Obvis Limited Privacy Policy

‍Introduction

We are Obvis Limited, a company registered in England and Wales under company number 03944400 and with our registered address at 2 Barnfield Crescent, Exeter, EX2 4NZ.

Obvis Limited respects your privacy. All information you give us is held with care and security.

This privacy policy explains how we collect, store and use information about you when you access or use this website and all associated websites and web pages (together the “Site”). This policy also explains how we use cookies.

Please take time to review this privacy policy as it sets out our privacy practices and tells you how your personal information will be treated by us. By accessing or using the Site you agree to be bound by, and comply with, this privacy policy and the documents referred to in it (including our website terms of use available at https://www.obvis.com/terms). If you do not agree with or accept these documents, you should stop using the Site immediately.

For the purposes of the Data Protection Act 2018, Obvis Limited is the 'data controller' (ie the company who is responsible for, and controls the processing of, any personal data you submit to us).

We do not sell, rent or loan any personally identifiable information regarding our customers to any third party. We do not transfer any personally identifiable information to third parties except as described within this Privacy Policy.

Any questions regarding the Obvis privacy policy or our practices relating to personally identifiable information should be directed to privacy@obvis.com.

Changes to this Privacy Policy

We may change this Privacy Policy from time to time. When we do so we will post the changes on this page, and place notices on other pages of the Site as applicable, so that you may be aware of the information we collect and how we may use it at all times. Please check this page to ensure you are aware of the most recent version this privacy policy as it will apply each time you access the Site.

This Policy was last updated on 29 April 2023.

Why do we collect personal data?

We will use the personal information provided to us in order to:

process orders submitted by you;
customize the service we provide to you;
administrate or otherwise carry out our obligations in relation to any agreement you or your employer have with us;
anticipate and resolve any problems with any goods or services supplied to you;
check entitlement to software or support;
carry out market research and surveys and track sales data;
send you our newsletters, where these are requested by you;
send you our email courses, where these are requested by you;
track your engagement with us, including through our website, articles and newsletters;
understand how you use our products and services;
contact you by telephone and send you follow-up communications relating to your use of our products and services, including samples and demonstration versions of software; and
send you information about our other products and services or those of our sister company Bill Harvey Associates Limited.

We may collect any personal information provided by you to us through our websites (https://www.obvis.com/, https://help.obvis.com/, https://app.obvis.com/) or via use of our products, or we may collect this information via the telephone or through your email or other communications with us.

We keep a record of purchases made, and we collect contact information from face to face contact such as attendance at conferences, training, or CPD events. Certain information is collected automatically, as described later in the privacy policy.

Although we do not make it compulsory to give us every item of information we ask for, the more information volunteered by our customers (and the more accurate it is), the better we can match our services to the needs of our customers.

What information do we collect

Web site visitors

Analytics

Most web site owners collect data on how their sites are used. Many approaches to analytics involve collection of personally identifiable information. We use Plausible Analytics, a carefully designed privacy preserving analytics system. This gives us the high level insight into use of our Site that we need, but collects no personally identifiable information.

Our analytics

does not use cookies,
does not track you across your devices,
does not track you across websites.

One secure identifier is generated to allow visitors on a given day to be distinguished, but these are reset once a day.

Because no personally identifiable information is collected and no cookies are used, the collection of this type of analytics is not controlled by cookie consent.

Cookies

Cookies are very small text files saved to your computer. They can be used to track user navigation around a website or between websites. Like most web site operators, we use cookies to enhance the service we provide through our web sites. Cookies may be set by software hosted by us or by our service providers, and are used for a variety of purposes.

We categorise cookies as follows:

Essential cookies. Cookies necessary for the functioning of the website, such as “session cookies” to support user log in.
Analytics cookies. Analytics cookies are used to enable monitoring of web site performance or aggregate behaviour of website users. Analytics does not track individual user behaviour.
Personalisation cookies. Cookies allow the website to remember choices you make and provide enhanced, more personal features.
Marketing cookies. These cookies help us guide you to parts of our web site or products or services that we think you might be interested in.

Note that we do not run adverts on our web sites, and we do not track users between our web sites and third party sites for any reason or place cookies that allow or assist others in tracking you between websites.

When you first visit our web site from a particular device and browser, you will be shown a “cookie banner” and given a chance to opt in or out of non-necessary cookies.

Employees of customer organisations

Our software is normally purchased by companies. We interact employees of those customer organisations, who may be users, IT support, procurement staff, etc. This might be in response to email enquiries or by phone.

It is important for us to maintain effective communication with users of our software. We therefore maintain a database of past contacts. We record, where possible, name, company, position, office street address, email address, phone number, support requests.

Mailing list subscribers

We ask mailing list subscribers for a small amount of personal data include their name, company, and approximate geographical location.

We keep records of what emails were sent to subscribers, and data such as which emails were opened and which links within the email were clicked.

Sharing of data with third parties

Bill Harvey Associates Ltd.

Obvis Ltd. and Bill Harvey Associates Ltd. (https://www.billharveyassociates.com) are sister companies that work closely together. As such sharing of data between these companies is unavoidable. The Obvis and Bill Harvey Associates privacy policies will be maintained in parallel.

Other third parties

We do not share your personally identifiable information with any third party other than Bill Harvey Associates Ltd. for marketing purposes.

If we link to or otherwise highlight products or services from other companies, we do so because we think the information might be of value to you. We do not advertise other companies products and services in exchange for payment or data.

Links to third party sites

In our communications with you we may sometimes highlight products or services from other companies because we think these will be of value. We do not share your personally identifiable information with the suppliers of these products and services. We do not place adverts from third parties on our Site.

We may link from our Site or through our services to third parties. We cannot be responsible for the privacy policies and practices of these third parties. We recommend that you check the privacy policy for each site you visit. We do not pass personally identifiable information to third party sites when you follow links from our Site.

Interactions with us on third party sites

We maintain a presence on various social media sites such as LinkedIn. All activity on such sites, including any interaction between you and us on our pages, posts, etc, is subject to the privacy policy of the site in question.

Third party processors

To operate our site and provide our services, we make use of third party services such as “cloud” software. For example, these include data storage and management services, mailing list management software, cloud web servers, and process automation tools. In the terminology of the Data Protection Act 2018 these services are “data processors”.

Our relationship with third party processors, and their processing of your personally identifiable information on our behalf, is governed by contracts. We remain the data controller in these cases.

Some of these services are located outside the UK and the EEA. The transfer of data outside the UK and EEA is discussed below in the section “Transfers of your personal information outside of the UK and European Economic Area”.

Changes of Business Ownership and Control

In the event of a restructuring, merger, reorganisation, or sale of assets, we may transfer your personal data to a third party involved in the transaction (for example, a purchaser) in accordance with applicable Data Protection Legislation.

Law enforcement

We may disclose your data if we are legally obliged or entitled to do so (for example, if required to do so by Court order) or for the purposes of identifying fraud or other crime.

Transfers of your personal information outside of the UK and European Economic Area

Information you provide to us may be transferred by us to our service providers, some of which are situated outside the UK and European Economic Area (EEA) and may be processed by staff operating outside the UK and the EEA. If we transfer your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected. The EEA comprises the EU member states plus Norway, Iceland and Liechtenstein.

Keeping our records accurate

We aim to keep our information about you as accurate as possible. If you would like to review or change the details you have supplied us with, please contact us as set out below.

Legal basis of our processing

The Data Protection Act 2018 requires that we have a clear legal basis for processing your personal data. To be open and transparent with you in respect of our use of your personal data, here are the legal bases for our processing:

Activity	Legal basis
To deliver our products and services, and to respond to queries regarding our products and services. To communicate with customers regarding contract renewals or new licenses.	Contract
To provide support to users of our products.	Contract
To retain and review past support discussions.	Legitimate interest
To maintain a list of past and present users of our products and services, and to communicate with those users regarding our products and services.	Legitimate interest
To communicate general news and information relating to Obvis Ltd. products and services, educational material, and other material likely to be of interest to subscribers.	Consent

Automated Decision Making and Profiling.

We do not use your personal data for the purposes of automated decision-making or profiling as those terms’ meanings apply in the context of the Data Protection Legislation. However, we may do so in order to fulfil obligations imposed by law, in which case we will inform you of any such processing and provide you with an opportunity to object.

Sensitive information

We ask that you do not send us, and that you do not disclose, any sensitive personal data about yourself or anyone else (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through Obvis products or otherwise to us.

Children's Privacy

Data protection legislation defines any individual under 18 as a child. Our products and services are intended for use by businesses only. Our communication, marketing, and sales activities are never aimed at children.

We recognise that children may access public parts of our Site without our knowledge. It is also possible that a child might subscribe to our public mailing lists, for example if they wish to pursue a career in Civil Engineering and find the material we share interesting and educational. We have no way of knowing whether a particular visitor or subscriber is a child or not.

If you are a concerned parent, legal guardian, or third party, and want to discuss the use of our Site or services by a child, please contact us at privacy@obvis.com.

Your rights

You have various rights relating to personal data about you that we hold and the ways in which we process it. To exercise these rights, you can make requests by various means. Where possible please submit requests by email to privacy@obvis.com.

Most of these rights are not absolute. We may refuse a request where exceptions apply, or where a right is overridden, for example by another legal requirement.

More details regarding your rights can be found on the Information Commissioner’s Office web site.

Right of access

You have the right to receive a copy of your personal data held by us. A request for a copy of your data is commonly referred to as a “subject access request” or SAR.

Right to rectification

You have the right to have inaccurate personal data rectified, or completed if it is incomplete.

Right to erasure (”the right to be forgotten”)

There are circumstances in which you can request that we erase personal data we hold about you, for example if that processing was based on your consent and you have withdrawn that consent.

Right to restrict processing

It is possible that you might want us to stop processing your personal data, but you do not want us to delete it or we cannot delete it for other reasons. In such circumstances, you can request that we “restrict processing”, which means that data will remain stored on our systems but will not be processed.

Contacting us

If at any time you would like to contact us with any enquiry relating to our processing of your personal information, you can do so by sending an email to us at privacy@obvis.com or by contacting us at Obvis Ltd., 2 Barnfield Crescent, Exeter, EX1 1QT.

‍