Effective Date: October 1, 2019
We are committed to protecting your privacy when you interact with us. The purpose of this Privacy Statement (“Statement”) is to set forth the Enterprise Business Applications Limited (“Enterprise Business Applications Limited” refers to the UK entity) and its affiliated entity, eba Bulut Bilisim ve Danismanlik Hizmetleri Ltd Sti. (eba Bulut Bilisim ve Danismanlik Hizmetleri Ltd Sti. refers to the Turkish entity) (together, the entities are referred to as “EBA” or the “Enterprise Business Applications”) privacy practices with respect to Personal Data (which means any information relating to an identified or identifiable natural person), we collect from and about individuals with whom we interact (“you”), in connection with our processing of such Personal Data for a General Business Purpose (defined below). It also describes the choices available to you regarding our use of your personal information and how you can access and update this information.
If we make any changes to this Statement we will notify you by means of an updated Privacy Statement on our website prior to the change becoming effective, including the date last updated at the top of the page. The most current version of the Statement can always be reviewed by clicking on the “Privacy Statement” link located at the bottom of our website.
If you are visiting our website from the European Union (“EU”) or where applicable EU data protection laws so provide, please see the section below titled, “Your EU Privacy Rights” for additional information. This Privacy Statement describes Enterprise Business Applications’ standard global procedure governing our access to and use of Personal Data across borders. As part of this Privacy Statement, Enterprise Business Applications will comply in all material respects with the General Data Protection Regulation (GDPR) 2016/679 and implementing legislation enacted by the member states of the European Union with respect to its operations in those member states, as well as such legislation as the Health Insurance Portability and Accountability Act of 1996, as amended, and other privacy laws, rules, and regulations that may apply to Enterprise Business Applications.
What information do we collect
The types of Personal Data Enterprise Business Applications collects includes:
- Contact information (such as name, email address, mailing address, and phone numbers),
- Account log-in credentials,
- Resume and applicant information for those applying for a job, and
- Data gathered by technology when you visit our website.
How do we use personal data
We use your Personal Data for Enterprise Business Applications’ business purposes, including the provision of services; support related to the services provided; and, internal operations. This includes developing and implementing software, providing consulting and technology services, and intra-company communications.
Specifically, we process your Personal Data to:
- Provide our products or services or process orders – this is necessary for the performance of a contract,
- To send administrative notices about important changes in our contractual relationship – this is necessary for the performance of a contract with you or for our legitimate interest to do so,
- To provide a more efficient and customized educational and shopping experience; provide customized marketing and promotional services; provide information about our products, services, special offers, and upcoming events; statistically analyze website use (for more information in this respect, see our separate Cookie Statement); improve our product and service offerings; and enhance our website content, layout, and services – this is necessary for our legitimate interests as set out herein or based on your consent (in which case we would ask you separately to provide your consent to a particular processing activity),
- To consider resumes and applications received by applicants for jobs with Enterprise Business Applications, including all elements of the procedure leading up to making a decision whether to offer, subject to any appropriate background checks, the applicant a position. Some job applicant data processing may also be necessary to comply with legal obligations.
- To perform
With whom do we share personal data
Within the Enterprise Business Applications: Your Personal Data may be shared with other companies within the Enterprise Business Applications Group (i.e., intra-group) for all the purposes described above. We may also provide some of our services through contractual arrangements with other companies in the Enterprise Business Applications who process the Personal Data on our behalf, in particular for the performance of our IT consulting, training, support, and maintenance services and mailing or delivery/courier services and in connection with our business operations including processing of Personal Data of employees and contractors.
With third-party service providers: We need to share your Personal Data with other third parties in order to deliver the requested products or services. We also share your Personal Data with accounting and consulting firms and external counsel. We may also use or share your information in an aggregate manner.
Law enforcement or other legal reasons: Occasionally we may be required by law enforcement or other public authorities as well as judicial authorities, courts, or tribunals to share Personal Data with them or other parties. We will disclose Personal Data upon receipt of a court order, subpoena, warrant, or other legal process to the extent necessary to meet legal, national security, public interest, or law enforcement obligations or defend our interests in legal, administrative, or other proceedings, which may require us to share Personal Data with other parties to the proceedings and their external counsel. We reserve the right to report to law enforcement agencies any activities that we in good faith believe to be unlawful.
Business transactions or legal restructuring: If we or some or all of our assets are acquired by another company, including through a sale in connection with bankruptcy, we will share the information that we hold with that company. We may also buy or sell all or part of our business or the business of a third party. All or part of your Personal Data may be transferred to a new business or owner as a result of such transactions, in accordance with applicable laws, however, your Personal Data will continue to be protected by any pre-existing Privacy Statement of Enterprise Business Applications, unless you agree otherwise.
We do not sell your Personal Data to third parties.
Individual rights of access to personal data
Upon request, Enterprise Business Applications will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Data.
Enterprise Business Applications takes steps to make sure that the Personal Data it uses is correct. Subject to certain legally permissible exceptions, we will allow Data Subjects reasonable access to Personal Data and Sensitive Data about themselves during normal working hours and upon reasonable request, and will be allowed to update, delete and/or correct any inaccurate information by emailing our Customer Support at firstname.lastname@example.org. We will respond to your request to access within 30 days.
Security of personal data
Enterprise Business Applications will take reasonable precautions to protect Personal Data and Sensitive Data (defined below) from loss, misuse, unauthorized access, disclosure, alteration, and destruction. We follow generally accepted standards to protect the Personal Data submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure; therefore, we cannot guarantee its absolute security.
Retention of data
You may sign-up/opt-in to receive marketing campaign emails, newsletters, or other communications from us. If you would like to discontinue receiving this information, you may update your email preferences by using the “Unsubscribe” link found in the communications or by emailing back “unsubscribe” or by contacting us at email@example.com.
Links to third-party websites
Our website includes links to other websites whose privacy practices may differ from those of Enterprise Business Applications. If you submit personal data to any of those websites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any website you visit.
Social media widgets
Our website includes Social Media Features, such as the Facebook Like button [and Widgets, such as the Share this button or interactive mini-programs that run on our website]. These Features may collect your IP address, which page you are visiting on our website, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our website. Your interactions with these Features are governed by the privacy statement of the company providing it.
Updates to Privacy Statement
“Enterprise Business Applications” and the Enterprise Business Applications means Enterprise Business Applications UK, Limited, and eba Bulut Bilisim ve Danismanlik Hizmetleri Ltd Sti Turkey
“Controller,” means Enterprise Business Applications and its authorized representatives, which determine the purposes and means of processing of Personal Data. ”Data Subject” refers to any employee or third person who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity.
“General Business Purpose means the Processing of Personal Data for any activity related to the commercial operations of Enterprise Business Applications. This could include, but is not limited to Enterprise Business Applications’ sales; marketing; protecting intellectual property; the provision of services; support related to the services provided; internal operations; general employment matters, including recruitment both internally and externally. Data Processing for a General Business Purpose includes, but is not limited to, implementing or developing software, providing consulting or technology services, maintaining files, payroll processing, managing benefit and medical plans, conducting performance reviews, and intra-company communications.
“Personal Data” means any information related to an identified or an identifiable natural person. For example, a Data Subject’s home address, e-mail address and/or phone number, personnel file, or benefits information constitutes Personal Data.
“Processor” means a natural or legal person or any other entity that processes Personal Data on behalf of the Controller and under its control. For example, a Processor may be a payroll preparation firm that works on behalf of Enterprise Business Applications and under its control. Enterprise Business Applications requires Processors to protect the privacy, confidentiality, and security of Personal Data obtained from Enterprise Business Applications.
“Processing” of Personal Data means any operation or set of operations which is performed upon Personal Data, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction.
“Sensitive Data” or “Special categories of personal data” is a subset of Personal Data, and refers to any Personal Data pertaining to racial or ethnic origin, political opinion, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
“Third Party” means any natural or legal person, public authority, agency or any other entity other than the data subject, the Controller, the Processor and the persons who, under the direct authority of the Controller or the Processor, are authorized to process the Personal Data.
International transfer of your personal data
Subject to this Privacy Statement, Enterprise Business Applications may from time to time transfer Personal Data and Sensitive Data within and between its various worldwide locations for a General Business Purpose, in compliance with country of origin regulations, EU law, the Privacy Shield Principles, and this Privacy Statement.
Enterprise Business Applications’ personnel, outside firms and consultants, and clients who receive Personal Data may be located in the Data Subject’s home country, the United States, or any other country in which Enterprise Business Applications or its affiliates do business. Therefore, Personal Data may be transferred to any country in the world, including but not limited to the United States of America, and other countries where Enterprise Business Applications does business, and where the privacy laws may be more or less protective than the privacy laws where the Data Subjects live or work.
In compliance with the Privacy Shield Principles, Enterprise Business Applications commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield Statement should first contact Enterprise Business Applications at: The Office of the General Counsel at firstname.lastname@example.org.
Enterprise Business Applications has further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint. The services of EU DPAs are provided at no cost to you.
Enterprise Business Applications is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently, transfers to a third party acting as an agent on its behalf. Enterprise Business Applications complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
Your EU privacy rights
If you are visiting the website from the EU or where applicable EU data protection laws so provide, you may, subject to certain limitations, exercise the following rights regarding your Personal Data:
You have the right to obtain from us confirmation if your Personal Data is being processed and certain information in this regard.
You have the right the request the rectification of inaccurate Personal Data and to have incomplete data completed.
You have the right, when we process Personal Data on the grounds of legitimate interests, to object to the processing of your Personal Data for compelling and legitimate reasons relating to your particular situation, except in cases where legal provisions expressly provide for that processing. In addition, you have the right to object at any time where your Personal Data is processed for direct marketing purposes.
You may receive your Personal Data that you have provided to us in a structured, commonly used and machine-readable format and have the right to transmit them to other data controllers without hindrance. This right only exists if the processing is based on your consent or a contract and the processing is carried out by automated means.
You may request to restrict processing of your Personal Data if (i) you contest the accuracy of it – for a period we need to verify your request; (ii) the processing is unlawful and you oppose the erasure of it and request restriction instead; (iii) we no longer need it, but you tell us you need it to establish, exercise or defend a legal claim; or (iv) you object to processing based on public or legitimate interest – for a period we need to verify your request.
You may request to erase your Personal Data if it is no longer necessary for the purposes for which we have collected it, you have withdrawn your consent and no other legal ground for the processing exists, you objected and no overriding legitimate grounds for the processing exist, the processing is unlawful, or erasure is required to comply with a legal obligation.
Right to lodge a complaint
You also have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your residence, or the location where the issue that is the subject of the complaint occurred.
Right to refuse or withdraw consent
Please note that in case we ask for your consent to certain processing, you are free to refuse to give consent and you can withdraw your consent at any time without any adverse negative consequences. The lawfulness of any processing of your Personal Data that occurred prior to the withdrawal of your consent will not be affected.
If you have questions about exercising any of those rights or their applicability to any of our particular processing activities or have questions about any data transfer mechanism or want a copy thereof, you may contact us at email@example.com or at the address provided below.
For questions or concerns about how Enterprise Business Applications handles Personal Data please contact via email: firstname.lastname@example.org.
Enterprise Business Applications Limited
Saberton Close, St Albans,
AL3 7DS, UK
Enterprise Business Applications Cookie Statement
What are cookies?
- Cookies are small files that are sent to and stored in your computer by the websites you visit. Cookies are stored in your browser’s file directory. Cookies may be stored only for the time you are in a given website, called a session cookie, or they may remain stored in your browser for a defined period of time beyond your current session, known as a persistent cookie. Cookies work in combination with content within the website itself, to capture and remember information. To learn more about these technologies and how they work, please see www.allaboutcookies.org.
Functional and Performance: These analytic cookies allow us to improve the website’s functionality by tracking usage. We do analytical profiling to understand unique users reading a particular article to identify what is popular. We also look at where content is accessed so we know how to arrange our website for optimal user experience. In some cases, these cookies improve the speed with which we can process your request, allow us to remember website preferences you’ve selected, and help connect you to your social networks. De-selecting these cookies may result in poorly-tailored recommendations and slow website performance. We also examine what type of reference was used to reach our websites, such as an email campaign or a link from a referral website, so we can estimate the effectiveness of our promotions and advertising campaigns.
- How can I change my cookie settings?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You can review the options available to manage cookies in your browser. Different browsers use different ways to disable cookies, but they are usually found under a Tools, Options or Help menu. If you turn cookies off, you may not be able to browse this website. If you delete your cookies from the browser, you may need to remember to re-install opt-out cookies. To find out more about cookies, including how to see which cookies have been set and how to manage and delete them, visit www.allaboutcookies.org
- Response to Do Not Track Some browsers have incorporated Do Not Track (“DNT”) preferences. Most of these features, when turned on, send signals to the website you are visiting that you do not wish to have information about your online searching and browsing activities collected and used. As there is not yet a common agreement about how to interpret DNT signals, we do not honor DNT signals from website browsers at this time.
- “Sharing” tools on Enterprise Business Applications websites. Enterprise Business Applications webpages contain embedded “share” buttons to enable users of the website to share content with friends through social networking websites, such as Facebook and Twitter. These third-party websites may set a cookie when you are logged-in to their respective service. Enterprise Business Applications does not control the setting of cookies from these third-party websites. Please check the third-party websites for more information about their cookies and how to manage them.