VISIONECT PRIVACY AND COOKIE POLICY

Visionect d.o.o. (hereinafter referred to as we, us, our, Visionect, Visionect d.o.o., Visionect ltd.) respects your privacy and is committed to protecting your personal data. This Privacy and Cookie Policy (including any modifications, exhibits, etc., hereinafter referred to as the: “privacy policy”) tells you how we look after and process your personal data, whether you visit our VISIONECT (www.visionect.com) or JOAN (www.getjoan.com) website (hereinafter referred to as the “website”), regardless of where you visit it from, and/or purchase and/or use any of our products, services and/or applications. The term “products, services and/or applications” refers to all our products and services specified on the website, including but not limited to Visionect’s software and hardware products, mobile applications and services. About the terms of usage/sale of our products and/or services please read more in Terms of Use, Terms of Sale or other specific Terms as outlined in the footer of the website).

By now, you’ve probably heard of the General Data Protection Regulation (GDPR), effective as of May 25, 2018. Because we are fully devoted to protecting our confidential and sensitive data, including in particular any personal data processed in connection with our commercial activities, this Privacy policy aims to resolve any concerns you might have in this regard when using our website and/or products and services.

Nevertheless, if after reading this privacy policy, you have any additional questions about the processing of your personal data, including any requests to exercise your legal rights, please do not hesitate to contact us at [email protected].

WHO ARE WE AND WHAT DO WE DO?

Visionect LLC., Cesta v Gorice 30, 1000 Ljubljana, Slovenia is a B2B company founded in 2007. Visionect is the premier designer and developer of ultra-low-power digital display solutions created on electronic paper technology. Visionect’s mission is to empower people in public spaces to make better decisions by delivering more relevant, timely information, supported by digital displays easily installed in locations impossible before.The company is known for its JOAN room scheduler and the Place & Play product line.

The purpose of this privacy policy is to provide you with information on which, why and how we collect and process your personal data, including but not limited to any data you may provide through this website, when you:

  • sign up to our newsletter (and download any resource or content from the website),
  • purchase and/or distribute a product and/or service,
  • contact us by filling up the contact form,
  • do other corresponding activities.

It is important that you read this privacy policy together with any other terms and conditions available on the website and/or any notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using it.

WHICH DATA OF YOURS (YOUR COMPANY’S) DO WE PROCESS?

Personal data, or personal information, means any information about an individual from which that person can be identified (please also see a more detailed definition of personal data as defined by the GDPR). It does not include data where the identity has been removed and by which we (or any other person) are not able to identify specific individual (anonymous data).

We may collect, use, store and transfer different kinds of personal and/or other related data about you or your company (hereinafter together referred to as the: “data”) which we have grouped together as follows:

  • Identity Data includes yours and/or your company’s first and last name / firm and/or similar identifier;
  • Contact Data includes your company’s billing address, delivery address, e-mail address and telephone numbers;
  • Financial Data includes your company’s bank account details; We do not collect your company’s credit cards and/or PAYPAL information, as this services are ensured by third parties to which you provide the information voluntarily;
  • Transaction Data includes details about payments to and from you (your company) and other details of products and services you (your company) have purchased from us;
  • Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the website.
  • Usage Data includes information about how you use our website, products and services.
  • Calendar User Data as specified in the following below.

In order to maximize your user experience we also collect, process and use Aggregated Data which may be derived from your personal data but is, according to the law, not considered to be personal data as it does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. We also measure website-tracking (traffic information, for example). However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will is then used in accordance with this privacy policy.

We do not collect or otherwise process any so-called “special categories of personal data”, which according to the GDPR include details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. Nor do we collect any information about criminal convictions and offences.

Also, the website is not intended to be used children or minors (person under 18) and we do not knowingly collect data relating to children or minors.

HOW IS YOUR (COMPANY’S) DATA COLLECTED?

We use different methods to collect data from and about you (your company) including through:

Direct interactions. You may provide us your [Identity, Contact and Financial Data] by:

  • filling in contacting forms or by contacting us and/or corresponding with us by e-mail, phone or otherwise,
  • purchasing our products or services;
  • creating an account to use our products or services by creating a user account in the “Joan Portal”;
  • subscribing to our newsletter;
  • requesting marketing material to be sent to you;
  • entering a prize competition, promotion, referral program or survey;

Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data and/or Aggregated Data about your equipment, browsing actions and patterns. We collect this data by using cookies and other similar technologies as explained below in the “Cookies” section.

IN WHICH CASES WILL WE NEED TO USE SOME OF YOUR USER CALENDAR DATA?

To facilitate the use of our room scheduling solution product called »Joan« (hereinafter referred to as: “Joan”) for users of G Suite (Google apps), Office 365 and Microsoft Exchange, we will require certain permissions in your calendar account:

  • Read and / or write access to the calendars you wish Joan to manage. No calendar or event information is permanently stored on servers we are using. The Joan Portal (used for managing Joan – read more in Terms of Use) only stores the e-mail of the room’s resource, all other information is gained through an API call, parsed and sent directly to the device.
  • Access to basic user account information and email.
  • Read only access to your resources to enable automatic room resource scan.

No user calendar data is shared with any third parties.

WHY WILL WE USE OR OTHERWISE PROCESS YOUR (COMPANY’S) DATA?

We have set out below, in a table format, a description of all the ways we plan to use your (company’s) data, including personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us at [email protected] if you need more detail.

Purpose/ActivityType of dataLawful basis for processing including basis of legitimate interest
To register you as a new customer (creating an account on Joan portal) and providing supported services, including updates, etc. by e-mailIdentity ContactPerformance of a contract – order (executed purchase of product / service)  concluded with you;
To process and deliver your order including: Manage payments, fees and charges Delivery of products and services purchased / requested Collect and recover money owed to usIdentity Contact Financial TransactionPerformance of a contract (executed purchase of product / service) with you; Necessary for our legitimate interests (to recover debts due to us);
To manage our relationship with you which will include: To provide you with e-mail news, updates, etc. on our products and services (in case of newsletter subscription, etc.) Asking you to leave a review, let us know your customer experience, etc. after you made purchase of products and services; To deliver you information about its own similar products or services already purchased;Identity ContactPerformance of a contract (executed purchase of product / service) with you; Necessary to comply with a legal obligation; Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services):
To administer and protect our business and this website and products and services (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);Identity Contact TechnicalNecessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise) Necessary to comply with a legal obligations (reporting of breaches);
To use data analytics to improve our website, products and services, marketing, customer relationships and experiences;Technical UsageNecessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy);

DO WE USE COOKIES?

Cookies are small text files placed on your hard drive. We use cookies or similar technologies (pixels etc.) to personalize your online experience and improve our services for you. For example, cookies will remember and process the items in your shopping cart on our website. This saves you time, since you are not required to re-enter the same information each time you visit our site.

We use the following cookies:

  • Strictly necessary (essential) cookies. These cookies are required for the operation of our website. They include, for example,  the use a shopping cart or  e-billing services.
  • Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users find what they are looking for easily.
  • Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Advertising (Targeting) cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

Some of the cookies we use are internal, some of them external (third party) cookies. You can find more about the individual cookies we use here:

Essential cookiesCategoryDescriptionCookie
CloudflareUsed to identify individual clients behind a shared IP address and apply security settings on a per-client basis.__cfduid
VisionectUsed to display different content to users in different countries.cbc_country_name
cbc_country_code
Analytical cookiesCategoryDescriptionCookie
GoogleUsed to distinguish users across browsing sessions for Google Analytics, but cannot identify unique users across different browsers or devices. Has an expiration of 2 years._ga
Used to distinguish users and has an expiration of 24 hours._gid
Used to throttle requests and has an expiration of 10 minutes._gat
HotjarUsed  to let Hotjar know whether that visitor is included in the sample which is used to generate funnels._hjIncludedInSample
LinkedInUsed for LinkedIn Ad analytics.BizoID
lang
UserMatchHistory
lidc
bcookie
bscookie
TwitterUsed for Twitter integration and sharing capabilities for social media.personalization_id
Functionality cookiesCategoryDescriptionCookie
ZopimUsed to talk to customers in real time.AWSALB
__zlcmid
SpiceworksUsed to automatically discover detailed device information to troubleshoot user issues.visid_incap_1145931
incap_ses_879_1145931
_swnid
_swauth
Advertising cookiesCategoryDescriptionCookie
FacebookUsed to track  opted-out Facebook users for advertising purposes.fr

Visionect has listed them so you can decide whether you would like to opt-out or not. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies (especially essential cookies), please note that some parts of this website may become inaccessible or not function properly.

HOW CAN YOU UPDATE, REMOVE OR EXERCISE OTHER RIGHTS WITH REGARDS TO YOUR PERSONAL DATA?

You can update, remove and/or exercise other rights related to your personal data (as specified in detail below) at any time by contacting us at [email protected] We will respond as soon as we can and will follow up on your request within 14 days at most.

Also, if you do not like to receive our newsletter or other content e-mail, including updates or marketing material e-mails, you may at any time unsubscribe any time with the “unsubscribe” link within any e-mail you receive from us. We will be sad to see you go, but we respect your privacy.

The rights you may exercise with regards to your personal data:

  • Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction – update of your personal data. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
  • Request erasure – deletion of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes (as mentioned you will also get an option to stop such e-mail contacting in each e-mail we will send it to you). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information, which override your rights and freedoms.
  • Request restriction of processing your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it
  • Request transfer of your personal data. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Other rights established with GDPR.

Please keep in mind that certain personal data:

  • we are required to process for certain period according to applicable legislation (for example due to accounting reasons),
  • we may be required to process in order to provide you (your company) with our products and services. We will properly inform you if this is the case after we receive your request.

HOW DO WE PROCESS YOUR PERSONAL DATA?

We would never sell, share, or otherwise unlawfully use your personal data by disclosing them to any third party controller unless you provide us with your explicit consent as required by law, or we have a legal basis and/or obligation to do so.

Your personal data (and other data as well) is processed by our highly qualified employees and internal subcontractors that are required to execute confidentiality and data processing agreements and must at all time comply with our personal and confidential information policy. We ensure they are provided with proper data security training during the onboarding process.  Each of them receives an account (secured by a strong password) which allows them to access the corporate e-mailing system, other software systems and selected databases.

We also use external subcontractors, third-party service providers (data processors), for processing your personal data (for example e-cloud hosting services for storage, etc.). The ones established in the EU operate in compliance with GDPR. Nevertheless, many of our external third parties’ service providers are based outside the European Economic Area (EEA) so their processing of your personal data involves a transfer of data outside the EEA. Whenever this happens, we enforce  a similar degree of protection by ensuring at least one of the following safeguards is implemented:

  • your personal data is processed by third party service providers (data processors) established and operating in countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
  • your personal data is processed by third party service providers (data processors) with which  we have specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

Nevertheless, this website or web-platform for use of our products and services may include links to third-party websites, plug-ins and applications (for example, PAYPAL and/or credit card payment service providers, etc.). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party data processing activities and are not responsible for their privacy policies.

HOW LONG WILL YOU USE OR OTHERWISE PROCESS MY PERSONAL DATA?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

HOW DO WE SECURE YOUR PERSONAL DATA?

We take security of your personal data (and your or your company’s other data) very seriously!

We store majority of our data using e-cloud based solutions. Numerous studies have established that data stored in the cloud is less likely to be lost, deleted or leaked than data stored on a personal computers and/or other type of personal hardware. We make sure all our data we collect and process is fully encrypted at rest and in transit, by employing state-of-the art firewall and backup technology.

We also make sure our business premises are located in adequately secured buildings, which conform to established security standards. Physical access is controlled and monitored with the following safety measures: transponder card controlled interior door, limited access to on premise server rooms, surveillance systems (alarm, motion detectors, etc.), etc.

We established security measures presented above based on our best knowledge and experience in the field of data security. Notwithstanding, in case of any legislative and/or business requirements changes, we are ready to implement additional measures as soon as possible.

ARE WE ABLE TO NOTIFY ALL THE PARTIES CONCERNED IN CASE OF ANY DATA BREACH?

Yes. Any such data reach will be notified in accordance with Article 33 of the GDPR without undue delay (where feasible, not later than 72 hours after having become aware of it) to the parties concerned as well as to the supervisory authority competent in accordance with Article 55 of the GDPR.

WHICH PERSONAL DATA REGULATION DO WE COMPLY WITH?

This privacy policy is governed in accordance with Slovenian and/or EU legislation (whichever prevails), including but not limited to GDPR provisions. If you access our website, products and/or services from outside of EU, you are responsible for compliance with applicable local legislation.

WHO CAN YOU CONTACT IN CASE ANY QUESTIONS OR CONCERNS ARISE WITH REGARDS TO THIS PRIVACY POLICY?

We welcome your comments or questions about this privacy policy, you can email us at [email protected]. We will try to reply as soon as possible, but we will make sure we will handle your request in 14 days after we receive it.

© 2019 VISIONECT LLC. ALL RIGHTS RESERVED.