Last Updated July 23, 2024
Protecting your privacy is fundamental to the way Scopeasy Construction Software Limited, doing business as Boxcore (“Boxcore”, “we”, “us”, or “our”), conducts business. This Privacy Policy explains how we may collect, use, and disclose your personal data when you access and use our online products and services that link to this Privacy Policy (including, our website, www.boxcore.com), (the “Site”), our marketing activities, our live events, and other activities described in this Privacy Policy) (collectively, the “Online Services”). This Privacy Policy does not apply to your use of third-party sites linked to this website.
This Privacy Policy may change from time to time. We will make note of the changes on our website and your continued access to the Online Services is deemed to be your acceptance of those changes, so we encourage you to check back periodically for updates.
You can jump to particular topics by going to the headings below:
The term “personal data” in this Privacy Policy refers to any data or information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to a particular identifiable natural person or household, or any other data or information that constitutes “personal data”, “personal information,” or “personally identifiable information.”
An identifiable natural person, or “Data Subject,” is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person, to include training records and qualifications.
Boxcore is a data processor of the personal data collected in connection with your use of our Online Services. We collect the following data in the course of providing you these services:
Context | Types of Data | Primary Purpose for Collection and Use of Data |
---|---|---|
Client Data | We collect the names, usernames, and contact data of our clients and their employees with whom we may interact. | We are executing on a contractual obligation in contacting our clients and communicating with them concerning normal business administration such as billing, registration, and our services. |
Client and User Account Data | We collect personal data from our clients and users of our Online Services when they create an account to access and use the Online Services. This data could include business contact data such as name, email address, title, company information, and password for the Online Services. | We are executing on a contractual obligation by providing account-related functionalities to our users, monitoring account log-ins, and detecting potential fraudulent logins or account misuse. |
User Training and Certification Data | We collect training records of users through our Online Services, which allows clients to keep updated records on file. This typically includes specific training records such as manual handling training or OSHA training. Certain training may sometimes include a user’s driver license information, to include data such as name, date of birth, address, license number, identified gender, identified ethnicity or race, veteran or disability status, physical descriptors, and photograph. | We are executing on a contractual obligation by providing account-related functionalities to our users and clients, which allows for them to upload and keep important documents, training records, and qualifications on file. |
Safety and Insurance Data | We collect our client’s safety documents they provide through our Online Services, such as their equipment inspection records and insurance certificates. | We are executing on a contractual obligation in providing account-related functionalities to our clients, which allows for them to upload and keep these records and certificates on file. |
Cookies and First-Party tracking | We use cookies and clear GIFs. “Cookies” are small pieces of data that a website sends to a computer’s hard drive while a website is viewed. | We have a legitimate interest in making our website operate efficiently and improving our marketing efforts and Online Services. |
Cookies and Third-Party Tracking | We participate in behavior-based advertising and the gathering of analytics. This means that a third- party uses technology (e.g., a cookie) to collect data about your use of our website so that they can provide us with website and user analytics, as well as for the purposes of advertising products and services tailored to your interests on our website, or on other websites. Specifically, we use Intercom and Google Analytics on our Site and Web App. | We have a legitimate interest in engaging in behavior-based advertising and capturing website analytics in improving our marketing efforts. You can find out more about how Intercom and Google use data from our Site and Web App by reviewing their respective privacy policies at www.google.com/policies/privacy/partners/ and https://www.intercom.com/legal/product-privacy-notice. |
Email Interconnectivity | If you receive an email from us, we may use certain tools to capture data related to when you open our message, click on any links or banners it contains and make purchases. | We have a legitimate interest in understanding how you interact with our communications to you. |
Employment | If you apply for a job posting or become an employee, we collect the data necessary to process your application or to retain you as an employee. This may include, among other things, your Social Security Number or Personal Public Service Number. Providing this data is required for employment. | We use data about current employees to fulfil our contract of employment or the anticipation of a contract of employment with you. In some contexts, we are also required by law to collect data about our employees. We are executing on a contractual obligation in using your data to have efficient staffing and workforce operations. |
Feedback and Support | We collect personal data from you contained in any inquiry you submit to us regarding the Online Services, such as completing our online forms, calling, or emailing for the purposes of general inquiries, support requests, or to report an issue. When you communicate with us over the phone, your calls may be recorded and analyzed for training, quality control and for sales and marketing purposes. During such calls, we will notify you of the recording via either voice prompt or script. | We have a legitimate interest in receiving and acting upon, your feedback, issues, or inquiries. |
Mailing List and Demo Requests | When you sign up for one of our mailing lists, we collect your email address or postal address. Additionally, when you book a demo through one our blog post pages, we collect your contact data. | We share information about our Online Services with individuals that consent to receive such data. |
Order Placement | We collect your name, billing address, e-mail address, phone number, and use a third-party PCI compliant service to process your payment card number when you place an order. Specifically, we use Stripe and Gocardless for payment processing and XERO for invoices. | We use your data to perform our contract to provide you with Online Services. For questions about how these third parties process your data, please refer to their respective Privacy Policies: https://stripe.com/privacy, https://www.xero.com/us/legal/privacy/, and https://gocardless.com/privacy/payers/. |
Payment Data | We collect payment and billing information when you register for certain paid Online Services, such as our Web App. For example, we ask you to designate a billing representative, including name and contact data, upon registration. You might also provide payment information, such as payment card details, which we collect via secure payment processing services. | We are executing on a contractual obligation in obtaining payments for certain Online Services. |
Promotions | Promotions, incentives, or giveaways may be made available by us or third parties from time to time. You do not have to participate in these, however, if you choose to participate, you may be asked to disclose some personal data. Additionally, at the time of entering the promotion, we will disclose in the promotion’s materials specific terms and conditions regarding how your personal data will be used. Please do not participate in any promotion if you do not agree to such usage. | We obtain consent to share data about our Online Services and providing incentives to our customers. |
Surveys | When you participate in a survey, we collect data that you provide through the survey. If the survey is provided by a third-party service provider, the third-party’s privacy policy applies to the collection, use, and disclosure of your data. | We obtain consent for any surveys and use them to gain an understanding of your opinions and collecting data relevant to our organization. |
Website Interactions | We use technology to monitor how you interact with our Online Services. This may include which links you click on, or information that you type into our online forms. This may also include data about your device or browser. | We have a legitimate interest in understanding how you interact with our Online Services to better improve them, and to understand your preferences and interests in order to select offerings that you might find most useful. We also have a legitimate interest in detecting and preventing fraud. |
Social Media | When an individual interacts with our Services through various social media networks, such as when someone follows us or shares our content on LinkedIn or other social networks, we may receive some data about individuals that they permit the social network to share with third parties. The data we receive is dependent upon an individual’s privacy settings with the social network, and may include your profile information, profile picture, gender, username, user ID associated with your social media account, age range, language, country, and any other data you permit the social network to share with third parties. | We use this data to update and maintain the page to provide you with content and features of our Services, as well as to improve our product outreach. Individuals should always review and, if necessary, adjust their privacy settings on third-party websites and social media networks and services before sharing data and/or linking or connecting them to other services. We have a legitimate interest and/or may obtain your consent to collect this information. |
Web Logs | We collect data, including your browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to a computer when the Internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors. | We have a legitimate interest in monitoring our networks and visitors to our Online Services. Among other things, it helps us understand which of our Online Services is the most popular. |
In addition to the data that we collect from you directly, we may also receive information about you from other sources, including third parties, business partners, our affiliates, or publicly available sources. For example, if you submit a job application, or become an employee, we may conduct a background check.
Boxcore as a data controller of the personal information, has committed to comply with:
Collectively referred to as “Data Protection Laws.”
If you are located in:
We use the personal data which you provide to us to perform our Online Services as outlined in this Privacy Policy. When you are our prospective or current business client of our Web App, we use personal data about you and your employees to:
We also process personal data about our clients/prospective clients and employees of our clients/prospective clients to:
When you are a visitor to our Site, our Web App, attend our live events, or request marketing information, we may use your personal data to:
Although the sections above describe our primary purpose in collecting your data, in many situations we have more than one purpose. For example, if you sign up for our Web App, we may collect your data to complete that transaction, but we also collect your data as we have a legitimate interest in maintaining your information after your transaction is complete so that we can quickly and easily respond to any questions about the Online Services. If we wish to use your personal data for a purpose which is not compatible with the purpose for which it was collected for, we will request your consent, unless there is an exception which applies under applicable law, such as those listed in the section below. In all cases, we balance our legal use of your personal data with your interests, rights, and freedoms in accordance with applicable laws and regulations.
In addition to the specific situations discussed elsewhere in this Privacy Policy, we may disclose personal data we collect from you: (1) if we believe disclosure is necessary or appropriate to protect the rights, property or safety of us, our clients or others (2) to our authorized service providers such as our contractors and other third parties we use to support our business; (3) to fulfill the purpose for which you provide it; (4) to a buyer or other successor in the event of a sale, merger, reorganization or transfer of some or all of our business or assets; (5) for any other purpose disclosed by us when you provide the data; (6) to comply with any court order, law or legal process, including responding to any government or regulatory request; (7) to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collections; or (8) with your consent. We do not sell your personal data or otherwise share personal data with third parties for direct marketing purposes.
You can make the following choices regarding your personal information:
Please address written requests and questions about your rights to support@boxcore.com.
Note that, as required by law, we will require you to prove your identity. We may verify your identity by phone call or email. Depending on your request, we will ask for information such as your name or other account information. We may also ask you to provide a signed declaration confirming your identity. Following a request, we will use reasonable efforts to supply, correct or delete personal data about you in our files.
In some circumstances, you may designate an authorized agent to submit requests to exercise certain privacy rights on your behalf. We will require verification that you provided the authorized agent permission to make a request on your behalf. You must provide us with a copy of the signed permission you have given to the authorized agent to submit the request on your behalf and verify your own identity directly with us. If you are an authorized agent submitting a request on behalf of an individual, you must attach a copy of the following information to the request:
We have implemented measures designed to secure your personal data from accidental loss and from unauthorized access and disclosure. The Boxcore platform is hosted on Amazon Web Services’ (AWS) Cloud Infrastructure located in secure facilities in Ireland, which comply with international best practice security certifications. We also maintain physical, electronic, and procedural safeguards to limit access to your nonpublic personal data. For more information about our security practices and certifications, please visit our Trust Center which is available at https://trust.boxcore.com/
The use of, and access to, your personal data by us is restricted to only authorized individuals who need to know that information to provide services to you, and who have received training about the importance of protecting personal data. Our service providers and business partners are also contractually bound to maintain the confidentiality of personal data and may not use the data for any unauthorized purposes. Unfortunately, no method of transmission of data via the internet or electronic storage is completely secure.
Although we take reasonable efforts to protect your personal data, we cannot guarantee the security of your personal data transmitted to us through our website or other electronic means. Any electronic transmission of personal data is at your own risk. In the event that we are required by law to inform you of a breach of your personal data we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
Typically, personal data collected by Boxcore will be kept for as long as the user’s account remains active or until the user deletes the data. The precise periods for which we keep your personal data vary depending on the nature of the data and why we need it. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use and/or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means. Additionally, Boxcore and our clients may be required to retain personal data provided by you to comply with applicable laws and regulations, or to handle any claims or disputes that may arise in connection with your employment.
Boxcore may also anonymize your personal data (so that it can no longer be associated with you) for research, statistical or other business purposes. We may use this aggregated, anonymized, or de-personalized data indefinitely. We may retain personal data for a commercially reasonable time for backup, archival, audit purposes, and/or to comply with legal obligations, resolve disputes and enforce agreements. You can request further details of retention periods for different aspects of your personal data by contacting us at support@boxcore.com.
For situations where a customer has cancelled our services we carry out periodic deletions of certain data including uploaded safety documents from our servers.
If you are dissatisfied with Boxcore’s transparency regarding data protection and data privacy, you have the right to contact the Data Protection Authority in the Member State of the European Union of your habitual residence, place of work or place of the alleged infringement, or with the Information Commissioner’s Office for UK residents if you consider that your personal data is not processed in accordance with the GDPR/UK GDPR. Please see the appropriate list and contact information below:
EU Data Protection Authorities
https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
UK Information Commissioner’s Office (ICO)
https://ico.org.uk/make-a-complaint/
Data Protection and Information Commissioner (FDPIC)
https://www.edoeb.admin.ch/edoeb/en/home.html
If you are a Swiss Data Subject: As per the Swiss Civil Code and the FADP, you may lodge a civil claim in case of personality rights’ infringements, in particular, regarding the exercise of your rights of access, rectification, and object but also regarding infringements related to data privacy principles.
Because we care about the safety and privacy of children online, we do not knowingly contact or collect personal data from children under 186. Our Site is not intended to solicit information of any kind from children under 16. It is possible that by fraud or deception we may receive data pertaining to children under 16. If we are notified of this, as soon as we verify the information, we will immediately obtain parental consent or otherwise delete the data from our servers. If you want to notify us of our receipt of data by children under 16, please do so by emailing us at support@boxcore.com.
We will post any changes we make to this Privacy Notice on our website. If we make material changes to how we treat personal data we collect from you, we may notify you by email or through a notice on our website homepage, but any changes are effective when posted online and are deemed accepted by you when you continue to use or access the Site, WebApp or the Online Services. The date this Privacy Policy was last revised is identified above. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting this Privacy Policy on our website to check for any changes.
If you have questions or comments about this Privacy Policy, please email us at support@boxcore.com or contact us by mail by providing a written request to Boxcore at 26 / 27 Upper Pembroke Street, Dublin 2, D02 X361, Ireland.
Effective Date: July 23, 2024
If you are a resident of the European Economic Area, we rely on our legitimate interest, contractual relationship, and you consent as described in this Privacy Policy to process your personal information. Additionally, subject to any exemptions as provided by law, you may have certain rights regarding the personal information we maintain about you. We offer you certain choices about what personal information we collect from you, how we use that information, and how we communicate with you. If at any time you wish to exercise your rights, please reach out to us at support@boxcore.com.
According to the GDPR, UK GDPR, and FADP, you have the following rights:
Please note that the above rights are not absolute, and we may be entitled to refuse requests, wholly or partly, where exceptions under applicable law apply. We will not discriminate against you for exercising such rights.
Except as described in this Policy or provided for under applicable privacy laws, there is no charge to exercise your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may charge a reasonable fee taking in account the administrative costs of providing the information or taking the action requested; or refuse to act on the request and notify you of the reason for refusing the request.