DATA PRIVACY STATEMENT FOR OUR CUSTOMERS, OUR SUPPLIERS AND OTHER THIRD PARTIES
This Data Privacy Statement (“Notice”) describes how euNetworks Group Limited and its group entities and subsidiaries (available at eunetworks.com/companies/ or eunetworks.de/unternehmen/) (“euNetworks” or “us” or “our”) collect and use Personal Data provided by our customers, our suppliers and other third parties about individuals (“External Individuals”), during and after their business relationship with us , in accordance with the General Data Protection Regulation (GDPR) or the UK data protection legislation, as applicable. euNetworks Group Limited and its entities and subsidiaries act as controllers for the purposes of this Notice. This Notice does not form part of any contract (such as a Master Services Agreement, Customer Order, supplier order) between euNetworks and any third party. We may update this Notice at any time but if we do so, we will provide you with an updated copy of this Notice on our website as soon as reasonably practical. euNetworks usually contracts with businesses and those businesses will provide us with Personal Data about individuals within their organisations (External Individuals). It is important that you read and retain this Notice and pass it on to any External Individuals in respect of whom we are collecting or processing Personal Data, so that you and they are aware of how and why we are using such information and what their rights are under the data protection legislation. We have a separate Privacy Policy in respect of individuals who work for euNetworks and this Notice does not apply to them.
“Personal Data” is any information related to a “real” person that can be used to directly or indirectly identify the person. This includes Personal Data in a business context, such as work telephone numbers, or email addresses that are tied to individuals.
euNetworks is a provider of bandwidth infrastructure services. We focus on delivering scalable, fibre-based products and solutions. When our customers use our services, the data that they transmit is not in a form that allows any individuals to be identified. Accordingly, notwithstanding the underlying content of that data, no Personal Data is processed by us. We will not take any steps to identify any individuals whose data is contained in the data transmitted by or customers. Accordingly, we are not a data controller or data processor in respect of this data (even if it includes Personal Data) and such data is not within the scope of this Notice. .
The types of Personal Data that you are likely to provide to us in respect of External Individuals so that we can provide services to you, use your services or otherwise undertake business with you, are as follows:
Other Personal Data may be required in limited circumstances, for example to arrange entry to data centres or other locations.
Information about the categories of personal data which are automatically collected by our website or provided to us by our website visitors, is provided under the heading Processing of Personal Data on our websites www.eunetworks.com and www.eunetworks.de below.
euNetworks collects and obtains Personal Data about External Individuals when this data is provided to us in the course of our business. This may include when you contact us by email or telephone, when you provide contact details in a contract, when you register to use our portal or when you meet with us. External Individuals may also sign up to receive newsletters or other contact from us.
In this section, we set out the purposes for which we process Personal Data as part of our business and the lawful bases we rely on when we do so
Our purposes
euNetworks uses Personal Data as described above to operate our business, i.e. to:
Our lawful bases
Legitimate interests
When we process Personal Data for the purposes described above, we rely on our legitimate interests to operate our business and provide our services, communicate with you and your organisations, to respond to your questions, improve our services, use the insights to improve or develop new services, or to protect our legal rights and interests.
When we process Personal Data to market or promote euNetworks’ services, analyse and manage our marketing activities and communications, to the extent that consent is not required under the applicable law, we rely on our legitimate interests.
Consent for direct marketing
To the extent that consent is required under applicable law to send marketing communications to External Individuals, we rely on consent. If we collect and process your Personal Data based on consent, you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal of consent, nor will it affect processing of your personal data conducted in reliance on lawful processing grounds other than consent.
Processing Personal Data via our websites
In relation to the categories of personal data which are automatically collected by our website or provided to us via our websites, see information on the purposes and the relevant lawful bases under the heading Processing of Personal Data on our websites www.eunetworks.com and www.eunetworks.de below.
euNetworks and such subcontractors as are required to contact External Individuals have access to Personal Data as is required to enable them to assist us in providing our services (for example, to support the delivery of, or help to enhance the security of our website, or who otherwise process Personal Data for purposes that are described in this Notice).
In limited circumstances, we might need to disclose Personal Data to:
We do not provide Personal Data to third parties for any other reason.
The accuracy of all information is important to euNetworks. If any of the Personal Data provided changes, please advise us and we will update this. If you have questions over the Personal Data held, please ask us.
Subject to the GDPR or the UK data protection legislation (as applicable), the External Individuals’ legal rights are:
You also have the right to complain to a data protection supervisory authority about the processing of your Personal Data by euNetworks. In some cases, it will be necessary to provide evidence of identity before we can give effect to these rights. These rights are subject to our rights to retain data as required to run our business and to comply with our obligations.
To exercise any of these rights, contact us using the contact details provided under the “Who to contact if you have any concerns” heading below.
euNetworks take steps to ensure that External Individuals’ data is treated securely. euNetworks has implemented technical and organisational security measures to ensure the compliance of security of Personal Data under GDPR and to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, and other unlawful or unauthorised forms of processing. The details of your user account are protected by a password for this purpose. In all sensitive areas, SSL encryption technology is used in the transmission of data. If you wish to contact euNetworks via e-mail, we point out that the confidentiality of the transmitted information cannot be guaranteed. The content of emails can be viewed by third parties. It is therefore advisable to provide confidential information only by post.
euNetworks keeps Personal Data for no longer than is necessary for the business purposes for which the Personal Data is processed or as long as we are either required or permitted by law (for example to comply with our legal obligations, to resolve requests and complaints or to protect our legal rights). This means we will delete Personal Data from our IT systems after the relevant business relationship ends and the period for which we are required to hold information expires. If an External Individual unsubscribes from our mailing list, we will remove their details immediately. Where deletion at the end of the relevant retention period is not immediately possible (for example, because your personal data has been stored in backup archives), we will securely store and isolate such Personal Data from any further processing until deletion is possible.
Controller
euNetworks is a company group in which certain departments and tasks are shared between different companies in the group. The department responsible for the operation of this website is shared between the euNetworks GmbH, Franklinstraße 61-63, 60486 Frankfurt and euNetworks Holdings Limited, 5 Churchill Place, London E14 5HU, United Kingdom (both jointly “euNetworks”) which act as joint controllers according to Art. 4 No. 7 and Art. 26 GDPR. Both companies comply with GDPR requirements and you can reach out to either one of them in case of any questions or inquiries. We also refer to our legal notice, available at eunetworks.com/legal-notice/ or eunetworks.de/impressum/
We store this data on our servers. We use this data and store log-files to deliver our website to you, to ensure the security of our information technology systems, to review use of our website and to improve our products and services. We do not use this data for marketing purposes and delete log-files within 7 days. The processing is based on our legitimate interests.
Our lawful bases: Our legitimate interests
2. Registration When you register to use euNetworks products or online services, you will be asked for certain personal information. If you provide Personal Data, it will be processed to enable us to send you marketing communications. We have a legitimate interest (direct advertising) in advertising to customers (persons with whom we have had a business relationship) by e-mail or post. In particular, we may send you news about our company or group companies, information on events and invitations to review our services and products. You can object to the sending of advertising at any time by sending an e-mail to our data protection officer or by following the instructions at the end of a promotional e-mail. If possible, please send your e-mail from the same e-mail address you used for registration, so that we can assign you more easily. To the extent that consent is required under applicable law, including in relation to any prospective customers, we will rely on your consent.
Our lawful bases: our legitimate interests or consent (to the extent that consent is required under applicable law).
3. Online map information LISA (Line Information Service App) You can obtain information about the location of our network through the online service “Online Information Sheet LISA (Line Information Service App)”. This requires a registration including Personal Data which we will process as set out above. Your Personal Data will be stored by us until you delete your registration through the log-in area or tell us you would like us to delete it, which you can do by e-mail. The processing is lawful because it is necessary for the performance of the contract.
Our lawful basis: contractual necessity (where the processing is necessary pursuant to a contract or in the context of contractual negotiations)
4. Contact forms and e-mail inquiries Our contact forms provide you with the opportunity to contact us. If you provide Personal Data, we will process it as set out above. In order to process your request, we process names, e-mail addresses, possibly the names of your company, position, mandatory information, which are absolutely necessary to create an offer. The processing of your data in the context of contact made by e-mail, a contact form or by telephone takes place on the basis of our legitimate interest to provide a good customer service or is necessary to fulfil a contract or to process operations necessary for the implementation of pre-contractual measures insofar as the contacts are related to contractual performance obligations. We will delete your contact requests immediately after processing unless statutory retention periods require continued retention. After answering your inquiry, we will archive your request immediately. Access is only possible to a very limited extent. Solely informative inquiries, i.e. which do not result in a contract or do not contain any other content that needs to be retained, will be deleted at the end of the year in which the request was made.
Our lawful basis: contractual necessity (where the processing is necessary pursuant to a contract or in the context of contractual negotiations) or otherwise, our legitimate interests
5. CRM system. We may store your contact data in a customer relationship management system (“CRM system”) if a business relationship exists or a business initiation is expected based on a previous communication. Our legal basis for this is our legitimate economic interest in being able to systematically manage customer and prospect contact data. For personal data in the CRM system, a check is made after two years at the end of the respective calendar year to determine whether it is necessary to continue storing it. If there is no need to do so and no further legal obligations to retain data exist, the data will be deleted.
For this we use the Service provider Salesforce UK Limited Village 9, Floor 26, Salesforce Tower 110 Bishopgate London EC2N 4AY, United Kingdom, Salesforce Inc. (Holding Company: Salesforce Inc. Salesforce Tower
415 Mission Street, 3rd Floor San Francisco, CA 94105, USA).
We have conducted a data processing agreement with the provider Salesforce.
An adequate level of data protection is guaranteed, as an adequacy decision has been issued by the EU Commission for the UK.
Our lawful basis: our legitimate interests
6. Security and Performance: Google reCAPTCHA We use Google reCAPTCHA to prevent automatic programs/bots from using our contact form. This increases the security of our website and avoids SPAM. This is also our legitimate interest . The collected data is hardware and software information, e.g. device and application data as well as the results of security checks. This data is transmitted to Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The data will not be used for personalised advertising. Further information can be found in Google’s privacy policy at https://policies.google.com/privacy. Further documentation can be found at https://developers.google.com/recaptcha/ and at https://www.google.com/recaptcha/admin/create.
Our lawful basis: our legitimate interests
7. Fonts and other embedded third-party content
a) Google FontsThis website uses Google Fonts of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Holding Company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA). These fonts are automatically optimised for the web and there save data traffic and result in quicker loading times. The legal basis is formed by our legitimate interests in the efficient and secure provision of the website. Insofar as Google Ireland Limited transfers personal data to the US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Google guarantees by means of standard contractual clauses to maintain the EU level of data protection.
b) Font Awesome This website uses Font Awesome, to embed fonts and icons into the website to make our website more visually attractive. For this purpose we use the processor Fonticons, Inc. ,6 Porter Road Apartment 3R, Cambridge, MA 02140, USA. Further information on data protection can be found at https://fontawesome.com/privacy. The legal basis is formed by our legitimate interests in the efficient and secure provision of the website. Font Awesome guarantees by means of standard contractual clauses to maintain the EU level of data protection. Next to this data, every Font Awesome request also automatically transmits data like your IP-address, language settings, screen resolution, name, and version of your browser to the Font Awesome Servers. This is necessary to ensure a correct graphical display.
Our lawful basis: our legitimate interests
c) JSDelivr This website uses JSDeliver to deliver individual web pages quickly and flawlessly on all different devices. For this purpose, we use the open source service of jsedelivr.com of the company Prospect One, Kólewska 65A/1, 30-081, Kraków, Poland. This is a content delivery network (CDN). A CDN helps to provide content of our online offer, especially files such as graphics or scripts, faster with the help of regionally or internationally distributed servers. In order to provide this service, your browser may send personal data to JSDelivr.
When you visit our website, the following data may be recorded, among others:
The legal basis is our legitimate interests in the efficient and secure provision of the website. The data is stored for the duration of the session. Further information can be found at https://www.jsdelivr.com/privacy-policy-jsdelivr-net. To prevent the execution of the Java Script code of jsdeliver.net altogether, you can install a so-called Java Script blocker, such as noscript.net or ghostery.com. However, if you prevent or restrict the execution of the Java Script code, for technical reasons this may mean that not all content and functions of our website are available.
Our lawful basis: our legitimate interests
d) Greenhouse Software, Inc. We use the Service of Greenhous Inc., 18 West 18th St, New York, USA, to offer you the opportunity to apply for open positions on our website.
We will process the personal data you provide to us as part of the application process for the following purposes.
The administration of euNetwork ́s recruitment-related activities, which include preparing and conducting interviews and tests with applicants, evaluating and assessing the results, and other activities required as part of the recruitment and hiring process.
The legal basis for the processes described above is necessary for the performance of a contract.
Your personal data will be shared with Greenhouse Software, Inc. 18 West 18th St, New York, USA a cloud service provider located in the United States of America and contracted by euNetworks to support the recruitment and hiring process on behalf of euNetworks.
When visiting our website, the following data may be recorded, among others:
The legal basis for this is our legitimate interest.
For more information, please refer to the Privacy Policy for Applicants.
Our lawful basis: contractual necessity (where the processing is necessary pursuant to a contract or in the context of contractual negotiations) or legitimate interest
8. Cookies, web analysis and marketing tools In some cases, we or our partners use cookies or process your data in such a way that your consent is required. Cookies are small text files that can be stored on your device when you visit our website. Tracking is possible using various technologies like the pixel technology or log file analysis. Consent is given via the so-called consent manager, which must be actively clicked. Our cookie policy explains how you can disable individual functions to which you have consented. There you will find information on when cookies expire, how to delete cookies and how to withdraw your consent.
Our lawful basis: consent
Unless otherwise stated, the processing described in this section is based on your consent. Learn more about how to withdraw your consent in our Cookie Policy. Our cookie policy is linked in the footer of our website.
9. Web-Analytics, Statistics
To determine which content from our website is most interesting for you we continuously measure the number of visitors and the most viewed content. Therefore, we process your personal data
(1) Google Analytics This website uses Google Analytics of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Holding Company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to analyse the usage of our web services. The collected data is used to optimise our website and our advertising effort. Google Analytics is a web-analysing-service provided by Google. Google processed this data on our behalf and is contractually bound to implicate measures to ensure the integrity and confidentiality of the data.
Upon visiting our website, the following data is processed:
Our lawful basis: consent
Upon the first visit to our website, we ask for your consent. Consent may be withdrawn at any time. This can be done by using our consent manager or by deleting the cookies in your browser. Another possibility is the browser addon provided by google, which deactivates Google Analytics. You can download it here: https://tools.google.com/dlpage/gaoptout?hl=dehttps://tools.google.com/dlpage/gaoptout?hl=de
Insofar as Google Ireland Limited transfers personal data to the US parent company Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, Google guarantees by means of standard contractual clauses to maintain the EU level of data protection. Google Analytics sets cookies in your browser for the duration of two years from your last visit. These cookies contain a randomly generated User-ID, with which you can be recognised upon your next visit. The recorded data is stored in combination with the randomly generated User-ID, which makes an analysis of pseudonymised user profiles possible. This data will be automatically deleted after 14 months. Other data is stored in aggregated form indefinitely.
(2) Google Tag Manager Together with Google Analytics we use the Google Tag Manager of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (Holding Company: Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The Tag Manager allows us to place and administrate small code elements called “tags” via an interface. The tool itself does not process any personal data itself. Google Tag Manager enables the activation of tags, which allows other services to collect data, but does not access the data itself.
Further information about the Google Tag Manager can be found here: https://www.google.com/intl/de/tagmanager/faq.html
(3) Hotjar This website uses Hotjar (Service Provider: Hotjar Ltd, St Julians Business Centre, Elia Zammit Street 3, St Julians STJ 3155, Malta, Europa), to better understand our users’ needs and to optimise this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices. This includes a device’s IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymised user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.
Our lawful basis: consent
Upon the first visit to our website, we ask for your consent. Consent may be withdrawn at any time. This can be done by using our consent manager or by deleting the cookies in your browser. According to Hotjar, the data will only be retained for as long as is necessary for the purpose(s) for which we originally collected it or as required by law. Hotjar is contractually forbidden to sell any of the data collected on our behalf. For further details, please see https://www.hotjar.com/legal/policies/privacy/.
(5) Pardot. We use the Tool Pardot of the service provider Salesforce UK Limited Village 9 Floor 26, Salesforce Tower 110 Bishopgate London EC2N 4AY United Kingdom (Holding Company: Salesforce Inc. Salesforce Tower 415 Mission Street, 3rd Floor San Francisco, CA 94105, USA).
Cookies, web beacons or similar technologies are used for this purpose. Data is collected via a cookie ID, which is stored as a pseudonym. Information about user activities on our websites, services and applications is assigned to this pseudonym. A personal identification of the user is excluded by the aggregation of the data sets. To ensure functionality, IP addresses are stored for a short period of time and shortened before processing. The complete IP addresses are not stored or processed.
We have conducted a data processing agreement with the provider Salesforce. An adequate level of data protection is guaranteed, as an adequacy decision has been issued by the EU Commission for the UK.
b) Online advertising based on Tracking and Retargeting
We would like to show you – also on the websites of our advertising partners – only advertising that really interests you. Therefore, we use the technologies of so-called tracking and retargeting on our website for advertising that is tailored to your interests. Cookies are usually used for this purpose, but other technologies such as so-called “fingerprinting” are also used in some cases. The cookies temporarily stored for this purpose enable our retargeting partners to recognise visitors to our website under a pseudonym and to display only products that are likely to interest you. Fingerprinting recognizes your device based on your computer hardware, software, add-ons and browser settings.
Our lawful basis: consent
Unless otherwise stated, the processing described in this section is based on your consent. Learn more about how to withdraw your consent in our cookie policy. There you will find information on when cookies expire and how to delete cookies. Our cookie policy is linked in the footer of our website.
In detail, we use the data collected for statistical and advertising purposes
Unless otherwise stated, we use the following services as processors and contractually oblige them to process data only on our behalf.
(1) Google DoubleClick DoubleClick by Google (“DoubleClick”) is a service by Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). DoubleClick uses cookies to display most relevant advertisements. Google keeps track of the advertisements you have seen and which of them you have actually viewed. Using the DoubleClick cookies allows Google and its advertising network to serve advertisements based on your previous web page visits (or even apps). Google will transmit information generated by the cookies to a Google server for analysis and storage. You can prevent cookies from being saved by setting your browser software accordingly.
For more detailed information on the terms and conditions of use and data protection, please visit: https://www.google.com/analytics/terms/de.html or https://www.google.com/intl/de/analytics/privacyoverview.html.
(2) Google Ads We use Google Ads, an ad service by Google Ireland Limited Gordon House, Barrow Street, Dublin 4, Ireland (parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), and also conversion tracking as part of Google Ads. Google Ads stores a conversion tracking cookie on your computer’s hard drive (“conversion cookie”) when you click on an advertisement placed by Google. If you visit certain pages of our website, Google can recognise that you have clicked on the advertisement and were referred to this web page.
The information obtained using conversion cookies is used to generate statistics for Ads customers who use conversion tracking. These statistics show us the total number of users who clicked on the Google advertisement and viewed a web page with a conversion tracking tag.
Social Media Services und Plugins We do not use direct plug-ins from social networks on our websites and your use of social networks is governed by their terms.
Our lawful basis: consent
In the case that your Personal Data is transferred to third countries either to Controllers or Processors, the transfer is justified by the EU Standard Contractual Clauses according to the Annex of the Commission Decision 2021/914/EU and/or for transfers from the United Kingdom, by concluding International Data Transfer Addendum to the EU Standard Contractual Clauses provided by the ICO. With regard to transfers between the European Union and the United Kingdom, we refer to the adequacy decision of the European Union and the adequacy regulations of the United Kingdom.
Formal compliance with GDPR or the UK data protection legislation, as applicable, is undertaken by euNetworks Group Limited and our local subsidiaries (see eunetworks.com/companies/ or https://eunetworks.de/unternehmen/ also take responsibility. The aforementioned bodies shall jointly determine the purposes and means of processing. You can also see our legal notices: eunetworks.com/legal-notice/ or eunetworks.de/impressum/. If you have any questions about this Notice or how we handle your Personal Data, please contact our Data Protection Officer: RICKERT Rechtsanwaltsgesellschaft m.b.H. (i.e. law firm) Colmantstr. 15, 53115 Bonn, Germany Email: dataprotection@eunetworks.com or datenschutz@eunetworks.com. This Privacy Statement was last reviewed and updated in April 2023.