Eseye Privacy Policy

Privacy policy.

Your privacy is important to us.

Privacy Policy of Eseye Ltd

This policy is issued by Eseye Limited (“we”, “us”, our”). This privacy policy explains how we use any personal information we collect about you when you use this website and engage with us on behalf of a customer organisation, in order to purchase our products or services. We are a controller of your personal data and are responsible for ensuring that it is properly protected. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR). If you are resident within the European Economic Area (EEA), we are also subject to the EU General Data Protection Regulation (EU GDPR) when we engage with you to provide our products and services or where we monitor your behaviour.

Please read this privacy policy carefully as it contains important information about who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

This website is not intended for use by children and we do not knowingly collect or use personal data relating to children.

Please see the “How to contact us” section below if you have any questions about this privacy policy or the data we hold about you.


Policy summary

Contact information

Owner and Data Controller
Eseye Ltd.
20 Nugent Road,
Surrey Research Park,
Guildford,
GU2 7AF
United Kingdom

Owner contact email: dataprotectionofficer@eseye.com


Full Policy

What information do we collect about you?

The personal data we collect about you depends on why you engage with us. We may collect and use the following data about you:

We need this personal data to provide you with products and services. If you do not provide personal data we ask for, it may delay or prevent us from providing products and services to you.

We do not routinely collect and process special categories of personal data (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

Where we do need to process special category data, we will make sure we are allowed to do so under data protection laws, for example:

We may also collect, use and share Aggregated Data for example to analyse customer usage. Aggregated Data may be derived from your personal data but is not considered personal data in law as it does not include information that can directly or indirectly identify you. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.

How do we collect information about you?

We collect information about you directly, such as when you access our website, register with us, contact us (including via our website contact form) or place an order for or purchase our products or services on behalf of your organisation. This may include asking you to provide your passport details so that we can register SIMs for your organisation, if this is a requirement within the country or territory that you operate.

We also collect information when you voluntarily complete customer surveys, submit enquiries, provide feedback or submit information for offers.

We also collect website usage information automatically using cookies and other similar technologies when you interact with our website. This may include technical data about your equipment, browsing actions and patterns. Please see the “Cookies” section below for more information.

We will receive personal data about you from various third parties and public sources as set out below.

How will we use the information about you?

Under data protection law, we can only use your personal data if we have a lawful basis for doing so, which includes:

The table below explains what we use your personal data for and why:

Purpose/Activity

Type of data

Lawful basis for processing

To register you as a new customer

(a) Identity
(b) Contact

Necessary for our legitimate interests (to enter into and perform a contract with the organisation you are engaging with us on behalf of)

To provide products and services to you, including:


(a) to process your orders;
(b) to manage your account;
(c) to manage payments, fees and charges
(d) to collect and recover money owed to us

(a) Identity
(b) Contact
(c) Financial
(d) Transaction

Necessary for our legitimate interests (to enter into and perform a contract with the organisation you are engaging with us on behalf of and to recover debts due to us)

To manage our relationship with you which will include:


(a) Notifying you about changes to our products and services, terms or privacy policy
(b) Asking you to leave a review, take a survey or for other market research purposes

(a) Identity
(b) Contact
(c) Profile
(d) Marking and Communications

(a) Necessary to comply with a legal obligation


(b) Necessary for our legitimate interests (to enter into and perform a contract with the organisation you are engaging with us on behalf of and to keep our records updated and to study how customers use our products and services)

To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Identity
(b) Contact
(c) Technical

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)


(b) Necessary to comply with a legal obligation

To deliver relevant website content and marketing materials to you and measure, run adverting campaigns or understand the effectiveness of the marketing we send to you

(a) Identity
(b) Contact
(c) Profile
(d) Usage
(e) Marketing and Communications
(f) Technical

(a) Consent, where this involves electronic marketing communications which require recipient consent


OR


(b) Necessary for our legitimate interests (to study how customers use our services, to develop them, to grow our business and to inform our marketing strategy)

To use data analytics to improve our website, marketing, customer relationships and experiences

(a) Technical
(b) Usage

(a) Consent, where this involves us using non-essential website cookies and similar technologies


OR


(b) Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

To make suggestions and recommendations to you about products and services that may be of interest to you

(a) Identity
(b) Contact
(c) Technical
(d) Usage
(e) Profile

(a) Consent, where this involves electronic marketing communications which require recipient consent


OR


Necessary for our legitimate interests (to develop our products and services and grow our business)

To respond to regulatory and enforcement requests, including requests for KYC information.

(a) Identity
(b) Profile

Necessary to comply with a legal obligation

Who we share your personal data with

We routinely share personal data with:

We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.

We may disclose your personal data to law enforcement agencies and regulatory bodies where we need to do so according to the law or regulations.

We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, data will be anonymised but this may not always be possible. The recipient of the data will be bound by confidentiality obligations.

For more information about the third parties that we may share your personal data with please contact us using the contact details set out below.

Transferring your personal data out of the UK and EEA

To provide products and services to you, it is sometimes necessary for us to share your personal data outside the UK and EEA, for example, with our group companies or service providers either located outside the UK or EEA, or that transfer personal data outside of the UK.

Transfers of personal data outside of the UK and EEA are subject to special rules under UK and EU data protection law. This is because non-UK and non-EEA countries do not have the same data protection laws as the UK and EEA.

We will, however, ensure the transfer complies with data protection law and all personal data will be secure.

As a result, when we transfer personal data outside of the UK or EEA we will ensure that the transfer complies with data protection law by following one of the below steps:

As an example, our major data centre is located in the Isle of Man and therefore is not within the UK or EEA. The Isle of Man does however benefit from both a UK and EU Adequacy Decision which enables us to transfer personal data there without any additional safeguards.

For more information about our international transfers and to request a copy of any standard contractual clauses, please contact us using the contact details set out below.

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures and security measures to safeguard and secure the information we collect online against accidental loss or unlawful usage or access. We limit access to your personal data to those who have a genuine business need to access it. Those processing your data will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Marketing

We would like to send you information about products and services of ours which may be of interest to you.

We will only send you marketing communications if you have consented to receive them or it is in our legitimate interests to send them, for example because it is business-to-business marketing. You always have the right to opt out of receiving further promotional communications and also may opt out at a later date.

If you no longer wish to be contacted for marketing purposes, please:

We may ask you to confirm or update your marketing preferences if there are changes in the law, regulation, or the structure of our business.

Please note that we may also send you other communications in relation to your purchase of products and services or in order to respond to queries you have raised, such communications are service communications and are not considered a form of marketing communications.

Your rights

You have the following rights, which you can exercise free of charge:

Access

The right to receive a copy of your personal data (the right of access)

Rectification

The right to make us to correct any mistakes in your personal data

To be forgotten

The right to make us delete your personal data - in certain situations

Restriction of processing

The right to make us restrict processing of your personal data - in certain circumstances, e.g. if you contest the accuracy of the data

Data portability

The right to receive the personal data we hold on you in a structured, commonly used and machine-readable format and/or transmit that data to a third party - in certain situations

To object

The right to object:
- at any time to your personal data being processed for direct marketing (including profiling);


- in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests.

Not to be subject to automated individual decision making

The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

For further information about any of the rights set out above please contact us or see the guidance provided by the UK Information Commissioner’s Office (ICO) on individuals’ rights.

If you would like to exercise any of your rights, please:

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

How long your personal data will be kept

We will not keep your personal data for longer than we need to for the purposes set out in this policy. Different retention periods apply for different types of personal data.

When we stop needing your personal data, we will either delete or anonymise it.

As an indication, if your organisation has purchase products and services from us, we will keep your personal data while we are providing those products and services. Thereafter, we will keep your personal data for as long as is necessary:

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

You can request further details of retention periods for different aspects of your personal data by contacting us.

Cookies

Cookies are text files placed on your device (e.g. computer, smartphone or other electronic device) when you use our website, to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity, as well as for targeted advertising purposes.

For further information about cookies, our use of cookies, when we ask your consent before placing them, and how to disable them, please see our cookie policy.

Other websites

Our website contains links to other websites. We do not control these third-party websites and are not responsible for their privacy statements. This privacy policy only applies to this website so when you link to other websites you should read their privacy policies.

Changes to our privacy policy

We keep our privacy policy under regular review and we will place any updates on this web page. This privacy policy was last updated in February 2022.

How to complain

Please contact us if you have any queries or concern about our use of your data. We hope we will be able to resolve any issues you may have.

You also have the right to lodge a complaint with the Information Commissioner or any relevant European data protection supervisory authority. The Information Commissioner may be contacted at ico.org.uk/make-a-complaint or telephone: 0303 123 1113

How to contact us

Please contact us if you have any questions about our privacy policy or information we hold about you using the contact details set out below:

By email: dataprotectionofficer@eseye.com

By post: Eseye Limited, 20 Nugent Road, Surrey Research Park, Guildford, Surrey, GU2 7AF, United Kingdom

Nobody does IoT better Let’s achieve your goals

Build the IoT estate that meets your needs now – and ten years from now. It’s why global leaders trust Eseye.