Privacy statement

Introduction

The Eviture Group is made up of several legal entities. The details of them are listed at Eviture companies. This privacy notice is issued on behalf of the Eviture Group. When we mention Eviture, "we", "us" or "our" in this privacy notice, we are referring to the relevant company in the Eviture Group responsible for processing your data. Eviture (Malta) Ltd is the controller and responsible for this website.

Eviture is firmly committed to privacy. We take our responsibility to safeguard the privacy of our clients and visitors to our website, use information responsibly and to maintaining compliance with GDPR legislation seriously. We will ensure that the data you supply to Eviture is processed fairly and lawfully, and with skill and care.

This statement sets out Eviture's privacy policy for the collection and processing of personal information through your use of this website, including any information you may provide through this website when you contact us for any reason such as:

  • applying for a role with us,
  • registering for an event,
  • requesting information about our services or products,
  • filling out a survey,
  • joining our marketing list,
  • downloading content, or
  • sending Eviture a request for proposal.

If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the data privacy team at dpo@eviture.com. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

This website may include links to third-party websites, plug-ins and applications as well as embedded content from external websites. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

Information we gather

Personal data, or personal information, means any information which identifies an individual. It does not include data where the identity has been removed (anonymous data). We gather personal data indirectly (for example, through our site’s technology) and directly (for example, when you provide information on various pages of our websites).

We may collect, use, store and transfer various kinds of personal data about you as follows:

Category Data
Contact data Email address, telephone number, postal address and other information included in CVs.
Identity data Includes first name, last name, photo or other information included in CVs.
Marketing and Communications data Includes the contact details you provide to us for us to send marketing communications to you.
Profile data Includes your username and password for those parts of our websites that require you to log in, such as for submitting an application.
Technical data Includes IP addresses, browser type and version, timezone setting, location, browser plug-in types and version, operating system and platform, and other technology on the devices you use to access this website, provided that those devices provide such data to us.
Usage data Includes information about how you use our website.

In addition, we also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

Cookies

Eviture works with a small number of third parties to help us improve the experience of our website.

Third party cookie Use
Google Analytics Used to collect information about how visitors use the site. We use this information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. To opt out of being tracked by Google Analytics across all websites, please visit http://tools.google.com/dlpage/gaoptout.
LinkedIn LinkedIn sets a cookie to remember that you have shared articles with your connections when you click a "share" button on our websites.
Twitter Twitter sets a cookie to remember that you have tweeted information when you click a ‘Tweet’ link on our websites.
Facebook Facebook sets a cookie to remember that you have shared articles with your friends when you click a "share" button on our websites.
Hubspot Hubspot sets a functional persistent cookie that allows us to recognise you when you return to our site. This also enables us to store information about your preferences, and to allow us to customize our site according to your individual interests and to speed up your searches. The information generated by the HubSpot cookie about your use of the site (including your IP address) may be transmitted to and stored by HubSpot on servers outside of the EEA.

Sensitive personal data

We do not seek to collect any special categories of personal data about you. We may however collect some sensitive personal data incidentally. By providing us with unsolicited sensitive Personally Identifiable Information, you consent to our using the data subject to applicable law as described in this privacy policy. The references to “sensitive personal data” are to the various categories of Personally Identifiable Information by European and other data privacy laws as requiring special treatment, including in some circumstances the need to obtain explicit consent. These special categories comprise personal identity numbers, personal data about personality and private life, racial or ethnic origin, nationality, political opinions, membership of political parties or movements, religious, philosophical or other similar beliefs, membership of a trade union or profession or trade association, physical or mental health, genetic code, addictions, sexual life, property matters or criminal record (including information about suspected criminal activities).

How we use your personal data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.
  • To match your details with job vacancies at Eviture, and to engage with you in relation to the recruitment process.

We generally do not rely on consent as a legal basis for processing your personal data. You have the right to opt out from marketing at any time by clicking the unsubscribe link in any email you receive from us or by contacting us. Eviture may still hold personal data provided to us as a result of a purchase, service experience or other transaction with Eviture.

Disclosures of personal data

We may have to share your personal data for various purposes as described above. We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. We will not disclose any personal data you have given to us other than as described in this statement, unless you have authorised us to so do, or if we are required to do so by law. Please note that if at any time Eviture is required by law to release information about you, Eviture will do so and will co-operate fully with the relevant authorities.

International transfer of personal data

We share your personal data within the Eviture Group. This will involve transferring your personal data outside of the European Economic Area (EEA), such as to the United Kingdom. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring that at least one of the following safeguards is implemented:

  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model Contracts for the transfer of personal data to third countries.
  • Where we use providers based in the US, we may transfer data to them either based on the EU Model Contracts, or if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the EEA and the US. For further details, see European Commission: EU-US Privacy Shield.

Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

The open nature of the Internet is such that data may flow over networks without security measures and may be accessed and used by people other than those for whom the data is intended. It is your responsibility to protect the security of your login information. Please note that e-mail communication is typically not encrypted and should not be considered secure.

Retention of personal data

We don't keep your personal data for longer the necessary for the purposes for which the information is processed. The length of time we retain personal data depends on the purposes for which we collect and use it and as required to comply applicable lags and to establish, exercise or defend our legal rights.

Access to your own personal data

You are entitled to know whether we hold Personally Identifiable Information about you and, if we do, you have the right to request that we:

  • provide access to any personally identifiable information we hold about you,
  • prevent the processing of your personally identifiable information for direct-marketing purposes,
  • update any personally identifiable information which is out of date or incorrect,
  • delete any personally identifiable information which we are holding about you,
  • restrict the way we process your personally identifiable information,
  • provide your personally identifiable information to a third-party provider of services, or
  • provide you with a copy of any personally identifiable information which we hold about you.

You can do this by sending us an e-mail. We try to answer every email promptly where possible and provide our response within the time period stated by applicable law. Keep in mind, however, that there will be residual information that will remain within our databases, access logs and other records, which may or may not contain your personally identifiable information. Please also note that certain personally identifiable information may be exempt from such requests in certain circumstances, which may include if we need to keep processing your personally identifiable information to comply with a legal obligation. When you email us with a request, we may ask that you provide us with information necessary to confirm your identity in order to safeguard the personal data that we may hold.