Privacy Statement


Itris Automation Square (henceforth referred to as “IAS”) has created this privacy statement to demonstrate our commitment to privacy and the protection of data. This statement will disclose our information gathering and processing practices, including for the following websites:

These websites are all owned and operated by Itris Automation Square SAS, a French company incorporated under the number 50249451100046. Our headquarters is located at: 2 Square Roger Genin, 38000 Grenoble, FRANCE.

1. Where is data collected and whose data is collected?

IAS gathers data primarily from our websites, but also following direct contact with a person (email, phone, in person at an event…). We only collect data regarding our sales leads and contacts; our partners; users registered on the IAS platforms; and users that have made a purchase from us. There is also some technical data collected regarding website visitors, but this information remains anonymous.

Examples of where IAS gathers data from include:

2. What data is collected?

IAS only collects the personal information required to correctly manage the relationship with our contacts, and the technical information required for the use of the IAS tools and to help improve the experience of our website users (see section 3 for more information on why this data is collected).


Personal Data

IAS holds the following personal data regarding our contacts: name, company name, job title, email address, company mailing address, phone number, and language.


Technical Data

IP Address

IAS uses the IP addresses of website users to administer our websites and to help diagnose any problems with the server. An IP Address (Internet Protocol Address) is an identifying number for a piece of network hardware, which allows a device to communicate with other devices over an IP-based network, such as the Internet.

Cookies

IAS uses cookies to allow a personalized browsing experience and better tracking of the use of our website. A cookie is a small piece of information that is written to and read from the user’s hard drive by their browser at the request of our web pages. Information stored in cookies is not accessible to web pages from other websites. Cookies themselves cannot retrieve any information about the user or their computer’s configuration. You may choose to reject cookies either outright, or on a case-by-case basis by using the Preferences or Internet Options menus in your browser.

Google Analytics

On our corporate website (www.itris-automation.com), we use Google Analytics to track the activity of visitors. Google Analytics tracks information such as: which browser was being used; from which country was the site accessed; which pages were viewed; how did the user arrive on the website; and how many times has a user visited the site. All of this information retrieved by Google Analytics is done so anonymously, therefore no user can be personally identified from the information.

PLC programs and result data

In order to use IAS tools (PLC Checker, PLC DocGen, PLC Converter, and ICS Monitoring), you are obliged to upload your PLC programs to our servers so that our tools can access them to perform the relevant task (a static analysis, a conversion…)[1]. When you use our tools, the ownership of your PLC programs does not change. The IAS tool results (the converted PLC program, the PLC Checker analysis results…) belong to the purchaser of the tool usage rights, and not necessarily the owner of the PLC program.

The IAS technical team may need to access your programs if you report a bug or request assistance. The uploaded programs may also be used anonymously by IAS to generate statistics and to validate new versions of our tools. We generate statistics on points such as program size and program complexity in order to define thresholds and to improve our products (especially PLC Checker and its rules sets).

3. Why is this data collected and what is it used for?

IAS collects the data specified in section 2 for a number of reasons as outlined below, all with an ultimate objective of providing the best customer experience. We only collect the data required to correctly manage the relationship with a contact, and the technical data required for the use of the IAS tools and to improve the experience of website users.


To be able to contact users of the product

When a company purchases a licence for one (or more) of our software products, we require the personal data (as specified in section 2) of the users. This data is used to contact the users when necessary regarding their licence, product updates, and other information relevant to their purchase, as well as for creating a user account on the IAS tool platform, where they will use the software purchased.

The processing of data for this reason is in accordance with Article 6.1.B. of the EU General Data Protection Regulation (2018).


To be able to contact sales leads

IAS requires the personal data of our sales leads in order to correctly manage the sales process. This data is used to contact the leads to discuss the contract and other information, and to provide them with the relevant services.

The processing of data for this reason is in accordance with Article 6.1.B. of the EU General Data Protection Regulation (2018).

If the sales lead has entered our database by directly signing up to our email marketing mailing list, then their personal information will also be required. This information will be used for contacting the lead as well as for sorting them into a certain mailing list, based on their interests. For example, if the lead is a French speaker, then they should be part of the French mailing list in order to receive messages in French, and not the German mailing list, where they would not understand the messages.

The processing of data for this reason is in accordance with Article 6.1.A of the EU General Data Protection Regulation (2018), if the lead has actively consented to receiving the marketing emails by signing up.


To respond to website visitor requests

When a visitor requests information from us, via an information request or download form on one of their websites, IAS asks for the visitor’s personal data so that we can follow up with them. In order for us to respond appropriately to the visitor’s request, we require the contact information as well as the company name and the country (or language). With this information, we are able to tailor our response with information relevant to the company, the industry, and the location. This provides the visitor with useful information that is pertinent to them from the first response.

The processing of data for this reason is in accordance with Article 6.1.B. of the EU General Data Protection Regulation (2018).


To understand the needs of customers and improve customer experience

IAS uses anonymised technical data (as specified in section 2) in order to provide the user with a personalised browsing experience and to track the usage of our websites. By tracking the usage of our websites, we are able to better understand what users are looking for and interested in when visiting our websites. This allows us to optimise our website to make it easier for users to find what they are looking for and it also allows us to improve and build upon our product and service offer to respond to users’ needs.


To improve website experience

IAS also uses technical data to ensure that our services function correctly and to help diagnose any existing and potential problems with our server. For the majority of our websites, this information remains anonymous. However, for the IAS tool platform (www.automationsquare.com), this information could be linked to a user account in order to allow us to help the specific user resolve the problems they are facing.


To report and manage software bugs

IAS uses the Mantis Bug Tracker system to report and manage bugs found in our tools and requests for improvements. When you report a bug, you have to include some personal data (name and email address). This data allows the technical team to keep you informed or, if necessary, to contact you about the bug. All of the information asked for by Mantis helps us to understand and fix any bugs as well as to improve our tools for our users. The Mantis system and its data are stored in the IAS servers.


Other potential uses

In this policy, we have given details on the current uses of the data that we collect. In the future, we may want to use this data for other purposes which have not been explained in this document, such as customer satisfaction or marketing intelligence surveys. Regardless of the use case, we are committed to respecting the privacy and the protection of your personal data in accordance with the new EU General Data Protection Regulation (2018).

4. How is this data stored?

Personal data collected by IAS regarding sales contacts will be stored in the sales contact database (the CRM – customer relationship manager), hosted by Zoho.com in their US data centres. The Zoho Corporation offers cloud-based software solutions to help manage business processes. Of their services, we use Zoho CRM to host our customer database, Zoho Campaigns to manage our email marketing, and Zoho SalesIQ to offer a live chat function on our main website. Zoho is dedicated to protecting data stored in their services, with many measures taken to ensure physical, network, process, and infrastructure security. More information on Zoho’s security measures are available in their Security Policy here: https://www.zoho.com/security.html.

Personal data regarding users registered on the IAS tool platform, PLC programs, and Mantis and its data will be stored in our servers. These servers are hosted by subcontractor OVH in a highly secured environment. IAS is committed to protecting customer data and so there are several security measures in place to ensure physical, network, process, and infrastructure security. The cybersecurity measures in place for the servers were last audited in 2013 by third-party company Sogeti ESEC on behalf of ANSSI (the French National Cybersecurity Agency).

Some customers ask us to take extra confidentiality measures such as never uploading their PLC programs to the Internet. In such cases, the use of IAS tools is only done locally on computers that are physically in the IAS offices, without any need to pass through the Internet.

5. Confidentiality Parameters

In accordance with Articles 15, 16 and 17 of the GDPR, you may contact IAS if you have any questions relating to the collection, processing or use of your personal information; if you wish to access your information; if you wish to request the correction or erasure of the information; or if you wish to retract explicitly granted consent. To make such a request, you can contact us at the following email address: privacy@itris-automation.com. Please note that you have the right to have incorrect data corrected or to have personal data deleted where such claim is not barred by any legal obligation to retain this data.

6. Marketing Emails

We occasionally send marketing emails (about 4-5 per year) to keep our contacts up to date with product and service updates, event and webinar invitations, holiday greetings, and interesting articles/documents concerning PLCs and automation. These emails are sent with Zoho Campaigns, software provided by the Zoho Corporation. In accordance with the new GDPR legislation, we will only send these marketing emails when you have explicitly granted your consent. To sign up to our updates, there is an opt-in function at the end of every form on our website or you can request to be signed up to the list by emailing marketing@itris-automation.com. If you opt-in to receive these updates but later change your mind, there is an unsubscribe button at the end of every email we send. By using this unsubscribe function, you will no longer receive any further marketing emails from us, but your personal information will remain in our CRM. If you would like to have all your personal data deleted, then you will need to send such a request to privacy@itris-automation.com.

7. Third Party

IAS websites may contain links to other sites. IAS is not responsible for the privacy practices or the content of such websites.

Although we are committed to not providing a user’s personal information to any third-party, we may share information if it is necessary to comply with a court order or to cooperate with government and law enforcement officials.

8. IAS’s designated Data Protection Officer (DPO)

Itris Automation’s Data Protection Officer (DPO) reports directly to the CEO of the company on data protection matters.

You can contact the DPO at the following address:

Robyn BUCKLAND
International Marketing Manager
robyn.buckland@itris-automation.com

9. Contact Information

If you have any questions about this privacy statement, the practices of these websites, your dealings with these websites, or your personal data, you can contact: privacy@itris-automation.com.

Last updated: 23rd May 2018


[1] Except when the customer uses a local box server or a virtual machine located in the customer’s premises.