About this policy
This policy relates to AVEVA Group PLC and the AVEVA group of companies (“AVEVA” or “we”). We have provided this policy to ensure that our customers and their individual representatives (“you”) understand what personal data we may collect from and hold about you, what we may use it for and how we keep it safe.
Personal data is provided by your representatives when you purchase our products or services, or visit our AVEVA Support Sites (means the AVEVA customer websites that are accessed by customer for support services including but not limited to https://softwaresupport.aveva.com/ and https://connect.aveva.com/#/ or such replacement or updated web addresses). Data subjects have legal rights to access the personal data that we hold about them and to control how we use it which is also explained.
Who we are and how you can contact us
AVEVA Group PLC is a public limited company. Our registered company number is 2937296 and our registered address is at High Cross, Madingley Road, Cambridge, CB3 0HB.
For data protection related queries including questions about our use of personal data within in our business please contact our Data Protection Officer
Our Data Protection Officer is William Cummins. You can contact them via email at firstname.lastname@example.org or via our postal address at AVEVA Group PLC, High Cross, Madingley Road, Cambridge, CB3 0HB.
For matters concerning this policy related to the AVEVA Support Sites, please contact our team by email at Feedback@aveva.com.
Please refer to the sections on Your rights to know what personal data we hold and to control how we use it and How to make a complaint for further contact information.
If at any time you would like us to stop sending you information about AVEVA’s products and services, or you have any comments, queries or requests relating to our use of your information, please let us know by means of the Contact Form which may be accessed via https://www.aveva.com/en/contact/.
What customer personal data we collect
- personal data that our customers provide to us. When you purchase our products or services or visit our AVEVA Support Sites, the personal data that representatives of your organisation provide to us may include name, organisational details affiliated with an individual including their office address, e-mail address, phone number, job title and well as geographic and technical data (including IP address and/or MAC address) relating to use of our software and products. This can include personal data that is utilised within our products and services i.e. populating details of project teams within an AVEVA software solution. We also collect data depending on the context of your interactions with AVEVA Support Sites and the choices that you make, including your privacy settings and the products and features that you use
- personal data that we receive from third parties. If we work with other businesses, these parties may collect personal data which they will share with us. For example, we may have the name and contact details of customer representatives passed on to us by third parties that we work with, such as trade or service partners, who may provide your personal data to us so that we can provide technical support in relation to our products.
- personal data about your use of our products. We will collect details of the email address, username and hostname of the computer that is used to access our products and services as well as information about usage of the products and services. In certain instances, this information is used to detect the installation or use of illegal copies of AVEVA software via a transfer of this personal data in a protected format to assist us in our license compliance efforts. For more details on this please see AVEVA’s use of your personal data in our license compliance technology.
What we use customer personal data for
We use customer personal data in the following ways:
- personal data that is provided to us is used to:
- to notify you about changes to the AVEVA Support Site; and
- to ensure that content in the AVEVA Support Site is presented in the most effective manner for you;
- provide you with the information, products and services that you request from us;
- provide our products, which includes updating, securing and troubleshooting, as well as providing support. It also includes sharing data, when it is required to provide the service or carry out the transactions you request;
- manage and administer our business;
- review and improve our products and services.
- provide you with marketing information in accordance with your marketing preferences (see How we use your personal data for marketing for further details);
- personal data that we receive from third parties is combined with the personal data that you provide to us and used for the purposes described above.
- personal data about your use of our products may be used to:
- ensure that the licensing terms for the product are being complied with;
- improve our software and services on an ongoing basis;
- for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to make suggestions and recommendations to you about products or services that may interest you or them where you have confirmed that you would like to be contacted in this regard;
- to allow you to participate in interactive features of our service, when you choose to do so;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.
Reason we Share personal data
We share your personal data with your consent or to complete any transaction or provide any product you have requested or authorised. We also share data with AVEVA-controlled affiliates and subsidiaries; with vendors working on our behalf; when required by law or to respond to legal process; to protect our customers; to protect lives; to maintain the security of our products; and to protect the rights and property of AVEVA and its customers.
When we need your consent to use your personal data
Whilst we always want you to be aware of how we are using your personal data, this does not necessarily mean that we are required to ask for your consent before we can use it. In the day to day running of our business we may use your personal data without asking for your consent because:
- we are entering into and carrying out our obligations under a contract with you, for example, because you have purchased one of our products.
- we need to use your personal data for our own legitimate purposes (such as the administration and management of our business and the improvement of our services) and our doing so will not interfere with your privacy rights.
In exceptional circumstances we may wish to use your personal data for a different purpose which does require your consent. In these circumstances we will contact you to explain how we wish to use your data and to ask for your consent. You are not required to give consent just because we ask for it. If you do give consent you can change your mind and withdraw it at a later date.
Please refer to the section on How we use your personal data for marketing for further details in this regard.
Personal data you are legally obliged to provide
You are not under a legal obligation to provide us with any of your personal data but please note that if you elect not to provide us with your personal data we may be unable to provide our goods or services to you.
Your rights to know what personal data we hold and to control how we use it
In certain countries, individuals have a legal right to know what personal data is held about them - this is called the right of subject access. You can exercise this right by sending us a written request at any time. The best way to contact us is to email us at email@example.com with the wording “Subject Access Request” in the header.
You also have rights to:
- object to your personal data being used for marketing purposes (see How we use your personal data for marketing for further details);
- object to decisions being made about you by automated means or to your personal data being used for profiling purposes;
- object to our using your personal data in ways that are likely to cause you damage or distress;
- have inaccurate personal data corrected, blocked or erased;
- restrict our use of your personal data;
- require that we delete your personal data;
- require that we provide you, or anyone that you nominate, with a copy of any personal data you have given us and that we still hold in a structured electronic form such as a CSV file.
You can find full details of your personal data rights on the Information Commissioner’s Office website at www.ico.org.uk.
AVEVA’s use of your personal data in our licence compliance technology
AVEVA and its affiliated companies take all legal steps to eliminate piracy of their software products and to protect their intellectual property rights. In this context, AVEVA’s software may utilise various technologies, such as a security mechanism that can detect the installation or use of illegal copies of the software, and collect and transmit data about those illegal copies (the “AVEVA Licence Compliance Software”).
If our software is illegally installed or used, data (including limited categories of personal data) of the affiliated user accounts may be collected and processed by AVEVA in the course of carrying out its compliance activities. This data is transferred in a pseudonymised format so that, wherever possible, any personal data transferred does not allow for the identification of an individual person by AVEVA personnel via the AVEVA Licence Compliance Software. Our compliance teams will use this information combined with other information we have on record to confirm the details of the corporate entity together with a rough geographic region where the infringing incident has occurred. AVEVA uses this functionality to pursue the legitimate interest of protecting its business assets and apprehending parties that violate such rights.
When we will share your personal data with others
We share your data with the following people in the day to day running our business:
- any member of the AVEVA Group, which means AVEVA Group plc and its subsidiaries as defined in section 1159 of the UK Companies Act 2006.
- business partners, trade partners, suppliers and sub-contractors we work with to provide you with products or services that you have requested from us.
- analytics and search engine providers that assist us in the improvement and optimisation of our site.
We may also share your personal information with third parties on a one-off basis, for example, if:
- we sell or buy any business or assets (including our own), in which case we will disclose your personal data to the prospective seller or buyer of such business or assets
- If AVEVA Solutions Limited is acquired in part or in whole by a third party, in which case personal data held by AVEVA may be one of the transferred assets.
- we are under a duty to disclose or share your personal data in order to comply with any legal obligation; or in order to enforce or apply the terms of license agreements and other commercial agreements; or to protect the rights, property, or safety of our customers, ourselves or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
How we keep your personal data safe
We take every care to ensure that your personal data is kept secure. The security measures we take include:
- only storing your personal data on secure servers;
- ensuring that our staff receive regular data security awareness training
- keeping paper records to a minimum and ensuring that those we do have are stored in locked filing cabinets on our office premises;
- maintaining up to date system security features to minimise the risk of unauthorised access to our systems.
Please remember that you are responsible for keeping your passwords secure. If we have given you (or you have chosen) a password which enables you to access certain parts of our AVEVA Support Sites, you are responsible for keeping this password confidential. Please do not to share your passwords with anyone.
Unfortunately, sending information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of personal data sent to our AVEVA Support Sites; you send us personal data at your own risk. Once we have received your personal data, we will use procedures and security features to try to prevent unauthorised access.
How we use your personal data for marketing
We may use your personal information to send you communications about our products or services that we feel you may be interested in and will add your details to our marketing database if:
- you make an enquiry about our products or services;
- you attend an industry related event;
- you buy our products or services;
- you have told a third party that you would like them to pass us your contact details so that we can send you updates about our products or services;
- you have registered an account on our AVEVA Support Sites and have indicated during the sign up process that you are happy to receive marketing communications.
This may include marketing relating to products or services offered by other companies within the AVEVA Group that we think you may be interested in. We may send you marketing communications by email, telephone or post. You can ask us to only send you marketing communications by particular methods (for example, you may be happy to receive emails from us but not telephone calls), about specific subjects (for example about specific portfolio areas or industry specific information) or you may ask us not to send you any marketing communications at all.
We may ask you to indicate your marketing preferences when you first register an account on our AVEVA Support Sites You can check and update your current marketing preferences at any time by logging into your account.
When we will send your personal data to other countries
As AVEVA is a global company with global systems, personal data collected in one country may be processed in another country. Your personal data may be transferred to, and stored at a jurisdiction other than your own and outside the UK and the European Economic Area ("EEA") by us or by our sub-contractors. For example, our marketing database and associated systems are accessible by AVEVA personnel globally, including outside of the UK / EEA. Where we, or our sub-contractors, use IT systems or software that is provided by non-UK companies, your personal data may be stored on the servers of these non-UK companies which may be outside the UK, the EEA and the country where your personal data was first collected.
If any of our processing activities require your personal data to be transferred from inside to outside the UK and/or European Economic Area, we will only make that transfer if:
- the country to which the personal data is to be transferred ensures an adequate level of protection for personal data; or
- we have put in place appropriate safeguards to protect your personal data, such as an appropriate contract with the recipient; and
- the transfer is necessary for one of the reasons specified in applicable data protection legislation, such as the performance of a contract between us and you; or
- you clearly consent to the transfer.
How long we keep your personal data
We only keep your personal data for as long as we actually need it to deliver products and services to you or to communicate information to you relating to the same (including for marketing purposes). Please note that we may anonymise your personal data or use it for statistical purposes. We keep anonymised and statistical data indefinitely but we take care to ensure that such data can no longer identify or be connected to any individual.
How you can make a complaint
If you are unhappy with the way we have used your personal data please contact us to discuss this using the contact details set out in the Who we are and how you can contact us section above.
You are also entitled to make a complaint to the Information Commissioner’s Office which you can do by visiting www.ico.org.uk. Whilst you are not required to do so, we encourage you to contact us directly to discuss any concerns that you may have and to allow us an opportunity to address these before you contact the Information Commissioner’s Office.
How we keep this policy up to date
We will review and update this policy from time to time. This may be to reflect a change in the goods or services we offer or to our internal procedures or it may be to reflect a change in the law.
The easiest way to check for updates is by looking for the latest version of this policy on our AVEVA Support Site websites or you can contact us (see Who we are and how to contact us) to ask us to send you the latest version of our policy.
Each time we update our policy we will update the policy version number shown at the end of the policy and the date on which that version of the policy came into force.
This is policy version 3 which came into effect on 28 July 2022.