ENHALO Privacy Policy - EU and UK

Effective Date: 1 September 2023

This Privacy Notice describes Enhalo’s procedures on the collection, use, and disclosure of your information when you use the Service and tells you about your privacy rights and how the law protects you.

We use your Personal Data to provide and improve the Service. By using the Service, you agree to the collection and use of information under this Privacy Policy.

Interpretation

The words of which the initial letter is capitalised have meanings defined under the following conditions.

The following definitions shall have the same meaning regardless of whether they appear in singular or plural.

Definitions

For this Privacy Policy:

You mean the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Under GDPR (General Data Protection Regulation), you can be referred to as the Data Subject or as the User as you are the individual using the Service.

Company (referred to as either “the Company,” “We,” “Us,” or “Our” in this Agreement) applies to Enhalo Limited, Suite 16, First Floor, IFC5, The Esplanade, Saint Helier, Jersey, JE23BY

For the GDPR, the company is the Data Controller.

Affiliate means an entity that controls is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest, or other securities entitled to vote for the election of directors or other managing authority.

Account means a unique account created for you to access our Service or parts of our Service.

Website refers to Enhalo, accessible from Enhalo.co

Service refers to the website.

Country refers to the United Kingdom, Jersey Channel Islands, South Africa, United States, Philippines,

Service Provider means any natural or legal person who processes the data on behalf of the company. It refers to third-party companies or individuals employed by the Enhalo and its associated companies to facilitate the Service.  And to provide the Service on behalf of the company, to perform services related to the Service, or to assist the company in analysing how the Service is used.

For the purpose of the GDPR, Service Providers are considered Data Processors.

Third-party Social Media Service refers to any website or any social network website through which a user can log in or create an account to use the Service.

Personal Data is any information that relates to an identified or identifiable individual.

For the purposes for GDPR, Personal Data means any information relating to you such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity.

Cookies are small files that are placed on your computer, mobile device, or any other device by a website containing the details of your browsing history on that website among its many uses.

Device means any device that can access the Service, such as a computer, a cellphone, or a digital tablet.

Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

Data Controller, for the GDPR (General Data Protection Regulation), refers to the company as the legal person who alone or jointly with others determines the purposes and means of the processing of Personal Data.

This privacy notice applies to all prospective, present and past Enhalo Stakeholders including but not limited to employees and affiliate consultants, clients (including persons that are involved in the course of service delivery), visitors, third Party Service Providers / partners / operators / vendors, subsidiaries and member companies.

We are committed to protecting the privacy rights of our Stakeholders. This privacy notice describes our information handling and associated privacy practices. This includes:

• How we collect personal information about our Stakeholders
• How we process and use such personal information
• How we may share personal information
• How we secure personal information
• Stakeholder rights

Types of personal information collected

We may collect the following types or categories of personal information, including:

• Contact details such as name, email address, telephone number and work location.
• Company details required for third parties and customer administration.
• Confidential information that relates to organisations, for example, information security risks and controls.
• Government issued identification numbers for the purposes of employee application validation, employee administration and third parties’ registration and administration.
• Information related to candidate or employee race and disability status.
• Other relevant personal information to enable the conduct of business.

Personal Information Handling Practices

We endeavor to notify our Stakeholders about the manner in which, and the purposes for which, we collect and use their personal information. We collect and use personal information for the following purposes:

• To establish and maintain a relationship with our clients, enabling ongoing service delivery.
• To understand client needs and preferences. For example, we maintain a record of services you have purchased or signed up for.
• Where the collection and processing is required by Law, for example, mandatory tax reporting requirements.
• For audit and record keeping requirements.
• To conduct statistical or market related research.
• For the administration of remuneration, employment benefits and accounts payable / receivable.
• To evaluate candidates and applicants who submit personal information for employment opportunities.
• To effectively respond to queries submitted through our online “contact us” feature or to individual team members.
• To communicate relevant services and information to Stakeholders.

We may use your personal information collected including but not limited to your name, email, company and job title for purposes of contacting you, sending notifications, updates and invitations to events. If you would like to withdraw your consent for such processing, you may use the “contact us” tab on this website.

We will only share personal information with authorised third parties, partners and vendors to communicate specific services or products that we feel you or your organisation may benefit from.

We may collect and process juristic and natural personal information in the course of carrying out contracted business (projects) with our clients as well as relating to prospective and current employees, as required by applicable employment legislation.

Unless required or permitted by law, Enhalo shall not use or disclose personal information or sensitive personal information for a new purpose that has not been identified and consented to by you.

Cookies

Currently we only use cookie technology that is strictly necessary for administration and operation of our website. These are necessary to enable you to click through our website.

Choice and Consent

In most circumstances, we receive personal information directly from you. For example, when you request Enhalo services or tools, we may require personal information for contact or billing purposes.

Enhalo will only require you to consent to the collection, use or disclosure of personal information as per the identified purposes in this Notice. We will not unreasonably withhold products, services or information if you refuse or withdraw your consent.

You may withdraw or modify your consent at any time, subject to legal and contractual restrictions, provided that reasonable notice is given to us. If you would like to withdraw your consent for such processing, you may use the “contact us” tab or send a query to [email protected] Please allow at least 30 days for us to effect changes in communication preferences.

Third Parties

We may make use of third-party services to support our service delivery to Stakeholders. Our third parties are vetted in terms of information protection risks and agree to required privacy practices and controls. Examples of third parties with whom we may share personal information, include:

• Member companies within Enhalo
• Authorities
• Regulators
• Selected and contracted service providers that support our service delivery
• Persons acting on our behalf (incl. affiliate consultants and third parties)
• Auditors

We will not share personal information with third parties other than as disclosed in this notice or explicitly agreed with you. Further, we will only disclose your personal information if:

• The law requires it.
• We have a public duty to disclose the information.
• If it is reasonably necessary to prevent illegal activity.
• Our or your legitimate interests require disclosure.
• You consented to such disclosure.

Cross Border Transfer

In certain instances, we may process Personal Information in other countries to support ongoing business delivery. Some countries may not have similar Privacy requirements; in which case we will ensure that the receiving parties agree to adequate Privacy Principles before we share such information.

How we secure Personal Information

We endeavor to protect the security, availability and confidentiality of Personal Information by implementing and maintaining reasonable technical and organisational controls. Our controls are aligned to leading practices and frameworks.

External links

Our website may contain links to external websites and sources of information. This does not indicate endorsement by Enhalo and due care should be taken before following such links.

Your Privacy rights

You may request access to, verification, restriction and deletion of your personal information upon reasonable grounds. You may write to us and send your request to [email protected] If you would like to withdraw your consent for direct marketing, you may use the “contact us” tab on this website.

Queries and complaints

You may lodge a query or complaint directly with us through the contact us tab on this website or directly with our Information Officer.

Alternatively, you may lodge a complaint with the Jersey Information Commissioner at [email protected]

Organisation Details

Name: Enhalo Limited

Postal address:  Suite 16, First Floor, IFC5, The Esplanade, Saint Helier, Jersey, JE23BY

Website: https://enhalo.co/contact/

Maintenance of this notice
Last revision: 1 September 2023

We reserve the right to update this notice on an ad hoc basis. To check for changes, please visit our website on a regular basis.