Use of Cookies & Privacy Policy

 PUBLISHED - Fri 8 Nov 2024 

Opuz Ltd (“we,” “our,” “us”) is committed to protecting your personal data. This Privacy Policy (along with our Opuz Terms of Use and other related agreements) outlines how we process data automatically collected from your device or provided directly by your employer (or contractor, if self-employed). Please review this policy carefully to understand how we handle and protect your personal data.

This policy applies to your use of the Opuz web and mobile applications (the “App”). By selecting “I READ AND ACCEPT” during login, you consent to the collection and processing of personal data as described below.

1. CONTACTING US

1. 1. For the purposes of the General Data Protection Regulation (“GDPR”):
   2. We are Opuz Ltd.  Our registered office is at Quad One, Becquerel Avenue, Harwell Campus, Didcot, Oxfordshire, OX11 0RA;
   3. We are the data controller with respect to all personal data collected by the App about you; and;
   4. Your employer is the data controller with respect to any personal data entered into the App by you when using it in the course of your duties. 
   5. If you have any questions about how we will treat the personal data which is disclosed to us through the App (whether automatically or otherwise) after reading this policy, please first contact your employer for clarification. If your employer is unable to answer the question, you may then contact us directly.

2. THE DATA WE COLLECT FROM YOU

We will collect and process the following data about you. 

2.1 Data we collect automatically. When you install and run the App, we may collect  any or all  of the following mobile device identifiers: 

1. The internet protocol address used to connect your device to the internet;
2. Your log-in information;
3. Regional settings; and
4. Platform and operating system version.
5. Geolocation

2.2 Data provided by your employer. Your employer has provided the following data about you, which will be linked to your user account:

1. Your name;
2. Your company email address and telephone number;
3. Your job title.

2.3 Data you provide. We do not anticipate that you will enter any personally-identifiable information into the App, either about you or about any other person. Where you do so, your employer shall act as the data controller for any such personally-identifiable information.

3. COOKIES

What cookies are and why we use them. 

Cookies are small data files which we may place on your device, if you permit
it, to allow us to recognise you and tailor the App to your preferences, as
further explained below.

The cookies we use.

The cookies we use will:

• Make your experience smoother by adapting our messages to your device (display resolution, operating system etc.); and
• Keep track of the information you enter into the App during a single sign-on session before it is saved.

4. HOW WE USE PERSONAL DATA

• We will only ever store and process personal data pursuant to the contract signed between us and your employer.
• In any event, we will only use personal data for the purposes for which it was collected, or purposes which are very similar.

5. HOW WE PROTECT PERSONAL DATA

Technical and organisational measures. We employ a variety of physical and technical measures to keep the personal data entrusted to us safe and to prevent unauthorised access to, use or disclosure of it. Electronic data and databases are stored on secure cloud computing systems and we control who has  access to them (using both physical and electronic means). Our staff receive data protection training and we have a set of detailed data protection procedures which they are required to follow when handling personal data.

Of course, we cannot absolutely guarantee the security of the internet or external networks and cannot be held liable for personal data where it is intercepted in transit to or from the App, or where you or your employer do not take adequate precautions to safeguard the device on which the App resides.

Account security. You understand and agree that you are fully responsible for access to your account. You undertake not to allow unauthorised third parties to use your account for any reason whatsoever. Should you suspect that an unauthorised person has gained access to your account, you should contact your employer as soon as possible. We shall not be held liable for any misuse of an account and any resulting consequences for you.

6. WHO CAN ACCESS PERSONAL DATA

We will not communicate, sell or transfer any of the personal data we hold to third parties without obtaining the prior written consent of your employer, except where we are required to do so by law.

7. STORAGE OF PERSONAL DATA 

Where it is stored. We only store data within the European Economic Area (“EEA”). If our trusted service providers transfer any of it outside of the EEA we will take steps to make sure adequate levels of privacy protection, in line with UK data protection legislation, are in place.

How long it is stored for. Our data retention policy is as follows:

• If you delete your account with us, or it is deleted on your behalf by your employer, any personal data specific to you (e.g., name, email address, and device ID) will be removed without undue delay. However, we may retain certain data where UK compliance regulations require us to maintain evidence related to compliance for a specific retention period.

• If the subscription expires or is terminated, all non-compliance-related data will be permanently erased from our systems 30 days after the termination date. Your employer may request an export of all data we hold prior to erasure, which will be provided in a commonly used file format.

8. YOUR RIGHTS

Where we are the data controller, you have certain rights with respect to the data we hold about you. Any of these rights may be exercised in accordance with applicable law.

Where you are unsatisfied with our response to a request to exercise any such right, you may contact the Information Commissioner in order to make a complaint.