Condeco and iOffice + SpaceIQ Merge to Create Eptura™, the Leading Worktech Software Solution Learn more

SaaS privacy policy

Effective Date: October 04, 2022

1. Introduction

Eptura™ (collectively, “we,” “us,” “our,” or “Company”) refers to Zarya Intermediate, LLC and any of our corporate affiliates or subsidiaries.respect the privacy of our customers and individuals who use our services. This SaaS Privacy Notice (“Notice”) is made available to you to describe how we collect, use, and share personal data we process on behalf of our Client when you use our hosted software applications (“Services”). It also describes your choices regarding the use, access and correction of your Personal Information that we process in the course of fulfilling our obligations as a service provider according to the Eptura Services Agreement (“Services Agreement”) executed between Eptura and our client (“Client”). Client may be your employer, or if you are an independent contractor, they may be the entity that has engaged you to provide your services to them.

This Notice does not cover any information or data collected by Eptura for other purposes, such as information collected for marketing purposes. Please see the Website Privacy Policy for more information.

2. About Eptura and the Personal Information We Collect

Eptura is a global worktech company that provides software solutions for people, workplaces and assets to enable everyone to reach their full potential. With 16.3 million users across 115 countries, we are trusted by over 16,000 of the world’s leading companies to realize a better future at work

While using our Services, Clients and their authorized users input or transfer electronic data into the Eptura systems (“Client Data”). Client Data may include an individual’s name, email address, unique identifier(s), phone number(s), company position, business unit, cost center and location within Client’s workplace (“Personal Information”).

3. Retention of Personal Information

Eptura will retain Personal Information we process on behalf of our Clients for as long as needed to provide Services to our Client and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

4. Transfers of Personal Information

Eptura is responsible for the processing of Personal Information it receives from Clients and any onward transfers to third parties acting on our behalf in compliance with applicable law, including but not limited to, the Australian Privacy Act 1988; California Consumer Privacy Act of 2018 (“CCPA”); the EU General Data Protection Regulation 2016/679 (“GDPR”) and its respective national implementing legislations; the Swiss Federal Act on Data Protection; the United Kingdom General Data Protection Regulation (“UK GDPR”); and the United Kingdom Data Protection Act 2018 (in each case, as amended, adopted, or superseded from time to time).

Eptura Services and sites are primarily provided and hosted from the United States; however, we may transfer, and process, your personal data outside of the country in which you are resident to a country that may not have equivalent privacy and data protection laws (and, in some cases, may not be as protective). Any such transfers will be performed consistent with the Service Agreement between Eptura and our Clients. When transferring data across borders, we will make sure that an appropriate transfer agreement is in place to protect Personal Information

Certain recipients (our service providers and other companies) who process Personal Information on our behalf may also transfer personal data outside the country in which you are resident. Where such transfers occur, we will make sure that an appropriate transfer agreement is put in place to protect Personal Information.

If you are a resident of the EEA, the UK or Switzerland, we will protect Personal Information when it is transferred outside of the EEA, the UK or Switzerland by processing it in a territory which the European Commission has determined provides an adequate level of protection for personal data or we will rely on the Standard Contractual Clauses approved by the European Commission.

5. How We Collect Personal Information

5.1 From Clients

Eptura processes Client Data under the direction of Clients and has no direct control or ownership of the Personal Information it receives or processes. If you are an authorized user of one of our Clients and would no longer like to be contacted by one of our Clients that use our Service, please contact the Client that you interact with directly. Clients are responsible for complying with regulations or laws that require providing notice, disclosure and/or obtaining consent prior to transferring the data to Eptura for processing purposes

5.2 From You

Eptura may collect Personal Information directly from you. This information may be collected when:

    • you register to use the Services
    • you use the Services, or another application that the Services are embedded in (eg. as a mobile application provided by Eptura’s Client)
    • you contact the Eptura Support team
    • you use your work PC to access the Services
    • you pass through a security checkpoint at one of our Client’s premises.
    • you access our website

5.3 Passive Collection

As is true of most websites and web applications, we gather certain information automatically. This information may include Internet Protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the features viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, usage, change history, and/or clickstream data to analyze trends in the aggregate and administer the site.

6. You May Request Access, Changes and/or Removal to/of Your Personal Information

Eptura acknowledges that you have the right to access your personal information. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate Personal Information should first direct your query to Eptura’s Client (the data controller), or second by emailing your request to [email protected]

Eptura will process your request as soon as reasonably practicable, or within a reasonable timeframe, provided we are not otherwise prevented from doing so on legal grounds. If we are unable to meet your request, we will let you know why. For example, it may be necessary for us to deny your request if it would have an unreasonable impact on the privacy or affairs of other individuals, or if it is not reasonable and practicable for us to process your request in the manner you have requested. In some circumstances, it may be necessary for us to seek to arrange access to your personal information through a mutually agreed intermediary (for example, our Client).

7. Client Obligations Around Personal Information

Through our Client’s use of the Services, Eptura may collect information about our Client’s personnel from our Client. Similarly, through your use of the Services, Eptura may also collect information from you about someone else.

In either case, if you or our Client (each an “Information Provider”) provide Eptura with Personal Information about someone else, the Information Provider must ensure that they are authorized to disclose that information to Eptura and that, without Eptura taking any further steps required by applicable data protection or privacy laws, Eptura may collect, use and disclose such information for the purposes described in this Notice.

This means that if required by applicable law, the Information Provider must take reasonable steps to ensure the individual concerned is aware of and/or consents to the various matters detailed in this Notice, including the fact that their Personal Information is being collected, the purposes for which that information is being collected, the intended recipients of that information, the individual’s right to obtain access to that information, Eptura’s identity, and how to contact EpturaÔ.

Where requested to do so by Eptura, the Information Provider must also assist Eptura with any requests by the individual to access or update the Personal Information it has collected from them and entered into the Service.

It is your responsibility to ensure that the Personal Information provided to us is accurate, complete, and up to date.

8. Eptura Collects, Holds and Uses Your Personal Information for Limited Purposes

8.1 To Provide the Services

The use of Personal Information collected through the Services is limited to the purpose of providing the Service in the Service Agreement. Eptura uses your information to provide the Services to you, including to verify your identity when you log in, communicate with you about the Service, prevent or address service or technical problems, respond to support issues, provide transaction histories, produce de-identified industry trends/benchmarks, or otherwise operate, maintain, and improve the Services. We may also use your information when responding to Client’s instructions or as may be required by law in accordance with the Services Agreement.

We analyze information about how people use our services, such as information about your use of facilities, statistics about general room utilization by type, and other activity germane to the work environment and office and facilities management, to identify trends, usage, activity patterns, and to develop new products, features, and technologies that benefit our users. With user consent as a user where required, we also test and analyze certain new features with some Clients before rolling the feature out to all Clients.

To provide certain features in the Services, we may create aggregated, de-identified data from Client Data by removing, obfuscating, or otherwise anonymizing data components (such as your name, email address, or linkable tracking ID) that make the data personally identifiable. Our use of anonymized data is not subject to this Notice.

For example, we may use aggregated data to produce de-identified industry trends/benchmarks that allow users to benchmark their utilization of the Services against how others use our Services. When aggregate data is used or displayed to our users, we leverage analytics techniques that hash, filter, or otherwise scrub the information to exclude information that might identify you as an individual or your organization.

8.2 To Secure the Services

We use information about you and your use of the Services to verify accounts and activity, to detect, prevent, and respond to potential or actual security incidents and to monitor and protect against other malicious, deceptive, fraudulent, or illegal activity, including violations of service policies.

8.3 To Protect our Legitimate Interests and Legal Rights

Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, including our Clients, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.

We process this information about you only where we have a legal basis for doing so. This means we process your information only when:

We need it to provide you the Services, including to operate the Services, provide customer support and personalized features, and to protect the safety and security of the Services;

It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to secure the Services, or to protect our legal rights and interests;

You give us consent to do so for a specific purpose (limited to specific Services); or

We need to process your data to comply with a legal obligation.

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.

9. What does Eptura’s Client do with the Information?

How Eptura’s Client uses your Personal Information will be subject to the Client’s internal policies, which will indicate how it uses the information including any disclosure to third parties.

10. Can I Withhold My Personal Details?

If you do not consent to us collecting, using, and storing your Personal Information we may be unable to provide the Services to our Client.

In limited circumstances, you may be able to use a pseudonym. Please direct any such requests to the Eptura Client.

11. Eptura Takes Steps to Protect Your Personal Information

Eptura is committed to protecting the security of your Personal Information and we take all reasonable precautions to protect it from unauthorized access, modification or disclosure. We maintain a comprehensive, written information security program that contains industry standard, administrative, technical, and physical safeguards designed to prevent unauthorized access to our Client’s Data. We also use appropriate industry-standard security technology as agreed with our Client to ensure that your information is protected. When we no longer need your Personal Information, we will take all reasonable steps required to de-identify or destroy it.

12. Eptura only Discloses Personal Information in Limited Circumstances

Your Personal Information may be shared with our authorized Affiliates and sub-contractors (“Personnel”) as necessary and appropriate to facilitate the purpose for which your Personal Information was collected pursuant to this Notice. They are only authorized to use Personal Information as necessary to provide services to us. These services include cloud computing infrastructure.

All Eptura Personnel who have access to Personal Information are legally bound not to disclose it and may only use it for the purposes incidental to undertaking their duties to EpturaÔ.

Eptura will not otherwise disclose your Personal Information to a third party outside of our Affiliates without your express consent. However, you should be aware that Eptura may be required to disclose your Personal Information without your consent in order to comply with any court orders, subpoenas, or other legal process or investigation including by tax authorities if such disclosure is required by law. Where possible and appropriate, to protect your rights, protect your safety or the safety of others, investigate fraud, or respond to a government request we will notify you if we are required by law to disclose your Personal Information.

If Eptura is involved in a merger, acquisition, or sale of all or a portion of its assets, our Client will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your personal information, and choices you may have regarding your personal information. We may also disclose your personal information to any other third party with our Client’s prior consent.

The third parties who host our servers do not control and are not permitted to access or use your Personal Information except for the limited purpose of storing the information.

13. Eptura Uses Cookies

Eptura and its partners use cookies or similar technologies to help us process your transactions and requests, analyze trends, administer the website, track aggregate and statistical information about user activity and gather statistics about our user base as a whole.

In the Services, we use essential cookies for authentication and session management. These technologies may provide us with personal data, information about devices and networks you utilize to access our Services, and other information regarding your interactions with our Services. We may combine the information we receive from cookies with personal data we have otherwise collected.

Third-Party Analytics. We also use automated devices and applications including Google Analytics (more info here) to evaluate the use of our Services. We use tools to gather non-personal information about users to help us improve our Services and user experiences. These analytics providers may use cookies and other technologies to perform their services and may combine the information they collect about you on our Services with other information they have collected for their own purposes. Please note, for the Services, any data sent is anonymized. This notice does not cover such uses of data by third parties.

Browser Level Opt-Out. You can set or change your web browser controls to accept or refuse cookies. The “help,” “tools,” or “edit” portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Your ability to completely prevent your browser from accepting new cookies may depend on the sophistication of your browser software. If you disable cookies, you may still access our Sites but be aware that some features of our Services may not function. Most advertising networks offer you a way to opt-out of targeted advertising. If you wish to not have this cross-site information used for the purpose of serving you targeted ads, you may opt-out of many ad networks by clicking here (or if located in the European Union, click here).

Additional information is available at http://www.aboutads.info/choices/ and http://www.youronlinechoices.com. Please note, we do not control any of the above opt-out links and are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms. You will continue to receive ads on the websites you visit, but the ad networks from which you have opted out will no longer target ads to you based upon your activities on other sites.

Do Not Track. Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites you visit indicating you do not wish for your online activities to be tracked. Currently, our systems do not recognize browser DNT requests. In the meantime, you can use the “help” portion of the toolbar on most browsers to learn how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether as explained above.

14. Eptura has a Privacy Complaints Process

Eptura commits to resolve complaints about our collection or use of your Personal Information. For questions regarding this Notice, please contact us by emailing [email protected] or by mailing Eptura at the following address: Eptura, Attention Privacy, 950 E Paces Ferry Rd, NE, Suite 800, Atlanta, GA 30360.

15. Our Privacy Officer will endeavor to:

    • provide an initial response to your query or complaint within 15 Business Days, and
    • investigate and attempt to resolve your query or complaint within 45 Business Days or such longer period as is necessary and notified to you by our Privacy Officer.Changes to This Policy

We may update this Notice to reflect the changes to our information practices. Eptura will provide notification of the material changes to this Notice through the Company’s websites at least thirty (30) business days prior to the change taking effect.