Ennov Privacy Policy

1.1 Introduction

Ennov SAS, based at 149 Avenue de France, 75013, Paris, France, and its affiliates are committed to safeguarding the privacy of our service users for the software provided.

In order to ensure their mission, Ennov SAS and its affiliates are compliant with applicable regulations of all countries in which they are established, and, specifically:

  • In European Union, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation or “GDPR”);
  • In UK, the retained EU law version of the General Data Protection Regulation ((EU) 2016/679) (“UK GDPR”) and the Data Protection Act 2018 (“DPA 2018”);
  • In United States, the relevant applicable laws.

Ennov encourages all users to read the policy carefully and contact us with any questions or concerns about our privacy practices using [email protected].

1.2 Why and how do we use personal information?

There are three types of personal data managed by Ennov:

  • (A). data related to the users of the software (persons who have access to the software and/or to the technical support / Account set up and administration);
  • (B). data associated with the use of the software by the customer (data stored by the customer and potentially hosted by Ennov). The latter data remains under the control of the customer. Ennov undertakes never to access the data, except at the customer’s express request and only for technical support purposes.
  • (C). data entry by Ennov Event on behalf of Customers: For a selected few customers, Ennov Event staff enter data into the Ennov Event software. The Customer remains the controller of the data and Ennov Event the processor.

1.3 What information do we collect?

For (A), only the following data is stored for Ennov customers in order to help setup user accounts:

  • First name
  • Surname
  • Email address
  • Login

This data is collected directly from the customer when registering new users.

For (A), only the following data is stored for Ennov Clinical customers in order to help setup user accounts:

  • First name
  • Surname
  • Email address
  • Address

This data is collected directly from the customer when registering new users.

For (A), only the following data is stored for MACRO customers in order to help setup user accounts:

  • First name
  • Surname
  • Email address
  • Address

This data is collected directly from the customer when registering new users.
For (A), only the following data is stored for Ennov PV customers in order to help setup user accounts:

  • First name
  • Surname
  • Email address

This data is collected directly from the customer when registering new users.

For (A), only the following data is stored for Ennov Event customers in order to help setup user accounts:

  • First name
  • Surname
  • Email address
  • Password

This data is collected directly from the customer when registering new users.

For (B), Ennov may store personal data for the needs of its customers as part of the professional use of the software. The type and amount of personal information managed in this case depends exclusively on the purpose of the software and the use made of it by the customer. The customer is responsible for selecting the personal data to be managed in the software. For instance, Ennov may store information about the health condition of patients as part of the provision of its clinical trial software.

 

For (C), the fields in the software which contain personal data are listed in the Ennov Event Register of Process. The nature of this data entry is only to process the data for the customers in accordance with the terms and conditions set out in the customers contracts. All Ennov Event staff have signed a letter of employment which includes a confidentiality clause to ensure that the data is not mismanaged.

1.3.1 Indirect collection of data

Within the software, Ennov’s customers can enter personal data relating to data subjects. Ennov does not have any input over this data collection.

1.4 What legal basis do we have for processing your personal data?

The general framework for action is the contract. The processing is necessary for a contract Ennov has with the data subject / customer.

 

Additionally, any action Ennov takes on personal data is based on a specific written instruction from the customer, in accordance with the contract.

1.5 When do we share personal data?

Under no circumstances will Ennov share the personal data provided to us with a third party, except when specifically ordered to do so by the customer and or when expressly accepted by the customer, on Ennov’s request.

 

For the whole of the Ennov Group, there is no transfer of personal data to third parties, including processors and cross-border transfers.

1.6 Where do we store and process personal data?

Data are hosted in data centres of third parties chosen by Ennov for hosting (data centres) and accepted by contract by the customers.

 

Depending on the contract, these data centres can be located:

  • Within the European Union;
  • or in the UK;
  • or in the United States.

If at the customer’s request, data is transferred outside of the EU, standard contractual clauses can be added into contracts between Ennov and the customer.

1.7 How do we secure personal data?

Ennov is committed to ensuring the continuity of services offered to its customers and the proper and continuous functioning of its applications and associated technical infrastructure. Ennov ensures:

  • The constant availability of the hosting service
  • The integrity of the stored and transmitted information
  • The confidentiality of this information

Faced with these challenges, Ennov has written the Quality document INF.DR.292 Information System Security Policy. The Information System Security Policy can be seen as a repository which aims to clearly describe how to manage, protect, access and disseminate information managed by customers through business applications.

 

Ennov ensures that all staff are trained on the Information Security Policy to give them the knowledge of how to keep customer data confidential.

 

Ennov implements both disaster recovery and business continuity policies to ensure the protection of personal data when faced with an emergency. These are documented in QUA.DR.0547 – Ennov BCP – PCA Ennov and ORG.DR.309 – Disaster recovery plan respectively.

 

Ennov is able to conduct data protection impact assessments when requested by customers.

1.8 Confidentiality

Employees with high administrative privileges for the management of computer systems and data sign a confidentiality agreement, template QUA.MO.0394 – Engagement Confidentialité Administrateur is used for this and is stored in Ennov Doc once signed. This document details that the individuals acknowledge the confidential nature of the data to which they have access and that they must not use or communicate it except in accordance with the operating procedure described within the agreement.

1.9 How long do we keep your personal data for?

Ennov will not retain data for longer than reasonably or legally necessary.

 

Personal data is kept in the systems for as long as there is a contractual obligation to do so. If the customer leaves Ennov, we will liaise with the customer to return data in a desired format (e.g. XML) and timeframe. All data from backups will be removed upon expiration of contractual delay.

1.10 Your rights in relation to personal data

Under the applicable regulations, the data subjects have access and control of their personal data. Ennov ensures:

  • access to personal information
  • correction and deletion
  • data portability
  • restriction of processing and objection

Data subjects can contact Ennov directly using [email protected] or by asking their company to make contact. On contacting Ennov, the data subjects should explain the details of their request, Ennov will then implement the relevant data protection process to identify / correct / delete / port the data. This is written in document QUA.DR.0538 – GDPR Retrieving Personal Data.

 

Note that there are circumstances where data subject rights may be limited:

  • If there is a legal obligation to keep that data;
  • For reasons of public interest (for example public health, scientific, statistical or historical research purposes).

1.11 How to contact us?

Contacting Ennov can be done using [email protected], by contact the Support team using the Ennov Support Platform or by informing an Ennov employee who will then pass the information onto the Data Protection Officer.

Ennov Group Website Privacy Policy

Ennov’s Privacy Policy applies to all Websites and Services owned and operated by Ennov.

It describes how Ennov collects and uses the personal information you provide. It also describes the choices you have regarding the use of, your access to, and how to update and correct your personal information.

Communication

Ennov offers customers and visitors who provide contact information a means to choose how the Company uses the information provided. You may manage your receipt of marketing and nontransactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails.

Additionally, you may send a request specifying your communication preferences to [email protected].

Customers cannot opt out of receiving transactional emails related to their usage of Ennov’s products and services.

149 avenue de France, 75013 Paris, France

Policy Change

Ennov reserves the right to update this Privacy Policy to reflect changes to our information practices. We will provide notification of material changes to this policy through the Company’s Web sites. We encourage you to periodically review this page for the latest information on our privacy practices.

Your information

Information Collected

When expressing an interest in obtaining additional information about Ennov’s products or accessing secure areas of our Web sites, we require you to provide the following personal information, such as: Name, company name, email address, mailing address, phone number, support login id and password.

When you purchase Ennov’s solutions or services, we will ask you to provide billing information. When you register for or attend corporate events, Ennov will ask you to provide basic contact information, billing information, and information on your participation in the events on Ennov’s websites.

As you navigate the Company’s Web sites, Ennov may also collect information through the use of commonly used information gathering tools such as web beacons and cookies. Information collected includes standard information from your web browser such as your Internet Protocol (IP) address, browser type, operating system, referring/exit pages, links clicked, and actions taken while browsing.

 

Use of Information Collected

Ennov uses the information collected from our Web sites to perform the services requested. For example, we may use this information to:

  • Send requested product or service information
  • Send product updates
  • Respond to customer service requests
  • Administer your account
  • Send newsletters
  • Send marketing communications
  • Respond to questions and concerns
  • Improve our Web site and marketing efforts
  • Conduct research and analysis
  • Respond to inquiries regarding career opportunities

Sharing of Information Collected

We will only share your personal information with third parties in the ways that are described in this Privacy Policy. We do not sell your personal information to third parties.

We may provide your personal information to companies or their Web sites that provide services to help us with our business activities. These companies are authorized to use your personal information only as necessary to provide these services to us.

We may also disclose your personal information

  • As required by law such as to comply with a subpoena, or similar legal process,
  • When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request,
  • If Ennov is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information,
  • To any other third party with your prior consent to do so.

Public Forums, and Customer Testimonials

Ennov may provide bulletin boards, blogs, or chat rooms on the Company’s Web sites. Any personal information you choose to submit in such a forum may be read, collected, or used by others who visit these forums, and may be used to send you unsolicited messages. Ennov is not responsible for the personal information you choose to submit in these forums.

Ennov may post lists of Customers and testimonials on the Company’s Web sites that contain information such as Customer names and titles. Ennov obtains the consent of each Customer prior to posting any information on such a list or posting testimonials. To request removal of your personal information from our blog or forum or to have your testimonials removed, contact us at [email protected].

 

Correcting and Updating Your Information

Upon request Ennov will provide you with information about whether we hold any of your personal information. To review and update your personal information to ensure it is accurate, contact us at [email protected]. We will respond to all requests for access, to correct inaccurate data, update information, or delete information within 30 business days.

Customer Data

Ennov’s Customers may electronically submit data or information for hosting and processing purposes (“Customer Data”). Ennov will not review, share, distribute, or reference any such Customer Data except as provided in your contract, or as may be required by law. Especially, Ennov commits to be in compliance with french law “Informatique et libertés” (“IT and privacy”) num. 78-17 of January 6th, 1978, revised on August 6th, 2004. In accordance with your contract, Ennov may access Customer Data only for the purpose of providing the Services, preventing or addressing service or technical problems, at a Customer’s request in connection with Customer support matters, or as may be required by law.

Ennov may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the provisions in this policy regarding notice and choice and the service agreements with our Customers.

 

Data Retention

Ennov will retain your information for as long as your account is active or as needed to provide you services, and as necessary to comply with our legal obligations, resolve disputes, enforce our agreements, or as otherwise reasonably necessary for our business purposes.

Security

The security of your personal information and our Customers’ information is important to us. When you enter sensitive information (such as login credentials) on our platforms login, we encrypt the transmission of that information using secure socket layer technology (SSL). We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security.

If you have any questions about security on our Web site or with our products, you can contact us at: [email protected].

Website Cookies

Web Sites Covered

This privacy policy covers the information practices of the Web sites and Services that link to this Privacy Policy: ennov.com, ectd247.com, pv247.com, ennov.fr, our Customer Support Portal (collectively referred to as “Ennov Web sites”, “the Company’s Web sites”).

The Company’s Web sites may contain links to other web sites. Ennov is not responsible for the information practices or the content of such other web sites. If you submit personal information to any of those sites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any web site you visit.

Our Web site also includes Social Media Features. These Features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the Feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy statement of the company providing it.

 

Web Site Navigational Information

Ennov uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Web sites (“Web Site Navigational Information”). This section describes the types of Web Site Navigational Information that may be collected on the Company’s Web sites and how this information may be used.

 

Cookies and Other Tracking Technologies

A cookie is a small text file that is stored on a user’s computer for record-keeping purposes.

Technologies such as: cookies, beacons, tags and scripts are used by Ennov and some of our business partners (e.g., our tracking utility company), or analytics or service. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

We may use session cookies to make it easier for you to navigate our site. A session ID cookie expires when you close your browser. Cookies enable us to track and target the interests of our users to enhance the experience on our site.

Enabling these cookies is not strictly necessary for the website to work but it will provide you with a better browsing experience. You can delete or block these cookies, but if you do that some features of this site may not work as intended.

 

What cookies do we use ?

We use the following categories on our websites and other online services:

 

Strictly Necessary Cookies:

These cookies are essential to enable you to browse around our websites and use their features. Without these cookies, services including security breach notifications and access to information sites like YouTube cannot be provided.

 

Performance Cookies:

These cookies collect information about how you use our websites — for instance, which pages you go to most. This data may be used to help optimize our websites and make them easier for you to navigate. These cookies don’t collect information that identifies you. All information these cookies collect is aggregated and therefore anonymous.

 

Functionality Cookies:

These cookies allow our websites to remember choices you make while browsing. For instance, we may store your geographic location in a cookie to ensure that we show you our website localized for your area. We may also remember preferences such as text size, fonts, and other customizable site elements. They may also be used to keep track of what featured products or videos have been viewed to avoid repetition. The information these cookies collect will not personally identify you, and they cannot track your browsing activity on non-Ennov websites.

 

How to control cookies

You can control and/or delete cookies as you wish – for details, see http://www.aboutcookies.org. You can delete all cookies that are already on your computer and you can set most browsers to prevent them from being placed. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work.

 

Web Beacons

Ennov uses Web beacons alone or in conjunction with cookies to compile information about Customers and Visitors’ usage of the Company’s Web sites and interaction with emails from the Company. Web beacons are clear electronic images that can recognize certain types of information on your computer, such as cookies, when you viewed a particular Web site tied to the Web beacon, and a description of a Web site tied to the Web beacon. For example, Ennov may place Web beacons in marketing emails that notify the Company when you click on a link in the email that directs you to one of the Company’s Web sites. Ennov uses Web beacons to operate and improve the Company’s Web sites and email communications.

Ennov may use information from Web beacons in combination with data about Ennov Customers to provide you with information about the Company and services.

 

Log Files

As is true of most web sites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you.

 

Local Storage

We use Local Storage (LS) such as HTML5 to store content information and preferences. Third parties with whom we partner to provide certain features on our site use HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5.

 

Do Not Track

Currently, various browsers (such as Internet Explorer, Firefox, and Safari) offer a “do not track” or “DNT” option. Ennov does not currently commit to responding to browsers’ DNT signals with respect to the Company’s Web sites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. Ennov takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.