Privacy policy

The purpose of this privacy policy (“Policy”) is to explain how, when and why Enrian partners collects information about individuals, how, for what purposes and on what grounds these ‘personal data’ are subsequently processed, who processes them and what rights the individuals have in connection with their personal data. When we refer to “Enrian partners” or use the word “we”, “our” or “us”, we mean the Enrian partners entity that acts as the ‘controller’ of the information we hold about you or the ‘processor’ of the information that a customer has entrusted to us, as explained in more detail under the “identifying the data controller” part of this Policy. By “you” we mean the individual reading this text, i.e., you as a natural person (and not any company or other organisation that you may be associated with). Some words and phrases in this Policy are in single quotation marks (e.g., ‘controller’, ‘processor’ and ‘data subject’). These are legal terms, having the same meanings as given to them in the EU General Data Protection Regulation, i.e., Regulation (EU) 2016/679 (“GDPR”).

  1. Application

    1. This Policy applies to the data processing that takes place through or in connection with the following: (a) your use of our software application Aleana, which is tool for business-activity time tracking and work-sampling (b) your visiting, or accessing website of Enrian partners, including the site at aleanapp.com; or (c) your communication or interaction with Enrian partners; insofar as the above activities are not subject to another privacy policy or similar document.
    2. The Policy does not apply in relation to other parties’ products, services, websites, resources or activities.
    3. When we speak of “Personal Data”, we mean any information about a living individual from which that person can be identified (the proper legal definition of ‘personal data’ is “any information relating to an identified or identifiable natural person”, with the person to whom the information relates being referred to as the ‘data subject’). Personal Data do not include information from which no individual can reasonably be identified, that is to say, anonymous information or personal data rendered anonymous in such a manner that the individual is not, or no longer is, identifiable (de-identified or anonymised information). The Policy does not apply to such information.
    4. The Policy supplements our other terms and policies and is not intended to override them.
  2. Data controller

    1. We are a technology company and a lot of what we do involves data processing in one way or another. Various data need to be processed in a number of ways in order for us to carry on our business, including provide, maintain and develop the application and Websites, and to communicate with you. Information is processed both for us as well as our customers, and customers themselves process information through the application. Not all of this information constitutes Personal Data.
    2. The user environment delivered via the application where an application user (“User”) can enter, record, store, disclose and otherwise manipulate various data. The data thus processed are referred to as “Customer Data” and it is usually the User who created the Customer that determines the purposes of, and otherwise controls, the processing of these data. That authority can be assigned to another User, but, at any rate, there is always one particular User, identified as the “Customer Admin”, that has legal control over, and is responsible for, Customer Data. That User (the Customer Admin) is also the ‘controller’ of all Personal Data maintained in this area. Enrian partners processes these data on the Customer Admin’s behalf and is thus considered to be the ‘processor’ of the said Personal Data. This means that any enquiry, request, objection or complaint that you as a ‘data subject’ may have in connection with the processing of Personal Data that form part of Customer Data (i.e., where the information concerned relates to you) should be addressed to, and resolved by, the relevant Customer Admin.
    3. Enrian partners is the ‘controller’ of the Personal Data that are collected by us.
  3. The information we collect and receive

    1. Enrian partners collects, generates and receives information from application. Some of this information constitutes Personal Data and the rest does not. We shall use the word “Information” to designate any and all of the data that are collected, generated or otherwise processed by us. This part of the Policy describes which Information and how is collected or generated through the activities listed in section 1.1.
    2. Profile Information We collect Information about you in the course of negotiating, preparing, concluding and amending agreements between you and Enrian partners. The Information collected may include the data provided in such agreements and any data that you furnish for the purposes of negotiating, concluding or amending those agreements.
      When you register for an Aleana user account (“User Account”), we ask you to give us your Company name, your full name, Email address and Country. For validating human access to the User Account, you will create a user name and a password, which both will be stored in our database. You will also be assigned a user identifier (user ID), which is a certain numerical value that we generate, store and can identify you by.
    3. “Other Information” If you email us or send us a letter or a message, we may retain a record of such communication, including your name and address, email address or telephone number (as applicable), the content of your communication and our response. We may complement these data with other Information.
  4. Purposes and grounds for Information processing

    1. The purposes for which Information is processed and the legal grounds for such processing are varied and depend on the nature of the Information. If Information is anonymous or de-identified, we may collect, use, disclose and otherwise process it for any purpose. Our processing of Personal Data, however, is limited to the purposes set out in this Policy.
    2. We will process your Personal Data in the circumstances we need to perform an agreement you have with us or it is necessary to take pre-contractual steps at your request before entering into such an agreement We shall refer to these grounds as “Contractual”. For example, Negotiating, preparing, concluding, performing, amending and enforcing our agreements with you; Providing the Service; Investigating and preventing application-related errors, defects, performance and security issues; Maintaining, improving, otherwise developing and protecting the application
    3. We have engaged and will continue to use third-party service providers to assist us in providing, maintaining, developing and protecting the application and Websites. We use such parties for hosting the application or a Website; sending out Service Messages, or performing analyses related to the application. We may also store Personal Data in locations outside our direct control, e.g., cloud infrastructure whose operation we have entrusted to other party. These service providers may have access to your Personal Data for the limited purpose of providing the service we have engaged them to provide. They locate the service for us in countries participating in the European Economic Area (“EEA”).

Last reviewed: February 8th 2019