statement or the information we hold about you by:
Post: Privacy Team, Edenhouse Solutions Limited, 6 Quartz Point, Stonebridge Road, Coleshill, B46 3JL; or
Phone: +44 (0) 121 767 9280.