Epignosis: The Epignosis Group of companies (“Epignosis”) provide accessible and affordable eLearning services such as eFront, to any single company or organization worldwide. “Epignosis LLC”, located in the United States of America (315 Montgomery Street (9th Floor) San Francisco, California CA 94104 USA tel. (+1) 646 797 2799) and “Epignosis UK LtD”, having as seat of establishment the United Kingdom (24 Upper Hall Park, Berkhamsted, Hertfordshire, tel. (+44) 20 7193 1614) promote and provide eLearning services, while the Greek Branch (Lykourgou Str. 1, Athens, 10551, (+30) 211 800 6449) of Epignosis UK Ltd is responsible for the management, maintenance and operation of the Learning Management Solutions. The Epignosis Group complies with Data Protection Laws, including the European regulation for data protection 2016/679/EU (General Data Protection Regulation - GDPR). Epignosis will not knowingly do anything or permit anything to be done which might lead to a breach of the Data Protection Laws. Epignosis LLC has certified its compliance with the EU-U.S. Privacy Shield Framework and is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield website.
eFront: eFront is a highly customizable robust Learning Management System (LMS) for enterprises, with unrivaled ease and flexibility, to fit all brand specifications and train masses of employees, partners and customers. eFront is highly secure and can be either hosted in a cloud environment (at a datacenter of a major cloud provider selected by the Customer) or deployed within an organization’s intranet. Each Customer administers and manages his own dedicated eFront service instance. Customers can enroll their users and sign them up to the courses (“Learners”) created by their Instructors, and customize their LMS by means of specifying custom user roles with certain permissions; using gamification elements; performing a logical separation of their domain into a flat list or a nested hierarchy of different logical units-departments ('Branches'), each with its own courses, learners, instructors and branding (sub-domain, theme, logo) etc. Designed to be the industry’s most adaptable enterprise LMS, eFront gives its Customers complete control over their virtual training environment and data. eFront blends seamlessly with any other infrastructure and has the power to grow as the Customer’s needs grow.
Visitors and Users: In the course of using this Site, you may provide us with personally identifiable information. This refers to information about you that can be used to contact or identify you, and information on your use of and activities at our Site that may be connected with you ("Personal Information"). Personal Information that we collect may include, but is not limited to, your name and email address. When you visit the Site, our servers automatically record information that your browser sends whenever you visit a website. This information may include, but is not limited to, your Internet Protocol address, browser type, the web page you were visiting before you came to our Site and information you search for on our Site. Like many websites, we may also use "cookies" to collect information. A cookie is a small data file stored by your browser at your Device's hard disk for record-keeping purposes. We use "session ID cookies" in order to support login and main service functionality. We may also store cookies of third-party providers. In particular, Google stores a Google Analytics cookie in order to be able to differentiate between users and be able to show us how many times people visit the website on average (not individually) and information on what pages they've seen, how long the duration was, and so on; we do not identify who the visitor was, or what is his service account (if any). We also use Google AdWords and Facebook Pixel cookies for running advertising campaigns over audiences that may be interested in our services; our ads will only start working when the audience is big enough so no third party can use this information to personally identify the users. Epignosis does not collect, store or process data from third-party cookies. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all portions of the Site or all functionality of our services.
In some cases another User may create an account on your behalf and may provide your information, including Personal Information (most commonly when your company requests that you use our service). We collect Information under the direction of our Customers and often have no direct relationship with the individuals whose personal data we process. If you are an employee of one of our Customers and would no longer like us to process your information, please contact your employer and us at the contact information below.
Customers: In addition to the data we collect for all Users, we also collect data that are required for your contract with us, such as your company affiliation, invoicing data and also service usage data that prove that the service is used in accordance to your subscription terms, We may also acquire additional data through our Customers’ support requests to the extent this is required for us to resolve a technical issue or respond to a request or complaint. We also email to our Customers newsletters, announcements regarding our services, or marketing material. If you are a Customer and no longer wish to receive such emails you can remove yourself from the recipients list at any time by selecting the "unsubscribe" link provided within the e-mail footer. If you are providing information (including Personal Information) about someone else, you must have the authority to act for them and to consent to the collection and use of their Personal Information.
Credit Cards: We do not store your credit card information in our systems. All credit card transactions are processed using secure encryption - the same level of encryption used by leading banks. Card information is transmitted, stored, and processed securely at gateways on a PCI-compliant network.
Content: We collect and store Content that you create, input, submit, post, upload, transmit, store or display in the process of using our “Site”. Such Content includes any Personal Information or other sensitive information that you choose to include ("incidentally-collected Personal Information"). Although Epignosis owns the code, databases, and all rights to the service, Customers retain ownership, control and all rights to their records and data which are their property.
Other submissions: We collect other data that you submit to our “Site” or as you participate in any interactive features of the eFront Services, participate in a survey, contest, activity or event, request customer support, or otherwise communicate with us.
Personal Information is or may be used for the following purposes:
We collect and process personal data in a transparent manner, to the extent necessary for specified, explicit and legitimate purposes, and do not process it further in a manner incompatible with those purposes. We take care that the data we collect are accurate and, when necessary, updated. We take all reasonable steps to immediately delete or rectify personal data, if inaccurate. We process data in a way that guarantees their security, including their protection against unauthorized or unlawful processing and accidental loss, destruction or degradation, using appropriate technical or organizational measures. We are ready to prove at any moment how we adhere to the above principles. We take the appropriate technical and organizational measures for the security, confidentiality, integrity and availability of the data. We expressly declare that these measures ensure that, by definition, personal data are not made accessible without the intervention of the natural person to an indeterminate number of natural persons.
Each eFront instance data are retained for as long as the Customer's subscription to the service lasts. Upon contract expiration the data will be deleted or returned to the Customer if the Customer instructs us to. Alternatively, the data will be stored offline for 12 months so that a service reconnection is as smooth as possible; in case subscription is not renewed after 12 months, the data are permanently deleted.
Users: We will display your Personal Information in your profile page and elsewhere on the Site according to the preferences you set in your account. Any information you choose to provide should reflect how much you want other eFront users to know about you. We recommend that you guard your anonymity and sensitive information, and we encourage you to think carefully about what information you disclose in your profile pages. You can review and revise your profile information at any time. You should be aware that the administrator, as well as specially designated support personnel in order to provide support for technical issues you may face, may be able to: access information in and about your account; access communications history, including file attachments, for your account; disclose, restrict, or access information that you have provided or that is made available to you when using your account, including your Content; and control how your account may be accessed or deleted.
Third Parties: We do not sell your Personal Information or Content and will not share or disclose any of your Personal Information or Content with third parties except as described in this policy. We do not share Personal Information about you with third parties for their marketing purposes (including direct marketing purposes).
Service Providers, Business Partners and Others: For security, service operation and management purposes, eFront also uses third-party services for its managed eFront instances that provide the same level of protection as Epignosis. Third-party vendors and providers supply the necessary hardware, software, networking and storage to run the eFront LMS service instances; a detailed listing of them is included in the Terms of Service in the Data Processing Addendum (DPA). These third parties have access to your Personal Information only for purposes of performing these tasks on our behalf.
Compliance with Laws and Law Enforcement: eFront cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of eFront or a third party, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable.
Children: Our services are not directed to children. We do not knowingly collect Personal Information from children. If we become aware that a child has provided us with Personal Information, we will take steps to delete such information. If you become aware that a child has provided us with Personal Information, please contact us at the contact information below.
Business Transfers: We may share or transfer your Information (including your Personal Information) in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified on any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
Epignosis respects your rights as a data subject. When Epignosis processes personal data on behalf of and as instructed by its Customers, our Customers are responsible towards the data subjects and you should contact the respective Customer to which the content of your service belongs for exercising your rights. In this case, Epignosis does not respond directly to your requests for the exercise of your rights that come to our knowledge, but we inform the Customer without delay and provide all reasonable and reasonable assistance to satisfy your requests in accordance with instructions of the Customer. The service has all the necessary features to enable our Customers to exercise the rights of the data subjects on their behalf. For example, the service provides the ability to obtain and manage consent, and to implement strict and secure password policies as well as to exercise the right to be forgotten.
A synopsis of your rights as a data subject is provided below. You may also refer to the eFront GDPR page for detailed step-by-step instructions on how you can exercise these rights by means of invoking eFront service features.
Transparency, information and answers to requests: Epignosis adheres to the principle of transparency in processing. For any question regarding this policy you may contact us at the email provided at the end of this Policy. We will respond without delay and in any case within one month upon receipt of the request.
Access: You have the right to receive from Epignosis confirmation on whether your personal data are processed and in case this happens all required information thereof (processing means, goal, records etc.).
Rectification: You have the right to require the rectification of inaccurate data relating to you without undue delay, as well as to fill in incomplete data if necessary for processing.
Erasure: You have the right to ask for the erasure of personal data concerning you without undue delay. Epignosis by means of its designated personnel will erase the data where one of the following grounds applies: a) the personal data are no longer necessary in relation to the purposes of processing; or b) the person requesting the erasure withdraws consent on which the processing is based and there is no other legal ground for the processing; or c) the data subject objects to the processing and there are no overriding legitimate grounds for the processing or the data subject objects to processing for direct marketing; or d) the personal data have to be erased for compliance with a legal obligation. Epignosis will not proceed to the erasure of the personal data if the data must be maintained for compliance with a legal obligation or in cases where the processing is required for the establishment, exercise or defence of legal claims. If you receive marketing emails, you can remove yourself from the recipients list by selecting the "unsubscribe" link within the e-mail.
Restriction of processing: You have the right to request restriction of processing if the accuracy of personal data is disputed, for that period of time that allows Epignosis to verify the accuracy of personal data, or based on any other legitimate reason specified in applicable Data Protection Laws.
Data Portability: You have the right to receive your personal data in a structured, commonly used and machine-readable format as well as the right to request the direct transmission of personal data by Epignosis to another, if this is technically feasible.
Right to Object: You may oppose the processing of personal data which takes place without your consent. In this case, Epignosis no longer submits the personal data unless it demonstrates imperative and legitimate reasons for the processing that outweigh the interests, rights and freedoms of you as a data subject or for the foundation, exercise or support of legal claims. If you receive promotional emails, you can remove yourself from the recipients list by selecting the "unsubscribe" link within the e-mail content. You may also oppose processing at any time by contacting us at the email provided at the end of this Policy.
Complaint to Supervisory Authority: You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes Data Privacy Laws.
eFront is very concerned with safeguarding your information. We employ reasonable measures designed to protect your information from unauthorized access.
Although Epignosis owns the code, databases, and all rights to the eFront service, Customers retain ownership, control and all rights to their records and data which are their property.
Epignosis LLC participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. We are committed to subjecting all Personal Information received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield website Privacy Shield website. A list of Privacy Shield participants is maintained by the Department of Commerce. While this Site, including the demo sites that you may set up to try out the service are hosted in the US, eFront instances can be and are already deployed in the US, the EU or elsewhere as instructed by our customers, using cloud infrastructure providers with global presence. You can choose the location of your eFront instance from multiple options across the US, Asia, Australia and the European Union, including France, Germany, Ireland and the UK and you can configure your eFront instance not to perform any international data transfers.
Epignosis cooperates with the competent supervisory authorities, while Epignosis LLC is represented within the Union by the English company Epignosis UK Ltd.