DATA PRIVACY STATEMENT
1.1. It is the policy of Shine Analytics Limited (“Brightflag”) to comply with the Data Protection Acts. The purpose of this Privacy Statement is to outline how Brightflag deal with any personal data you provide to us while visiting our website (the “Brightflag Website”) or while using the Brightflag enterprise software (the “Brightflag Software”) (collectively “Brightflag Online”).
1.2. When you visit the Brightflag Website and when you use the Brightflag Software, you are accepting the terms of this Privacy Statement. Brightflag shall have no liability to you for any claims, losses or damages arising out of or in connection with the use, disclosure or other processing of your personal data in accordance with the Privacy Statement and your consents.
1.3. Brightflag provides corporate clients and large organisations (the “Clients”) with a management tool to manage their external legal spend (the “Services”).
1.4. The Services are provided according to a software as a service model pursuant to the terms of an agreement between Brightflag and the Client (the “Service Agreement”).
1.5. The Client obtains the Services by using the Brightflag Software accessed through a secure, password protected web site. Once the Client has been authorised to access the password protected site, the Client may use the Brightflag Software to manage and control its external legal spend by approving invoices submitted by external legal service providers.
1.6. The Client determines which individuals within the Client’s organisation (the “Users”) are permitted access to the Brightflag Software. The Client may also determine what level of access to the Brightflag Software to grant to the Users.
2.1. What are Cookies?
Cookies are small pieces of information, stored in simple text files, placed on your computer by a website. Cookies can be read by the website on your subsequent visits so that you can access information faster and in a more efficient way. The information stored in a cookie may relate to your browsing habits on the web page, or a unique identification number so that the website can “remember” you on your return visit. Generally speaking, cookies do not contain personal information from which you can be identified, unless you have separately furnished such information to the website.
You can at any time set your browser to reject cookies. However if you reject our session cookies, this may affect your ability to use the Brightflag service and / or our website.
Like many websites, the Brightflag Website uses “session” cookies and “performance” cookies.
2.2. Session Cookies
“Session” cookies help users to navigate across pages of the Brightflag Website. They are deleted once you leave the Brightflag Website. Session cookies do not contain anything other than a session identification number which allows the webserver to “remember” where you are online. Session cookies are especially important for using the Brightflag Online. Some examples of these cookies include: • Identifying you as being signed in to Brightflag Online and keeping you logged in throughout your visit. • Remembering the content of forms which you may have completed while you are on Brightflag.
2.3. Performance Cookies
“Performance” cookies are used by Brightflag to provide information on the usage of Brightflag (details in relation to which pages on our website users visited, how they got there, etc). Some of these cookies are saved to your computer so that we know when you revisit Brightflag. All information these cookies collect is aggregated and used anonymously. We use these cookies to understand what content is popular which helps us to improve Brightflag.
3. Telephone calls
Please note that any telephone calls to Brightflag may be recorded for customer service and to verify the content of any conversation, including customer instructions.
4. Purposes for which we hold your information
4.1. Use of Non-Personal Data
Brightflag use the Non-Personal Data gathered from visitors to Brightflag in an aggregate form to understand the demographics of the users of Brightflag Online, to help us better design and organise our Brightflag Online and to aggregate market information for the purposes of benchmarking, analysis and recommendation. Brightflag uses these analytics tools to assist it in gathering and analysing Non-Personal Data for the reasons described above and our analytics solutions will collect your IP address as part of this analysis.
4.2. Web Browsing
Except as explained above in relation to your IP address, by simply visiting the Brightflag Website you do not disclose, nor does Brightflag collect Personal Data on you. Generally, all that Brightflag may know about your visit may be limited to technical data. This technical data shall be used for administrative and statistical purposes and may be shared with our internet service provider. Brightflag will use this information to help us to improve our website.
4.3. Personal Data
Personal Data may be collected in a number of ways when you visit the Brightflag Website or use the Brightflag Software. Brightflag may collect data you voluntarily provide to us which may contain Personal Data. For example, when you request a demonstration of the Brightflag Software, request additional information about the Brightflag Software, or complete a survey or request application support, Brightflag may collect personal information, such as your name, address, location, e-mail, phone number, and other information relevant to creating your account. In addition, we may collect demographic, contact, survey or other personal information you provide in connection with your use of the Brightflag Software.
When you access the Brightflag Software via our secure web interface, we collect information about the way you use Brightflag Online. For example, we collect your IP address, the type of browser you are using, and the frequency and length of your usage of the Brightflag Software. We also collect your user ID and password for the Brightflag Software. Brightflag uses this information to improve the manner in which we provide services, to relay administrative information and to confirm your login details. We treat this information as Personal Data if we combine it with or link it to any of the identifying data referred to above. Otherwise, this data is only used in the aggregate.
The Client may submit Personal Data to the Brightflag Software in connection with the registration of Users with access to the Brightflag Software, configuring User rights and designating administrative contacts. Alternatively, the Client may require Users to submit Personal Data themselves for these purposes. The submission of User Personal Data is determined by the Client, and the Client has the right to alter, delete or otherwise configure User Personal Data as it sees fit. In the course of using the Brightflag Software or as the Brightflag Software is prepared for use prior to implementation, Users may provide data for inclusion in the Brightflag Software. Users may also cause the Brightflag Software to process such data. Clients are solely responsible for the contents of the data so provided. Any Personal Data included in the data is submitted at the discretion of such Clients. Brightflag does not receive Personal Data directly from, and does not have a direct relationship with, individuals whose Personal Data is included in the data. The Brightflag Software processes the data (and any Personal Data such data may contain) based on the instructions of and for the purposes determined by the applicable Client.
Brightflag will process any Personal Data you provide to us through Brightflag Online for the following purposes: (a) to provide you with information about the services of Brightflag in respect of which you have enquired; (b) to enable you to access Brightflag Software; (c) to contact you if required in connection with your account or enquiry or to respond to any communications you might send to us; (d) to help us improve our services and systems; and (e) as otherwise notified to you at the time you provide the information to us.
Personal Data provided online may be linked together or merged with other personal information so that Brightflag may better understand your needs and inform you about our products and services and those of our partners. In addition, if we receive information from third parties with whom we have business relationships, we may combine this information with the other personal information we maintain about you. In either case, this Policy governs this information. When you use the Brightflag Software, certain information you provide through the Brightflag Software may be shared or made available to other users of the Brightflag Software. Use of the Brightflag Software may require the disclosure and display of your Personal Data to other users and third-party partners. While Brightflag will use commercially reasonable measures to protect and secure the confidentiality of your Personal Data, no system or security measure is perfect or impenetrable. Please note that by using Brightflag Online, you are giving us your consent, to the extent required, to process your Personal Data as outlined in this Privacy Statement. Your consent and our rights to process your Personal Data extend to any successor or assignee of Brightflag and/or any of its businesses. Please note that if you purport to withdraw your consent, Brightflag may continue to process your data in accordance with its legitimate interests, to the extent permitted by law.
4.4. Disclosure of Information to Third Parties
If you provide Brightflag with Personal Data, Brightflag may use and disclose such Personal Data as set out in this Policy. Brightflag may share Personal Data with third parties, consultants and other service providers who are engaged by or working with Brightflag in connection with the operation of the Brightflag Website and the Brightflag Software and who need access to such information to carry out work for us. (For example, Brightflag may engage a third party to assist in routing requests for help, or managing responses to user surveys). Brightflag informs any such service providers that any such data may only be used to carry out their work for Brightflag. However, Brightflag is not responsible for the actions of such service providers. Nothing herein restricts the sharing of aggregate information, which may be shared with third parties without your consent.
Brightflag may provide Non-Personal Data to third parties, where such information is combined with similar information of other users of Brightflag. The third parties to whom Brightflag may provide this information may include our website design, development, support and hosting contractors. Brightflag may: (i) share your Personal Data with its subsidiaries (together the “Brightflag Group”) for management and reporting purposes; (ii) as otherwise permitted or required by applicable law or regulation; (iii) to respond to any claims or to protect the rights, property or safety of Brightflag, Brightflag’s users, employees or the public; or (iv) as disclosed to you at the time the information is collected. Brightflag will not disclose your Personal Data to third parties outside of the Brightflag Group (which for these purposes shall include its agents and third party services providers) unless you have consented to this disclosure or unless the disclosure is required in order to process an application or other communication from you or to perform the services you have applied for or to efficiently manage your account. Brightflag will however disclose your Personal Data if Brightflag believe in good faith that Brightflag or the Brightflag Group are required to disclose it in order to comply with any applicable law, a summons, a search warrant, a court or regulatory order, or other valid legal process, including protecting and defending Brightflag’s or the Brightflag Group’s rights and property.
4.5. Sale of Business
Brightflag reserves the right to transfer information (including your Personal Data) to a third party in the event of a sale, merger, liquidation, receivership or transfer of all or substantially all of the assets of Brightflag or any of its subsidiaries provided that the third party agrees to adhere to similar terms to this Privacy Statement.
No data transmission over the Internet can be guaranteed to be 100% secure. As a result, while Brightflag will take all reasonable steps to protect your Personal Data, the nature of the Internet is such that Brightflag cannot guarantee or warrant the security of any information you transmit to us while using Brightflag. Any information that you do provide to Brightflag is at your own risk.
4.7. Updating, Verifying and Deleting Personal Data
If Brightflag hold incorrect information about you, you have the right to have the data amended. Further you have the right to have any information you have sent to us erased if we have failed to comply with our obligations under the Data Protection Acts. To request your right to rectification and/or erasure please send your request to us in writing to Brightflag, Cluster, 1-3 Westmoreland Street, Dublin 2, Ireland and was last updated on 01 February 2016 together with: 1. Your name and address. 2. A description of the specific personal data you wish rectified.
If you request an erasure of your Personal Data, all your data will be erased subject to the following important notice. Brightflag are not required to rectify or erase your data where to do so would prevent you from meeting your contractual obligations to us or where, notwithstanding your request, Brightflag are required or permitted to process (including retaining) your Personal Data for a lawful purpose in accordance with the Data Protection Acts or other laws.
You agree that you will notify us of any relevant change in your personal circumstances to enable us to comply with our obligations to keep your information up to date.
4.8. Right of Access
Where you have provided us with your personal data you have a right to be given a copy of your personal data in accordance with section 4 of the Data Protection Acts subject to certain exceptions. To request a copy of your personal data please send your request to us in writing to Brightflag, Wayra Ireland, 28-29 Sir John Rogerson’s Quay, Dublin 2 together with the prescribed fee of €6.35. Please note the following important points: 1. We reserve the right not to process an access request that does not contain sufficient detail to enable us to comply with our obligations. We will however notify you of any decision not to process a request for these reasons. 2. We shall not process an access request unless the prescribed fee of €6.35 is received by cheque or postal money order made payable to Shine Analytics Limited; and 3. We are only obliged to process access requests received in writing and do not accept access requests via telephone or text message.
4.9. Internet Fraud
Organisations and their customers may from time to time be the target of hoax e-mails or SMS messages that are aimed at gathering Internet/account details of the customers. Some of these hoax e-mails and SMS messages have encouraged or facilitated contact with hoax websites that purport to be (but are not) the website of the relevant organisation. We would always advise you to be cautious as regards disclosing your personal details. In particular, you should note that we will only ever request your personal details if: (i) you are seeking to initiate e-mail contact with us via Brightflag Online; or (ii) you initiate a request for a particular service via Brightflag Online and we require certain of your personal details to provide you with the requested service. You should never publish your account details or other private information using a social media channel.
4.10. Hyperlinks and Social Media Sites
Some of the pages on the Brightflag Website may contain hypertext links to websites not maintained by Brightflag. You are reminded that different terms and conditions of use will apply to you as a user of such websites. In addition such websites may not attain the same privacy standards that Brightflag maintains. Brightflag is not responsible for the content or privacy and security policies of the web sites to which Brightflag links.
4.11. Data Protection Policy
In addition to this Privacy Statement, you may wish to read our Data Protection Policy which is also available on our website.
4.12. Changes to the Privacy Statement
Any changes to this Privacy Statement will be posted on the Brightflag Website so you are always aware of what information Brightflag collects through the Brightflag Website and the Brightflag Software, how Brightflag use it, and under what circumstances, if any, Brightflag disclose it. If at any time Brightflag decide to use your Personal Data in a manner significantly different from that stated in this Privacy Statement, or otherwise disclosed to you at the time it was collected, Brightflag will notify you electronically or by post, at our option.
This Privacy Statement is published by Brightflag, 23 South William St, Dublin 2, Ireland and was last updated on 30 April 2015.
“Data Protection Acts” means the Data Protection Acts, 1988 and 2003.
“Personal Data” means data that identifies you or can be used to identify or contact you and may include your name, postal address, email address, telephone number and birth date. [Personal data also includes demographic information such as your job title, employer, geographic area and preferences when such information is linked to other personal data that identifies you.] The information you provide will be used for the purposes for which it was intended/submitted and as set out in this Privacy Statement.
“Non-Personal Data” means statistical and other analytical information collected on an aggregate basis of all visitors to our Brightflag Online platforms. This Non-Personal Data comprises information that cannot be used to identify or contact you. Brightflag collects this information to help us monitor online traffic and manage the performance, efficiency and capacity of Brightflag Online. This information also helps Brightflag understand what parts of Brightflag Online are effective/well used and what parts are not being fully utilised.