GDPR and DPA 2018 Privacy Notice for Viz.ai Netherlands BV and Viz Group Customers, Suppliers and Business Associates
2. Scope of Privacy Notice
This Privacy Notice applies to the processing of Personal Data by Viz.ai of
- Customers, prospective customers and their representatives
- Visitors and users of the Viz.ai website at https://www.viz.ai
- Suppliers, business partners and their representatives
3. Who is Responsible for Processing Your Personal Data?
Viz.ai and its associated business entities, acting as a Data Controller are responsible for processing your Personal Data as described in this Privacy Notice. Viz.ai Netherlands and Viz.ai Group business entities and their contact details are listed here. Viz.ai uses several suppliers to process Personal Data as a part of its activities. A list of these suppliers can be found here.
Viz.ai Netherlands BV and Viz.ai Group have partnered with Medronic International Trading Sarl and undertake joint activities together to further sales, marketing and business development. Medtronic EU are a seperate organisation to Viz.ai Netherlands BV and Viz.ai Group and have different policies so may process your data in a different manner to Viz.ai Netherlands BV and Viz.ai Group. Their privacy statement and DPO contact details can be found at https://europe.medtronic.com/xd-en/privacy-statement.html.
4. What categories of Personal Data do we Process?
Viz.ai processes Personal Data collected both online and offline.
- Offline Personal Data is collected via in person meeting, events, conferences, and workshops held by Viz.ai Netherlands BV, Viz.ai Group and our business partner Medronic that is shared with us as well as via our day-to-day interactions with customers and suppliers.
- Online Personal Data is collected via the Viz.ai global website via the use of cookies. For more information on Viz.ai’s use of cookies, please see our cookie Notice here (URL to cookie Notice)
Examples of specific information Viz.ai Netherlands and Viz.ai Group collects includes:
- Names, address, email address and telephone number
- Company data such as the name of the company you work for and your role or job title
- Information relating to contract or pre contract activities.
- Recordings or details from online meetings using tools such as Zoom.
- Data from surveys and publicly available information from social media such as LinkedIn
- GDPR compliant third-party lists that have been purchased for marketing and sales activities
- Website and sales analytics information that may include your IP Address, mobile device identifier, browser, device type, operating system, and preferred language
- Shared information from our business partner Medronic who may have lawfully obtained your details in a different manner to he ones described above
5. How do we use Your Personal Data?
Viz.ai may use your Personal Data for the following business purposes
- To fulfil obligations with customers, suppliers and business partners such as processing orders, billing or management of accounts, support or sub-contracting services and relationship management
- To communicate and to respond to requests and enquiries
- To deliver technical functionality to our websites
- To market and develop sales to prospective customers, to retain existing customers, to tailor our activities to you or your companies’ interests
- To manage the security of websites, networks, and systems
- To comply with legal obligations, applicable laws, regulations and to operate our business
To fulfil obligations with customers, suppliers and business partners such as processing orders, billing or management of accounts, support or sub-contracting services and relationship management
If you order products or services from Viz.ai Netherlands BV or Viz.ai Group we will process Personal Data about you to administer and engage in relevant transactions. These include the creation of an account, recording the products and services you use or order and your relationship to them, administering contracts, supporting our products and any requests you may make around them.
To communicate and to respond to requests and enquiries
If you contact us via any means, we need to process the Personal Data that you have provided so we can communicate with you and respond to any requests or enquiries. We may also interact with you on social networks such as LinkedIn if you contact us via that mean.
To deliver technical functionality to our websites
We may process your Personal Data to analyse, improve, develop and optimise the Viz.ai website.
To market and develop sales to prospective customers, to retain existing customers, to tailor our activities to you or your companies’ interests
Viz.ai Netherlands BV and Viz.ai Group may use Personal Data about you to notify you of our products and services, events and conferences organised by Viz.ai Netherlands BV and Viz.ai Group, its suppliers and business partners to further the sales of Viz.ai products and services. This can include modification of our propositions for a specific purpose based upon your need or upon the Personal Data you have provided to us.
To manage the security of websites, networks, and systems
We may collect Personal Data from our website that is used to inform security and operations management in order to help keep our website, networks, and systems secure. We can also use this information to investigate or prevent cyber attacks and unlawful activity or to detect bots.
To comply with legal obligations, applicable laws, regulations and to operate our business
There are occasions where Viz.ai Netherlands BV and Viz.ai Group may need to process Personal Data to comply with a legal obligation, applicable law or regulations. For example, we may need to defend a legal claim or respond to a request from a regulator or government authority. Viz.ai Netherland BV and Viz.ai Group may also process Personal Data in the operation of our business where internal audits, investigations, finance or accounting purposes may require access to your Personal Data. Where you data is used
6. What is our Lawful Basis for Processing your Personal Data
Viz.ai Netherlands BV and Viz.ai Group must have a lawful basis for the processing of your Personal Data in the EU. Our lawful basis for processing includes:
a) Legitimate Interest.
To communicate with you and to respond to your requests in some EU jurisdictions we rely upon a Legitimate Interest to process your Personal Data
We may process your Personal Data for marketing and sales activities based upon Legitimate Interest
We also rely upon Legitimate Interest to analyse, develop, improve and optimise our website, products and services and to use your Personal Data to maintain and improve the security of our website, networks and systems
b) Consent
We sometimes rely upon your consent to process your Personal Data where this is indicated at the time your personal data is collected.
c) Performance of a Contract
When we engage in transactions with customers, suppliers, or business partners we need to process your Personal Data to either enter into or to meet our obligations under a contract.
d) To Comply with Applicable Laws and Regulations
There are certain legal obligations that must be met by companies such as Viz.ai Netherlands BV and Viz.ai Group. Where there is a need to comply with applicable laws and regulations, we may be legally obliged to share your Personal Data.
7. How Long do we Keep Your Personal Data?
Viz.ai Netherlands BV and Viz.ai Group retain information for the following retention periods
The information we collect when we engage in transactions with customers, suppliers, and business partners to process information about or relating to our products and services will be retained for the duration of the transaction or services period.
Where there is a legal obligation to retain records for a legal or compliance purpose information will be kept for a longer period in line with statutory retention periods for the type of information required to be kept.
If you have subscribed to marketing emails or updates your information will be kept for as long as you are subscribed to our distribution list.
Contact information such as your email address or phone number that has been collected from our online or offline activities and events will be retained for as long as we have an active relationship with you. We treat you as an active contact if you have interacted with Viz.ai Netherlands BV or Viz.ai Group or if you have updated your contact details and preferences in the past 18 months and you have not made a deletion or do not contact / opt out request.
Personal Data needed to retain your opt-out preferences is kept for a period of two years or longer if required by applicable laws.
8. How do we Share Your Personal Information?
As an international organisation Viz.ai Netherlands BV and Viz.ai Group shares information about you throughout its international operations to the extent necessary to perform its business with you, it suppliers and business partners. All Viz.ai Netherlands BV and Viz.ai Group employees, suppliers and business partners are only authorised to access personal information to fulfil an applicable and specific purpose and to perform their job functions.
Sharing with Third Parties
Viz.ai Netherlands BV and Viz.ai Group is a Data Controller and shares Personal Data with third parties for the following reasons or business purposes:
- Third party service providers such as accounting, order fulfilment, analytics, event campaign management, customer relationship management, communications, website management, information technology and related infrastructure, security, data protection, customer service, email delivery, information storage, auditing, and legal advisors.
- As required by law to comply with legal obligations in any relevant jurisdictions
- With our business partners to market, sell and administer contracts, or accounts for our products or services.
Where information is shared with a third party, Viz.ai Netherlands BV and Viz.ai Group has undertaken the appropriate amount of due diligence to ensure that the necessary contractual, technical, and organisational measures are in place to ensure that your Personal Data is processed only to the extent that is necessary, consistent with this Privacy Notice, and in accordance with applicable laws.
A list of current third-party processors can be found here.
9. How is Personal Data Exported?
Where data is exported by Viz.ai Netherlands BV and Viz.ai Group it is only transferred to a recipient that resides in a country that has adequate data protection measures, or a recognised international transfer mechanism is in place by law. Where this is not possible, we always ensure that adequate measures including risk assessments and contractual obligations such as EU Model Standard Contract Clauses are used to protect your Personal Data.
10. How is Personal Data Secured
Viz.ai Netherlands BV is a subsidiary company of Viz.ai Inc. In the United States Viz.ai Inc is a regulated entity under the Health Insurance Portability and Accountability Act (HIPAA) and has implemented several key security and privacy standards, controls, and measures to adhere to this act and to meet the requirements of others such as the GDPR. These are shared with Viz.ai Netherlands BV.
The security standards and controls currently met or used by Viz.ai Netherlands BV and Viz.ai Group include that are applicable to your Personal Data includes:
- Internal risk assessments / audit.
- ISO27001 and ISO27002 controls (global) and certification (US and Israel only)
- ISO27701 Security techniques, extension to ISO27001 for Privacy Information Management (applied globally but certified for US and Israel)
- US Health Insurance Portability and Accountability Act (applied globally)
- GDPR compliance via policies, processes, and audits (applied globally)
- NIS Directive compliance (applied globally)
The Viz.ai Group management team are accountable for the development, implementation and upkeep of Viz.ai Group and Viz.ai Netherlands BV information security management system, security measures and associated certifications. Day to day responsibility for the Viz.ai Group and Viz.ai Netherlands BV ISMS resides with Viz.ai’s Group Chief Information Security Officer (CISO).
All third-party business partners and suppliers are contractually obligated to meet the requirements of Viz.ai Group and Viz.ai Netherlands BV security policies and this Privacy Notice.
11. What Cookies Does Viz.ai Netherlands BV and Viz.ai Group Use on its Website
A full list of cookies along with our cookie Notice can be found here.
12. What are Your Privacy Rights?
You have several choices in respect of the Personal Data we process about you:
- Opt Out or Withdrawal of Consent
- You may opt out of or withdraw consent for any previously provided permission given to Viz.ai Netherlands BV or Viz.ai Group for processing your Personal Data.
- Deletion of Personal Data
- You may ask us to delete all or some of the Personal Data we have about you. Where we are unable to delete your data, we will inform you of why we are unable to do so. Example reasons preventing deletion could include contractual or legal obligations. Should we not be able to delete your data, you have the right to contact a Supervisory Authority for their view on the matter.
- Change or Correct Personal Information
- You can ask us to change or update information about you in certain cases, such as if the information we have on you is inaccurate.
- Object to, or Limit or Restrict the Use of your Personal Data
- You can ask us to stop using some or all of the personal data that we hold about you, for example where you believe we have no legal right to keep using it. You can also ask us to limit the use of your Personal Data if it is inaccurate or if you disagree with our legitimate interest justification for the use of your data.
- Right to Access or Have Your Information Provided to you
- You can ask for a copy of the information we hold about you. Where possible we will provide this in a machine-readable format. Where we are unable to do so, we will provide you with a reason why we cannot provide it in a machine-readable form.
- How do I Contact Viz.ai Netherlands BV or Viz.ai Group if I want to Exercise my Rights?
- If you would like to contact us to exercise your rights under data protection laws, please send an email to DPO@viz.ai and our Data Protection Officer will assist you.
13. Data Protection Officer and Representative Offices
For data protection matters relating to the US or other Jurisdictions please contact the US office listed at the end of this document.
For Viz.ai representative offices, please write to the relevant representative listed here (URL to entities list)
For data protection matters in the UK or EU please write to the UK and EU Data Protection Officer at
Mr Paul Benedek
Excis Networks Limited,
3-4 Bower Terrace,
Tonbridge Road
Maidstone
Kent
ME16 8RY
For all data protection matters, you can send an email to DPO@viz.ai where we will endeavour to assist you.
14. Disputes or Filing a Complaint
If you have any complaints regarding Viz.ai’s Netherland BV or Viz.ai Group compliance with this Privacy Notice or to other data protection matters, please contact us in the first instance at DPO@viz.ai and we will investigate. We will attempt to resolve any complaints or issues that you may have in accordance with this Privacy Notice and Applicable Law.
If you are unhappy with the investigation or attempts to resolve your complaint, you have the right to compliant to the Supervisory Authority in your country or jurisdiction. A list of these Supervisory Authorities and how to contact them can be found here https://iapp.org/resources/article/how-to-provide-dpo-contact-information-to-your-dpa/.
15. Viz.ai Contact Details
Viz.ai Netherlands BV can be contacted via post at:
Viz.ai Netherlands BV
Stadhouderlaan 188
8448PX
Heerenveen
Netherlands
Viz.ai is headquartered in the United States and can be contacted at:
Viz.ai Inc
1819 Polk Street 293
San Francisco
CA 94109
Telephone +1 866.849.4980
Viz.ai Israel can be contacted via post at:
Viz.ai Israel
Derech Menachem Begin 150
Tel Aviv-Yafo
Israel