Privacy Policy
Novoville ltd (hereinafter “Novoville”, “the Company” , “The Organisation”“We”, “Us”) is committed to protect and respect your privacy and ensuring compliance with the way we collect, process and use information including personal data.
Novoville complies with applicable GDPR regulations as of 25th May 2018. GDPR is the new EU regulation for the protection of personal data and marks a new era in data protection, being the most significant piece of privacy legislation in Europe in the last twenty years. It replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights of EU citizens over their data and creating a uniform data protection law across Europe.
Who we are
Novoville Limited with company registration number 10313940 and registered address 35 Grafton Way, WIT 5DB, London, UK, including its wholly owned subsidiary, Novoville Limited Greek Branch (29 Antinoros Str, 11634-Athens, Greece and L. Sofou 12, 54625 Thessaloniki, Greece) is a leading global provider of software solutions that helps public sector organizations accelerate digital transformation and offer better digital services to citizens.
The Company operates both as a data controller and a data processor. For all data and privacy related matters, queries or enquiries please contact us by email at: privacy@novoville.com
When do we collect personal data:
– When users of MyAthensPass mobile apps and web apps (hereinafter “MyAthensPass platform”) use our services/products
– When you interact with us in person, through correspondence,by email, by phone, by social media, via our support system or through our website contact forms.
– When we collect personal information from other legitimate sources, such as third-party data aggregators, organisation marketing partners, public sources or social networks. We only use this data if you have given your consent to them to share your personal data with others.
– We may collect personal data if it is considered to be of legitimate interest, and if this interest is not overridden by your privacy interests. Before data is collected we make sure an assessment is made, ensuring that there is an established mutual interest between you and the organisation.
Why do we collect personal data
We collect and use personal data mainly to provide MyAthensPass platform services to users, generally to perform direct sales, direct marketing and customer service. We collect personal information that you submit to us voluntarily when you register with us or when you use the MyAthensPass platform.We also collect data about suppliers and partners.
We may use your information for the following purposes:
– Our primary goal in collecting information is to provide you with an enhanced experience when using the MyAthensPass platform. We use this information to closely monitor which features of the MyAthensPass platform are used most, to allow you to report a problem to your local authority, to submit a service request, to view your requests history, view any promotions we may currently be running, read important announcements or alerts, and to determine which features we need to focus on improving, including usage patterns and geographic locations to determine where we should offer or focus services, features and/or resources, to send sms and/or push notification for confirming that your request has been resolved, we use the mobile information collected so that we are able to serve you the correct app version depending on your device type, for troubleshooting and in some cases marketing purposes.
– We may also use your personal information to create anonymous information records by excluding information that makes the information personally identifiable to you.
– Send you marketing communications which you have requested. These may include information about our products and services, events, activities, customer success stories, case studies, and promotions of our associated partners’ products and services. This communication is subscription based and requires your consent.
– Send you information about the products and services that you have purchased from us.
– Perform direct sales activities in cases where legitimate and mutual interest is established.
– Reply to a ‘Request info’ or other web forms you have completed on our website.
– Follow up on incoming requests (customer support, emails, chats, or phone calls).
– Provide you with access and services related to MyAthensPass platform.
– Perform contractual obligations such as order confirmation, license details, invoice, reminders, and similar. The contract may be with the organisation directly or with a MyAthensPass partner.
– Notify you about any disruptions to our services (system messages).
– Contact you to conduct surveys about your opinion on our products and services and in relation to our use of MyAthensPass platform.
Type of personal data collected
Novoville is committed to only collecting data from a person that is actually needed. We collect personal information that you submit to us voluntarily when you register with us or when you use the MyAthensPass platform.
We collect name, nickname, phone number, title, email address and social media contact details, in addition to your company’s name and contact information. We may also collect feedback, comments and questions received from you in service-related communication and activities, such as meetings, phone calls, documents, and emails. From our website we may collect IP-address and actions taken on the site.
Novoville does not collect or process any sensitive personal data including any special categories of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and data concerning health or sex life or genetic data, and biometric data where processed to uniquely identify an individual.
Registration: When you register in MyAthensPass platform to use the software you will be asked to complete online forms providing for: your email address, mobile telephone number, nickname, location information (your mobile or other location-aware device to transmit location data e.g. when submit a problem report), device ID, GAID. This information is required in order to use MyAthensPass platform. The information will not be re-used for an incompatible purpose to our scope of our services as described in the Terms and Conditions.
User account: You are responsible for maintaining the confidentiality of your password and account, and are fully responsible for all activities that occur under your account.
We also collect device type and unique identifier when you use our mobile application, we use this information for the sole purpose of providing you with the most up to date application and features. If you wish to apply for a job on our site we will collect personal information such as your name, email address, phone number and additional information such as resume, gender, and your ethnicity. We use the information collected within this area of the site to determine your qualifications for the position in which you have applied and to contact you to set up an interview.
Your rights to your personal data
You have the following rights with respect to your personal data:
– The right to request a copy of your personal data that the organisation holds about you.
– The right to request that the organisation corrects your personal data if inaccurate or out of date.
– The right to request that your personal data is deleted when it is no longer necessary for the organisation to retain such data.
– The right to withdraw any consent to personal data processing at any time. For example, your consent to receive e-marketing communications:
A. The organisation manages its email opt-ins on the basis that customers, potential customers and any third parties (individuals or other organisations) who request to receive promotional material from the organisation have provided express consent in a freely given, specific, informed, and unambiguous way, which is reinforced by a clear affirmative action. If you want to withdraw your consent to e-marketing, please make use of the link to manage your subscriptions included in our communication, this allows users to manage their email preferences (whether for example, in relation to product information, invitations, promotions, press releases and urgent messages) and includes an ‘unsubscribe link’.
B. The organisation therefore asks all visitors to organisation website to specifically opt-in to newsletters, promotions or other communications by ticking a sign up box and confirming agreement to any terms that may be applicable as well as the content of this Privacy Policy.
C. Please note that you may still receive system messages and administrative communications from the organisation, such as order confirmations, system messages and notifications about your account activities.
– The right to request that the organisation provides you with your personal data and, if possible, to pass on this information directly (in a portable format) to another data controller when the processing is based on consent or contract.
– The right to request a restriction on further data processing, in case there is a dispute in relation to the accuracy or processing of your personal data.
– The right to object to the processing of personal data, in case data processing has been based on legitimate interest and/or direct marketing.
Any request or query about your privacy rights should be sent to: privacy@novoville.com
How we share Personal Information with other parties
In addition to the ways we share Personal Information with authorised Local Government employees (as per our terms of service), we may share your Personal Information with other third parties in the following manners:
– Service providers under contract who help with parts of our business operations (e.g., marketing, technology services), though we require that these service providers only use your information in connection with the services they perform for us and not for their own benefit;
– To a parent company, any subsidiaries, joint ventures, or other companies under a common control (collectively, “Affiliates”), in which case we will require our Affiliates to honour this Privacy statement;
– To a company that merges with us, acquires us, or purchases our assets, in which case such company may continue to process your Personal Information as set forth in this Privacy statement;
– Law enforcement, government officials, or other third parties when
A. we are compelled to do so by a court order or similar legal procedure
B. we need to do so to comply with law
C. we believe in good faith that we need this information to protect or defend the rights or property of Company or users of the software or other services.
– Other third parties with your consent or directed to do so
Except as set forth above, we do not sell, share, rent or trade your personal information or geo-location information other than as disclosed within this privacy statement. We sometimes use data from MyAthensPass platform, or share it with trusted third parties, for research. This data is completely anonymised and contains no identifying details such as names, email addresses or the content.
Local Governments / Local Authorities
When you submit a report or a service request through MyAthensPass platform, authorised personnel from the local authority responsible to handle the report/request may have access to your details, and details of the issue/request.
Furthermore, you may receive a call or SMS/email/in app message regarding the status of your request.
Third Party Applications
Facebook and Google:You may decide to register or sign in to the MyAthensPass platform through facebook or google login. In this case you authorise the relevant facebook/google authentication service to provide us with the following personal details: name, email, age range, facebook/google id, timezone.
Google maps: MyAthensPass platform uses google maps API that allows you to get location data when requested (e.g. to submit a report or view POIs on city maps). We provide only location data to Google according to GDPR clause 6.1.
The use of cookies and beacons
We want to provide you with the highest level of service from our website http://www.parkinathens.gr/ and collect limited personal information to enable a better, more relevant experience. You can access these website’s homepages and browse our site without disclosing your personal data. You are invited to register so that you may benefit from added value content which may help you do business with the organisation, browse content and view information relevant to our products and services.
We use cookies to collect information as you navigate our websites. Cookies and similar technologies help us tailor our website to your personal needs, as well as to detect and prevent security threats and abuse. If used alone, cookies do not personally identify you.
Cookies tell us which parts of our website people have visited, help us measure the effectiveness of navigation and search, and give us insights into user behaviour so we can improve our communications and information.
We use Cookies for the following purposes:
– Technical administration of the website – handling session information to allow the site to function correctly.
– Customer administration – to enable member’s privileges and to make the browsing experience personalised and convenient.
– To measure site usage and build a better user experience (via Google Analytics)
As standard, two cookies are set on MyAthensPass website:
– TestCookie – to determine whether a user’s browser accepts cookies and can therefore log in.
– PHPSESSID – used to store the session id of a user. This is required to determine whether a user is logged in to the web site. Session data is also stored when a user is filling in a form however the data is stored on the server and not in the cookie.
Both of these cookies are required for MyAthensPass site to operate and do not contain personal data. MyAthensPass therefore consider these cookies necessary in order to provide a service to the user as part of which they have requested by using the web site. These cookies are set to expire as soon as a user quits their browser.
Details about the cookies set by Google Analytics can be found at https://developers.google.com/analytics/resources/concepts/gaConceptsCookies#cookiesSet
Third-party Service Providers working on our behalf:
We may pass your information on to our partners, distributors, agents, subcontractors and other associated organisations with the purpose of them providing services to you on our behalf.
If required by law:
We will disclose your personal information if required by law or if we, as an organisation, reasonably believe that disclosure is necessary to protect our organisation’s rights and/or to comply with a judicial proceeding, court order or legal process. However, we will do what we can to ensure that your privacy rights continue to be protected.
Use of subcontractors (processors and sub-processors)
We may use subcontractors to process personal data on your behalf, ( e.g for platform management and hosting services we provide) we are responsible for making sure they commit themselves to adhere to applicable data protection legislation by entering into Data Processing Agreements with them.
If the subcontractor processes Personal Data outside the European Economic Area (EEA), such processing must be in accordance with the EU- U.S Privacy Shield Framework, EU Standard Contractual Clauses for transfer to third countries, or another specifically stated lawful basis for the transfer of personal data to a third country.
If a new subcontractor is engaged or there is a change of subcontractor in relation to our products or services, we will notify you in line with the requirements of our data processing obligations.
Changes to this Privacy Notice
The organisation reserves the right to amend this Privacy Policy at any time. The applicable version will always be found on our website. We encourage you to check this Privacy Policy occasionally to ensure that you are happy with any changes.
If we make changes that significantly alter our privacy practices, we will notify you by email or post a notice on our websites prior to the change taking effect.
Your right to complain
If you are unhappy with the way in which your personal data has been processed, you may, in the first instance, contact: privacy@novoville.com