VisiLean Privacy Notice

 

Welcome to Visilean! VisiLean Ltd. offers mobile/web software applications (each, an “App”) and web services(each, a “Web Service”), allowing you, amongst other things, to digitalise and improve your construction planning and monitoring processes using highly efficient and advanced lean and BIM integrated solutions. Visilean also operates various websites (each, a “Website”).

This Privacy Notice (the “Notice”) describes how VisiLean group of companies (VisiLean Oy, VisiLean Ltd and VisiLean Pvt India Ltd collect, use, store and otherwise process personal data that we collect or receive from or about you when you are using our services. Accordingly, this Notice is a master privacy notice, and references herein to the “Services” shall mean the Apps, the Web Services, and the Websites collectively and/or individually (as the case may be). Moreover, some of its provisions only apply to certain Services and/or individuals in certain jurisdictions (for example, the sub-paragraphs titled ‘Legal Bases’ are only relevant for GDPR-protected individuals).

For purposes of this Notice: (a) “personal data” or “personal information” means any information that can be used, alone or together with other data, to uniquely identify any living human being; (b) “GDPR” means Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation);

Changes to this Privacy Notice

We may update this privacy notice from time to time, for example due to changes in applicable legislation. We endeavour to carry out reasonable means to inform you of any possible changes and their effects in due time beforehand. Therefore, we advise you to review this privacy policy always after becoming aware of changes regarding the privacy notice. The latest version of the Notice will always be accessible at: https://visilean.com/privacy-policy/

This privacy notice was last updated on  09/10/2020.

 

Data Controller

Name: VisiLean Oy
Address: Kirkkokatu 1b A12
00170 Helsinki
Email: info@visilean.com
Business ID: 2725139-5 (FI27251395)

FAQ

What data do we collect?

We may collect some information from you when you register on our VisiLean cloud service for either trial or commercial usage of the VisiLean production management system.

When you register with us:

When registering to Visilean service for the first time or when updating your data in our system, you will be asked for some personal data. This may contain all or a subset of the following data:

  • Salutation (Mr., Mrs., Dr. etc)
  • Given name
  • Family name
  • Email address
  • Phone number
  • Log files, IP address, usage information
  • User personal image Technical data
  • Free trial additional data
    1. Phone number
    2. Company
    3. Job title
    4. City
    5. Country
    6. Project name

Content: When using VisiLean, you input, edit and upload information for effective use of the cloud service. VisiLean collects, converts and stores this content in connection with the service.

How do we collect your data?

We collect data in the following ways:

Data that is given to us by you

Visilean will collect your data in a number of ways, for example:

  • When requesting a free trial of Visilean if offered through our Website
  • When contacting us to get more information on our product through a web form on our Website
  • When registering to Visilean cloud service as a free trial user or as a commercial user
  • When updating your profile information through Visilean service

Data that is collected automatically

When you use the VisiLean cloud service, we use various tracking tools and technologies, such as analytics tools (collectively, “Tracking Tools”) across the Services to collect information about you and your activities (“Analytical Information”). Here are some examples:

  1. Log Files. We collect log files. Examples of the information inside the log files are: internet protocol (IP) addresses; unique operational identifiers (that allow us to identify a user across multiple devices); unique advertising identifiers (such as Android Advertising ID and iOS Advertising Identifier); device information (such as device type, operating system version, time zone, and your preferred languages); type of browser; type of operating system; Internet Service Provider (ISP); date/time stamp; referring/exit pages; clicked pages; and any other information your browser or device may send to us. We use such information to analyse trends, administer the Services, track users’ movement around the Services, and gather demographic information.
  2. IP Address. When you access the Services or make purchases through the Services (such as a subscription to our web services), we may collect your IP address. This data may convey to us information about how you use the Services and allow us to properly bill you and enable localization features. Some features may not function properly if use or availability of your IP address is disabled.
  3. Usage Information. We collect information about user movements (such as the time and date you accessed the Services, the features you used, your preferences, page scrolling and clicks, and for how long you use an App). Tracking Pixel Information. We may use tracking pixels (also known as clear GIFs and web beacons) which are used to anonymously track the online usage patterns of users of the Services. In addition, we may also use tracking pixels in HTML-based emails sent to our users to track which emails are opened and which links are clicked by recipients. This information allows for more accurate reporting and improvement of the Services.

In any case, you may be able to opt-out of us collecting some Analytical Information, through contacting us directly on info@visilean.com. Moreover, some of the Tracking Tools are set by us, and some may be set by third parties, in which case the third party hosts it (for example, social plug-ins, such as the Facebook “Like” button, involve the setting of cookies by the applicable third party). For more information on ‘cookies’, see the Section titled ‘Cookies’ below.

Other Sources of Personal Data

Some of the personal data mentioned above is collected or received directly from you; however, some of the personal data is obtained by us from third party sources. An example of third-party sources might be vendors of products and services (“Vendors”), such as the following analytics Vendors we engage in connection with the Services:

An example of third-party sources might be vendors of products and services (“Vendors”), such as the following analytics Vendors we engage in connection with the Services:

  1. Firebase (Google); Firebase’s privacy policy is available here
  2. MailChimp: Mailchimp’s privacy policy is available here.
  3. Zoho Desk: Zoho Desk’s privacy policy is available here.

These Vendors may also collect your personal data through their respective Tracking Tools incorporated or embedded within our Services. We use their services for the purposes set forth below.

How will we use your data?

Any or all of the above data may be required by us from time to time in order to provide you with the best possible service and experience when using our Website. Specifically, the data may be used by us for the following reasons:

  • To fulfil the delivery of access to a free trial of Visilean service.
  • To fulfil the contract of a commercial Visilean project license that we have signed with a customer organisation, and that you directly or indirectly are a part of through the customer, the customer’s subcontractors or through us or our partners.
  • To improve VisiLean service and our customer service
  • to send periodic emails like newsletters, company news, information about updates, product, and service information etc. You will be able to opt-out of these emails at any time.
  • To administer a contest, promotion, survey or other service feature.
  • Non-private or Non-Personal Information: VisiLean may disclose your non-private, aggregated, or otherwise non-personal information, such as usage statistics of the Service.
  • To operate, provide, and maintain the services.
  • To develop new products, services, and features.
  • To enrich the content and improve the features available within the services.
  • To adapt and personalize the Services, or any of its features, to users’ preferences.
  • To measure, analyse and optimize our marketing efforts and efficiency, and to send marketing material to you.
  • To conduct data analysis, research, and statistics, in order to innovate and improve products, services, and features.
  • To communicate with you (for example, responding to your inquiries or your job application).
  • To provide you with information about Services, notices of updates, and receipts.
  • To monitor compliance with the terms of use.
  • To bill users of paid Services or items, and for conducting internal and external financial audits.
  • To provide customer support.
  • To contact you for your views and opinions of the services.
  • To register, authenticate, and administer your account.
  • To keep the Services safe and secure; and

 

To detect or prevent fraud. Legal Bases (GDPR-only): The legal bases for processing and collecting this personal data and information for the above purposes, may be one or more of the following: (a) your consent; (b) our legitimate interest in operating our Services, as well as ongoing management and development of our business; (c) contractual necessity, such as performing under the Terms of Use or other contracts (as well as in order to take steps at your request prior to entering into a contract); and (d) legal obligation, such as retaining invoice information of our paid subscribers to comply with financial regulations.

We use your Contact Information to send you promotional emails

If you contact us with an inquiry, we may respond with promotional emails relating to your inquiry. For example, if you contact us with an inquiry about a Feature you would like to see on one of our services, we will use your Contact Information to later inform you once our Services have been updated to include Features similar to those you inquired about or other Features you may be interested in. You may opt-out of these email updates by following the unsubscribe link located at the bottom of the email.

Legal Bases (GDPR-only): The legal basis for using your Contact Information for this purpose is our legitimate interest in promoting our Services and our business, in response to your inquiry.

We also use your Analytical Information to provide you with personalized services

In some of our Services, we will use and share (such as with advertising networks and service providers) the Analytical Information we obtain to serve you with advertisements to products and services from us and third parties that we believe may suit your interests. See the Section titled ‘Third-Party Services’ for more information on how this works.

Legal Bases (GDPR-only): The legal basis for collecting and processing your Analytical Information and other information for profiled advertising purposes, is our legitimate interest in operating our Services, as well as ongoing management and development of our business.

Transfers outside the European Economic Area

We are based in Finland. The information we collect from you will be processed, among other places, in Finland, which is recognized by the European Union (“EU”) as having adequate protection for personal data. You can read more about that here: https://ec.europa.eu/info/law/lawtopic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eucountries_en.

Data which we collect from you may be stored and processed in and transferred to countries outside of the European Economic Area (EEA). For example, this could occur if our servers are located in a country outside the EEA or one of our service providers is situated in a country outside the EEA.

We will only transfer data outside the EEA where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, by way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission, or by signing up to the EU-US Privacy Shield Framework, in the event that the organisation in receipt of the Data is based in the United States of America.

To ensure that your Data receives an adequate level of protection, we have put in place appropriate safeguards and procedures with the third parties we share your Data with. This ensures your Data is treated by those third parties in a way that is consistent with the Data Protection Laws.

When and how we share personal data with others?

With service providers who assist us in operating our business & services

We will not share your personal data with third parties, except in the events listed below or when you provide us your explicit and informed consent. Sharing will almost always entail transferring a copy of the personal data. We may share your data with the following groups of people for the following reasons:

  • Any of our VisiLean group companies or affiliates – to ensure proper administration of the service and businesses Our employees, local business partners, subcontractors, support agents and/or professional service personnel – to offer user advice and provide information in relation to how to use VisiLean more efficiently and develop better documentation for our customers and users
  • Third party service providers who provide services to us which require the processing of personal data – to store and manage all user data including newsletter subscription settings
  • Business partners and subcontractors used for the development of our services

 

Our business partners may process your personal data only for measures carried out on our behalf for the purposes defined in this privacy Notice. We always ensure that our partners do not process the personal data transferred to them for any other purposes. We do not sell your personal data to such third parties. These third parties may have their own privacy policies that they adhere to (so they won’t necessarily adhere to this Notice); however, we do try to engage third parties that post a privacy notice.

If you violate the law or breach your contractual terms with Visilean

We may share your personal data with any third party (such as law enforcement and legal counsel) if we believe that disclosure of such information is helpful or reasonably necessary to: (a) comply with any applicable law, legal process, or governmental request; (b) enforce the Terms of Use, such as investigations of potential violations thereof; (c) detect, prevent, or otherwise address fraud or security issues; and/or (d) protect against harm to the rights, property or safety of Visilean, our users, yourself and/or the public.

If we are legally required to do so

If we are bound to disclose your personal data by a judicial order or by a governmental or regulatory authority, we will comply and share the personal data with that body.

Upon M&A, insolvency, or similar events

In the event that Visilean is acquired by, or merged or consolidated with, a third-party entity, or otherwise sells or transfers some or all of its business, shares or assets to a third party entity, we may share (as well as assign ownership of and license) your personal data to and with the corresponding third party entity or buyer (whether actual or potential). In the event of a bankruptcy, insolvency, receivership, or comparable event, we may not be able to control how your personal data is shared, sold, or used, and we may sell or transfer your personal data to one or more of our Affiliates.

Third-Party Services

Please be aware that while using the Services, you may be directed (via hyperlinks or other means) to, or be able to interact with, third-party websites, apps, services and online communities that are not affiliated with us (such as Facebook, Instagram, and LinkedIn). Moreover, if the Services integrate with a third-party service, the application programming interface (API) that performs the integration will enable the relevant third party to serve you certain content as well as access some of your Account Content. For example, if you wish to upload or otherwise share your Account Content to an integrated third-party service such as iCloud or Google drive, or to make use of certain functionality in those services, the API will enable the applicable third party to access your Account Content (such as your photo library). Additionally, when you pay for fee-based Services or items, your payment will be processed by third party payment processors, such as Google’s or Apple’s in-app purchase mechanism. Any personal data you provide in connection therewith is provided to the applicable third party.

We do not control, and are not responsible for, the privacy practices of such third parties, or for their content, products and services, and we encourage you to read the terms and conditions and privacy notices of each third party that you choose to use or interact with.

Cookies

The Web Services and Websites use cookies and related technologies for a number of purposes, including functionality, analytics and advertising. The use of these technologies can involve the processing of personal data.

Security and Data Retention

Where we store your personal data

Visilean does not itself host the Services or operate the underlying cloud infrastructure – all of that is done by third party hosting and cloud service providers (“Hosting Providers”). This means that personal data you provide us or that we or third parties collect from you is hosted with such Hosting Providers on servers that they own or control, which servers may be located anywhere in the world. Your personal data may also be replicated across multiple servers located in multiple countries.

We and our affiliated corporate entities may also make local copies of your personal data at our office locations.

Visilean securely stores your data at following business partners and subcontractors:

  • Digital Ocean, LLC (for active and backed up Visilean service data)
  • The Rocket Science Group LLC d/b/a Mailchimp (for newsletters and announcements)
  • Zoho Corporation Pvt. Ltd. (email server and support helpdesk solution)
  • Agile CRM Inc (for recording free pilot user information)

How long we retain your personal data?

We store your personal data as long as we need it for the purposes for which it was obtained or until you ask us to delete it. If you ask us to delete the personal data, we may still have to retain it to comply with our legal obligations, to comply with tax or accounting requirements, to resolve disputes, and/or to enforce our agreements (such as the Terms of Use). For example, we may retain your personal in order for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of a dispute or litigation relating to your personal data or dealings. Moreover, please be aware that your App-related Account Content is saved on your device, and therefore you control when to delete such Account Content.

Generally, Visilean will keep your data as follows:

  • Personal data related to free trials for the length of the trial period (typically 30 days) after which the data will be erased
  • Personal data related to commercial Visilean projects as agreed in the project contract, which also can include archive storage of project and user data after the project has finished.

We implement measures to secure personal data

We implement appropriate technical, organizational, and security measures to reduce the risks of damage to (or loss of) information, or any unauthorized access or use of information. However, these measures do not provide absolute information security. Therefore, although efforts are made to secure your personal data, it is not guaranteed, and you cannot expect that the Services will be immune to information security risks or attacks. Also, as the security of information depends in part on the security of the computer, device or network you use to communicate with us, and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.

What are your data protection rights?

Visilean would like to make sure you are fully aware of your data protection rights. Every user is entitled to the following:

  • Right to access– the right to request a) copies of the information we hold about you at any time, or b) that we modify, update, or delete such information. If we provide you with access to the data, we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive.” Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.
  • Right to correct– the right to have your data rectified if it is inaccurate or incomplete.
  • Right to erase– the right to request that we delete or remove your data from our systems, under certain conditions.
  • Right to restrict our use of your data– the right to “block” us from using your data or limit the way in which we can use it, under certain conditions.
  • Right to data portability– the right to request that we move, copy, or transfer your data, under certain conditions.
  • Right to object– the right to object to our use of your data including where we use it for our legitimate interests

If you wish to exercise any of these rights, please contact us (see the “Contact Us” section below). Please note that in certain circumstances, we may not be the party which holds your personal data, and we may refer you to the party (such as the App Marketplace) which does.

Subject to legal and other permissible considerations, we will make reasonable efforts to honour your request promptly in accordance with applicable law or inform you if we require further information in order to fulfil your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes before processing or honouring your request. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initially requested, we will address your request to the maximum extent possible, all in accordance with applicable law.

Should you ever decide to delete your Account, you may do so by emailing info@visilean.com. If you terminate your Account, any association between your Account and personal data we store will no longer be accessible through your Account. However, given the nature of sharing on certain Services, any public activity on your Account prior to deletion will remain stored on our servers and will remain accessible to the public.

If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority.

Minors

You must be at least 13 years of age to use the Services. The Services are not intended for minors under the age of thirteen (13). IF YOU ARE UNDER THE AGE OF THIRTEEN (13) YOU MAY NOT USE THE SERVICES. If you are between thirteen (13) and eighteen (18) years old, you must review this Notice with your parent or guardian. If you have concerns about your child’s privacy, or if you believe that your child may have provided us with their personal data, please contact us at info@visilean.com. We will take steps to delete the information as soon as possible should we learn that we have collected the personal data of a child under 13 without first receiving verifiable parental consent.

Changes of business ownership and control

VisiLean Ltd may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of VisiLean Ltd. Data provided by Users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy notice, be permitted to use the data for the purposes for which it was originally supplied to us.

We may also disclose data to a prospective purchaser of our business or any part of it.

In the above instances, we will take steps with the aim of ensuring your privacy is protected.

Principles of Data Security

The security of your personal data is important to VisiLean. To prevent unauthorised access or disclosure, VisiLean have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information VisiLean collects online. The data shall be accessible to persons on a need-to-know basis only. Such persons have personal user credentials and passwords. We take backups of our information system regularly.

Contacting Us

How to contact our Data Protection Officer?

If you have any questions or requests concerning your personal data or about our privacy practices and policies, you may contact our Data Protection Officer at martin@visilean.com. Please use this channel only for questions or requests about privacy and data protection.

How to contact our European representative?

The European representative of Visilean, for purposes of the GDPR and this Notice, is Visilean Ltd. If you are within the EEA, you may contact our European representative at the following address: martin@visilean.com . General inquiries If you have any questions about this Notice, or how we process your personal data, please contact us at:

https://www.visilean.com
VisiLean Ltd,
Kirkkokatu 1b A12,
00170 Helsinki
Finland
info@visilean.com