Last updated: 14th July 2018.
The eResource Scheduler Cloud (the “Software”) is an online scheduling software offered as Software as a Service (the “Service”) that is made available to you by Enbraun Technologies.
Whenever someone requests trial of or subscribes to our Service, that person becomes the account owner (“Subscriber”). Whenever we store or use your information or any other information / data on behalf of your account owner (“Subscriber”), we will use such information only as instructed by your account owner. Subscribers to our Services are solely responsible for ensuring compliance with all applicable laws and regulations and for keeping in place policies, arrangements, agreements or any such obligations that relate to the collection of personal information of individuals (“resources”, referred to as “data subjects”) in connection with the use of our Services by Subscribers. If you are an individual who interacts with a Subscriber using our Service, you will be directed to contact your account owner for all requests regarding assistance, or queries relating to your personal information.
We have no direct relationship with individuals whose personal information we process in connection with your account owner’s use of our Services. All or any information that we collect is under the direction of your account owner.
In all scenarios, we have no control or decision over what information is provided, or how it is used. Your account owner will be solely responsible for informing you about how they are using your information, and to respond to any query or request you have about that information. We will not be legally able or entitled to make any decision about how to respond to your requests regarding access, removal, deletion or restriction of the use of your information. Thus, all such queries or requests should always be directed towards your account owner.
INFORMATION WE COLLECT
Use of our Service
Our service is an online software for organisations to schedule their human and non-human resources on projects and generate related reports. Any individual who enters into a contract with us by undertaking trial or by subscribing to our Service by agreeing to our Terms of Service (“Terms”), must know that we need certain information to carry out our contract with you for the provision of Services, and you must provide this information to enter into a contract with us, otherwise we will not be able to carry out our contract with you and provide you the requested Services. In particular, you must provide the following information:
- Your name
- Your email address.
- Your organisation’s name
- Your payment details (in case of a paying subscriber)
All this information is displayed to account owner (“Subscriber”) and users with administrative rights.
HOW WE USE THE INFORMATION WE COLLECT
Provision of Services
The information we collect from you is primarily used in order to provide you Services that you request trial for and or Subscribe for.
All correspondence or interaction (inter alia email, telephone, post, SMS or via our Website) between you and us will, by structure include personal information (names, contact details, etc.) in such correspondence. This may include enquiries, reviews, follow-up comments or complaints lodged by or against you and disputes with you.
Any call information collected, for example details of phone numbers used to call our organisation and the date, time and duration of any calls. In case, we record calls to or from us, we will inform you of the same.
We will keep and use this information to carry out our contract with you (if applicable), to comply with any legal requirements for us to maintain records or carry out certain verifications, and / or for our legitimate interests in dealing with a complaint or enquiry and administering your (or your organisation’s) account or order and any Services we offer, as well as to review and improve our offerings, including troubleshooting, data analysis and testing.
The confidentiality of your payment information is maintained by a third part payment gateway, who collects all payment related information. We never have access to your payment information.
If you choose to subscribe to use the Service, you will be required to provide payment card or account information to process your order. Your payment card information is saved by a third-party service provider that we / our partners / our resellers use for payment card processing services and we / our partners / our resellers maintain a written agreement to ensure appropriate security and confidentiality measures are in place to safeguard your personal and financial data. Financial information provided is transferred over a secure connection. Your payment card information in never stored by us / our partners / our resellers. Tokenisation is used to associate payment information to your account. We / our partners / our resellers will not authorise the release of your personal or financial information to anyone not directly involved in processing the transaction. This information may be encrypted and stored for logging purposes in accordance with applicable regulatory requirements. Payment card numbers are used only for processing payments and are not used for any other purposes.
The third-party service provider used for processing your payments is Stripe, (Stripe website), and the personal data that you provide relevant to payment processing is subject to Stripe’s security and privacy policies. Stripe is a validated Level 1 PCI DSS compliant service.
We may collect your name and contact details (for example your name, email address, phone number or address), either directly or through a third-party, to send you information about our products or Services which you might be interested in. Information collected by a third-party will only be passed to us for marketing purposes if you have consented to them for the same.
If you are an existing client, we use your contact details for marketing to you and maintaining a list of potential clients, as is necessary for our legitimate interests.
If you are not an existing client, we may contact you for marketing purposes (whether we have collected your details from you or a third-party).
The right to “opt-out” of receiving our marketing communications (inter alia emails, SMS, phone calls, etc.) is always available to you. You can exercise the right to opt-out at any time by writing to us on firstname.lastname@example.org. All marketing emails will provide an unsubscribe option so that you can opt-out of any further marketing emails. Once you opt-out of receiving our marketing communications, you will be added to our suppression list to ensure we don’t accidentally send you any further marketing communications.
We never divulge your information to third parties for marketing purposes. However, on our instructions and on the condition of treating your information confidentially, we may use certain third-party service providers to send out our marketing communications.
We keep your details on our marketing list until you chose to opt-out.
This is information about you which you provide when you provide content to us. This may include reviews, photographs, videos and other content.
We may display and publish this information on our platforms (website, marketing material, oral or written communication with our existing or prospective clients, etc.) as a part of our contract with you or as necessary for our legitimate interests in providing content to our users.
This information is kept as long as you have an account with us and may be retained and displayed indefinitely after you close your account.
We may retain your necessary personal information to effectively bring and defend any or all legal claims, considering the risk that we may need to bring or defend certain legal claims. We may also need to share this information with our insurers or legal advisors. The time frame for which we retain such personal information may vary depending upon the nature of the claim and on how long the risk of bringing or defending a legal claim runs.
INFORMATION WE RECEIVE FROM THIRD PARTIES
We may also receive information about you from the following sources:
Our service providers
We work closely with third parties (including for example business partners, subcontractors, payment services, advertising networks, analytics providers, etc.) who may provide us with information about you, to be used as set above.
Publicly available resources
We may also obtain information from the publicly available resources including social media websites.
WHY ELSE DO WE COLLECT YOUR INFORMATION
We will use your personal information only in accordance with law. Although in limited circumstances we may use your information because you have specifically consented to it.
We generally use your information in the ways set out in this policy because:
- We need to perform a contract we have entered with you.
- It is necessary for our legitimate interests (or those of a third-party) and your interests and rights do not override those interests.
- We need to protect your interests (or someone else’s interests) or where it is needed in public interest (although these circumstances are likely to be rare).
Change of purpose
We will only use your personal information for the purposes we set out in this policy. Even if there is a need to use this information for any other reason, we will ensure that such other reason is compatible with the original purpose. In case, we ever use this information for an unrelated purpose, we will make sure that we notify you of the same and explain the legal basis which allows us to do it.
SHARING YOUR INFORMATION
We may share your information with certain third parties, including third-party service providers / our partners / our resellers on the condition of maintaining the security and confidentiality of your personal information in accordance with law.
The reasons for which we may share your personal information with certain third parties / our partners / our resellers includes our legal obligations, where we might be under a duty to disclose or share your personal information, or for enforcing or applying our agreements with you, or to protect our rights, property or safety, our customer’s rights, property or safety, or that of others, or where we have other legitimate interests in doing the same.
We may also share your personal information with our third-party service providers / our partners / our resellers so that they can carry out their services.
Our third-party service providers / our partners / our resellers, while processing your personal information for us as “data processors” are required to do so only on our instructions, including the duty to keep the information secure and confidential at all given times.
We never sell, trade or rent your personal information to others. Neither do we disclose your personal information to others other than as set forth in this policy. We shall not supplement the personal information provided by you with information collected from other sources.
WHERE WE STORE YOUR INFORMATION
If you are an individual from EEA, please know that you are hereby agreeing to the transfer of your personal information to the United States and to other jurisdictions in which we operate or from where we operate.
Personal information you provide us is stored in a secured format and sent and received over a secure SSL connection.
Where required to perform our contract with you and for provision of Services, the information that we hold about you may be transferred to, and stored at, a destination outside the EEA. It may also be processed by our service provider’s staff operating outside the EEA.
We are physically located in Republic of India. Our office headquarters are based in C-78, Sewar Area, Bapu Nagar, Jaipur-302015, Rajasthan, India.
Our application and database servers are provided by AWS (amazon web services) and are hosted in The United States of America.
We ensure that we take all reasonable measures to treat your personal information safely and securely.
To prevent your personal information from being lost, altered, disclosed, used or accessed in an unauthorised manner, we have put appropriate internal security measures that will protect this information at all times. Along with this, we only allow limited access to your personal information to employees, agents, contractors, resellers and other third parties who have a business need to know. They will only process your personal information on our instructions and are subject to a duty of confidentiality.
To handle any suspected data security breach, we have procedures in place. We will also notify you and any applicable regulator of any such suspected data security breach.
HOW LONG WILL WE KEEP YOUR INFORMATION FOR?
Your personal information will only be kept with us for as long as it is needed to fulfil the purposes envisaged in this policy. However, at times, to fulfil the purposes for which we collected your personal information, including any legal, accounting, or reporting obligations, we may need to retain this information for a longer time.
The factors that determine a reasonable amount of retention period for your personal information are the amount, nature and sensitivity of personal information, the potential risk of harm from unauthorised use or disclosure of the personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
Only where applicable, the data protection law i.e. General Data Protection Regulation (GDPR) gives several rights when it comes to personal information we hold about you. The key rights are set out below.
You or your account’s owner or administrative user may anytime review, change, and delete personal information that you provide us by directly using the tool’s functionality. You may also request to view or update the personal information that is associated with your account and stored by us.
Under certain circumstances, by law you have the right to:
Be informed in a clear, transparent and easily understandable way about how we use your personal information and about your rights. Therefore, we are providing you with the information in this policy. Please let us know if you require any further information about how we use your personal information.
Request access to your personal information. This enables you to receive a copy of the personal information we hold about you.
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to us using your information on this basis and we do not have a compelling legitimate basis for doing so which overrides your rights, interests and freedoms (for instance, we may need it to defend a legal claim). You also have the right to object where we are processing your personal information for direct marketing purposes.
Request the restriction of processing of your personal information, which will enable you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Withdraw consent in the circumstances where we are relying on your consent (as opposed to the other basis set out above) to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate interest in doing so.
Lodge a complaint if you think that we are using your information in a way which breaches the applicable data protection law. You have the right to lodge a complaint with your national data protection supervisory authority.
Get in touch with us by writing to us at email@example.com or via our website’s Contact Us page, if you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal information, withdraw your consent to the processing of your personal information for a specific purpose or in general or request copy of your personal information.
Scenarios under which we may not provide certain rights
Under certain scenarios, we may not be able to process your request and provide you the above-mentioned rights. This may include times where we may require your personal information for the following reasons:
- The provision of Services in an uninterrupted and effective manner; or
- By law we are required to retain your personal information and fulfil our legitimate purposes.
In these scenarios, we may refuse to process your request. You will have the option to terminate your subscription to the Services.
No fee usually required
You will not be required to pay a fee to access your personal information or to exercise any of the other rights. In case, we find the request is excessive or is not well founded, we may charge a reasonable fee. Also, in this case, sometimes, we may altogether refuse to comply with such request.
What we may need from you
To comply with your right to access or other rights, we may need to ask for certain specific information from you in order to be sure about your identity and to ensure that no personal information is disclosed to a person who does not have the right to receive it.
Your request will be responded to approximately within a month. Sometimes, the same may take longer and we will duly inform you of such delay. Please consider the reasonability of all your requests before submitting.
PRIVACY FOR ‘CHILDREN’
Our Service does not address anyone under the age of 16 (“Children”). No personally identifiable information is collected knowingly by us from any individual under the age of 16. Please contact us if you are a parent or guardian and you are aware that your child has provided us with Personal Data. If it comes to our notice that we have collected Personal Data from children without verification of parental consent, we will make all efforts to remove such information from our servers.
CHANGES IN THIS POLICY