Welcome to our privacy policy. We are ENTHEO NETWORK PTE LTD (201016398E) of 75 High Street, Singapore 179435 (“Entheo”). This policy sets out how we handle your personal information if you’re an Entheo user or visitor to our Sites. It applies across Entheo.com, 6-i-innovation.com, yesyoucaninnovate.com, http://profiling.6-i-innovation.net, natalie-turner.net, womenwholead.net (the “Sites”).

1. ‘We’, ‘us’ or ‘Entheo ’ refers to our organisation who owns and runs the Sites.

2. If we say ‘policy’ we’re talking about this Privacy Policy. If we say ‘user terms’ we’re talking about the rules for using each of the Sites. Each Site seeks consent to them separately to this policy.

The type of personal information we collect

4. We collect certain personal information about visitors and users of our Sites.

5. The most common types of information we collect include things like: user-names, email addresses, IP addresses, other contact details, questionnaire responses, demographic information, photos, payment information such as payment agent details, transactional details, support queries and web analytics data.

How we collect personal information

6. We collect personal information directly when you provide it to us, automatically as you navigate through the Sites.

7. We collect your personal information when you provide it to us when you complete the 6 ‘I’s® of Innovation questionnaire and buy items or services on our Sites, subscribe to a newsletter, email list, submit feedback, enter a contest, send us a photo, fill out a survey, or send us communication.

Personal information we collect about you from others

8. Although we generally collect personal information directly from you, on occasion, we also collect certain categories of personal information about you from other sources. In particular:
a. financial and/or transaction details from a payment provider, such as PayPal in order to process a transaction on our website.

How we use personal information

9. We will use your personal information:

a. To fulfil a transaction, or take steps linked to a transaction: in particular, in facilitating and processing transactions that take place on the Sites, like where you purchase an item from our Sites.

b. Where this is necessary for purposes which are in our, or third parties, legitimate interests. These interests include:

i. operating the Sites;

ii. providing you with services described on the Sites;

iii. verifying your identity when you sign in to any of our Sites;

iv. responding to support tickets, and helping facilitate the resolution of any disputes;

v. updating you with operational news and information about our Sites and services e.g. to notify you about changes to our Sites, website disruptions or security updates;

vi. carrying out technical analysis to determine how to improve the Sites and services we provide;

vii. monitoring activity on the Sites, e.g. to identify potential fraudulent activity and to ensure compliance with the user terms that apply to the Sites;

viii. managing our relationship with you, e.g. by responding to your comments or queries submitted to us on the Sites or asking for your feedback or whether you want to participate in a survey;

ix. managing our legal and operational affairs (including, managing risks relating to content and fraud matters);

x. training Entheo staff about how to best serve our user community;

xi. improving our products and services.

xii. providing general administrative and performance functions and activities; and using demographic information solely for research purposes to understand trends and patterns at a macro level. This information is only processed in a way which does not identify anyone.

xiii.

c. Where you give us consent:

i. providing you with marketing information about products and services which we feel may interest you; and

ii. customising our services and websites – in order to provide a more personalised experience.

d. For purposes which are required by law.
e. For the purpose of responding to requests by government, a court of law, or law enforcement authorities conducting an investigation.

When we disclose your personal information

10. We will disclose personal information to the following recipients:

a. subcontractors and service providers who assist us in connection with the ways we use personal information (as set out above), in particular: website hosting providers; technical and customer support services; marketing and analytics services; and payment processing services.

b. practitioners or associates who have been contracted by your organisation for workshop or consultancy services;

c. researchers who may use aggregate demographic information (but not data specific to any individual) to improve the survey and for research purposes.

d. regulators and government authorities in connection with our compliance procedures and obligations;

e. a purchaser or prospective purchaser of all or part of our assets or our business, and their professional advisers, in connection with the purchase;

f. a third party to respond to requests relating to a criminal investigation or alleged or suspected illegal activity;

g. a third party, in order to enforce or defend our rights, or to address financial or reputational risks;

h. a rights holder in relation to an allegation of intellectual property infringement or any other infringement; and

i. other recipients where we are authorised or required by law to do so.

Where we transfer and/or store your personal information

11. We are based in Singapore but some of the recipients we have described in section 10 above, and to whom we disclose your personal information, are based outside Singapore in places like France, the UK and USA. We do this on the basis of your consent to this policy. In order to protect your information, we take care where possible to work with subcontractors and service providers who we believe maintain an acceptable standard of data security compliance.

How we keep your personal information secure

12. We store personal information on cloud based secure servers that are managed by us and our service providers, and occasionally hard copy files that are kept in a secure location in Singapore and the UK. Personal information that we store or transmit is protected by security and access controls, including username and password authentication, two-factor authentication, and data encryption where appropriate.

How you can access your personal information

13. If you have completed the online questionnaire, you can access your Report by logging in to your account. You also have the right to make a request to access other personal information we hold about you and to request corrections of any errors in that data. To make an access or correction request, contact us using the contact details at the end of this policy.

Marketing Choices regarding your personal information

14. Where we have your consent to do so (e.g. if you have subscribed to one of our e-mail lists or have indicated that you are interested in receiving offers or information from us), we send you marketing communications by email about products and services that we feel may be of interest to you. You can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.

Information you make public or give to others

20. If you make your personal information available to other people, we can’t control or accept responsibility for the way they will use or manage that data. There are lots of ways that you can find yourself providing information to other people, like when you post a public message on a forum thread, share information via social media, or make contact with another user whether via our Sites or directly via email. Before making your information publicly available or giving your information to anyone else, think carefully. If giving information to another user via our Sites, ask them how they will handle your information. If you’re sharing information via another website, check the privacy policy for that site to understand its information management practices as this privacy policy will not apply.

How long we keep your personal information

21. We retain your personal information for as long as is necessary to provide the services to you and others, and to comply with our legal obligations. If you no longer want us to use your personal information or to provide you with Entheo services, you can request that we erase your personal information. Please note that if you request the erasure of your personal information we will retain information from deleted accounts as necessary for our legitimate business interests, to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations, enforce the terms of service and take other actions permitted by law. The information we retain will be handled in accordance with this Privacy Policy.

When we need to update this policy

22. We will need to change this policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.

23. When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this page.

How you can contact us

24. If you have any questions about our privacy practices or the way in which we have been managing your personal information, please contact us in writing at 75 High Street, Singapore, 179435 or enquiries@entheo.com

If you’re a user or visitor in the European Economic Area these rights also apply to you:

1. For the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ of your personal information.

How you can access your personal information

2. You are also entitled to ask us to port your personal information (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase it, or restrict its processing. You also have rights to object to some processing that is based on our legitimate interests, such as profiling that we perform for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent as more fully described below.

3. These rights are limited in some situations – for example, we can demonstrate that we have a legal requirement to process your personal information. In some instances, this means that we may retain some data even if you withdraw your consent.

4. Where we require your personal information to comply with legal or contractual obligations, then provision of such data is mandatory: if such data is not provided, then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In all other cases, provision of requested personal information is optional.

5. If you have unresolved concerns you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred.

Both personal information and personal data have the same meaning in the context of this Privacy Policy.

Entheo Privacy Policy, effective date 25 May 2018